This thing probably shoots half a dozen security prompts at the user just to run the calculator...Spot on @RoboMan, very nice insights.
In all those years visiting security forums I have seen some so bad setups that makes me wonder if they actually use their computer for something besides testing security solutions.
View attachment 204906View attachment 204907
This is simple insane and beyond stupid ...
Amazing post @RoboMan and spot on More is not always better. I agree, it's a simple fact that the amount of fear and paranoia that is present on security forums is insane and needs to stop IMO. Aside from playing around with programs we need to educate proper computing habits. It's always forgotten and is just as important, if not more important than secuitry programs. I remember reading an article that was posted here awhile back asking actual security experts what they would recommend to be secure. Guess what, not a single person questioned recommended adding a bunch of security programs. All they preached was good basic security 101.View attachment 204892
How many times have you seen it? Or suffered it? It's the overkill disease and these are the most common forms in which they can be found:
Well I got news for you overkill believers! It doesn't work. It just doesn't.
- What else can I add to my setup? I currently have Kaspersky Total Security + VoodooShield Pro + OSArmor + Comodo Firewall (cruelsister settings!)
- What's a good antispyware to add to BitDefender Internet Security + MalwareBytes?
- Which anti phishing extension can I add to Chrome? Already have MalwareBytes Browser Extension, Webroot Security and Norton Extension.
We've been raised with a false sense of security, which is: the more, the better. WRONG.
We even affirm sometimes: if you're a novice user, then yes you need to install lots of programs. WRONG.
We shall be clear on this subject, since it's really a delicate matter: doesn't matter who you are or what you do, overkill is bad for your system.
There's no gain on triple antivirus, triple signatures, penta real time analysis software or fourty four anti-executables. Overkill murders the fun of an optimized system. Plus it doesn't protect you more.
We tend to believe, more security means less infection. Although this may be true, it shall be explained. When we say more security is better, reading between the lines is needed. More security means covering all weak points on a system: files execution, removable medias infections, browser attacks, exploits, information stealing, etc. You need to be sure all possible attacks against your system are covered. Good news, many programs on the market do this with one single product, called "SUITES", and generally under the names of Internet Security, Total Security. Suites like, for example, Kaspersky Total Security offer a great variety of modules, such as virtual keyboard for transactions, disk encryption, real time protection, parental control, signatures, anti-executable (variation from), and lots of extra modules. In most of the cases, novices (specially) and even experts, a well configured suite is all you need. Go add VoodooShield and OSArmor to Kaspersky Total Security. You'll find a super charged system, with two programs that literally do nothing, since their job is already done by the aforementioned suite.
When you wonder: I want the best protection for my needs, think not in "how many software should I have", but rather "which software can offer me all I need". Sometimes you will need to combine, that's true. But there's an unnecessary action on combining software with the same functions.
"Two antivirus is better since, if one misses something, the other one will catch it." - this type of thought will get you infected. You 100% rely on human-coded software. You're done.
Plus, as well, and the most important disadvantage on overkill: your system performance drop to the ground, for no real extra security.
"I prefer security over performance:" - you prefer a false sense of security, with an extra dose of unnecessary SSD writes.
When searching for your perfect security setup, stop thinking on how much you need to spend or how many softwares will you combine. Start thinking on your weak points. The easiest malware entrances.
Browser: isolate your browser. Use an ad-blocker. Phishing and malware protection when you surf. Block scripts and Java/Flash. Use a browser container like Sandboxie.
Removable media and autoruns: disable autoruns from all media.
Scripts and macros: disable Windows Script Host. Disable unneeded interpreters. Use an anti-executable.
Files and general downloads: use basic signatures, or maybe it's already cover by your browser isolation!
See what we have done there? That's a minimum system impact and most weak points are covered.
We navigate through an insecure/hacked site? The browser is isolated, we're covered. We download an unsafe file? Covered by our security browser extension. We recieved a suspicious mail file? WSH is disabled. Oh, we even have an anti-executable that detected a file execution on AppData. We're safe. No need for a mountain of RAM eaters.
Do not miss the point. Don't kill your SSD and performance for a false sense of security. All barriers can be penetrated when you don't care about learning online security. Read. Learn. Teach. Basic three rules for a safe enviroment. There's always a last alternative if you don't want to learn. Use Umbra Total Security and just forget about any malware issue on your PC and all the PC 50KM around (even if they don't have it installed since it cleans systems over-the-air).
Comment and discuss!
Very good point! The more you have the higher chance of exposing your system to vulnerabilities, thus the more programs you have to maintain and keep up to date.And the most important fact about overkilling your system, the first thing I learnt here when I joined: "The more programs you have, the biggest attack surface"!
I feel the same. I think we've all been there at some point, it's only natural, but I too have setup my system to be as simple as it can be and decided to learn, rather than focus on programs all the time. Guess what I'm secure, I don't stress over it and if something were to happen, I have all my personal data backed up, reinstall Windows and I'm up and running again enjoying my system.I agree with Umbra and RoboMan. In hindsight we spent too much time worrying about our security and not enough just enjoying using our devices. But I have personally reached the point where I ran out of things to tweak and I can just focus on using my computer.
Its a big problem. I don't have any inside knowledge, but my feeling is that these issues are due to multiple factors.We need to do something about company security practices because year 2018 is just a new beginning. Equifax hacked puts 145 millions consumers into identity theft and this famous hotel puts 500 millions consumer info into identity theft as well.
Good points.Its a big problem. I don't have any inside knowledge, but my feeling is that these issues are due to multiple factors.
Some of it is laziness on the IT department side. Not configuring security programs and so forth properly.
I would say the biggest issue has to do with money. IT departments are always the first to be cut because the bean counters think they really aren't needed. Companies refuse to listen to their IT department when it comes to upgrades and implementing proper security measures, again bean counters think these things are pointless. Also companies refuse to upgrade citing budget reasons, hence you get issues like the NHS running xp and being hit hard by Wanacry.
IMO in the digital era, these companies need to get with the times and start taking secuitry seriously. They need to properly invest in it and do their absolute best to keep their systems secure. Even if it means a CEO doesn't get a pay raise on their already 7-8 figure salary.
I agree and disagree. MT ratings are made this way so that inexperienced users might go ahead and copy secure configs and be reasonably secure.
I see your points. So we can agree that configuration tags need to be re-considered, with the average user as the 1st targeted audience?I agree and disagree. MT ratings are made this way so that inexperienced users might go ahead and copy secure configs and be reasonably secure.
However, it should be noted that some 'secure: complete' configs are not good at all for regular users. Overkill most of the times (which mean a lot less convenient), or simply too advanced (regular users won't be able to understand why executables are blocked by default, or why a firewall is blocking the connections to their newly installed browser, etc).
I suggest that overkill configs are tagged with caution, and that 'complete' and 'basic' restrictions are removed.
Let's make the community safe instead of making them paranoid like us
I did in the past, my tag's criterias were considered too strict...if i was still mod of the config section, many many would be tagged as "risky". (I dont blame @harlan4096, it does a good job)I see your points. So we can agree that configuration tags need to be re-considered, with the average user as the 1st targeted audience?
Some advanced technology he is.I neglected to do so earlier... but I compliment @RoboMan for his perfectly written and designed original post.
Many here where English is a second or third language won't pick up on it... but the grammar, punctuation, word choice, design (sections, paragraphs, bullets, images, underlining, lines, layout...), everything... --- it's all professional caliber.
It would not surprise me to learn that Robo was an English or journalism major and/or works in a field where writing skills are important.