I was wondering what some of the best programs for default deny protection are, i already use vs is there anything else I should use along with it?
Best programs for default deny protection
- Thread starter carl fish
- Start date
- Dec 23, 2014
- 8,591
Ha, ha. There was a time I used Live CD + Pendrive for banking. The computer did not boot from Pendrive (old machine), so the Live CD started Linux from ISO on Pendrive.
That was a true default-deny. Anything was denied except banking.
And comfort in it’s worst form.Ha, ha. There was a time I used Live CD + Pendrive for banking. The computer did not boot from Pendrive (old machine), so the Live CD started Linux from ISO on Pendrive.
That was a true default-deny. Anything was denied except banking.
If I want use most secure solution, it would be a iPhone or iPad as desktop PCs aren’t build with security in mind.
- Dec 23, 2014
- 8,591
I hate small things, so I vote for the iPad.
But most people will simply choose the smartphone. It can be also a second smartphone only for banking.
- Dec 23, 2014
- 8,591
Yes. If there were no users, there were no problems too.
- Feb 8, 2016
- 537
I quote @harlan4096
Kaspersky with Application Control on your all HDD/SSD (just allow trusted and know applications in KSN) without trusting digital signed application. Set unknown applications and applications that start before Kaspersky in the untrusted section.
Kaspersky with Application Control on your all HDD/SSD (just allow trusted and know applications in KSN) without trusting digital signed application. Set unknown applications and applications that start before Kaspersky in the untrusted section.
- Dec 23, 2014
- 8,591
I share a similar viewpoint (although it is not related to most MT members).
People tend to choose convenience over security, so the battle will never end.
From the point of view of a single person (but not an Enterprise manager), it is not as bad as it seems. One can easily increase safety by learning, developing a few safe habits, and applying basic security recommendations. Why? Because most people do not do this.
Edit.
Anyway, the safety of people's data in the public sector is something that worries me. One can lose money or privacy by the insecurity of institutions, organizations, shops, etc.
Last edited:
- Dec 23, 2014
- 8,591
Criminals use psychological tricks to fool users. These tricks are usually based on the convenience and miracle of the easy profit. So, the criminals do not bother to fight (smart) default-deny solutions in the widespread attacks. They know that most people do not use such security because it is not so convenient and requires more skills. That is why even very old and simple solutions like Windows built-in SRP can be still very efficient.
- Dec 23, 2014
- 8,591
That is normal. Anyway, even if default-deny was popular, this could not solve the problem. Simply, the criminals would be forced to use already known bypasses to fight default-deny (and find many others). For now, this happens only in highly targeted attacks.
Default-deny is so effective because it is "above average" solution. SRP would not be effective when most people would start using it, although the life of criminals would be harder.
- Dec 23, 2014
- 8,591
Yes, the current attack surface will be reduced. But, it will not help much. We can see it in the examples of Linux or iOS. They were much safer a few years ago compared to the present time.
If this kind of default-deny you think of would be applied, the criminals could focus on other attack vectors (blackmail, exploits, physical access, etc.). Furthermore, if the new strong security is invented then people always tend to increase convenience that also increases the attack surface. It seems that people can accept some level of insecurity in their lives (we can see it also in the relation to COVID-19). When one invents seat belts, then we drive faster and use smartphones when driving.
Edit
I think that you correctly noticed that the user is always the problem. I can only add that this will not change in the future.
Last edited:
- Aug 22, 2013
- 892
I became a member of this forum in the year 2013 and during these 8 years or so I have not seen any of the active members complaining they have got a serious malware infested device, so I respectfully disagree, not all are idiots, there are some like my fellow MalwareTips members who does know what they are doing.
- Jul 26, 2015
- 263
Ill second @JoyousBudweiser
stuff getting a little harsh from the tone here.
The Topic was about Default Deny Apps!!! Thing like Humanity and References on a State being hacked is not cool...
That is why we have in the IT World - White Hats maybe a Gray Hat - Some are very good IT-Security Specialists - We learn from each other - We also have to live with the OS Systems in the Market like - Windows / Apple OSX - iOS / Linux - If ppl think they can do it better then them power to you
Just be mindful that there are Member here in the Forums that come from the Field and try there best to handle stuff with things given. (Not even the IT Guys fault!)
Best regards
Val.
stuff getting a little harsh from the tone here.
The Topic was about Default Deny Apps!!! Thing like Humanity and References on a State being hacked is not cool...
That is why we have in the IT World - White Hats maybe a Gray Hat - Some are very good IT-Security Specialists - We learn from each other - We also have to live with the OS Systems in the Market like - Windows / Apple OSX - iOS / Linux - If ppl think they can do it better then them power to you
Just be mindful that there are Member here in the Forums that come from the Field and try there best to handle stuff with things given. (Not even the IT Guys fault!)
Best regards
Val.
- Dec 23, 2014
- 8,591
I like the philosophical tone in discussions and I have enjoyed all posts in this thread. Anyway, @valvaris is right - after these refreshing considerations, we can "return to earth" now.
- Apr 5, 2021
- 621
The discussions are okay with me, fwiw, although I do sense a "glass half empty" vs a "glass half full" take on the subject.
Similar threads
