Advice Request If you could pick only one program for protection.

Please provide comments and solutions that are helpful to the author of this topic.

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,710
I'm afraid these attempts to save face are taking us way off topic.

You are incorrect. This discussion about exploits, means of infection, chances of infection, etc. are off-topic. The topic is: If you were limited to one security app what would it be? Not, what it the best app? Not what are all the infection vectors? Etc.
 
F

ForgottenSeer 58943

Infections can come from anywhere. Despite being 'careful', your threat surface is going to be significant by merely using a Microsoft based operating system. As careful as you want will often not matter in the end as we've seen countless times from exploits implanted in popular web pages. Update channel compromises, etc.

Your only real choice for 1 single protection on a Microsoft OS is going to be a full lockdown/default deny. Regardless of the product, that's what is going to protect you well enough through a variety of attacks.

IoT is a huge problem. Most of it is not protected (at all). Most of it is fully exposed on the WAN. Significant numbers of IoT are pre-consumer compromised, reaching back to Chinese Military hubs right out of the box. If you have IoT and have it sitting behind a normal router you are bleeding data and have a large threat surface. You need some kind of UTM Router to fix this. For example you can place Gryphon into full blacklist mode, then whitelist exactly what the IoT needs to communicate with (usually AWS). Otherwise your WiFi enabled Fridge or Washing Machine is a very real, easily exploitable attack surface into your internal network.

But once again, unless you lock down windows, and consider it a high risk environment (which it is), and develop a default-deny type of profile which whatever product/method you choose, you are at risk.

PS: It's another issue, but one should ask why our govt. doesn't require security aspects in IoT deployed throughout the USA. Cars have to meet safety requirements and crash tests, IoT needs minimum acceptable standards. Our govt. is completely inept at all of this and the 70 year old full time politicians are about as intelligent as house flies.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Infections can come from anywhere. Despite being 'careful', your threat surface is going to be significant by merely using a Microsoft based operating system. As careful as you want will often not matter in the end as we've seen countless times from exploits implanted in popular web pages. Update channel compromises, etc.

Your only real choice for 1 single protection on a Microsoft OS is going to be a full lockdown/default deny. Regardless of the product, that's what is going to protect you well enough through a variety of attacks.

IoT is a huge problem. Most of it is not protected (at all). Most of it is fully exposed on the WAN. Significant numbers of IoT are pre-consumer compromised, reaching back to Chinese Military hubs right out of the box. If you have IoT and have it sitting behind a normal router you are bleeding data and have a large threat surface. You need some kind of UTM Router to fix this. For example you can place Gryphon into full blacklist mode, then whitelist exactly what the IoT needs to communicate with (usually AWS). Otherwise your WiFi enabled Fridge or Washing Machine is a very real, easily exploitable attack surface into your internal network.

But once again, unless you lock down windows, and consider it a high risk environment (which it is), and develop a default-deny type of profile which whatever product/method you choose, you are at risk.

PS: It's another issue, but one should ask why our govt. doesn't require security aspects in IoT deployed throughout the USA. Cars have to meet safety requirements and crash tests, IoT needs minimum acceptable standards. Our govt. is completely inept at all of this and the 70 year old full time politicians are about as intelligent as house flies.
Ultimately I'm sure you are right & if i lived alone I could & would implement such things but I don't & have 4 children with respective partners, grandchildren with a plethora of devices in laws galore with devices all who visit and stay, to prevent internet access would be seen as unreasonable. I've got to 60 without to many problems & what I do now has to be good enough.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
You are incorrect. This discussion about exploits, means of infection, chances of infection, etc. are off-topic. The topic is: If you were limited to one security app what would it be? Not, what it the best app? Not what are all the infection vectors? Etc.
If you look back to my original post, I named my two favorites, and gave explanations as to why. I had a question about KIS, and was glad I asked it, because the protection was less than future-ready. I consider it relevant in a thread about best singular security app to discuss why it would or would not be ready for Prime Time. Are you going to tell me that you consider that less relevant in this thread, than just saying "AV + safe browsing?" I rather doubt that.

Now, not directing this at one specific individual: I suggest we drop the whole tit-for-tat game and get back to objective product review, before this thread gets locked or worse.
 
Last edited:
  • Like
Reactions: Nevi and Dave Russo
F

ForgottenSeer 58943

I've got to 60 without to many problems & what I do now has to be good enough.

It's evolved to the point where most people are simply unaware that what they are doing is more than likely inadequate. What's the long term consequences we will be grappling with from all of this? It's hard to say, but all of this is going to have some negative impact down the road and the only people that will be safe from the implications are those that have taken privacy and security seriously. (seriously as in way beyond normal consumer level mentality)
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
It's evolved to the point where most people are simply unaware that what they are doing is more than likely inadequate. What's the long term consequences we will be grappling with from all of this? It's hard to say, but all of this is going to have some negative impact down the road and the only people that will be safe from the implications are those that have taken privacy and security seriously. (seriously as in way beyond normal consumer level mentality)
Exactly. The longer we coddle those who wish to avoid the technical aspect, the more danger we expose them to. Criminals aren't sitting around, waiting for security companies to catch up. They're evolving, and working on AI malware that can sit on a server, probe a visiting client for vulnerabilities, and open fire on those vulnerabilities as if a live hacker were attacking that computer directly. This isn't a game. Cybercrime is the #1 largest criminal industry in the world for a reason. These guys play for keeps.

Gone are the days when prudes attacked adult sites in protest, and anyone dumb enough to visit those sites or engage in P2P file sharing was classified as a high-risk user. Today, "high risk" has a new meaning: it's not the sites you visit; it's what information you have on your computer. If you bank online, keep your address book on your computer, or store pictures you don't want to lose; then your greatest threat is not a virus crippling Windows, so you have to suffer the inconvenience of reinstalling your operating system. That was the '90s.

Far worse than a virus these days is having a keylogger send your CC information or online banking credentials to its owner, so you are delinquent on your rent or mortgage payment when you find your checking account has been cleaned out. Or a backdoor Trojan takes snapshots of your address book, and steals your grandmother's identity. Or you get infected with ransomware, and have to pay $600 or more and beg the person on the other end to please give you the encryption key because you didn't have a backup (which average users do not).

The above-mentioned threats are not limited to gamers, swingers, and pirates; they affect 80-year-old women who never get on the computer except to check their email, or visit Betty Crocker and Jo-Ann Fabrics. Once upon a time, anyone with a little practice behind the wheel could take a car out on the road. Today, we license people to drive. Security researchers have been saying for the past 15 years that we need to start doing the same thing for the Internet. It is estimated that about a third of all computers connected to the Internet are infected, in many cases unbeknownst to the user. An identity is stolen every two seconds. These are not ho-hum facts of life; they are real problems that we have as yet failed to address.

Meanwhile, every computer I'm responsible for has at least MBBE/MBBG and TrafficLight (also WDBP and WebRTC Leak Prevent for Chrome), CleanBrowsing DNS, and AppCheck anti-ransomware; along with whatever AV they had to begin with. For those who stay in contact with me, I add Cruel Comodo (I turn off all alerts) and a TeamViewer applet, so they can call me if ever they need something installed (which hardly anyone ever does).

It's not hard to secure computers. What's hard is explaining to intermediate enthusiasts who moonlight as the family/neighborhood geek that average users don't need to constantly deal with alerts like we do, because they are not download junkies.

Sorry for another off-topic post. But I hope it was at least contributory: not just because I explained what's out there right now, but because I'm including product recommendations and not just rants in my posts. ;)
 

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,194
People are NOT safe with AV + good browsing habits. I know this from personal experience.
You can be. The only times that my systems have ever been infected, is when I've manually opened an infected file. I've never been infected just by visiting a compromised website.
I had a fully up-to-date system and up-to-date 3-pronged security suite provided by my ISP in October of 2006. And next thing I knew, SQL Slammer and Stack Bot were all over us. I reimaged my system three times, only to get reinfected again within minutes each time. I stopped it by adding ISS BlackICE. Paranoia is better than overconfidence IMO.
On XP systems, it was possible to get infected just being connected to the internet. This changed when Service Pack 2 was released, as the Windows Firewall was now enabled by default.
MT doesn't exist to assure people that all you need to do is install AV and don't visit any dodgy websites. If you have any real experience, then you know as well as I that most infections come not from bad websites, but from good websites that were hacked by a third party. So safe browsing habits don't cut it.
I've visited thousands of safe and potentially unsafe websites over the years and not once have I got infected. I've even visited plenty of websites, where either my browser or Google - if I was clicking on a search result, warned me against visiting.

If you've got an updated system, then the chance of getting randomly infected, without manually opening an infected file, is very slim.
Without updates, it can be a different story. I once had a work system infected from just visiting a website. An outdated version of Java, was most likely the cause.
 

Back3

Level 14
Verified
Top Poster
Apr 14, 2019
674
I have WD+ Configure Defender + Comodo Firewall at Cs settings. But my main security app is my browser, I use Firefox with a few security extensions. And most of the time, it's the most important and first line of defense on my computer. In the last 6 months, every malware was blocked at the browser level.
 
Last edited:
F

ForgottenSeer 58943

Exactly. The longer we coddle those who wish to avoid the technical aspect, the more danger we expose them to. Criminals aren't sitting around, waiting for security companies to catch up. They're evolving, and working on AI malware that can sit on a server, probe a visiting client for vulnerabilities, and open fire on those vulnerabilities as if a live hacker were attacking that computer directly. This isn't a game. Cybercrime is the #1 largest criminal industry in the world for a reason. These guys play for keeps.

The above-mentioned threats are not limited to gamers, swingers, and pirates; they affect 80-year-old women who never get on the computer except to check their email, or visit Betty Crocker and Jo-Ann Fabrics. Once upon a time, anyone with a little practice behind the wheel could take a car out on the road. Today, we license people to drive. Security researchers have been saying for the past 15 years that we need to start doing the same thing for the Internet. It is estimated that about a third of all computers connected to the Internet are infected, in many cases unbeknownst to the user. An identity is stolen every two seconds. These are not ho-hum facts of life; they are real problems that we have as yet failed to address.

This is one of the most accurate and informed posts I have seen here in awhile.

One trip over to a Microcenter, and watching people push out carts full of IoT trash they don't even have a clue how to use or how to secure effectively and you know instantly that we are going to be in a world of hurt, soon. I think a third of all computers being infected is a conservative estimate - I'd say up to half or more.

People just aren't aware (or care) about of all of the vulnerabilities, exploits, backdoors and side channel attacks they can face with nothing more than day to day internet activities. Anyone targeted (and targeting these days is millions of people) isn't capable of understanding the forces that can be levied against them with a few clicks. One almost thinks the IT/Technology ignorance is encouraged and/or cultivated..
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
On XP systems, it was possible to get infected just being connected to the internet. This changed when Service Pack 2 was released, as the Windows Firewall was now enabled by default.
The last time I got infected was in 2006, and I had a firewall. SP2 came out in 2004.

I've visited thousands of safe and potentially unsafe websites over the years and not once have I got infected. I've even visited plenty of websites, where either my browser or Google - if I was clicking on a search result, warned me against visiting.
First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.

If you've got an updated system, then the chance of getting randomly infected, without manually opening an infected file, is very slim.
Without updates, it can be a different story. I once had a work system infected from just visiting a website. An outdated version of Java, was most likely the cause.
I agree that an up-to-date system is fairly well protected. But again, hackers are working on AI kits to plant on legitimate websites, and bombard visiting computers directly. If you want to keep advocating for AV + safe browsing, do it on Facebook, not here. Geek card pulled.
 
Last edited:

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,194
First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.
I know that I never get infected. Zemana, Malwarebytes and other scanners, only ever find harmless PUPs that I've installed myself and never find actual malware.
I agree that an up-to-date system is fairly well protected. But again, hackers are working on AI kits to plant on legitimate websites, and bombard visiting computers directly. If you want to keep advocating for AV + safe browsing, do it on Facebook, not here. Geek card pulled.
I'm not advocating for anything. That should have been clear. I'm just talking about my own experience over many years.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
I know that I never get infected. Zemana, Malwarebytes and other scanners, only ever find harmless PUPs that I've installed myself and never find actual malware.
I'm happy for you.

I'm not advocating for anything. That should have been clear. I'm just talking about my own experience over many years.
It should have? Then why bring it up, in a thread about single best app for protection?
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
First, you're not the only person out there. Second, Google will warn you about dark websites, not legitimate websites that have been hacked, like these. Third, I hope you realize most AV scanners will never reveal the presence of fileless malware. I suggest you run Zemana, and use something like Hijack Hunter to see what kinds of open TCP connections you have. If you're running W10, and all your runtimes are up to date, I'd agree you're probably not infected. But if you are infected, you probably don't know it, because modern malware doesn't make your computer crash or run slowly. And since you have some more noxious browsing habits, there's a greater chance you may have encountered something tough enough to break your browser's defenses.

Dude, you need to pull it back a notch. I agree with a lot of what you say. I've indicated that.

Roger is a long-time well-known expert both here and at Wilders. You've interacted negatively with others who are also 'known.' You're coming across as disrespectful... even bitchy.

Drop the edge and gigantic chip on your shoulder.

Express yourself fully.... but respectfully.


Your Buddy,

-Burrito
 

Huchim

Level 5
Verified
Well-known
Oct 17, 2015
240
People, stop spreading panic!, I think knowledge is the key here. As I don't manage the security of sensitive data in a major company and I'm the only who manage cybersecurity of my family and friends, I'll limit saying that and AV+OS and any sofware updated+safe habits is enough, I won't include about your router security, neither the OS option, (mainly because the thread) we all here test different programs for fun, paranoia is bad. Always.

If you are and advanced user, Appguard, if you are a novice user, Kaspersky and maybe with TAM enabled +untrust digital signatures (this will make Kaspersky as Cloud whitelist program) depending of your work. That's all.

Extending on the subject; Most of people don't have time/interest to manage the alerts, they even don't know if they need/have a AV! Why Kasperksy? For the TAM module for strong protection and due the complete suite to cover some vectors of infections:

- Sofware Updater
-Antibanner + Privacy protection for major browser no matter if they install them later.
- Automatic backups
- VPN (for people who use a laptop in public places)
- Safe money for bank sessions-

Also the basics online safe habits:
- Different e-mails for social-media, bank and work and another to buy online.
- Using strong passwords with 2FA when available.
- Use credit card with protection for online shopping or use Paypal.
- Stay informed about new threats or data breach.

I hope this helps more to novice users, there will be more risks as the technology advances, so we need to keep updated. A single program doesn't protect about the human factor and that's the main target of hackers, I don't think there is "common sense" only knowledge.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
Dude, you need to pull it back a notch. I agree with a lot of what you say. I've indicated that.

Roger is a long-time well-known expert both here and at Wilders. You've interacted negatively with others who are also 'known.' You're coming across as disrespectful... even bitchy.

Drop the edge and gigantic chip on your shoulder.

Express yourself fully.... but respectfully.


Your Buddy,

-Burrito
I appreciate your concern. But long-time and well-known fail to impress me, especially when we are dealing with a global pandemic which real experts (not long-time members of an anonymous forum) admit we are ill-prepared for.

I came to this thread to post which programs I believe offer the fullest protection, and why. I posted my concern about a couple of popular recommendations, which drew ire from people with personal attachment to these programs, as well as others who are telling me that all you need are AV and safe browsing.

I didn't instigate any of these arguments, if you might notice. I've had half a dozen people come and try to tell me off, and I have refused to back down from what my own personal and professional experience have revealed. If you want me to lie, or roll over for the "old timers," I'm sorry. I can't do that. I've said at least twice that we should get back to the topic at hand, and people (including the venerable Roger) have failed to do so.
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
I appreciate your concern. But long-time and well-known fail to impress me, especially when we are dealing with a global pandemic which real experts (not long-time members of an anonymous forum) admit we are ill-prepared for.

I came to this thread to post which programs I believe offer the fullest protection, and why. I posted my concern about a couple of popular recommendations, which drew ire from people with personal attachment to these programs, as well as others who are telling me that all you need are AV and safe browsing.

I didn't instigate any of these arguments, if you might notice. I've had half a dozen people come and try to tell me off, and I have refused to back down from what my own personal and professional experience have revealed. If you want me to lie, or roll over for the "old timers," I'm sorry. I can't do that. I've said at least twice that we should get back to the topic at hand, and people (including the venerable Roger) have failed to do so.

That was a relatively reasoned and respectful reply.

So I'll take that as a success.

Cheers.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
That was a relatively reasoned and respectful reply.

So I'll take that as a success.

Cheers.
I promise you, if you knew me in person, you would find that I am one of the most passive individuals in my circle (INFP). But one thing INFPs are known for is standing our ground when a value is threatened. I value MT as an informational forum, while some are treating it as a social forum. If somebody comes knocking at my door, I answer.

There are a few people here (Andy Ful is one) who have experience that exceeds my own, and I respect them for it. But there are others who either pretend to have more experience than they actually have, or have been out of the arena for some time, or don't actually deal with security in their organizations. Ask a professional security researcher if AV + safe browsing are enough, and show them Roger's posts. I will bet you money they disagree.

End rant. Cheers!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top