The Golden Bullet?

Well, I think if you use an AV you won't get a the "golden bullet" this is because no av detects everything. My opinion is that the best way to acheive a nice setup would be something like;

Vitulization\ HIPS\Firewall.
Something like CPF3\VIS\OA Sandboxie is pretty much unmatched in it's field and something like returnil\Comodo diskshield.

 

Most of you have been here on wilders for some time now and have learned what most of the security apps are capable of. And as such you should realize that there is no 100% security. all we can do is install and run what makes us the most comfortable surfing the web. There are ways to get pretty darn good security but when we start convincing ourselves that we have a bullet proof setup we have a fool listening to us. All we can do is the best we can do and that is to try and stay ahead of the criminals and malware writers. So far so good on this end but it can happen at any time

bigc

 

The only 100% Secure computer only exists in the security idealist's mind...

In the real world the need to be ever consistent in ones vigilance is the only sure thing, as well as knowing that the only guaranteed variable is that none of the software you can get either free or commercial will ever be able to protect you 100% against all threats as the infection vectors are far beyond the grasp of all of them no matter what the claims or fame... As the very designs of our "Consumer" OS's, and "personal" computers actually prohibits true security as they are open, and porous in their very designs.

Eventually Even the best of Breed all succumb to the "unexpected" or "New" method used by the coordinated, and often globally distributed vaporous evil minds, driven by greed, revenge or retaliation...

The only "Safe" computer is the one protected by an encrypted OS encapsulated inside a hermetic firmware shield (hardware) that is inaccessible from the outside... (Where modifications can only be performed by replacing the OS Chip!). And where the hard drives are only used to store data instead of application programs, and operating systems.

Since this is not how things are done outside of military hardware or other high grade technologies... well then we are better to get used to getting infected from time to time... in spite of the best in software, and ingeniosity

 

Well 'I ve had enough of people saying there's no such thing as the Golden Bullet or 100% security.

There is, I've got it and loving it!

Fool me be and the only 100% Secure computer only exists in the security idealist's mind - then so be it.

Tried everything malware related I've found here and other forums and I'm still around.

 

bigc sums it up pretty well

 

Yep. That doesn't mean you can't be safe.

What we tend to agree here from discussions, is that majority of "attacks" are really simple to avoid.
People click video.exe, so why try harder? As you imagine worse scenarios, it tends to be rare. Only happens if it really pays off.

But don't believe your defense can get anything they throw at you. Destroying is always easier than building, me thinks.

 

Intelligently Put!

However I personally believe every user needs to be more involved in keeping us all safe. Stating the obvious, with the scenario you provide the issue is basically twofold, one is user ignorance, and the second is user complacency. I have tried to address both in an article I wrote for my web site a few months ago...

For those interested read it here: You Have a New Unknown Virus?

It would not fix everything but it sure would go a long way in helping security product vendors circumvent the petty rivalry holding them back from true cooperation and speed up the elimination of easily preventable infections...

 

" However I personally believe every user needs to be more involved in keeping us all safe."

I totally agree with that and Having friends,Family,colleges sharing email,USB devices etc to take some responsibility to try to make sure its clean,safe or appropiate and the receiving party to check it first before just taken some ones word its safe IMO its like handing someone a loaded gun and say don't worry its not loaded,A weapon is always loaded.I try to always assume something is infected I am unfamiliar with. Assumtion Is the mother of all ****ups No biggie if its not infected,Assumption of it being safe there is less room or no room for error if its not.

 

That is funny. I try to imagine peeps having to take a 'Basic Computer Security' class before being allowed to purchase a computer, or even better, before MS sells them an OS.

It is like giving a drivers liscense out. Just because you can pass the test does not make you a good (and safe) driver.

I would like for users to understand, but personal experience says that some just want to click the button and have it work. They have no interest in investing the time to learn some basics. These are the types when you tell them about some basic stuff, thier eye's glaze over and they seem in a distant far-off land. Or even better are the ones who get that 'deer in the headlight' look.

It would be an ideal solution though if it were ever to happen.

Sul.

 

You know over the years I have seen computer users who couldn't be bothered with security at all, some where even too cheap to purchase the appropriate protection leading many to be directly impacted economically by such... Not to include loss of time and productivity.

Fortunately such moron's are in a relatively small minority, and fortunately for the rest of us, many security product vendors have found the wisdom to offer many of their products for free, thus eliminating the reasons for Joe cheap to live without protections... Effectively reducing the spread of much I'm sure.

If the economic impact of letting one's personal computer infect another causing financial loss was in fact regarded as seriously as having someone playing with one's loaded gun, and wounding someone else, perhaps less idiots would do it...

No accountability means no real reasons to act unless one is personally impacted enough to experience real personal adverse effect thus leading them into actions such as cleaning up their own infections and perhaps even considering trying to learn and act in such a way as to prevent them the first place!

 

Boy. I never thought I'd get this much feedback. It must be in the title.

Ice

 

I've got almost 100MB of malware, trojans, viruses, exploit code, etc that I've been using to test my security package for almost 4 years now. I haven't had a resident AV installed in over 3 years. My last full system scan was over a year ago. Yes, I trust my security package that much. IMO, my setup is almost bulletproof, but there is no way I'd claim that it's 100% secure. There's too much that's beyond the users control for a claim like that to hold up.

 

Actually there is a Golden Bullet, it is all in the approach.

 

How can you say "almost" bulletproof when you haven't had a breach as yet.

Here I willl state that my setup has been bullet proof against all malware I can get a hold of with the only time I've ghosted back is through my own mucking around with the system through deleting stuff and or changing reg settings.

Just because a few well known and respected members have stated there is no golden bullet doesn't mean you have to agree.

 

The Golden Bullet is a reality i'm pleased to say, and is only a matter of making the absolute best use of a combo of various protections, which brings up again the Layered Approach, which is IMHO, "THE" Golden Bullet.

 

+1 to the layered approach

 

for me golden bullet is a bullet full of gold

 

If the truth be known, the absolute Golden Bullet of the Century for me is been the now defunct Classic FD-ISR archives

With those duplicate system images safely stored to another HD, it doesn't matter even if i got pummeled since their easily re-converted back again to working systems in the exact same manner as if a user returned an image from their backup program.

Since i rarely use FD-ISR anymore i suppose the Golden Bullet for me is the backup program DriveSnapshot because theres no way for malware to reach something that is totally out-of-reach to them.

 

Quite easily. Just because my system hasn't been breached doesn't mean it can't be. I run a default-deny security policy which is applied to everything. Only the whitelisted processes can run. What other processes each can start or be started by is also specified. Interprocess integration is as limited as possible. Internet access is very restricted. All web content is filtered.

I don't worry about malware that uses an installer or is its own process. These aren't going to run. That's the easy part of default-deny. My concern is malicious code that exploits allowed processes or is embedded in files that are opened by user apps and uses those apps to launch others with deeper system access. A couple of POCs caused me to change parent-child settings more than once, blocking interprocess activities I used to allow, like opening a PDF in the browser or allowing the browser to launch the PDF reader. Now I save them to file and open them directly. If I had found that code in real PDFs instead of POCs, my system might have been breached, depending on what it tried to do.

IMO, when malicious code is allowed to run, there are no guarantees. Just because malware hasn't broken out of a sandbox or virtualization app doesn't mean it won't happen. Eventually, it will, and there's a good chance that there will be nothing to alert the user that it's happened. Software that restores your system at reboot is fine for preventing permanent infections of the operating system and user software. If that code reaches the BIOS or firmware, then it doesn't help. It also doesn't prevent malicious code from doing its dirty work during the current session.
Example: A site is hacked, uses a new exploit to drop a keylogger that runs in memory. It doesn't matter if the keylogger is gone after a reboot. It already did its job, stealing your password for that site.

The biggest problems are those that are beyond the users control, such as sites and servers being compromised, plus the design flaws in the structure of the internet itself. If a trusted site that used java, JS, or ActiveX was hacked, would your defenses be sufficient against an attack from a site you've trusted? If DNS is successfully exploited on a large scale, any site could be malicious.

All software can be exploited, including security apps. Apps that handle internet content and files from unknown sources get exploited more often than many people realize. Vulnerabilities are discovered and patched in most apps in a never ending cycle. Can you guarantee your system will hold up if you find the new exploit code before it's patched? There's no real way to know for certain.

My statements are based on my own observations and testing, not someone elses opinions. I've dealt with malware for years, I've cleaned and secured more systems than I ever want to remember. Over the years, I've tried and used many different security setups before settling on the package and policy I use now. In that time, I've come to one conclusion. You can put together a security setup that is very, very, good and repels everything you can find. But eventually you'll find that there is a way to beat it. Nothing is 100% secure.

 

The Golden Bullet is knowledge. For some it is a journey in finding the holy grail of a setup, until the time comes where knowledge enables them to not worry about a golden bullet.

 

The Golden Bullet = Wilders Security Forums

 

+1

The one place hacker's leave needing a change of underwear!

 

Here, here

As the other member pointed out, KNOWLEDGE is a Golden Bullet, and this forum transforms the weakest user into a SUPER-SECURITY POWER USER after some time spent reading and applying very useful techniques (and programs) to build their own arsenal.

 

Very true. Just reading these forums and learning about different software, hardware, configs, pitfalls etc..... I personally have learned a lot. But I'm not quite sure if thats a good thing.

Ice