Advanced Plus Security InnoScorpio's PC Security Config 2019

Last updated
Dec 25, 2018
Windows Edition
Home
Security updates
Check for updates and Notify
User Access Control
Always notify
Real-time security
Norton Security Online Premium (Heuristics, Boot Time Protection, Block Traffic for Malicious Applications, and SONAR set to Aggressive with some settings disabled for better performance)
Sandboxie Free
Firewall security
Periodic malware scanners
EEK, MBAM free, ZAM free
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge (built-in): Norton Safe Web
Chrome (default): Malwarebytes Browser Extension, Mailtrack, WebRTC Leak Prevent, NetCraft
Firefox (performance): Malwarebytes Browser Extension, NetCraft
Maintenance tools
CCleaner Portable, Wise Disk Cleaner Portable, Auslogics Disk Defrag Portable, Revo Uninstaller Free, Anvi Folder Locker, PrivaZer, VeraCrypt, GNU Privacy Guard, AxCrypt, CCEnhancer
File and Photo backup
Cloud Storage: Google Drive and MEGA
External Hard Drive: AOMEI Backupper Standard Free
System recovery
Macrium Reflect Free

notabot

Level 15
Verified
Oct 31, 2018
703
ChromeZero can block side channel attacks. Unfortunately, you can use it only on Chromium/Chromium-based browsers

IAIK/ChromeZero

Thanks - I just looked at this, looks like the authors are well regarded so I’ll take what they claim at face value.

Still Eg Will it be well maintained ?

I consider side channel attacks outside my threat vector but if they were in it, I’d just use a machine with an OS which has hyper threading switched off to cut the root of the issue - I don’t need that level of security though
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,607
I may not be the most tech-savvy of people here (far from there obviously) but I deserve to be respected. I'm here to learn and help, not to be attacked.
I will pretend I didn't see that post, because I really like this forum and wouldn't like to leave it just because of disrespectful people like you.
Read my post again, please :emoji_pray:- it is a little ironical towards people (like me) who can care more about securing the Windows against the malware, than about protecting the computer against the thieves.
In fact, I am on your side, do not you see this? Furthermore, the practical point of view like yours, does not mean that someone is not tech-savvy.
I am sorry If my words hurt you, but in fact I liked your post, because it was very reasonable.(y)
 

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Read my post again, please :emoji_pray:- it is a little ironical towards people (like me) who can care more about securing the Windows against the malware, than about protecting the computer against the thieves.
In fact, I am on your side, do not you see this? Furthermore, the practical point of view like yours, does not mean that someone is not tech-savvy.
I am sorry If my words hurt you, but in fact I liked your post, because it was very reasonable.(y)
It sounded nothing like ironical to me. Anyway, I believe you. Peace out.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,607
It sounded nothing like ironical to me. Anyway, I believe you. Peace out.
Added the note to my post, but I am sure that the irony is visible enough.(y)
Be safe.:giggle:
 
  • Like
Reactions: harlan4096

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,607
Using too many extensions in the web browser has some known pros, but also some cons.
  1. As it can be seen from the very comprehensive list made by HarborFront, there are many vulnerabilities so the user should install several extensions to cover them.
  2. Many extensions would have the negative impact on the browsing performance & web browser stability.
  3. Many extensions = proportionally greater attack surface.
  4. Installing the popular extensions = greater chances to be exploited.
  5. Installing not popular extensions = unknown reliability, unknown support, etc.
  6. Sometimes people install many extensions, because they intentionally browse to very unsafe places, and think that those extensions will save them (not recommended).
So, everyone has to find the balance between safe habits and installed extensions. With safe browsing habits and some basic knowledge the user can install fewer extensions to be pretty much safe. When visiting very unsafe places, it is better to use the Virtual Machine.
Yet, either when using many extensions or using only a few, the user cannot be completely safe when browsing.
 
Last edited:

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
Using too many extensions in the web browser has some known pros, but also some cons.
  1. As it can be seen from the very comprehensive list made by HarborFront, there are many vulnerabilities so the user should install several extensions to cover them.
  2. Many extensions would have the negative impact on the browsing performance & web browser stability.
  3. Many extensions = proportionally greater attack surface.
  4. Installing the popular extensions = greater chances to be exploited.
  5. Installing not popular extensions = unknown reliability, unknown support, etc.
  6. Sometimes people install many extensions, because they intentionally browse to very unsafe places, and think that those extensions will save them (not recommended).
So, everyone has to find the balance between safe habits and installed extensions. With safe browsing habits and some basic knowledge the user can install fewer extensions to be pretty much safe. When visiting very unsafe places, it is better to use the Virtual Machine.
Yet, either when using many extensions or using only a few, the user cannot be completely safe when browsing.
Using a VM is not a panacea to all problems.

Like any software it has its own security vulnerabilities

For malware protection the use of a VM is good as long as you don't meet some VM-evasive malware. Similarly, in the use of AV software

VM also cannot protect a user against data exfiltration

And I don't believe it can protect against hardware-based attacks like Spectre and Meltdown

If you'll to ask me how many extensions would be needed to protect against the list I made I would say as many as you can find inclusive of your AV/AM software and browser...... if you want to go around the world on the net
 
Last edited:
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,607
Using a VM is not a panacea to all problems.

Like any software it has its own security vulnerabilities

For malware protection the use of a VM is good as long as you don't meet some VM-evasive malware. Similarly, in the use of AV

VM also cannot protect a user against data exfiltration

And I don't believe it can protect the user against a hardware-based attacks like Spectre and Meltdown
You are right. Nothing is perfect.:giggle:
 

notabot

Level 15
Verified
Oct 31, 2018
703
And I don't believe it can protect against hardware-based attacks like Spectre and Meltdown

It can’t, to the best of my knowledge only disabling SMT can - with the caveat that the addon you linked before claims it’s possible without switching smt off
 
Last edited:

notabot

Level 15
Verified
Oct 31, 2018
703
For malware protection the use of a VM is good as long as you don't meet some VM-evasive malware. Similarly, in the use of AV software

I asked this on another thread and the response I had was that apparently it doesn’t happen.

Probably the target market for this ( people running desktop software in VMs) is too small for the malware writers to target it. But in principle this is doable
 

notabot

Level 15
Verified
Oct 31, 2018
703
Ultimately it comes down to what threat vector one is protecting against.

If one wants to hedge against a wider vector though I wonder, is a complicated setup with many addons & lots of software worth the maintainance effort ? Perhaps it simpler to have a dedicated machine for activities they want to keep safe. Eg have one machine with smt switched off (eg openbsd), hardened OS kernel, on each use launch one off browser images via Docker - it’s still a pita type of setup but probably has fewer tabs to track as everything would be updated from the os vendor’s repo. The only risk remaining would effectively be kernel level exploits which cannot be hedged anyhow
 

InnoScorpio

Level 1
Thread author
Jul 9, 2018
13
After realizing all the advice that everyone provided to me in this thread.

REMOVED THE FOLLOWING
  • The Great Suspender -- Remove this since I realized I could implement flags in Chrome and find ways to speed up Firefox so adding the extension would be counterproductive to my browser performance.
  • uMatrix - Do not need this after realizing Malwarebytes has reliable adblocking. Also, adding a bunch of filters for different types of malware yield less effect than using Malwarebytes.
  • Glary Utilities Portable - Do not need this after adding CCEnhancer along with CCleaner Portable.
  • Wise Care 365 - The entire suite of components not needed.
  • Exfil CSS Protection - Remove this since the Site Report feature provides information on the Web Targeting features that a site uses to possibly mitigate CSS Exfil attacks.
  • Correction: Mailtrack is not available in Firefox.
ADDITIONS OR CLARIFYING SOFTWARE I WAS SUPPOSED TO USE ORIGINALLY
  • CCEnhancer
  • Sandboxie Free
  • Wise Disk Cleaner Portable


Fields are updated. Replies to some posts that were mentioned in this thread:
For example, you have 3 extensions with similar purposes (blocking malicious websites) - uBlock Origin, Netcraft and Malwarebytes. That doesn't make much sense to me, considering that the browser and the AV also have that function. In my opinion, being obsessed with browser protection via filtering is pointless.
Also, read this.
After realizing how realizing how reliable the adblocking and tracking protection that Malwarebytes Browser Extension provides. I realize I do not need uMatrix in Chrome and Firefox. I did some testing with Malwarebytes and found Malwarebytes to be a better addon. The malicious website filtering from Norton is nonexistent. Norton Safe Web is only good for antiphishing. Google Safe Browsing and Microsoft SmartScreen will pick up the rest of what Norton missed alone.

- ads & ad trackers
- malicious sites
- analytics (beacons, pixel etc)
- browser fingerprinting e.g. mouse wheel/speed, CPU/GPU etc besides those listed(and protected) in ScriptSafe and Trace...
This is why you can only set up your web browser, AV, DNS, or other security layers to protect against the most important attacks associated with security and privacy. You have to implement the ones that can avoid significant damage on your computer, can be used for financial or commercial gain, espionage, data leaking of sensitive and personal information.

If you are the cautious user - who do not open the spam attachments, do not allow the active content in the unknown documents, etc... The Standard User Account + Norton Security Online Premium is enough.
If not, or when you have to use the vulnerable applications with unsafe content (documents with macros, scripts, unknown email attachments, etc.) then you may think about some additional protection like SysHardener, OSArmor (system hardening), or Hard_Configurator (system hardening & default deny setup).
I am actually a cautious user when it comes to avoiding email attachments, documents with macros, and scripts so I do not usually need some other tool with it most likely.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top