Advanced Security oldschool's surfing laptop configuration

Last updated
Nov 20, 2024
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
Windows Pro
On-device encryption
N/A
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Provided by ISP
Real-time security
Windows Security
Firewall security
Microsoft Defender Firewall
About custom security
MS Defender - Default | ASR rules | Platform & Engine Beta channel updates
All system-wide Exploit Protections enabled, plus these for Edge & Chrome.
Firewall Hardening
RunBySmartscreen
Windows Spy Blocker
Periodic malware scanners
NPE
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Chrome | Privacy Badger | Brave Search
Edge | Privacy Badger | Brave Search | Surf profile & secure profile
Chrome flags | Edge flags
Secure DNS
Quad9 DNS
Desktop VPN
None
Password manager
Maintenance tools
Windows built-in
File and Photo backup
Copy/Paste
Subscriptions
    • None
System recovery
Aomei Backupper Pro Lifetime - Primary
Wiindows Backup & Restore- Secondary image backup
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Lenovo L340 Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz 2.30 GHz 16GB RAM 500GB SSD 1TB HDD
Notable changes
22-12-5 Reverted to MS Defender.
23-1-21 Refreshed Windows with SAC in evaluation mode.
23-2-2 Clean Windows installation
23-2-18 SAC user-enabled on
27-2-23 Added Chrome for the lack of 'feature' bloat.
28-2-23 Changed default browser to Chrome
24.2.24 Refreshed Windows and re-enabled Smart App Control
5.7.24 Performed a repair installation via Windows Update. Nice & easy!
6.10.24 Updated to 24H2 OS build 26100.1882
10.10.24 Rolled back to 23H2 due to bugs & performance
16.10.24 Added Chrome browser. Privacy Badger listed as main extension, but I also keep µBO, JShelter and Local CDN installed, not enabled.
What I'm looking for?

Looking for minimum feedback.

F

ForgottenSeer 97327

@oldschool,

Since you are using two cloud whitelists (SAC and AVG hardened), the risk of being infected by an executable is near zero IMO 👍👍👍

The only addition you might want to consider is Hard_Configurator with the Avast hardened mode profile (similar to SWH for protection against scripted content) and additionally blocking the enhanced selection of sponsors (protection against LolBins).

Because you use SAC, you would use the H_C beta or wait for the updated H_C (reenabling SRP with SAC enabled). But think twice before you do: having a fort-knox hardened security is boring (not much left to tweak or optimize) 😄
 
Last edited by a moderator:

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
Switched µBO to Adguard in Chrome/Edge after the mention by @SeriousHoax.
Nice. I think I should clarify why I prefer Adguard on Chromium browsers.
Speed wise, Adguard and uBO both performs the same in my tests in terms of page loading, while uBO in Firefox is slightly faster. I retested yesterday.
Adguard is better at cosmetic filtering, and they fix any reported issues much quickly. Most of them within 24 hours while on EasyList I have months old unfixed issues. Some filters written in Adguard syntax are not supported by uBO. Adgaurd can block Facebook sponsored posts on Facebook, but most of the time can't do it in Firefox. I knew the reason behind it, but forgot.
 

piquiteco

Level 14
Verified
Top Poster
Well-known
Oct 16, 2022
624
Adguard is better at cosmetic filtering, and they fix any reported issues much quickly. Most of them within 24 hours while on EasyList I have months old unfixed issues. Some filters written in Adguard syntax are not supported by uBO. Adgaurd can block Facebook sponsored posts on Facebook, but most of the time can't do it in Firefox. I knew the reason behind it, but forgot.
Thanks! for the tip, I had noticed that in Adguard that the updates were more frequent than uBO. Thanks for sharing (y)
 
F

ForgottenSeer 97327

uB0 was the fsstest, but since AdGuard developed CoreLibs, a cross platform filtering engine and a dedicated TSUrlFilter engine for more advanced content filtering, the performance is on par with uBlockOrigin.

When you use only AdGuard filters, AG probably beats uB0 in terms of performance (I could not measure difference any more, but AG used a little bit less, not much, CPU time than uB0).

That said: it was a miracle how a one man operation managed to beat larger development teams for such a long time (ghostery, disconnect, ABP, Brave, Opera, Vivaldi).
 
Last edited by a moderator:

Jan Willy

Level 13
Verified
Top Poster
Well-known
Jul 5, 2019
607
Some filters written in Adguard syntax are not supported by uBO.

AG has developed filterlists especially for uBO. No need to switch to AG extension.

AdGuard Base filter + EasyList

AdGuard Base filter + EasyList (Optimized)

AdGuard Tracking Protection filter

AdGuard Tracking Protection filter (Optimized)

AdGuard Social Media filter

AdGuard Social Media filter (Optimized)

AdGuard Annoyances filter

AdGuard Annoyances filter (Optimized)

AdGuard DNS filter

AdGuard DNS filter (Optimized)

AdGuard URL Tracking filter

AdGuard URL Tracking filter (Optimized)
 
Last edited:

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
That said: it was a miracle how a one man operation managed to beat larger development teams for such a long time (ghostery, disconnect, ABP, Brave, Opera, Vivaldi).
Agree. Gorhill is a genius. Huge respect to him.
AG has developed filterlists especially for uBO. No need to switch to AG extension.
I'm aware of this. I was mainly talking about things like Adguard specific scriptlets which doesn't work in uBO. Adguard can auto click on cookie notices for us which is something Gorhill considers a security risk, so uBO will never have them according to him. Adguard also use things like these for other cosmetic filtering.
An example of cookie notice fix that uBO can't do.
Here's one more made by Yuki for me which clicks on "continue reading" button on MSN articles. It's not possible with uBO.
msn.com#%#AG_onLoad(function(){if(window.location.href.includes("/en-xl/")){var g=new MutationObserver(function(){var b=document.querySelector('button[id^="continue-reading"]');b&&b.click();});g.observe(document,{childList:!0,subtree:!0});setTimeout(function(){g.disconnect()},1E4)}});
 
F

ForgottenSeer 97327

Back to Windows Security only. (y)

After uninstalling AVG Firewall, I uninstalled AVG completely because it completely borked Windows Security. o_O Problems like this are a big "No no" for me.
What happened? No problem here (replaced Avast Free with AVG Free using all shields), because Avast Free will probably be moving to Avast One, I thought it made sense that new AVG Free is moving to Avast old free.

I noticed when you silence Avast, after an update of Avast, the ms Defender icon is missing. Allowing notifications once with a reboot solves the problem.
 
Last edited by a moderator:

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Changed DNS to https://security.cloudflare-dns.com/dns-query . I hadn't used it in a long time. It's much faster for me than Quad9 or NextDNS.
I’d love to be using Cloudflare but that leaves ads and trackers to be blocked locally which in most cases slows down browsing to a degree. So the speed up from the faster DNS is cancelled and you waste battery and cpu time as well. So I’ve settled for NextDNS… why can’t we just have it all ever… 😒
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top