Nothing is going to protect you against competent hackers.
At least, if you are targeted.
Nothing at all? And yes in the case of being targeted. Absolutely nothing?
use windows s it should be hard to infect even in a targeted attack
Windows S is nearly as secure as an Xbox even if you exploit blink there are extra sandboxes you have to deal with and all kinds of memory checks that will make your life inconvenient especially if you enable security mitigations for a more secure browser experience (disables v8 and enables mitigations that aren't supported by jit as it disables jit )
If hacker wants to attack you, there's nothing that will protect you. Fortunately for you, hackers never attack typical (home) users; they only attack enterprises because that's where money is. Why attack you, the average user when there's a company with millions in their bank account?
Indeed. Unless you have very sophisticated enemies.
Precisely this, with the addition of safe surfing habits. And remember to stay safe, not paranoid.
And don't forget about the Faraday Cage to house all of it!
Some of us are a bit of a defeatist when it comes to dealing with hackers. You put in your defense layers and he tries to break thru. If you have an EDR you may catch the attack upon reviewing your alerts, but he's already inside. So then you re-image, add a block to block his attack. And add some more defense configs. He will notice that his C2 component is gone, and try again. The game goes on. The problem for the defender is that he has to spend time to review + investigate the EDR alerts, the alerts are just suspicous things, and may mean nothing. And for the defender, all it takes is one mis-configuration, one vulnerability, one human error; that is if the attacker finds and exploits it. The attacker does not have a guarranteed win, but he has a good chance. You have to be dilligent, always learning, always looking for improvements, thinking like an attacker and ways to twart him and always monitoring for attacks. Knowing all the various methods of attacks helps, pick up a book on the Comptia Security+ certification, Amazon.ca it provides good coverage on that and more. Easy read. It also has a chapter on defense frameworks that teaches you where to find guidance to get good defense coverage.Those frameworks can be used as a checklist of what to implement. Better to spend money on knowing the whole picture than just jumping onto an AV and praying. After learning the Security+ curriculum, you will be spending money more wisely.
Unfortunately 99.9 % of computer users cannot do what you just described.
If you harden stuff really good, run default Deny and zero trust and monitor the system constantly... I'd say that even for a targetted attack, you'll break the killchain somewhere lol
The OP asks for what to do if he is a target. The answer is that he has got to be able to defend himself. Corp security analysts do these things. They have also studied got the certifications. It is not impossible. But, it is usually team work. So what the OP has to do is scale it down and schedule the work. Come home from work, cook, eat dinner, wash dishes, then sit down and do 45 mins of EDR alerts. If his PC's are turned off while at work, then maybe he could do EDR reviews every other day. Every weekend, schedule 2-3 hrs for security improvements or research. And depending on which framework he chooses to follow, he would have to schedule to do security audits lets say every 6 months or so. It's perfectly doable, it would become a regular thing, especially if he is already interested in security. It's either that or get pwned.
Sophisticated enemies. You cannot protect against. You cannot hide from. You cannot run from. They are everywhere but nowhere all at once.
