"Overkill": excessive protection and the false sense of security

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,760
Going back to some opinions expressed in this thread, I don't think that just copying strong protection configurations is enough as the person is not learning anything from copying and will eventually manage to infect themselves by happily clicking yes to everything.

Education is at least as important as having good protection but the fact is most people either do not have time to educate themselves or they are not interested about learning "computer stuff"

That's why I believe for the average user protection should be as automated as possible. Anything that depends on user decision will eventually lead to infection.

It should also not break anything that requires technical knowledge to fix under the risk of the user uninstalling all the protection that "broke" their computer.
 
Last edited:
F

ForgottenSeer 58943

You know earlier this decade there were tinfoil hat people who said that the NSA was collecting massive amounts of data, that Bitlocker was broken, that Intel's CPUs were leaking cryptographic keys, that WPA2 was a broken standard, that Kaspersky phones back to the Russian government, that Facebook is selling your private messages to advertisers. :alien::notworthy::alien: It's a great decade for conspiracy theorists and tinfoil hats. All of their suspicions turned out to be true and it raises the question, if those suspicions are true, then what about the others that are still left floating around?

Yesterdays conspiracies turned out to be today's reality. Quite the irony, don't you think? Everything I talked about over the decades has largely been proven true by this point, unfortunately.

So what's next? For what it's worth, you should be doing things like filtering high frequency coming into your devices. So yes DeepWeb, pay closer attention to hardware, and less attention to software if you want to be a wise one.
 

RoboMan

Level 35
Thread author
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487
@RoboMan

If I could offer you one important tip for the future (LINK) : then always backup your data would be it.

Add an image backup to the plan and you can proudly say (LINK) after any malware attack.

Add those to your post and I will proclaim a loud HEAR HEAR !
Added your great tips! :) It's great we all agree in overkilling is negative!
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Yeah, an all-around good thread -- especially for those who are new.

Like somebody else in this thread admitted... I tend toward too much and sometimes redundant security. A security app hoarder if you will. I see new shiny things... and I want to try them out, but I don't want to give up things I already have and like. So, of course, that can lead to redundancy vs. logically applied security.

I'm now attending a ten-step self-help group for security app hoarders and stackers.
 

RoboMan

Level 35
Thread author
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487
What many people tend to forget is that when they have a suspicious file that prompts for administrator privileges, we tend not to allow it in case it's malware. But when it's a security app, we always grant them administrator rights because that's how it works.

Now imagine a piece of malware that has the ability to inject a security app's process and use it for cybercriminal activities. How many legit software with huge administrator rights do you have installed right now that could potentially help the hacker to develop his attack?
 

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,760
Yeah, an all-around good thread -- especially for those who are new.

Like somebody else in this thread admitted... I tend toward too much and sometimes redundant security. A security app hoarder if you will. I see new shiny things... and I want to try them out, but I don't want to give up things I already have and like. So, of course, that can lead to redundancy vs. logically applied security.

I'm now attending a ten-step self-help group for security app hoarders and stackers.


First step. Plan a good security combination using only software you already own.

Second step. Uninstall every security software that is not part of your security plan.

Third step. This is a very important one. Try not to have an anxiety attack while uninstalling :)

Fourth step. Do not install any new security software for an year. It's part of the detox program. Even if the Next Big Thing is announced in forums all over the internet.
 
D

Deleted member 178

The maximum number of security apps you need is 3 (because there is 3 main attack vectors) for single purpose apps and only 1 for suites.

- Browsers = sandbox or AV (with webfilter) .
- Binaries (exe, etc...) = SRP or Anti-exe or HIPS or AV
- Exploits = anti-exploits

On Win10, you have already an AV and an anti-exploit, so unless you are picky you just need a binary monitor.

When it comes to suites, find one that covers all 3 vectors.

I don't count apps that just automatize manual tweaks like SysHardener or ConfigDefender, they don't have permanent processes.
 
Last edited by a moderator:

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
Sure, reason i use HMPA for now, MS suxx to make convenient GUI.
Anyway, i will have to practice more with MS Exploit Guard,i don't have unlimited HMPA licenses. Lol.
Dedoimedo has an article on 10's exploit protection so if you've configured for one app, you can export settings, copy paste for other apps and import using Powershell.
 
  • Like
Reactions: RoboMan and Burrito

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128

LOL I am snatching this image!
Seriously...
I have had the same security for the past 2 years at least and I can do what I want to, go where I want on the web, and even test my web filtering with malc0de links and I never have come anywhere close to an infection with the setup below and my laptop runs great with no slowdowns.

Windows Firewall Control, Zemana Anti Malware, NVT EXE Radar Pro, NVT OSArmor, KeyScrambler, Sandboxie, Unchecky and Shadow Defender On-Demand along with Chrome with Javascript disabled, Flash disabled, and Avira Browser safety + uBlock Origin + KB SSL Enforcer
I also have a custom hosts file which is always up to date, and OpenDNS + DNSCrypt
Some settings are attached
 

Attachments

  • 2019-01-05_123058.png
    2019-01-05_123058.png
    4.6 KB · Views: 267
  • 2019-01-05_123421.png
    2019-01-05_123421.png
    9 KB · Views: 296
  • 2019-01-05_123629.png
    2019-01-05_123629.png
    3.1 KB · Views: 303
  • 2019-01-05_123723.png
    2019-01-05_123723.png
    25.9 KB · Views: 301
  • 2019-01-05_123750.png
    2019-01-05_123750.png
    18.6 KB · Views: 279
  • 2019-01-05_124726.png
    2019-01-05_124726.png
    822 bytes · Views: 280
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top