too much security?

[cmpm]

Found this today.

http://pcdoctor.kingsoft.com/index.shtml

A free security program, with various functions including some I don't need.
Kingsoft, reputable company I reckon, as far as I know.

But!

The question is how many of these kind of security products are really needed.
I have Nod, mbam and sas running full time.
And a few others I can run on demand.

I did the free Mamutu, when it was on GOTD.
That was annoying.
It Firewalls a lot of your files from interacting together.
Had to uninstall, it never found anything that was trouble.

This program from Kingsoft looks good and is free, runs full time,
but sheesh stop tempting me for more security then I need!

What do y'all think about it?

[lanux128]

hmm.. one can never have too much security but in a computer that can be a case of struggle for resources. what is sas - super anti spyware?

[cmpm]

yes, sas, super anti spyware

and resources being over used,
for security already covered by what I have now

I can't be sure that Kingsoft would find things the others can't,
not worried too much about it, more security is great,
but do I need it.

[steeladept]

hmm.. one can never have too much security

-lanux128 (August 10, 2011, 10:31 AM)

I disagree here.  Too much security (in my opinion) is any security that is in excess of the minimum security needed to be safe from a risk management perspective.  Security, by design, get's in the way of operation - be it physical, computer, operational, etc.  If it didn't, it wouldn't work, since that is it's purpose.  The problem is too much means you can't function.  Take physical security as an example.  Ever been anywhere where you needed to get in to do your job, but the door was locked and no one had the key?  That is too much security for the issue.  Does  that mean it isn't warranted?  No, there is a lot more to secure that just that job, but it does prevent the job as "collateral damage" of the security it is designed for.  Similarly, a computer security program prevents programs from operating in certain ways. There are legitamate reasons for some of them to operate that way, however.  That means you have to "unlock" the route for the program to function.  This, however, lowers security by allowing the program to run.  Risk management dictates that the security breach probability is very low vs. the program's need to run, so you allow it, but that doesn't change the fact that security is decreased, even if it is only slightly.  In the end, when it comes to computer security, the only real security is the off button, but then the computer will not run at all!

[40hz]

My current opinion is that (for Windows 7) anything that goes beyond:

• using Windows' built-in firewall
• installing a copy of Microsoft Security Essentials
• not disabling UAC
• keeping Windows, MSE, and your applications regularly updated
• not being overly stupid about what attachments you open or what software you download and install

is "too much security" for 99.9% of all Windows 7 users.

Support people and techno-wonks may occasionally need (or want to play with) some additional tools. But for most people, the above should do quite nicely

And oh yeah - making that system repair disk and recovery media set, plus doing those backups most people never seem to get around to making wouldn't hurt either. 

 

[Curt]

I expect Kingsoft PC Doctor to be just fine, for this kind of software.
But in theory it is a threat by itself, because of the open "Cloud Security Engine" connection.

Anyway;
I would be surprised if the program has nothing to do with the other PC Doctor...
-but I don't care to find out.

[cmpm]

I agree Curt, to use the same name is a big red flag.

Just seeing yet another security program raised my question.
Not thinking of this one only, but the many that are around.

[cyberdiva]

I have Nod, mbam and sas running full time.

-cmpm (August 10, 2011, 09:46 AM)

I'm under the impression that it's not wise to have two anti-malware programs (mbam and sas) running in real time.  Wouldn't you be better off running one in real time and one on demand?

[JavaJones]

Further to what 40hz said (which I agree with in entirety), if you *do* need "more", most of the time your needs for e.g. playing with potentially risky beta apps or whatever would be easily served by some kind of virtualization or sandboxing app. Some people want (much fewer *need*) a more advanced firewall, and a startup monitor for non-malicious but still annoying stuff that adds itself to your autostart, but other than those two - neither of which I bother with because I can manually deal with that stuff as-needed - I think what 40hz said is end of story.

- Oshyan

[40hz]

I have Nod, mbam and sas running full time.

-cmpm (August 10, 2011, 09:46 AM)

I'm under the impression that it's not wise to have two anti-malware programs (mbam and sas) running in real time.  Wouldn't you be better off running one in real time and one on demand?

-cyberdiva (August 10, 2011, 03:39 PM)

+1 w/cyberdiva.

As long as you aren't running multiple real-time scanning engines simultaneously you should be mostly ok. The problem with the suites however is that there isn't always just one real-time component, so you'd need to check to be sure you aren't overlapping anything on your firewall, browser, e-mail client, etc.

While it's a common practice to run on-demand scans from multiple AV products if you've confirmed you've been infected, under no circumstances should two antimalware apps be active at the same time. At best, your scan will take forever to finish - or lockup and force you to reboot. Worst case, the two active apps will get into a 'deadly embrace' with each other, possibly leaving you with a seriously screwed up machine after they're done duking it out. So you'll definitely want to disable them so only one is running at at time.

Every so often I'll disconnect my network cable, then disable MSE and run something like Super Antispyware or Malwarebytes' Anti-Malware just in case something hit me that MSE didn't catch. It hasn't happened to date, but old habits die hard.

 

[cmpm]

SAS and mbam seem to play well together.
I've been running them together for a long time.

SAS will pick up the tracking cookies as well, and has blocked malicious sites,
or seen links that would lead to possible infections, where mbam did not.
If I was to turn off one, it would be SAS rather then mbam.
But I have enough resources to let both work along with Nod.
That is me though, others do it different

They both update and quick scan at different times of the day, every day.
I do believe they both keep looking in the background all the time,
judging by monitoring resources, using a good bit till I start surfing or using another program.
Or done looking at stuff.
Then they back off the resource usage and give it back to me, still looking for trouble,
should I stumble into any.
I have hit on sites that I didn't expect any trouble from and these programs stopped them.

I try to surf safely, but having them both helps my confidence.

[kyrathaba]

I'm under the impression that it's not wise to have two anti-malware programs (mbam and sas) running in real time.  Wouldn't you be better off running one in real time and one on demand?

That's what I do.  Microsoft Security Essentials runs 24/7, and I run AVG and SpyBot S&D on-demand.