harlan4096

Moderator
Staff member
Malware Hunter
Verified
Hi guys!
We've archived all the 2018 or older security configs, and all the members can post a new thread with their current security setup.
We would also like to announce some changes for PC Security Configuration forum. Apart from some minor changes, here is what we've added for 2019 configs:

  • Device Specifications: Members can now post directly in the thread the device specs on which the security configuration is running on:

1546594528926.png

  • Device Activity: Members can now post what are the main activities that are performed on the device:
1546594546075.png


  • Custom Settings For Real-Time Protection Details: Members can now post what settings they have changed for the main security product (Optional):
1546594579857.png


  • There will be also a Warning / Disclaimer for those advanced risky/dangerous configurations in order to advise average or newbies users trying to clone/copy the settings or characteristics of such configurations.
 

harlan4096

Moderator
Staff member
Malware Hunter
Verified
Also, I would like say to all those users posting their new avalanche 2019 configurations be a bit patient until I check and assign a security risk tag to them, sorry for the inconveniences and thanks! :giggle:
 

Raiden

Level 10
Content Creator
Verified
Good changes!

I was wondering if there has been any thought put into my suggestion in @RoboMan thread about lowering the configuration level to either risky/dangerous for those with overkill setups? To me it dosent matter the experience level of the poster, if it's overkill and there's huge risk for conflicts this should be taken into consideration when rating the overall setup IMHO. We all know that more is not always better and can actually decrease your overall security. I think this is especially important if the ratings are being based on average users looking to copy/replicate the setup?

We should be a fourm that not only likes to have fun, talk about security and technology, but it also needs to be educational. We need to make sure that we aren't creating fear and paranoia, thus forcing people into thinking they need tons of programs/extensions to be safe. We need to make sure people understand the basics along with whatever program/setup they decide to use. :)
 
Last edited:

oldschool

Level 26
Verified
Thanks @Jack and mods. But I tend to agree with @Raiden and others that thought should be given to some type of overkill warning or tag. Of course members' suggestions are great but maybe not always reliably consistent, e.g. noob replies to new member config. This suggestion certainly warrants some consideration by @Jack, et. al.
 

Raiden

Level 10
Content Creator
Verified
@Raiden: to those overkill setups, usually are given suggestion to simplify and remove redundant applications.
That's fair. The only issue I see with that is that if they still see the secure tag, they may actually just look at the configuration itself and not take the time to read the comments. Also, if people are suggesting to reduce the clutter if you will, people may still go, well it must be ok becuase it's still marked as secure. I think by flagging the setup as risk/dangerous, it should atleast give pause to the person looking over the config to find out why. Also, comments like reduce the clutter will be taken more seriously IMHO. (y)
 
Last edited:

TairikuOkami

Level 22
Content Creator
Verified
We need to make sure that we aren't creating fear and paranoia, thus forcing people into thinking they need tons of programs/extensions to be safe.
Unfortunately, there is not one extension/software, that rules them all, if you want to cover all routes properly, there is not a simple way to do it. Of course, you can be safe, if you install just AV and nothing more, while adding another software/extension can increase security level only by 0,01%, but it can be that 0,01%, that is dangerous, like IDN webpages, which can easily fool even an expert, since almost no one checks certificates daily.
 

Raiden

Level 10
Content Creator
Verified
Unfortunately, there is not one extension/software, that rules them all, if you want to cover all routes properly, there is not a simple way to do it. Of course, you can be safe, if you install just AV and nothing more, while adding another software/extension can increase security level only by 0,01%, but it can be that 0,01%, that is dangerous, like IDN webpages, which can easily fool even an expert, since almost no one checks certificates daily.
That's totally fair!

Don't get me wrong, I am in no way against people using a variety of programs and extensions to keep themselves safe, but my point is really where do we draw the line? It's not so much that people can't use multiple programs/extensions, its that they do so in a way that they overlap one another, thus potentially making their overall security worse. There's been setups where people use the likes of KIS, VS, OSA, Zemana Anti-logger, Malwarebyes Browser extension, WDBP, BTL, HTTPS Everywhere, etc...all together. Now, I am pointing out a very extreme case, but there are setups very similar to this. Another point to consider is, what are the chances of running into these types of attacks, especially for home users? Not saying it can't happen, but if we stress over every little thing, that's where you end up with the fear/paranoia and the overkill setups.

I think we have to keep in mind that it's not just tech savvy users that are looking at these setups, but average users as well, so if they are just coping the setup without any knowledge how it all works together, then we are potentially creating more issues for them.

At the end of the day we need to create an environment that is fun and educational, but not so that people are stressing over every little thing. We should be able to be secure, but at the same time enjoy using our computers, no be afraid of them.:)
 

brod56

Level 15
Verified
Just a quick off-topic suggestion: create a more modern, clean layout for the fields. For example, 4 horizontal textboxes:
- Device info (specs, use purposes)
- OS security (build, firewall, backup software, etc)
- General security (AV, companion av/default-deny, second opinion scanners, etc)
- Web (browser, extensions, dns, vpn, etc)
The editing layout would be the same.
 

TairikuOkami

Level 22
Content Creator
Verified
I think we have to keep in mind that it's not just tech savvy users that are looking at these setups, but average users as well, so if they are just coping the setup without any knowledge how it all works together, then we are potentially creating more issues for them.
You made a good point there, so I named my configuration accordingly to discourage anyone from using it. :D
We need some bad configs on the other side of the spectrum, so people can see, what it is not supposed to be like.
 

RoboMan

Level 27
Content Creator
Verified
Given the fact that it has been mentioned, I wish to second @Raiden. Not labeling as "Risky" those configurations which have lots of programs, but those configuration which overkill their systems with unnecessary software that end up on BSOD, security holes, biggest attack surface, component disabling (through errors), and beyond.