Can common sense replace security?
- Thread starter bogdan
- Start date
RE: thewolfsmith72 config
Yes it can. The first layer in any security is yourself. No security in the world can save you from yourself.
Yes it can. The first layer in any security is yourself. No security in the world can save you from yourself.
ghost
Level 1
- Jan 16, 2011
- 132
RE: thewolfsmith72 config
Hacked site redirects you to an infected website with an browser exploit, your antivirus program is useless cause it doesn't detects it and you can't do anything cause your browser is already patched by that exploit. How is your common sense now? Antivirus programs are useless sometimes and your common sense can be tricked.
Hacked site redirects you to an infected website with an browser exploit, your antivirus program is useless cause it doesn't detects it and you can't do anything cause your browser is already patched by that exploit. How is your common sense now? Antivirus programs are useless sometimes and your common sense can be tricked.
- Jan 7, 2011
- 1,362
I see dieselman's point. We spend some time choosing and setting up security apps the way we feel it works for us, but we rarely see the benefit of all that time & energy spent. Assuming you have a full disk image at hand, as a safety net, is it worth it to have HIPS + firewall + sandbox + etc. ?
Like I gave said. I went almost a year with NO real time security. All I used was common sense and I still never got infected. 90% of malware infections are user caused. I see it everyday when I show to somebody's house who is click happy as can be. Start fixing computers and you will understand.
- Jan 7, 2011
- 1,362
But what about those rare but somewhat famous pieces of malware that are able to infect you without user interaction? For example Conficker. A worm able to spread within a network using ports usually opened on every windows machine with an exploitable windows service listening to them. Built-in Windows security is hopeless in front of sophisticated malware like that. Microsoft added too many features that are more or less useless for me but can become a security risk. For example UPnP - Universal Plug and Play - do I really need a service crawling my network looking for devices that might be attached? If I have UPnP enabled in my router also, malware can even open its ports if it wants too. Sure, Microsoft starting with XP, decided to allow only computers within a network to use this services (previously you could exploit these services over the Internet) but I can't always control every PC attached to my router. Friends might come over and I need to allow them to connect or I might be using a laptop that I need to connect to a hot-spot.
ghost
Level 1
- Jan 16, 2011
- 132
Believing that common sense will protect you from most malware makes you a little too arrogant. I don't want to start a polemic here so I will recommend it as only my opinion and not something to follow or believe. Over confidence in your capabilities will eventually damage your PC. I believe in your skills and don't argue about that but common sense is not about taking a file every time you download something and analyse by breaking it in to pieces, most here know what I'm talking about, it would be a pain to work under this kind of stress at your PC and loss of time and money. Norton does a great job by providing a background info about most files you encounter by whitelisting those files in the cloud. Soon this module will be necessary in all suites like HIPS was and is all those years for advanced users.
- Jan 7, 2011
- 1,362
Common sense does prevent you from getting infected due to your own mistakes, but I am concerned about stuff that is out of your control on a Windows machine. For example one of the latest patched issued by Microsoft fixes vulnerabilities in SMB client (file & printer sharing) that could allow remote-code execution (MS11-019) - the attack must come from inside your network, though. And this happens often. Because i know these things can happen, I don't feel secure using no security. I wish I did though. I sometimes feel the need to lower my security.
ghost
Level 1
- Jan 16, 2011
- 132
Exactly what we were talking about. Malware or actions that can't be controlled or repelled by the user in front of that PC. The more security you add the more you will slower your PC performances and you wasted some money for nothing on it. I'm trying to teach my wife some Linux skills and eventually renounce Windows. It's not normal to pay for a product that will never be safe enough to use. Again that's only my opinion and plan, i know i will miss playing around with security software.
- Jan 7, 2011
- 1,362
OK, so you think that the possibility of that happening is small enough that it can be safely neglected? (Since ghost mentioned linux) won't this assumption make Windows as secure as any other OS, its only downsides being that it is used by most people, it is the most targeted and users aren't tech savvy enough to not get infected by running malicious apps.?
Most of you dont fix computers for a living. Until you do you will never understand how dumb the average use really is. Here is a prime example of why common sense is what it takes to stay safe.
I went to this woman's house,she was a first time client. Her NIS came preinstalled but it was 2008 version. So I upgraded her to the 2011 and set all settings the Aggressive. Since she as on XP 32 bit I also set her up with Sandboxie and Firefox. I showed her what each program does and how to use them. I left and her pc was fully up to date and more or less perfect. About 4 months later she called saying her pc was acting up. So I went over there. Well the first thing I noticed was that Sandboxie was gone. She told me she hated it. I said well ok but that's your choice. I was only trying to keep you safe. The second thing I noticed was that NIS had been disabled via the main GUI. This was done by her cause I set in a password for her so no one else could change the settings. Well she was infected with some adware toolbars and a couple of trojans after scanning with MBAM and HMP. Once I was done cleaning up the mess and renabling NIS I asked her why she did those things. The Sandboxie thing I can understand but disabling NIS and leaving it that way. Whatever.
So she proceeded to show me an email from her so called friend. The email had a link to which Safe Web blocked. She did not like that cause she wanted to via the page so she disabled NIS to view it and download what her friend sent her. Well it turns out that she did not even know this person who sent her the email but she thought she did.
Moral of the story................You can have the best security in the world but if you don't have any common sense its all worthless.
"You can lead a horse to water but you cannot teach him how to drink"
I went to this woman's house,she was a first time client. Her NIS came preinstalled but it was 2008 version. So I upgraded her to the 2011 and set all settings the Aggressive. Since she as on XP 32 bit I also set her up with Sandboxie and Firefox. I showed her what each program does and how to use them. I left and her pc was fully up to date and more or less perfect. About 4 months later she called saying her pc was acting up. So I went over there. Well the first thing I noticed was that Sandboxie was gone. She told me she hated it. I said well ok but that's your choice. I was only trying to keep you safe. The second thing I noticed was that NIS had been disabled via the main GUI. This was done by her cause I set in a password for her so no one else could change the settings. Well she was infected with some adware toolbars and a couple of trojans after scanning with MBAM and HMP. Once I was done cleaning up the mess and renabling NIS I asked her why she did those things. The Sandboxie thing I can understand but disabling NIS and leaving it that way. Whatever.
So she proceeded to show me an email from her so called friend. The email had a link to which Safe Web blocked. She did not like that cause she wanted to via the page so she disabled NIS to view it and download what her friend sent her. Well it turns out that she did not even know this person who sent her the email but she thought she did.
Moral of the story................You can have the best security in the world but if you don't have any common sense its all worthless.
"You can lead a horse to water but you cannot teach him how to drink"
You don't need the knowledge if you use common sense. This woman knows nothing. But if she used common sense she would have avoided this issue. Common sense /safe surfing is the FIRST step in keeping your computer safe. I can only do so much. I see some of the same people every few months for malware related problems. Why? Is it cause there security is inadequate? No. Its cause they are click happy,non common sense users.
You can give a soldier the best weapons in the world but if has no common sense its worthless.
You can give a soldier the best weapons in the world but if has no common sense its worthless.
ghost
Level 1
- Jan 16, 2011
- 132
You're talking from an experienced user view. Unexperienced users can't even install a program properly and we are talking about common sense when they really need is experience. An experienced user can do with or without a security program using common sense but all those lower categories can't do a thing except getting into trouble.
@bogdan..There is a big difference between Linux and Windows ,and comes with a bill.
@bogdan..There is a big difference between Linux and Windows ,and comes with a bill.
Similar threads
