What is your security setup these days?

How is he not missing anything? VBS provides greatly increased protection from vulnerabilities.

 

From his setup he appears to be doing well enough without enabling something that will slow the machine and possibly introduce stability issues. 1 example, there are plenty of others.
https://www.neowin.net/news/microso...-update-on-pcs-with-memory-integrity-enabled/
I'd rather have a functional machine than break it to prevent an issue most will never encounter.

 

I have had this enabled for months with no slowness or stability issues. (The link you've shared is a year and a half old so may no longer be relevant.)

Sorry to hear enabling VBS broke your machine.

 

Today I dedicated my day to better hardening Thunderbird and SumatraPDF portable that I use to open my PDFs offline.
Maybe not everyone is aware that for example Fission is not enabled by default even in the latest version of Thunderbird.
It bothers me that SumatraPDF portable has in my Standard account a value of IL medium.
I inserted Sumatrapdf portable in the hidden LocalLow folder in this way the Integrity Level has the value low.
Even though I had already blocked incoming/outgoing connections from the firewall.

In this case the maximum rules in WD Exploit Protection are 12:

Code:

Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

It is not possible to enter the rule:

Code:

Block low integrity images - ON

 

Applicable to Microsoft apps only, AFAIK.

 

Not true:

 

Sometimes true.

 

This:

Code:

Code integrity guard - ON

is applicable to Microsoft apps only.

14 rules for Microsoft Apps
13 rules for other non-Microsoft apps.

You are Italian like me so I can show you the error I get with SumatraPDF portable inserted in the LocalLow folder if I insert 13 rules:

 

Yes this is also the reason why I never used HMPA for a long time. It's one of the best from a technical point of view, but it gives too many problems when combined with other security tools and it seems there is no easy way to whitelist trusted software that it might interfere with.

 

I have to agree. Also suppression of alerts. Often didn't stick.

 

Xubuntu 21.10 (PC my daughter)
Strong password enabled
Quad9 DNS
UFW Firewall - enabled

Google Chrome --disable-webgl

• Javascript blocked for HTTP://*
• Privacy Sandbox + FLoc disabled
• Clears cookies and data from sites when you close
• Search Engine and Home web-page DuckDuckGo
• Always HTTPS
• DNT enabled

Chrome://flags - Enabled:

• Anonymize local IPs exposed by WebRTC
• Block scripts loaded via document.write
• Strict Extension Isolation
• Strict-Origin-Isolation
• HTTPS-First Mode Setting
• Privacy Review

Extensions:

• UBO - Hard Mode - with TLD by Kees1958
• Decentraleyes
• Trace - (Only enabled) - Google Header Removal + Alternate Error Page + Webform Autofill + SafeBrowsing Extended Reporting
• Stream Recorder
• VideoDownloadHelper

P.S. Any feedback is welcome, unfortunately I am forced to leave Chrome as default browser

 

My testing continues.
Win 10: Emsisoft Anti-Malware removed and ESET NOD32 Antivirus installed.
VoodooShield Free and HitmanPro.Alert is also used.

Later i'am gonna install VoodooShield to that Win8.1 machine and then June 2022 i will swap AV to NOD32.
Currently Emsisoft is used on that, like in all my other computers i maintain.

edit: all this testing and AV swap is because Emsisoft is gonna stop definition updates to Win 8.1 June 2022.

 

No longer being developed because dev "just doesn't have time right now"!

Many Chrome "privacy" extensions will be useless with Manifest V3.

 

True, in fact some protections do not work.
Can you suggest any other alternative for removal:

Thanks for the feedback.

 

No suggestions.

The clock is ticking and Google hasn't even addressed basic issues like this years-old bug:

https://github.com/EFForg/privacybadger/issues/2273

 

Sphinx Firewall - AppGuard Solo - DeepFreeze

 

Salutations/Greetings,
@LoneWolf

* Are you still using Instant Recovery?
* Any problem with AppGuard Solo with other software any conflicts?
* And why did you pick DeepFreeze over Sandboxie Plus and Shadow Defender, just curious?

Always the best, Kind regards,

P.S. I am looking for a software with great rollback
Anyone can answer and no Crypto Miners.
For example, Malwarebytes, Webroot.......

 

hi, moose. ag solo has no known conflicts.
as for the "great rollback sw" you're looking for, i'd say go with mac-ref paid. it's the most reliable solution.
but if all you need is a static work station, then you should go with deepfreeze.

 

@imdb
Can you provide a link for mac-ref paid? So that I can look into, please?
Appreciate the info.....

Kind regards,

 

@Moose World
sure thing, moose. here you go:
https://www.macrium.com/products/home

 

Many thanks,
@imdb

 

you bet, moose.

 

Due to terrible VPN speed I have dumped Norton on one machine and reinstalled KSC.

HMP.A is off because of this:

#16660

KSC doesn't like MB, so on this machine:

KSC + OSA + Blackfog Privacy.

 

1-Yes.
2-None that I'm aware of, running smooth as silk.
3-I haven't used Sandboxie in some time.
I do however have a license for both ShadowDefender and DeepFreeze, which is why I find myself switching from one to the other from time to time.