FACE IT

I agree, although ommitted in my statements that VIRTUALIZATION ranks right up their with HIPS, my mention leaning toward HIPS mainly is that it's a welcome relief for many even in a scenario where a malware could be identified/suspended by a HIPS/(even AE) for example, before it could make a malicious advance to disable your ISR app.

So good point and i take absolutely no exception to that.

Sandboxes and apps like DefenseWall are really cutting-edge techno security apps in and of themselves who's author's/developer's deserve full credit in going the extra mile on our behalf just by virtue of the way they,ve examined the many attack vectors and taken the steps to lower PERMISSIONS in addition to their excellent interception abilities.

This is taken a huge wind out the sails of malicious programmers and dramatically limited their efforts if not completely crippled greatly their forced intent to continue in what has been for a long time their unabated freedom at monkeying with user's Windows systems either for profit or fame.

EASTER

 

Your not exploited for sure and so many others here on Wilders,not to repeat the old discussions but i guess that over 90% are at a loss how to protect themself or even dont think about it.the majority rely on signature based stuf only and in many cases if you talk about stuff beyond(hips,virt) that, their jaws drop,their eyes glaze over and in most cases,end of the discussion.
Moral of the story is that many people can't or will not educate themselve and in this way stay as canonfudder for the darkside.Its obvious that this scenario will continue endlessly into the future so the malicious coders are well off and will make all the more profit out of it.I'm not pessimistic but one thing for sure : ''Its hard to move the masses ''.

12% of the fortune 500 take no measures against DNS poisoning ! LOL

 

It's hard to move the masses indeed.... but ask yourself: is it really necessary for some security software (HIPS being an excellent example) to be such a pain to configure? Can you blame the masses for not wanting to learn something like Comodo Defense+ with all options enabled?

 

I myself don't find fault with the developers of HIPS for configuration, that's a problem that can be solved by reading a well thought out, simplified manual/help file. Though we do need to put the emphasis on well thought out and simplified. If the manual is as complicated to understand as the program is to operate, the "masses" won't even consider trying it, let alone using it. No, where I find the fault is the poor design/description of alerts when using HIPS.

I don't think the actual concept of HIPS can be simplified without first knowing about DLL files, injecting, and all that go along with the lower level operation of an OS. I sure as hell don't know anything about it, which is probably why I find HIPS so alien to me. However, even if the concept can't be simplified, the function can, in the form of plain english, simple alerts and a damn good, easy to follow manual. HIPS are the sole domain of experienced users (and by that I mean people that have actually delved down into and learned about the core OS and how computers actually operate underneath the GUI).

Even Threatfire is not "so easy a caveman can do it"...Geico, please don't sue me for that. For better, solid protection, other rules should be made within it, and there of course you run into the roadblock of needing to understand WHY these rules need to be made, not just "some guy at Wilders told me to". If they don't work on making these things easy to deal with without Google and an A+ Certification book on hand, IMHO, HIPS will end up being a footnote in computer security.

 

what the hell is this all so hard to configure stuff. Geez. Geswall is on my computers with straight out of the box settings. I didnt do anything but plug it it.

Defensewall may have some you cn alter, but spend about 15 minutes here asking what you should set, and I would bet you would be cometely setup.

Yes some HIPS are hard, but some are easier then setting up some AV products. lol

 

I have been referring to HIPS, NOT policy sandboxes, which are what GW and DW are. I'm also not talking about you or the majority of people here, I'm talking about your AVERAGE user, you know, the people that know they should have an AV and Firewall, but still don't know how to configure it so they just let it sit there thinking/hoping it'll keep them out of every problem. Refer to my earlier post where I said basically "think outside the forum". Think about the soccer mom bringing home little Johnny a brand new system so he can play games, IM his friends, make a Myspace (God forbid).

Some may not understand this, but the majority of normal users out there are not going to take the time to learn how to operate this kind of stuff and understand what's going on when they get an alert, just because you think they should take that time. If they had all along, we wouldn't HAVE a malware epidemic, indentity theft would barely exist, if at all, there would be no security software to juggle around every couple of weeks like some here do. You can consider them idiots, lazy, whatever you please, but it doesn't change that fact.

 

The average user won't even update their antivirus, which is why av's today update automatically. Most won't bother to renew. Polls show lots now have antivirus but what percent is current? How many have firewalls? How many just blindly click on whatever thing pops up on the screen? There is software that will protect people like this, lots of it and a lot of that is free.

This is why, specifically, geswall ought to be on all computers. It starts when the browser open. There's no decision to make, like having to think whether to click the blue 'e' or the little kite.

 

Then why don't you have geswall ? (I'm assuming you don't use since it's not in your signature).

Undoubtedly there are drawbacks. But that's why there is no perfect solution.
There are many valid approaches that can work.

 

Either GW or DW or even SB will do, just SOMETHING. But yep, as far as HIPS, to "normal" people HIPS are something you shake when you're 20 and break when you're 80, and it'll stay that way until these developers stop talking "leet speak" and design them so that truly anyone can use them.

 

Most manufacturers have either Norton or McAfee on when you buy a new one. But, our neighbor bought a new desktop a while back. It had Norton aboard. Just click and install if she chose. Well, the little Norton icon was there, so she thought it was installed.

After we explained how to install it, it ran for the trial period and she let it expire but thought she was good since she had antivirus.

I don't think there is an answer. There's plenty of stuff out there warning people, but the average user is slow to learn. Only when they get infected do they take an interest. At least any of the free antiviruses ought to be included. If nothing else, it's good advertising.

 

That's what I hate, manufacturers put this stuff on there because the vendors throw them a little cash to do so, but after sitting on a shelf a few months, when they are brought home, these "trials" are over/almost over. Putting a free one on there that updates itself settles two issues, 1. No running out of time. 2. No spending extra cash for another year subscription. I'm not sure that the majority of AV vendors would allow for that though, it could be considered "corporate use" if installed at the factory on hundreds or more machines. Plus, there would go away that extra cash to the manufacturers.

 

Hmmm...... Must be a typo with mine.

http://www.softsphere.com/

GesWall's web site states it is a Policy based intrusion prevention system also.

http://www.gentlesecurity.com/desktop.html

 

Point taken, but still these are somewhat different from the HIPS that get tossed around in here. Regardless of names, definitions, I still firmly believe that your standard HIPS app will go nowhere beyond the expert realm. And in case you want to stick to your point (which why not, you ARE right, it's right there in the screenshot), THIS is what ALL HIPS apps should be like, and, until they are, it will still remain used among the few and not the many.

 

now that I agree with. The only way any product is going sell to the masses is simplicity. GW and DW offer that, along with better proven protection then a blacklist scanner.