Retooling

I talked a few days ago about some of the security tools I use. After using some of those tools more as well as investigating them, I am going to revise my assessment of them.

Microsoft Security Essentials is still a quality product in my view. It has never caused me trouble. It has never given me a false positive. It has caught malware trying to infect my computer through advertisements on certain websites.

Trusteer Rapport is a suspicious product. In my experience, it causes crashes in the browser on occasion. It installs a file system filter driver that silently blocks some writes causing installation of some software to fail. Blocking the writes can be a good thing, but to do so silently is not appropriate behavior. The software claims to prevent screenshots of a protected browser session from being taken. However, the Problem Steps Recorder in Windows 7 was able to take screenshots of the browser. The general approach that Trusteer makes is flawed. The assume a machine is already infected. However, it the machine is infected, the malware is already in control including having the capability to make Rapport look like it is working when it does not. I do think Rapport has promise if the software is fixed to not prevent installation of legitimate software as a defense in depth measure. However, I currently don’t think the occasional stability issues I experience with it or the installation reliability issues I experience are worth the defenses it puts in place.

A new tool I am using is the LastPass password manager. LastPass allows me to generate random passwords for all the sites that I use. It encrypts these passwords locally using my master password. This gives me the security of multiple passwords with the convenience of one password. I have also purchased a YubiKey that will add a second factor to my master password. LastPass has really thought things out with encryption being done locally and passwords being cached locally. This means that the LastPass server does not know my passwords. It also means that if LastPass goes out of business, I can still access the cached passwords stored locally and export them. They also have some additional functionality in the works to bring the LastPass experience out of the browser and into the entire software environment. I’ll presumably be able to log in to Windows and transparently be authenticated to my LastPass password cache and have access to my passwords in any application. It will make for a nice single sign on experience that is both secure and convenient.

Leave a Reply

Your email address will not be published. Required fields are marked *