Do you think you use too much security software?

when i have no time, ill usually just install a firewall and antivirus. so far, ive just installed nod32, avast, and outpost. later when im not too busy, ill install some antispyware and some HIPS, which is where i need to sort and cut back on.

 

IMO, there's been too much focus lately on the number of apps people are running. What should matter most is not the number of apps anyone is running, and whether or not you feel it's reasonable, but whether the person is secure and running well. It seems like there used to be more focus on getting to know how your system works (so that you can make more intelligent decisions and determinations) and getting the most out of the things you do have (configuring your firewall and AV well, learning about the IPS alerts, etc). Now it seems like there's more of a shift towards pure numbers.

The fact is that when someone new comes around, they will encounter a dizzing array of software to choose from. They're likely to stack up on everything of different sorts while they find what suits them. As long as the person doesn't create too many problems for themselves, this should be healthy - they, as I did, learn a lot about how their systems work and what to expect. Once that happens, they can peel away some of the layers to match their comfort and skill level.. they will be the better for it because they will have had the ability to learn how to spot things for themselves (maybe it will take a number of alerts that you would find overwhelming.. if they're comfortable with it then who cares?).

Personally, I try to stay out of these kinds of discussions (although I'll admit to having given in to a couple)... it seems a little too voyeuristic for my tastes. My setup changes practically daily, and it's not really anyone else's business. Unless you're asking me for help, I don't care how many apps you are running either

To clarify, though, it's one thing when someone gives a breakdown of their thought processes that led them to the setup they have. I also don't think it's right to take a small handful of apps and recommend them to everyone that happens by, regardless of their skill level either. But to have to justify, to state whether we're doing it for fun or not (because you might be chastised otherwise), is not reasonable. Finding and trying out new apps is what we do here, it's why we keep coming back. We then can use that information to pass on more informed recommendations to newcommers. Worrying about what other people think of your setup, unless you specifically ask, is not healthy or productive. I say go nuts, as long as you can keep a level head about it, it doesn't matter to me what you're doing or why.

 

I think I'm about right.

I agree with EricAlbert.... I got a computer to do stuff other then to run security apps. Unless it is a hobby or a business.

Security Apps. are necessary things to keep our machines and data safe, we should not over burden them with too many.

I am very thankful for those who have this as a hobby and a business here at the Wilders. They are a treasuer chest of good information and freely shared.

One final observation so far the one that has garnered the most votes is somewhat predictable, especially for the Wilders. Most think they are just fine it is the other guy who has the problem. We are security minded. We address our needs as we see what is needed in our own minds. And pretty quickly I would bet. Keep in mind a poll is a snap shot in time. And peoples thinking is subject to change.

 

I like to try out new security software, so after some time you got a lot of it on your computer.
Hobby? Maybe I do consider it as such.
Oh well, can't be protected enough with all the bad stuff flying around.
Cutting down though after trialing it for some time.

 

If I put my partition "C:" in a virtual environment, I can download anything and try it out and everything will be gone during the next reboot including :
- the existing viruses, the new viruses and the never discovered viruses.
- the same for spywares, trojans and keyloggers.
That's even better than AV/AS/AT/AK scanners ever will be.
Spam-emails are deleted immediately without even opening them.

 

Oh, but if you are a frequent dslr security forum poster you now are ridiculed if you use anything just about. That's probably why the rush...WildCatBoy's famous/infamous thread. And heaven forbid if you use BoClean or Process Guard and recommend them in that forum.

 

I use:
Bit Defender 8.0 (free version) on demand only scanner
Process Guard (full version)
Spyware Blaster (for the rare times I use IE)
Spybot (on demand only, no Tea Timer)
The Proxomitron and Firefox
Linksy router

And no, I don't think I use too much.

 

I agree. The guy who started this poll is clearly a troll.

Still, I think this poll calls for self assessment, and is not meant to 'chasten' others, but to allow you to reflect on your own setup and attitudes.


The question is "Do you think *you* use too much", not "Do you think *other* people....

A poll on the latter I suspect would get a lot more positive "Yes", 100% absolutely responses.

And like it or not, for many (most?) people here the number of apps they run is a matrix you use to decide the degree of security you have. Whether you agree that such a view is sensible or not is besides the point.

Indeed, and these people are not dummies by and large , and they know they will eventually cut down. Which is one of the poll options.

And then there are people who enjoy testing for testing sake...

Of course it's not right, nobody is saying that either. No offense Notok but your post reeks of self-defensiveness. Just like the people who are eager to claim they run minimalist setups who evidently arent. There is definitely some guilt involved, whether it's justified or not , I don't know.

Really?

Don't look now Notok, but you are justifying yourself now. I would say the first option for you.

Another interesting question to ponder, in the course of trying out new app and adopting new apps, are we truly enhancing our security in any significant degree?

To do so, we are assuming that we have the insight to recognise the better app and switch to it , might we be asking too much of ourselves? Particularly when the apps we are talking about are already cream of the crop and we are all as blue says 'armed to the gills' such that not much can get pass anyway so even if we did objectively improve our defenses, we wouldn't know it anyway.

I'm not saying we can't recognise better apps on other citeria like user friendliness, resource use and all that. Those are worth looking out for too ofcourse. But my question is in terms of sheer effectivness in protecting ourselves, one of the main reasons used to justify switches. Or are we fooling ourselves?

Say I imagine a twin of myself who stops reading these forums for a year , while continuing to use the same app (plus normal updates to them of course) , while the real 'devil's advocate' continued to read this forum and test apps.

By a year times, I'm certain that my 'alpha setup'( representing my views on what is likely the most secure setup and the one used on my primary machine) is quite different from that of my twin's a year ago. How much more secure do you think the difference would be (if any) between mine and my twin?

Could I in fact have actually weakned my security by making the wrong choices? Unlikely I guess (here's I'm assuming I have at least some skill in making judgements) . More probably, it would be a moot point anyway, since even a slightly weaker setup would still be leagues better than most people.
such that it makes no pratical difference.

I don't know the answer, I would like to think that in a year's time my security setup would be even more formidable than it is now, and that I have the wit to incorporate new types of security defenses against new types of threats , but I don't know really.

But of course, your aim in testing security apps is not (not primarly at least) for improving security, but in playing with them , helping others, then who cares right?

I would say that part of keeping a levled head would include self reflection
and perhaps this is a good launch pad for this.

Altough, I admit it is tempting to see this in terms of a witch hunt against security application use. I apologise if some of my comments were taken as such.

But as I said

 

I currently use quite a few different security apps. Most are only for running manual scans on files i just downloaded and want to check it with all my scanners, one at a time, to be sure it doesn't contain malware of any kind. I like having all these scanners for on-demand scans and it has saved my bacon a couple of times, so for me it works great.

Some of the programs I run are My AV, FW, MSAS, Spybot, Adware, Spycop, STM, Unhackme, RootkitRevealer, Blacklight beta, Pest Patrol, SpySweeper, X-cleaner, Ewido, A², Bazooka, and some others. I don't feel like I'm overloaded with security apps at all. They are all useful to me, but if I was running them all realtime/resident I would probably have a problem.

These are just some of the different progams in my set up though, and like Notok, I don't feel the need to inform everyone exactly what I do and don't use securitywise.

 

Now I have just enough. Before recent fresh system install I did have too much but omitted some of the programs.

 

I used to have way too much. Startup/process monitors, TCP connection viewers, custom registry tweaking programs...lots. Then my system became unstable and I´d have to reinstall Windows or restore a backup image. It became a hassle reinstalling everything so I just put the basics back on.

 

Not my words (spoken or not) or point, and you are intelligent enough to know what my point is without dissecting it into enough pieces to throw it off track. You have failed to make any coherent argument, please summarize and try again.

There is a clear difference between someone, such as Blue Zannetti, offering his thought processes, guidance, and food for thought, and needing to justify anything to anyone.

 

I will call myself an "Extreme Virtual Minimalist" (EVM) after New Year.
EVM are also my real initials. This is a pure coincidence of course.

 

Notok, please learn to quote properly. You left out the smilely.

I hope you are not trying to make things personal. I'm just stating my opinion same as anyone.

 

There are really a number of points regarding this poll should be examined.

• The focus on numbers, as in too much, misses the point. I could be well protected by 1 application and as easily quite exposed while running a dozen - trying to focus on too much is the wrong tact.
• There are some pragmatic issues in assisting new users. Although I also try to take pains in encouraging users to assess there exposure profile, plugs the holes that they see, yada yada yada....., there is a substantial fraction of the user population (not necessarily the Wilder population, but the general user populace) for which I realize that this approach is completely misguided. Infection vector? What's that? Risk profile? I have no idea what you mean. These users currently don't have the underlying experience or knowledge base to make the desired analysis. Providing some practical basis for how I have come to my decisions may help some of the more advanced members of this population, but many really do need an explicit recommended solution, despite some of the opposing views voiced in the What is Security? thread over at Broadband Reports. Education in computer security is a noble goal, but a substantial amount of basic PC education is needed before security specific topics can be reasonably tackled and it is a veryt simple matter to be online and exposed without receiving that very basic knowledge. Overall, I believe any user is well served using a router and a suite. We all have our preferences on vendors, but any of the major ones (Kapsersky/Norton/McAfee/etc.) are fine.
• There is a natural issue with numbers of applications. Some applications conflict with others. The greater the number of applications running, the more likely a conflict will occur. It's a pure game of statistics. By the same token, many of these applications cover a range of issues. The more applications running, the greater likelihood that there will be duplication of coverage with no discernable security benefit. Given the potential downsides with no or minimal upside benefit, any user should ponder the where they sit in achieved coverage. I realize that many have no basis for this analysis - hence I do tend to list what I use and why I use it, to provide even a casual user with an initial strawman setup for analysis. It may not be suitable for all, but since I generally use purely default installation configurations and do not tweak the applications or OS that I employ, virtually any user should be able to install and use the type of setup that I run.
• I do shy away from recommendations involving system tweaking/hardening. This is a way to minimize the need for secondary security applications. The reason I shy away is not altogether rational, but I've seen too many users start down the appropriate road recommended by many here, only to become a binge configurator and start disabling OS services that any random site may offer as unneeded. This typically ends badly... Rather than try to walk this path, I currently avoid it.

Blue

 

Hi,
First questions? Does hardening constitute as security? If a user disabled 10 services and tweaked 15 restriction policies, does that count as security software? How do little thingies like BugOff, WWDC or Samurai fare in?
Anyhow, Windows machines:

The most heavily protected system:
FW + AV + AS (2 real time, 3 on demand) + AT (2 on demand) + Web filter
Tweaked with a variety of little hardenings

The least protected system:
FW + AV
No tweaking whatsoever

All systems:
Non-IE browser
SpywareBlaster
CCleaner

Mrk

P.S. I find the FW + AV + fortified Firefox enough; this includes P2P and lots of pron.

 

• 
  
  Perhaps a better poll is do you think you worry too much about security (is it possible to do that?)? Do you think you spend too much time, money on security?
  
  I agree it's not only about security applications, as you point out below it's possible to go crazy on 'security' without security applications what so ever.
  
  But in this forum, security applications are the No1 thing people look to, when discussing whether they are secure or not.
  
  
  
  

Anything brought to extremes is not healthy clearly. What you risk doing by focusing on security applications is that it can bring out the other extreme, where people go on a 'binge' on security software. So a balance is needed.

That can be as harmful if not over so.

 

There are many aspects of our life that are similar.

Many of us drive cars. Over the course of our driving lives, many will never experience an accident of any type, some will have inconsequential bumps or minor fender benders, there will be the occasional major accident, and very infrequent life altering or ending collision. Same with homes and burglary/fire/storm based damage. The same logic applies to our personal health. In some respects health is the closest corrollary since we all do things on a daily basis that impacts our health, some good/some bad, and we often take steps to minimize our risks for specific conditions based on our presumed risk/exposure profile and past history.

In each of those cases we carry insurance policies and if something untoward happens, the company we contracted with will handle many of the details to a resolution and spread the financial risk over a large population. There's also a deductible component in which we will have to foot a base amount of any bill. That style of insurance isn't offered directly in the PC world, although piecework solutions can be purchased. The question is..., do you worry more about PC security than these three other areas, assuming any are applicable? Note, worrying about it and doing something about it and keeping it up-to-date are different. If you worry more about your PC's health than your own, I'd say that there is something seriously out of whack.

It is so situational, even the part of striking a balance.... There are no simple answers...

Blue

 

A drop of oil in the right place will do MAGIC. The same with security. An experienced user can browse the internet with just a firewall, and be perfectly safe. The chance of catching a bug with porn and warez sites goes up exponentially, even for some Pro users.

In the PC business, having less software running in the background is always a good thing because it reduces the chance of a conflict.

 

Another brillant speech from Blue!

Darn, I don't go to health forums to talk about different or new ways to keep fit, or keep abreast of the latest possible health threats, while I do the equalavant for my PC, does that mean something is out of whack?

 

For me it works on two levels.

1. I have sufficient resources to have a reasonable expectation of being safe today.

2. I have sufficient interest to develop the knowledge I need to be able to hope me and mine will be safe tomorrow.

A little too much software is an area to tighten up and improve upon. A little too little could be an opportunity to reformat.

While I'm still learning I know which I prefer

Edit: Just to add this wasn't supposed to sound trite or snotty - the more I realise there is to understand, the more I am humbled by and appreciate those that have already learned so much and offer their knowledge freely.

 

You tell me....

I don't recall focusing on forum visits in my post, I was focusing on any actions one takes, a portion of which could be discussions in forums like this. I would have though that much was obvious, I stand corrected...

Cheers,

Blue

 

You are absolutely right!

Yes Blue, I was trying to talk about other actions besides just using security apps, which you so ably pointed out was not the whole story.

You really blew my mind with the comment about PC health versus indidivual bodily health.

The first thing that came into mind (besides security apps) is time spend on security forums and others sites! If I was as eager to do so for my own bodily health, I would be a super fit athlete! Or more likely scared out of my wits by the possible things that can go wrong with my body

Hey Blue I would also wonder if you could address my concerns in an earlier post . Do I have enough knowledge to know when to switch to a better product?

 

Well, aside from your growing neglect of proper spelling, your frequent dismissive attitude does detract from the generally useful information you often provide, or perhaps you just consider my comments idle chatter, whatever ...

I guess this is the first time I've seen forum attendance as a potential route to fitness....

Do you mean this comment

First of all, I didn't say we were armed to the gills, I said I was. Second, do you want a serious answer or something you can dismissively respond to? Serious answer? What most users can assess is gross system compatibility and drag on system responsiveness. With a little work, users can also test very gross levels of product functionality. As far as testing finely divided differences in the security performance of a given product, I'm sure a developer in this application area could do it (I sure hope so...), but the typical user? No. On the continuum of user to developer, where do you sit? Therein would be my answer to you.

Blue

 

Hey Blue I don't understand your negative attitude towards me. Particularly, considering I'm a big fan of yours and I make no bones about saying it.

I don't know why you find it hard to believe, do you think I'm joking whenever I agree with you? Or do you think i'm making fun of you when I quote you?
If so please stop.

I think you make a lot of sense, unlike all the other pseudo-experts running around.

I may be sometimes dismissive to people who clearly have no clue what they are talking about, but never to you.

It's not that your technical information is better (not saying it's worse either mind you), but you generally make more sense for people like me who are not super experts.

So do you think most of us are NOT armed to the gills?
I'm certainly armed to the gills though. I think.

You are a smart guy blue, you know what I mean. If the energies i put into keepin my pc healthy was translated to keeping myself healthy...

OMG, of course I want a serious answer. When have I ever being dismissive towards you?? Perhaps you don't like me joking about the 'blue formula' ?

I think it's a brillant way of thinking, and more importantly, it matches what I have come up with independently too

So it's possible that the more tinkering i do , it's likely I might even weaken my defense. Is that correct?

What strategy would you recommend then to avoid such problems? Picking someone who is acknowledged by everyone who is a guru and following his lead?

Oh blue, surely you know the answer to that. Squarely on the user side. That's why I'm seeking your advise.