Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,602
SRP uses Designated File Types list to block files by extension. For example, you can block CHM files (and many other) outside 'C:\Windows' and C:\Program FIles' folder without blocking the executable hh.exe that can open them. You can also directly block shortcuts (LNK files) etc. So, the happy clicker cannot be fooled by the file with the spoofed extension, because it will be blocked.I really appreciate your work mate @Andy Ful , but how is SRP more usable?
Furthermore, you can block many vulnerable executables from Windows folder without breaking Windows Updates and system scheduled tasks, because they are usually blocked by SRP only as standard user and allowed to run with higher rights.
Generally SRP configuration is simpler from WD Application Control.
SRP can be applied in Enterprises networks, but to get the similar security level as in the case of WD Application Control, SRP has to be very restrictive, so less usable.
.
All the above is true. I think that you understand the home user as an inexperienced or average user. I did not mean it. The home user is the user that has the computer connected to the home network under the NAT router. That is a big difference as compared to the user in the Enterprise network. I do not recommend configuring SRP (with or without Hard_Configurator) by inexperienced users. As you noticed, even already configured SRP setup requires supervising by an experienced user, from time to time.Why nobody talks about more important factor, that most home users are "click happy" and don't pay attention to any security alerts and if some comes up or "in their face" like Smartscreen alert, they just click yes to get it faster out of their way without reading any information what its for. If family have no one to ask computer help, they have to call someone tech like. And most people 50+ who didn't born with tablets and pc's in their hands, will not do manual way seeking for problem help in Google or MalwareTips example. I can set SRP for my other 5+ family windows systems, but if I wasn't there for them, default-deny would NOT be the best security solution.
That is the point we do not agree. In my opinion, SRP is quite good for:SRP is best for Business/corp oriented systems where employes are not allowed to install additional programms and just use work oriented applications.
- Small business.
- Home - when computers can be supervised by an experienced user.