Robbie

Level 27
Verified
Content Creator
I'm pretty sure our friend @Local Host not using security doesn't mean he isn't protected at all. Pretty sure he still has the built in firewall and/or any hardening policy such as disabling WSH or H_C?

I myself am using WD (ConfigureDefender) + VS and 90% of the time I don't even feel the need for WD, but I like to have it because the green and white shield makes me feel secure (snake oil!).

And by the way, let's keep it as polite as we're used to! I know we all mean the best, sometimes we can't express our comments the best way :) If we have explained our pals our opinions and they still don't want to use our recommendations, we've done our job of giving our point! :)
 

Local Host

Level 17
Verified
Security starts at the user, there's no software whasoever that can protect you from all the threats.

Being paranoid is unhealthy (not only for your sanity, but your system), most users here use 3 to 5 security programs for testing purposes or other reasons, doesn't mean every single user on earth needs 3 to 5 security programs to remain safe.

The need for security software comes from your lack of knowledge to remain protected by yourself. By average most users at MT don't need an AV at all, when was the last time any of you got infected? I can't even remember.

On this topic what is missing from each setup, depends entirely on the user behind the keyboard.

I obviously mean no disrespect to anyone, this is still a good topic to educate users with less experience.
 
Last edited:

bribon77

Level 27
Verified
I think it's not more for not using AV or less.
There are people in MT who are highly qualified and use AV.
The important thing is to use Av or not but to know how to use what one has.
Sometimes you can not use an AV because your PC does not have enough resources to use it.:giggle:
 

ebocious

Level 2
Security starts at the user, there's no software whasoever that can protect you from all the threats.
This is the first statement of yours that I agree with. Still, some security is better than none at all. If RoboMan is correct, and you are using H_C, that's a whole lot more than nothing.

Being paranoid is unhealthy (not only for your sanity, but your system), most users here use 3 to 5 security programs for testing purposes or other reasons, doesn't mean every single user on earth needs 3 to 5 security programs to remain safe.
I didn't say they do. But being cocksure is unhealthy as well. And if you are in fact using security software, and telling others not to, that's doing them a severe disservice.

The need for security software comes from your lack of knowledge to remain protected by yourself. By average most users at MT don't need an AV at all, when was the last time any of you got infected? I can't even remember.
This is false. Ask anyone who visited Dolphin Stadium's sites before the super bowl. That was a legitimate site; they did absolutely nothing wrong by visiting. They'll agree with me, not with you. By the way, who said anything about AV?

The last time I got infected was in 2006, when our ISP got hit with SQL Slammer and Stack Bot. After reimaging Windows, I got rid of our McAfee suite and installed ISS BlackICE. Then I started using ACL deny entries to foil privilege escalation exploits, and got rid of BlackICE. Then came fileless malware, and the need arose to prevent process injection while still allowing the programs themselves to launch. So I stepped up to CleanBrowsing DNS, and a browser extension or two (most recently MBBE); with default-deny as a backup.

I obviously mean no disrespect to anyone, this is still a good topic to educate users with less experience.
Agreed. I have no issues with you personally. My issue is with misinformation. With all due respect, there are holes in the information you've given during our exchange, which leads me to suspect that you have more enthusiasm than professional experience. I applaud you for stepping into the arena now, to learn as you go. But I've actually spent time in the trenches, and am here to tell you that what you read about mitigative technologies on paper are not watertight. They are being circumvented, and not just in direct attacks on servers. Home users who believe what you've been saying are getting infected every day by the thousands, including 80-year-old women who do little more than check their email, and occasionally look up a quilt pattern on JOANN or recipe on Betty Crocker.

I'm not saying you need to install a three-pronged security suite. In all likelihood, anyone who uses either CleanBrowsing or Quad9 is unlikely to ever encounter anything that can actually circumvent their browser's sandbox. And anyone who adds MBBE is less likely still. If you add Cruel Comodo to these two, you will be ready for anything out there. And unless you're running a Pentium 4 with 256 MB of RAM, you won't see a performance hit. I can't tell you that my systems have stayed clean because my security apparatus has been zapping huge, black clouds of bugs that swarm around me nonstop. But I will tell you this: the odds that you've been on an infected website and your sandbox protected you, are far greater than the odds that you've encountered nothing in the last decade.

All it takes is one little browser hijacker, and your 10+ years of squeaky-clean browsing are all the way back to zero. An ounce of prevention is worth a pound of cure. I hope you are in fact using H_C. Because one less bot makes the Web just the tiniest bit safer for me.

I think it's not more for not using AV or less.
There are people in MT who are highly qualified and use AV.
The important thing is to use Av or not but to know how to use what one has.
Sometimes you can not use an AV because your PC does not have enough resources to use it.:giggle:
That's totally understandable. I don't use AV either. My security software is much lighter, and much more effective.
My opinion is if you are Malwaretips member for 2 years you are not need antivirus protection . The best protection is MT lessons :ROFLMAO:
Yah, I don't think I said anything about AV, but you're the third person who seems to think I did. I'll have to look back, and see if I did. Because I know it's not in the three configurations I listed earlier, as I don't use AV either.
 
Last edited:

show-Zi

Level 18
Verified
The main pc used is emisi + comodo. Introduces mvps list with emisi web filter.
I think that introducing multiple software for multiple protection may affect frequent updates of Windows 10. For this reason, pcs used in sub only apply to WD.

Not yet after the format that made to my laptop. Is many job for me because my English is very bad and with the translator I need a lot of hours to avoid making mistakes with the settings. :giggle:
Agree. I feel the need for language knowledge as well as security. I will not turn on checking items that I do not understand.:geek:
 

simmerskool

Level 7
currently and for past 18 months CylanceProtect + cf@cs (cruelcomodo) + voodooshield 5.01
(cylance actually caught an executing download the other day! before cf or vs).
and wondering if I'll be using cylance when my license expires due to blackberry takeover?
 

bugjailer

New Member
I mostly am replying because I want pretend to be a part of this useful conversation.

You guys have posted some very useful tools to use.

Anyone here use Qubes OS? Sounds like the level of (reasonable imo) paranoia here would benefit from the solid compartmentalisation that Qubes offers. Also, are there any Linux-equivalents of these tools, such as VoodooShield? I've been curious about blocking additional software from running on Linux and whether this would be possible with the way Linux is.
 

Gandalf_The_Grey

Level 19
Verified
I mostly am replying because I want pretend to be a part of this useful conversation.

You guys have posted some very useful tools to use.

Anyone here use Qubes OS? Sounds like the level of (reasonable imo) paranoia here would benefit from the solid compartmentalisation that Qubes offers. Also, are there any Linux-equivalents of these tools, such as VoodooShield? I've been curious about blocking additional software from running on Linux and whether this would be possible with the way Linux is.
I think Bo Elam over at wilderssecurity.com has his system compartmentalized with Sandboxie (paid).
 

plat1098

Level 7
Verified
What is my security combo lacking? Bloatware, missing features and ads.

Combo of built-in Defender (tweaked for PUP det. and sandbox), gpedit.msc and small third party helpers for balance (OSArmor and Sandboxie). The machine runs great on fully updated 1903, no System errors.
 

bugjailer

New Member
QubesOS ex-user here, what I can say is that due to the nature of this OS, not all machines are suitable for it, Hardware Compatibility List (HCL)

Regards, :)
Grrr Take care AriDfoix. What you say is Heresy!!

QubesOS ex-user here, what I can say is that due to the nature of this OS, not all machines are suitable for it, Hardware Compatibility List (HCL)

Regards, :)
I'm fortunate to have a decent desktop and a crappy laptop. Both meet the Qubes System Requirements.

Are there any issues you found using Qubes other than some computers not meeting the requirements? Why did you replace it if you had a computer that was compatible? And what did you replace it with?

Personally, the only two issues I find is that it isn't as beautiful as other distros and poor graphics processing for appVMs (can't game).

QubesOS ex-user here, what I can say is that due to the nature of this OS, not all machines are suitable for it, Hardware Compatibility List (HCL)

Regards, :)
Oh and the main issue which really sucks right now is I cannot create a Windows VM, like I can on VirtualBox