Pondering: the actual need for anything except for a firewall

[Guest]

[LeoniAquila]

That's interesting, JamesFrance, I'm going to try FF now!

Based on your usage description of the different browsers, I think you don't need to feel paranoid any more .

LOL, however, I think there are quite a few paranoid people on the Comodo forum 

So, time for trying out Firefox now...

/LA

[Little Mac]

PapaSmurf, I should probably define my usage of the term "wannabees" a bit... by that I am not at all referring to the average user, who I agree probably really wouldn't be comfortable using a truly tightened (security) system.  It's just not as user-friendly to run that tight of a ship.  What I mean to reference is the user who thinks more highly of themselves and their security abilities than they have any business doing.  They think that they are invulnerable because they've taken a few basic steps to tighten their system and prevent malware.  The 'invulnerability' aspect of it is key; it's all about attitude.  That's why I say "wannabee..."  they don't know how much it is they don't know, but they think they do...

LeoniAquila, by scripts I refer to the entire category of things such as javascripts, activex, etc, which run on websites for either legitimate or illegitimate reasons.  As you note, IE gives you a notice of activex (but typically only when required to access something you've clicked on; I haven't seen it alert you to any such thing running on a page just in general).  The problem is that the "drive-by" items are geared to exploit vulnerabilities in the browser and operating system; unfortunatley, IE seems to have a large number of such...

I think, based on Soya's comments (not necessarily in this thread), that Opera has tighter security by default than FireFox.  However, with FF's add-ons, I think it gives tighter security with greater control (or ease of control).  So that's a trade-off, and ultimately a personal/user decision.

And as has been stated, you absolutely can use a browser other than IE.  Just download and install.  You don't need to remove IE, just set the other browser as default, and use that.  If you still need IE, it's there, but won't be accessed automatically by applications (except those programmed to call it specifically).

LM

PS:  Have fun with FF!

[gordon]

As far as "porn" sites are concerned, if somebody choses to surf that area of cyberspace, then they should not complain when their system gets infected.

:LOL:
Thats kinda like saying that 60% of all net-users should just shut up
if they get pwned ..

I haven't had a virus run since the good old Amiga-days,
but then I have always used the number 1 security-tricks :
SHOW HIDDEN FILES and SHOW FILE-EXTENSION .
Can you believe that people really dl and execute a file called "latest crap-music.mp3.exe" ?
Or that they believe that you have to dl this special media-player to view the latest vids
of jackass ?
THOSE are the people who shouldn't complain when infected .

If you disable all the unneeded services, use FireFox with no-script and don't just click yes
to everything you should be fine .
Heres a nice little program that can help you harden windows by disabling
most of the unsafe features :

Security & Privacy Complete is mainly a security tool for Windows.
It can disable all services which might be a security-risk, harden registry settings...
Also included are privacy features for Internet Explorer, Media Player, and of course: Mozilla Firefox.

Get it here : http://sourceforge.net/projects/cmia/

and you DONT need IE to update your OS :
http://windowsupdate.62nds.com/

IMO AV-programs suck and they are all at least 50% dumber than wet cardboard .
Unfortunately, so is windows  ...

[Soyabeaner]

I tried http://windowsupdate.62nds.com/ on a newly reformated pc and it doesn't download anything, so I had to resort to IE.

[Little Mac]

I tried http://windowsupdate.62nds.com/ on a newly reformated pc and it doesn't download anything, so I had to resort to IE.

Well, if you're using Opera, you've blocked all its scripts...

[Soyabeaner]

Ah..no.  JavaScript was never disabled on that pc, otherwise there would've been an error message.  Oh well.  Doesn't matter anymore.

[LeoniAquila]

It didn't take long until I switched back to IE... no problems with FF, really, but I just don't see the point in using it! I couldn't see any obvious advantages. Also, Microsoft Update runs smooth with IE. Being concerned about scripts and stuff I don't know much about, I might just check out the many options IE has, instead of switching to something else. However, it is a bit tempting to try Opera as well, not the least because someone here - Soya - actually uses it. I've never heard anyone else who uses it (but I happen to associate with people who has none or little computer interest...).

LM, you can set IE to prompt for every ActiveX event on a web site! But that will cause quite a lot of prompts. Do you have ActiveX disabled? Doesn't that strongly delimit what you can do on the Internet? I'm not sure where ActiveX is actually useful, I only know that e.g. Gmail uses it (even though it is possible to use plain HTML too), as well as Google Picasa where I've uploaded photo albums.

gordon, "SHOW HIDDEN FILES and SHOW FILE-EXTENSION" is truly a good idea, it provides better control. I tried the program you linked to, it seems to be good but I had already considered most of the options in other ways.

So my recipe is; an MS patched IE7, bad sites (and scripts) blocked by SpywareBlaster, and - not the least - common sense... 

[LeoniAquila]

From an other thread:

Spywareblaster is only beneficial if you're using IE and to a lesser extent, FF.  Opera doesn't use any ActiveX.  It's kind of like a host file to block bad sites.

So it is actually not available at all in Opera? Perhaps I could live without ActiveX, like I wrote to LM above, I suppose it is seldom really necessary. If it is necessary after all, then maybe one should use an other website with the same service/info/purpose... (I could live with Gmail in HTML  )

[Soyabeaner]

From an other thread:
So it is actually not available at all in Opera? Perhaps I could live without ActiveX, like I wrote to LM above, I suppose it is seldom really necessary. If it is necessary after all, then maybe one should use an other website with the same service/info/purpose... (I could live with Gmail in HTML  )

I'm not all that techy with Opera, but I've seen some members here who are.  It's not as bad as you think without ActiveX - Believe me, I was once like you.  For example, if you visit youtube to watch some video clips, it states that ActiveX is required.  However, you just need to install the flash plugin to play it.  So far, only a few sites like 3 that I visit don't support Opera.

We're a little OT now since this is the AV/Malware Products board

[JamesFrance]

So have a read of this and consider installing a good hosts file:

http://www.mvps.org/winhelp2002/hosts.htm

Then you do not have the same need for Spyware Blaster if you really want to use a browser that it doesn't help.

I think if you look around the security sites, you will find that Firefox is the most recommended.   It also doesn't allow ActiveX.

[Soyabeaner]

Hosts file isn't needed with Opera since has its own url filter file - but you can basically copy & paste the contents.  I have my own filter list to block not only ads but websites.

[Little Mac]

Part of my antimalware solution (in addition to a firewall) - just to keep it on-topic for Soya - involves using Firefox (not IE), with NoScript (nothing runs that I don't expressly permit), AdBlock (blocks ad content, referring, popups, etc), CookieSafe (controls all cookies, defines who/what/how/why/where/when), SafeDownload (allows access to AV, AS, etc to scan downloads on-demand, rather than waiting for the on-access engine), and Verification Engine (site legitimacy verification, as you know), kept up-to-date.

Regardless of the (limited) settings within IE, it still has inherent vulnerabilities.  Although MS issues patches, they are pretty much guaranteed to be "a day late and a dollar short."  By that time you're already buggered up (potentially); also a large number of MS updates in general have also caused more problems than they solved.

I'm a relative newcomer to FF, and certainly not the power user that some others like Toggie, pepoluan (and more) are.  I agree with JamesFrance; FF is very highly rated for security, and Mozilla comes out with fixes/udpates much more quickly than IE.  Plus, there's such strong community involvement and "ownership" just like in Linux.  The contributors want to make sure the product remains strong and viable (unlike the big MScorp that really doesn't seem to).

LM

[Soyabeaner]

Part of my antimalware solution (in addition to a firewall) - just to keep it on-topic for Soya

Believe me, the browser topic is interesting and I was almost lured into the OT corner, but being a mod, ya know...

The SafeDownload is something I haven't seen.  Does it utilize your existing AV scanner or how is different from right-click on the file via a context menu to scan it?

[JamesFrance]

SafeDownload and Addblock Plus are my other 2 add-ons also.

As I have CAVS, every time I download a program (i.e. BOClean 4.24 again yesterday) or even look at a pdf document, up pops a Black screen from CAVS, showing it being scanned.

[JanPoko]

However, it is a bit tempting to try Opera as well, not the least because someone here - Soya - actually uses it. I've never heard anyone else who uses it ...

Wow, it sounds a bit strange to me. I know very few IT people around me, who don't !

To keep in line with topic: Using Opera and decent firewall is everything you really need. Don't kill me, I mean it and I am a living proof of it. I myself run purchased NOD32 AV, spend daily 8+ hours on net and (I swear), never cought I virus. I really will stop using antivirus after my 2years licence has expired. OK, just for sure I should perhaps add that I also use M2 (opera built in) e-mail klient that is a substantial tribute to overal safety.

[Tags:]