I think that it is time to retire this thread to bed. This is MalwareTips after all, not Wilders Security Forum :
I really wish they would add a yawning "I'm so over this crud" emotioncon to the like system.I think that it is time to retire this thread to bed. This is MalwareTips after all, not Wilders Security Forum :
That's quite the rollercoaster ride of "you cant protect users from themselves".
Under this same roof with me is a windows 11 laptop with nothing but default security and unlock origin in Edge and a copy of portable keepass on the desktop. Nothing is stored on the machine, everything backed up externally and accessed as needed. It is used daily here and has been set up that way for a year and a half now, no infections, breaches or data loss has occured from this machine.
That said, I want to give reason to ponder, how many folks you think out there have nothing but default security in their machines because they are not "computer" people, yet they some how get by and function. If it was seriously so prevalent out there the whole fabric of society would have came to a stand still long ago.
Fear drives most of this as I stated before, the industry does have a habit of producing it. How many products you see nagging users well before the expire date is set to hit that they will be unprotected and end up losing everything if they don't resubscribe soon. Fear keeps users here in this forum from enjoying their systems because their too busy switching security every few days then fixing their systems from all that damage it causes.
You asked about the fear installing with bad guys, well look at social engineering and most scams that nail elderly and the uninformed. The pop up on the desktop claiming the system is infected please call this number, then bring coherce into allowing someone into their system or giving up credit card information because "fear" will motivate them to do so.
Good habits and being diligent will carry users far, farther then any amount of security switching and fear ever will.
I think the fear is perpetuated by users who have some semblance of computer security, such as users on this forum. They know what's out there, the data stealers, ransomware, phishing etc, some overcompensate to try to mitigate these. But for the most part I would say the majority of computer users ( total guess 60%) have no idea or no interest in computer security or good habits, their just happy banging away on their social media accounts. Sure a lot get by and function, but nobody at all has any idea how many are infected, any inferences that they do is just opinion. There are 5 billion computer users in the world, if 1% of the happy users are infected that's 50 million, thats a lot and I'm sure the number is much higher than 1%. I've seen numbers that range from 10-50%.
That's it, shut down the net, up to half the worlds computer populace has lost all their finances.
I'm not trying to be rude as much as I'm trying to get people to use their eyes and not just for reading what they are told in articles. Look around, the system would crash if those type of numbers were realistic.
Above I asked for a solution because all I read here is fear talk or users piling rediculous amounts of security in their systems as you said overcompensating.
How are good habits and being diligent not enough, and if not enough, what's the answer, quick someone share it before the matrix folds.
I'm going to walk into the next persons house that asks for help, segment their network, place one system on one portion, this is your banking segment, use it for nothing else, place another, this is your social segment use it for nothing else and so on.
See how rediculous that sounds.
Create system images, store offline, back up personal stuff, do this externally, keep nothing stored on the machine. Use ad blockers in the browser, clear cookie sessions when through, use a password manager if need be, set 2fa, use authentication apps if needed, limit sharing the devices, use diligence in checking downloads before executing, check web addresses and links in emails and apps via virus total.
This, this is good habits and diligence. I have seen it put into practical use, and it works. I'm not saying it's bullet proof, but guess what, none of these apps and combined security enthusiast set ups are either, no matter how much you try, someone will show you it's vulnerable.
But if you monitor what's on the system, what's introduced, have contingency in place, and be diligent about it, you lesson this chance greatly.
It's not hard, it's just not convenient which bothers some, they want a do it for them solution.
Good habits includes not loading your browser down with junk extensions, much like toolbar days are long gone, remember those and how much fun they cause.Not just users but even developers, tweakers, and techies. And not so much a rollercoaster ride but a description of what's taking place.
How is the laptop used? If it's meant only for browsing a few sites an hour a day, then it can be used in default mode for a very long time. Do or demand more, and you get more complications.
That's also what gives many meanings to "get by". One user loads a page at a time; no performance problem. Another eagerly reads threads in a forum and tries to load all of them at the same time using addons like Snap Links (the user just mentioned might say, "what's that" or "why should I care" while another will say, "wait a minute? you mean there are addons that allow me to do that? where can I find it?"). Use something like Adguard for Windows, and many of the pages won't load; no problem with uBlock Origin. But can the latter be used with Ferdium? (The first user asks: "what's that?" The second: "wait, I don't have to leave several messenging apps open and instead just use that?")
And then something in those pages in "legit" sites leads to malware infection. What happens next? Oh, you didn't follow "good habits". User: but the site was legit! Techie: well, you should have done this or that. User: why didn't you tell me in the first place? Techie: Because I didn't want to scare you.
Good habits includes not loading your browser down with junk extensions, much like toolbar days are long gone, remember those and how much fun they cause.
Yes good habits include using your head.
The laptop is used for everything from personal to home business and fairs quite well, although it's not used to experiment with every junk application in the net.
Your really stretching and grabbing here in what appears to either be a mellow smear or peeing contest. If either, please take your time, grab up a pencil, put some thoughts into it, make it more suspenseful.
Oh you mean applications or extensions that basically have been whitelisted and would slide right past most security applications.What about non-junk extensions that turn out to be junk extensions? Or legit apps that have been unknowingly compromised with people finding out too late? Or legit sites? Or updates that have been compromised?
Dont seem to recall stating to disable all security and just using good habits. Just stated over lapping ridiculous redundant and restricting security is not necessary.If good habits are all that's needed then one wouldn't need security apps at all.
Again your stretching and just looking to cause issue at this point or have a serious ego problem.Again, it's an anecdote that could have been made up, and might not even represent laptop usage.
It seems we have different definitions of common sense, because what you are suggesting does not apply to average users, but advanced ones. I asked you to leave a solution and again nothing but continuous reasons why your right, I'm wrong and the world needs tons of security.Finally, peeing contest? You must be kidding. Everything I've said so far is based on common sense.
Think this is fun, then say something about one of the products directly here and watch how fast you get mobbed. In a forum full of enthusiast trying to state one can get by with good habits and diligence is mocked, because you need to be very afraid of the internet, run ridiculous amounts of security that most of them do not understand how to use properly in order to survive. So when a user comes along trying to reinforce using habits that will save them headaches in the long run, you would think it would be met with more gratitude then constant badgering.im shocked with these comments
Oh you mean applications or extensions that basically have been whitelisted and would slide right past most security applications.
Dont seem to recall stating to disable all security and just using good habits. Just stated over lapping ridiculous redundant and restricting security is not necessary.
Again your stretching and just looking to cause issue at this point or have a serious ego problem.
It seems we have different definitions of common sense, because what you are suggesting does not apply to average users, but advanced ones. I asked you to leave a solution and again nothing but continuous reasons why your right, I'm wrong and the world needs tons of security.
Now provide a solution that average users can use to get by safely on the net while keeping their systems usable, I'm waiting.
Good advice about using a standard account. I have started with it again the last year, and I keep doing it this time. Another thing I have made a habit, is to have Kasperskys free KVRT, and MBAM free ready. WHEN I download things (not very often) I always scan it with these 2 scanners. They are both free, and will take 95% of the crud. I'm using Eset NOD 32 AV. MD is not good enough IMO.Number 1 rule in safe-hex is (for Windows) run as standard user (only few MT members practice this).
Number 2 rule in safe-hex is wait a few days after downloading software before installing it (solves most zero day risks, security hobbiest want to design the perfect third party layered protection against).
Number 3 is "when in doubt, don't let the user decide" (reason why HIPS & UAC prompts are stupid and SAC & WDAC-ISG are smart).
Above is only an opinion, not based on A-B field test
Standard account is very good advice. So are the other two listed especially number 2.Good advice about using a standard account. I have started with it again the last year, and I keep doing it this time. Another thing I have made a habit, is to have Kasperskys free KVRT, and MBAM free ready. WHEN I download things (not very often) I always scan it with these 2 scanners. They are both free, and will take 95% of the crud. I'm using Eset NOD 32 AV. MD is not good enough IMO.
They are both free, and will take 95% of the crud.
This here is exactly why I have been pushing the "good habits" so much lately, as users here think that if they throw a more robust solution on their system then they can be lax about their habits and are covered, its a false sense of security. They can actually be safer using Windows default securities and good habits " the word habit means to do until it becomes second nature" then using a product they most likely will not understand how to use properly which could actually cause them to be more vulnerable then they already were from misconfiguration and or from bugs they may introduce with the product that expands their attack surface.Don't look for what's perfect but what's better, and that includes security programs that can make decisions for users.
Don't assume that they'll wait for a few days before downloading something, or that updates will be done delayed, etc., or that they will always remember to scan everything with two additional apps, etc. The first will have to be kept secure and the second done automatically, too.
This here is exactly why I have been pushing the "good habits" so much lately, as users here think that if they throw a more robust solution on their system then they can be lax about their habits and are covered, its a false sense of security. They can actually be safer using Windows default securities and good habits " the word habit means to do until it becomes second nature" then using a product they most likely will not understand how to use properly which could actually cause them to be more vulnerable then they already were from misconfiguration and or from bugs they may introduce with the product that expands their attack surface.
Standard account is very good advice. So are the other two listed especially number 2.
Allowing a download to sit for a couple days inert allows time if it is indeed a zero day to be discovered in the wild and signatures formed for it.
Whats also free is virus Total, and no need to download two 3rd party applications to your system. Even if applying number 2 good advice above, I would scan it with VT to ensure before executing it.
If you combine all the "good habits", you have minimized the chances to such a low percentage of anything happening in a realistic world. Microsoft Defender is more then enough, part of the OS, best compatibility, and does not extend the attack surface by adding more bugs.
It's like people who drive cars but know how they work. I'm not sure why you chose that analogy because it's exactly like that."Good habits" involve having the same time and knowledge as tweakers. That's not likely for most.
Why? Because they're too busy to understand what they need to use. It's like people who drive cars but don't know how they work.
You don't have to be a tweaker to avoid bad habits. Common sense is enough.Tweakers live in a fantasy world where they think everyone has as much time and effort as they do.
It's like people who drive cars but know how they work. I'm not sure why you chose that analogy because it's exactly like that.
Like how to put it in gear, or use the gas pedal, or brake, how to signal when they turn, how to start it or shut it off. Like that?
Or as they gain experience and learn to be safer on the road by knowing how to slow down on rainy days, how not to hydroplane, merge in out of traffic at highway speeds things they learn over time to keep safer as they learn to navigate. How to take precautions like checking air tire pressure, fluids in their vehicles so not to break down or cause accidents.
Your right, we should not encourage that or even have lessons required before a license, we should just weld bush guards all mad Max style and turn em loose, what's the worst that could happen.