I think that it is time to retire this thread to bed. This is MalwareTips after all, not Wilders Security Forum :
Windows Defender vs Ransomware! (Shocking Results?)
- Thread starter Pat MacKnife
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Practical Response
Level 7
- Mar 10, 2024
- 339
I really wish they would add a yawning "I'm so over this crud" emotioncon to the like system.I think that it is time to retire this thread to bed. This is MalwareTips after all, not Wilders Security Forum :
Last edited by a moderator:
- Mar 9, 2014
- 545
Not just users but even developers, tweakers, and techies. And not so much a rollercoaster ride but a description of what's taking place.
How is the laptop used? If it's meant only for browsing a few sites an hour a day, then it can be used in default mode for a very long time. Do or demand more, and you get more complications.
That's also what gives many meanings to "get by". One user loads a page at a time; no performance problem. Another eagerly reads threads in a forum and tries to load all of them at the same time using addons like Snap Links (the user just mentioned might say, "what's that" or "why should I care" while another will say, "wait a minute? you mean there are addons that allow me to do that? where can I find it?"). Use something like Adguard for Windows, and many of the pages won't load; no problem with uBlock Origin. But can the latter be used with Ferdium? (The first user asks: "what's that?" The second: "wait, I don't have to leave several messenging apps open and instead just use that?")
And then something in those pages in "legit" sites leads to malware infection. What happens next? Oh, you didn't follow "good habits". User: but the site was legit! Techie: well, you should have done this or that. User: why didn't you tell me in the first place? Techie: Because I didn't want to scare you.
- Mar 9, 2014
- 545
I think that's what experts in various fields say: people are just happy to drive cars, operate machinery, etc., as long as they "get by and function." And in several cases, several complain that these experts are simply overcompensating.
In which case, one should balance the two: don't rely too much on "good habits" and similar, like letting the user play the role of security app and choose what to allow or deny. Instead, get better set-and-forget security. The same applies to backups. Why? Because these non-experts in computer security might be too busy being experts in other things.
- Mar 9, 2014
- 545
If it's not bullet-proof, then it doesn't work.
As for monitoring, try saying that to overworked experts (in other things) in corporations. Why do you think they have to hire technical staff?
Practical Response
Level 7
- Mar 10, 2024
- 339
Good habits includes not loading your browser down with junk extensions, much like toolbar days are long gone, remember those and how much fun they cause.
Yes good habits include using your head.
The laptop is used for everything from personal to home business and fairs quite well, although it's not used to experiment with every junk application in the net.
Your really stretching and grabbing here in what appears to either be a mellow smear or peeing contest. If either, please take your time, grab up a pencil, put some thoughts into it, make it more suspenseful.
- Mar 9, 2014
- 545
What about non-junk extensions that turn out to be junk extensions? Or legit apps that have been unknowingly compromised with people finding out too late? Or legit sites? Or updates that have been compromised?
If good habits are all that's needed then one wouldn't need security apps at all.
Again, it's an anecdote that could have been made up, and might not even represent laptop usage.
Finally, peeing contest? You must be kidding. Everything I've said so far is based on common sense.
Practical Response
Level 7
- Mar 10, 2024
- 339
Oh you mean applications or extensions that basically have been whitelisted and would slide right past most security applications.
Dont seem to recall stating to disable all security and just using good habits. Just stated over lapping ridiculous redundant and restricting security is not necessary.
Again your stretching and just looking to cause issue at this point or have a serious ego problem.
It seems we have different definitions of common sense, because what you are suggesting does not apply to average users, but advanced ones. I asked you to leave a solution and again nothing but continuous reasons why your right, I'm wrong and the world needs tons of security.
Now provide a solution that average users can use to get by safely on the net while keeping their systems usable, I'm waiting.
Last edited:
Practical Response
Level 7
- Mar 10, 2024
- 339
Think this is fun, then say something about one of the products directly here and watch how fast you get mobbed. In a forum full of enthusiast trying to state one can get by with good habits and diligence is mocked, because you need to be very afraid of the internet, run ridiculous amounts of security that most of them do not understand how to use properly in order to survive. So when a user comes along trying to reinforce using habits that will save them headaches in the long run, you would think it would be met with more gratitude then constant badgering.
- Mar 9, 2014
- 545
I'm referring to legit software and sites that are infected later.
I'm not talking about disabling all security but the claim that good habits can make up for that. One good habit is to stick to legit software. After that, news emerges that the company was attacked weeks ago, they only realized now, and software downloaded or updated those weeks have been compromised.
Why continued labeling, e.g., "serious ego problem"? Don't take this personally.
My suggestions actually apply to average users, i.e., set-and-forget. Advanced users would search the web, participate in forums, do tests on their own machines, etc.
Finally, I provided a solution here:
App Review - Windows Defender vs Ransomware! (Shocking Results?)
Nope but they ensure you don't lose anything. Data theft is as simple as what you divulge, since no one can guarantee it's safety. I think he was referring to data theft from your computer. You download a data miner on your computer and your hooped, backup not going to fix that.
malwaretips.com
I think you've wasted enough of my time.
Number 1 rule in safe-hex is (for Windows) run as standard user (only few MT members practice this).
Number 2 rule in safe-hex is wait a few days after downloading software before installing it (solves most zero day risks, security hobbiest want to design the perfect third party layered protection against).
Number 3 is "when in doubt, don't let the user decide" (reason why HIPS & UAC prompts are stupid and SAC & WDAC-ISG are smart).
Above is only an opinion, not based on A-B field test
Number 2 rule in safe-hex is wait a few days after downloading software before installing it (solves most zero day risks, security hobbiest want to design the perfect third party layered protection against).
Number 3 is "when in doubt, don't let the user decide" (reason why HIPS & UAC prompts are stupid and SAC & WDAC-ISG are smart).
Above is only an opinion, not based on A-B field test
Last edited:
- Apr 7, 2016
- 519
Good advice about using a standard account. I have started with it again the last year, and I keep doing it this time. Another thing I have made a habit, is to have Kasperskys free KVRT, and MBAM free ready. WHEN I download things (not very often) I always scan it with these 2 scanners. They are both free, and will take 95% of the crud. I'm using Eset NOD 32 AV. MD is not good enough IMO.
Practical Response
Level 7
- Mar 10, 2024
- 339
Standard account is very good advice. So are the other two listed especially number 2.Good advice about using a standard account. I have started with it again the last year, and I keep doing it this time. Another thing I have made a habit, is to have Kasperskys free KVRT, and MBAM free ready. WHEN I download things (not very often) I always scan it with these 2 scanners. They are both free, and will take 95% of the crud. I'm using Eset NOD 32 AV. MD is not good enough IMO.
Allowing a download to sit for a couple days inert allows time if it is indeed a zero day to be discovered in the wild and signatures formed for it.
Whats also free is virus Total, and no need to download two 3rd party applications to your system. Even if applying number 2 good advice above, I would scan it with VT to ensure before executing it.
If you combine all the "good habits", you have minimized the chances to such a low percentage of anything happening in a realistic world. Microsoft Defender is more then enough, part of the OS, best compatibility, and does not extend the attack surface by adding more bugs.
- Mar 9, 2014
- 545
Don't look for what's perfect but what's better, and that includes security programs that can make decisions for users.
Don't assume that they'll wait for a few days before downloading something, or that updates will be done delayed, etc., or that they will always remember to scan everything with two additional apps, etc. The first will have to be kept secure and the second done automatically, too.
Don't assume that they'll wait for a few days before downloading something, or that updates will be done delayed, etc., or that they will always remember to scan everything with two additional apps, etc. The first will have to be kept secure and the second done automatically, too.
Practical Response
Level 7
- Mar 10, 2024
- 339
This here is exactly why I have been pushing the "good habits" so much lately, as users here think that if they throw a more robust solution on their system then they can be lax about their habits and are covered, its a false sense of security. They can actually be safer using Windows default securities and good habits " the word habit means to do until it becomes second nature" then using a product they most likely will not understand how to use properly which could actually cause them to be more vulnerable then they already were from misconfiguration and or from bugs they may introduce with the product that expands their attack surface.
Last edited:
- Mar 9, 2014
- 545
"Good habits" involve having the same time and knowledge as tweakers. That's not likely for most.
Why? Because they're too busy to understand what they need to use. It's like people who drive cars but don't know how they work.
- Mar 9, 2014
- 545
Until something doesn't run and you have to drive over to find out what went wrong. As for letting something to sit a coiple of days, how long? You let it sit for five days and then they report on the sixth that it's infected. Meanwhile, you have to run it before work ends at 5.
You can upload to VT to check. How many users know how to do that? And if most report that it's safe and a few not, what to do? Search some more online to see what's going on. Meanwhile, you have more work to do.
Tweakers live in a fantasy world where they think everyone has as much time and effort as they do.
Practical Response
Level 7
- Mar 10, 2024
- 339
It's like people who drive cars but know how they work. I'm not sure why you chose that analogy because it's exactly like that.
Like how to put it in gear, or use the gas pedal, or brake, how to signal when they turn, how to start it or shut it off. Like that?
Or as they gain experience and learn to be safer on the road by knowing how to slow down on rainy days, how not to hydroplane, merge in out of traffic at highway speeds things they learn over time to keep safer as they learn to navigate. How to take precautions like checking air tire pressure, fluids in their vehicles so not to break down or cause accidents.
Your right, we should not encourage that or even have lessons required before a license, we should just weld bush guards all mad Max style and turn em loose, what's the worst that could happen.
Last edited:
- Jul 5, 2019
- 565
You don't have to be a tweaker to avoid bad habits. Common sense is enough.
You don't have to be a doctor to live a healthy life. But sometimes a doctor can give helpful tips.
Last edited:
- Mar 9, 2014
- 545
Right, and then something goes wrong, and you'll need a repair man. Unless you want fix the car yourself. The damage could have been caused by wear-and-tear, wrong driving, a defect in the vehicle, or force majeure. (You'll need insurance for the latter.)
Getting a license involves correcting one of those. For the rest....
That's why the meaning of "good habits," together with security program features, keeps changing.
First, it's just making sure you visit "safe" websites and software. Now, it's putting adblockers and security add-ons, plus getting security programs that go beyond just signature-checking in case "safe" is no longer safe.
Meanwhile, there are always chances that one will forget, especially in a rush (and in a 24-7 world where customers want goods and services pronto that'll always take place: you gotta do things better and faster), so things better be automated and done quickly, like having something run automatically in a virtual box instead of doing it manually or letting it sit for days (as if every job in the world essentially involves doing that), or using cloud detection instead of doing things manually and sending what's downloaded for various sites to be tested, and so on. Meanwhile, it turns out there's a reason why certain features are turned off in various apps, including built-in ones.
Reminds me of Microsoft telling users to turn off virtualization (in case they turned it on) in case of a slowdown, and then remember to turn it on again after.
Again, my point isn't that "good habits" aren't needed (similar to advice about common sense and using backups) but that it's not enough, and the fact that one keeps adding to its meaning (download only "safe" software, but in case it isn't safe, you better not run it until someone tells you that it's safe, or send it to someone to test it; visit only "safe" websites, but in case they're not safe, you better contact others and ask them if it's safe, or install something that looks at the website to see if it's really safe and/or ask others who visited the site and see what happened to them, and so on) shows that it's not sufficient advice.
It gets worse when one counters this by saying that one is just be paranoid, or that one is simply overreacting, and that there are only an x percent chance that you'll be infected, so don't worry, or just backup because everyone knows that as long as you restore your data you'll be fine (just imagine that it wasn't stolen).
Similar threads
