Vocal Voices

[TheOstrich]

Yes, I have Trusteer Rapport installed. It was initially promoted by HSBC quite a few years ago.

You can set it to "protect" any site you enter a password on; in fact I have VV protected. If I accidentally enter the password for a different site when logging into VV, Trusteer throws a metaphorical fit (not the expected destination site for the password deployed), so it's doing it's job .....

[Workingman]

It is very good.

I have looked for where it keeps its secret folders and my passwords but they could be anywhere. And I have no idea of the type and level of encryption it uses.

[Suff]

That's a bit of a false sense of security isn't it? That someone may use the wrong password on your pc to try and access your banking.

The real risk is that someone steals your password from the machine and then enters it correctly on another machine to gain access to your banking details.

The only way to protect against which is to have file, website (javascript) and realtime network traffic heuristic analysis going simultaneously so that any suspicious activity is picked up before it does the damage. It's really hard on your machine and older machines simply can't keep up (I've had to use a chipset tweaker on my netbook to overcoc it and keep it viable).

This is the chimera of security by systems which get good results on the tests. The vast majority of the tests are used against known signatures of viruses. The most real test of AV suites is on the Heuristic engines against threats which are not in the signature database and carry out the less classic attack profiles.

I don't know anyone who really tests against them. It's hard enough to test against the known stuff.

[TheOstrich]

That's a bit of a false sense of security isn't it? That someone may use the wrong password on your pc to try and access your banking.

That's perhaps not quite the right emphasis, Suff. Trusteer immediately halts proceedings if entering your password would re-direct you to a site which is not the correct one, i.e if scammers are trying to get you to log onto a false site.

[Suff]

Hmmm,

This is something I don't need. It's pretty much a Phishing protection then?? As I never click on links unless I expect them and even then I try very, very, hard not to, I'm not in the category of needing an anti phishing tool. In the worst case with a link I must use I launder it through Notepad which sends you to the visible site and strips out the malignant html code.

Since I have a very capable AV suite which scans activity and web pages prior to making them visible, most secondary stuff is simply add on and not required.

Yes, as WM says, invite something in and expect consequences, which I do from time to time. Generally I don't need more than I have and I go to places where the first actions of the site are to try and hijack my browser and install software on my pc. Every time I visit.

It's a requirement thing. Most of my AV requirements come from my browsing habits rather than from my work needs.

[Workingman]

Every little helps.

Trusteer 'intercepts' redirects from malware already on a computer, but at the end of the day we users are the ultimate gatekeepers, not technology.

My 360 Total Security offers browser protection, especially on phishing sites, and it also lets programs (apps) run in a sandbox, but if I override it that then becomes my problem.

[Suff]

but if I override it that then becomes my problem.

Yep I clearly remember when even IE6 said "are you sure you want to do this" and I overrode it, Norton quietly said "The Trojan which has just tried to infect your machine has been deleted"....

I do stuff like turning my AV off and using an exe extractor to remove the application I want from the virus that is packaged around it. I then delete the virus, turn on my AV and check the resulting file. This is extremely advanced stuff and not for the faint hearted. Needless to say it's only when I can't get the file any other way and have to disinfect what I can get manually.

I know the phishing thing usually bites you when you are tired and rushed and just not taking enough care. But the irritation factor of having this stuff installed is not worth it for me.

[Workingman]

I do stuff like turning my AV off and using an exe extractor to remove the application I want from the virus that is packaged around it. I then delete the virus, turn on my AV and check the resulting file.

An oldie but a goodie ... and still used hereabouts.

It used to be limited to paid up unzip utilities such as WinRAR, but has made its way to free utilities such as 7zip, ALzip and Peazip, though plugins can be needed depending on the archive.

[Aggers]

I used to use Norton, but after having a lot of problems with my laptop, I was advised
to ditch Norton. As I don't use on-line banking or the like, I don't feel that I require an
expensive cover like Norton. I now use GMX, which is very good. For payments I make
on the Internet I use a credit card account with a very low maximum limit.

[Suff]

Fair enough, horses for courses.

You might want to look at this for smaller purchases for which you don't want a credit card but a debit card.. I have one.