Cortex

Level 11
Like I said before, I'm happy for you. Since the topic of this thread is about picking a single program for protection, perhaps you'd care to share what AV you're using, or is it just WD? Of course, the OP did say he's interested in close to 100% effectiveness.

That said, I'm just office IT; I'm not a security researcher. If it's this important for you to set the record straight that AV is enough, I'm not the person for you to take it up with. There are bigger fish than me who say you're mistaken.
The thread title was 'If I Could Pick Only One Program for Protection' BTW, Not how would I protect office computers with layered protection - An office environment is totally different to home - In my house I have 3 Smart? TV's, 2 SONOS systems, 3 iPads, an iPhone, 4 Android phones, an Android tablet, 4 PC's, a Printer, some Watches, 4 UHD Firesticks, an Android TV, a SKY Box, an unknown quantity of app running on devices, often an Xbox, a Marantz streamer, & more - My PC's are probably the least of my potential problems.
 

Cortex

Level 11
I promise you, if you knew me in person, you would find that I am one of the most passive individuals in my circle (INFP). But one thing INFPs are known for is standing our ground when a value is threatened. I value MT as an informational forum, while some are treating it as a social forum. If somebody comes knocking at my door, I answer.

There are a few people here (Andy Ful is one) who have experience that exceeds my own, and I respect them for it. But there are others who either pretend to have more experience than they actually have, or have been out of the arena for some time, or don't actually deal with security in their organizations. Ask a professional security researcher if AV + safe browsing are enough, and show them Roger's posts. I will bet you money they disagree.

End rant. Cheers!
Now that is funny & at the same time makes huge assumptions as to to what people with a degree of humility have in experience, you know next to nothing about (most) members you have seemingly dismissed & then assume your precautions you have deployed give a 'secure system' IMHO it is not easy to secure a system or a home when you have no idea what a potential future problem will be. I have no intention of disclosing what I have done & do part time anymore than I feel I have not dropped off a Christmas tree, also accepting absolutely many members know far more than I but: We all have our niche. That is humility :eek:
 

bribon77

Level 28
Verified
It all depends on the user or if it is a company of a normal user.
A normal user does not have as much risk as companies. (If action is taken)
In my case, I don't buy online. I do not give my information. I do not check my bank accounts online. I do it directly at the bank.
so I don't need that much, all I need is a backup in case I am wrong to try things on my PC.:)
 

ebocious

Level 4
The thread title was 'If I Could Pick Only One Program for Protection' BTW, Not how would I protect office computers with layered protection - An office environment is totally different to home - In my house I have 3 Smart? TV's, 2 SONOS systems, 3 iPads, an iPhone, 4 Android phones, an Android tablet, 4 PC's, a Printer, some Watches, 4 UHD Firesticks, an Android TV, a SKY Box, an unknown quantity of app running on devices, often an Xbox, a Marantz streamer, & more - My PC's are probably the least of my potential problems.
Yes and no. Your IoT devices need to be protected, as they can be used to attack the rest of your network. But the PCs and mobile devices are the ones with all the sensitive information, and can also be used to spy on you. For your IoT devices, I might recommend RATtrap.

Now that is funny & at the same time makes huge assumptions as to to what people with a degree of humility have in experience, you know next to nothing about (most) members you have seemingly dismissed & then assume your precautions you have deployed give a 'secure system' IMHO it is not easy to secure a system or a home when you have no idea what a potential future problem will be. I have no intention of disclosing what I have done & do part time anymore than I feel I have not dropped off a Christmas tree, also accepting absolutely many members know far more than I but: We all have our niche. That is humility :eek:
You've made a grand display of your "humility," coming late to the party to get your licks in. Feel better? You also exposed your throat to me, when you suggested that your PCs are the least of your problems. They're the least vulnerable (your iOS devices may have a slight edge, but are still vulnerable), but also the most valuable.
 
Last edited:
  • Like
Reactions: Handsome Recluse

Local Host

Level 18
Verified
This topic went from a question to what software you would use alone in a system.

To bashing Windows, IoT devices and then went all the way to Enterprise Protection.

All of which unrelated, especially IoT (you ain't installing anything on those, there's a reason people rely on hardware Firewalls when securing those).

Also no offense, but ebocious sounds exactly like one of those security researchers trying to scare you and sell you all types of security software you don't even need.

What is 11M devices in a Network of +7b computers alone (not counting phones and IoT devices), if the problem was so widespread as he is trying to make you all believe we would have over 5b Home devices infected (and something like that would draw to much attention for little gain, black hats want big pay and targets in the Enterprise).

Home Users should be more worried about their privacy (this is 2019, not 1995).
 

ebocious

Level 4
Also no offense, but ebocious sounds exactly like one of those security researchers trying to scare you and sell you all types of security software you don't even need.
You flatter me, but I can assure you I'm not. You need only look at my history, to see me asking questions about vulnerable processes. That said, not all security researchers work for software companies. But none of them will tell you that AV + safe browsing is enough. If you want to question them, do so at your own risk.

I'm aware of one person on MT who worked for Blue Ridge, and I haven't seen him in months. Other than AppGuard, the product I recommend most is Comodo FW Free with Cruel Sister's settings. What compensation do I get for promoting free software, and without an affiliate link?

What about AV employees trying to downplay the ineffectiveness of their products? We all know that's happening, with AV vendors buying tests, or getting notifications before/during a test, or pulling out after they see their results. Whom does @Local Host work for?

What is 11M devices in a Network of +7b computers alone (not counting phones and IoT devices), if the problem was so widespread as he is trying to make you all believe we would have over 5b Home devices infected (and something like that would draw to much attention for little gain, black hats want big pay and targets in the Enterprise).
I did say the issue was on the local news, so it was probably an attack on Comcast (my ISP at the time). That said, try telling an 80-year-old woman with AV and innocuous surfing habits, that the $400 missing from her checking account following a keylogger infection from visiting NYT, is statistically insignificant. I’m sure that’ll garner you a great review!

Home Users should be more worried about their privacy (this is 2019, not 1995).
This is the first correct assertion that you made in this post. You may have noticed that I posted about HTTPS Everywhere, as well as WebRTC Leak Prevention for Chrome. What I may not mention as frequently is VPN, mainly because I don't trust any free VPN services. That said, I use NordVPN. If money were no object, I would use ExpressVPN. That said, what privacy do you have if you get infected? In 1995, most infections came from porn sites, not legitimate sites.

I prefer to stay on topic. Those who wish to accuse me of being a troll, notice how many people have come out of the woodwork to attack me. This isn't about propriety, this is about religion. When you attack somebody's security apparatus, then you erode their sense of security. That's what this is all about. Well, I'm sorry. I'm not going to discredit what I know just because people are attacking me. And if you're scared, there's a simple solution for that (and attacking me is not it).
 
Last edited:
  • Like
Reactions: Handsome Recluse

ebocious

Level 4
When somebody quotes me, and then says all you need is AV + safe browsing habits, are they minding their own business? No, they’re not. I said it before and I’ll say it again: if you come knocking at my door, I answer. And if you’re trying to front me off with incorrect information, it’s going to backfire. I have a fair amount of experience in the area of PC security. I don’t have a lot of experience with servers (I'm still learning), and so that’s a subject where I shut up and listen. When it comes to this here, I generally know when information is false. And if you post false information, then I don’t need to know your background to know that you talk without knowing what you’re talking about. I don’t care if you’re a billionaire, with hundreds or thousands of people working under you. I doubt I’m one of them. On the Web, you are what you post, and nothing more. Respect is earned, not demanded.

One more little nugget for you: why do you think antivirus products generally score 100% in on-demand scans, but not in zero-day detection? Why are signatures generally available after the worst part of an outbreak is already over? Because they can’t get to everything before all the customers do. AV companies do share samples with each other, but they can't cover the whole web. Somebody has to get infected. Consider that the next time you accuse me of fear mongering. Common sense, folks!
 
Last edited:

Slyguy

Level 42
Verified
Most IoT devices are infected out of the box. But I guess the term infected may mean different things to different people. For me, anything with backdoor telemetry and/or network sniffing is infected. You'll find in upwards of 80% of IoT sold on Amazon comes pre-infected. The latest cameras, plugs, light bulbs, all of it is pre-infected. The ones that aren't directly infected are backdoor ready, easily exploitable, and sometimes can greatly compromise your network and other devices.

Most people don't realize how bad it really is.

Almost every Comcast router has a backdoor built in that will allow anyone within range of to compromise it via the broadcast of the open Xfinity WiFi networks. The only way to disable them is to specifically call support to ask those to be disabled, but they will always turn back on with each new configuration or firmware push. Traversing guest network restrictions (Ghetto VLAN) has gone way beyond POC, but when the TG/DG from Comcast is readily designed for infiltration, people really don't realize how bad it is.

So anyway...

Why not HMP-A for this? I know Team Talos hammered HMPA for quite some time, found a couple of vulns, and helped get them patched. So HMPA might be the most vetted and tested solution. If you had to choose one single thing. It has most of the required protections.

HMPA.png


HMPA sort of reminds of a thing everyone wants, but most people can't afford it or won't pay for it. I like stuff like that in all aspects of life because the perceived quality is palpable. For example I have a whole house generator and I don't even live near Hurricane Alley. However when the power does go out, I am sitting pretty. Everyone wants one, but most people either can't afford it, or won't pay for it. Feelsgood man.
 

Attachments

Last edited:

Burrito

Level 20
Verified
Most IoT devices are infected out of the box..... The latest cameras, plugs, light bulbs, all of it is pre-infected. The ones that aren't directly infected are backdoor ready, easily exploitable, and sometimes can greatly compromise your network and other devices.

Most people don't realize how bad it really is.

This is actually not Sly conspiracy theory... The US government became aware of some of this and started to investigate the scope of the problem.

But since we now have a government that is run by corporate interests, the investigation was scuttled for political reasons.

It's just hard to believe that governments sometimes represent the interests of entities rather than the people... I guess it shouldn't be hard to believe, but I'm an idealist I guess.
 

Slyguy

Level 42
Verified
This is actually not Sly conspiracy theory... The US government became aware of some of this and started to investigate the scope of the problem.

But since we now have a government that is run by corporate interests, the investigation was scuttled for political reasons.

It's just hard to believe that governments sometimes represent the interest. of entities rather than the people... I guess it shouldn't be hard to believe, but I'm an idealist I guess.
Yeah no conspiracy theory on that. When I was at Fortinet we pulled in the top 50 selling pieces of IoT from Amazon for testing. The vast majority were backdoored. The rest were poorly implemented with a lot of exploit threat surface. The purpose of the lab work was to see how this could impact IPS signature requirements as IoT spread to enterprise environments. (Such as Bill wanting fancy color changing lights in his office, etc.)

It was all grim news in the end. If I was a consumer I wouldn't buy any IoT at all unless I understood how to SSH into it and disable this or that, or to restrict it's functionality with networking equipment.. Not a chance any of it would hit my network.