Any security application that is not tied into the OS.. I.E. Internet security suites, On Demand Scanners,ect..
To clarify, I have heard others talk of shady white listings in some applications, not fully trusting some behavior blockers, or HIPS.. I just wanted to hear everyone's opinions on either their favorite security they run, and or something they have run in the past that may have caused them not to trust it any more, and if there are any out there that someone does fully trust..
Edit: This being a Security Advising Forum, i thought why not start a thread that will say it all about the products we do trust and do not trust, and list reasons why..
To clarify, I have heard others talk of shady white listings in some applications, not fully trusting some behavior blockers, or HIPS.. I just wanted to hear everyone's opinions on either their favorite security they run, and or something they have run in the past that may have caused them not to trust it any more, and if there are any out there that someone does fully trust..
Edit: This being a Security Advising Forum, i thought why not start a thread that will say it all about the products we do trust and do not trust, and list reasons why..
Littlebits
Retired Staff
- May 3, 2011
- 3,893
It all depends on several factors.
Trusting third-party security along with ones own knowledge- Yes I trust.
Just depending on third-party security to protect you alone- No I don't trust.
It also depends on the type of application and vendor.
Some vendors products I don't trust at all and others I trust more.
Type of application:
Anti-virus with both heuristics and signatures- Trust more
HIPS- Don't trust because all are full of bugs and cause errors (I rather deal with an infection then to mess with them)
Personal Firewall along with a router firewall- Trust
Sandboxing- I don't use, but they are more trustworthy than HIPS.
Behavior Blockers- I only trust WinPatrol, the rest that I have tried are too buggy and cause some kind of problems.
Browser Security like WOT, McAfee SiteAdvisor, BitDefender TrafficLight- I don't completely trust.
Thanks.
Trusting third-party security along with ones own knowledge- Yes I trust.
Just depending on third-party security to protect you alone- No I don't trust.
It also depends on the type of application and vendor.
Some vendors products I don't trust at all and others I trust more.
Type of application:
Anti-virus with both heuristics and signatures- Trust more
HIPS- Don't trust because all are full of bugs and cause errors (I rather deal with an infection then to mess with them)
Personal Firewall along with a router firewall- Trust
Sandboxing- I don't use, but they are more trustworthy than HIPS.
Behavior Blockers- I only trust WinPatrol, the rest that I have tried are too buggy and cause some kind of problems.
Browser Security like WOT, McAfee SiteAdvisor, BitDefender TrafficLight- I don't completely trust.
Thanks.
The way I see it, if you're using anything to protect your system, that means you inherently trust them. To say otherwise is a bit silly. It's a bit like the people that say they don't trust Micro$oft, yet run their OS.
I trust everything I run on my system. If I don't trust it, it doesn't belong on my system.
However, when it comes to security, nothing is 100%. So I do run multiple security apps, (as most people) but that is not because I don't trust any of them.
I trust everything I run on my system. If I don't trust it, it doesn't belong on my system.
However, when it comes to security, nothing is 100%. So I do run multiple security apps, (as most people) but that is not because I don't trust any of them.
Hungry Man
New Member
- Jul 21, 2011
- 669
I've made it fairly clear in my time on Wilders that I do not like 3rd party security software.
My philosophy is as follows:
1) Security should not require knowledge
2) Security should not require user input
3) Security should be built directly into the kernel
4) If you don't absolutely need a security program than you absolutely need to remove that program.
The rules are more like a standard guideline. They can be bent in extenuating circumstances. For true security though they need to be followed fairly strictly.
My philosophy is as follows:
1) Security should not require knowledge
2) Security should not require user input
3) Security should be built directly into the kernel
4) If you don't absolutely need a security program than you absolutely need to remove that program.
The rules are more like a standard guideline. They can be bent in extenuating circumstances. For true security though they need to be followed fairly strictly.
I tell you for sure what I don't trust. Updates, upgrades for antiviruses, HIPS,
firewalls or other security applications in general. All security applications at
one time or another have released updates/upgrades that destroy systems.
For me, updating/upgrading got to the point that my stress level increased
every time that I had to do one. The extremely low stress level that I enjoy
now when in front of my PC is the main benefit that I got from dropping all
applications like the ones I mentioned. The stress is gone.
The only apps that I trust 100% are SBIE and NoScript.
Bo
firewalls or other security applications in general. All security applications at
one time or another have released updates/upgrades that destroy systems.
For me, updating/upgrading got to the point that my stress level increased
every time that I had to do one. The extremely low stress level that I enjoy
now when in front of my PC is the main benefit that I got from dropping all
applications like the ones I mentioned. The stress is gone.
The only apps that I trust 100% are SBIE and NoScript.
Bo
Hungry Man
New Member
- Jul 21, 2011
- 669
Ironically the "motto" of Sandboxie is "Trust no program." Tzuk himself has warned that throwing a ton of security applications onto your computer only serves to increase the attack surface.
And NoScript's developer at one point forced a whitelist of his own site so that his users would have to view his ads. He even screwed up the Adblock Plus way of blocking ads via NoScript and some hacking went on between the devs.
And NoScript's developer at one point forced a whitelist of his own site so that his users would have to view his ads. He even screwed up the Adblock Plus way of blocking ads via NoScript and some hacking went on between the devs.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Hungry Man said:
Not only NoScript and Adblock Plus but the majority of popular Firefox extension websites open a page that displays rogue ads that can't be blocked when the extension are updated. Uniblue's Scan your computer for errors is the most annoying of the bunch.
Thanks.
Hungry Man
New Member
- Jul 21, 2011
- 669
Hey Littlebits, I only use 3 addons but I never seen anything from UniblueLittlebits said:Not only NoScript and Adblock Plus but the majority of popular Firefox extension websites open a page that displays rogue ads that can't be blocked when the extension are updated. Uniblue's Scan your computer for errors is the most annoying of the bunch.
Thanks.
or anything/ad that can be labelled rogue. NS, ABP and downloadhelper,
the addons that I use are clean, in all aspects, IMO.
Bo
HeffeD said:The way I see it, if you're using anything to protect your system, that means you inherently trust them. To say otherwise is a bit silly. It's a bit like the people that say they don't trust Micro$oft, yet run their OS.
I trust everything I run on my system. If I don't trust it, it doesn't belong on my system.
However, when it comes to security, nothing is 100%. So I do run multiple security apps, (as most people) but that is not because I don't trust any of them.
First I would like to say, there is no disrespect meant towards anyone with the response i am about to make!
The way i see this is, we can keep testing products as they evolve and showing others on here, the percentages of malware blocked, or we can dive deeper into this security advising straight to the heart of the matter. We have to face the fact the internet is not getting any safer now days. I have read articles on software whitelisting shady companies, have even read of malware that has been white listed "in the name of something good" that could potentially be utilized by hackers to gain control of your system. I have also read articles of products being sold pre-infested.. Whose to say the pre-infested machines have not had the infections whitelisted as well, as i have not read of any home/personal buyers that found the infections themselves with the third party programs they use. Me, I have a few trust issues with different type applications, for example, the new smart firewalls.. They make all the decisions for you, unless you sit and constantly monitor all in coming and out going traffic, if the application even allows you to, how do you know for a fact what is being let in and out.. You dont , is the answer.. When ever i bring this subject up, the first response i normally here is, if your not a criminal, why worry, well, i will give you few reasons... You are in a personal conversation with your girlfriend, your uncle wants to borrow your laptop to check his banking, your daughter who is only 12 wants to surf the net... ect.. Security is a must, for everyone's safety, today, people are being taking advantage of in every way on the internet. The combined knowledge of all involved in this forum, could collectively find some answers to resolve these type issues..
Hungry Man
New Member
- Jul 21, 2011
- 669
Plenty of security apps are themselves incredibly insecure. There are loads of exploits and they're very often facing the internet.
Hungry Man said:
Yes. Pretty interesting that a self-touted 'security app' has an author that isn't above using his extension as malware. :s
If I hadn't already stopped using NoScript before this happened, (Very poor extension in my opinion) I definitely would have stopped then. Sure, he has apologized and said that he knows what he did was wrong, but then why did he do it in the first place?
Inexcusable...- Status
Similar threads
