What is your security setup these days?

omg I'm nearly at 2000 >_>

 

Too much typing there Mr.

 

Yeahhhhh apparently.

 

Oh well and the search continues...LOL

 

@Hungry Man

IMO there are two ways to look at security and being a user.

1. there are weaknesses in things of the OS that you have no control over, and those are exploited without you having to do anything but visit the wrong website or execute the wrong program. Users normally have no idea at all. It is a weakness of the OS/program, and being user or admin makes no difference.

2. what you do and what you use are relatively safe (not targeted or worth targeting). Only the actions you perform as admin will bring you problems.

As such, being a user is only as good as the admin of the system. There must be an admin at some point. And if the user is the one to perform the admin functions, you are right back to either needing some security tool to scan and tell you something bad might happen, or you need knowledge.

I just don't see how a person is ever going to use a computer "freely", the way they want, without having to have some knowledge. Only if someone/something else is making decisions for them could this happen.

If one were to imagine a "cloud admin", which you gave your desires to (I want a new .pdf viewer), and it decided which was best for you and your system (it must know a lot about you and your system to make such decisions), it could then install the program for you. But, what if the "cloud admin" installed a program that was malicious and it did not know of it? Or what if the "cloud admin" itself became compromised?

I get what you are meaning, and I see why you would say that. I just don't really think that will ever come to pass. Someone has to make decisions, and for home users, it isn't a well trained IT guy usually.

Sul.

 

LOL! hot on our heels. I just topped 3000 and now branded a "Massive Poster"

 

OMG does you fingers hurt? I guess I'm way behind and need to catch up

 

The idea is not to make the right decision or to stop vulnerabilities, it's to assume that someone made the wrong decision to assume there are vulnerabilities. There are multiple programs that exist based on this. The entire basis of DefenseWall (that program that keeps scoringso high in tests =p ) is that if something isn't explicitly trusted it is untrusted and restricted. Same with Comodo.

Users can do a hell of a lot to mess up their system and there's plenty of malware that will install and function on a user account. It may not be able to mess with the OS and it may be a lot easier to deal with but it can install.

Integrity levels are the start of Windows assuming an exploit will happen or assuming that malware will exist and taking precautions against it.

 

Honestly, I must be crazy or something. I've been arguing for a long time that security should not involve the user and that a proper security setup (for the average user, not necessarily for Wilders or even for myself) should have a basis of assuming the user knows nothing. No one I know seems to agree with me on the details. =p

 

Not as much as my brain

So very important and why a user with some decent knowledge can make sound decisions rather than rely on their security products to completely hand-hold them through the process.

 

Users are unreliable and often easily tricked. Security setups should account for this in my opinion.

 

Ha I bet.

 

Oh! no RIP hard-drive

 

SPI router
Sandboxie - paid
Comodo Firewall (only)
iVPN OpenVPN
TrueCrypt
ShadowProtect

On demand scanners:

Hitman Pro
MalwareBytes Free
Superantispyware Free

Ditched my AV and HIPS. For 5 years now I've had a real-time AV hogging resources only to find nothing. With my safe browsing habits, FF with NoScript & other security add-ons, and now Sandboxie... it's just not worth it. And it's not like I can't restore an image if something goes wrong. And the HIPS does nothing. I won't put something on my computer unless I trust it in the first place. And I find even less use for it with Sandboxie now.

Computer is running even snappier now, and on an old XP box with 1GB of RAM I need all the juice I can get. I think this is all I need along with wat's method of "use what's built into the OS", i.e.: Local/Group Policy tweaks, SRP, LUA, folder permissions, and nasty services like Remote Registry disabled.

 

+1 for ditching the AV. Waste of resources and they're just horribly inefficient.

Why no Defense+/ HIPS?

 

What? AVs rule. LOL....

 

+1

 

Because it isn't really doing anything for me. I know I can trust all the apps I have on my PC after years of having D+ monitor their behavior, and I run a very static setup. So I figured why not just free up the resources... not that it used much to begin with, but with 1 gig of RAM every bit helps. Also Sandboxie makes it less useful.

I was considering trying Private FW in place of Comodo because I'd heard it was light, but didn't feel like going through a learning curve, and Comodo FW is very light as it is. I can't imagine there's much difference. And I heard that PFW is not friendly with full screen gaming, which would be a deal-breaker for me.

 

Are you using Comodo to manually sandbox anything? Plugins or other applications?

 

Wouldn't need Comodo to sandbox anything. He has sandboxie paid just force applications with sandboxie instead. Don't know you have Sandboxie paid lucid?

 

Yup, I have the paid version. Best $43 I've ever spent.

 

I thought you did.

 

Ah, I see. No real point manually sandboxing. I suppose if you sandboxed twice it would likely conflict.

 

I actually manually sandbox with Sandboxie most of the time. I only have VLC & Sumatra PDF forced. Sometimes I need to run Firefox outside the sandbox to update or tweak settings. And UTorrent to change the port, which I do every session. I know you can do that thing where you set the timer for a forced program to run outside of the sandbox, but I've always been a right-click > open kinda guy anyway, as opposed to a double-clicker, so I prefer it this way. More granular control for me. Plus I have 2 different sandboxes for Firefox: one for normal browsing where I make some concessions for ease of use (i.e. direct access to bookmarks)... and another for secure browsing that is locked down, if I want to do online purchasing.

The real draw to me for the paid version wasn't forcing programs/folders, but running multiple sandboxes at once. It's not unusual for me to be running 3 at the same time (Firefox, UTorrent, VLC).

 

Yeah, I couldn't live with the free version.