Advice Request What other software to go along with KIS 2020?

[HarborFront]

@Terry Ganzi

Yes. I'm awre of the list at Kaspersky website. Most are AVs and firewalls

So my conclusion of the below software is that they are not worth paying for since I have KIS with a hardened FF browser

HitmanPro Alert
Malwarebytes
MBAE
BlackFog Privacy
Adguard

 

[Zero Knowledge]

I reiterate. If you hvae 2 or 3 addons that can handle most of what I posted I'll be glad to use them

uBlock Origin
CanvasBlocker
Cookie Auto Delete
Clear Url's

 

[HarborFront]

uBlock Origin
CanvasBlocker
Cookie Auto Delete
Clear Url's

Can they prevent

- browser fingerprinting e.g. mouse wheel/speed etc Also, cross-browser fingerprinting for hardware e.g. screen resolution/GPU/CPU/RAM/audio context, ultrasound cross-device tracking (uXDT) XXX
- social widgets
- microphone hijack
- unwanted cookies [e.g. cookieless cookie (aka Etags, supercookies, evercookies, zombie cookie), super HSTS cookies, HTTPS cookie etc]
- clickbait links
- clickjacking
- browser hijackers
- browser lockers
- PUPs, toolbars
- CSS (Cascading Style Sheets)
- CDNs (Content Delivery Networks)
- redirects
- clear history on exit
- spoofing/randomizing user agent/ timezone
- ultrasonic tracking
- browser-based rootkits and browser-based botnets XXX
- DNS rebinding attacks
- JavaScript-based side-channel attacks against leaks from CPU/RAM XXX
- unwanted fonts

Based on count your 4 addons account for 13/32 items that can be cleared off the list I posted. FF accounts for some as well eg WebGL. And for fingerprints there are more of what CanvasBlocker can prevent like those from Trace and ScriptSafe

Some of the above (with XXX) I still have not found way(s) to prevent with FF. The others require additional extensions which may not justify using them and other compatibility issues

 

[Zero Knowledge]

You are asking too much for a system with windows installed that is connected to the internet, is your system holding top secret documents?

You are more likely to get hit by a bus than a "JavaScript-based side-channel attacks against leaks from CPU/RAM ". Those exploits are only used very very rarely by nation states against foreign government systems. There are easier ways to exploit systems that's why those attacks are theoretical and not really practical. Why hack a cpu or flip some bits in ram when you can hack the router and control where the packets go. Personally I wouldn't worry about the more exotic attacks and if you need to worry about those attacks I would probably stop using electronics all together and go live in a mud hut in the middle of Africa.

 

[HarborFront]

You are asking too much for a system with windows installed that is connected to the internet, is your system holding top secret documents?

You are more likely to get hit by a bus than a "JavaScript-based side-channel attacks against leaks from CPU/RAM ". Those exploits are only used very very rarely by nation states against foreign government systems. There are easier ways to exploit systems that's why those attacks are theoretical and not really practical. Why hack a cpu or flip some bits in ram when you can hack the router and control where the packets go. Personally I wouldn't worry about the more exotic attacks and if you need to worry about those attacks I would probably stop using electronics all together and go live in a mud hut in the middle of Africa.

Well you have your needs and I have mine

 

[Gangelo]

I really mean no offence here but I also think you are overthinking it.
Trying to protect yourself from all possible attack vendors with that many security solutions without breaking your system is a lost cause.
If you believe that you need to be protected to that extend perhaps you should consider a non-Windows OS, preferably Linux.

Having said that, I would only use KIS, Adguard Premium (or Ublock origin addon), perhaps SysHardener, a Password Manager and a VPN.

 

[Andy Ful]

Well you have your needs and I have mine

I know that is hard to go back from the way of installing many web browser extensions. But, if you think that Firefox requires so many extensions, then maybe it is time to change it to something like Brave? You have to also decide what is more important for you: convenience, security or privacy. Installing many extensions decreases your security, for sure.

For now, you act like a man who decided to travel from the Far East to South Africa by car, because he does not like planes. Then he has to take a lot of vaccines to avoid all tropical diseases. This can have some unexpected consequences. The better plan would be flying by plane anyway, and take only some essential vaccines.

Edit.
Did you compare the chances of hacking your Internet provider to the chances of using your privacy traces?

 

[HarborFront]

I know that is hard to go back from the way of installing many web browser extensions. But, if you think that Firefox requires so many extensions, then maybe it is time to change it to something like Brave? You have to also decide what is more important for you: convenience, security or privacy. Installing many extensions decreases your security, for sure.

For now, you act like a man who decided to travel from the Far East to South Africa by car, because he does not like planes. Then he has to take a lot of vaccines to avoid all tropical diseases. This can have some unexpected consequences. The better plan would be flying by plane anyway, and take only some essential vaccines.

The topic of discussion has deviated a bit to hardening of the browser. I don't mind since I started the thread.

Hardening FF includes setting the flags for security and privacy and the use of extensions. Of course the most paranoid approach is to use the user.js file

FI, I disabled FF's Enhanced Protection feature and uses extensions to cover them which I believe gives better privacy and protection.. Brave's privacy is great provided one uses its default settings. The question is how many users will do that and without adding extensions? If I'll to use Brave (which I might try in my VM later) I'll still disable its default protections and use extensions to cover them, if possible.

 

[Andy Ful]

...
FI, I disabled FF's Enhanced Protection feature and uses extensions to cover them which I believe gives better privacy and protection.
...

... which is only belief. Who convinced you that it is a true fact?

 

[HarborFront]

... which is only belief. Who convinced you that it is a true fact?

I'm not a malware tester so can't verify whether FF's Enhanced Protection is stronger or using extensions with filters say in the testing of malware/scam/phishing/ransomware/crypto/fingerprint etc. If you are really interested you can make a request and I believe some people will carry out the comparison test.

As for privacy disabling a FF feature with its associated flags means less chance of FF sending its telemetry info back which I like too

This is my system and my set up and so far it pose no serious issues whatsoever.

 

[Ink]

@HarborFront You are aware you can use Windows Printscreen function to share screenshots?

 

[HarborFront]

@HarborFront You are aware you can use Windows Printscreen function to share screenshots?

Ok, just tried it and it works. All the while I use my hp to take pictures and upload them to here. Thanks

Hmmm.......not sure why the picture is not sharp but it's very sharp on my laptop

 

[Andy Ful]

...
This is my system and my set up and so far it pose no serious issues whatsoever.

In my opinion, your web browser config is not bad, but not optimal. You can use it if you have to.
There is no proof that using many extensions is better or worse. Just consider from time to time if your beliefs about security are supported by facts and not by fear. For now, you believe that a web browser with many extensions is like a great sea with many battleships. That is not supported by tests & facts. There are some reasons to believe that this picture can be not real, and in fact, you have a small kitchen with several cooks. The more cooks, the more chances for security accidents. The situation is kinda similar to using Windows with many security solutions.
Be safe.

 

[HarborFront]

Updated my FF extensions

uBO with filters in Hard Mode
ABP
BTL
CanvasBlocker
ClearURLs
Cookie AutoDelete
I don't care About Cookies
CSS Exfil Protection
Decentraleyes
ETag Stopper
IDN Safe
Keyboard Privacy
Privacy-Oriented Origin Policy
Smart HTTPS
StoragErazor
ScriptSafe
Trace
User-Agent Switcher and Manager
Anti-Adblock Blocker
Skip Redirect
Multi-Accounts Container
Temporary Containers

Edit

Removed History AutoDelete. Added Multi-Account Containers and Temporary Containers

 

[Ink]

Ok, just tried it and it works. All the while I use my hp to take pictures and upload them to here. Thanks

Hmmm.......not sure why the picture is still not sharp but it's very sharp on my laptop

View attachment 235503

It was suggestion. No need to be prick.

 

[HarborFront]

It was suggestion. No need to be prick.

None taken. It's the first time I'm trying too. Thanks for the suggestion

 

[AMD1]

Hi,

I have KSC paid version with TAM enabled. In addition i have Adguard and Voodooshield paid. I am doubling up here at all with VS ?

That's all i have on my system apart from Roboform password manager

 

[harlan4096]

Yes, You don't need VS, specially if You enabled TAM...

But, as already mentioned, TAM feature has been removed in the upcoming K2021, so We can emulate a similar behaviour via tweaking Application Control...

 

[SeriousHoax]

Updated my FF extensions

uBO with filters in Hard Mode
ABP
BTL
CanvasBlocker
ClearURLs
Cookie AutoDelete
I don't care About Cookies
CSS Exfil Protection
Decentraleyes
ETag Stopper
IDN Safe
Keyboard Privacy
Privacy-Oriented Origin Policy
Smart HTTPS
StoragErazor
ScriptSafe
Trace
User-Agent Switcher and Manager
Anti-Adblock Blocker
Skip Redirect
Multi-Accounts Container
Temporary Containers

Edit

Removed History AutoDelete. Added Multi-Account Containers and Temporary Containers

Let me suggest some things for you.
Why do you have "ABP" when you already have "uBlock Origin!" ABP is redundant here.
You don't need "Skip redirect" when you have "ClearUrls". It does the same and more.
You can get rid of "I don't care about cookies" by subscribing to the filter list with the same name.
"Privacy-Oriented Origin Policy" can be get rid off by modifying some about:config values.
I also think you don't need "StoragErazor" because "Cookie AutoDelete" has this feature.
"ScriptSafe" also seems unnecessary while you're using "uBlock Origin in Hard mode".
"Anti-Adblock Blocker" is not necessary if you use Nano Defender following this guide: Nano Defender
"Trace" is not necessary for Firefox when you have "Canvas Blocker" and other things that it does can be done by modifying about:config.

 

[AMD1]

But, as already mentioned, TAM feature has been removed in the upcoming K2021, so We can emulate a similar behaviour via tweaking Application Control...

Ah i did not know that. Thanks for the notification. Have they brought back the anti-spam good/bad email addon to Outlook - i found that very good for filtering spam?