Security Experts: Updating Software Best Way To Stay Safe Online

Status
Not open for further replies.
I kind of feel a "no duh" moment here.

Of course updating software helps to keep you safe in 99% of cases. Unless you are Java and release a new version that opens a massive hole so bad that you tell everyone to roll back.

But normally a patch is there to fix exploits/holes in the software/OS.
 

clonazepam

Distinguished
I use Webroot's SecureAnywhere. I don't know how good or bad it is, so I assume that means its at least decent. There's many features and one that sticks out as uncommon to me is that its install folder name and the executable are randomly generated during the install.

Threat protection is performed "in the cloud" and needs no updates. Good, bad, indifferent?
 
Cloud based scanning is not bad but if a virus kills your web access you need something local that can at least take manual updates.

I have not looked at anything beyond Windows Defender (same as MSE in 8/8.1) since it came out.
 

codo

Honorable
May 5, 2012
69
0
10,630
Some people are weary of updates but I've always updated everything I could whenever I could and have no trouble.
 

whassup

Reputable
May 21, 2015
200
0
4,760
Just keep your Windows, Browser, PDF readers, MS Office and Antivirus always updated you will be secure even if you are on the adventurous side.

For the past 3 years my PC never get infected and I am a click happy user who visits whatever sites that I need the information or file. I just keeps all of my Internet related apps updated that includes Windows 8.1 Pro, Avast Free 2015 (PUP scan enabled), Chrome, MS Office and PDF reader. I also do regular malware scans using Avast as well as Malwarebytes Anti Malware, Adwcleaner just to ensure nothing is penetrated on to my system.
 

Tanyac

Reputable
This reads like a weak attempt to placate those that are concerned about the Windows 10 forced auto updates.

There are as many reasons not to trust auto updates, especially given the advertising, malware and personal information collection, and complete lack of control over your "own" system, as there are to support auto updates.

Best security. Disconnect from the internet. Better yet, Turn off your computer, go and have a BBQ with your neighbors and reconnect with the community.

 

alidan

Splendid
Aug 5, 2009
5,303
0
25,780
US
Some people are weary of updates but I've always updated everything I could whenever I could and have no trouble.
i have had one to many updates break things in the past to ever want to update beyond a something i own isn't working basis, i hate that google autoupdates and there is nothing i can do to stop it... take a look at the bookmark manager they tried to force on everyone a few updates ago... there will come a time they remove the traditional bookmarks and i am forced to leave chrome because of that crap.

also... i have had online accounts hacked/bruteforced and i have had full system crashes with no hope of recovery... the idea of using a password manager is something i will never bring myself to accept... the idea of a program that handles all my passwords and has them as long and complicated as possible, only to either have the program crap out on me and never be able to get access to any of my accounts again is bad enough, but than you go a step further and if someone hacked the site if it wanst a local password manager... not a chance in hell... and 2 step verification only works when you have a cellphone... i don't, and paying a few hundred dollars a year for just for 2 step is out of the question.
 

alidan

Splendid
Aug 5, 2009
5,303
0
25,780
US


i did not know windows 10 forced updates... ill have to look into blocking all microsoft domains from either a software level or hardware... i refused to update the os unless something is broken as windows updates have failed on me so many times where a format was required i just cant bring myself to updating unless its absolutely impossible to live without.
 

whassup

Reputable
May 21, 2015
200
0
4,760


i did not know windows 10 forced updates... ill have to look into blocking all microsoft domains from either a software level or hardware... i refused to update the os unless something is broken as windows updates have failed on me so many times where a format was required i just cant bring myself to updating unless its absolutely impossible to live without.

Really strange not a Single windows update caused me any kind of problem. I can't imagine my PC not running up to date Windows. Its really weird that some people complain Windows update.
 

gergguy

Honorable
Oct 12, 2013
214
0
10,710
Changing passwords frequently has no effect on security (unless you have given your password to others). The only thing it does is drive IT guys crazy because people can't remember their passwords
 

Onus

Titan
Moderator
I don't visit "questionable" sites (e.g. pron, warez) and I stay out of the vapor ("cloud" for the less-informed, where all information, sooner or later, will become public). I use complex passwords, different passwords, but I have not selected a password manager; I may get one so I can make passwords a little longer. I use AV, and the PAID version of MalwareBytes, which has real-time blocking and notification. I install OS and most application updates.
 


There is very little to no information about this. I assume it is security updates, to patch holes and exploits, not all updates.
 

hawkwindeb

Distinguished
Jul 14, 2006
72
0
18,630
"I try to remember my passwords because no one can hack my mind."

all your base are belong to us... We have already hacked your mind and know what your are thinking...
 

DRosencraft

Distinguished
Aug 26, 2011
743
0
19,010
Mixed bag here. I would caution first that "experts" often make mistakes and bad assumptions too, so it's no surprise their recommendations are sometimes flawed. They're just less likely to be outright wrong than a layman.

Updates, I'd say 90% of the time, are to address security concerns. Therefore it's highly counterproductive to simply ignore updates and patches. I've only had two updates in the last 10 years that have caused any problems, and both situations were my fault. I do think the user should have control, because often times I've had updates start running while I'm doing something and suddenly I'm thinking I broke something.

Anti-virus software is like a trusty backup. It should neither be your first or only security step, but it should be a part of the package.

Passwords have gotten a bad rep. Few hackers actually use passwords anymore to access systems the way movies have painted the use over the years. Hackers are sitting there pooling through password option to guess your password. All you need is an uncommon, not easily guessed, password. Putting your passwords in a manager is like taking all your money from every bank or credit card or whatever you have, and sticking it in one bank. That bank falls, there goes all your money. Same with password managers; you've taken several fail points and made just one. Changing it all the time is also of minimal benefit. Somone steals your password once, at a single instant. It doens't matter if you changed your passwrod this morning, or 7 years ago.

Finally, and this one kills me, the "only visit websites you know" thing is pure stupidity. Facebook, Twitter, heck, even Tom's would have never made it anywhere if no one ever went to any website they had never went to before or were somehow so close to the developers of that they felt comfortable going there. It is a foolish notion and highly impractical. Obviously avoid known bad sites, but you're going to find yourself in a little bubble if you bar any website you've never visited. It's like avoiding any restaurant you've never been to because you're afraid of food poisoning.
 

Afrospinach

Honorable
Aug 9, 2012
84
0
10,630
Another thing is the divide between what is and isn't a strong password. People think 8 random digits is strong - even the password strength detectors on some websites, whereas apparently something like "IlikewaFFlesalot" is better than "%Hdf*#$r&*" purely because of the length and...a heck of a lot easier to remember.
 
I use Webroot's SecureAnywhere. I don't know how good or bad it is, so I assume that means its at least decent. There's many features and one that sticks out as uncommon to me is that its install folder name and the executable are randomly generated during the install.

Threat protection is performed "in the cloud" and needs no updates. Good, bad, indifferent?
It's OK, but it becomes difficult to manage false positives. There is also no exclude directory option, so it can be a bit of a resource hog at times.
 
Personally, I avoid password managers like the plague. In my completely uneducated opinion, half of them are malware in the first place and the other half are actively being attacked by hordes of bad guys slavering over a chance to get my passwords.

I'm so paranoid that my passwords are in an encrypted database on my Palm V. No network connectivity, period. Yes, I realize that I am just plain wrong. But I was taught to be very paranoid about security, and putting all my passwords into something on-line triggers that training to kick in.

One of the most lovely password tools I've seen is one where you have a root password. You type in your root password and the URL of the site and out comes a totally garbage-looking hash. Unique password for each site. It's a great idea, and if it ran on my Palm I'd use it.

It's just too single-point-of-failure for me. I never agreed with "put all your eggs in one basket, and guard the hell out of that basket."
 
 

Tanyac

Reputable


Well, I think we can all agree now, that there is plenty of information about this. It includes even things like third party drivers, and if you have been following the news, more than one update has already caused significant problems.

As to another post, if you've never had a problem with Windows update you've been lucky. I have had to pull dozens of updates. Microsoft themselves have had to pull many updates this year alone because they caused problems on peoples systems. If you've never had a problem - consider yourself extremely lucky.

 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS