Basic Security brod's minimalistic config (2018)

brod56

Level 15
Thread author
Verified
Top Poster
Well-known
Feb 13, 2017
737
Well, I wouldn't use the password manager that is in Chrome, I would get a real one like KeePass or Stickypasswords.

I have tried Last Pass, interesting product, but the need to pay to use the real time functionality on Android kept me away. The advantage of the Chrome one is that is synced with no problem.
Also, no sensitive passwords there, just some chess sites and fancy stuff.
 

JHomes

Level 7
Verified
Well-known
Jul 7, 2016
339
Your backup strategy doesn't make any sense. OneDrive is not a data backup tool, it's a cloud based storage service. So let's assume that you will move data over there, that means you are potentially putting a lot of data there, which could be costly.

When are you scheduling Macrium Reflect?

I think this is a recipe for disaster. There's no way all of your data will fit on OneDrive without upgrading storage space. Better off going to a snapshot tool like Rollback Rx for your data backup. Do a daily backup with the free Home Edition, then do a weekly backup with Macrium Reflect. This will be more secure and it's more cost effective as well.
 
  • Like
Reactions: Daljeet

brod56

Level 15
Thread author
Verified
Top Poster
Well-known
Feb 13, 2017
737
Your backup strategy doesn't make any sense. OneDrive is not a data backup tool, it's a cloud based storage service. So let's assume that you will move data over there, that means you are potentially putting a lot of data there, which could be costly.

When are you scheduling Macrium Reflect?

I think this is a recipe for disaster. There's no way all of your data will fit on OneDrive without upgrading storage space. Better off going to a snapshot tool like Rollback Rx for your data backup. Do a daily backup with the free Home Edition, then do a weekly backup with Macrium Reflect. This will be more secure and it's more cost effective as well.

A recipe for disaster? Lol. I have Office 365 annual subscription for my whole family so I have 1 TB of online storage.
Im doing monthly backups with Macrium Reflect, just in case, I don't even think I will ever need to restore one system image.

Add EEK or NPE.

Add HTTPS Everywhere.

Thanks for sharing.

I actually already had HTTPS Everywhere, just forgot to add it to the extension list.
Thanks for commenting.

I recommend to try NoVirusThanks OSArmor once it supports secure boot.
I appreciate your suggestion. As already said in the original post, I'm not using any default-deny solutions on purpose, mainly because the PC is quite old and Voodooshield slowed it quite a bit.
Might try NVT one day though.

Just to clarify, the point of this config is to be as simple as possible. If I wanted to setup a locked-down system I would, just check my 2017 config, it's way more complex, with powershell/wscript executables disabled via Hard Configurator, and Voodooshield Pro on AutoPilot. Here, I just wanted to keep it simple and quick for my old PC.
IMHO, this setup is clearly secure if coupled with common sense, I can't understand the rating.
 
Last edited by a moderator:

Malware Person

Level 4
Verified
Jun 8, 2016
171
add https everywhere and use a different password manager. If an attacker compromises the browser, then you're in trouble
 
  • Like
Reactions: brod56

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Just my minimalistic config for the new year.
I have learned a lot of things since I posted my first config back at the start of this year, I tried many solutions, from default-deny ones to sandbox solutions, and just came into this! Simple and fits my needs (no torrenting at the moment).
Happy new year :)
It is a good config for normal use, for no-'happy clicker' user. One should also know SmartScreen limitations (archives, pendrives, etc). The weak point may be macros/script/scriptlets embedded in several ways in Office documents (macros, DDE, ActiveX, OLE, OnClick and OnMouseOver actions). Some of those techniques may work even for non-'MS Office' applications. So, one should know how to avoid spam in the first place or use online Office solutions.(y)
 
Last edited:

brod56

Level 15
Thread author
Verified
Top Poster
Well-known
Feb 13, 2017
737
It is a good config for normal use, for no-'happy clicker' user. One should also know SmartScreen limitations (archives, pendrives, etc). The weak point may be macros/script/scriptlets embedded in several ways in Office documents (macros, DDE, ActiveX, OLE, OnClick and OnMouseOver actions). Some of those techniques may work even for non-'MS Office' applications. So, one should know how to avoid spam in the first place or use online Office solutions.(y)

For sure. I usually check unknow files from mails/prendrives via VirusTotal, I know it is important given the fact that I have no Voodooshield (or other effective anti-ransomware solution) in this machine.
 

brod56

Level 15
Thread author
Verified
Top Poster
Well-known
Feb 13, 2017
737
So I've just put my laziness away, and updated the thread fields with proper, more complete information.
Also implemented Hard Configurator recommended restrictions.
Thanks for your comments and sorry if I was a bit rude answering to y'all, I was kinda pissed off with the Caution rating.
Merry Christmas to all the MT community :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top