Security setup that requires no user interaction?

[Ace]

I'm just getting my father's new Dell XPS 9550 with Windows 10 set for him. He's not a sophisticated computer user, and will close any alerts that pop up without reading them, by either closing the prompt via the X in the upper right, or whatever seems like it's a no/disallow option. So far I'm thinking of getting him set with Chrome+Adblock Plus+Ghostery, Comodo without HIPS, and WinPatrol/Privacy/AntiRansom. Appropriately configured, how functional would this be as a hands off setup? My father still works, and the worst case scenario I'm looking at preventing is one of his business contacts gets their Email hijacked and broadcasts ransomware, which he then opens.

 

[Soulbound]

VIPRE or Norton Security, adguard or ublock origin (please try not to put ghostery) WinPatrol and Privacy only put if he knows how to use it. You better off configuring WAR.

 

[mal1]

VIPRE or Norton Security, adguard or ublock origin (please try not to put ghostery) WinPatrol and Privacy only put if he knows how to use it. You better off configuring WAR.

Is this the reason why you don't recommend Ghostety REPORT: Web Ad-Blocking Company Sells User Data To Advertisers ? Or there are other reasons?

 

[jamescv7]

For antivirus you may go to Avast Free or Bitdefender (Auto-Pilot on)* as its notification is already configured to show notification without any actions needed.

*Auto Pilot feature of Bitdefender is design to minimize all the alerts and it will automatically add to the log information.

 

[Alkajak]

I would imagine the reason for not recommending Ghostery is because there are tons of better alternatives out there. Selling user data is the nail in the coffin for anyone that continued to support them based on personal preference.

 

[Ace]

I'm behind the times, Ghostery is just what I've used for a long time and haven't looked into newer alternatives. Any recommendations would be great.

 

[Noxx]

As Inkura said, uBlock Origin or ADGUARD will do you justice. MT is basically split down the road between those two.

 

[hjlbx]

Like @jamescv7 said - Bitdefender in Auto Pilot mode. It is the most automated solution available. BD free also works in Auto Pilot mode - but no W10 version.

 

[CMLew]

I can only think of this combo at this moment: EIS + Adguard for Window + NVT ERP.
EIS basically close to no user interaction, except some prompts if you open a suspicious file.
With Adguard you have a pretty good coverage against suspicious site.
NVT ERP is for those who are "happy clickers" and download/open those risky file.

 

[Deleted member 178]

I'm just getting my father's new Dell XPS 9550 set for him. He's not a sophisticated computer user, and will close any alerts that pop up without reading them, by either closing the prompt via the X in the upper right, or whatever seems like it's a no/disallow option. So far I'm thinking of getting him set with Chrome+Adblock Plus+Ghostery, Comodo without HIPS, and WinPatrol/Privacy/AntiRansom. Appropriately configured, how functional would this be as a hands off setup? My father still works, and the worst case scenario I'm looking at preventing is one of his business contacts gets their Email hijacked and broadcasts ransomware, which he then opens.

Which Windows ?

if Win8/10, the best solution is to just use Windows built-in security (Windows Defender + Smartscreen activated + UAC activated ) then maybe Shadow Defender set to enter shadow mode on boot , an anti-exploit like HMPA ot MBAE and a image backup software.

for browsing install Sandboxie free and teach him how to use it.

 

[Ace]

for browsing install Sandboxie free and teach him how to use it.

Unfortunately, I've tried many times in the past to teach my father how to use many different computer related tasks (not all necessarily security related). Realistically, what will happen if I teach him something is that he'll begin ignoring it by the end of the week and go back to closing all prompts. I recognize that this is not ideal, but ultimately once I'm out the door this is what I've seen happen, and no conversation that I've ever had with him, even recent conversations in light of the ever-increasing sophistication of malware, makes me think this is something that will ever change. Even in spite of the fact that he's been hit by debilitating malware multiple times in the past. Frankly, it'll be a big victory if I can convince him to browse on a non-admin account.

He's on Windows 10.

 

[Deleted member 178]

So just set a simple config as i suggested. with SD you don't have to worry about what he clicks , next reboot will cancel everything.

 

[Soulbound]

To those who asked about ghostery: to ensure you do not get your data sent (so to speak), you have to disable some default settings, and even then there is no guarantee its not doing its job behind the scene. There has been reports and documents across the web regarding this but Ghostery sort of "scrubbed" it off so to speak.


Sure ghostery "stops" web beacons etc but it is still overshadowed by Adguard/uBlock Origin and a proper DNS.

 

[Ace]

Thanks to everyone for all the great food for thought so far. Personally I've never used Shadow Defender (or similar products), is using it as simple as opting to commit the session before each computer restart? I could probably persuade my father to use that.

 

[Deleted member 178]

In normal mode, you can just create a folder on the desktop , then once in Shadow Mode , tell your father to put his works & docs in it , then commit ONLY this folder before shut down the machine.

 

[Ace]

Testing Shadow Defender now. I like the concept, but if there isn't a way to get a prompt to commit changes prior to restart/shut down, I can already picture the expletive laden outbursts. Automatic restarts from Windows update and so forth are particularly worrying. The widget labeling the fact that you're in Shadow Mode is pretty obvious, but I can picture even myself missing it sometimes and losing work. Is there a way to create a prompt?

 

[illumination]

It is really hard to protect a user from themselves. No matter what solution you will use, there will always be a chance because of. I would fully recommend backing up that system. It will be your fail safe. So that no matter what happens, you can return it to "all good" again.

 

[hjlbx]

Testing Shadow Defender now. I like the concept, but if there isn't a way to get a prompt to commit changes prior to restart/shut down, I can already picture the expletive laden outbursts. Automatic restarts from Windows update and so forth are particularly worrying. The widget labeling the fact that you're in Shadow Mode is pretty obvious, but I can picture even myself missing it sometimes and losing work. Is there a way to create a prompt?

The only AV solution that will perform all actions without any pop-ups whatsoever is Bitdefender in Auto-Pilot mode. You can tweak the settings for your father.

Otherwise, @Umbra is correct. Shadow Defender or there is Horizon DataSys Drive Vaccine - which operates similarly to Shadow Defender. In the settings you can define things that can be auto - saved.

 

[uninfected1]

For antivirus you may go to Avast Free or Bitdefender

Hi @Ace. Maybe I was just unlucky but I found Avast Free anything but a 'fit and forget' AV. Often stopped updating automatically and clean installing a new version was not possible simply by uninstalling using programs and features but required the use of 2 additional removal tools, one of them unofficial, which invariably caused problems.

Panda Free antivirus in my opinion though is ideal for a basic user. Just gets on with what it's supposed to do reliably and without issues, and uninstalls cleanly using Windows built-in uninstaller. Malwarebytes Anti-Exploit Free is another maintenance free program that's well worth installing. Both of these would be excellent choices for your dad.

I would also strongly advise against Comodo. A nightmare, especially for a basic user, to uninstall/clean install. Even if your dad feels able to do everything that's described in their forum's lengthy guide, chances are there will still be issues. And on a day to day basis, if you want a program that requires no user interraction Comodo is the last option you should be considering.

 

[Sandboxie Help]

Just force your browser(s) (Windows default, or otherwise) to open in a sandbox. That's 99% of the vector any way. You can also force outlook/or Thunderbird email clients, or pretty much anything. All under the authority of SBIE. No worrying about virus updates, etc. Forced programs is a paid feature of SBIE. ((Outlook 2016/Office365 support coming very soon..)