this post was submitted on 20 Nov 2023
175 points (86.0% liked)

Memes

45525 readers
1202 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 

Edit: typo

top 40 comments
sorted by: hot top controversial new old
[–] [email protected] 63 points 11 months ago

There are plenty of reasons to criticize Microsoft but I don't think this is one of them. First, Windows Defender is quite good as far as antivirus software goes. If you ever had to do desktop support in the days when Norton, McAfee, and AVG reigned supreme, then you know what I'm talking about.

Second, one of the biggest challenges for an OS vendor is backwards compatibility. Especially since Windows dominates the enterprise space and has for the last 25+ years. Big corporations can get really cranky about their legacy applications from 1998 that are still basically holding the entire org together. While it's short sighted to not be proactive about keeping your technology current, it's also a reality that many businesses simply aren't proactive.

Windows definitely has its flaws but it has come a long way in terms of both security and reliability over the years.

[–] [email protected] 21 points 11 months ago

If Linux was the world’s most popular operating system, it too would have tons of vulnerabilities.

There’s two sides to that statement; one being that increased attention leads to more findings. The second being that in order to become popular, it would need a large set of simplified convenience features aimed for mass consumers; and those are often what lead to vulnerabilities. (Same story pretty much happened with Android)

[–] [email protected] 21 points 11 months ago* (last edited 11 months ago) (1 children)

most windows programs haven’t run as root in over a decade.

a program only runs as “root” in one of three situations:

  1. The app manifest says it is a requirement.
  2. The executable does not have an app manifest and has the "Run as Administrator" compatibility flag (only applies to apps built for XP or older).
  3. The user manually invokes the program with super user permissions (right click and “Run as Administrator", or manually set the above compatibility flag).
[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

There are still far too many system components which run with spooky elevated privileges. Don't believe me? Try nuking permissions on Windows update or activation nagware, disconnect from the internet and see how long those changes persist. Sometimes it is a few reboots.

This is a fundamentally insecure security framework, which no amount of glue or sandboxing can fix.

[–] [email protected] 1 points 11 months ago

how would you expect something like windows update to function without elevated privileges?

activation nagware

what?

[–] [email protected] 14 points 11 months ago

Meanwhile, giving myself root access to my own computer is a bitch. I need to just switch to Linux

[–] [email protected] 13 points 11 months ago (1 children)

What do you mean by “most Windows programs running as root?” I don’t think that’s accurate, unless you’ve disabled UAC.

[–] [email protected] 10 points 11 months ago

OP still uses Windows XP.

[–] [email protected] 8 points 11 months ago

You know what, if it keeps me from getting weird phone calls from my gramps once a month it's good enough.

[–] [email protected] 8 points 11 months ago (1 children)
[–] [email protected] 8 points 11 months ago (1 children)

Pretty most of the people i know who work in IT are all just using Defender now, i have even stopped paying for AV and just use defender out of the box. Unless you are doing something that exposes you to risk there really is no use to use anything other than defender. In saying that enterprise or businesses environment i would still say 100% have something other than defender in place.

[–] [email protected] 2 points 11 months ago

i'm one of those people. haven't used anything other than Windows Defender for over a decade at this point.

[–] [email protected] 7 points 11 months ago* (last edited 11 months ago)

If you want to criticize windows for being shitty, you should have went with their certification system. You know that popup that shows up whenever you run an exe from an "unknown publisher"? Well viruses can (and do) get certification since all you have to do is send Macroshaft money, leaving you completely unprotected from actual threats. It's security theatre only there for fundraising purposes. Completely useless.

And no this isn't a case of "no oversight" there are cases where Windows Defender will let you run a program its own database knows is a virus. Even if they know your program is flat out malware, as long as you buy that certificate your program will forever be treated as legitimate.

[–] [email protected] 6 points 11 months ago

Precisely because Windows has been the main target for hackers and malware, for being by far the most used OS, it has caused Windows today to be the best protected OS, with a Defender that is currently one of the best AVs on the market and a effective Sandbox system that prevents any changes without user intervention in the root system. Hopefully in terms of privacy it will be just as good, at least by default it is not like that.