What is your security setup these days?

@Buddel

I repeat I have not worked much.

 

Backup : Easeus todo home for those with Windows
3 computers : Win 20h2 - Kaspersky Internet Security - Updates Windows + Ucheck - Firefox or Opera + Adblocker Ultimate.
1 old computer : Win 20h2 - F-Secure safe - Malwarebytes firewall Control - Updates Windows + Ucheck - Firefox or Opera + Adblocker Ultimate.
2 computers for grandchildren : Lubuntu + Dr.Web antimalware for Linux

 

I had to dump Norton on this machine for my sanity. I was absolutely sick to death of the constant barrage of pop ups.

Windows Defender works great and is quiet, which all I want from my AV.

 

No way to control the frequency, or the nature of the pop up, like the importance level? I'm sure you've been all over that, and if there was a way to dial back the barrage, you would have taken it. Was it HIPS that was the chief culprit? You did the right thing, Krusty, choosing sanity.

 

Very true

 

Good to see you back, friend!

 

I had Special Offer Notifications off, which is the only setting available.

Pop ups telling you can can cover more devices, telling you to open Norton and if you see all green it means you're protected, telling you you can enable their VPN, telling you they can Optimise your PC, telling you to create secure passwords, telling you you can upgrade for free to Norton 360, even though I already was using Norton 360, etc etc, etc.

That doesn't include the pop ups telling you to install and activate their browser extensions, no matter how many times you click, "Don't ask me again".

Then there's the notifications on their mobile security.

Enough is enough!

 

Damn, Norton has sure changed since the last time I used it many years ago and it doesn't look for the better.

 

Thank you and is nice to see you again buddy

 

Yep, their marketing department is running the show these days. I fear for what will happen to Avira too now since their purchase.

 

The way I see it, there's customer acquisition and there's customer retention. Their overzealous attempts at acquisition completely ran right over retention. I wonder if the Norton corporate bean counters have any way of quantifying customers lost due to their marketing techniques. And the simple truth is, disgruntled customers have a way of spreading the bad news, so the ones jumping ship are opening eyes among their friends and acquaintances.

 

I've been telling the Norton Forum Administrators for months about these pop ups and sending them links to the many posts in the forum about the same. Nothing changed, or in fact if anything, they're probably pushing even more than they were.

Ignore your customers at your peril!

 

Here's some pretty pictures.

 

Krusty, you are killing us! True, I didn't have to open the PNGs, but I felt compelled. Now I am sick to my stomach. If ESET NOD 32 ever tried to pull that ****, I'd drop them like a bad habit. Unbelievable.

 

That's what you get when "marketing gurus" take over the show... It's also probably a sign that business will start to go downhill really quickly.

 

Oh, here's one I forgot.

 

that's horrible. an invasion of privacy.

 

Il am going to tweak my browser to block files from downloading

 

Setting the browser option to ask where to save files should do it.

In my case, I can block any unauthorized attempts to modify the browser. For example:




2020-12-13 05:29:00 C:\Program Files\Mozilla Firefox\firefox.exe Modify File C:\Users\username\AppData\Local\Temp\tmp-p1q.xpi

I use CFW free to harden my browsers.

 

but the file gets downloaded in the background and then it's moved to the location you specify. you're not actually blocking it.

 

You are right, I was thinking too simplistically as the deliberate act of someone clicking on a download link then choosing where to save it. There are, of course, unsolicited driveby downloads, which usually are a result of out of date browser plugins, browsers themselves, or O/S. I grabbed the log of CFW blocking an attempted driveby download of an eicar test file at: https://www.amtso.org/feature-settings-check-drive-by-download/

Results as follows:

1. my browser extension, uBlockO, actually blocked it. I had to allow it to proceed
2. then CFW blocked the download attempts with the following alerts:

2020-12-13 08:10:19 C:\Program Files\Mozilla Firefox\firefox.exe Modify File C:\Users\username\AppData\Local\Temp\0iKQbmPG.com
2020-12-13 08:10:23 C:\Program Files\Mozilla Firefox\firefox.exe Modify File C:\Users\username\AppData\Local\Temp\0iKQbmPG.com.part

the test page then displayed the following failed download attempt:



You mentioned downloaded in the "background", which I guess is actually the user's Temp folder. Thank you for raising that important point.

EDIT

it doesn't appear to be the actual file in the temp folder. It's maybe a "partial" file of the download? I'm not sure what to make of it. The actual downloaded file name is eicar[.]com I see this action with other downloads as well.

EDIT 2

sorry for the multiple edits, but I keep finding things. The files in the user's Temp folder are indeed only 0 KB in size.

 

it's not saved unless you choose a location but the dl starts anyway and a temp file gets created in user's appdata folder. and as you noted if you do not choose a dl location then the temp file gets deleted. but the point is you're not actually blocking the dl, just canceling it. that's my point.

 

Yes, the temp file is created using Firefox, if I disable both uBlockO and CFW, as I can see a 1 KB file immediately created in my user's Temp folder.

With uBlockO enabled, nothing at all makes it to the Temp folder. If I disable uBlockO and have CFW enabled, then only a .part 0 KB file makes it to the Temp folder. I would say in both cases downloads are successfully and fully blocked. I'm not aware of how the browser, Firefox at least, can be tweaked to block downloads. If you or @jmonge know, or anyone for that matter, I'd be interested in knowing.

 

I have this blocking setting in my phone only because I can not use any other laptops or pc cause my disability but later in life when I recover I will sett up the browser from my pc

 

don't know how to do that. sorry.