Razz

My Protection - what's yours?

Recommended Posts

I'm a newbie on this forum (in fact, I joined today) and besides 3rd. party anti-malware with real time protection, I'm curious what members are using for additional protection.  I'll list my current protection, please feel free to comment if you feel I should add something or feel that something is not necessary.

  • Windows Defender (Windows 10 version)
  • MVPS Host File
  • NordVPN
  • SpywareBlaster
  • WinPatrol Free
  • CyberSight RansomStopper
  • Malwarebytes Anti-Malware Free (for periodic manual scans)
  • SuperAntiSpyware Free (for periodic manual scans)

Browser Extensions (I use Chrome):

  • Emsisoft Browser Security
  • Malwarebytes Browser Extension
  • uBlock Origin
  • TrafficLight
  • HTTPS Everywhere

 

 

Share this post


Link to post
Share on other sites

I just use Emsisoft (blocking PUPs) on my workhorse PC with the extension and Norton with its extension on another. I use Firefox because I see Google as a data collection machine and Chrome as an extension of it. But using either you also have Google's safebrowsing.phishing and safebrowsing.malware options enabled by default.

I have Privacy Badger from the  Electronic Frontier Foundation

And I use my instincts.

Edited by bobbonomo
addition

Share this post


Link to post
Share on other sites
Quote
  • MVPS Host File

Just don't. You will hurt your general performance considerably. Better to just enable the MVPS filter list in uBlock.

Quote
  •  SpywareBlaster

Kind of pointless. uBlock does a better job. Ad hosts blocked by uBlock can't set cookies in the first place. That's all it pretty much does if you are using Firefox.

Quote
  • TrafficLight

For someone who is concerned about their privacy it is interesting that you willingly send your entire surf history to any company in clear text:

image.png
Download Image

Literally every single website you browse to will get submitted in that way. Bitdefender Traffic Light isn't the only extension that does this. Other extensions known to do this are Avira Browser Safety, Avast Online Security, Norton Safe Web and Comodo Online Security Pro.

  • Thanks 1

Share this post


Link to post
Share on other sites

Fabian, thank you so very much for your valuable and very informative input, I really appreciate it.

10 hours ago, Fabian Wosar said:

MVPS Host File: Just don't. You will hurt your general performance considerably. Better to just enable the MVPS filter list in uBlock.

I did not realize the impact on performance that using the MVPS Host File would have.  In your opinion, is enabling the MVPS filter list in uBlock Origin even necessary - i.e. you think I may as well just be content with the lists that come with uBlock Origin, that's probably more than sufficient?

10 hours ago, Fabian Wosar said:

 SpywareBlasterKind of pointless. uBlock does a better job. Ad hosts blocked by uBlock can't set cookies in the first place. That's all it pretty much does if you are using Firefox.

I certainly see your point about it being pointless and will now uninstall SpywareBlaster.  I started using SpywareBlaster a very long time ago and just kind of got used to having it around and never gave it much thought when I installed uBlock Origin.  Thanks for pointing that out :)  BTW, I am using Chrome.

10 hours ago, Fabian Wosar said:

TrafficLightFor someone who is concerned about their privacy it is interesting that you willingly send your entire surf history to any company in clear text.  Literally every single website you browse to will get submitted in that way. Bitdefender Traffic Light isn't the only extension that does this. Other extensions known to do this are Avira Browser Safety, Avast Online Security, Norton Safe Web and Comodo Online Security Pro.

I had absolute no idea that Traffic Light did that.  You would think that BitDefender and the other companies you mentioned would have to disclose that somewhere (perhaps they do and I just missed it).  I will certainly uninstall Traffic Light now.  Can you recommend a good browser extension that flags good & bad websites when you search in Google so you know what not to click?

I learned a lot from you today, thank you!

Share this post


Link to post
Share on other sites
22 hours ago, Razz said:

I did not realize the impact on performance that using the MVPS Host File would have.  In your opinion, is enabling the MVPS filter list in uBlock Origin even necessary - i.e. you think I may as well just be content with the lists that come with uBlock Origin, that's probably more than sufficient?

uBlock is exceptionally good at removing duplicate filter rules. So if you enable the MVPS filter list there, it will only enable it for stuff that isn't covered by other lists. That's also why in the rules list it says "x used out of y". Because it tells you how many rules it actually used out of that filter list. The rest was already covered by other lists.

uBlock is also a lot more efficient as parsing and applying these filter rules than the DNS API in Windows is, which is the component that parses the "hosts" file. Depending on the browser you use, the "hosts" file may actually get ignored entirely. Some browsers like Chrome, for example, implemented their own, faster DNS client as the Windows DNS API isn't the fastest. So in the worst case scenario, you were having this huge hosts file, slowing down every program that does remotely something with networking, while at the same time your browser completely ignored it.

Quote

I had absolute no idea that Traffic Light did that.  You would think that BitDefender and the other companies you mentioned would have to disclose that somewhere (perhaps they do and I just missed it). 

Yeah, most people aren't aware of it and it is the main reason why we decided to create our own browser extension. The worst part is, that it is completely unnecessary from a technical point of view as well. But yeah, as it is often the case: If something a free, you pay with your data. 

Quote

I will certainly uninstall Traffic Light now.  Can you recommend a good browser extension that flags good & bad websites when you search in Google so you know what not to click?

Unfortunately not. If you find one, let me know which one and I can check how intrusive it is for you though. We are also considering adding search indicators in our extension. So you may want to wait for that. There is no ETA though.

  • Thanks 1

Share this post


Link to post
Share on other sites
On 3/1/2019 at 9:40 AM, Fabian Wosar said:

uBlock is exceptionally good at removing duplicate filter rules. So if you enable the MVPS filter list there, it will only enable it for stuff that isn't covered by other lists. 

uBlock is also a lot more efficient as parsing and applying these filter rules than the DNS API in Windows is, which is the component that parses the "hosts" file. Depending on the browser you use, the "hosts" file may actually get ignored entirely. Some browsers like Chrome, for example, implemented their own, faster DNS client as the Windows DNS API isn't the fastest. So in the worst case scenario, you were having this huge hosts file, slowing down every program that does remotely something with networking, while at the same time your browser completely ignored it.

Based on your wise advice, I just enabled the MVPS filter list within uBlock Origin.  This leads me to the question: how do I delete the MVPS host file in order to make sure that uBlock Origin is in control of host files?  I had been using HostsXpert to manage the download and install of the periodic MVPS file updates, do I just use that to access the MVPS file and then just delete it?

Not sure I understand what you were saying.  I use Chrome and are you saying that when I was using the MVPS Host File (for years) that it wasn't even being used? 

On 3/1/2019 at 9:40 AM, Fabian Wosar said:

Yeah, most people aren't aware of it and it is the main reason why we decided to create our own browser extension. 

As you know from my list, I am indeed using your Emsisoft Browser Security Extension.  It is my understanding that your browser extension only blocks malicious sites, not ads as well, is this correct?

In reference to my question "Can you recommend a good browser extension that flags good & bad websites when you search in Google so you know what not to click?", you responded:

On 3/1/2019 at 9:40 AM, Fabian Wosar said:

Unfortunately not. If you find one, let me know which one and I can check how intrusive it is for you though. We are also considering adding search indicators in our extension. So you may want to wait for that. There is no ETA though.

It would be wonderful if you do add search indicators in your extension.  I personally really like that even though I guess it's not necessary because if you click on a bad site your other protection should block you, at least I assume it's supposed to.  I used to use Kaspersky Total Security and their browser extension that came with the suite did have that search indicator feature.

EDIT: Just wanted to add that I gather that WOT (Web of Trust) is still not recommended?  I realize the trouble it got into years ago, just wondered if it's still a no go.

Thanks again Fabian for helping me.

Share this post


Link to post
Share on other sites

Let me say this about privacy on the Internet. It does not exist really. OK so you are protected from the prying eyes of your service provider and all intermediate routers between you and the server if using https. This is good but...

You make a request to thiscrazydomain.com which needs to be resolved. This is done by UDP in clear text. Your ISP probably farms out DNS to a Big Boy like Google's 8.8.8.8 or other like cloudflare's 1.1.1.1 or openDNS's 208.67.222.222 just to name a few. So now it is known.

The http request is encrypted but the hosting company now knows too and what page you requested. The server is probably in a cloud. These are Big boys.

If using Google Chrome or Firefox then the URL is checked by safebrowsing.phishing or safebrowsing.malware by Google. Microsoft has the same thing using its Edge. Not sure how safebrowsing works or where they check. I see safebrowsing stuff in my FF profile.

Whatever security software you use now knows too. Using Chrome is like being connected to HQ in Mountain View CA.

Now you are on the server and it uses one or more Content delivery networks (CDN) for all kinds of libraries like Google fonts, Analytics, maps, and all kinds of other "free" stuff they "give" away. Now they all know. How much other stuff happens under the hood?

Emsisoft says they check from your computer and I believe this because I see the updates occur on a regular basis and if they did not they would get busted by someone.

Using a VPN is good too. Now you need to trust the VPN guy.

So are we to believe all these big players respect our privacy when we know it is part of their business model to gather all this info.

Use TOR or Tails which is an implementation of TOR operating from a USB stick and does not use the host computer except for the CPU and GPU and memory which is flushed upon exiting.

From mozilla

Quote

Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing, unwanted software and malware sites. These lists are automatically downloaded and updated every 30 minutes or so

 

Share this post


Link to post
Share on other sites

Thank you bobbonomo for explaining things in detail.  You certainly have a point about your privacy on the Internet.  Without common sense you are doomed for sure.  So to assure yourself the best shot at staying safe online a person should be adopting sound practices while online along with implementing certain browser extensions to provide further protection, you are basically doing all you can.

As part of my list in my original post, three that I highly recommend are Emsisoft Browser Security, Malwarebytes Browser Extension and uBlock Origin.

Share this post


Link to post
Share on other sites
On 3/1/2019 at 10:47 PM, Razz said:

Based on your wise advice, I just enabled the MVPS filter list within uBlock Origin.  This leads me to the question: how do I delete the MVPS host file in order to make sure that uBlock Origin is in control of host files?  I had been using HostsXpert to manage the download and install of the periodic MVPS file updates, do I just use that to access the MVPS file and then just delete it?

You can technically just remove all entries from your hosts file using Notepad. Just delete everything except the "127.0.0.1 localhost" entry if there is any. Lines starting with "#" are comments by the way.

On 3/1/2019 at 10:47 PM, Razz said:

Not sure I understand what you were saying.  I use Chrome and are you saying that when I was using the MVPS Host File (for years) that it wasn't even being used? 

Pretty much.

On 3/1/2019 at 10:47 PM, Razz said:

As you know from my list, I am indeed using your Emsisoft Browser Security Extension.  It is my understanding that your browser extension only blocks malicious sites, not ads as well, is this correct?

We are not an ad blocker, no. You use uBlock Origin which is pretty much the best adblocker you can get. So you are well covered in that area already.

On 3/1/2019 at 10:47 PM, Razz said:

It would be wonderful if you do add search indicators in your extension.  I personally really like that even though I guess it's not necessary because if you click on a bad site your other protection should block you, at least I assume it's supposed to.  I used to use Kaspersky Total Security and their browser extension that came with the suite did have that search indicator feature.

Correct. When you try to click the link, it will block access to the site. But I do understand that a lot of people would like to know before they click, which is why we consider adding it.

On 3/1/2019 at 10:47 PM, Razz said:

EDIT: Just wanted to add that I gather that WOT (Web of Trust) is still not recommended?  I realize the trouble it got into years ago, just wondered if it's still a no go.

Interestingly enough WOT got in trouble for the very same thing that some AVs are doing with their extension.

17 hours ago, bobbonomo said:

You make a request to thiscrazydomain.com which needs to be resolved. This is done by UDP in clear text. Your ISP probably farms out DNS to a Big Boy like Google's 8.8.8.8 or other like cloudflare's 1.1.1.1 or openDNS's 208.67.222.222 just to name a few. So now it is known.

You can always set up your own DNS server locally or in a cheap VPS box online. DNS also can be tunneled via various secure protocols (DNS-over-HTTPS for example).

17 hours ago, bobbonomo said:

If using Google Chrome or Firefox then the URL is checked by safebrowsing.phishing or safebrowsing.malware by Google. Microsoft has the same thing using its Edge. Not sure how safebrowsing works or where they check. I see safebrowsing stuff in my FF profile.

Those use methods that provide k-anonymity. Firefox in addition also sends "fake" requests if I remember correctly so the hoster of the block list does not know whether that was a website you actually surfed to or a random request.

17 hours ago, bobbonomo said:

Using a VPN is good too. Now you need to trust the VPN guy.

If you are so concerned, just host your own VPN. Get a cheap VPS with bitcoin at njal.la for example, host OpenVPN and your own DNS server on it and there will be no link between you and the VPS. It's serious overkill though.

  • Thanks 1

Share this post


Link to post
Share on other sites
13 hours ago, Fabian Wosar said:

You can technically just remove all entries from your hosts file using Notepad. Just delete everything except the "127.0.0.1 localhost" entry if there is any.

Done, all entries removed.  I assume having the following clear slate will allow uBlock Origin to fully do it's job.

1159132204_BlankHostFile.PNG.45faac74e88fe53312ce1b7488254346.PNG
Download Image

13 hours ago, Fabian Wosar said:

We are not an ad blocker, no. You use uBlock Origin which is pretty much the best adblocker you can get. So you are well covered in that area already.

It's comforting to know uBlock Origin has such a good rep and endorsed by experts like yourself.

14 hours ago, Fabian Wosar said:

Correct. When you try to click the link, it will block access to the site. But I do understand that a lot of people would like to know before they click, which is why we consider adding it.

I guess I have to admit that I'm one of the people who like to know the safety of a site before clicking the link.  I really do hope you guys will consider adding this function to your Browser Security extension.

14 hours ago, Fabian Wosar said:

Interestingly enough WOT got in trouble for the very same thing that some AVs are doing with their extension.

So I gather by your answer that WOT should still not be used.

 

Share this post


Link to post
Share on other sites

Caring about privacy and paying attention to browser extensions is perfectly fine, but you seem to ignore the main component: the browser. Google Chrome is possibly the worst choice you could make.

Share this post


Link to post
Share on other sites

Not sure to whom this was intended for. This is one of the first things I said in my post above of Sunday at 02:29 PM. I'm almost positive your reasons are close to mine.

Quote

Using Chrome is like being connected to HQ in Mountain View CA

This post by Quara.com is kinda related. You may not think so from the title.

Why are Bots unable to Check "I am not a Robot" Checkboxes?
https[:]//www.quora[.]com/Why-cant-bots-check-%E2%80%9CI-am-not-a-robot%E2%80%9D-checkboxes/answer/Oliver-Emberton

It describes the methods and data Google uses for their CAPTCHA thingy. It's a short read.
I read the supporting document presented at Black Hat ASIA 2016 called:  I’m not a human: Breaking the Google reCAPTCHA
It's a long dry read. 12 pages.

There are 3 Challenge Types: No captcha reCaptch, Image reCaptcha, and Text reCaptcha.

The different type of challenges varies from user to user. Harder challenges will be presented if a specific user has low reputation or requests multiple challenges or provides several wrong answers many times.

The first one is of interest here since we talk about privacy things:

Quote

The new user-friendly version is designed to completely remove the difficulty of solving captchas.  Upon clicking the checkbox in the widget, if the advanced risk analysis system consider the user have high reputation, the challenge will consider to be solved and no action required from the user.

"No action required" is what I presume they want to be presented to most users because CAPTCHAs are a royal pain.  This means they "own" you with all they have about you.

.... and this article is 2+ years old. Imagine what 2 years more has given.

Amazing? Scary? Both?

 

Edited by bobbonomo
typos changes link

Share this post


Link to post
Share on other sites
On 3/5/2019 at 5:22 PM, Quirky said:

Caring about privacy and paying attention to browser extensions is perfectly fine, but you seem to ignore the main component: the browser. Google Chrome is possibly the worst choice you could make.

Good point.  However, I'll be sticking with Chrome, at least for the time being.

29 minutes ago, bobbonomo said:

Amazing? Scary? Both?

I vote "Both"  🤔

Share this post


Link to post
Share on other sites

Quirky, what do you think of the Brave Browser? I was having a look at it and it seems good.

Share this post


Link to post
Share on other sites
12 hours ago, Razz said:

Quirky, what do you think of the Brave Browser? I was having a look at it and it seems good.

I personally wouldn't touch any Chromium-based browser. Apart from the obvious privacy issues, I never liked the limited UI and monoculture design and mentality.

Share this post


Link to post
Share on other sites

This is dated yesterday March 10. It's a short read
Googling Searching for Strangers: One professor's lesson on privacy in public spaces

https://www.npr.org/2019/03/10/702028545/googling-strangers-one-professors-lesson-on-privacy-in-public-spaces

Quote

Some of the most outspoken skeptics of privacy protections in her class — the ones who once suggested that they didn't need privacy because they had nothing to hide — were stunned at how quickly they'd found out details of the lives of strangers who happened to cross their paths.

 

Edited by bobbonomo
fixed URL

Share this post


Link to post
Share on other sites

My protection is as follows: Emsisoft monitoring always on. Frequent scans (Emsisoft) 

Emsisoft Browser security. Windows firewall But also a well known solid ROUTER based firewall.

Occasionally turn on Defender and run both quick scan and custom full disk scans. Keep everything up to date - everything.

Very important: Educate myself on current threats and be constantly vigilent.

So simply put Hardware firewall. One good Antimalware product (Emsisoft). Being aware. Up to date everything.

I have a clean and very zippy PC. The above has worked for years. I emphasize Vigilence and keeping up to date with current environment. I doubt any software, or combination of will automatically make any PC immune to any infections. Below 2 approaches. This is just my opinion and could be wrong, but for over 10 years never any malware.

This is my opinion: A: (You will need to be lucky)

Top security soft ware and router based fire wall, but just trust your software and never care about anything. Probably get something nasty at some point over long time. Good software will catch most stuff. Not 100%

This is what I do B: (Best possible way IMHO)

The above, plus user vigilence  As save as you can be. No software can prevent all careless actions of a human. WE users, should be able to notice something not quite right. Software will hopefully

prevent anything that gets through an educated and aware human user. Consider software as an assistant - another layer of protection. Ultimately the User is to blame if infected.

Share this post


Link to post
Share on other sites
On 28/02/2019 at 11:52, Fabian Wosar said:

Just don't. You will hurt your general performance considerably. Better to just enable the MVPS filter list in uBlock.

Hello @Fabian Wosar 

I'm a French user of Emsisoft.

My security is Emsisoft + NVT OSA + µBlock Origin + Emsisoft Browser Security + Malwarebyte Browser Security + LastPass.

Please can you explain to me where I can find MVPS filter list in µBlock Origin parameters ?

Thanks

Share this post


Link to post
Share on other sites
8 hours ago, Marshall said:

Please can you explain to me where I can find MVPS filter list in µBlock Origin parameters ?

Hi Marshall.  To add the MVPS Hosts list to uBlock Origin, perform the following steps (see images for more details):

(1) Go to the following link:  https://filterlists.com/

(2) Enter "130" in the page field.

(3) Click the blue "Details" button on the "MVPS Hosts" line.

(4) Click the blue "Subscribe" button.

You're all done!  The MVPS Hosts file should now be added to uBlock Origin in your browser.  To check you can look at the uBlock Origin "Options" page by right-clicking the uBlock Origin icon in your browser, as per images.

Hope this helps.

Best Regards,

Steen

 

1777442769_Forum1.PNG.c2c6b2d55613d3ffee8589060132fe1e.PNG
Download Image

 

1194063081_Forum2.PNG.8beaef885e7da872e2ddb7a411b6091a.PNG
Download Image

 

 

1522822256_Forum4.PNG.bb367debb551086257508035f8937610.PNG
Download Image

 

411716830_Forum3.PNG.d06e524195b2480f5933daee05aa1174.PNG
Download Image

 

  • Thanks 1

Share this post


Link to post
Share on other sites

Hi Marshall.

Not sure, but I do know that I recognize the URL of "MVPS Hosts" and I recognize the list.  I don't recognize the list attached to MVPS Hosts (Domains).

To view the list, click the blue "Details", "View" & "Original" buttons - see image.

 

Sorry I couldn't offer a better explanation.

image.png
Download Image

903578464_Forum2.PNG.f5c54d69ccd535472441367fa258ffa4.PNG
Download Image

 

  • Thanks 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.