Do you think you use too much security software?

I used too but i'm a minimalist now. ;) ;D


snowbound

-{ Quote: "I used too but i'm a minimalist now. ;) ;D


snowbound" }-

Ditto.

About running minimist setups.

-{ Quote: "Ditto." }-

Really?

-{ Quote: "I use 4...Online Armor, PG, ZA, and NOD." }-

2 Heavy duty HIP (PG Plus OA) is hardly minimalistic. Still I expect that's typical around here. BTW I don't think dropping your antispyware and antitrojan and replacing them with HIP makes your setup minimalistic. :)

Instead of handling AS, you now handle your HIPS.

Anyway If I'm right even this is probably positively lightweight compared to what other people run.

And if ZA is the full version as opposed to the free version, we are talking in practice *3* so called HIPS, that a lot of firepower not to mention management required.

I use ZA for exe protection along with OA, it`s turned off on PG. I can still go anywhere I want in cyberspace...except the porn and clone sites of course. ;)

-{ Quote: "I used too but i'm a minimalist now. ;) ;D " }-


Same here.

I'm a minimalist - Four Security Apps = FW, AV, Registry Protection, Process Control - other than that just an imaging program and Proxomtiron for web filtering if you want to count these. :)

I used to spend more time worrying about security for everything.
I have trimmed my security software although not to the minimal level.
I do worry more when I read all about the proxi/Jap applications members use on this forum :(

The one I feel I could stop loading at start and just use for scanning
would be MSAS. I stop it running in the background as it really doesn't
do much for me as I have other layers to cover this gap.
I have left it running at start in case it discovers something :-\

Sigh I suppose the number of programs you are running now is considered minimalist compared to what you used to run or what a newbie who discovers the nice little world of security app starts running

When I think minimalist I'm thinking something like

1. Router that's all

2. Router + AV

3. Personal firewall + Backup type program/maybe even 1 HIP

or even

4. Nothing. Just ports closed.

I certainly can't see how people running 2 big HIP programs with overlapping features + a third fully featured firewall with similar features + an AV as minimalist.

That's just abusing the term when consider the recommended setup for most people is just Av+firewall and maybe Antispyware.

I also have minimalist setup too, only 4 apps.

KAV6 beta
GSS (Regdefend +Appdefend)
ZAP
Online Armor.

:)

Another thing.

Why the rush to claim to be minimalist? It's not definitely always a good thing. It's just one possible response among others.

Be proud that you are one. I'm not!

-{ Quote: "I certainly can't see how people running 2 big HIP programs with overlapping features + a third fully featured firewall with similar features + an AV as minimalist." }-

Who does that, or were you just generalizing?

-{ Quote: "When I think minimalist I'm thinking something like

1. Router that's all

2. Router + AV

3. Personal firewall + Backup type program/maybe even 1 HIP

or even

4. Nothing. Just ports closed." }-

I suppose my version of "minimalist" is relative to what I've run in the past. Currently running GSS, BoClean, & NOD32 and that probably isn't minimal compared to people who run an AV and Windows FW. I guess I don't care what you call it, it's light, effective, and works well for me, so I'll continue to use this setup (for now, subject to frequent change :) ).

-{ Quote: "Why the rush to claim to be minimalist? It's not definitely always a good thing. It's just one possible response among others." }-Just know why you have various applications installed, a sense of where they may protect you in the overall scheme of things, what they are specifically possibly protecting you from (whether or not that's a germane threat to you is another matter since that can be a fluid situation), and what you view as the main issues facing you.

While I do recommend selective incorporation of programs into a general plan, I wouldn't consider the 4 apps I'm running on the partition I'm logged into to be minimalistic by any reasonable definition. I consider my setup (http://www.wilderssecurity.com/showpost.php?p=615819&postcount=2) to have at least 3 active levels of rather decent backup. The specific case I'm working from now is Zyxel Zywall 10W router/NOD32/BOClean/SafenSec/Outpost Pro. For me, this is armed to the gills. If I did p2p and other activities like that, I'd probably make some adjustments.

Blue

Yes... this was too much and it even distracts my real purpose why im using this "modern machine."

I am looking for some way or another to find some kind of protection software that can do different jobs without eating up much of my system resources. Maybe an all-in-one Jack of all trade kind of software that can effectively protects me.

-{ Quote: "2. Router + AV" }-This would be the least I would ever suggest to anyone who feels that they even should ask someone else the question...

Blue

Blue is right in post #13.

The only one who can decide if you have too little or much security is you. :)

Who cares if you are not minalist or whatever. Run as many security software as you feel comfortable. Just don't call it minimalist ;P

If Mike does all that he wants with OA, I`ll go with it and NOD....maybe. ;)

-{ Quote: "If Mike does all that he wants with OA, I`ll go with it and NOD....maybe. ;)" }-

I'm not sure if you start using one large security suite with heavy duty functions, instead of a bunch of different ones with little overlap , your system suddenly becomes minimalistic.

IMHO anyway.

I suppose some guy just running a router plus on demand scans of the few files he runs , eg a truly minimistic system, is confident of his abilities to lock down his system and not make too many errors.
whether that is a right assessment or not i can't say lol...

-{ Quote: "I used too but i'm a minimalist now. ;) ;D " }-
Same here :)

But sometimes I test some new versions and programs...

-{ Quote: "Same here :)

But sometimes I test some new versions and programs..." }-

I think a lot of us here do that...it`s part of the fun. :)

Well, I've seen some security sets at Wilders, that made me think "What is wrong with this member ?"
If security is your job or hobby than it's OK, but I didn't buy my PC to run 20+ security softwares, because I have other work to do.
In the future, I will use a "Hardware/Software Firewall + ShadowUser" and that's it.

Do you think you have too much security for your house ... ? :)

-{ Quote: "Do you think you have too much security for your house ... ? :)" }-
For him, it seems so...
http://www.wilderssecurity.com/showthread.php?t=100811

Having access to the right tools is one thing, correct implementation is another ... :)

-{ Quote: "
In the future, I will use a "Hardware/Software Firewall + ShadowUser" and that's it." }-

Unless you only use web mail and never download anything, I do not think AV is redundant.

when i have no time, ill usually just install a firewall and antivirus. so far, ive just installed nod32, avast, and outpost. later when im not too busy, ill install some antispyware and some HIPS, which is where i need to sort and cut back on.

IMO, there's been too much focus lately on the number of apps people are running. What should matter most is not the number of apps anyone is running, and whether or not you feel it's reasonable, but whether the person is secure and running well. It seems like there used to be more focus on getting to know how your system works (so that you can make more intelligent decisions and determinations) and getting the most out of the things you do have (configuring your firewall and AV well, learning about the IPS alerts, etc). Now it seems like there's more of a shift towards pure numbers.

The fact is that when someone new comes around, they will encounter a dizzing array of software to choose from. They're likely to stack up on everything of different sorts while they find what suits them. As long as the person doesn't create too many problems for themselves, this should be healthy - they, as I did, learn a lot about how their systems work and what to expect. Once that happens, they can peel away some of the layers to match their comfort and skill level.. they will be the better for it because they will have had the ability to learn how to spot things for themselves (maybe it will take a number of alerts that you would find overwhelming.. if they're comfortable with it then who cares?).

Personally, I try to stay out of these kinds of discussions (although I'll admit to having given in to a couple)... it seems a little too voyeuristic for my tastes. My setup changes practically daily, and it's not really anyone else's business. Unless you're asking me for help, I don't care how many apps you are running either :)

To clarify, though, it's one thing when someone gives a breakdown of their thought processes that led them to the setup they have. I also don't think it's right to take a small handful of apps and recommend them to everyone that happens by, regardless of their skill level either. But to have to justify, to state whether we're doing it for fun or not (because you might be chastised otherwise), is not reasonable. Finding and trying out new apps is what we do here, it's why we keep coming back. We then can use that information to pass on more informed recommendations to newcommers. Worrying about what other people think of your setup, unless you specifically ask, is not healthy or productive. I say go nuts, as long as you can keep a level head about it, it doesn't matter to me what you're doing or why.

I think I'm about right.

I agree with EricAlbert.... I got a computer to do stuff other then to run security apps. Unless it is a hobby or a business.

Security Apps. are necessary things to keep our machines and data safe, we should not over burden them with too many.

I am very thankful for those who have this as a hobby and a business here at the Wilders. They are a treasuer chest of good information and freely shared. :-*

One final observation so far the one that has garnered the most votes is somewhat predictable, especially for the Wilders. Most think they are just fine it is the other guy who has the problem. We are security minded. We address our needs as we see what is needed in our own minds. And pretty quickly I would bet. Keep in mind a poll is a snap shot in time. And peoples thinking is subject to change.

I like to try out new security software, so after some time you got a lot of it on your computer. ;D
Hobby? Maybe I do consider it as such.
Oh well, can't be protected enough with all the bad stuff flying around.
Cutting down though after trialing it for some time. :P

-{ Quote: "Unless you only use web mail and never download anything, I do not think AV is redundant." }-
If I put my partition "C:" in a virtual environment, I can download anything and try it out and everything will be gone during the next reboot including :
- the existing viruses, the new viruses and the never discovered viruses.
- the same for spywares, trojans and keyloggers.
That's even better than AV/AS/AT/AK scanners ever will be.
Spam-emails are deleted immediately without even opening them.

-{ Quote: "Another thing.

Why the rush to claim to be minimalist? It's not definitely always a good thing. It's just one possible response among others.

Be proud that you are one. I'm not!" }-

Oh, but if you are a frequent dslr security forum poster you now are ridiculed if you use anything just about. That's probably why the rush...WildCatBoy's famous/infamous :D thread. And heaven forbid if you use BoClean or Process Guard and recommend them in that forum.

I use:
Bit Defender 8.0 (free version) on demand only scanner
Process Guard (full version)
Spyware Blaster (for the rare times I use IE)
Spybot (on demand only, no Tea Timer)
The Proxomitron and Firefox
Linksy router

And no, I don't think I use too much.

-{ Quote: "IMO, there's been too much focus lately on the number of apps people are running. What should matter most is not the number of apps anyone is running, and whether or not you feel it's reasonable, but whether the person is secure and running well.
" }-

I agree. The guy who started this poll is clearly a troll. :)

Still, I think this poll calls for self assessment, and is not meant to 'chasten' others, but to allow you to reflect on your own setup and attitudes.


The question is "Do you think *you* use too much", not "Do you think *other* people....

A poll on the latter I suspect would get a lot more positive "Yes", 100% absolutely responses. :)

And like it or not, for many (most?) people here the number of apps they run is a matrix you use to decide the degree of security you have. Whether you agree that such a view is sensible or not is besides the point.


-{ Quote: "
The fact is that when someone new comes around, they will encounter a dizzing array of software to choose from. They're likely to stack up on everything of different sorts while they find what suits them.
" }-

Indeed, and these people are not dummies by and large , and they know they will eventually cut down. Which is one of the poll options.

And then there are people who enjoy testing for testing sake...

-{ Quote: "
To clarify, though, it's one thing when someone gives a breakdown of their thought processes that led them to the setup they have. I also don't think it's right to take a small handful of apps and recommend them to everyone that happens by, regardless of their skill level either.
" }-

Of course it's not right, nobody is saying that either. No offense Notok but your post reeks of self-defensiveness. Just like the people who are eager to claim they run minimalist setups who evidently arent. There is definitely some guilt involved, whether it's justified or not , I don't know.

-{ Quote: "
But to have to justify, to state whether we're doing it for fun or not (because you might be chastised otherwise), is not reasonable.
" }-

Really?

-{ Quote: "
Finding and trying out new apps is what we do here, it's why we keep coming back. We then can use that information to pass on more informed recommendations to newcommers." }-

Don't look now Notok, but you are justifying yourself now. I would say the first option for you. :)

Another interesting question to ponder, in the course of trying out new app and adopting new apps, are we truly enhancing our security in any significant degree?

To do so, we are assuming that we have the insight to recognise the better app and switch to it , might we be asking too much of ourselves? Particularly when the apps we are talking about are already cream of the crop and we are all as blue says 'armed to the gills' such that not much can get pass anyway so even if we did objectively improve our defenses, we wouldn't know it anyway.

I'm not saying we can't recognise better apps on other citeria like user friendliness, resource use and all that. Those are worth looking out for too ofcourse. But my question is in terms of sheer effectivness in protecting ourselves, one of the main reasons used to justify switches. Or are we fooling ourselves?

Say I imagine a twin of myself who stops reading these forums for a year , while continuing to use the same app (plus normal updates to them of course) , while the real 'devil's advocate' continued to read this forum and test apps.

By a year times, I'm certain that my 'alpha setup'( representing my views on what is likely the most secure setup and the one used on my primary machine) is quite different from that of my twin's a year ago. How much more secure do you think the difference would be (if any) between mine and my twin?

Could I in fact have actually weakned my security by making the wrong choices? Unlikely I guess (here's I'm assuming I have at least some skill in making judgements) . More probably, it would be a moot point anyway, since even a slightly weaker setup would still be leagues better than most people.
such that it makes no pratical difference.

I don't know the answer, I would like to think that in a year's time my security setup would be even more formidable than it is now, and that I have the wit to incorporate new types of security defenses against new types of threats , but I don't know really.

But of course, your aim in testing security apps is not (not primarly at least) for improving security, but in playing with them , helping others, then who cares right?

-{ Quote: " Worrying about what other people think of your setup, unless you specifically ask, is not healthy or productive. I say go nuts, as long as you can keep a level head about it, it doesn't matter to me what you're doing or why." }-

I would say that part of keeping a levled head would include self reflection
and perhaps this is a good launch pad for this.

Altough, I admit it is tempting to see this in terms of a witch hunt against security application use. I apologise if some of my comments were taken as such.

But as I said

-{ Quote: "Why the rush to claim to be minimalist? It's not definitely always a good thing. It's just one possible response among others." }-

I currently use quite a few different security apps. Most are only for running manual scans on files i just downloaded and want to check it with all my scanners, one at a time, to be sure it doesn't contain malware of any kind. I like having all these scanners for on-demand scans and it has saved my bacon a couple of times, so for me it works great.

Some of the programs I run are My AV, FW, MSAS, Spybot, Adware, Spycop, STM, Unhackme, RootkitRevealer, Blacklight beta, Pest Patrol, SpySweeper, X-cleaner, Ewido, A², Bazooka, and some others. I don't feel like I'm overloaded with security apps at all. They are all useful to me, but if I was running them all realtime/resident I would probably have a problem.

These are just some of the different progams in my set up though, and like Notok, I don't feel the need to inform everyone exactly what I do and don't use securitywise. ;)

Now I have just enough. Before recent fresh system install I did have too much but omitted some of the programs. :)

I used to have way too much. Startup/process monitors, TCP connection viewers, custom registry tweaking programs...lots. Then my system became unstable and I´d have to reinstall Windows or restore a backup image. It became a hassle reinstalling everything so I just put the basics back on.

-{ Quote: "I agree. The guy who started this poll is clearly a troll. " }-Not my words (spoken or not) or point, and you are intelligent enough to know what my point is without dissecting it into enough pieces to throw it off track. You have failed to make any coherent argument, please summarize and try again.

There is a clear difference between someone, such as Blue Zannetti, offering his thought processes, guidance, and food for thought, and needing to justify anything to anyone.

-{ Quote: "I used too but i'm a minimalist now. ;) ;D " }-
I will call myself an "Extreme Virtual Minimalist" (EVM) after New Year.
EVM are also my real initials. This is a pure coincidence of course. ;D

Notok, please learn to quote properly. You left out the smilely.

I hope you are not trying to make things personal. I'm just stating my opinion same as anyone.

There are really a number of points regarding this poll should be examined. The focus on numbers, as in too much, misses the point. I could be well protected by 1 application and as easily quite exposed while running a dozen - trying to focus on too much is the wrong tact.
There are some pragmatic issues in assisting new users. Although I also try to take pains in encouraging users to assess there exposure profile, plugs the holes that they see, yada yada yada....., there is a substantial fraction of the user population (not necessarily the Wilder population, but the general user populace) for which I realize that this approach is completely misguided. Infection vector? What's that? Risk profile? I have no idea what you mean. These users currently don't have the underlying experience or knowledge base to make the desired analysis. Providing some practical basis for how I have come to my decisions may help some of the more advanced members of this population, but many really do need an explicit recommended solution, despite some of the opposing views voiced in the What is Security? (http://www.broadbandreports.com/forum/remark,14907071) thread over at Broadband Reports (http://www.broadbandreports.com/). Education in computer security is a noble goal, but a substantial amount of basic PC education is needed before security specific topics can be reasonably tackled and it is a veryt simple matter to be online and exposed without receiving that very basic knowledge. Overall, I believe any user is well served using a router and a suite. We all have our preferences on vendors, but any of the major ones (Kapsersky/Norton/McAfee/etc.) are fine.
There is a natural issue with numbers of applications. Some applications conflict with others. The greater the number of applications running, the more likely a conflict will occur. It's a pure game of statistics. By the same token, many of these applications cover a range of issues. The more applications running, the greater likelihood that there will be duplication of coverage with no discernable security benefit. Given the potential downsides with no or minimal upside benefit, any user should ponder the where they sit in achieved coverage. I realize that many have no basis for this analysis - hence I do tend to list what I use and why I use it, to provide even a casual user with an initial strawman setup for analysis. It may not be suitable for all, but since I generally use purely default installation configurations and do not tweak the applications or OS that I employ, virtually any user should be able to install and use the type of setup that I run.
I do shy away from recommendations involving system tweaking/hardening. This is a way to minimize the need for secondary security applications. The reason I shy away is not altogether rational, but I've seen too many users start down the appropriate road recommended by many here, only to become a binge configurator and start disabling OS services that any random site may offer as unneeded. This typically ends badly... Rather than try to walk this path, I currently avoid it.

Blue

Hi,
First questions? Does hardening constitute as security? If a user disabled 10 services and tweaked 15 restriction policies, does that count as security software? How do little thingies like BugOff, WWDC or Samurai fare in?
Anyhow, Windows machines:

The most heavily protected system:
FW + AV + AS (2 real time, 3 on demand) + AT (2 on demand) + Web filter
Tweaked with a variety of little hardenings

The least protected system:
FW + AV
No tweaking whatsoever

All systems:
Non-IE browser
SpywareBlaster
CCleaner

Mrk

P.S. I find the FW + AV + fortified Firefox enough; this includes P2P and lots of pron.

-{ Quote: "There are really a number of points regarding this poll should be examined. The focus on numbers, as in too much, misses the point. I could be well protected by 1 application and as easily quite exposed while running a dozen - trying to focus on too much is the wrong tact.
" }-

Perhaps a better poll is do you think you worry too much about security (is it possible to do that?)? Do you think you spend too much time, money on security?

I agree it's not only about security applications, as you point out below it's possible to go crazy on 'security' without security applications what so ever.

But in this forum, security applications are the No1 thing people look to, when discussing whether they are secure or not.



-{ Quote: "
I do shy away from recommendations involving system tweaking/hardening. This is a way to minimize the need for secondary security applications. The reason I shy away is not altogether rational, but I've seen too many users start down the appropriate road recommended by many here, only to become a binge configurator and start disabling OS services that any random site may offer as unneeded. This typically ends badly... Rather than try to walk this path, I currently avoid it.

Blue" }-

Anything brought to extremes is not healthy clearly. What you risk doing by focusing on security applications is that it can bring out the other extreme, where people go on a 'binge' on security software. So a balance is needed.

That can be as harmful if not over so.

-{ Quote: "Perhaps a better poll is do you think you worry too much about security (is it possible to do that?)? Do you think you spend too much time, money on security?

I agree it's not only about security applications, as you point out below it's possible to go crazy on 'security' without security applications what so ever.

But in this forum, security applications are the No1 thing people look to, when discussing whether they are secure or not." }-There are many aspects of our life that are similar.

Many of us drive cars. Over the course of our driving lives, many will never experience an accident of any type, some will have inconsequential bumps or minor fender benders, there will be the occasional major accident, and very infrequent life altering or ending collision. Same with homes and burglary/fire/storm based damage. The same logic applies to our personal health. In some respects health is the closest corrollary since we all do things on a daily basis that impacts our health, some good/some bad, and we often take steps to minimize our risks for specific conditions based on our presumed risk/exposure profile and past history.

In each of those cases we carry insurance policies and if something untoward happens, the company we contracted with will handle many of the details to a resolution and spread the financial risk over a large population. There's also a deductible component in which we will have to foot a base amount of any bill. That style of insurance isn't offered directly in the PC world, although piecework solutions can be purchased. The question is..., do you worry more about PC security than these three other areas, assuming any are applicable? Note, worrying about it and doing something about it and keeping it up-to-date are different. If you worry more about your PC's health than your own, I'd say that there is something seriously out of whack.
-{ Quote: "Anything brought to extremes is not healthy clearly. What you risk doing by focusing on security applications is that it can bring out the other extreme, where people go on a 'binge' on security software. So a balance is needed.

That can be as harmful if not over so." }-It is so situational, even the part of striking a balance.... There are no simple answers...

Blue

A drop of oil in the right place will do MAGIC. The same with security. An experienced user can browse the internet with just a firewall, and be perfectly safe. The chance of catching a bug with porn and warez sites goes up exponentially, even for some Pro users.

In the PC business, having less software running in the background is always a good thing because it reduces the chance of a conflict.

Another brillant speech from Blue!


-{ Quote: "
If you worry more about your PC's health than your own, I'd say that there is something seriously out of whack.

Blue" }-

Darn, I don't go to health forums to talk about different or new ways to keep fit, or keep abreast of the latest possible health threats, while I do the equalavant for my PC, does that mean something is out of whack? :)

For me it works on two levels.

1. I have sufficient resources to have a reasonable expectation of being safe today.

2. I have sufficient interest to develop the knowledge I need to be able to hope me and mine will be safe tomorrow.

A little too much software is an area to tighten up and improve upon. A little too little could be an opportunity to reformat.

While I'm still learning I know which I prefer ;)

Edit: Just to add this wasn't supposed to sound trite or snotty - the more I realise there is to understand, the more I am humbled by and appreciate those that have already learned so much and offer their knowledge freely.

-{ Quote: "Darn, I don't go to health forums to talk about different or new ways to keep fit, or keep abreast of the latest possible health threats, while I do the equalavant for my PC, does that mean something is out of whack? :)" }-You tell me....

I don't recall focusing on forum visits in my post, I was focusing on any actions one takes, a portion of which could be discussions in forums like this. I would have though that much was obvious, I stand corrected...

Cheers,

Blue

-{ Quote: "You tell me....

I don't recall focusing on forum visits in my post, I was focusing on any actions one takes, a portion of which could be discussions in forums like this.

Blue" }-

You are absolutely right!

Yes Blue, I was trying to talk about other actions besides just using security apps, which you so ably pointed out was not the whole story.

You really blew my mind with the comment about PC health versus indidivual bodily health.

The first thing that came into mind (besides security apps) is time spend on security forums and others sites! If I was as eager to do so for my own bodily health, I would be a super fit athlete! Or more likely scared out of my wits by the possible things that can go wrong with my body :)

Hey Blue I would also wonder if you could address my concerns in an earlier post . Do I have enough knowledge to know when to switch to a better product?

-{ Quote: "You are absolutely right!

Yes Blue, I was trying to talk about other actions besides just using security apps, which you so ably pointed out was not the whole story.

You really blew my mind with the comment about PC health versus indidivual bodily health." }-Well, aside from your growing neglect of proper spelling, your frequent dismissive attitude does detract from the generally useful information you often provide, or perhaps you just consider my comments idle chatter, whatever ...
-{ Quote: "The first thing that came into mind (besides security apps) is time spend on security forums and others sites! If I was as eager to do so for my own bodily health, I would be a super fit athlete! Or more likely scared out of my wits by the possible things that can go wrong with my body :)" }-I guess this is the first time I've seen forum attendance as a potential route to fitness....

-{ Quote: "Hey Blue I would also wonder if you could address my concerns in an earlier post . Do I have enough knowledge to know when to switch to a better product?" }-Do you mean this comment-{ Quote: "Another interesting question to ponder, in the course of trying out new app and adopting new apps, are we truly enhancing our security in any significant degree?

To do so, we are assuming that we have the insight to recognise the better app and switch to it , might we be asking too much of ourselves? Particularly when the apps we are talking about are already cream of the crop and we are all as blue says 'armed to the gills' such that not much can get pass anyway so even if we did objectively improve our defenses, we wouldn't know it anyway." }-First of all, I didn't say we were armed to the gills, I said I was. Second, do you want a serious answer or something you can dismissively respond to? Serious answer? What most users can assess is gross system compatibility and drag on system responsiveness. With a little work, users can also test very gross levels of product functionality. As far as testing finely divided differences in the security performance of a given product, I'm sure a developer in this application area could do it (I sure hope so...), but the typical user? No. On the continuum of user to developer, where do you sit? Therein would be my answer to you.

Blue

-{ Quote: "Well, aside from your growing neglect of proper spelling, your frequent dismissive attitude does detract from the generally useful information you often provide, or perhaps you just consider my comments idle chatter, whatever ...
" }-

Hey Blue I don't understand your negative attitude towards me. Particularly, considering I'm a big fan of yours and I make no bones about saying it.

I don't know why you find it hard to believe, do you think I'm joking whenever I agree with you? Or do you think i'm making fun of you when I quote you?
If so please stop.

I think you make a lot of sense, unlike all the other pseudo-experts running around.

I may be sometimes dismissive to people who clearly have no clue what they are talking about, but never to you.

It's not that your technical information is better (not saying it's worse either mind you), but you generally make more sense for people like me who are not super experts.

-{ Quote: "
Do you mean this commentFirst of all, I didn't say we were armed to the gills, I said I was.
" }-

So do you think most of us are NOT armed to the gills?
I'm certainly armed to the gills though. I think.

-{ Quote: "
I guess this is the first time I've seen forum attendance as a potential route to fitness....
" }-

You are a smart guy blue, you know what I mean. If the energies i put into keepin my pc healthy was translated to keeping myself healthy...

-{ Quote: "
Second, do you want a serious answer or something you can dismissively respond to? Serious answer?
" }-

OMG, of course I want a serious answer. When have I ever being dismissive towards you?? Perhaps you don't like me joking about the 'blue formula' ?

I think it's a brillant way of thinking, and more importantly, it matches what I have come up with independently too :)

-{ Quote: "
As far as testing finely divided differences in the security performance of a given product, I'm sure a developer in this application area could do it (I sure hope so...), but the typical user? No.
" }-

So it's possible that the more tinkering i do , it's likely I might even weaken my defense. Is that correct?

What strategy would you recommend then to avoid such problems? Picking someone who is acknowledged by everyone who is a guru and following his lead?


-{ Quote: "
On the continuum of user to developer, where do you sit? Therein would be my answer to you.
" }-

Oh blue, surely you know the answer to that. Squarely on the user side. That's why I'm seeking your advise.

-{ Quote: "Hey Blue I don't understand your negative attitude towards me.
....
I may be sometimes dismissive to people who clearly have no clue what they are talking about, but never to you." }-
I try to supportive to all posters, regardless of what they know or don't know. In the long run that does make for a better site and better dialog.
-{ Quote: "It's not that your technical information is better (not saying it's worse either mind you), but you generally make more sense for people like me who are not super experts." }-You're quite right, my technical information is no better than the next man's. I would hope every reader understands that, I would also hope that every poster has a realistic view of their own knowledge base. Although it seems obvious, in complicated matters it is often not obvious what is not known/understood since there is a vast sea of inferred material.
-{ Quote: "So do you think most of us are NOT armed to the gills?
I'm certainly armed to the gills though. I think." }-My personal belief is that most people that frequent this site are armed to the gills, and I am one of them, though I do see plenty of folks running a large number of applications being woefully exposed, on the verge of creating unstable situations, layering pure duplication while genuine vulnerabilities remain, customizing their setups to the point of chancy recovery in the event of problems.
-{ Quote: "You are a smart guy blue, you know what I mean. If the energies i put into keepin my pc healthy was translated to keeping myself healthy..." }-Yes I do.
-{ Quote: "OMG, of course I want a serious answer. When have I ever being dismissive towards you?? Perhaps you don't like me joking about the 'blue formula' ?

I think it's a brillant way of thinking, and more importantly, it matches what I have come up with independently too :)" }-I for one wouldn't label it brilliant, it's one reasonable approach among many.
-{ Quote: "So it's possible that the more tinkering i do , it's likely I might even weaken my defense. Is that correct?" }-Of course this is correct. There are at least two issues afoot: (1) Does the tinkering impart instability, if so, there's always the potential a key security component will quietly crash leaving you exposed. Even the best applications can suffer from these circumstances. (2) Tinkering implies a purely empirical adjustment of settings without necessarily understanding the full impact of the change. Security holes may result. Unintended consequences are always a problem.
-{ Quote: "What strategy would you recommend then to avoid such problems? Picking someone who is acknowledged by everyone who is a guru and following his lead?" }-Do you need the full coverage that a guru's understanding would imply? Do you need to account for all future eventualities? Personally, I don't. I'm happy to cover the vast majority of issues, I pay attention so I'll be aware of new issues cropping up, and I change my approach if I feel it is warranted. To me, constant tweaking is a road to rapidly diminishing returns. It may be fun for some, but it's not really my style. I may try a number of things, but significant changes occur only once or twice a year for me.
-{ Quote: "Oh blue, surely you know the answer to that. Squarely on the user side. That's why I'm seeking your advise." }-Well, if you're a user, we're peers, and the advice I offer is based on the same public information available to all. The advantage of holding these dialogs is that the very act of the exchange does sharpen our own understanding of the material. You do learn by trying to teach/debate/discuss with others. Obviously, when it degenerates, the positive aspects are lost for all. Hence, I end where I started, I try to supportive to all posters, regardless of what they know or don't know.

Blue

I like the minimalistic approach. I wonder if I have been too paranoid in choosing just what I have.

I ran XP home gold until recently(no hotfixes either), with just AVG, Spybot, Adaware, Firefox, Sygate Pro, and PeerGuardian. (Yeah, some might not consider all the above "security software".) My having a dynamic IP helps IMO.

I P2P a lot and never got compromised. ;D

I think I use too much when I'm busy updating/grading and tuning it but when I afterwards think .."what can I do without?" ..I can't think of anything, besides things that don't eat resources and almost never upgrade/date. BTW i've got 9 apps running ("overlapping" is my middlename 8) ) and they don't slow down my pc noticeable enough to be bothered by it.

Nope, I don't think I use too much. If I felt I used too much, I'd use less ;)

If you are running Windows X 64 then you will see that the "minimilist" approach is the only one at the moment ;D

-{ Quote: "If you are running Windows X 64 then you will see that the "minimilist" approach is the only one at the moment ;D" }-
;D ;D ;D (I wouldn't even dare to run that one. Too early !).

-{ Quote: "Nope, I don't think I use too much. If I felt I used too much, I'd use less ;)" }-

I suspect/think I use too much, but I don't know what to cut down.

My 'HIPS' layer consists of

OA+Safe n Sec + Appdefend+ Regdefend.

Not sure about keeping PrevX Pro, i recently replaced ProcessGuard with Appdefend.

No.
NOD32+CHX+Asquared(free)

Like you can see in my signature. I feel secure enough, and now a days, most of the time I'm using Linux. So no worries then ;) I think, at the end of the day, Linux is more user-friendly and easier to manage then Windows. No security hassles, update all of your software in one click... I love it :D

Running as resident? What I have is enough.
On Demand? It's a hobby and ya never know.

NIS 2006 for internet security, NSW Premier 2006 for computer upkeep {with utilities, Ghost imaging & backup, etc.}. It is OK for me. I used ZA Pro for years but then decided to be a total rebel and use all Norton products. :o ;)

Randy

John Thompson would be pleased and proud of you!

But is the best selling brand synonymous with the best product?

Take Symantec's track record on offering the best, fastest protection:

Apropos.c is one of the worst pieces of high risk spyware out there. McAfee saw it and stopped it early July 2005. Symantec October 20/26 2005. How many of their users were infected and being spied upon during that 3 months they were left unprotected.

My point isn't to discredit Symanytec but to suggest there is yet to be a single security product or Suite of products that truly protects against everything.

Sticking to one brand will make it easier to manage but won't mean you are getting the best protection there is. But if security of your personal information and enjoying reliable use of your PC in a safe environment isn't important to you....

KeepItSimple

-{ Quote: "Like you can see in my signature. I feel secure enough, and now a days, most of the time I'm using Linux. So no worries then ;) I think, at the end of the day, Linux is more user-friendly and easier to manage then Windows. No security hassles, update all of your software in one click... I love it :D" }-
I agree with the fact, that Linux is safer than Windows, because Linux isn't an interesting target for the bad guys and that's the only reason.
Any OS and any security/application software is vulnerable.

-{ Quote: "If you are running Windows X 64 then you will see that the "minimilist" approach is the only one at the moment ;D" }-

You can say that again. Avast & Windows firewall is all I can find now after having x64 as my main OS since april. I am really puzzled as to why the x64 support has been so slow for security products thus far.

-{ Quote: "Sticking to one brand will make it easier to manage but won't mean you are getting the best protection there is. But if security of your personal information and enjoying reliable use of your PC in a safe environment isn't important to you....KeepItSimple" }-I was just joking; I have always had other AVs installed as backup to scan manually -- KAV 4.5, BitDefender 9. Also I did not mention running MSAS in realtime for spyware protection; and have other AS products as manual backup to that: Spyware Doctor; Spy Sweeper; Trend Micro Anti-Spyware; Ad-Aware; SpyBot S&D. I have TrojanHunter for AT but it has never found anything. I was just making a joke since Norton is often criticized in security forums; it isn't perfect but for people who don't take big risks it will work fine; and for people who *do* take big risks {porn, warez, unsafe surfing, online games, P2P, etc.} I am not sure that *Any* security scheme will protect them from their own risky irresponsible behavior. Don't worry about me, I have several Gigabytes of malware in my collection, I submit to SARC what is undetected and try to improve the product rather than criticize it. And I don't expect AV to provide spyware protection. Happy Holidays & New Year, Warmly, Ran

I voted for the No, I have a reasonable amount to protect myself option ...


Well, I use AntiVir (http://www.free-av.com) program as my anti-virus program, XP SP2's in-built firewall (since I feel confident enough, and outbound traffic-filtering is just plain stupid IMO), then DNSKong (http://www.pyrenean.com/?page_value=-1) and eDexter (http://www.pyrenean.com/?page_value=-2) programs from Pyrenean, K9 (http://www.keir.net/k9.html) anti-spam program, then I also use Proxomitron (http://castlecops.com/Proxomitron.html) proxy-program with one of my Firefox' profiles, and finally the most secure web-browser Off By One (http://offbyone.com) program. And well, I also use a CacheSentry (http://www.enigmaticsoftware.com/cachesentry/index.html) program from EnigmaticSoftware, however, this one is not directly security-related. Oh and btw., all the programs except AntiVir are available also in "non-setup" variant, i.e. only a .zip archive and no installation required ...


If anyone wants to, see these topics that I opened some of the mentioned programs. First the threads on CastleCops forums (my nick is "satyr"): DNSKong - a personal caching/filtering psuedo-DNS server (http://castlecops.com/postp529007.html), Keir's K9 program; an only 81 KB in-size anti-spam program (http://castlecops.com/p684991-Keirs_K9_program_an_only_81_KB_in_size_anti_spam_program.html), The most secure browser - Off By One web browser ... (http://castlecops.com/p546692-The_most_secure_browser_Off_By_One_web_browser.html), and as second the Review: DNSKong program (https://www.readyresponse.org/forums/viewtopic.php?t=1815) and Review: AntiVir (https://www.readyresponse.org/forums/viewtopic.php?t=1816) review-threads that I wrote for ReadyResponse site (my nick is "shirker"), while additionally also see two articles on Wikipedia that I've created (my nick is "Wayfarer"): DNSKong (http://en.wikipedia.org/wiki/DNSKong), OffByOne (http://en.wikipedia.org/wiki/OffByOne)


Also see the software.html (http://users.volja.net/tayiper/software.html) and security.html (http://users.volja.net/tayiper/security.html) pages on my home-site for more programs I use ...


stalker

NO. Don't know of any, that will cover all security issues.