Even the site that considered safe in the megathread, there’s report of malware and trojan and I don’t know what site to use

  • FutileRecipe@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago
    1. Blocking older known malware still blocks them, so that’s good (and saves bandwidth because the connection never happens, so this is really good).
    2. If the site is hijacked, it needs blocked till it’s unhijacked. So this is good as well.
    3. This is not really a point?

    Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying “they don’t block this or block that.” They are (nothing is) a one stop shop. Simply because they don’t block what you’re cherry picking does not make them bad. Use multiple layers. You say “don’t use a blocklist, use MS Defender instead.” Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.

    • lukas@lemmy.haigner.me
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Because Defender already covers what DNS blacklists block and more with less false positives and a proper way to manage exceptions for non-technical people. Older malware is a solved problem for Defender since it’s literally pre-installed everywhere. VPN providers don’t have a way to manage DNS blacklist exceptions, so have fun disabling your VPN to do any research. You also don’t get to choose the blacklists your VPN provider uses. Saying 3. is not a point is like saying malware that’s always able to bypass your anti-malware solution is irrelevant.