Danger ichito's setup for Vista

[Deleted member 178]

@Umbra Is this config used by company's like Emsisoft or they create their special one.
I just want to know how industry uses protection suites nothing else.

Many companies uses classic suites like everybody else but the enterprise version which gives more control over the system and allow management of several machine at same time, they do because it is simple to setup, also all depend on how skilled is the sysadmin, the security requirement of the company, the financial resources allowed on security, etc...

I know some companies using only Windows Enterprise's built-in security, setting it via Group Policies and Applocker (an SRP) to secure each machine and using hardware appliances to secure the whole network. Those company won't use any AV or security softs.

 

[ichito]

Hi @Andy Ful and @Umbra
Nice to see you guys in this place although I know Umbra is here an Developer Your mentions friends are very flattering so it's very nice and can be a proof that my conception is actually not so pointless. Yes...I agree with "risky" classification of my setup and with fact that it's not for every/average users. I'll consider option to enable UAC feature...so maybe it makes my setup not "risky(?)

About "protected/restricted"...below there are some screenshots with such settings
- protected ("Instalki" it's the archive of installation files - ca 11,6 GB and 5900 files..."Moje Dokumenty" - every my private documents/files..."Robocze" - not yet classified files/documents my own or from my family)

-restricted (two screenshots)

 

[Deleted member 178]

hi @ichito

Yes...I agree with "risky" classification of my setup and with fact that it's not for every/average users.

Just put a line under your config that mention it.

I'll consider option to enable UAC feature...so maybe it makes my setup not "risky(?)

It may be enough, i made the rules when i was mod charged of this section and indeed UAC is a strong requirement.
Anyway, there is no problem to have the risky badge because it is not intended to judge you but warn the poster and unaware members that doing as such is risky.
Don't force yourself to change it if you don't really want it.

 

[Andy Ful]

Hi @Andy Ful and @Umbra
Nice to see you guys in this place although I know Umbra is here an Developer Your mentions friends are very flattering so it's very nice and can be a proof that my conception is actually not so pointless. Yes...I agree with "risky" classification of my setup and with fact that it's not for every/average users. I'll consider option to enable UAC feature...so maybe it makes my setup not "risky(?)

About "protected/restricted"...below there are some screenshots with such settings
- protected ("Instalki" it's the archive of installation files - ca 11,6 GB and 5900 files..."Moje Dokumenty" - every my private documents/files..."Robocze" - not yet classified files/documents my own or from my family)
View attachment 170824
-restricted (two screenshots)
View attachment 170825View attachment 170826

Nice to see you on MalwareTips.
If I correctly understand, you cannot execute from 'Protected Folders', but you can modify/delete files there.
And you put web browsers and documents viewer on the 'Restricted Apps' list, so they can write only to the selected 'Folders with write access'.

 

[ichito]

Nice to see you on MalwareTips.
If I correctly understand, you cannot execute from 'Protected Folders', but you can modify/delete files there.
And you put web browsers and documents viewer on the 'Restricted Apps' list, so they can write only to the selected 'Folders with write access'.

Protected folders can be accessed/modified only if process is allowed to do so...they can be office apps, pdf/image browsers nad of course explorer.exe and file manager.
Two folders with documents aren't restricted...although it could be good idea to consider (?)
Third folder - Instalki - is protected and in the same time is restricted becouse it consists mainly executable.
Folder for downloaded content is restricted and it has write access...we need place to save files from internet.
Yes...restricted apps need their own folder accesible to write data...the same with removable drives.

 

[Quassar]

Its just rage laught when i see ichito got status "risky"
And later i'm reading user post askalan where he told bad Real Time. While he use Shadow Defender with SpyShelter <facepalm>

Im just wonder what ppl have here a requirements..
If smb disable poor windows features and use other a lot more effective alternative software/tools..

Than comes MT stuff rage marked you as risky xD Becasue they are funboys of Microsoft proofs xD

 

[harlan4096]

It's me who tagged as risky this config (currently moderating this section), and You can read the reasons at @Umbra and @Exterminator posts in this thread

Also, I'm not a fanboy of Microsoft

 

[Andy Ful]

For an average user, every config with ShadowDefender or SpyShelter can be risky. Why? Because the average user will not understand either of them. He/she will try to commit the whole Windows folder, and after two hours of committing, he restarts the system to see BSOD. He/she will ignore SpyShelter alerts or configure it in a way that will make the OS unusable.
So, @ichito and @Quassar security configs are safe and useful only for advanced users, like the Japanese katana is safe and useful for the samurai, but not for a child.

 

[509322]

For an average user, every config with ShadowDefender or SpyShelter can be risky. Why? Because the average user will not understand either of them. He/she will try to commit the whole Windows folder, and after two hours of committing, he restarts the system to see BSOD. He/she will ignore SpyShelter alerts or configure it in a way that will make the OS unusable.
So, @ichito and @Quassar security configs are safe and useful only for advanced users.

The average user cannot figure out how to use Windows or Windows Defender.

 

[Andy Ful]

The average user cannot figure out how to use Windows or Windows Defender.

Yes, sir.

 

[509322]

Yes, sir.

Which amazes me since PCs have been a part of school and university classroom instruction for decades in at least half of the world for decades.

So you tell me, are people not paying attention, just not inclined, dumb, stupid or what ? - because they have certainly been exposed to PCs and have used them.

 

[Rengar]

The average user cannot figure out how to use Windows or Windows Defender.

The average user shouldnt use a computer at all.

 

[Quassar]

For first The ) casual - typical user dont know about other progams / layers security.. he know only AV.... even no firewall. Because to hard for decide "allow" or "block" and to lazy for open/search list in options and change it if piervously taken wrong decison. Later spam on some forums like pc games for blame game becasue its not connect with server

2nd things is Microsoft realy don't help at all.
Somes features which is rly must have are not basicaly turned ON and hided somewhere deep in system resource when even advanced user with realy good tutorial have still problem turning ON it and propertly configure it becasue is has unfirendly setup.

for expample configure SRP in Windows xp and 7 Hardening Windows XP with Software Restriction Policies

3)Windows 10 which make me totaly mixed mid and still dont know what thinks about it..
From one side is have totaly a lot better basic secure than older verison and finally Windows Defender work how should be long time ago.

.. but... but... Its make burdel in system and punish to install tons unwanted Programs and Games which still can somehow rollback after delete it during next update which is F*^*^ing ridiculous.

Agresive spying and colecting your data for myself usage and not only myself, other apps/vendors also spying which are included to your system.
So despite implemented security. By doing so you expose the user to greater damage

 

[Transhumana]

Which amazes me since PCs have been a part of school and university classroom instruction for decades in at least half of the world for decades.

So you tell me, are people not paying attention, just not inclined, dumb, stupid or what ? - because they have certainly been exposed to PCs and have used them.

It depends a lot both on subject curriculum and teacher's will to teach you anything out of strictly defined guidelines. I believe it's somewhat better now, but when I took the optional informatics class in primary school, when we weren't busy only with making different shapes and christmas trees in QBasic, we were mostly spending our time playing Doom 2. In high-school it was even worse; it was a mandatory subject only in first year where you learned some tiny bit of theory (mostly factography) and had some even tinier bit of practice without a single discussion on the subject of cybersecurity. If I didn't have enough intrinsic motivation to learn things on my own, I wouldn't have known much more other than have to make a .ppt presentation.

 

[Andy Ful]

Which amazes me since PCs have been a part of school and university classroom instruction for decades in at least half of the world for decades.

So you tell me, are people not paying attention, just not inclined, dumb, stupid or what ? - because they have certainly been exposed to PCs and have used them.

This is the same as with mathematics. People can learn it many years, and in the end, many remember only multiplication and addition tables. And there are not dumb, some are professors in the universities.

 

[Andy Ful]

The average user shouldnt use a computer at all.

Maybe, the average user should use the guy who can use a computer?

 

[Andy Ful]

Back to @ichito config. Maybe, it would better to classify such config:
Risky for average users.
Safe only for advanced users.

 

[Deletedmessiah]

The average user shouldnt use a computer at all.

Now I think about it, iOS devices are really perfect for basic users. Other than their price and itunes.

 

[Deleted member 178]

Maybe, the average user should use the guy who can use a computer?

Are you mentioning my ex-girlfriend and me ?

 

[Andy Ful]

Are you mentioning my ex-girlfriend and me ?

You were very lucky while not being used to death. Some people were married, and have to suffer silently.
Every rose has its thorns.