Ten years later, Windows XP still dominates the Web

I don't care what anyone says... this thread has hit on some great concepts. Now we hit another one! The experience Noone_particular describes is a targeted attack. I experienced a targeted attack, too (from social engineering). Also happened to me before I cared about security. At this point I don't see any point in defending myself against further targeted attacks. If someone really wants in to see the photos of last Christmas on my hard drive, then knock yourself out. But if I ever store anything of any interest to anyone else on the planet, then I'll do more to prevent targeted attacks. It's not worth the huge effort for me to secure something that's pretty worthless to begin with.

Hungry Man is interested in prevailing malware. If you do basic things like have a firewall, block scripts, update apps & the OS, use good passwords... you guys know the rest, then your system is less likely to get hit. The mass malware targets the most amount of users possible so if you patch the basic holes that the majority has, you'll probably get passed by.

I guess there's a middle place, which is kind of where I am now. That middle place tries to defend against common malware as well as potential future malware. I try to block the things that malware does rather than blocking the routes into my computer. I guess I figure the malware writers will constantly innovate new delivery mechanisms that I can't foresee. But at their root, malware will do basic things. If i don't allow those basic things I win. (Full disclosure: I have no idea if it's working. I could be typing from my pwned machine and never know it LOL).



BTW, I'm test driving my new signature

 

This is basically the method I would choose in an ideal situation where I could create my own security setup. As it stands I stick to fighting delivery mechanisms via EMET, Chrome, ScriptNo, and ABP. I feel "secure enough" but not actually secure. For me to feel secure I would need an automated system that does what you describe ie: stops malware on my machine from doing bad things.

 

Haven't read everything in this so called great topic (too longggg), but just want to say I use xp pro sp3 and as long as you know what you're doing more or less going to 7 doesn't look necessary to me as long as it does everything you need (except finding a nice girlfriend, but 7 won't help there either I guess. Waiting for fang.exe).

 

Speaking of ScriptNo I have been giving it a bit of a run on Chrome. It is working quite well for me (touch wood) & I have experimented denying & allowing scripts on certain pages. This seemed to be a bit of a problem earlier. It looks promising ... finally.

 

Well I'm glad you're able to use it now. I'm using it just to block a few things (iframes/frames and object tags) and also to spoof referrer and block known bad sites.

It's working very well for me.

 

Yeah, I don't know why I was having so many problems with it before, maybe it needed a (Chrome) version update for it to work properly. It is pretty straightforward to use & I like the Antisocial Mode feature. I tried it in Iron but I noticed some discrepancies with the number of blocked elements/resources GUI icon compared to Chrome. For instance, the Speed Dial showed a grey icon but with a red coloured '6' number in Iron. Surely in the speed dial (homepage) there would be no external scripts running? I reckon 'andryou' could make a lot of Opera fans happy if he could code ScriptNo for it. Unlike Chrome, Opera really needs extra protection!

 

https://www.wilderssecurity.com/showthread.php?p=1976537

I'll go ahead and respond here =p not too relevant to XP.