What is your security setup these days?

And to add Pagey's words, I surf the dark net pretty often (don't ask) and I never got infected at all. Only once I got a potentially malicious script warning from Avast! which might be an FP.

In short, stop using common sense. Because the truth is not as simple as a fairytale.

 

Just because common sense does not bail you out of all situations does not mean one should stop using it. One should always use common sense. Just do not rely on it to prevent getting hit by compromised sites and exploits. Clean or sketchy...fact is it's always a gamble. There are means to reduce your risks so employ whichever fits your needs and requirements.

 

http://www.insanitybit.com/2012/06/04/more-on-common-sense-8/

Not all I agree with, but he's got a point.

My opinion: It's not that it doesn't always work, it's because it mostly doesn't work. We can't say something is safe or not as easy as we differentiate between red and blue. This concept of common sense that says "as long as you don't visit the dark net, you'll be fine" is actually quite misleading. Indirectly, this tells the users to lower their guards down when they visit those so-called safe websites. Even if I only download stuff from Softpedia, it doesn't mean I will try anything which are listed in there. I can get higher chance of getting infected by installing those ad-ware than trying to get myself an XP loader. Similarly, nobody is interested to hack a website who hosts porn videos. But bank websites, oh yeah... that's going to net lots of sweeties.

 

Thats exactly how I feel. I treat all sites the same way, I don't care what kind of site it is, if I am going there, it will sandboxed and untrusted in NoScript.The following line always comes to mind when I read someone says something like, "I use Sandboxie for suspicious sites......only": Picking which sites are malicious and which ones are not is not like going to the country to do cherry picking. So, I don't cherry pick sites. To me, that's a rule.

Bo

 

I was wondering, do you always reset the web contents policy everytime you visit a website? For example, if you visit wilderssecurity.com, then would you allow javascript and all the required requests everytime before you log in? Thanks.

 

Treat all sites the same way, means all sites. My Whitelist in NoScript are 4 sites only, Wilders is not one of them. For example, here at Wilders, I allow the site temporarily only if I am going to put an smile in the post or upload an attachment.

Bo

 

@Graf

I've read that before and I do agree with HM from the perspective of "the user cannot be expected to know better" in most cases.

However, by "common sense", I mean one should have the basic knowledge, aka "not be that stupid or naive" to put up bank account or login details publicly or fall for that get-rich-quick-scheme emails.

Yes...most people cannot be expected to be able to differentiate between good vs bad code/site. I know I can't because I am not a developer or a web expert. But we cannot expect intelligent systems in place for the most basic of things security-wise. Hope you get my point. I just don't agree with the advise not to use common sense. It's one thing not to blame the user but it is a different story altogether to encourage stupidity.

 

@bo elam

I actually wanted to lock-down HTTPSB by only whitelisting required requests for certain websites. If wilderssecurity.com doesn't need me to allow iframe, then it won't be included in the whitelist. But it turned out that I got problems. Downloading pictures won't work unless I put "other" request. Your approach is an alternative but I'm still thinking about it since that means I'll have to reload pages while my ISP is so pants.

@safeguy

I personally don't consider ignoring spams as a form of common sense. At least when people mention about it, they basically just refer to the bad websites taboo.

 

Running Forticlient and MBAM [RT]. Run JRT, AdwCleaner & Hitman Pro on demand, once a month.

 

Perhaps it's best to view common sense as one of our security tools, but certainly not an end-all proposition. No need to discard it, of course.
But there is an inherent danger in employing common sense, and that would be the growing temptation or likelihood to rely upon it more and more frequently.

Kept in its proper place, common sense is an obvious and valuable tool.
Beyond that, it has the ability to be a detriment.

 

I block IFRAMES for all sites. As far as I can tell, I have never "missed" anything important in any site because I do that.

Bo

 

I'm fairly sure that there are some websites require it, but can't remember where. Anyway, I'll be playing around with HTTPSB again. The way I set it up currently makes me feel somewhat insecure. Thanks for the tip BTW.

 

I have to remove mbam premium beta as iot slow my system down alot

 

I am sure there are sites that require IFRAME. How important is it to allow them its really the key. If allowing IFRAMES was important (for my case use), I would know by now. And there is absolutely nothing that I want to do in the web that I cant do because I block them globally.

Bo

 

I don't allow anything ever. Though I don't understand what this youtube is about. There are no videos there.

 

What do you mean?

If you mean to ask what needs to be allowed in YouTube in order to be able to watch videos, you have to allow youtube.com and ytimg.com.

Bo

 

Interesting, I was running the MBAM Pro (with realtime on) beta alongside WSA (not beta) until a few days ago and did not see any slowdown at all. Now just running WSA as only realtime but might try the next MBAM beta.

 

800ster I tried it twice this month but still same it slow down my system I am just running webroot and I added winpatrol plus

 

I've changed around a bit. Impenetrable enough for me.

AppGuard 4.0, Webroot Secureanywhere, EMET 4.0, Sandboxie, MBAM Pro, Norton DNS, Ghostery, Disconnect, Adblock Plus, and common sense.

 

-Bitdefender Plus Anti-virus (Real time protection,once a week scan)


-MBAM Pro (real time protection,scheduled once a day flash scan)

 

Good Evening! Removed O/A free and Avira I.S.2014...kept WSA Security Plus...AppGuard...HMP...and Zemana Anti Logger....Sincerely...Securon

 

you really need this one ? WSA and Appguard should protect you enough

 

You really have to be cautious around the Atlanta Falcon website! Right Bo? Sandboxie needed!

 

Don't trust any site RR, not even the dirty birds site.

Bo

 

added AppGuard 4.0 and set it up to lockdown mode
I want to try to see if AppGuard and novirusthanks will make a good security set up