Advanced Plus Security Divine Barakah's Laptop Security Config 2021

[DDE_Server]

Unfortunately I forgot to turn off Kaspersky cloud telemetry whilst writing custom ransomware, my executable was uploaded and was detected the next day (I was just finishing the file iterator), so I couldn't test it against truly unseen ransomware
I had to change the whole key generator logic + the note writer module and it's too much hassle.

The ransomware I discovered was all detected by heuristics set to max. It could be stopped by Application Control as well.

i did not consider Application control as real time protection as it is considered as default deny one " whitelist and then block" if you used solid core in mcafee ePO or vodooshiled it would mostly act the same
but as behavior blocker the differences appears
sorry for your ransomware baby hope you give birth to another one xd

 

[ForgottenSeer 89360]

i did not consider Application control as real time protection as it is considered as default deny one " whitelist and then block" if you used solid core in mcafee ePO or vodooshiled it would mostly act the same
but as behavior blocker the differences appears
sorry for your ransomware baby hope you give birth to another one xd

Well regardless of what you call it, it is a module that works in favour of your protection.

This one was a collection of unusual third-party frameworks... It will take time for me to find more of them, but I am sure I will.

 

[Gandalf_The_Grey]

Yes, I know. But I'm talking about the browser security option in Adguard Desktop. See How malware protection works
So, what I said before, in that way Google Safe Browsing also can be used.

I know that blog, it nicely sums up how they work, but it's still not good enough.
It's the same for every product that uses Google Safe Browsing and is not from Google, they seemingly don't get access to the full power of Google Safe Browsing.
It's AdGuard, but also Firefox. Safe Browsing there is inferior to Safe Browsing on Google Chrome.

 

[ForgottenSeer 85179]

I know that blog, it nicely sums up how they work, but it's still not good enough.
It's the same for every product that uses Google Safe Browsing and is not from Google, they seemingly don't get access to the full power of Google Safe Browsing.
It's AdGuard, but also Firefox. Safe Browsing there is inferior to Safe Browsing on Google Chrome.

And NextDNS? As they provide Safe Browsing too

 

[Jan Willy]

I know that blog, it nicely sums up how they work, but it's still not good enough.
It's the same for every product that uses Google Safe Browsing and is not from Google, they seemingly don't get access to the full power of Google Safe Browsing.
It's AdGuard, but also Firefox. Safe Browsing there is inferior to Safe Browsing on Google Chrome.

What's your source?

 

[DDE_Server]

And NextDNS? As they provide Safe Browsing too

Adgaurd has this option if desktop version is used " Through DNS protection options

 

[Gandalf_The_Grey]

And NextDNS? As they provide Safe Browsing too

I don't know because I haven't tested it.
But I suspect the same, they will not get acces to the latest and greatest Google Safe Browsing.

What's your source?

Testing done here: Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings
And my own testing.

You can and should test it yourself like this: Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
See how much get blocked in Google Chrome without AdGuard and how much get blocked by AdGuard when using Google Chrome with Safe Browsing disabled.

The same for with and without NextDNS.

Please let us know the results.

 

[silversurfer]

I don't know because I haven't tested it.
But I suspect the same, they will not get acces to the latest and greatest Google Safe Browsing.

Testing done here: Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings
And my own testing.

You can and should test it yourself like this: Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
See how much get blocked in Google Chrome without AdGuard and how much get blocked by AdGuard when using Google Chrome with Safe Browsing disabled.

The same for with and without NextDNS.

Please let us know the results.

I can confirm from my testing, Google Safe Browsing is on Chrome more powerful than on any other chromium-based browsers, there is a difference for about 30 minutes delay to check on the latest database instead Google Chrome itself has always the fastest access in real-time!

I have noticed similar for Smart-Screen on Edge-Chromium and Microsoft Defender Browser Protection (from Chrome Web Store), the browser extension available only for chromium-based browser has a similar delay to access the database for web-protection by Microsoft.

 

[Jan Willy]

I don't know because I haven't tested it.
But I suspect the same, they will not get acces to the latest and greatest Google Safe Browsing.

Testing done here: Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings
And my own testing.

You can and should test it yourself like this: Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
See how much get blocked in Google Chrome without AdGuard and how much get blocked by AdGuard when using Google Chrome with Safe Browsing disabled.

The same for with and without NextDNS.

Please let us know the results.

A rather staggering conclusion. You and silversurfer have convinced me. Thanks. I will not test it. I don't use Chrome and neither the Adguard extension. Adguard Desktop serves me well in many ways. It comforts me that this app not only relies upon Google Safe Browsing. In NextDNS I've never activated this option.

 

[Divine_Barakah]

I have just installed AVG Internet Security with Hardened Mode enabled and Ransomware Protection set to Strict. I have also installed Password Protection component though I do not store any passwords in browsers (I am using Enpass). Will reflect all the changes to this thread once I finish configuring my device.

@oldschool I have decided to install Brave browser. Is it OK if I do not give Brave admin privileges during installation? Will contribute in anyway to my security?

 

[Divine_Barakah]

I would add HitManPro Free and EEK in Periodic scanners...

I have downloaded EEK just in case, but I am too careful when it comes to browsing habits. But a monthly scan with EEK won't harm me.

F-Secure is a very good product. Light and problem free most of the time.

F-Secure, at least on my devices, is one of the lightest product if not the lightest. Unfortunately I have to disagree that it is problem-free (even if you said most of the time) because F-Secure caused me many issue: it did not allow me to update IDM, it did not allow me to install IceDrive Windows client and it did not allow me to upload any files to my IceDrive cloud and I had to contact support which said that IceDrive was not blocked on their side and after a day or two the issue was fixed. I am not bashing F-Secure and I do like it tbh, but the absence of firewall is one of the reason that prevents me from sticking with it.

My only concern is Waterfox that has no browsing protection at all because they removed (the they believe spying) Google Safe browsing.
AdGuard has, but it's not very good as seen in the extension testing thread by @Evjl's Rain.

I have restored a system image after experimenting, and now I will be using Edge, Firefox and Brave. Still not sure if I am going to install Adguard along with AVG because I am not sure if they will play nicely together.

So, for the whole Microsoft (Defender and SmartScreen) experience you should be using Edge.
But if you don't want that and I can understand your reasons for that, see if you can add Bitdefender TrafficLight to Waterfox.

I did not like the fact that I need to use Edge to get the best of MD protection. Now I do not need to worry about that because I am covered with AVG web protection now which is quite effective.
Regarding Waterfox, for some reason it works smoother than Firefox on my device and that is why I like it and I was planning to either install BDTL or MBBG, but now I have decided to use Brave and installed Firefox (just for the sake of using sth which is not chromium-based)

but it's wrong to claim that F-Secure has no advantage compared to MD/WD

I totally agree with you, but I was talking about my case. F-Secure does not come with a firewall or any other "fancy" components, so both MD and F-secure provide essential protection. But let us not forget that MD comes preinstalled in Windows, so I did not find myself missing anything in F-Secure but the fact that it is much lighter than MD.

I can confirm from my testing, Google Safe Browsing is on Chrome more powerful than on any other chromium-based browsers, there is a difference for about 30 minutes delay to check on the latest database instead Google Chrome itself has always the fastest access in real-time!

Google does not allow me to purchase extra storage (for Palestine is not supported) and I am not using Android, so I am not going to install Chrome. Is the 30-minute delay in Safe Browsing in Chromium-based browsers a security risk? What are my chances of coming across a malware or a phishing site that was just blocked in Chrome, but not yet in Brave? Pardon my ignorance, but I see it very unlikely.

 

[harlan4096]

Please kindly edit Your config with new changes (EEK for example), thanks...

 

[Jan Willy]

A rather staggering conclusion. You and silversurfer have convinced me. Thanks. I will not test it. I don't use Chrome and neither the Adguard extension. Adguard Desktop serves me well in many ways. It comforts me that this app not only relies upon Google Safe Browsing. In NextDNS I've never activated this option.

Regarding NextDNS I like to point out that they also not only depend of Google Safe Browsing. Effective options are the blocking of newly registered domains (especially phishing-sites) and the threat intelligence feeds. See metadata/threat-intelligence-feeds.json at master · nextdns/metadata · GitHub
And to whom it concerns, Microsoft Defender does also very well in blocking malicious sites (not only in MS Edge).

 

[silversurfer]

Google does not allow me to purchase extra storage (for Palestine is not supported) and I am not using Android, so I am not going to install Chrome. Is the 30-minute delay in Safe Browsing in Chromium-based browsers a security risk? What are my chances of coming across a malware or a phishing site that was just blocked in Chrome, but not yet in Brave? Pardon my ignorance, but I see it very unlikely.

Phishing is easier to avoid as we just need safe habits while browsing and common sense
For the chance of malware, when we downloading files it will be always checked on database (Google Safe Browsing) for known file hash, especially unknown files as .exe (rarely seen before) will be blocked as "dangerous" even on Brave the same than on Chrome. The difference (delay) seems to be how often the database of Google Safe Browsing is updated by Brave, Firefox, Vivaldi, etc.
Chrome has always access to own updated database in real-time.
The same is the case for Microsoft Edge to access the own database of "SmartScreen".

Finally, the most secure choice: Google Chrome or Microsoft Edge

 

[Divine_Barakah]

Microsoft Defender does also very well in blocking malicious sites (not only in MS Edge).

Well, family members use an Egyptian website for stream movies and series and this site redirects you to many infected and dangerous urls. Both Kaspersky and AVG go crazy when they visit this site but I never seen MD blocking anything.

 

[ForgottenSeer 85179]

Phishing is easier to avoid as we just need safe habits while browsing and common sense
For the chance of malware, when we downloading files it will be always checked on database (Google Safe Browsing) for known file hash, especially unknown files as .exe (rarely seen before) will be blocked as "dangerous" even on Brave the same than on Chrome. The difference (delay) seems to be how often the database of Google Safe Browsing is updated by Brave, Firefox, Vivaldi, etc.
Chrome has always access to own updated database in real-time.
The same is the case for Microsoft Edge to access the own database of "SmartScreen".

Finally, the most secure choice: Google Chrome or Microsoft Edge

Even the delay isn't a problem if BAFS and/ or ASR rule " block executable unless they meet a prevalence, age, or trusted criteria" or using Andy's

Q&A - Windows Defender Delay Protection. | MalwareTips Community​

 

[silversurfer]

Even the delay isn't a problem if BAFS and/ or ASR rule " block executable unless they meet a prevalence, age, or trusted criteria" or using Andy's

Q&A - Windows Defender Delay Protection. | MalwareTips Community​

Of course, it's true, but we should always mention that both BAFS & ASR rules aren't enabled by default on MD/WD, as you said just using tools by @Andy Ful or tweaking manually related settings via Group-Policy.

Anyway, the "question" before was about web-protection on browser level for chromium-based browsers, that's a different context in this case than protection features by Microsoft Defender.

 

[oldschool]

I have decided to install Brave browser. Is it OK if I do not give Brave admin privileges during installation?

It will install in C://User/.../AppData.

Will contribute in anyway to my security?

I'm not sure, but I do know that AppData is a favorite target of malware.

 

[Divine_Barakah]

but I do know that AppData is a favorite target of malware

hmmm. I completely missed this point. Maybe some other members give us more info?

 

[oldschool]

hmmm. I completely missed this point. Maybe some other members give us more info?

C://Programs and C://Programs (86x) are protected by native Windows protection, but AppData isn't.

OTOH, I don't believe installing a browser with Admin priviledges is the same as running it in Adminstrator mode, e.g. like the bug in early versions of Edge Chromium, but someone will correct me if I'm wrong.