security software vs. 0day malware

GrafZeppelin, thank you. Reading about it the extension seems a little more complicated to run than NoScript perhaps, but that might simply be due to the options available and layout based on the pictures I saw in the thread.

Page42, I will keep that in mind should I decide to try Sandboxie out. Unfortunately I cannot have too convoluted of a security setup, as my family is even less knowledgeable about security than I am, and I must often leave them for long periods at a time due to my work. So, anything simple to set up and maintain while being effective is my ideal solution.

 

FYI, I never see anyone in my household have any problemos with Sandboxie when I am not around. It is not a program that requires continual management. You might say set and forget.

 

Yes, it can be set and forget. My 76 years old mom lives in a different country than I, when she comes to visit, like now, she uses Sandboxie and doesn't even know that she is running sandboxed. I create and setup a sandbox for her with her name on it and tailor the sandbox according to what she does. She doesnt say nothing.

Bo

 

I actually find it easier to use than NoScript. Well, at least it's easy enough for a lazy guy like me who don't bother to customize the options too much.

 

Let me sum up the most effective apps/addons to defend against 0days to add to any security suites:

-Firefox + NoScript
-Sandboxie
-MB AE (?)
-EMET

However, to come back to my topic and my main concern:

What's you guess how many malware engineers will develope malware that can still bypass this setup ? Do you think it's worth the effort for them as they would still be able to break into the majority of systems with a rather poor securtiy (AV only) ?


(please excuse any poor english, not a native speaker)

 

It's not common ITW, but there are some exploits which bypassed them. Not quite sure with MBAE. For the most part, I personally consider it as an excellent plan.

As long as you're not the president of the world, it's very unlikely that they will put so much effort to raid your system with that setup. If you were on their top list, then I don't think there's anything much you can do. Unless you want to develop your own OS.

 

Drop MBAE for EMET IMO. No point having both, since MBAE only seems to implement weak pseudomitigations and EMET largely implements decent ones, with a few **** ones.

Either way, no one's going to write exploits for that. The most popular exploit kits are stopped by EMET alone due to information leakage - of course that's assuming you don't use XP.

 

Cool, thanks for your comments guys !

 

Which ones are ****?

 

The anti-rop. He mentioned it on another thread if i remembered correctly.

 

Ok. I'm glad I'm sticking with version 3.0.