Main Area and Open Discussion > General Software Discussion

windows security - what's really necessary?

<< < (9/10) > >>

Target:

hmmm, so the upshot here is... nothing!!

it appears you can use what you like, or not, based pretty much on your comfort level personal (software) preferences...

Target

Armando:
IMO there are some slight "epistemological problems" with the discussion here... I don’t want to sound like this thread’s smartass — I know it’s just a relaxed forum discussion, ahem — I'm no security expert, but : there are no clearly defined (precise) parameters to make objective comparisons. And no real hard numbers or studies.
 
From what I've read, the "[what's really] necessary" parameter (the expression used in the thread's subject) is mostly used in subjective ways, as very personal evaluations of what's essential, without defining much the most important other singular-individual and plural-contextual factors (hardware, software, human environment, network, the computer literateness of the person using the computer, etc.). (and yes, I kind of understand that the question is about finding the right balance between usability, performance, and security).

Without any term definitions, what would an "essential, indispensable" security measure for Windows be? Only an up to date OS and a computer security literate and responsible user (now... define that!)?… Anyway. Then if I want to go beyond what's "necessary" I guess I'd probably add a router or a basic firewall, and a capable anti-virus? Then, what? I might add an HIPS, sandboxe, etc.?

PS : Apart from the usually pretty tangibles performance drawbacks linked to some security software, I wonder how does one know that her data isn't just flying through multiple wholes, open ports without her consent (it’s not like there will suddenly be files missing in a folder… like if these where books on a bookshelf!)... Is the "I ran my computer without a firewall without a firewall — or win XPs basic firewall — for 3 years without a single problem" convincing? How can one be that sure that the computer ran "without a problem" and that all data stayed quietly at home? Sounds like an homeopathic arguments to me...

f0dder:
Curt: you really shouldn't disable XP's firewall if you aren't using any other firewall product.

Also, you say you're not behind a router / don't know what it is. Which kind of internet connection do you have? Analog modem, ADSL, cable, WiMaxx? Which provider (CyberCity, TDC?) - you're very likely behind a router even if you don't know it, at least if you're on ADSL :)

Armando:
BTW, something that I'll install soon: DropMyRights.
-Lashiec (January 30, 2008, 07:09 PM)
--- End quote ---

Some related "alternatives" have been talked about (albeit briefly) in other threads (like this one) :
- <a href="http://sudown.sourceforge.net/index.php">suDown</a>
- sudowin

And, btw, Online Armor free firewall offers the possibility of running any app with reduced privileges, on the fly (and of course, keep it like that for how long you wish). It's a bit more simple to use than dropmyrights, but... will consume more resources -- since it'S a software firewall.

Target:
Armando

you've clearly outlined the crux of my dilemma - clearly no 2 individuals have the same setups, expectations, knowledge, philosophies or fears regarding the potential for a 'security breach' (define that... :-\), or the ability to identify and/or deal with any such breach

it was never my intention to get a definitive solution (I pretty much think we've established that this is a myth), simply to try and establish what the consensus was for a baseline of what's really necessary, ie what is considered the minimum requirements for a reasonably secure internet connection.  Forget local networks, they're not really relevant for the sake of the discussion.  

Given this, precise definitions were unnecessary, and subjective opinions were (almost) as valuable as objective ones. It's up to the individual to make up their own mind about what fits their own (personal, specific) requirements.

you also raised the issue of system maintenance which hasn't really been discussed, however based on balance of this thread I am wondering how necessary this is as well, ie is (XP) SP2 sufficient, or do we <i>need</i> all the subsequent patches and fixes.

Given that there doesn't seem to be any real consensus regarding the actual threat, or the potential for a breach, it seems that we could lump that subject in with the whole 'minimum requirement' as well

thoughts??

Target  


  

Navigation

[0] Message Index

[#] Next page

[*] Previous page