- Mar 29, 2018
- 7,710
I'm pulling your geek card.
Impossible! I never had one!
Please provide comments and solutions that are helpful to the author of this topic.
I'm pulling your geek card.
I'm afraid these attempts to save face are taking us way off topic.
Ultimately I'm sure you are right & if i lived alone I could & would implement such things but I don't & have 4 children with respective partners, grandchildren with a plethora of devices in laws galore with devices all who visit and stay, to prevent internet access would be seen as unreasonable. I've got to 60 without to many problems & what I do now has to be good enough.Infections can come from anywhere. Despite being 'careful', your threat surface is going to be significant by merely using a Microsoft based operating system. As careful as you want will often not matter in the end as we've seen countless times from exploits implanted in popular web pages. Update channel compromises, etc.
Your only real choice for 1 single protection on a Microsoft OS is going to be a full lockdown/default deny. Regardless of the product, that's what is going to protect you well enough through a variety of attacks.
IoT is a huge problem. Most of it is not protected (at all). Most of it is fully exposed on the WAN. Significant numbers of IoT are pre-consumer compromised, reaching back to Chinese Military hubs right out of the box. If you have IoT and have it sitting behind a normal router you are bleeding data and have a large threat surface. You need some kind of UTM Router to fix this. For example you can place Gryphon into full blacklist mode, then whitelist exactly what the IoT needs to communicate with (usually AWS). Otherwise your WiFi enabled Fridge or Washing Machine is a very real, easily exploitable attack surface into your internal network.
But once again, unless you lock down windows, and consider it a high risk environment (which it is), and develop a default-deny type of profile which whatever product/method you choose, you are at risk.
PS: It's another issue, but one should ask why our govt. doesn't require security aspects in IoT deployed throughout the USA. Cars have to meet safety requirements and crash tests, IoT needs minimum acceptable standards. Our govt. is completely inept at all of this and the 70 year old full time politicians are about as intelligent as house flies.
If you look back to my original post, I named my two favorites, and gave explanations as to why. I had a question about KIS, and was glad I asked it, because the protection was less than future-ready. I consider it relevant in a thread about best singular security app to discuss why it would or would not be ready for Prime Time. Are you going to tell me that you consider that less relevant in this thread, than just saying "AV + safe browsing?" I rather doubt that.You are incorrect. This discussion about exploits, means of infection, chances of infection, etc. are off-topic. The topic is: If you were limited to one security app what would it be? Not, what it the best app? Not what are all the infection vectors? Etc.
I've got to 60 without to many problems & what I do now has to be good enough.
Exactly. The longer we coddle those who wish to avoid the technical aspect, the more danger we expose them to. Criminals aren't sitting around, waiting for security companies to catch up. They're evolving, and working on AI malware that can sit on a server, probe a visiting client for vulnerabilities, and open fire on those vulnerabilities as if a live hacker were attacking that computer directly. This isn't a game. Cybercrime is the #1 largest criminal industry in the world for a reason. These guys play for keeps.It's evolved to the point where most people are simply unaware that what they are doing is more than likely inadequate. What's the long term consequences we will be grappling with from all of this? It's hard to say, but all of this is going to have some negative impact down the road and the only people that will be safe from the implications are those that have taken privacy and security seriously. (seriously as in way beyond normal consumer level mentality)
You can be. The only times that my systems have ever been infected, is when I've manually opened an infected file. I've never been infected just by visiting a compromised website.People are NOT safe with AV + good browsing habits. I know this from personal experience.
On XP systems, it was possible to get infected just being connected to the internet. This changed when Service Pack 2 was released, as the Windows Firewall was now enabled by default.I had a fully up-to-date system and up-to-date 3-pronged security suite provided by my ISP in October of 2006. And next thing I knew, SQL Slammer and Stack Bot were all over us. I reimaged my system three times, only to get reinfected again within minutes each time. I stopped it by adding ISS BlackICE. Paranoia is better than overconfidence IMO.
I've visited thousands of safe and potentially unsafe websites over the years and not once have I got infected. I've even visited plenty of websites, where either my browser or Google - if I was clicking on a search result, warned me against visiting.MT doesn't exist to assure people that all you need to do is install AV and don't visit any dodgy websites. If you have any real experience, then you know as well as I that most infections come not from bad websites, but from good websites that were hacked by a third party. So safe browsing habits don't cut it.
Exactly. The longer we coddle those who wish to avoid the technical aspect, the more danger we expose them to. Criminals aren't sitting around, waiting for security companies to catch up. They're evolving, and working on AI malware that can sit on a server, probe a visiting client for vulnerabilities, and open fire on those vulnerabilities as if a live hacker were attacking that computer directly. This isn't a game. Cybercrime is the #1 largest criminal industry in the world for a reason. These guys play for keeps.
The above-mentioned threats are not limited to gamers, swingers, and pirates; they affect 80-year-old women who never get on the computer except to check their email, or visit Betty Crocker and Jo-Ann Fabrics. Once upon a time, anyone with a little practice behind the wheel could take a car out on the road. Today, we license people to drive. Security researchers have been saying for the past 15 years that we need to start doing the same thing for the Internet. It is estimated that about a third of all computers connected to the Internet are infected, in many cases unbeknownst to the user. An identity is stolen every two seconds. These are not ho-hum facts of life; they are real problems that we have as yet failed to address.
The last time I got infected was in 2006, and I had a firewall. SP2 came out in 2004.On XP systems, it was possible to get infected just being connected to the internet. This changed when Service Pack 2 was released, as the Windows Firewall was now enabled by default.
First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.I've visited thousands of safe and potentially unsafe websites over the years and not once have I got infected. I've even visited plenty of websites, where either my browser or Google - if I was clicking on a search result, warned me against visiting.
I agree that an up-to-date system is fairly well protected. But again, hackers are working on AI kits to plant on legitimate websites, and bombard visiting computers directly. If you want to keep advocating for AV + safe browsing, do it on Facebook, not here. Geek card pulled.If you've got an updated system, then the chance of getting randomly infected, without manually opening an infected file, is very slim.
Without updates, it can be a different story. I once had a work system infected from just visiting a website. An outdated version of Java, was most likely the cause.
I know that I never get infected. Zemana, Malwarebytes and other scanners, only ever find harmless PUPs that I've installed myself and never find actual malware.First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.
I'm not advocating for anything. That should have been clear. I'm just talking about my own experience over many years.I agree that an up-to-date system is fairly well protected. But again, hackers are working on AI kits to plant on legitimate websites, and bombard visiting computers directly. If you want to keep advocating for AV + safe browsing, do it on Facebook, not here. Geek card pulled.
I'm happy for you.I know that I never get infected. Zemana, Malwarebytes and other scanners, only ever find harmless PUPs that I've installed myself and never find actual malware.
It should have? Then why bring it up, in a thread about single best app for protection?I'm not advocating for anything. That should have been clear. I'm just talking about my own experience over many years.
First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.
I appreciate your concern. But long-time and well-known fail to impress me, especially when we are dealing with a global pandemic which real experts (not long-time members of an anonymous forum) admit we are ill-prepared for.Dude, you need to pull it back a notch. I agree with a lot of what you say. I've indicated that.
Roger is a long-time well-known expert both here and at Wilders. You've interacted negatively with others who are also 'known.' You're coming across as disrespectful... even bitchy.
Drop the edge and gigantic chip on your shoulder.
Express yourself fully.... but respectfully.
Your Buddy,
-Burrito
I appreciate your concern. But long-time and well-known fail to impress me, especially when we are dealing with a global pandemic which real experts (not long-time members of an anonymous forum) admit we are ill-prepared for.
I came to this thread to post which programs I believe offer the fullest protection, and why. I posted my concern about a couple of popular recommendations, which drew ire from people with personal attachment to these programs, as well as others who are telling me that all you need are AV and safe browsing.
I didn't instigate any of these arguments, if you might notice. I've had half a dozen people come and try to tell me off, and I have refused to back down from what my own personal and professional experience have revealed. If you want me to lie, or roll over for the "old timers," I'm sorry. I can't do that. I've said at least twice that we should get back to the topic at hand, and people (including the venerable Roger) have failed to do so.
I promise you, if you knew me in person, you would find that I am one of the most passive individuals in my circle (INFP). But one thing INFPs are known for is standing our ground when a value is threatened. I value MT as an informational forum, while some are treating it as a social forum. If somebody comes knocking at my door, I answer.That was a relatively reasoned and respectful reply.
So I'll take that as a success.
Cheers.
Ask a professional security researcher if AV + safe browsing are enough..... I will bet you money they disagree.