Microsoft Boss Teases "Next Generation of Windows" Announcement "Very Soon"

[lexluthermiester]

how do you go about tracing that back to to the source of the infection?

Why would you need to? Once a sample of the offending code is obtained the source code is not needed.

Come on, you're better than this, you know most truly damaging malware goes undetected for years.

Oh please. Keep the personal jabs out of the discussion... And no, 99.998% of all problematic virus/malware is detected within the first 60 days of deployment.

 

[TheinsanegamerN]

Why would you need to? Once a sample of the offending code is obtained the source code is not needed.

Oh please. Keep the personal jabs out of the discussion... And no, 99.998% of all problematic virus/malware is detected within the first 60 days of deployment.

If you're that paranoid about windows defender of all things just get on linux. Then you dont need antivirus. Problem solved.

 

[lexluthermiester]

If you're that paranoid about windows defender of all things just get on linux. Then you dont need antivirus. Problem solved.

Can't do that. A lot of what I do requires Windows. I am willing to go through the trouble of making Windows work the way I want it too rather than trying to go through the constant rigmarole of making Windows "things" run on Linux, some of which can not be done.

 

[rutra80]

Every good performing AV sends suspicious samples (not every file!) to vendor for analysis. Most of them, including MS Defender, have an option to disable that.

 

[chrcoluk]

Because companies who make Antivirus/AntiMalware software good LOOKING for samples themselves. That don't need to use the very lazy and ethically iffy method of using the general public as test subjects.


Because it's an irritating piece of garbage-ware that gets in the way more than it "protects" and even when disabled still gets in the way because the associated services don't stop running. When I disable something I expect it to actually stop running. This is akin to Microsoft installing a piece of behind-the-back-ware, along with all of the rest of the behind-the-back-ware, that is installed with every default install of Windows.. You want to use it and let that crap control your system and many aspects of your computing experience, go right ahead.

I have monitored my system to see what happens when its disabled. It doesnt do anything, the service runs, but it doesnt actively do anything. I compared it to using a 3rd party tool to "properly" disable it where that actually kills the service but there was no resource impact or change of behaviour in related to things like uploads to microsoft servers or scanning of system activity, the only difference was the latter lost the ability to do scans on demand.

You can also control defender like the advanced malware products using group policy, cloud behaviour etc, is just the controls are not made as easily accessible.

I can understand why people want it off, although I think removing it from the system is overkill and can potentially break the OS like when people had issues with the update in May because they had removed Edge from windows. Defender in its default mode with behaviour blocking on and real time file scanning on is quite heavy on the system.

It is always an interesting topic, as is performance vs security vs convenience. you give the people who do the silly things to get malware the power to easily bypass the protection then they will let the malware when run when something like norton offers you the chance to let it run, so can understand why Microsoft doesnt make it as easy to bypass defender's decisions.

In terms of data hoarding, today I spent some hours cleaning out google's password manager, I enabled it on a phone to make it easier to login to two apps, then later found it auto added behind my back 400 saved passwords from an old chrome desktop install.

 

[lexluthermiester]

I have monitored my system to see what happens when its disabled. It doesnt do anything, the service runs, but it doesnt actively do anything.

Ok, now benchmark your system with a few metrics that clearly shows it's performance level. Then restart your system with a bootable Linux Live drive or WinPE EBD, rename the Windows Defender folders, restart and run the same benchmarks again. IF you don't see a difference, then your golden either way. Most systems will show a difference which is why it's better to remove it entirely before replacing it with another option as opposed to disabling it.

I can understand why people want it off, although I think removing it from the system is overkill and can potentially break the OS

I've never seen any problems.

like when people had issues with the update in May because they had removed Edge from windows.

Didn't see or hear about that either.

Defender in its default mode with behaviour blocking on and real time file scanning on is quite heavy on the system.

Right and it can be a pain otherwise.

In terms of data hoarding, today I spent some hours cleaning out google's password manager, I enabled it on a phone to make it easier to login to two apps, then later found it auto added behind my back 400 saved passwords from an old chrome desktop install.

This is why I never use features like that. The human brain is the best place to store passwords.

 

[Solid State Soul ( SSS )]

This is why I never use features like that. The human brain is the best place to store passwords.

Am not sure about that chief

 

[lexluthermiester]

Am not sure about that chief

Really? How so?

 

[rutra80]

Really? How so?

Your brain is not as clever as it thinks it is

https://twitter.com/x/status/1388136378672861184

 

[bug]

Why would you need to? Once a sample of the offending code is obtained the source code is not needed.

Obtained from where, if you don't upload the file exhibiting a suspicious behavior?

You either upload the suspicious file or you have to hunt down malware's source (not source code) and get a sample from there. And hunting down its source is not always feasible, especially for malware that smarter than what a script kiddie will write. That's all I'm saying.

Edit: Mind you, I'm not advocating for indiscriminate file uploads. I'm just trying to explain uploads are often necessary (after heuristics have determined the file exhibits suspicious behavior; preferably after requesting user's permission).

 

[lexluthermiester]

Obtained from where, if you don't upload the file exhibiting a suspicious behavior?

I already answered this question earlier in the thread. Please review.

 

[Mussels]

Your brain is not as clever as it thinks it is

https://twitter.com/x/status/1388136378672861184

how could you do this to me

 

[bug]

I already answered this question earlier in the thread. Please review.

You really didn't. You simply stated that once you get a sample (circular logic here), you don't need the source code (I never said you did).

 

[Prima.Vera]

hardware audio or something like that that was removed a while back?

Or just DirectSound3D v12.
but this is probably utopia

 

[lexluthermiester]

You really didn't.

Yes, I did. Go read through the thread if you want the answer to your question...

 

[afawks]

Microsoft needs to get with the show here and develop a bare bones OS for gaming oriented and power users. Pull the stupid spyware integration and marketing BS and give us a stable slimline OS. If someone could develop on an earlier build of windows before these integrations happened and make it work with modern APIs this would be a no brainer for most power users.

 

[chrcoluk]

lexluthermiester, I did do benches, not specifically to test defender, one can tell from using the system if its affecting things, but to satisfy your need, the performance was within margin of error. Placebo is a thing.

The removal of Edge breaking updates is documented on the internet, it is/was a thing.

As for storage of passwords, my brain isnt capable of remembering 100s of unique strong passwords, so I will carry on using keeppass thank you.

 

[lexluthermiester]

lexluthermiester, I did do benches, not specifically to test defender, one can tell from using the system if its affecting things, but to satisfy your need, the performance was within margin of error. Placebo is a thing.

It doesn't take a very astute observer to know that a running service is using system resources, even if it's not doing much. But hey, you do you..

The removal of Edge breaking updates is documented on the internet, it is/was a thing.

It was clearly a big enough problem... Because EVERYONE knows about it...

As for storage of passwords, my brain isnt capable of remembering 100s of unique strong passwords, so I will carry on using keeppass thank you.

100's? Get around on the internet much? Seriously, being reliant on yourself to keep your secret things secret is always the best option. Depending on others to keep your secret things secret is inherently and fundamentally flawed. But again, you do you...

 

[bug]

100's? Get around on the internet much? Seriously, being reliant on yourself to keep your secret things secret is always the best option. Depending on others to keep your secret things secret is inherently and fundamentally flawed. But again, you do you...

You get to hundreds not because you visit a lot of sites, but because you have to change them every few months or so.
From talking to people. many do this by applying some sort of algorithm, but humans use algorithms you will decipher with a handful of password leaks.
But I fully agree reliance on others is pretty foolish.

 

[chrcoluk]

The stuff I am reading in here is a bit of an eye opener.

 

[The red spirit]

Not this shit again. They still haven't fixed Windows 10. It still has two control panels and was meant to be removed in first public release.

 

[rtwjunkie]

Who here did not believe MS when 10 came out and they said that was the last one? Yeah...I’ll wait at least a year after release.

 

[bsvols]

"one of the most significant updates to Windows of the past decade to unlock greater economic opportunity for developers and creators"

What about the people using the OS, anything there for us, or are we just tools to mine and sell data about and put everything behind a walled garden paywall store, and if the latter happens it will stop being a usable operating system

"are we just tools to mine and sell data about and put everything behind a walled garden paywall store" almost certainly...YES!

 

[64K]

Who here did not believe MS when 10 came out and they said that was the last one? Yeah...I’ll wait at least a year after release.

I just figured MS would continue to update Win 10 as needed but maybe they need to do more than an update. I don't plan to upgrade until whatever the new Windows is called for a year or so either.

 

[bsvols]

Your brain is not as clever as it thinks it is

https://twitter.com/x/status/1388136378672861184

You are a Monster! I was already perplexed by "The human brain is the best place to store passwords" from someone who clearly has not hit 70 years old and seems a bit smug and unrealistic about his probable future. Now I have to try and wrap my mind around This Thing - https://twitter.com/i/web/status/1388136378672861184 ??? AAArrrgghh!