Advanced Plus Security blackice's 2021 Security Configuration

[blackice]

Very nice Security Configuration, although I am not a big fan of Malwarebytes.

I don't blame you. It's an experiment. My internet habits are bland and I got bored. It was already installed for second opinion (though I had to reinstall a couple times), and I had a license key. Honestly I like your favorite Bitdefender, but should just go with Microsoft Defender in terms of practicality. I've had the least issues with MS Defender and ESET. But so far so good once I got Malwarebytes to register.

 

[blackice]

You can all rest easy. Malwarebytes was not registered after my last reboot, rebooted for unrelated reason. Back to Microsoft Defender or Bitdefender for now. Such a bummer I really liked it, but that’s some pretty bad unreliability. Seriously there’s always some problem with these silly apps.

 

[SeriousHoax]

You can all rest easy. Malwarebytes was not registered after my last reboot, for unrelated reason. Back to Microsoft Defender or Bitdefender for now. Such a bummer I really liked it, but that’s some pretty bad unreliability. Seriously there’s always some problem with these silly apps.

Some seems to be having problems with this Windows Security registration. ESET had this issue for some users for a few months. Kaspersky has an issue now but that's a bit different. If you uninstall Kaspersky, it doesn't remove itself from Windows Security registration. The main uninstaller and their uninstallation tool (which is worse than the default uninstaller) both don't remove it, so after uninstallation even Windows Defender doesn't start as the AV. Good for me, I know how to manually fix that. Some AV vendors really need to fix their Windows Security integration. Maybe Windows change things from time to time and this cause problems for them.
Edit: I'm on 21H1. So don't know if that has something to do with this.

 

[blackice]

Some seems to be having problems with this Windows Security registration. ESET had this issue for some users for a few months. Kaspersky has an issue now but that's a bit different. If you uninstall Kaspersky, it doesn't remove itself from Windows Security registration. The main uninstaller and their uninstallation tool (which is worse than the default uninstaller) both don't remove it, so after uninstallation even Windows Defender doesn't start as the AV. Good for me, I know how to manually fix that. Some AV vendors really need to fix their Windows Security integration. Maybe Windows change things from time to time and this cause problems for them.
Edit: I'm on 21H1. So don't know if that has something to do with this.

I'm still on 20H2, so maybe there is something there.

 

[harlan4096]

It is well-known that Kaspersky does not support Windows beta versions...

 

[blackice]

It is well-known that Kaspersky does not support Windows beta versions...

Most AVs barely support new stable releases.

 

[SeriousHoax]

It is well-known that Kaspersky does not support Windows beta versions...

It's not beta. Windows 21H1 has been available for a while but has not been officially pushed to consumers yet. Also, the AV runs fine, only it doesn't remove the Windows Security integration at uninstallation. The problem didn't exist before Kaspersky 21.3.

 

[harlan4096]

Anyway for Kaspersky it is still as a beta, They won't add (probably via a patch, as in previous W10 updates) the support until the official release...

 

[blackice]

Removed adblocking in browsers as ControlD DNS (from Windscribe) seems to be very effective. I don't care about FLoC because I don’t use Chrome for much other than Google services and banking.

Added HitmanPro as second opinion scanner.

 

[SeriousHoax]

Are you using the paid version?
What about ads on Youtube?

 

[blackice]

Are you using the paid version?
What about ads on Youtube?

ControlD is on the 30 day trial of the paid service. Already useful as the ad blocking DNS blocks some things I need custom rules or bypasses to unlock.

Currently I am on a free trial of youtube Premium for 3 months...so that's a good question. But, I'm also torn on that, I want channels I view to get paid. I really have mixed feelings on ad blockers since basically it is breaking the web. They really screwed things up with malvertising getting out of hand and ugly ads. I don't want to pay a subscription for every site, but I want them to get paid for their content. Anyway, if it's like NextDNS it will just not work for in video ads. But I might be okay with that.

 

[blackice]

Looks like someone wanted to see if they could kick it with Bitdefender.

 

[blackice]

Back to NextDNS. It's faster than ControlD where I'm at. Specifically the malware filtering. I was excited about ControlD's new enhanced malware filtering, but their malware filtering DNS now takes 2X or more time to resolve anything and sometimes sees random latency spikes. For the moment NextDNS is more mature and robust for what I use it for. Also, lacks Windscribe's lowbrow marketing.

Edit: the downside to NextDNS being that I have to use a DDNS to keep my IP updated for using the standard DNS address on our router.

 

[ForgottenSeer 85179]

Edit: the downside to NextDNS being that I have to use a DDNS to keep my IP updated for using the standard DNS address on our router.

If your router support encrypted DNS, that's not needed.

 

[Brahman]

Edit: the downside to NextDNS being that I have to use a DDNS to keep my IP updated for using the standard DNS address on our router.

Its safer to use DOH than the traditional dns setup. You can use YogaDns application to convert your nextdns to system wide doh. Its very easy to setup and you can have multiple configurations and change it on the fly.

 

[blackice]

If your router support encrypted DNS, that's not needed.

Unfortunately it does not, hence the problem. But even as a plain DNS NextDNS is one of the better, and my router has threat filtering anyway.

 

[blackice]

Its safer to use DOH than the traditional dns setup. You can use YogaDns application to convert your nextdns to system wide doh. Its very easy to setup and you can have multiple configurations and change it on the fly.

Yes, but not for several other devices on the network. Most devices still use traditional DNS addresses. I would say it’s rather more private than safer.

 

[Brahman]

Yes, but not for several other devices on the network. Most devices still use traditional DNS addresses. I would say it’s rather more private than safer.

I beg to differ slightly on that, consider this senario, A fileless malware hardcoded with "phone home" feature using google doh to download its payload will not register anything in port 53 traffic but everything will go through the encrypted port 443, which the traditional Nextdns setting will not prevent as it does not see it even if you enable " block bypass methods" under "Parental control" setting. But if you are using DoH of nextdns and if you have enabled " block bypass methods" the call to google doh will not go through and the malware will not get activated. So I feel it also has some safety feature when it comes to Doh coupled with nextdns.

 

[ForgottenSeer 85179]

I beg to differ slightly on that, consider this senario, A fileless malware hardcoded with "phone home" feature using google doh to download its payload will not register anything in port 53 traffic but everything will go through the encrypted port 443, which the traditional Nextdns setting will not prevent as it does not see it even if you enable " block bypass methods" under "Parental control" setting. But if you are using DoH of nextdns and if you have enabled " block bypass methods" the call to google doh will not go through and the malware will not get activated. So I feel it also has some safety feature when it comes to Doh coupled with nextdns.
View attachment 257953

While that's true in theory, remember that malware can just use direct IP connections without using any DNS.

Nowadays malware also know about encrypted DNS and some kind of enforcement so keep that in mind too

 

[blackice]

I’ll wait until Windows update to natively support encrypted DNS in stable release. It’s outside my scope of risk to worry about every single scenario. Also my router filters by IP, so if the IP malware is connecting to is being recognized it would be blocked when the connection is made. I am not a high risk user and I am currently the only Windows user at home.