Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Those Nasty RATS Part 4
Message
<blockquote data-quote="509322" data-source="post: 579545"><p>As long as a user adheres to AppGuard's blocks, then the risk goes way down. AppGuard works in a simple way - what is not allowed is blocked. If the user is constantly lowering AppGuard's protections to "Allow Installs" or "OFF" and executing unknown files, then AppGuard's protections are pointless.</p><p></p><p></p><p></p><p>A user that understands can configure their HIPS policies to mimic AppGuard. For a partial, single example, they would have to add all commonly exploited programs to High Restricted in Kaspersky. The same can be done in SpyShelter, COMODO, ESET, Avast, and others to the extent that their features permit it. However, most users don't understand what to do and so they are better off just using AppGuard. Besides, AppGuard offers protections that AV\IS do not provide. Plus, compared to the bugs, configuration hassles, and other issues in some IS, AppGuard is "Easy as cake" to use.</p><p></p><p></p><p></p><p>Yes, I agree. However, if a user simply relies upon "What is not allowed is blocked," and are a disciplined user that does not execute unknown files on their system, then there is no need to add 15 layers of protection. For example, the BRN VP of Engineering placed AppGuard on her father's system with Windows Defender and Windows Firewall. A few years later she checked on that system and it had not been infected. He did download and execute files like videos, movies, documents, but he never modified the base install of the system.</p><p></p><p>If one is paranoid - and that is what it really amounts to, ultra-paranoia - then one can combo security softs. And I'm not talking about using second-opinion scanners. Their use makes sense to a point. Ultra-paranoia is like a disease on the security forums - where you can find ridiculous security configurations with 6, 7, 8, 9, or more security or related softs installed. Based upon typical use, such configurations are absolute ludicrous overkill. There is irrational thinking amongst ultra-paranoid users that every single file on the system needs to be under continuous monitoring. That somehow a hidden file infector will takeover all Window processes and turn them into zombies and steal everything from them. That every single program installed on the system is about to be exploited. That the risk of infection is a big number. Well... that just isn't anything near reality nor a sane approach to security.</p><p></p><p>You have to consider the protection level to system impact ratio for a security soft. Ones with high ratios - like AppGuard and others - give the biggest "bang for the buck." You also have to consider bugs. I simply stay away from security softs with problematic bugs. Just about every single IS or related security soft that I have inspected has serious bugs that affect usability and\or security. It's a huge problem.</p></blockquote><p></p>
[QUOTE="509322, post: 579545"] As long as a user adheres to AppGuard's blocks, then the risk goes way down. AppGuard works in a simple way - what is not allowed is blocked. If the user is constantly lowering AppGuard's protections to "Allow Installs" or "OFF" and executing unknown files, then AppGuard's protections are pointless. A user that understands can configure their HIPS policies to mimic AppGuard. For a partial, single example, they would have to add all commonly exploited programs to High Restricted in Kaspersky. The same can be done in SpyShelter, COMODO, ESET, Avast, and others to the extent that their features permit it. However, most users don't understand what to do and so they are better off just using AppGuard. Besides, AppGuard offers protections that AV\IS do not provide. Plus, compared to the bugs, configuration hassles, and other issues in some IS, AppGuard is "Easy as cake" to use. Yes, I agree. However, if a user simply relies upon "What is not allowed is blocked," and are a disciplined user that does not execute unknown files on their system, then there is no need to add 15 layers of protection. For example, the BRN VP of Engineering placed AppGuard on her father's system with Windows Defender and Windows Firewall. A few years later she checked on that system and it had not been infected. He did download and execute files like videos, movies, documents, but he never modified the base install of the system. If one is paranoid - and that is what it really amounts to, ultra-paranoia - then one can combo security softs. And I'm not talking about using second-opinion scanners. Their use makes sense to a point. Ultra-paranoia is like a disease on the security forums - where you can find ridiculous security configurations with 6, 7, 8, 9, or more security or related softs installed. Based upon typical use, such configurations are absolute ludicrous overkill. There is irrational thinking amongst ultra-paranoid users that every single file on the system needs to be under continuous monitoring. That somehow a hidden file infector will takeover all Window processes and turn them into zombies and steal everything from them. That every single program installed on the system is about to be exploited. That the risk of infection is a big number. Well... that just isn't anything near reality nor a sane approach to security. You have to consider the protection level to system impact ratio for a security soft. Ones with high ratios - like AppGuard and others - give the biggest "bang for the buck." You also have to consider bugs. I simply stay away from security softs with problematic bugs. Just about every single IS or related security soft that I have inspected has serious bugs that affect usability and\or security. It's a huge problem. [/QUOTE]
Insert quotes…
Verification
Post reply
Top