Decided to remove a lot of my security measures

No more MSE. No more Comodo.

While I like the idea of sandboxing my programs with Comodo I don't need all of the other "fluff."

Two host files + whitelisted Javascript + Chrome's inherent security is all of the preventative measure I need.

 

If you don't mind ...

Why do you like hosts files? Have you tried anything else? The reasons I don't like hosts files are the lack of granularity and that one can't use regular expressions.

I use Privoxy which is light-weight and affords a lot of flexibility in writing rules. A possible disadvantage is that I have to make my own rules but I prefer that rather than "lists" made by someone else.

 

I use the MVPS host file on my router because I have multiple computers in the house and it's a great way to keep people on my network secure.

I have the spybot host file on my PC because it's an extra layer of security, why not?

What else would I try? It's been working great so far.

 

Whitelisting java is a good idea.

Chromes Low Integrity Level alone is pretty good.

What do you do when the Chrome broker executes something you downloaded at a Medium IL (or High if you are admin)?

How is a host file going to give you security when a legitimate site has been compromised with the latest bug like the fake AV ones going around recently?

Sul.

 

I'm not admin. And Chrome filters downloads to see if they're malicious + I'm not too worried since I have to "OK" downloads.

I'm not worried about a legit site being hacked. Seems pretty unlikely that one of the sites I visit would be since I don't visit any serious news sites or anything like that. No reason to hack the sites I go to.

Plus, Chrome has built in XSS auditor. And what are they gonna do... drive by download? a) Scanned by chrome. b) I have to "OK" downloads.

 

I too am thinking of going without an AV. Since running EMET and AppLocker, it's hard to imagine much getting through. A weekly scan with MBAM free should put my mind at ease.

 

My advice would be to have a virtual environment of some kind for anything you download and execute that you don't implicitly trust. vmWare and kin, shadow defender and kin or sandboxie and kin all offer you a place to test downloads before you introduce them into your real system.

Running without an AV really isn't much of a problem, until you execute something. And lets face it, while you may get 90% of new downloads from trusted sources, you are always going to stumble on some new application/file that you were not looking for, but are very interested in.

I haven't used an AV for maybe 2 or 3 years now, and have been trouble free. But, I also don't execute downloads in my real system without first running them in sandboxie or vmWare. I know enough to know what to look for most of the time, and when I am unsure, I upload to an online AV scanner.

Sul.

 

I haven't used real-time av in months and no problems yet. I simply scan new downloads obtained from sites I can trust with updated free MBAM before executing them. What a simple yet effective combination: common sense + trusted sites + a single scan with updated on-demand antivirus= no malware. Especially with your AppLocker setup you should be fine.

 

It seems that sandboxie can't run for folders without being paid for. I don't believe that security should ever cost money. So that's a no unfortunately.

Honestly if I were using applocker there's no way in hell I'd waste my time with an AV.

 

Why would people running the free/shareware version have the same features that paid users have? It doesn't make any sense.

I also used to think like you, and still do, regarding antivirus/antimalware applications. No matter what, they will always fail. So, why should we pay for something that is flawed by nature, right?

But, I do not think like that when it comes to applications like Sandboxie. They keep us safe by nature. The developers behind such applications dedicate a lot of their time to such applications, so why shouldn't they be rewarded for their hard work?

There's only one paid-for security application that I use, and considering I couldn't afford to pay for it... I did something else to get it... I paid the developer(s) with a translation to my language. Whenever I see an application that I may find useful for me (whatever it may be), and if it's not available in my language, then I'll contact with the developers and ask if I could get a license by translating the application. If I can't afford paying with money, I pay with a translation or some other way they may find useful, and that I'm able to assist them with.

Both parties win.

 

Hmm. You create code, others break it. You patch it to fix the break, it is broken again.

Can the OS ever be truly secure in this case? Can the offering of another software that can prove itself to be near bullet-proof be worth buying?

I don't like to buy security software, or any software for that matter, that I don't need to, especially if there is a free alternative that is comparable. I have yet to find anything that compares to Sandboxie, and thus I gladly shelled out some dough for it. Very likely the best software purchase I ever made, although I would be hardpressed to decide between Sandboxie and vmWare as to which I would purchase if I could only choose one.

Sul.

 

I'm not saying they shouldn't be rewarded. I just personally will not pay for a security program unless I'm just trying to donate.

 

Hmm, you make a lot of sense. Thanks for the response

 

Well, there you go. Is Sandboxie provided in you language? Perhaps you could get in touch with Sandboxie's developer and see if you could work something out, like providing a translation to your language.

It would be like "donating", I think.

 

Maybe. I'd only use it for one folder. I'm not too worried about Chrome's sandbox breaking. I'm already protected from drive by downloads in a few ways.

 

I've been thinking about what you said and have made the following changes.

 

I guess what security a person has depends on what he uses the pc for.If i just browsed at the bbc web site and nothing else i wouldn't care about getting infected.If on the other hand i used online banking ,shopped online etc ,then i would personally use as much layered security as possible as long as it didnt affect pc performance to an extreme.
ellison

 

I don't use my Windows PC for any banking but I do do some shopping. Not too worried.

 

Sorry i don't understand that, I'm a keen S.B user, can someone explain that to me , Cheers

 

He means that the free version of SBIE cannot force directories or programs into the sandbox.

Sul.

 

You can add secure DNS on your router and SRP (or Parental Controls). For suspicious downloads, I would upload them to VirusTotal and Comodo Instant Malware Analysis.

 

Secure DNS is too much of a pain for false positives. I feel like I have that covered with a host file for the most part. Tons of sites are blocked by spybot.

And yes Sully, that's right.

 

ClearCloud allows you to report FPs, which usually gets corrected within hours.
DyDNS and OpenDNS allows whitelists, but that requires registration and neither (especially OpenDNS) are as effective.
Comodo Secure DNS and DyDNS allows temporary bypass.

 

I might consider it. I've used google's tool to pick out the fasted DNS servers for my computer. If I find that my system isn't as secure as I'd like I may try them.

 

Some years ago i used MVPSHosts and Spybot immunizer feature, and they were very effective blocking ads... I think that if you are savy and the only pc user, probably you´ll not need a real-time. OS hardening, sandbox, HIPS, virtualization, etc provides great "real-time" protection that can be complemented with "on-demand" scanner...