- Jan 27, 2012
- 334
One of my machines is running Avast free, hardened mode with VoodooShield Pro. This is very lite and seems to work quite well.
Default Deny VS traditional AVs
- Thread starter JM Safe
- Start date
- Jan 28, 2016
- 525
Apologies for going off topic but I'd be interested to see what your results are, and if the problems we both encountered a while back have been fixed. Could you post back in the Panda section? I've got premium licenses but I'm still reluctant to go back to it after my experiences first time round.Yup, premium Panda has all sorts of goodness in it.
We're set to re-test Panda in the work lab this week, and I will mirror some of the tests at home. I am hoping they addressed the bugs I reported back then. I had a lot of fun tweaking it to offer a level of protection most people didn't expect Panda capable of.
LOL. I didn't say remove garbage collector. I said something else.
LOL, I re-read now your post and I edited my reply. Go to read it
Nope. Not really. Not for home users. It is the piled-in garbage that Microsoft ships with general OS that is Windows. It benefits a tiny fraction of all users and places all other users at-risk. Not any kind of common sense security model.
And apps that use it perform terribly on Windows, in general. It's garbage.
Chrome OS\Chromium OS does just fine without it. And most of the paranoid people here that are so bent out of shape about security should move to Chromebook... never to return to Windows.
- Jan 28, 2016
- 525
Yes, default deny is for more adept users, but to say AV is for beginners is clearly ridiculous, as both this thread and MalwareTips as a whole ably demonstrates. Of course beginners use AVs, but so do a lot of advanced users, plus the dreaded Average Joe who you seem to have so much contempt for
.Out of interest, what sort of user is Emsisoft aimed at?
- Jun 24, 2016
- 2,400
Default deny is clearly superior but it implies a bit of Windows knowledge and to be patient to understand and play with it. Most of the times I just have flashes like "gosh when I used AV I didn't have so many default blocks" and then I realise how ransomware can bypass Avast by adding one line of code calling AvastSvc and I hug my default deny solution
I'm aware of what vulnerable processes are and as for the encryption, its functionality in cipher.exe and using cmd.exe to use the functionality isn't mandatory.
I wasn't referring to vulnerable processes earlier on. It doesn't matter as to what I was referring to, it'll just introduce paranoia discussions and cause tons of misunderstanding. Forget about anything I said outside of my post edit.
The .NET Framework is filled with tons of security holes and worst of all, a lot of software engineers decide to use older versions for compatibility reasons (e.g. default versions pre-installed on Windows 7 or other versions of Windows) which leaves them even more vulnerable for using an outdated version. 99% of the .NET community isn't going to understand security... and the .NET Framework was never designed to be secure in the first place as far as I am concerned (and if it was, that's even more embarrassing).
The .NET Framework can be useful for some things but I do not think this outweighs the cons.
Each to their own though. I myself agree with you and I know a lot of my colleagues would also.
OSArmor is used for something (talking about those vulnerable processes and scripts), and some default-deny Software has those in mind as well.
We get it, you hate Microsoft and want everyone to change to a Chromebook (that is data-mined by Google), will never happen.
Would love to sit and chat about how wrong you are in some aspects, and how your emotions are getting in the way of your judgment regarding Windows.
But it would derail this topic.
OSArmor is really decent and covers a lot of areas. It's a perfect companion for people who understand how to work the configuration and how the configuration can affect their environment (e.g. in-case something will be blocked which needs to be used, etc.) in most cases. The chances of conflict with another security solution is not very high based on how it filters.
The developer designed it well and deserves a kudos.
- Dec 23, 2014
- 8,119
All three solutions can be good if the user knows the weak points of adopted security and does not expose them via vulnerable activities.
For example, the user on the well updated Windows 10 can be very secure with AV, if he:
Personally, I would like to vote for AV with fast signatures + smart default-deny. The word 'smart' means that executing the new files is disabled by default except for some whitelisted locations and application installers which are forced to be always checked by the good application reputation service (like SmartScreen).
For example, the user on the well updated Windows 10 can be very secure with AV, if he:
- uses apps in App Container for vulnerable activities (web browsing, viewing/editing documents, etc.);
- installs only applications accepted by SmartScreen (EXE, MSI installers) downloaded via the web browser to the NTFS hard disk;
- does not open files with vulnerable/unknown extensions;
- avoids spam and think twice before opening e-mail attachments;
- uses safe DNS service;
- uses 'Public network' profile;
- uses the separate account for shopping.
Personally, I would like to vote for AV with fast signatures + smart default-deny. The word 'smart' means that executing the new files is disabled by default except for some whitelisted locations and application installers which are forced to be always checked by the good application reputation service (like SmartScreen).
Last edited:
- May 26, 2014
- 1,339
I have a very different opinion about default deny; for me it is much better suited for average/beginners than for advanced users.
The former group cant be trusted to make choices about what file will run and advanced users will run only files that they really need, so an antivirus with behavior blocker is their safe belt in a rare judgment mistake.
Edit: @Andy Ful approach is the perfect balance between security and "annoyance" (user input), it is something that advanced users and begginers can use without impacting their activities.
The "dumb" default- deny has no value for the advanced user (except for hobby) and while it is very good for begginers it demands initial configuration, something that in the "real world" can only be properly done in a corporate environment.
The former group cant be trusted to make choices about what file will run and advanced users will run only files that they really need, so an antivirus with behavior blocker is their safe belt in a rare judgment mistake.
Edit: @Andy Ful approach is the perfect balance between security and "annoyance" (user input), it is something that advanced users and begginers can use without impacting their activities.
The "dumb" default- deny has no value for the advanced user (except for hobby) and while it is very good for begginers it demands initial configuration, something that in the "real world" can only be properly done in a corporate environment.
Last edited:
- Mar 29, 2018
- 7,102
One should never use Windows unless they require it for Windows-Specific gaming. Otherwise, it's best to just toss it out. I successfully converted everyone in the household from Windows Notebooks to ChromeBooks and it's been a resounding success. Most importantly, I have not a care in the world regarding those devices. Zero concern, ever, for security or stability with them.
You can take them to security levels where Windows cannot even hope to achieve. Check out my thread on this;
Tutorial - Configure your Chromebook for Ultimate Security
I've got a mission with family and friends.. To convert them to Chromebooks as time comes for laptop/notebook upgrades. Windows, regardless of tweaks/software, is just not safe enough for them. Security/Antivirus firms know the proliferation of ChromeOS devices spells the beginning of the end of their industry. By 2020 a full 90% of EDU environments will be ChromeOS by industry estimates, that's billions in lost revenue for security theater firms. Microsoft themselves know this is coming and are attempting to convince EDU purchasers that 'Windows is safe too now!' in a futile marketing campaign destined to fail. G Suite is way too popular now, and free - it's spreading like wildfire. Blackhats are losing entire swaths of vulnerable sheep to exploit.
Chromebook is a web box with little to no functionality Offline, not to mention it can't run anything outside the Google Store.
As for security, I'm sure everyone knows the number of attacks doesn't equal to how much secure it is or not (common mistake that makes people believe OSX and/or Linux are safer than Windows, when they're not).
I can make a keylogger for Linux in 5 min. with no systems in place to stop me (believe me, I've done it for research sake), while on Windows the same can't be said.
Chromebook can take malware like any other OS, the Google Store is no stranger to malware.
So no I don't fall for all this advertising of Chromebook being invulnerable to Malware and being the safest ever, for me it's like any other and you guys are over-hyping it.
Wanna be secure practice safe habits, there's no miracle Software nor OS that will keep you safe from stupid.
Last edited:
- Dec 23, 2014
- 8,119
Chromebook is much more secure as compared to Windows, against the system infections, but still vulnerable to web infections (keyloggers in the web browser, vulnerable or malicious extensions, vulnerable or malicious web apps, stolen passwords, etc.). Anyway, it can be recommended for anyone who is OK when using only the web applications with a good reputation.
It is also much more user-friendly than Windows.
It is also much more user-friendly than Windows.
- Jul 6, 2017
- 2,392
Well at this moment, I am using Comodo Firewall with the Cs configuration). For me it is more than enough. But I'm always trying solutions for fun.
Lots of Chromebooks have local storage and functionality (mine included). Currently, Chromebooks are one of the most flexible because you can run Chrome Apps, Browser Apps, Android Apps and Linux Programs. Since Linux runs in a VMC (container) it's not going to get you infected and VBoot will guarantee it's not going to break containment.
The cool thing is, ChromeOS doesn't allow you to install ANYTHING in the protected user space authenticated by Verified Boot so you aren't going to get infected, ever. The worst that can happen is you are dumb and install a fraudulent extension. That's removed with one click, or simply powerwash the device with 3 clicks and 15 seconds of your time. Bad extensions aren't considered malware, they're just bad extensions. Your entire threat surface is literally - bad extensions, bad websites and maybe a dumb Android App you can 1-click uninstall. That's going to be it, it's one of the lowest threat surfaces possible aside from specialty OS's for secured environments.
Back to the subject at hand, sorry for the slight tangent.
Nope. My emotions have got nothing to do with my dislike of Windows. My judgment about Windows is spot-on with the security-aware within the industry. Those that know better dislike it for security reasons at the common-sense level.
As for my dislike of Microsoft, it is based upon experiences that many within the industry and user-land confirm. Just search the web. Bad experiences with Microsoft across decades are posted all over the web.
Microsoft is no one's friend.
Last edited by a moderator:
Similar threads
