DropMyRights?

Something that is not being mentioned by anyone. Let's step back here, are you talking about computer usage for a business or a home user? Security needs for both here don't have to be the same, especially a home user, because if some home users thinks he/she needs the same level of security as a Corporation, then something is wrong with that line of thinking, and the knowledge someone has spread to this person thinking this is wrong. What I'm talking about here is just your average home user, surfing the net a little, email, chatting etc., of course when a home user is getting into doing business at home, that's another issue, more needs to be added, but then again to what level of more?

Questions:
1. What sort of security breaches are we talking here? Infections, expolits, or breakins?

2. Depending on your usage, and experience you can determine your level of security.

In the 20 years I've used computers and been online, all I've ever used were either software or hardware firewalls and one av application, that is all. Since these past 20 years the only thing I've changed is that I've dropped using software firewalls and use only hardware firewalls, and I still only use just an AV application, but I've been playing with Sandboxie for the past month, and that's it.

What I see going on here with Wilders members is a lot of overkill. After all what you need to be looking at and asking yourself is, do you understand where these problems occur, and if you can answer yes to this, then you should realize that most of the problems you're going to run into is simply by dragging malware into your system and that is all.

Afterall how often do you really think you're going to get hacked with a rookit or keylogger? Let me tell you very rare, and if you've known someone that has, then let me explain to you, then this person was in the wrong place, and that is the other thing end-users with limited experience need to know, how to avoid being in the wrong places.

In 20 years no one has hacked me, no rootkits have landed on my systems, no exploits hacked against me, nothing, and on top of all this, I was also a bad little bugger, I use to go all around the dirtiest parts of the underworld internet you could imagine, where all this evil lived, and yet I still never had problems, simply because I knew how to deal with it.

So when you think you need all this stuff, well guess again, it's only because of your lack of some understanding, how things are really working, and your level of experience.

All real security needs is a good firewall, and av/malware protection, that's it, and I don't mean with 5 applications all running in the background in real time. Afterall, where are you going on the internet in the first place that you think you need all this protection? Again if a guy like me can surf the lowest of low sites, all the warez/malware hacking infested world out there with no problems, and walk away from that, surfing and playing in that world for 10 years without any problems, what makes you think you need a lot of programs just for causal internet surfing and usage?

End result, you don't, you're fooling yourself and being sucked into a lot of security hype and propaganda, because I'm living proof of not needing it for 20 years, 10 of which I said were involved in the underworld.

What you need to do is not be afraid, and LEARN!

The best thing you can do, get yourself something like Vmware or Virtualbox, or a spare play box, or something and go out there with as little protection as possible, heck just use only the Windows firewall and an av is all, and go out there and see what problems you get into if any, and then learn how to deal with it.

Trial by Error it will teach the world, about all of this, it will be the best teaching, learning by trying, then later on one day you'll know too, and see how much crap you can get away with, and how little you really need.

I use to be paranoid because I didn't know any better, but damm this place is reeking with paranoia everywhere I look from users running heaps of applications for protection, and it's not needed.

I see a lot of people here who care and want to learn and want to be safe, and I'm telling you from real experience, it's like this, you can just throw some stuff one and rely on it, or you can learn a little about how things work, which isn't really that much, get some education under your belt, and then really know what you need and don't.

Afterall there are only so many ways in which problems occur, and it's not some black magic either, just appearing out of thin air and attacking and infecting you...

If you can't stay safe with just the Windows firewall and just one AV application there is a problem, it's the lack of education on how to stay safe. Trust me, at the Home level usage it can be done. There is nothing out there that's going to blow up your hardware, worst case situation you get hosed pretty bad and have to reinstall, so that is what this learning curve is all about, what happened, what did I do wrong? No it's not that mentalilty of I needed more protection, it's the simple fact you don't know how to use what you have, and it can be done.

Don't say it can't be done, I'm telling you I've done it all my life as a computer user and I still do it!

And when you think the baddies are coming to get you, well guess again? You know what an IP is? Well when some hacker sees your IP, based on an ISP for home users that really wants something, the real problem makers aren't going to waste their time with Home user IPs, they're looking for were the real payload is, and you're not it. Hackers bothering Home users are typically what are known as ScriptKiddies, and these are typically users that don't know much, and aren't much of a threat.

Problems taht happen, happen because of a lack experience. So learn, rather then dumping a million programs on your computer!

 

you know what i love to read your post it is very realistic and it is true,i agree 100%about having to much apps to protect our pc when 1or 2 security softwares are able to protect us in real time thanks for the advises cool

 

To keep it simple (at least for me), there are two states that your system from a security view can behave itself to when connecting to the network:

- the system gets malware infested
- the system remains clean

From what I´ve experienced, the only things that really have had an impact for me between the two above states when applying normal user behavior, is the use of a firewall, running as a restricted user and patching the OS/third part applications (especially the browser). The other measures that I´ve also added (srp, dep, av/as etc.), are important as well, but not critical for the system security.

/C.

 

Yep, I would agree DasFox, for the most part. But you did not mention a few things. lol, many are just software junkies. Who cares of it is better or overkill, it is NEW !! And, most importantly, so much of it lies with the level of experience. Experience I am afraid does not come with using 50 different security applications. As you state, it comes from learning, and that usually comes from experiencing an issue and having to figure it out. The school of hard knocks anyone?

All in all, I do feel that I have been problem free because of my knowledge. I also feel that by trying nearly every firewall/av/security app that has been down the pike, I have learned from them. I mean, understanding how ProcessGaurd worked was a great learning experience. Coming to grips with Outpost years ago led me to really understand how I may or may not be vulnerable. It also showed me that I always allow the same apps network permissions over and over. It is so rare to find something I don't expect. And mostly it has been updaters for apps that I use, like adobe or something.

But without a LOT of learning, how does one handle the situation? With so many now storing important parts of their lives on thier computers, like pictures, movies, letters, bills etc, it is beyond just needing to re-install the OS. For me, I have multiple drives. I have a file server with mirrored raid array. I understand (from the school of hard knocks) that my data is never safe if it is on a harddrive. But what of the home user? Their dell or laptop has one hdd, perhaps with 2 partitions. They just don't know. So, as you and I have discussed, what is the best way give THOSE peeps good protection?

Drop My Rights is certainly a good start. Sandboxie. LUA, SRP. How deep does one go? I guess it depends on how saavy the user is. And on how anal they are to 'needing to know' exactly what is going on.

It is a broken record now. Same thing over and over. New threat found. New app to stop said threat. More to know. More to keep track of. More pop-ups to answer. More knowledge needed to correctly answer the pop-ups. For me, I like to learn. For my family, not so much.

Where is the answer for them? I hope something simple, because I am getting tired of being tech support for them. lol, and nowadays, it is more to help them get internet access again when one of their 'Security' apps has been answered wrong and locks them down. Secure, indeed!

later.
Sul.

 

DasFox, I mean no offense whatsoever to any other member here, because paranoia or not, we have a lot of SMART folks here. BUT, your post showed me you are one of the more realistic members. I agree 100% with you, some people here act like malware and viruses are spells that can, with the help of some goat blood and indecipherable chants, cross time, space, and break through the heaviest "Super Duper Mega-Blocker RouterTron 6000" security. The absolute baddest of the bad malware reside on malware testing websites, where members intentionally test these things to see what they can do...Joe Blow is not going to run into any of this stuff out in the wild anytime soon. And, when he does, it's VERY likely a prevention has been developed for it at that point.

If you:

1. Don't store your credit card info, social security number, account numbers, any of that on your system.

2. Use an alternative browser like Firefox/Opera, or at LEAST harden IE.

3. Scan everything, from the smallest to largest file, with a good AV and AS

4. Don't open up attachments from unknown sources and scan the ones from known sources, nor reply to ANY email asking you to verify account details (NO company does this!).

You are NOT, I repeat, NOT going to get hurt. If you don't have information stored on your system that hackers don't want, they AREN'T going to come for you. Home users don't get hacked anyway, they get tricked with social engineering. Corporations get hacked. That's right Joe, they don't want your Aunt June's birthday party pics, they want access to nice, big bank accounts. No valuable info=no cash=no hacking.

 

Great post, DasFox.

Its just sad that most Windows users have to get through this paranoid phase. The thing is the more you learn, the less security app you need. Funny isn´t it ?

But then there are those who are just into these sort of things and treat the latest, newest as being better. In the end, who stands to gain most ? Software companies ! Just look at the numbers here, astonishing. Its turning into a big marketing/advertising place for them. And I hear kaa-ching!! everytime I come here.