- Apr 13, 2013
- 3,224
A free VoodooShield alternative?
- Thread starter ifacedown
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
I made default-deny work really well for someone who's wasn't even remotely interested or conscious about her laptop's security:
To Supplement EAM or Not?
It worked really well and the only issue I ran into was programs not being able to update themselves automatically; I had to do that manually.
I'm not sure how risky this would be if someone set it up and then wasn't around to update programs on a regular basis though.
Kind and gentle she says...
People not interested in their system security will never heard about default-deny apps...
However, deny-default applications like anti-exe don't need constant updates since they just do one thing : block and prompt ANY executables, so no whitelistinng/blacklisting maintenance are mandatory.
Devs usually make it easier for users by adding a whitelist (mostly Windows executables) to avoid prompt shower and crashes.
- Jul 3, 2015
- 8,153
Signed malware is more expensive, usually it is used in targeted attacks, rather than in mass spam campaigns. So blocking unsigned and unknown exe files provides a good degree of protection.
- May 13, 2017
- 2,638
So few of them, that you can count them on fingers compared to millions blocked that way. Most use invalid or outdated certificates.
EDIT: As you can see in the post above, it is about 5000 total, which were ever detected, so that is like a dozen new ones a month.
Last edited:
- Apr 13, 2013
- 3,224
Azure- be careful about charts like these (and not that I am a Fan of the Signing process):
1). First off. MSFT concentrates on things like Win Phone apps and Office stuff, so should be pristine.
2). Consider that credentials can be stolen (like the CCleaner fiasco- this was a Symantec- now Digicert certificate). This is the fault of the software company (poor security) and not the Authority. One should always assign Fault to where the Fault actually lies.
3). Not that I would know about such things (being Kind and Gentle), but in the Old Days Ophelia tells me that it wasn't too much trouble to generate a rogue Root Certificate (like from Verisign), and use this to generate a secondary rogue by another company. Once the Whitehats caught on to this we saw stuff like SigCheck which showed certificate chains (sigh...)
4). I do wish the author concentrated on Browser extensions, which are a more Clear and Present Danger.
1). First off. MSFT concentrates on things like Win Phone apps and Office stuff, so should be pristine.
2). Consider that credentials can be stolen (like the CCleaner fiasco- this was a Symantec- now Digicert certificate). This is the fault of the software company (poor security) and not the Authority. One should always assign Fault to where the Fault actually lies.
3). Not that I would know about such things (being Kind and Gentle), but in the Old Days Ophelia tells me that it wasn't too much trouble to generate a rogue Root Certificate (like from Verisign), and use this to generate a secondary rogue by another company. Once the Whitehats caught on to this we saw stuff like SigCheck which showed certificate chains (sigh...)
4). I do wish the author concentrated on Browser extensions, which are a more Clear and Present Danger.
- Dec 17, 2014
- 1,355
I recommend SecureAPlus or Crystal Security, both are cloud based, free, and light.
Crystal Security
Free Cloud Antivirus & Application Control for PC | SecureAPlus
Crystal Security
Free Cloud Antivirus & Application Control for PC | SecureAPlus
- Jul 3, 2015
- 8,153
IMO if you want to block unwanted executable files all you really need to do is enable:
You can enable it as detailed on the microsoft docs page
Use Attack surface reduction rules to prevent malware infection
Or just use Andy Ful's ConfigureDefender, and tick the appropriate setting.
This should be coupled with safe user habits, especially locking down -- or avoiding the use of -- highly exploitable applications, such as MS Office and Adobe PDF apps. Or just install OSArmor for protection against scriptors.
- Block executable files from running unless they meet a prevalence, age, or trusted list criteria
You can enable it as detailed on the microsoft docs page
Use Attack surface reduction rules to prevent malware infection
Or just use Andy Ful's ConfigureDefender, and tick the appropriate setting.
This should be coupled with safe user habits, especially locking down -- or avoiding the use of -- highly exploitable applications, such as MS Office and Adobe PDF apps. Or just install OSArmor for protection against scriptors.
- Dec 12, 2013
- 542
Best alternative is NVT ExeRadar Pro...for me the latest 3 version is most stable. Here you can find link for the last v.3 that is free
NoVirusThanks EXE Radar Pro turns Freeware
Windows requires full lock-down protection to be safe. Exploit Guard ain't it.
The first billion-dollar whopper is coming. It's just a matter of time. And you all can thank Microsoft for it.
- Jun 12, 2014
- 314
- Jul 3, 2015
- 8,153
I guess I don't have to worry about it, then. I don't have a billion
I guess I don't have to worry about it, then. I don't have a billion
That's what it will take to have a watershed moment. Even then, I don't think the types and magnitude of change will be very effective. Human society doesn't like change - especially the kind that costs a lot of money. The vast majority of the time society is forced to change by disaster & devastation. So, it will take a billion-dollar whopper to get people and institutions to really pay attention.
I really don't think things will change until a hack causes trillions of dollars in damage - something on the scale of a massive market crash. Then enough rich and powerful people will demand security be improved - and well, being who they are and what they represent, they will get what others have been asking for many years.
In the future, the cost of IT security is going to increase dramatically for consumers. Think $50 per month instead of $50 per year.
- Jan 27, 2012
- 371
Comodo Cloud Antivirus works fine with default deny and autosandboxing.
- Status
Similar threads
