Advice Request What kind of Security Advice is considered pure garbage?

Please provide comments and solutions that are helpful to the author of this topic.

Freud2004

Level 10
Verified
Well-known
Jun 26, 2020
440
A lot of people claim to know best and give inaccurate, or dangerous security advice when it comes to Internet Security for home users.

What is the worse security advice you have received for computer security?

When you have an error or a problem with a security application, the support answer you: Please uninstall and install again...

This answer make me sick.
 
F

ForgottenSeer 89360

When you have an error or a problem with a security application, the support answer you: Please uninstall and install again...

This answer make me sick.
That's Norton support's no.1 advise :D
Bitdefender's advise makes me sick too. Whatever the problem you have they will take logs from your system and they will blame it on other anti-malware solutions remnants. I contacted them recently with suggestion about the profiles function in the product. What I suggested is for the movie profile, it would be great if users can add UWP apps in the players list, e.g apps like Netflix. The agent then went through the same script - he said the lack of UWP apps list is an issue due to other av's remnants. Such a shame for them.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
The problem with average users is that generally, they have little and diverse knowledge about computers. Many of them can think that Google is something they use to connect to the Internet and do not know that in fact, it is a Firefox with Google webpage. Many of them do not know what antivirus is installed, and some do not know what is an antivirus.

I would risk saying that for average users any security advice related to installing or configuring something would be dangerous. If the average user is left alone, then the best thing is configuring average security for him and advise to ignore other "advices". :) (y)

Edit.
I have used "advices" in quotes because the exception will be learning (which assumes more understanding about the consequences of the "advice"). Furthermore, some important security advices are not related to installing/configuring something.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Let's assume that the average home user has got an already configured computer with one of the popular AVs installed (Avast, Bitdefender, Eset, F-Secure, Kaspersky, Microsoft, Norton, Panda, etc.). Advising him/her to install another one because it will be better seems pure garbage:
  1. There is no proven evidence that the protection in the wild will be significantly better for home users.
  2. Why would the average user spend time to install & learn another AV?
  3. Can the average user download/install/configure the new AV?
  4. What should do the user if the new AV will produce issues? Can the user recognize the source of the issue? Can any AV be easily uninstalled?
Edit.
So what the average user can do? It is simple, he/she has to get help from a professional service or from a more advanced user.
 
Last edited:
F

ForgottenSeer 89360

Let's assume that the average home user has got an already configured computer with one of the popular AVs installed (Avast, Bitdefender, Eset, F-Secure, Kaspersky, Microsoft, Norton, Panda, etc.). Advising him/her to install another one because it will be better seems pure garbage:
  1. There is no proven evidence that the protection in the wild will be significantly better for home users.
  2. Why would the average user spend time to install & learn another AV?
  3. Can the average user download/install/configure the new AV?
  4. What should do the user if the new AV will produce issues? Can the user recognize the source of the issue? Can any AV be easily uninstalled?
I'm sorry, I got busy dealing with ESET's unfriendly support and didn't really follow up on this thread since now. I agree with all of the above, AVs are programs integrated deeply into the OS with DDA, filter drivers, network filters, kernel mode operation and so on and so on... Advising users to top-up their protection or even switch from vendor A to vendor B is a risky operation.
 

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
541
I wanna mention 4 rubbish advises:

1. Recommending system hardening, HIPS (&HIPS-like) utilities, or any other sort of programs that wait on user to take a decision.
This is either a security or usability disaster and is guaranteed to bring you calls 3:00 in the morning.
Security is professionals' s job, it's not for users to decide what's good and bad.

2. Recommending users to install too many products at once.
Just one product from a reputable company is enough for a home user, when combined with an ad-blocking extension and VPN. Overdone combos are unlikely to improve anyone's security posture and are likely to bring unworthy performance hit, bugs and weird situations that not everyone can handle.

3. Don't worry about malware, it's a Mac.
MacOS might be more secure than Windows by default due to its limitations, but is far cry from being invincible. Anti-Phishing and anti-malware tools should be ran at all times.

4. Don't worry, you're not famous, nobody will target you.
Whilst home users are really, far less likely to be the target of advanced and sophisticated attacks, measures should still be taken to insure information and identity are as secure, as possible.

OK...that's my answer:

ad.1 Such apps like HIPS/BB/monitors are very important and useful for many users who want/need to know what is "played" in their system and applications. That allows users to manage all installed apps/processes by allowing them only needed actions and lowest as possible privileges. That is one of the most important rule in security.
HIPS are not a disaster...disaster it's only lack of knowledge and involvment of people who have to use security apps but completely don't carre about it. They always think "Security is professionals' s job, it's not for users to decide what's good and bad."
BTW - how big are your expiriances with such apps?;)

ad.2 I'm home user - why should I install only one app despite there is no app among apps from "reputable company" what would satisfied me? Nobody is telling about "paranoia" but user should have some choice to use that technology that is undestandable and usable for them even if there is more than only one. And at the end - reputable company? Look at the AV vendors and perhaps you know that a lot of them have had in history "trust incidents"...which one is consiedered as reputable and which one not?

ad.3 Shortly

ad.4 And similar :)
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
■ Let's install security software
■ Introduce anti-spyware software as a countermeasure against spyware
■ Anti-ransomware software is required for ransomware countermeasures
■ There is a terrifying information exploitation software called keylogger. Use an anti-keylogger

Each sentence is correct. Detailed users understand that protections overlap, but the average user obediently and faithfully implements them one by one.
A sequence of correct phrases is not always understood as a correct sentence.
 

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
Seen on Reddit lately:
"You cannot get infected by simply clicking a link"
"Mac OS is safe, there are no exploits for Mac" --> similar things are said about Linux

My all-time favourite advice (\s): "Don't use Anvirus."
And after asking how they keep safe without it, it is something most people could never implement because it would need expert level knowledge and takes far too much effort. E.g., someone said they only use open-source software and compile it themselves, to make sure it is not malicious.

Blaming people for being "dumb" to divert from bad design or security is very common.
Imagine medical doctors expected the same level of expertise in their fields from their patients as some people in the IT industry are doing. "Just check that MRI scan yourself, buddy!"
 

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
Another gem I found today

worstsecurityadvice.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top