Just a few thoughts.....

Those are great pointers. It is not I or you here who need to know but thousands of average Joe users. As sound as such advice is, you are right, those 7 steps will quickly be reduced to 2, download and run.

The more schemes I try on my test subjects you would think they would start to see the light. But, they don't care. It is that simple. They have better things to do. Just get them online, look up or buy what they want. If something does not work they would rather just click on it and deal with the 'what ifs' later.

The more I help people, the more I lean towards talking them into buying a secondary hdd for data backup. All they really need now is some very easy to use imaging program that does everything for them, much like what the vendors are doing with restore partitions.

At least that way, IF they store no data on thier machines they can remain 'stupid' in the ways of the force and stumble around until things are sluggish, then restore, ready to do it all over again.

Honestly, my 5 year old has more common sense than many adults I know that are novice users. (that is a generalization, so don't take it too far )

Sul.

 

The huge problem with this approach is data stealers. A quick restore doesn't help when the malware stole credit card data or bank account passwords, and you only discover that when money is already missing. Fortunately, not all malware is like this, but a lot of it does do that sort of thing, which makes prevention very important even to Joe User who doesn't rightly care whether he loses 1 % processing power to some malware throwing popups but not doing anything much else.

 

Indeed. Data loss can be very nasty, but I think the nastiest is sensitive data being leaked into the hands of bad guys.

I've had long discussions of this with some people who have little true interest in security. One young woman made it quite clear to me that she doesn't really care about popups on the desktop or a bit of slowdown from "viruses", or even if her programs are infected and sometimes crash due to that, since she only does a couple of things with them and never really anything more important than writing a couple of emails or using Facebook. Does she care if some of her files get deleted? "Not really." Then I asked her if she had any "pictures" on her computer that she would show to her boyfriend, but wouldn't want anyone else to see. Her facial expression answered that question, and when I told her that it was entirely possible although not very likely that a malware might steal such pictures and upload them for some rather creepy person to look at or spread online at their whim, she suddenly became very interested in computer security. And suddenly, now, she could be educated, and somehow she no longer has to click on things that will get her infected.

 

lol, sounds like people I talk to, almost the exact same attitude. The issue I constantly run into is that they are not really adverse to my setting up different forms of security, but that after they are asked a question or encounter a scenario that I have not prepared them for, thier choises are limited. They either call me, which can't happen 24/7 for sure, they make a 50/50 guess or they disable and do what they need. After doing this a few times, it becomes easier to just disable and assume everything will be ok.

It is quite irritating to spend the time, for free, and for family many times. I will research lots of things, try out things, trying to make it easy for them, but I swear for those that don't EVER learn what a context menu is (etc) I don't think there is a method for them. I put them in LUA, and they call me because things won't work right. Well DUH! Why do you suppose that email is prompting you for admin rights?

lol, I can't give up on them or they will just take thier computers to the geek squad and get bent over, or they will let someone who doesn't know squat get on thier machines and put pirated software on. If I had $10 for every time I have removed a pirated hips or av I could have bought something rather large by now LOL.

Sul.

 

Cerxes,

You are right (as allways), besides the closed beta 3 of DefenseWall (HIPS and FW), I only use A2 Free on demand and Immunet at install. The new DW V3 also has a whitelisting option for trusted installers/companies/etc. This to solve the natural limitations of Policy management HIPS (when you set it to trusted it is no longer contained in a stronger than LUA environment).

I run DW V3 beta on my wife's PC, with a password protected setup. DW will allow her to install whitelisted applications without a pop-up (even when they are untrusted as long as they are in download area), other programs can only be run when they do not require admin rights.

To change a status from untrusted to trusted, you have to enter the password specified in DW main console. My wife does not know that password, so she can only run LUA programs or install white listed programs. The white list works well I must say.

A2 free runs to update automatically with "C:\Program Files\a-squared Free\a2cmd.exe" /U in the programs startup group and as a scheduled task (every 4 hours).

Besides A2 I am testing Immunet at the moment (option to only check at installs). Which is an excellent add on when using a policy HIPS management program.

Note
It is fun testing PoC's and Matousec tests. When Matousec tests are not changed before Ilya decides to roll out V3 we will see a disruption of the usual Matousec top 3 It could be that Matousec may have to use the same disclaimer ("Even though a protection rate of 100% etc) as AV Comparatives had to do for DW

For all who were considering DW, give the beta 3 a spin when it is open for public beta. When you like it, buy V2 and existing customers (be it for only one week ) get a free upgrade from the DW HIPS to the DW HIPS +FireWall. The improved HIPS program will be continue to be sold seperately (FW will be more expensive than HIPS).

Regards Kees