Advanced Security oldschool's 2022 laptop configuration

Last updated
May 5, 2022
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Pro
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Local account
Primary user
Standard user - Limited permissions
Security updates
Default - allow security updates
Windows UAC
Maximum - always notify
Network firewall
ISP-issued router
Real-time protection
Microsoft Defender
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Hardened default: 60 sec. cloud check timeout, PUA and most ASR rules enabled ;)
Custom exploit protection settings for all apps
RunBySmartscreen
Malware testing
No malware samples
Periodic security scanners
EEK | KVRT
Secure DNS
Quad 9
VPN
None
Password manager
Browsers, Search and Addons
Edge Brave Search | Ghostery | Emsisoft Browser Security | Strict tracking protection
Firefox Brave Search | Ghostery | Emsisoft Browser Security | strict tracking | total cookie protection | Firefox Privacy or: How I Learned to Stop Hardening and Love Strict Tracking Protection
Brave Brave Search | Brave Adblock | Emsisoft Browser Security
Maintenance and Cleaning
Windows built-in
Personal Files & Photos backup
Copy/Paste
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Wiindows built-in | Aomei Backupper
Device backup routine
Manual (maintained by self)
PC activity
  1. Browsing the web. 
  2. Emails. 
  3. Shopping. 
  4. Downloading software. 
Computer specs
Lenovo L340 Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz 2.30 GHz 8.00 GB RAM 1TB HDD
Personal changelog
22-1-9 Added VodooShield Pro v. 7.0
22-1-28 Removed TinyWall | Changed to Ghostery in Edge & Firefox
22-1-31 Removed VoodooShield
22-5-5 Removed VoodooShield
Feedback Response

General feedback

oldschool

Level 66
Thread author
Verified
Top poster
Well-known
Mar 29, 2018
5,583
New year. Same simple setup.

Edge flags:
1641081536065.png
Exploit protection (thanks to @Umbra). These haven't broken anything yet, e.g. extensions crashing.
Code:
- for Brave, Edge and Firefox:

Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

ADD for Edge Chromium only:

Code integrity guard - ON (with or without Also allow images signed by M$ Store CHECKED)
 
Last edited:

Gandalf_The_Grey

Level 59
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,828
I had printer issues after making exceptions. I uninstall when I encounter issues like this. Windows built-in = less problems.
Yes, a good decision (y)
Keeping things simple is lost art, but I can understand that on a security forum.
We hear of all those threats and there are so many toys to play with...
 

cliffspab

Level 4
Verified
Well-known
Oct 4, 2019
172
It's just like every Windows before it. It does all the same stuff in pretty much the same way, but you'll tell yourself it's a solid step in the right direction as ultimately everyone will have to upgrade and it's stupid to be the last man standing if you're interested in technology, right?
 

Antimalware18

Level 10
Verified
Well-known
Jan 17, 2014
466
If you dont mind me asking, I've noticed your using Emsisoft's browser protection, I was wondering why as opposed to something like Malwarebytes?
In my admitted limited testing Emsisoft's was good but not quite on the level as Malwarebyte's
But great setup either way (y)(y)
 

oldschool

Level 66
Thread author
Verified
Top poster
Well-known
Mar 29, 2018
5,583
Upgraded to W11. I'm happy with it and see no reason to go back to 10.

And I was one of those put off by the early reports, thinking "W10 till '25"! ;)
There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance - that principle is contempt prior to investigation.
- Herbert Spencer