What is your security setup these days?

In my sig below all is as it's been for a very long time on 8.1

UPDATED: On my Windows 10 ADDED: Comodo FW (latest) and WiseVector StopX plus Secure Folders

 

Windows 11 Pro 21H2
Kaspersky Free
360 Total Security Premium
Mullvad VPN
AOMEI Backupper Standard

360 TS is just being used an on demand scanner. It can be used alongside other antiviruses and I see no particular reason to uninstall it at this point.

 

Still Win7 Pro**
K7 AV Premium
OSArmor (behavior blocker on steroids)
SpyShelter Premium (HIPS & anti-keylogger)
EXE Radar Pro 3.1 Build1-24062015 (whitelister for auld lang syne)
R-Drive Image (3x/week, kept 2-3 months, FIFO)
~~~~~~~~~~~~~~~
**BTW, my Commodore 64, Atari 800, & Apple IIc -- all 3 still work, too.

 

No virtualization and sandbox solution?

 

I forgot to list my old stand-by, Shadow Defender. I'm not sure what its category is. Virtualizer or....?

However, I have no sandbox (I don't own a cat).

 

Two years go i bought a license of G-Data. Found a serious bug in it, reported it. Waited for 4 months (they usually release patch every 4 monts). The bug is still there. Uninstalled G-Data.
Now after two years, i installed G-Data to see, if the bug that i've reported two years ago, is fixed.
No it's not. Reported it again. I don't know why they cannot fix this bug that i've reported, maybe they need to change a lot of their main codebase, i don't know. It's interesting, if this bug is also on their Endpoint products too.
It's a bug where you can set up write/read execution check on folders that you specify. So i set up G-Data to check only on execution, but read/write access to %appdata%(or any folder i specify). This feature does not work at all.

 

Windows 10
Comodo Firewall free
WVSX
NVT OSArmor
Macrium Reflect

 

Windows 11
Microsoft Defender
All Windows Security features enabled
Custom Exploit Protection settings for all apps
Firefox µBO

 

Have you replaced Brave with Firefox?

 

Yes, for now. It uses more memory than Brave or Edge but it's fast and I like that I can customize the UI.

 

That short list combo is tuff as nails. I will add that when on this end testing baddies I shore up all those with Shadow Defender just as a failsafe in event happen to run across a sandbox dodger

Otherwise normal browsing that looks like a surety setup to me.

 

Thanks @EASTER, I have Shadow Defender, but using it on demand only...

 

Same as me. When i'm geared up to test malware Shadow Defender is activated and then no matter what anything, if the system seizes up from it, even a hard reset returns it back as though nothing ever happened. Marvelous idea and reliable that SD.

Comodo FW is also the iron cage but it's on my Windows DELL 10 not 8.1 because I would never get anything done on this production machine for running baddies thru CFW all week long.

 

Norton 360 deluxe
malwarbyte adwcleaner

 

WINDOWS 10 UPDATE: Added CheckMAL Inc. AppCheck Anti-Ransomware (Real-Time)- in combo with ComodoFW + WiseVector Stop X -
Also Reinstalled ERP 4.0 to serve as HIPS with many Rule Sets.
Defender Disabled OFF. No Overlap except where needed. Lite resource usage all 4.

I threw Loki Ransom (Signed) - 3 Magniber (2 signed) TWICE - LockBit and a few others-
Deliberately bypassed WVSX using EXCLUDE and ALLOWED 'UNLIMITED' in CFW to measure AppCheck reaction- Positive Result!

~ Funny Image Removed As per Policy ~

 

W.10 Home x64 21H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Quad9 DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes,EnableCsrssLockdown"

• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Always HTTPS
• Quad9 DOH
• Share browsing data with other Windows features - disabled
• 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
• IL AppContainer - enabled
• Audio Service -sandboxed
• Network Service - sandboxed

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Enables the BrowsingDataLifetimeManager service to run
• Experimental QUIC protocol
• Enable Back/Forward Cache
• Project Robin experiment
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Block insecure private network requests
• Enable Digital Signature for PDF
• Partitioned cookies

Disabled:

• Show feature and workflow recommendations
• Allow tab-to-search using Microsoft Search with Bing
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Consider SameParty cookies to be first-party

Extensions:

• LocalCDN
• UBO - Hard Mode
• Don't add custom search engines
• JShelter

For the sole purpose of saving bandwidth I replaced Decentraleyes with LocalCDN which is more up to date and works better for the intended purpose in various websites I frequent.

 

How does LocalCDN compare on your Browser to Decentraleyes? When you say works better can you offer a few details?

 

iMac running macOS Catalina 10.15.7

• Malwarebytes Premium for Mac
• Malwarebytes Browser Guard for Safari
• AdGuard Browser Guard for Safari
• 1Blocker (Paid) for Safari
• Safari Browser
• LastPass
• Backup: Time Machine, iCloud, USB Flash Drive and SuperDuper

 

I am interested in this response as well! TY

 

https://www.reddit.com/r/firefox/comments/l62nrn/is_localcdn_better_then_decentraleyes_should_i/

 

Appreciate the info from the link @Dragon1952

 

I have been using LocalCDN for a few years ever since i read the reddit post or another similar post. I was using Decentraleyes for a while before i changed to LocalCDN.

 

Hey y'all, been a while, hope you all well. Question see if anyone of you know...How do you secure erase a USB SSD drive? Its a Samsung T5, so I can't take out the drive and do a normal secure erase in bios. Thanks

 

hey dj. go to the manufacturer's site and dl their secure erase tool. or you can use parted magic.

 

Secure Erase doesn't work with USB protocols like sata or nvme to use Samsung Magician's Secure Erase boot. I'll try Parted Magic but I doubt it. Thanks