Balancing Security and Performance????

The way I attempt to balance security and performance is that I try to use the same programs my gf, who does not give a lick about security, is willing to use on her computer. She will be the first to complain if she notices a drop in performance or if her abilities are too limited.

Oftentimes, I have to help out my parents and gf with their computers. They don't tolerate dealing with pop-ups and whatnot as much as me. I doubt I could offer good advice or set up their computer properly if I was dependent upon a battery of security apps myself. It is for this reason I would never install a HIPS on their systems. It may be a great layer of defense but they will never use it properly.

 

Me, I like to say that the OS' own security features may not be the strongest that are humanly possible to make, but they sure are cost-effective and adequate for me.

I've seen many cases of that happening. For me, it didn't start with a security compromise but with trying to learn more about something I knew little about, and as I learned, I eventually got to the point where I had tested a boatload of stuff and could be confident that my original Unix-style setup ("don't run as root, use your head") was the most suitable to me, having served me well in my daily use all the time, and actually better than even the flashy security software I tested on my test rigs (better in the sense that it fit my needs better). After this point, my interest in testing stuff diminished until it finally took a huge nosedive, and these days one really has to bribe, kick or tickle me to get me to bother to test a security software. It's not that I think all that software is bad. It's just that I have better things to do with my time than play with them, like making boring posts in forums.

 

You never know, because my problem is I get bored and I want to change something for the sake of relieving that boredom Everyone needs a change of scenery once in a while and that could even apply to one's pc security setup. It could happen to you - LOL! But honestly I think any changes from here onwards for me will only be minor in nature, and quite likely only temporary anyway. I've learned a lot from some very knowledgeable people in this forum, including that shameless lua troll , to realize how powerful and simple the built-in features of the O/S really are, and that they should be given serious consideration first in anyone's security approach. Without meaning to diminish their value, 3rd party software is really best suited to supplement the O/S' security features.

 

Yep, what I call phase three, where you decide on what works best for you. I agree, at this stage you have set so many different configs that you have your 'tweaked' setup and it is usually quiet, except for those instances that you mention.

Yes, indeed, this place is chock full of full time hobbyists trying brand x with brand z, then brand z with brand y. I love this, it provides so many tidbits of information way beyond what your typical security website would provide. Nothing like mishing and mashing parts together to see what happens..

I wonder if those that have used hips for some time, especially the same application, actually have much interaction with it anymore, except for when they change something. I would bet that most of the more dedicated hips users are either done fiddling and have decided upon thier optimum setup or are indeed gluttons for punishment

Not everyone follows the same path. I know some people who are really really knowledgable in computers, like since the 60's, and they don't even care about hips. They use a firewall and AV, and that is about it. But then, LOL, they were there before the internet and likely don't need as much.

Sul.

 

Sully said:
"I wonder if those that have used hips for some time, especially the same application, actually have much interaction with it anymore, except for when they change something. I would bet that most of the more dedicated hips users are either done fiddling and have decided upon thier optimum setup or are indeed gluttons for punishment"

I am not a glutton for punishment,but due to having fairly few programs installed*,I really do not have to interact with ProcessGuard very much.
Only when installing new programs in the virtual enviroment,and then on the
real system if i ever do.
If I could have kept the Returnil 2008 anti-execute feature,I would never deal with a HIPS at all.

*In other words getting it to quieten down was a quick,fairly painless experience.

 

Glutton for punishment, just for clarification, I am referring to those who purposefully do things that make hips display prompts a lot. You know, those that actually want to be notified of every little thing. I don't want to do that anymore, but I am quite sure some like that level of granular control.

Sul.

 

Lol,No! I do not want to do that!!
Pretty happy with "No News is Good News"!!

 

I find myself switching programs every couple days now that baseball season is over. I will probably go through phase 1-4 several times before Spring Training. Maybe instead of phase 1-4 there needs to be a 12 step program. Winter is boring.

 

It is kind of strange,I used to go looking for new programs to try,
now I just go looking for confirmation I have chosen the right ones!!

 

I have SSM set to be as restrictive as possible regarding process activity. I run it with the UI disconnected so there are no prompts. Everything already installed runs as it should. Nothing new can be installed or executed without connecting the UI, which I treat as an administrative function. To me, that's not a convenience loss. To other users who would install without asking, it's a steel door that only I have the key to. I have eliminated most of the integration between the browsers and other applications, closing many attack vectors . Files like PDFs have to be saved to disk and opened independently which some would call inconvenient. To me, it's a pre-emptive strategy that prevents future exploits for those apps from being used to gain access to the rest of the system.

IMO, there's too much emphasis on the specific tools and security software itself and not enough on formulating a security strategy that's custom fitted to match your usage. When you start with that strategy, then select and configure your security to enforce it in exactly that fashion, there's no loss of function, inconvenience, or sacrifice in usability. I used to run a massive ple of security apps, multiple AVs and antispyware, dual software firewalls, layers of integrity checking, etc. Integrating it together was a nightmare that got worse every time one of them updated. Not too long after I learned about default-deny and started testing SSM, I dropped down to 3 security apps, preferring them to Windows built in tools. Except for rule changes, I've used the same setup for 4 years now. The results have been a secure system that isn't bogged down and stays stable year after year. I'm not convinced that Windows built in tools will restrict the misuse of OS components or control their internet access as well as the 3rd party wares. I don't trust Microsoft enough to allow them to secure my PC but I do trust the apps I use. It's not blind trust. I hit SSM with every piece of malicious code I could obtain for a full year and it proved itself to me. Similar experiences apply to Kerio and Proxomitron. Until such a time that they're no longer compatible with my equipment or the web in general, I see no reason to change from a package that's worked perfectly for that many years and still does.