"Overkill": excessive protection and the false sense of security

[mlnevese]

Going back to some opinions expressed in this thread, I don't think that just copying strong protection configurations is enough as the person is not learning anything from copying and will eventually manage to infect themselves by happily clicking yes to everything.

Education is at least as important as having good protection but the fact is most people either do not have time to educate themselves or they are not interested about learning "computer stuff"

That's why I believe for the average user protection should be as automated as possible. Anything that depends on user decision will eventually lead to infection.

It should also not break anything that requires technical knowledge to fix under the risk of the user uninstalling all the protection that "broke" their computer.

 

[ForgottenSeer 58943]

You know earlier this decade there were tinfoil hat people who said that the NSA was collecting massive amounts of data, that Bitlocker was broken, that Intel's CPUs were leaking cryptographic keys, that WPA2 was a broken standard, that Kaspersky phones back to the Russian government, that Facebook is selling your private messages to advertisers. :notworthy: It's a great decade for conspiracy theorists and tinfoil hats. All of their suspicions turned out to be true and it raises the question, if those suspicions are true, then what about the others that are still left floating around?

Yesterdays conspiracies turned out to be today's reality. Quite the irony, don't you think? Everything I talked about over the decades has largely been proven true by this point, unfortunately.

So what's next? For what it's worth, you should be doing things like filtering high frequency coming into your devices. So yes DeepWeb, pay closer attention to hardware, and less attention to software if you want to be a wise one.

 

[conceptualclarity]

3- using an AV without a good bug bounty is dangerous. better to use Apps that have good bug bounty(Windows Defender, Avast, 360, Kaspersky and Symantec are good examples)

"Bug bounty" means...?

 

[Handsome Recluse]

Anybody end up looking sideways at their configs after this? I raise my hand in confession.

Show your overkill config to assert dominance.

 

[Sunshine-boy]

"Bug bounty" means...?

Microsoft Bounty Programs | MSRC

 

[Ink]

Misunderstanding any advice is lethal.

 

[Windows_Security]

@RoboMan

If I could offer you one important tip for the future (LINK) : then always backup your data would be it.

Add an image backup to the plan and you can proudly say (LINK) after any malware attack.

Add those to your post and I will proclaim a loud HEAR HEAR !

 

[RoboMan]

@RoboMan

If I could offer you one important tip for the future (LINK) : then always backup your data would be it.

Add an image backup to the plan and you can proudly say (LINK) after any malware attack.

Add those to your post and I will proclaim a loud HEAR HEAR !

Added your great tips! It's great we all agree in overkilling is negative!

 

[Burrito]

Yeah, an all-around good thread -- especially for those who are new.

Like somebody else in this thread admitted... I tend toward too much and sometimes redundant security. A security app hoarder if you will. I see new shiny things... and I want to try them out, but I don't want to give up things I already have and like. So, of course, that can lead to redundancy vs. logically applied security.

I'm now attending a ten-step self-help group for security app hoarders and stackers.

 

[RoboMan]

What many people tend to forget is that when they have a suspicious file that prompts for administrator privileges, we tend not to allow it in case it's malware. But when it's a security app, we always grant them administrator rights because that's how it works.

Now imagine a piece of malware that has the ability to inject a security app's process and use it for cybercriminal activities. How many legit software with huge administrator rights do you have installed right now that could potentially help the hacker to develop his attack?

 

[mlnevese]

Yeah, an all-around good thread -- especially for those who are new.

Like somebody else in this thread admitted... I tend toward too much and sometimes redundant security. A security app hoarder if you will. I see new shiny things... and I want to try them out, but I don't want to give up things I already have and like. So, of course, that can lead to redundancy vs. logically applied security.

I'm now attending a ten-step self-help group for security app hoarders and stackers.

First step. Plan a good security combination using only software you already own.

Second step. Uninstall every security software that is not part of your security plan.

Third step. This is a very important one. Try not to have an anxiety attack while uninstalling

Fourth step. Do not install any new security software for an year. It's part of the detox program. Even if the Next Big Thing is announced in forums all over the internet.

 

[Deleted member 178]

The maximum number of security apps you need is 3 (because there is 3 main attack vectors) for single purpose apps and only 1 for suites.

- Browsers = sandbox or AV (with webfilter) .
- Binaries (exe, etc...) = SRP or Anti-exe or HIPS or AV
- Exploits = anti-exploits

On Win10, you have already an AV and an anti-exploit, so unless you are picky you just need a binary monitor.

When it comes to suites, find one that covers all 3 vectors.

I don't count apps that just automatize manual tweaks like SysHardener or ConfigDefender, they don't have permanent processes.

 

[Handsome Recluse]

anti-exploit

That anti-exploit is hard to configure.One-by-one too many buttons to click.

 

[Deleted member 178]

That anti-exploit is hard to configure.One-by-one too many buttons to click.

Sure, reason i use HMPA for now, MS suxx to make convenient GUI.
Anyway, i will have to practice more with MS Exploit Guard,i don't have unlimited HMPA licenses. Lol.

 

[Handsome Recluse]

Sure, reason i use HMPA for now, MS suxx to make convenient GUI.
Anyway, i will have to practice more with MS Exploit Guard,i don't have unlimited HMPA licenses. Lol.

Dedoimedo has an article on 10's exploit protection so if you've configured for one app, you can export settings, copy paste for other apps and import using Powershell.

 

[Handsome Recluse]

MS suxx to make convenient GUI.

The legacy EMET had better UI

 

[Deleted member 178]

Dedoimedo has an article on 10's exploit protection so if you've configured for one app, you can export settings, copy paste for other apps and import using Powershell.

I prefer do one by one. You learn via trial & error.

 

[Handsome Recluse]

I prefer do one by one. You learn via trial & error.

But would you learn from too much trial and error?

 

[Deleted member 178]

But would you learn from too much trial and error?

Yes, more you fail, more you learn why, less chances you do the same mistake again.
Obviously it works only if you are not an idiot lol

 

[Overkill]

View attachment 204913

LOL I am snatching this image!
Seriously...
I have had the same security for the past 2 years at least and I can do what I want to, go where I want on the web, and even test my web filtering with malc0de links and I never have come anywhere close to an infection with the setup below and my laptop runs great with no slowdowns.

Windows Firewall Control, Zemana Anti Malware, NVT EXE Radar Pro, NVT OSArmor, KeyScrambler, Sandboxie, Unchecky and Shadow Defender On-Demand along with Chrome with Javascript disabled, Flash disabled, and Avira Browser safety + uBlock Origin + KB SSL Enforcer
I also have a custom hosts file which is always up to date, and OpenDNS + DNSCrypt
Some settings are attached