Trying to remember PINs and passwords is asking for trouble. It's much easier and more secure to use a password manager (e.g. KeePass or LastPass). That way, you only ever need to memorise a single master passphrase, and can comfortably forget about all the rest after adding them to your password manager.LordMortis wrote:Edit the Innovis freeze was painless so far... No charge. They will send me mail. *shrug*
...
That's done. I'm $30 lighter and now have to remember PINs.
The Data Breach Thread
Moderators: Bakhtosh, EvilHomer3k
- Anonymous Bosch
- Posts: 10530
- Joined: Thu Oct 14, 2004 6:09 pm
- Location: Northern California [originally from the UK]
Re: The Data Breach Thread
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
I implemented this 6 months ago along with VeraCrypt. It's not perfect, but still better than not using them.Anonymous Bosch wrote:Trying to remember PINs and passwords is asking for trouble. It's much easier and more secure to use a password manager (e.g. KeePass or LastPass). That way, you only ever need to memorise a single master passphrase, and can comfortably forget about all the rest after adding them to your password manager.LordMortis wrote:Edit the Innovis freeze was painless so far... No charge. They will send me mail. *shrug*
...
That's done. I'm $30 lighter and now have to remember PINs.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
I use Evernote. I have a note with a password that's randomly generated. That note has all my passwords. When I need my passwords, I copy/paste them. Those password sites are huge targets for hackers, I don't want my passwords on them.
Black Lives Matter
- Default
- Posts: 6429
- Joined: Thu Oct 14, 2004 9:01 pm
- Location: Handling bombs.
Re: :grund:
Where have I heard that before?The Meal wrote:Just giving an opinion. Couldn't be wrong. In your face.
"pcp, lsd, thc, tgb...it's all good." ~ Kraken
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
Copying and pasting passwords can be hacked through standard malware. That's why I like the double pass function of KeePass or other Password Managers. Still hackable of course, but more difficult.Lorini wrote:I use Evernote. I have a note with a password that's randomly generated. That note has all my passwords. When I need my passwords, I copy/paste them. Those password sites are huge targets for hackers, I don't want my passwords on them.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
Right except of course I have Windows 10 and Defender up. My Evernote is not nearly the target those sites are.Moliere wrote:Copying and pasting passwords can be hacked through standard malware. That's why I like the double pass function of KeePass or other Password Managers. Still hackable of course, but more difficult.Lorini wrote:I use Evernote. I have a note with a password that's randomly generated. That note has all my passwords. When I need my passwords, I copy/paste them. Those password sites are huge targets for hackers, I don't want my passwords on them.
Black Lives Matter
- Anonymous Bosch
- Posts: 10530
- Joined: Thu Oct 14, 2004 6:09 pm
- Location: Northern California [originally from the UK]
Re: The Data Breach Thread
Just to clarfiy, in terms of using a password manager, you needn't be forced into using a proprietary cloud-based service.Lorini wrote:I use Evernote. I have a note with a password that's randomly generated. That note has all my passwords. When I need my passwords, I copy/paste them. Those password sites are huge targets for hackers, I don't want my passwords on them.
That's at least partly why I prefer KeePass, which stores your passwords in a highly-encrypted database wherever you choose. Technically, it's an offline password manager, though its database can also easily be synced between devices by using a service like Dropbox. It's also fully open source (another critical factor for trustworthy and reliable security and encryption software), portable, and extensible.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
- gilraen
- Posts: 4341
- Joined: Wed Sep 04, 2013 7:45 pm
- Location: Broomfield, CO
Re: The Data Breach Thread
I regularly apply for credit cards to get advantage of mile offers, so I'm not going to freeze and unfreeze my report on Equifax and Experian for $10 a pop. I just put 90-day fraud alerts on them and left it at that.
TransUnion, however, appears to be free (with their TrueIdentity site), so I locked my credit report there. Also locked it on Innovis and ChexSystems.
TransUnion, however, appears to be free (with their TrueIdentity site), so I locked my credit report there. Also locked it on Innovis and ChexSystems.
Yeah, I just started using KeePass last month (and I sync it via a USB stick when I happen to remember ) Right now I only have it on my work laptop and home desktop, but I really need to put in on my phone too, so I'll need to upload my password database file to Dropbox.Anonymous Bosch wrote: That's at least partly why I prefer KeePass, which stores your passwords in a highly-encrypted database wherever you choose. Technically, it's an offline password manager, though its database can also easily be synced between devices by using a service like Dropbox. It's also fully open source (another critical factor for trustworthy and reliable security and encryption software), portable, and extensible.
- Paingod
- Posts: 13144
- Joined: Wed Aug 25, 2010 8:58 am
Re: The Data Breach Thread
Though not perfect. A doctor I work with had her identity stolen (along with a number of other doctors) from an association database about a year ago. Even with her credit frozen and LifeLock supposedly protecting her, she still gets notices that places are opening debit cards in her name. The most recent was a week ago.Anonymous Bosch wrote:Freezing one's credit is a simpler, and safer option.
So the ripples of identify theft remain a hassle for a long time after the initial smash & grab, and there seems little you can do to completely stop it aside from waiting for thieves to get tired of being locked out of cards they open for you.
Black Lives Matter
2021-01-20: The first good night's sleep I had in 4 years.
2021-01-20: The first good night's sleep I had in 4 years.
- Anonymous Bosch
- Posts: 10530
- Joined: Thu Oct 14, 2004 6:09 pm
- Location: Northern California [originally from the UK]
Re: The Data Breach Thread
That likely has more to do with to do with the previously-mentioned ChexSystems which tends to be a lesser-known credit bureau, primarily used by banks when customers are establishing new accounts.Paingod wrote:Though not perfect. A doctor I work with had her identity stolen (along with a number of other doctors) from an association database about a year ago. Even with her credit frozen and LifeLock supposedly protecting her, she still gets notices that places are opening debit cards in her name. The most recent was a week ago.Anonymous Bosch wrote:Freezing one's credit is a simpler, and safer option.
So the ripples of identify theft remain a hassle for a long time after the initial smash & grab, and there seems little you can do to completely stop it aside from waiting for thieves to get tired of being locked out of cards they open for you.
If your doctor colleague is still experiencing such trouble, it'd likely behoove her to also freeze ChexSystems (or, at the very least, get in the habit of placing a 90-day security alert with ChexSystems, as Krebs suggests).
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
- LawBeefaroni
- Forum Moderator
- Posts: 55404
- Joined: Fri Oct 15, 2004 3:08 pm
- Location: Urbs in Horto, outrageous taxes on everything
Re: The Data Breach Thread
Apparently failure to patch a bug in Apache for two months led to the Equifax breach.
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
- coopasonic
- Posts: 21005
- Joined: Fri Mar 04, 2005 11:43 pm
- Location: Dallas-ish
Re: The Data Breach Thread
I'm not sure anyone really cares, but Struts is the thing that needed updating and it's a lot more than applying a patch. Apache is an organization that manages a bunch of widely used open source projects like Struts.LawBeefaroni wrote:Apparently failure to patch a bug in Apache for two months led to the Equifax breach.
-Coop
Black Lives Matter
Black Lives Matter
- LawBeefaroni
- Forum Moderator
- Posts: 55404
- Joined: Fri Oct 15, 2004 3:08 pm
- Location: Urbs in Horto, outrageous taxes on everything
Re: The Data Breach Thread
The relevant piece:
The flaw in the Apache Struts framework was fixed on March 6. Three days later, the bug was already under mass attack by hackers who were exploiting the flaw to install rogue applications on Web servers. Five days after that, the exploits showed few signs of letting up. Equifax has said the breach on its site occurred in mid-May, more than two months after the flaw came to light and a patch was available.
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
- Paingod
- Posts: 13144
- Joined: Wed Aug 25, 2010 8:58 am
Re: The Data Breach Thread
So, a pain in the butt to fix - but absolutely essential, and they had two months to test and implement repairs but didn't. Beautiful.
Black Lives Matter
2021-01-20: The first good night's sleep I had in 4 years.
2021-01-20: The first good night's sleep I had in 4 years.
- $iljanus
- Forum Moderator
- Posts: 13689
- Joined: Wed Oct 13, 2004 3:46 pm
- Location: New England...or under your bed
Re: The Data Breach Thread
I think at this point they just need credit monitor, umm, everyone. And screw that free for 30 days offer to freeze your credit bullshit. I think the price is free for pretty much as long as your piece of incompetent shit company is in business.Paingod wrote:So, a pain in the butt to fix - but absolutely essential, and they had two months to test and implement repairs but didn't. Beautiful.
And I hope quite a few states attorney generals are chomping at the bit to go after them.
Black lives matter!
Wise words of warning from Smoove B: Oh, how you all laughed when I warned you about the semen. Well, who's laughing now?
Wise words of warning from Smoove B: Oh, how you all laughed when I warned you about the semen. Well, who's laughing now?
- Max Peck
- Posts: 13785
- Joined: Fri Aug 05, 2005 8:09 pm
- Location: Down the Rabbit-Hole
Re: The Data Breach Thread
FTC probes Equifax; top Democrat likens it to Enron
The U.S. Federal Trade Commission said on Thursday it was investigating Equifax Inc’s (EFX.N) massive data breach, a rare public confirmation, as a top Democrat suggested the credit-monitoring company’s corporate leaders might need to resign.
Senate Democratic Leader Chuck Schumer also compared Equifax to Enron, a U.S. energy company that was consumed in scandal after revealing in 2001 that it engaged in widespread accounting fraud.
“It’s one of the most egregious examples of corporate malfeasances since Enron,” Schumer said, calling Equifax’s treatment of consumers afterward “disgusting” and its inability to protect data “deeply troubling.”
Shares of Equifax have lost nearly a third of their value in the week since the breach was disclosed. They tumbled to a more than two-year low on Thursday after the company confirmed a fixable web server vulnerability was exploited in the hack, but the stock later recovered somewhat.
"What? What? What?" -- The 14th Doctor
It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
Supposedly Equifax is waiving the freeze fee until Nov. 21st. Has anyone done this yet? I was told that they were giving out pins in the stupid format of MMDDYYhhmm, making the hacking of pins via brute force much easier. Is that still happening?
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Unagi
- Posts: 26632
- Joined: Wed Sep 20, 2006 5:14 pm
- Location: Chicago
Re: The Data Breach Thread
Smutly's reaction is not in defense of his "Republicanism" - I'm so SURE I am wrong, but here I go: he's feeling enormously guilty about defending something as horrible as Trump. But that's for another forum... But either way - Smutly's reaction isn't about being tired of defending Republicans. He's ashamed of voting for Trump. Frankly, that's healthy.Lorini wrote:This. It's not a visible problem until something happens. And then Congress will hold hearings and nothing will change. Maybe something will happen this time because this fucks up the banking and insurance industries and they don't like that.Grundbegriff wrote:I'm no Republican, but I feel moved to point out that the largest, gravest data breaches in US history -- the NSA spills, and especially the OPM hack-- happened under non-Republican "oversight". Both relevant parties are terrible about this, and most corporations are unimaginably sloppy. Consumer protections are, at best, a flimsy bandage with weak adhesive when what's needed is reconstructive surgery, casts, traction, and replacement parts custom fabricated on an industrial lathe. And a time machine.Bad Demographic wrote:Thank you, Republicans, for looking out for us. Oh wait, once again you're not.Anonymous Bosch wrote: (quoted from cnn)
The federal Consumer Financial Protection Bureau recently rolled out rules against these kinds of arbitration requirements by banks and credit card issuers, but not credit monitoring agencies. Republicans in Congress have introduced legislation that would roll back those rules.
- Isgrimnur
- Posts: 82472
- Joined: Sun Oct 15, 2006 12:29 am
- Location: Chookity pok
- Contact:
Re: The Data Breach Thread
Krebs
Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers initially breached Equifax starting in November 2016. But Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017.
...
Visa has updated their advisory about these 200,000+ credit cards stolen in the Equifax breach. Visa now says it believes the records also included the cardholder’s Social Security number and address, suggesting that (ironically enough) the accounts were stolen from people who were signing up for credit monitoring services through Equifax.
It's almost as if people are the problem.
- Anonymous Bosch
- Posts: 10530
- Joined: Thu Oct 14, 2004 6:09 pm
- Location: Northern California [originally from the UK]
Re: The Data Breach Thread
According to ArsTechnica, Equifax is purportedly moving to improve the PIN generation process, and ease the process of changing the PIN to something more random for those saddled with timestamp PINs:Moliere wrote:Supposedly Equifax is waiving the freeze fee until Nov. 21st. Has anyone done this yet? I was told that they were giving out pins in the stupid format of MMDDYYhhmm, making the hacking of pins via brute force much easier. Is that still happening?
ArsTechnica.com wrote:A number of customers discovered that the PINs generated by enrolling in Equifax's TrustedID Premier Service were non-random and apparently sequential—in fact, they were essentially date-time stamps of the time of enrollment. Such PINs could potentially be brute-forced by someone attempting to unlock a credit report for the purpose of identity theft.
Equifax is moving to improve the PIN generation process. In response to an inquiry from Ars, an Equifax spokesperson said:
While we have confidence in the current system, we understand and appreciate that consumers have questions about how PINs are currently generated. We are engaged in a process that will provide consumers a randomly generated PIN. We expect this change to be effective within 24 hours. A consumer has an option, and will continue to have an option, to change an existing PIN. The requested new PIN is sent to the consumer by US Mail to their address of record.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
- LawBeefaroni
- Forum Moderator
- Posts: 55404
- Joined: Fri Oct 15, 2004 3:08 pm
- Location: Urbs in Horto, outrageous taxes on everything
Re: The Data Breach Thread
I've been hearing the term "equifucked."Isgrimnur wrote:Krebs
Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers initially breached Equifax starting in November 2016. But Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017.
...
Visa has updated their advisory about these 200,000+ credit cards stolen in the Equifax breach. Visa now says it believes the records also included the cardholder’s Social Security number and address, suggesting that (ironically enough) the accounts were stolen from people who were signing up for credit monitoring services through Equifax.
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton
MYT
- LordMortis
- Posts: 70319
- Joined: Tue Oct 12, 2004 11:26 pm
Re: The Data Breach Thread
I was told I would have a $10 fee when I signed up for the freeze but it hasn't billed my card. I never looked at my PIN but I know it started with a 9, so you are probably right. Now I'm going to to have to look into changing my PIN.Moliere wrote:Supposedly Equifax is waiving the freeze fee until Nov. 21st. Has anyone done this yet? I was told that they were giving out pins in the stupid format of MMDDYYhhmm, making the hacking of pins via brute force much easier. Is that still happening?
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
Hopefully Equifax will go the way of Enron. They don't deserve to do what they are doing. I can't imagine many more ways they could have fucked this up. Hopefully they get sued into oblivion and some regulation comes of this.
Their stock is tanking big time too, wonder how many Equifax employees are selling while they can still get something.
Their stock is tanking big time too, wonder how many Equifax employees are selling while they can still get something.
Black Lives Matter
- Carpet_pissr
- Posts: 20114
- Joined: Thu Nov 04, 2004 5:32 pm
- Location: Columbia, SC
The Data Breach Thread
Shiiiiiiiit. I was 'affected' by the Equifax nonsense, and now this:
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Forbes - 1h ago
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool.
https://www.forbes.com/sites/thomasbrew ... backdoor/
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Forbes - 1h ago
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool.
https://www.forbes.com/sites/thomasbrew ... backdoor/
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
Upgrade to Windows 10, use Windows Defender and call it a day. Don't use those security apps, as you can see they aren't secure. Microsoft has far far more data than any of them and is better protection.
Black Lives Matter
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
Next thing you're going to tell me that Spybot and Malwarebytes are secret hacker tools.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Paingod
- Posts: 13144
- Joined: Wed Aug 25, 2010 8:58 am
Re: The Data Breach Thread
Frightening.Lorini wrote:Upgrade to Windows 10, use Windows Defender and call it a day. Don't use those security apps, as you can see they aren't secure. Microsoft collects your personal info far far more efficiently than any of them and is better protection.
Black Lives Matter
2021-01-20: The first good night's sleep I had in 4 years.
2021-01-20: The first good night's sleep I had in 4 years.
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
Sorry but actually validated by security experts. The current advice is to dump anti-virus software and go with Defender assuming you use Windows 10 and keep it updated. Why people marry operating systems is beyond me In the post-Ballmer days, MS is much much better about nearly everything.
P.S. I understand that people have legacy software they want to keep, but really your system is much more vulnerable if you don't keep it current.
P.S. I understand that people have legacy software they want to keep, but really your system is much more vulnerable if you don't keep it current.
Black Lives Matter
- Paingod
- Posts: 13144
- Joined: Wed Aug 25, 2010 8:58 am
Re: The Data Breach Thread
If I could, I've had MS running my computer with Linux under the desk and Apple cleaning the house.Lorini wrote:Why people marry operating systems is beyond me
I only fear that handing over too many keys to Microsoft will make them bolder and more arrogant in their choices about what I'm allowed to do with my computer and how much access they have to me through it.
Black Lives Matter
2021-01-20: The first good night's sleep I had in 4 years.
2021-01-20: The first good night's sleep I had in 4 years.
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
Well they enable me to play the games I love and I think they aren't going to stop doing that. Linux is of no help to me. I also absolutely hate giving up a day to clean up my computer from malware, hate it!!! My only real point is that using third party anti-virus software is dangerous as we see. Howtogeek on Windows Defender.
Black Lives Matter
- Isgrimnur
- Posts: 82472
- Joined: Sun Oct 15, 2006 12:29 am
- Location: Chookity pok
- Contact:
Re: The Data Breach Thread
It's almost as if people are the problem.
- Kraken
- Posts: 43879
- Joined: Tue Oct 12, 2004 11:59 pm
- Location: The Hub of the Universe
- Contact:
Re: The Data Breach Thread
I use CrapCleaner (let's call it by its REAL name) for occasional cleaning up and optimizing, not for realtime protection. Updated it anyway.
Anyone know how to turn off Malwarebytes' nag box? Since I completed the 15-day trial, it asks me to upgrade every time I boot. Choosing "No, stay downgraded" just closes it for that one session.
Anyone know how to turn off Malwarebytes' nag box? Since I completed the 15-day trial, it asks me to upgrade every time I boot. Choosing "No, stay downgraded" just closes it for that one session.
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
I would check your msconfig file to see if you can remove it from the Windows startup list.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Carpet_pissr
- Posts: 20114
- Joined: Thu Nov 04, 2004 5:32 pm
- Location: Columbia, SC
Re: The Data Breach Thread
CC Cleaner (at least the way I use it) is not an anti-virus product, it's used to clean up all the old shit you have hanging around, clogging up everything. Old and no longer used registry entries, duplicates, internet files that are not cleared by simply going into the normal browser settings, etc.Lorini wrote:Upgrade to Windows 10, use Windows Defender and call it a day. Don't use those security apps, as you can see they aren't secure. Microsoft has far far more data than any of them and is better protection.
I've used it happily for years, and I do think it makes a difference. However, I don't have it running in the background, so maybe I'm good.
Also, as far as Windows Defender goes, anytime I have had a problem (more frequent now with three kids on the computer), Windows Defender has NEVER caught it or advised me there was a problem (actually not true, it did catch something a couple years...but just one instance).
Most recently (about a month ago), I noticed that in Chrome, I could not use Google as a search engine (as default). Did some research, and one of the symptoms was a virus/trojan (can't remember which). Noticed some other quirkiness as well which made me suspicious. Ran Defender, nothing. Downloaded Malware bytes, and bam, it found about 6 pretty nasty bugs that Windows didn't. It's not that I don't trust Windows' version, it's just that with the few infections I have had in the past, it has not been effective for whatever reason.
Last edited by Carpet_pissr on Mon Sep 18, 2017 1:30 pm, edited 3 times in total.
- Paingod
- Posts: 13144
- Joined: Wed Aug 25, 2010 8:58 am
Re: The Data Breach Thread
I think that's the right way to use a tool like this since the advent of SSD's and the elimination of defragging regularly. I've also got it installed, but I don't need my SSD array continually monitored and purged. I just need to be able to reliable nuke temp files from time to time when I feel like flossing my data.Carpet_pissr wrote:I've used it happily for years, and I do think it makes a difference. However, I don't have it running in the background, so maybe I'm good.
Black Lives Matter
2021-01-20: The first good night's sleep I had in 4 years.
2021-01-20: The first good night's sleep I had in 4 years.
- Moliere
- Posts: 12380
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: The Data Breach Thread
I had the same experience with the corporate bloatware McAfee. I scan my computer using the company provided tools and nothing triggers an alarm. I don't believe them and so I install the freeware Malwarebytes "and bam"! it finds multiple trojans.Carpet_pissr wrote:Also, as far as Windows Defender goes, anytime I have had a problem (more frequent now with three kids on the computer), Windows Defender has NEVER caught it or advised me there was a problem (actually not true, it did catch something a couple years...but just one instance).
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- Lorini
- Posts: 8282
- Joined: Wed Oct 13, 2004 8:52 am
- Location: Santa Clarita, California
Re: The Data Breach Thread
If you read the howto article you'll see that Defender can still be used with a scanner like Malwarebytes, which I scan with from time to time.
Also I'd say that MS has gotten better in the last two years. I'm seeing far fewer OS issues, noting that I mainly use my computer for gaming.
Also I'd say that MS has gotten better in the last two years. I'm seeing far fewer OS issues, noting that I mainly use my computer for gaming.
Black Lives Matter
- gilraen
- Posts: 4341
- Joined: Wed Sep 04, 2013 7:45 pm
- Location: Broomfield, CO
Re: The Data Breach Thread
I run CCleaner on my work laptop because occasionally I have to test stuff on old browser versions, and browsers really don't like being downgraded. Got a polite notice from the IT guy today that my CCleaner showed up on the company-wide security scan, and can I please upgrade it immediately to the latest version (which I'd already done)Carpet_pissr wrote:Shiiiiiiiit. I was 'affected' by the Equifax nonsense, and now this:
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Forbes - 1h ago
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool.
https://www.forbes.com/sites/thomasbrew ... backdoor/
- gilraen
- Posts: 4341
- Joined: Wed Sep 04, 2013 7:45 pm
- Location: Broomfield, CO
Re: The Data Breach Thread
My previous job forced McAfee onto our laptops. Words can't express how much I hate that piece of crap software, I think it was singlehandedly responsible for cutting my productivity by a third on most days (by half on bad days), but granted, it wasn't just the antivirus piece but also point-to-point encryption.Moliere wrote:I had the same experience with the corporate bloatware McAfee. I scan my computer using the company provided tools and nothing triggers an alarm. I don't believe them and so I install the freeware Malwarebytes "and bam"! it finds multiple trojans.Carpet_pissr wrote:Also, as far as Windows Defender goes, anytime I have had a problem (more frequent now with three kids on the computer), Windows Defender has NEVER caught it or advised me there was a problem (actually not true, it did catch something a couple years...but just one instance).
My current job uses ESET antivirus. I had never heard of it before, but it seems to have a very small footprint, and I don't really care about anything else.
I used Symantec at home for over 10 years, it was reasonably streamlined, didn't cause performance issues and overall seemed very good at actually catching threats. But in the last year it just pissed me off one too many times, when it would insist that a file was a threat and needed to be quarantined (when I knew that it wasn't). Uninstalled it, and now I'm just using MS Security Essentials + Spybot Search&Destroy.
- Blackhawk
- Posts: 44190
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: The Data Breach Thread
I researched the crap out of AV a while back looking for something good for a gaming PC. I got tired of the false positives from Avast! and the nagging of Avira. The general consensus was was that Defender is good, but not great. I ended up with ESET, and have been in love with it ever since. Small footprint, and zero security issues. No nags (although I do pay for it.) Before I saw this thread, I launched CCleaner. ESET nailed it and cleaned it before it had even finished opening.gilraen wrote: My current job uses ESET antivirus. I had never heard of it before, but it seems to have a very small footprint, and I don't really care about anything else.
I also use CCleaner and have for years, plus System Ninja (which cleans things CCleaner misses), along with periodic scans with Malwarebytes. ESET is the only thing I keep running in the background. My other systems (which aren't used for nearly as much browsing) get the same treatment, but I stick with Defender, as I can't afford multiple copies of ESET.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)