What is your security setup these days?

[Hungry Man]

Yes, new software or a new file or a new anything.

My point about applocker not being very helpful is that it is a "yes or no" kinda deal. It's a very small layer and the user bypasses it easily. Once bypassed it offers no protection whereas there are other security methods that are not just "yes or no" and allow you to run malware without hurting your system, or detect that it's malware at least.

[1chaoticadult]

Quote:

Originally Posted by Hungry Man

Yes, new software or a new file or a new anything.

My point about applocker not being very helpful is that it is a "yes or no" kinda deal. It's a very small layer and the user bypasses it easily. Once bypassed it offers no protection whereas there are other security methods that are not just "yes or no" and allow you to run malware without hurting your system, or detect that it's malware at least.

Well I will let someone else respond to that. I can't really respond much to applocker seeing I only used it very short time.

[Hungry Man]

Fair enough.

If I thought that my system was never going to change... I'd use applocker. But I download new portable applications, games, etc quite often. And I honestly would not feel all that secure with applocker.

[1chaoticadult]

Quote:

Originally Posted by Hungry Man

Fair enough.

If I thought that my system was never going to change... I'd use applocker. But I download new portable applications, games, etc quite often. And I honestly would not feel all that secure with applocker.

I understand what you mean.

[Sully]

There already is near perfect security in the computing world.. it is called the USER group. Some versions are better than others, or really you could say some services running with high rights are not as vulnerable. Some OS's are better, whether that is due to better code or just not being as targeted might be up for debate

The problem is not can you use a computer and be secure, the problem is can you use your computer, and do admin tasks, and still be safe. If I were to be your admin, and you were only a user, I would wager a months worth of pay that you would never get infected, and in general never have a problem. You would also never be allowed to make your own decisions

It is those who like being admin, and those users who must at some point perform admin functions that see the breakdown of security. And now with user accounts becoming more common, we see social engineering becoming the preferred tool, some being able to operate in user space where admin rights don't come into play.

It all boils down to something really simple IMO. If you are going to use a computer online, and are going to be an admin or perform admin tasks, you are going to have to learn some basics. The more you know, the less likely you are to have issues. It doesn't matter whether you use all inbuild OS tools or choose to use lots of 3rd party tools, if you don't know how to stay problem free, you won't. If you do know how, then you can really use any tool you like, and it doesn't have to match anyone elses prescription, you just need to know how to use it effectively.

I don't see how there will ever be an OS that is super secure yet also does not require user knowledge. Not if the user wants to do whatever they want, such as installing new programs or surfing with thier choise of browser to thier choise of websites. You know that spiderman quote "with great power comes great responsibility"? Sounds like it was made for anyone who performs admin tasks. If you get a super secure OS, but you can't make any decisions yourself so that you remain safe, would you really buy it? Kind of like working for "the man" lol.

Sul.

[1chaoticadult]

Well said Sul. Despite all the changes I went thru with my security setup, I have not been infected in awhile while the rest of my family and friends have been. Then they call me to play cleanup man

[Boost]

Quote:

Originally Posted by Sully

There already is near perfect security in the computing world.. it is called the USER group. Some versions are better than others, or really you could say some services running with high rights are not as vulnerable. Some OS's are better, whether that is due to better code or just not being as targeted might be up for debate

The problem is not can you use a computer and be secure, the problem is can you use your computer, and do admin tasks, and still be safe. If I were to be your admin, and you were only a user, I would wager a months worth of pay that you would never get infected, and in general never have a problem. You would also never be allowed to make your own decisions

It is those who like being admin, and those users who must at some point perform admin functions that see the breakdown of security. And now with user accounts becoming more common, we see social engineering becoming the preferred tool, some being able to operate in user space where admin rights don't come into play.

It all boils down to something really simple IMO. If you are going to use a computer online, and are going to be an admin or perform admin tasks, you are going to have to learn some basics. The more you know, the less likely you are to have issues. It doesn't matter whether you use all inbuild OS tools or choose to use lots of 3rd party tools, if you don't know how to stay problem free, you won't. If you do know how, then you can really use any tool you like, and it doesn't have to match anyone elses prescription, you just need to know how to use it effectively.

I don't see how there will ever be an OS that is super secure yet also does not require user knowledge. Not if the user wants to do whatever they want, such as installing new programs or surfing with thier choise of browser to thier choise of websites. You know that spiderman quote "with great power comes great responsibility"? Sounds like it was made for anyone who performs admin tasks. If you get a super secure OS, but you can't make any decisions yourself so that you remain safe, would you really buy it? Kind of like working for "the man" lol.

Sul.

Well said Sully. Nice to see someone around here with a good head on his shoulders as these forums are waaaay too tiring / boring anymore otherwise.

[1chaoticadult]

Quote:

Originally Posted by Boost

Well said Sully. Nice to see someone around here with a good head on his shoulders,these forums are waaaay too tiring / boring anymore otherwise.

Well security is boring and can be tiring

[Sully]

Quote:

Originally Posted by 1chaoticadult

Well said Sul. Despite all the changes I went thru with my security setup, I have not been infected in awhile while the rest of my family and friends have been. Then they call me to play cleanup man

And what would you say the reason is?

A. you used the right combination of tools that save your bacon

B. you know enough now to utilize the best tool for you to stay problem free

C. the force was with you, you shall live long and prosper

D. you keep forgetting what day it is, and we cannot trust your memory, so you very likely had infections like your family, and in fact, you probably still do

Sul.

Quote:

Originally Posted by Hungry Man

From what I understand of AppLocker it's basically a default deny that lets you either block a program or run it. How is that helpful?

Microsoft can explain it best here in the Executive Overview.

Quote:

If I put a program on my system I want it to run and if I'm suspicious about it I learn nothing by blocking it.

That is why you would probably scan it first before installing it. Realistically I can tell you from my own experience is that if you obtain a program from a trusted source, scan it even once with an updated av, and it comes out clean, it is 99.999% clean. Very sweet odds. Remember, if you keep recent images, you simply restore if you don't like what's happening after you install a new program, or you remove it, but I like to restore an image because that way there's no potential crud leftover from an removal.

[Hungry Man]

LUA is not a silver bullet. You can still get infected without admin rights. And just as much you can still get hacked - exploits still exist.

I am not saying that a computer running 3rd party applications is less secure than a computer not running 3rd party applications. I am saying that in an ideal world all security would be handled by an OS.

And yes, I do believe that a user should not need knowledge of their computer in order to stay safe on it. I also don't know if I believe in perfect security - I don't know enough and I'm not going to even guess right now because, frankly, I'm a freshman and I'm a terrible programmer at this point in time and I don't think I can really talk about something so in depth without knowledge like how programs work way low down.

But I think that if you had the ideas of things like sandboxie, defensewall, chrome, and windows attached to the OS by default you'd see a lot fewer infections. The methods implemented are based around restrictions, which is very similar to LUA. If enough restrictions are implemented OS wide as well as to specific applications we'd have a lot less to worry about.

But that's another converseation I think.

No, no one has to make their security setup conform to any one elses notions. No one should. I'm just saying that I think security needs to start at the lowest level possible. And I really do believe that users should have very little part (if not no part at all) in security, but I think I'm one of the few people who believes that (pretty much everyone I've talked to doesn't haha.)

[1chaoticadult]

Quote:

Originally Posted by Sully

And what would you say the reason is?

A. you used the right combination of tools that save your bacon

B. you know enough now to utilize the best tool for you to stay problem free

C. the force was with you, you shall live long and prosper

D. you keep forgetting what day it is, and we cannot trust your memory, so you very likely had infections like your family, and in fact, you probably still do

Sul.

I would say a combination of A & B. A earlier in my security setup search and more B now.

[Hungry Man]

A few responses since I started typing haha

wat, I'm not saying your setup is ineffective. I think you actually have a very keen sight on what is and is not effective. But your merit isn't even being called into question here =p your setup works for you and that's all that matters.

Thank you for the link.

[1chaoticadult]

Quote:

Originally Posted by Hungry Man

A few responses since I started typing haha

wat, I'm not saying your setup is ineffective. I think you actually have a very keen sight on what is and is not effective. But your merit isn't even being called into question here =p your setup works for you and that's all that matters.

Thank you for the link.

Oh wow I know this is offtopic but I just reached 1,000 posts. Just noticed it Back on topic, actually I was following alot of wat's tutorials per say in applocker thread when I was using it. So I say thanks wat without you knowing you did

[Hungry Man]

omg I'm nearly at 2000 >_>

[1chaoticadult]

Quote:

Originally Posted by Hungry Man

omg I'm nearly at 2000 >_>

Too much typing there Mr.

[Hungry Man]

Yeahhhhh apparently.

[1chaoticadult]

Quote:

Originally Posted by Hungry Man

Yeahhhhh apparently.

Oh well and the search continues...LOL

[Sully]

@Hungry Man

IMO there are two ways to look at security and being a user.

1. there are weaknesses in things of the OS that you have no control over, and those are exploited without you having to do anything but visit the wrong website or execute the wrong program. Users normally have no idea at all. It is a weakness of the OS/program, and being user or admin makes no difference.

2. what you do and what you use are relatively safe (not targeted or worth targeting). Only the actions you perform as admin will bring you problems.

As such, being a user is only as good as the admin of the system. There must be an admin at some point. And if the user is the one to perform the admin functions, you are right back to either needing some security tool to scan and tell you something bad might happen, or you need knowledge.

I just don't see how a person is ever going to use a computer "freely", the way they want, without having to have some knowledge. Only if someone/something else is making decisions for them could this happen.

If one were to imagine a "cloud admin", which you gave your desires to (I want a new .pdf viewer), and it decided which was best for you and your system (it must know a lot about you and your system to make such decisions), it could then install the program for you. But, what if the "cloud admin" installed a program that was malicious and it did not know of it? Or what if the "cloud admin" itself became compromised?

I get what you are meaning, and I see why you would say that. I just don't really think that will ever come to pass. Someone has to make decisions, and for home users, it isn't a well trained IT guy usually.

Sul.

Quote:

Originally Posted by Hungry Man

omg I'm nearly at 2000 >_>

LOL! hot on our heels. I just topped 3000 and now branded a "Massive Poster"

[1chaoticadult]

Quote:

Originally Posted by wat0114

LOL! hot on our heels. I just topped 3000 and now branded a "Massive Poster"

OMG does you fingers hurt? I guess I'm way behind and need to catch up

[Hungry Man]

The idea is not to make the right decision or to stop vulnerabilities, it's to assume that someone made the wrong decision to assume there are vulnerabilities. There are multiple programs that exist based on this. The entire basis of DefenseWall (that program that keeps scoringso high in tests =p ) is that if something isn't explicitly trusted it is untrusted and restricted. Same with Comodo.

Users can do a hell of a lot to mess up their system and there's plenty of malware that will install and function on a user account. It may not be able to mess with the OS and it may be a lot easier to deal with but it can install.

Integrity levels are the start of Windows assuming an exploit will happen or assuming that malware will exist and taking precautions against it.

[Hungry Man]

Honestly, I must be crazy or something. I've been arguing for a long time that security should not involve the user and that a proper security setup (for the average user, not necessarily for Wilders or even for myself) should have a basis of assuming the user knows nothing. No one I know seems to agree with me on the details. =p

Quote:

Originally Posted by 1chaoticadult

OMG does you fingers hurt?

Not as much as my brain

Quote:

Originally Posted by Sully

I just don't see how a person is ever going to use a computer "freely", the way they want, without having to have some knowledge.

So very important and why a user with some decent knowledge can make sound decisions rather than rely on their security products to completely hand-hold them through the process.

[Hungry Man]

Quote:

So very important and why a user with some decent knowledge can make sound decisions rather than rely on their security products to completely hand-hold them through the process.

Users are unreliable and often easily tricked. Security setups should account for this in my opinion.