Advice Request What kind of Security Advice is considered pure garbage?

Please provide comments and solutions that are helpful to the author of this topic.

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487
"Don't use antivirus, it's useless. Antivirus companies make the virus themselves. The best antivirus is common sense."

Who would win? Common sense vs ransomware spreading through a loacl network? Make your bets.
 

EndangeredPootis

Level 10
Verified
Well-known
Sep 8, 2019
461
Disabling automatic updates, to add to it, even though windows have given them plenty of time to update, when it does eventually update and force restart the users computer they then complain about how it ruined what they were working on, like cmon it had given you plenty of warnings and time.
 
F

ForgottenSeer 89360

"Don't use antivirus, it's useless. Antivirus companies make the virus themselves. The best antivirus is common sense."

Who would win? Common sense vs ransomware spreading through a loacl network? Make your bets.
100% agree.
Common sense won't help you much when a vicious js is running in your browser.
I wanna mention 4 rubbish advises:

1. Recommending system hardening, HIPS (&HIPS-like) utilities, or any other sort of programs that wait on user to take a decision.
This is either a security or usability disaster and is guaranteed to bring you calls 3:00 in the morning.
Security is professionals' s job, it's not for users to decide what's good and bad.

2. Recommending users to install too many products at once.
Just one product from a reputable company is enough for a home user, when combined with an ad-blocking extension and VPN. Overdone combos are unlikely to improve anyone's security posture and are likely to bring unworthy performance hit, bugs and weird situations that not everyone can handle.

3. Don't worry about malware, it's a Mac.
MacOS might be more secure than Windows by default due to its limitations, but is far cry from being invincible. Anti-Phishing and anti-malware tools should be ran at all times.

4. Don't worry, you're not famous, nobody will target you.
Whilst home users are really, far less likely to be the target of advanced and sophisticated attacks, measures should still be taken to insure information and identity are as secure, as possible.
 
Last edited by a moderator:

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
100% agree.
Common sense won't help you much when a vicious js is running in your browser.
I wanna mention 4 rubbish advises:

1. Recommending system hardening, HIPS (&HIPS-like) utilities, or any other sort of programs that wait on user to take a decision.
This is either a security or usability disaster and is guaranteed to bring you calls 3:00 in the morning.
Security is professionals' s job, it's not for users to decide what's good and bad.

2. Recommending users to install too many products at once.
Just one product from a reputable company is enough for a home user, when combined with an ad-blocking extension and VPN. Overdone combos are unlikely to improve anyone's security posture and are likely to bring unworthy performance hit, bugs and weird situations that not everyone can handle.

3. Don't worry about malware, it's a Mac.
MacOS might be more secure than Windows by default due to its limitations, but is far cry from being invincible. Anti-Phishing and anti-malware tools should be ran at all times.

4. Don't worry, you're not famous, nobody will target you.
Whilst home users are really, far less likely to be the target of advanced and sophisticated attacks, measures should still be taken to insure information and identity are as secure, as possible.
I completely agree on the system hardening. Why harden the system when it only breaks stuff and still leaves the system vulnerable? Reminds me of Trump’s half ass border wall. Not that we needed the wall in the first place.

And HIPS, yeah, prompt bombardment is never a good thing.

Having said that…Traditional and next-gen AV should make the auto-decision while deny-by-default should stop the user from accidently doing something stupid (and to act as an additional layer just in case the AV fails).
 
F

ForgottenSeer 89360

I completely agree on the system hardening. Why harden the system when it only breaks stuff and still leaves the system vulnerable? Reminds me of Trump’s half ass border wall. Not that we needed the wall in the first place.

And HIPS, yeah, prompt bombardment is never a good thing.

Having said that…Traditional and next-gen AV should make the auto-decision while deny-by-default should stop the user from accidently doing something stupid (and to act as an additional layer just in case the AV fails).
I believe it's called Poka Yoke 🙄😅😎
Also, frequent prompts lead to "security hatred" where the user just don't care anymore what they are pressing, they just want these prompts to go away.
 
Last edited by a moderator:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
A lot of people claim to know best and give inaccurate, or dangerous security advice when it comes to Internet Security for home users.

What is the worse security advice you have received for computer security?
Stay on Windows XP, or now it's Windows 7. And never update your software.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,604
...
I wanna mention 4 rubbish advises:

1. Recommending system hardening, HIPS (&HIPS-like) utilities, or any other sort of programs that wait on user to take a decision.
This is either a security or usability disaster and is guaranteed to bring you calls 3:00 in the morning.
Security is professionals' s job, it's not for users to decide what's good and bad.
...
It is probably true for recommendations when we do not know much about users' skills, preferences, and habits. It is mostly true for average users who cannot get help from an experienced user. But otherwise, it is not generally true and can highly depend on the Hardening/HIPS/Program configuration. Many MT members seem to be happy with programs that use YES/NO alerts. But it is also true that many of them try to kill the system with such programs.:)
An example of a useful feature based on user decision can be Windows SmartScreen.

Post edited.
 
Last edited:
F

ForgottenSeer 89360

It is probably true for recommendations when we do not know much about users' skills, preferences, and habits. It is mostly true for average users who cannot get help from an experienced user. But otherwise, it is not generally true and can highly depend on the Hardening/HIPS/Program configuration. Many MT members seem to be happy with programs that use YES/NO alerts.
An example of a useful feature based on user decision can be Windows SmartScreen.
Oh I am not talking about MT users, as we are knowledgeable and I don't believe someone would waste time on advising us.
I am talking about the average Joe who thinks trojan horse is one specific virus and not a whole group.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top