Advice Request If you could pick only one program for protection.

[roger_m]

Can trust China AVs?

Sure, why not But seriously, I think that rather than not trusting all software from a particular country, you should treat all software on a case by case basis. I use plenty of Chinese software, including 360 Total Security and the browser I'm typing this on.

 

[93803123]

Their history shows they aren't interested in this forum, or average consumers

That seems to be the case for the vast majority of the publishers. Even the ones that sell very heavily into the consumer markets.

 

[93803123]

So, you would be probably wrong. It is as true as saying that any human is just a mammal.
I will try to explain my experience with AppGuard (I was a beta tester for some time).

Appguard is designed for semi-static setup. You can adjust it to get no alerts, but this is not a task for an average user. If AppGuard is properly configured, then the computer protected by AppGuard can be used by the average user. People who install frequently new applications will not be happy, as you could see by yourself.

If you will try to run something from the folders normally available to non-admin user (for example from the Desktop, USB drive, etc.) then it will be usually blocked (scripts, unsigned programs) or restricted, to prevent the infection of System Space. The restrictions are similar to sandboxing (with memory and registry guard) because they are automatically applied also to child processes. This is the first layer that can protect the system.

The second layer includes Guarded Applications installed in System Space (web browsers, Office applications, media players, webmail clients, etc.). They are restricted similarly to those from the first layer.

There are also other features like: IstallGuard (for MSI installers), ProtectedFolders, Publisher List, Power Applications, TamperGuard, Privacy Mode, Privacy Folders. The full info can be found in AppGuard manual:

https://www.appguard.us/wp-content/uploads/2019/05/AppGuard_Solo_User_Guide6_0.pdf

Generally, AppGuard is suited as a companion to any AV, and this is strong protection against all kinds of malware (including fileless).
I hope that @Lockdown (former MT member who worked for AppGuard) forgive me if I missed something important.:emoji_pray:

It comes down to what works best for the user.

SRP is simple ON-OFF. That makes it possible to add\remove software hourly.

For school I set up my laptop and I don't like changing it. I have put on it what I need to do. There's no need to change it. I've learned through experience that I wont find anything better than what I've chosen. I find constantly installing and uninstalling software to be disruptive. Annoying. But whatever, very few people are like me.

I would think that most people here avidly change their systems

 

[Thales]

Discreete Linux looks dead though.

Not dead it is in Beta stage. However the devs are kinda slow.

 

[93803123]

Not dead it is in Beta stage. However the devs are kinda slow.

It is a dead project. Releasing a BETA version in 2016 and then nothing afterwards means it is dead. It is 3-years dead. Probably ran out of money or key people left.

This illustrates the fundamental problem with FOSS.

 

[Thales]

It is a dead project. Releasing a BETA version in 2016 and then nothing afterwards means it is dead. It is 3-years dead. Probably ran out of money or key people left.

This illustrates the fundamental problem with FOSS.

You are probably right! My eyes are not getting better and I saw 2018 instead of the 2016. My bad :emoji_cold_sweat:

 

[ForgottenSeer 58943]

Sure, why not But seriously, I think that rather than not trusting all software from a particular country, you should treat all software on a case by case basis. I use plenty of Chinese software, including 360 Total Security and the browser I'm typing this on.

In the case of some countries, you can't really treat it as a case by case basis because these are authoritarian regimes where the govt. trumps all corporate interest and they don't have things like the Constitution to fall back on. There is nothing a company can do when compelled to comply by simple mandate from the current regime. Also given the history of some countries, their lust for telemetry/data, corporate espionage, sabotage and patent theft I think it really mandates that we simply avoid some countries products overall, and not render judgement based on a case by case basis.

We should be careful about where the products we use/install/purchase come from. Especially in the case of the aforementioned country which routinely is found to be in violation of safety standards, privacy, and lacking intrinsic consumer protections.

 

[ForgottenSeer 58943]

Not dead it is in Beta stage. However the devs are kinda slow.

Linux can progress glacially slow. But given the stable, secure, and boot-method of Discreet you aren't using it as an installed OS. Many of the privacy oriented Linux Distros have sort of all gone into development holding patterns and some, like Liberte' have been abandoned.

Here's a list of a few privacy oriented ones. Kodachi is very popular but less likely to please newbs. Tails is pretty popular. As with all Linux Distros, you need to try a few to find one that suits you for the purpose you want it for.. As with Linux in general, it's convoluted, lackluster, and filled with half completed projects.

10 Most Secured Linux Distros For Advanced Privacy & Security

A PC or laptop without any security measures becomes exposed to the possibilities of being attacked. Linux is one of the most popular operating systems used

www.analyticsindiamag.com

I might move to Debian on my small, lower powered, but highly secure notebooks (they replaced Chromebooks) since my wife needs permanence on her notebook.. It will take some effort to re-pack the distro how I want it though but in the end it will be an LTS solution and very secure.

 

[simmerskool]

Idk, maybe until Linux is a thing? Personally, I can't go down the road MS has gone with 10. 10 ruins the experience of the business machine for me...

hummm can you elaborate? I've been running win7, but just installed 2 vm guests Ubuntu 18.04 LTS and win10 pro. so far for me, w10 has been ok, or even better than expected. Ubuntu good too.

 

[Handsome Recluse]

Linux can progress glacially slow. But given the stable, secure, and boot-method of Discreet you aren't using it as an installed OS. Many of the privacy oriented Linux Distros have sort of all gone into development holding patterns and some, like Liberte' have been abandoned.

Here's a list of a few privacy oriented ones. Kodachi is very popular but less likely to please newbs. Tails is pretty popular. As with all Linux Distros, you need to try a few to find one that suits you for the purpose you want it for.. As with Linux in general, it's convoluted, lackluster, and filled with half completed projects.

10 Most Secured Linux Distros For Advanced Privacy & Security

A PC or laptop without any security measures becomes exposed to the possibilities of being attacked. Linux is one of the most popular operating systems used

www.analyticsindiamag.com

I might move to Debian on my small, lower powered, but highly secure notebooks (they replaced Chromebooks) since my wife needs permanence on her notebook.. It will take some effort to re-pack the distro how I want it though but in the end it will be an LTS solution and very secure.

Adguard's Social Media filter blocks the content of the site.
Why Debian/non-Ubuntu Debian-based distros specifically?

 

[ebocious]

It comes down to what works best for the user.

SRP is simple ON-OFF. That makes it possible to add\remove software hourly.

For school I set up my laptop and I don't like changing it. I have put on it what I need to do. There's no need to change it. I've learned through experience that I wont find anything better than what I've chosen. I find constantly installing and uninstalling software to be disruptive. Annoying. But whatever, very few people are like me.

I would think that most people here avidly change their systems

Which explains why it did not work well for me.

I can think of other setups which work better for largely static setups. Deep Freeze, Bitlocker... don't like them.

Thanks for the explanation Andy.

Maybe this can help? How to use AppGuard

 

[ForgottenSeer 58943]

Maybe this can help? How to use AppGuard

In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?

 

[Burrito]

In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?

True.

I was not going to go into it... but yes, it is not a matter of not understanding AppGuard. I used it.

It's a matter of being uninterested in AppGuard.

Even though security nerds love the concept of default-deny..... I'm over it.

No longer interested.

 

[ForgottenSeer 55474]

Hello, Vodoo-Shield Pro

 

[ebocious]

In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?

Sorry if I came across as condescending. I believe @Burrito mentioned at one point that he'd gotten a lot of alerts, and was surprised that people were commenting on AG being quiet. I wanted to post this for people who may be interested, but are unfamiliar with AG.

Blue Ridge makes a bold claim that their customers haven't reported a single breach in 20 years. Whenever somebody has said they could defeat it, it always seemed to be with physical access. So if you're concerned about your nephew coming over and installing infected crapware, then I might suggest a limited account and UAC at always notify.

 

[ForgottenSeer 58943]

Appguard causes so many issues. I installed it today again to test. Played a steam game, it failed to exit the game correctly, locking up system. Disabled AG, it worked fine. EA's Alpha test of their streaming service, ran that, failed. Disabled AG, it worked.

Honestly, it may have uses, but not on a daily-driver, and certainly not on a gaming rig. I can see where installing on a stable, mostly web-browsing/office product use system for max protection might be fine. But otherwise, more trouble than it's worth IMO.

 

[ebocious]

Appguard causes so many issues. I installed it today again to test. Played a steam game, it failed to exit the game correctly, locking up system. Disabled AG, it worked fine. EA's Alpha test of their streaming service, ran that, failed. Disabled AG, it worked.

Honestly, it may have uses, but not on a daily-driver, and certainly not on a gaming rig. I can see where installing on a stable, mostly web-browsing/office product use system for max protection might be fine. But otherwise, more trouble than it's worth IMO.

Probably so. That might explain why Blue Ridge doesn't market to consumers. I can see AppGuard causing problems on a gaming rig, but saying it doesn't work on a daily driver raised my eyebrows. I use it on a daily driver, and my reliability history is a flatline 10.0 all the way back to before it was ever installed.

Gamers and download junkies would probably be better off without AG. But of course, I can't see myself playing Steam games and banking on the same unit, anyway. A gaming rig should be something you are free to tinker with, crash, and redo; not a productive machine that needs to stay up and running. And for God's sake, I hope you know better than to be playing MMORPGs on a unit that stores sensitive information. That's just begging for trouble.

 

[ForgottenSeer 58943]

Probably so. That might explain why Blue Ridge doesn't market to consumers. I can see AppGuard causing problems on a gaming rig, but saying it doesn't work on a daily driver raised my eyebrows. I use it on a daily driver, and my reliability history is a flatline 10.0 all the way back to before it was ever installed.

Gamers and download junkies would probably be better off without AG. But of course, I can't see myself playing Steam games and banking on the same unit, anyway. A gaming rig should be something you are free to tinker with, crash, and redo; not a productive machine that needs to stay up and running. And for God's sake, I hope you know better than to be playing MMORPGs on a unit that stores sensitive information. That's just begging for trouble.

Gaming rigs are gaming rigs. I consider them compromised devices. So sensitive information wouldn't be stored there unless precautions are taken, like a dual boot system with a segregated drive and active encryption. However, to be honest, anything really sensitive wouldn't even be on a computer capable of connecting to the internet at all.

However, in all fairness, how do we define 'sensitive' information for the average consumer? What does sensitive entail? We're not dealing with state secrets, and the simple act of using a good password manager, anonymous browser, VPN, and file encryption is going to be more than enough to guard those family photos and resumes. (even on gaming rigs) Financial accounts are generally by default well protected these days. Anyone that has tried to login to their Chase Account from a different device/IP/location/browser knows the struggle is real and any compromise of a card/account is protected and insured anyway.

Personally, I would classify my own sensitive information as things like medical records, birth certificates, various legal documents, registrations, stock options and other such things. None of those would ever see life sitting on anything connected to the internet. They're physically locked in a safe. Family photos encrypted, then placed on an encrypted zero knowledge cloud drive is going to exclude any potential compromise and deploying them on that is supremely easy to accomplish.

 

[ebocious]

Gaming rigs are gaming rigs. I consider them compromised devices.

Which defeats the purpose of installing AG on them, unless you have money to burn.

However, in all fairness, how do we define 'sensitive' information for the average consumer?

Anything that pertains to you or your finances. Address, phone, DOB, SSN, DL, CC/bank account, medical/legal documents... etc. Even your email address is valuable.

Financial accounts are generally by default well protected these days. Anyone that has tried to login to their Chase Account from a different device/IP/location/browser knows the struggle is real and any compromise of a card/account is protected and insured anyway.

Really?
97% of the world's largest banks are vulnerable to web and mobile attacks

 

[Burrito]

However, in all fairness, how do we define 'sensitive' information for the average consumer? What does sensitive entail? We're not dealing with state secrets...

But you are Sly.

People here are pretty much onto you.... you are some kinda secret-squirrel Military Intelligence Industrial Complex guy.

I personally don't hold that against you though.

I support your good work.

(Any phone taps that indicated otherwise are just jokes..)