Danger Itachi Sempai's security config for grandmas

D

Deleted member 178

With RX he must be not too far from his grandma because if RX has a problem,which makes the system unbootable, a full reformat is needed.
 
  • Like
Reactions: harlan4096

Itachi Sempai

Level 2
Thread author
Verified
Sep 20, 2017
93
@Umbra
there is no way to disable SD, update windows and re enable SD... so i eather have SD enabled or updates enabled... besides i need to lock down system configuration like toolbars and everything should be unchangeable so most likely i will use SD... so i need something to cover up unpached vulnerabilitys and i think hitman antiexploit should do it to some degree... what do you think?


@JHomes
in a case of HDD failure i need cloud backup and google sync is wonderfull because it stores different versions of same document for 30 days
 
D

Deleted member 178

@Umbra
there is no way to disable SD, update windows and re enable SD... so i eather have SD enabled or updates enabled...
you just exit shadow mode, update , re-enable it.

but i think Rollback RX is the best choice for your grandma, just tell her not doing hard shutdowns.
Just use Windows Defender.
 
  • Like
Reactions: harlan4096

Itachi Sempai

Level 2
Thread author
Verified
Sep 20, 2017
93
you just exit shadow mode, update , re-enable it.

but i think Rollback RX is the best choice for your grandma, just tell her not doing hard shutdowns.
Just use Windows Defender.
if a person cant rise volume when it accidentally gets muted then that person definitely wont be able to exit shadow mode update windows and re enter shadow mode


p.s. if HDD dies then how i will restore files with Rollback?
 
D

Deleted member 178

Rx isn't imaging, it is snapshot.

1- you set up her computer
2- you do a classic backup
3- you install RX, it makes a baseline snapshot, then you can revert to it anytime in seconds.

When she has an issue just reload a previous snapshot.
 
  • Like
Reactions: harlan4096

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,604
@Andy Ful
you are right i need to block scripts... i think about ERP if you have any other suggestion it would be nice p.s. office 2007
Office 2007 may be a problem. It is popular and not supported by Microsoft. It has a big attack surface via: Macros, OLE, Actions, DDE, and Filter bypass. Office macros can easily invoke PowerShell + .NET framework, and then you can have everything from the typical malware to keyloggers and rootkits.
Sadly, NVT ERP and other anti-exe solutions will not help, because your grandma will not know what to do with alerts. Maybe it could be used in lockdown mode, but then grandma will have problems with AV engine and web browser updates.
There are three free solutions with GUI (maybe more) to mitigate office documents/macros/scripts/scriptlets: Comodo Firewall (CS settings), Hard_Configurator (allow EXE, MSI files, and TEMP folder), and NVT OSArmor. Those solutions need some tuning to adjust the security to the concrete computer.
You can also look at the JAIL project that will be published soon.
Video Review - Comodo Firewall 10 Setup
Hard_Configurator - Windows Hardening Configurator
NoVirusThanks OSArmor
Q&A - Need your input for NEW zero config application sandbox
 
Last edited:

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
542
People using SD don't forget about "exclusion list" but don't remeber about "commit now" list and command :unsure:
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,604
People using SD don't forget about "exclusion list" but don't remeber about "commit now" list and command :unsure:
Not you and me.:)
Personally, I do not use them at all, except Explorer context menu option: 'Commit by Shadow Defender'.
 

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Your config is a bit confusing...

Please fill in all thread fields.
Shadow Defender is nothing without the Windows vulnerability patches.
Enable also other protection modules of Hitman Pro. (Why Hitman Pro updates disabled? :D)

Shadow Defender updates disabled: why?

Add ZAM Free.

Add HTTPS Everywhere.

Honestly if you want a simple, light and quite efficient config this is what I suggest to you:

-Windows 10 (FCU) (UAC at Default or Max)

-Avast Free (or WD)

-ZAM Free, EEK or NPE.

-Shadow Defender is good but with updates enabled.

-Firefox (or Chrome) with uBlock Origin, HTTPS Everywhere.

-a good backup solution such as Macrium Reflect Free or AOMEI Backupper.

Comodo Firewall offers a very good layer of protection (HIPS + Sandbox), and it can also used alongside WD.

Those are my suggestions.

Thanks for sharing.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,604
@JM Security, he already confirmed that Windows 10 is not the option for grandma.:)
But of course, @Opcode and I do agree with you to make the setup based on Windows 10.
.
The problem is making the setup on Windows 7 + MS Office 2007, for inexperienced grandma, with the below requirements:
  1. Minimum alerts and prompts for the user actions.
  2. No need for support from the more advanced user, except two (maybe three) times a year.
  3. The system has to be robust to grandma mistakes and must prevent malware persistence.
  4. The setup must give very good protection against malicious: executables, documents, scripts, scriptlets.
Of course, that would be easier to do with Windows 10 FCU + Edge + Office online.:)
 
Last edited:
D

Deleted member 65228

I can see why maybe Windows 10 isn't going to work with grandma because times have changed and it's all updated now but either you want to be secure or not. I don't mean this in an insensitive way but people who are growing older than us young ones tend to have important things like pensions and huge savings, imagine an elderly woman being infected successfully because of an old vulnerability in a less-modern OS which allowed an attacker to run off with 100+ grand of her savings she's been stacking for her loved ones for the future.

It just isn't worth the risk I'd say. I think a Chromebook would just be the best option for someone who can't learn Windows 10, over using Windows 7 without any software updates.

All it takes is one bad vulnerability to be exploited and everything else becomes irrelevant.
 
D

Deleted member 178

Yes Chromebook or even an Ipad/android tablet are "hassle-free-stuff-for-noobs"

Old people don't need a computer with tons of stockpiled security apps. They need a simple and safe to use OS. They just need to surf, email, watch movies and do basic office-type tasks with no hassle.

When i see people recommending HIPS, anti-exploit, and other complicated softs for senior, i just facepalm (with all respect)...
I was a repair guy in the past and i add many seniors as customers, i found out a common point between all of them, they just want simple things that work without the need to call a techie person to explain them why this software prompt them about this or that and how to response properly.

This is one reason why Emsisoft is becoming simpler and simpler to use years after years, being hassle-free while staying efficient is the ultimate goal. And at the moment we are doing well and we are praised for it.
 

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Some of the things proposed here are too extreme for me. I would simply install Windows 10, Kaspersky Free and all the programs that grandma will need (PDF, Word Processor, Chrome and Firefox extensions, set the defaults, Group policy hardening, set DNS to Norton ConnectSafe), then I would turn that admin account into a SUA and password protect the admin account. There's no way grandma will run into anything seriously bad if uBlock Origin, Kaspersky Reputation thingy, Google Safebrowsing, and Microsoft Smartscreen are turned on. Grandma does not pirate software. The biggest risk she will run into are annoying PUPs.
 
5

509322

Some of the things proposed here are too extreme for me. I would simply install Windows 10, Kaspersky Free and all the programs that grandma will need (PDF, Word Processor, Chrome and Firefox extensions, set the defaults, Group policy hardening, set DNS to Norton ConnectSafe), then I would turn that admin account into a SUA and password protect the admin account. There's no way grandma will run into anything seriously bad if uBlock Origin, Kaspersky Reputation thingy, Google Safebrowsing, and Microsoft Smartscreen are turned on. Grandma does not pirate software. The biggest risk she will run into are annoying PUPs.

Grandma does not need features like PDF and Word Processor, Chrome and Firefox extensions (except for an adblocker).

Grandma should not be using an obsolete OS like Windows 7 that is a security risk.

Sure, Windows Updates are a nuisance, but overall you're better off with them than without them. Theoretically, Windows Updates for the home user are the lesser of two evils. Some argue otherwise.

Grandma needs an adblocker to block all the nuisance advertisements that seriously slow down web browsing and half of Windows disabled that aren't needed by the vast majority of users and compromise security.

You are better off using NVT OS Armor and @Andy Ful 's Windows Hardening utility Hard Configurator and then selecting a free antivirus; your priorities are reversed. Harden Windows first and then select the antivirus, because the free antiviruses will fail against advanced infections whereas hardening Windows will thwart many of them.

Pirating software is less of risk than PUPs that can download even more dangerous software.
 
Last edited by a moderator:

Itachi Sempai

Level 2
Thread author
Verified
Sep 20, 2017
93
Shadow Defender updates disabled: why?
you guys will go crazy but all the software i use is free or pirated :D i definitly think that updating shadow defender will brake it




When she has an issue just reload a previous snapshot.
i will get there once per year so its not an option to have some system issues thats why i need shadow defender




Harden Windows first and then select the antivirus, because the free antiviruses will fail against advanced infections whereas hardening Windows will thwart many of them.
you are right and i was thinking same thing from the beginning... but i dont get why everyone is so tensed around windows updates... if i have shadow defender + some software to block any nonwhite listed code how something will infect the system? if you cant protect system without updates then zero day protection doesnot exist and no matter what you do absolutely everyone is extremely vulnerable to zero days
 
Last edited:
D

Deleted member 65228

Why are you even bothering to try and protect your system when you've already compromised your security? You can't pirate security software, forget about updates to them as well as the operating system software, and genuinely expect to be protected. Well, you can, but that really is crazy. Using any pirated content, not just for security, is just an easy-entry for an attacker... Attackers know there are many people trying to use pirated content so they push out infected pirated content out there, and people fall for it - likely you will too by the looks of it.

You have absolutely zero-chance with what you are trying to do. I will be really surprised if you aren't hit with an infection throughout 2018 unless you have a serious think and reconsider on what you're doing and take action to change it.

What's even more devastating is that this system is allegedly for your grandma? Jesus.
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
you guys will go crazy but all the software i use is free or pirated :D
Pirated software? Oh yes it is so easy to fall into the trap of pirated software, ready and pre-packaged available on P2P circuits such as Torrent and similar. Indeed, being able to intervene directly in the code, the cybercriminals are able to infect the pirated programs at a sophisticated level so that the antivirus has some problems to identify the threats.
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
To block scripts (third party is sufficient...) and malware, try these two extensions/add-ons for both Chrome and Firefox:
Policy Control and Browser JSGuard (google for chrome version of this latest...)
use too NVT OSArmor, harden Windows, and don't use antivirus.
... and seriously: get rid of all pirated softs.
 
Last edited:

Itachi Sempai

Level 2
Thread author
Verified
Sep 20, 2017
93
yea yea i know that it is risky but it is risky to download unknown software from torrents... there are more or less famous crackers who are not spotted in shady activities like kpojiuk or diakov i download soft from there "official" webpage :D https://diakov.net/ it has much fewer risks then downloading something from torrents... every pirated software is not the same


p.s. i cant abandon our long national tradition of pirating :cry:
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
yea yea i know that it is risky but it is risky to download unknown software from torrents... there are more or less famous crackers who are not spotted in shady activities like kpojiuk or diakov i download soft from there "official" webpage :D https://diakov.net/ it has much fewer risks then downloading something from torrents... every pirated software is not the same


p.s. i cant abandon our long national tradition of pirating :cry:
Ahh...at this point I think you are not correctable :p But I want to tell you one thing: keep in mind that in the cracking environment, no one gives you something without getting anything back.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top