How do 5.12 & 6.0 prevent ransomware?

Which version: 5.12 or 6.0 has the best security measures to deal with, protect the user against Ransomware? One still has to set the BB to untrusted which also prevents a lot of legitimate software from installing/ running. Ransomware to now a huge problem, 5.12 had to have settings e.g., KsecDD, why does 6.0 have little protection for novice users who will install and forget, not have the knowledge to set-up advanced settings, these people are left wide open to such an attack? ???

Edit: changed the title to better represent the question. Eric

If you’re worried only about ransomware, setting the BB to limited or higher protects against ransomware with V6. No other changes to the configuration are required.

Yes I have mine set to untrusted, but what about novice users who may not visit the forum, may not even know about ransomware and certainly not mess around with the advanced settings. Therefore, the BB will be set at partially limited which provides no protection against ransomware?

Partially limited protects against 99% of Ransomware, I would say.*

It will block any attempt of unknown file to add itself to the windows autostart - that means, after restart there should not be any activity related to malware.

*encrypting ransomware may be the issue. It is blocked, but only on limited or higher level of restrictions.

I think that both versions can be set up to give an equal protection against Ransomware. Though in V6 you also have Fully Virtualized (needs to be added by registry key) which, if I’m not completely mistaken, is apparently super-effective against Ransomware, but “Limited” or above is supposed to be enough in V6.

For both versions you still have to make your own adjustments in order to get good protection against Ransomware.

The novice user who install and forget should expect such things to happen, if not then it’s the user’s fault for being ignorant and not caring enough about security.

Though I guess the default configuration of CIS 6 is made for those who don’t want to be bothered by CIS whenever something is installed. Personally I think “Fully Virtualized” should be made the default setting for BB rather than “Partially Limited”. But only first after the issues with “Fully Virtualized” has been dealt with.

In my opinion such a user “deserves” to be infected. Why? Because obviously that user doesn’t give a ■■■■ about learning anything about security or even how to use the security product, that is not a behavior that should be supported in my opinion. But still I believe “Fully Virtualized” should be the default and then those users would be protected.

I agree with this.

I strongly disagree with this. It is the job of a security software to do its best to protect as many of the uninformed as possible. Just because someone doesn’t want to learn about computer security does not mean that they deserve to be infected.

I see where you are coming from but that would be 90% of PC users LOL! Many don’t have time or the interest to learn anything about PC security. They just want to know the security product is there and it’s doing it’s job.

I never use to know anything about the AV’s I use to use, I didn’t find out about Comodo till 1-2yrs ago never used anything since. I have learnt a lot from this forum and also have taught myself a lot, at medical school I was the only one who could not send an email - my friends taught me. I have fully virtualised set up (change registry) just awaiting the green light to use it. I do not think people deserve to become infected, some, even children these days are online (very dangerous!) so parents may set it up, but you only have to do the wrong thing and you are infected.

I must say I’ve learnt the most from Chiron, so thank you!!!

You’re welcome, although there are certainly many others in the forum who understand far more than I do. Please feel free to ask any questions you have. Between all the responses you should almost always be able to derive the answer you were looking for, and perhaps come up with one or two good follow up questions.

The more you understand the more you understand how little you really know. :wink:

Thank you, that’s very kind - it’s good to no one can message moderator (Chiron) for help…

I feel like I should clarify what I meant since I don’t know if it was obvious, at the time I couldn’t find the right wording for it.

By “In my opinion such a user “deserves” to be infected.” I don’t mean that I want them to be infected, but rather that if they get infected then they deserved it. Same as if I get infected then I deserve it because I did something to let it into my system be that faulty configuration of my security system or something else.

In my opinion it isn’t the security suit’s job to keep the user safe without ever bothering the user, the security suit should be a tool which the user uses.

I know that many do not agree on that point but if someone doesn’t give a ■■■■ about their security and just installs something without even knowing how it works or why it works and then gets infected without ever opening the settings for their security… then in my opinion they deserved that infection. Just my opinion and not a fact at all.

And while I do understand that many don’t have time to understand PC security, it’s my belief that they should take time to learn some of it, at least learn to set up their security system to something that actually fits them and then learning the common sense of the Internet and what not to do. If they don’t even bother learning that, then in my opinion they have no right to be upset or angry when something happens to their computer as it’s their own fault for not taking their time to actually learn this.

You don’t put people in a Car and then shove them out on the road before they know the traffic rules etc and common sense about driving, that would be a disaster. Yet that is exactly what we do with the Internet.

I completely disagree, does someone deserve cancer just because they do not examine their breasts, or testicles. Some people do not have the knowledge to think about what a BB does and how do they know about partially limited, limited the software should come with a manual so people can read???

I don’t think that comparison works, if we assume Cancer is the Computer virus, then what would the anti-virus be? What would you know how to avoid in order to avoid getting cancer etc. All the things related need to have something you compare it to.

For example with computers, you can learn about security and all that and then build up a good security system with good practice etc which are sure to keep you safe. How does that apply to cancer? Am I able to avoid cancer by good practices? (I actually don’t know the answer to this and if the answer is YES and then I get Cancer then yes it would be my fault for not learning about this and doing these practices which would save me from it but if the answer is NO then the comparison is flawed.)

If someone failed to do the right thing by “not knowing”,
this person just somehow “caused” things to happen.

If someone does the same mistake twice though,
he might “deserve” to get the expectable result.

But “deserve” is a word that is allways wrong when its about fait. I think its language too.

With a computer you are driving into a dangerous world. Why should someone do it blind?

Translate into real life.
Be safe.

The prevention is examintion looking/ feeling for any changes, lumps etc., that’s the antivirus but how many people actually do examine themselves on a monthly basis, from my work as a doctor and a t medical school not many.

With the deepest respect to you tony,i find your analogy slightly off beam.
If i may explain.?
If a computer gets infected we can re-image and so on.
If someone gets cancer then there is no such alternatives.
I see your theory in principal but its a crude comparison at best.

May be true, but I do not agree that if someone gets infected they deserve it, I use to just install, for example Kaspersky and that was it, a lot of people do. I (at the time) did not have the knowledge to mess around with the advanced settings, let alone tweak the software to become bullet proof, now thanks to people like Chiron I understand Comodo very well and can easily edit the registry - how many can do that?

Any novice who uses a computer without first asking for expert help is either naive or stupid and deserves the inevitable problems that will occur. The problem is that most novices who do ask for help will be sold a commercial security suite and then believe that the on-going license payments keep them safe without any appreciation of the many requirements for safe internet use. Security software should be set-and-forget. It should NOT be necessary to spend time configuring security software and answering multiple pop-ups that need expert knowledge. After all, if I buy a car I need to learn how to drive it and get it serviced (expert help), but I don’t need to know anything about how it works.

Honestly I may have used the wrong words here, “deserve” does sound too powerful for what I am trying to get across here but I couldn’t come up with a better word. Though clockwork did put a better word, well clockwork said “fait” while I assume he meant “fate”. So no I don’t think the one who gets infected “deserved” it, but rather that it was kind of obvious to happen or “fate” or something like that, but then again fate is a bit too powerless in what I am trying to say… I just can’t find the words for my thoughts and hence I sound like a major a-hole when trying to explain it.

I apologize if I offended anyone with what I said. I will try again to put it in better words.

It is my opinion that the user needs to have the necessary knowledge to avoid malware, for example knowing what to do and what not to do on the Internet. But then of course the user should have a security suit, which in my opinion should be the second line of defense after the user, while the default configuration of this security suit may be enough, it’s my opinion that the user should know what these settings are, that’s what I am trying to say. No single configuration can be perfect for every user and hence the user shouldn’t just assume that this configuration fits him or her.

But then we get to the problem MartiusD brought forward, that when these users actually try to learn they are met with people who want to sell them products and try to tell them that they are safe just using anti-virus X etc etc, so the user doesn’t actually get any wiser but the user can’t know this and hence thinks that he or she is secure. So in that regard I think that the user’s fate was to get infected but did absolutely not deserve it.

So now I don’t really know anymore, my thoughts about this has gone from having one view to having several conflicting views and I need to try to figure this one out. ???