The Very Best Security Application?

Discussion in 'other anti-virus software' started by twins4384, Dec 6, 2016.

  1. twins4384

    twins4384 Registered Member

    Joined:
    Jun 8, 2014
    Posts:
    9
    I'm certainly no expert when it comes to home PC security, I just read all the comments about this AV and that AV and how one may be better than the other with none being 100%.

    It strikes me that the very best security is to invest in a good backup app and use that to make disk image backups frequently. If your PC becomes infected you only have to reinstall from your latest backup and your back to near enough where you were with no problem of trying to remove viruses and you can just ignore ransomware etc.. . With this setup only the addition of one of the free AV apps would keep you from any regular infection.

    Or am I wrong with this view? Is there any downside to this stratergy? Do I really need to join the paid AV bandwagon?
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    6,615
    IMO, you don't need paid AV to have secure system. Downside of this strategy could be keyloggers that could record your credentials and send them to their servers. Backup would not help you there but it would be great for keylogger removal.

    But similar to you I also prefer detect and restore procedure over prevent and clean.
     
  3. StillBorn

    StillBorn Registered Member

    Joined:
    Nov 19, 2014
    Posts:
    170
    Without reservation I'll second your opinion and give a reverent nod to Shadow Defender as more compelling than an afterthought.
     
  4. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    @twins4384

    There are no best applications, only best policies. My own general guidelines look a bit like the column on the right, in this article:

    https://security.googleblog.com/2015/07/new-research-comparing-how-security.html

    For local security, updates are really really important. One security patch is one less way that your computer can be compromised. There is no substitute for that.

    For remote/account stuff, I personally prefer password managers over two-factor auth by phone; I have zero trust in smartphones as authentication devices. I may be convinced otherwise at some point, we'll see. Anyway, you want a password manager that's actually decent; KeePass2 and KeePassX are both okay, compatible across several platforms, and use compatible database formats. Stick with open source password managers, and make sure they can generate nice long passwords with lots of entropy.

    Also, I'll add one more:

    In my own experience, this has made an even bigger difference than software updates for novice users. No dubious ads to click on means a lot less malware. My favorite at the moment is UBlock Origin.

    Obviously backups are a big part of it, but be aware that backups can be compromised. When in doubt, throw it out.

    Also: filesystem encryption, if you're handling anything confidential. Or just because. I neglected that for a while, but IMO it's getting increasingly clear that the need for data encryption applies to everyone.

    Good luck!
     
  5. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
  6. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,048
    Location:
    Brasil
    Well said.
     
  7. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    434
    The best security? Not having an internet connection.
     
  8. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,048
    Location:
    Brasil
    Even on air-gapped computers you gotta have protection.
     
  9. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    434
    Never said you didn't. It's still your best security solution. A completely isolated PC with no USB sticks going near it? I mean...
     
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,403
    It should definitely be the first thing to learn about a computer as a remedy to all contingencies. I've started to backup my computers in 2007 mainly using StorageCraft ShadowProtect and Macrium Reflect on Win 10.

    I think I have performed hundreds of restores over the years and never ever it was due to malware, most of the time the reason was Windows not working properly because of upgrades or corrupted file system. What I'm trying to say is that a system that is properly secured with 2-3 layers of proactive security will probably never get infected with anything.

    As far as key-loggers and ransom malware, one should try to keep sensitive data in separate USB harddrives. I also agree with StillBorn Image/restore + Shadow Defender would be my choice if had to pick two applications
     
    Last edited: Dec 7, 2016
  11. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,048
    Location:
    Brasil
    Not really. "Not having an internet connection" doesn't mean that much in terms of security and is not the best option as you suggested. It sure removes the "online attack vector", but that's all it does.
     
  12. true indian

    true indian Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    840
    Location:
    india
    Best Security is Layered security....some AV anything that starts with A or K;).....+ Comodo fw and hips is a good choice.
     
  13. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    434
    I'm not sure you get what I'm saying. A PC, completely isolated, removed from the internet, with no chance of coming into contact with a random USB stick or outside software. It. Is. Isolated. What attack are you worried about at that point? It's a closed system at that point.
     
  14. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,048
    Location:
    Brasil
    @entropism At one point or another the system will have to receive files from somewhere, this is why it also needs security. That's what I'm trying to say.
     
    Last edited: Dec 7, 2016
  15. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,650
    Location:
    Europe then Asia
    This is called "AirGap system" and they are already breached...

    http://www.theregister.co.uk/2016/08/15/air_gap_breached_by_disk_drive_noise/

    http://fusion.net/story/173702/you-can-breach-an-air-gapped-computer-using-a-dumbphone/

    http://www.gocertify.com/articles/security-matters-malware-jumps-the-air-gap.html


    Back to the topic , best way , IMO, to secure your machine is:

    1- Harden your OS and its networking capabilities.
    2- Lockdown your system via an Anti-executable, it must be installed right away on a clean machine (just after a clean install of the OS for example).
    3- Use Isolation/virtualization (sandboxes, etc..) to isolate your system from internet threats.
    4- Backup your system (in case of... )
     
    Last edited: Dec 7, 2016
  16. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,448
    I don't think the OP is guarding military secrets so getting compromised through an airgap PC is not going to happen.

    I would add to Gullible Jones post that you should get a Gmail account. Nothing gets past it's'spam filter.

    Privacy wise you have real concerns with Gmail but security wise it's the best of the best.

    I would also go with a layered approach. Anti-Virus/Anti Malware, Anti Exploit, Adblocker & Script Blocker extensions.
     
  17. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    8,337
    Location:
    England
    Off topic posts removed
     
  18. twins4384

    twins4384 Registered Member

    Joined:
    Jun 8, 2014
    Posts:
    9
    Thank you all for your advice and other comments.

    As an average user (not having to protect state secrets) I have decided to use Avira Free 2017 along with Malwarebytes just for scanning.

    When banking or shopping online I use Private Tunnel VPN.

    Using regular disk backups along with the above I think I am well enough protected.

    Again, thank you to all.
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    6,615
    You've made good decision about what setup you'll be using :thumb:
     
  20. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,230
    Location:
    USA
    While I definitely recommend disk imaging as a great way to recover from many computer issues, I still recommend other means for detecting malware. As was mentioned, keyloggers and data stealers and such will go fully undetected if you have no security software. An image will also fail you if the malware a time-bombed and has been on your machine for months before it became active. Imaging + sandboxing + a good security suite in my opinion is a good way to go.
     
  21. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,048
    Location:
    Brasil
    A good HIPS on "Paranoid" mode will do miracles.
     
  22. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    478
    Location:
    The Outer Limits
    Nothing like a good wipe,flatten and reinstall from scratch every year or so.

    Regards Eck:)
     
  23. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,776
    I assume you are talking about Comodo HIPS? Yes, if that is the case, I agree it will do miracles.

    It will teach one the beauty of simplicity when one gets tired of micromanaging rule-sets. I do agree that a classical HIPS can teach one quite some things about how apps interact with one another but after some time, one will eventually realize that the "Paranoid" term is self-explanatory. I would take a sandbox-based or restrictions-based approach over dealing with a classical HIPS these days. Of course, just a humble opinion on the internet.
     
  24. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,650
    Location:
    Europe then Asia
    IMO, in that case better use an Anti-exe (let say AppGuard :p )

    Until all the tighten rules you have made disappeared out of the blue ( years-old bug still unfixed).

    It is called ReHIPS (Isolation + Application Control) ;)
    However , still in beta so will not be as user-friendly as other similar softs, but we are working on it.
     
  25. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,776
    I have encountered that bug a couple of times. :p

    It does seem interesting but I have yet to toy with it. I've been busy with life and honestly, I have been moving away from 3rd-party "security" apps ever since I noticed the improvements made by Google and Microsoft in the browser and OS. Not worth the ROI from a time and effort perspective for a general user. As a hobby and enthusiast though, I would like to see it and other security apps improve.
     
    Last edited: Dec 7, 2016
Loading...