Apple and Google. And their apps one needs to avoid like the plague.

[RMerlin]

Yeah the same 99.99% that found UAC annoying at first, MS ended up de-tuning it a bit, and yeah it probably still doesn't work. But a popup with a fairly urgent warning that something is attempting to encrypt your files, the only false positive would mostly be if you password protected an Office file or something, seems logical. But you can't save everyone from themselves I guess.

Behavioural detection is possible. Years ago I had a customer who got hit by a ransomware. Their Trend Micro suite blocked it after it had encrypted a handful of files, which were easily restored from their backup. The fact that it kicked in after a few encrypted files leads me to believe it wasn't signature detection but behavioural/heuristic.

 

[drinkingbird]

Behavioural detection is possible. Years ago I had a customer who got hit by a ransomware. Their Trend Micro suite blocked it after it had encrypted a handful of files, which were easily restored from their backup. The fact that it kicked in after a few encrypted files leads me to believe it wasn't signature detection but behavioural/heuristic.

Not only possible, but not exactly rocket science either. Which is why the conspiracy side of me says they have chosen not to do it intentionally, in order to offer onedrive as a solution.

Trend micro was really good "back in the day", seems to have fallen off a lot, but I'm impressed that it has that implemented when so many others don't. But I am seeing more and more add it.

 

[L&LD]

I guess we're agreeing to disagree. I had many more virus incidents when I ran AV software than when I've just exclusively been using Defender by MS.

Password-protecting a file isn't the same thing as encrypting it. Getting versions deleted doesn't mean they're gone.

And neither does MS sell MS 365 as protection against ransomware. There are many other benefits as you know.

Nobody and nothing comes on my network, without me allowing it. Passwords (GNs) get changed without letting others know. Nobody has ever connected to my main WiFi SSIDs except me. Just like the Ethernet ports are not (easily) accessible even if someone is inside the home.

Running AV on a NAS is worthwhile as sometimes, old exploits may take a while to be known/fixed. And for the fact that those files are rarely used by my main computers (and would be checked by Defender then).

The point isn't whether or not AV is used or not, though. The point is that MS products and services are more secure than any other option available to the masses today.

 

[Tech9]

What Apple and Google offers for handheld devices is not available from Microsoft. The only affected app on the list I sometimes use is from Microsoft.

 

[drinkingbird]

I guess we're agreeing to disagree. I had many more virus incidents when I ran AV software than when I've just exclusively been using Defender by MS.

I don't think we're disagreeing. I'm just looking at it from the perspective if the 99% who do not have the knowledge (or from what I've seen, patience) to think before they do things. Those are the people that make me waste my time. I mean my 80 year old mom, I owe her that, she birthed me after all and spent money raising me. But friends who do the same dumb crap over and over, would be nice if someone could stop them before it became my issue.

The only reason you'd get more viruses with virus protection (which Defender is now, and actually a pretty decent one) is because it gives a false sense of security having it. You don't seem the type to fall into that though. Virus protection is a backup to good habits, or at least it should be. I doubt we disagree on that point.

Password-protecting a file isn't the same thing as encrypting it. Getting versions deleted doesn't mean they're gone.

In modern Office, password protecting does encrypt the file, and actually is pretty hard to crack (unlike the old days of office passwords which were a joke). And obviously windows would know to ignore if you enabled bitlocker and encrypted your entire drive. Onedrive holds a certain version history and if you overwrite enough, they are gone for good. It isn't like deleting a file from recycle bin where it holds it for 30 days, it is just gone. That's why I run my own local backup (in addition to offsite backup, cold storage, and onedrive for non-sensitive files, since I don't trust them to hold financial info etc). I have about 2 years of version history that cannot be overwritten short of formatting the drive, in which case I can restore from offsite or cold. But for MS to suggest onedrive as a solution for ransomware, I can certainly see someone coming up with a way to purge or overload your version history there and leave you screwed.

And neither does MS sell MS 365 as protection against ransomware. There are many other benefits as you know.

Of course, if I have 1TB of free space (I have to pay for 365 anyway) I'm going to back up lots of stuff (stuff that is not personal or financial in nature). Have even tweaked it so that it backs up music, movies, etc, stuff they don't want to you do and don't allow you to by default, but pretty easy to re-map those folders to sit in the onedrive folder.

However what I take issue with is if you don't have onedrive set up - under ransomware protection in security settings, it says to set up onedrive as your ransomware protection. Seems like a convenient sales pitch to me.

I do see they've added the ability to define protected/monitored folders, but it requires you to be using defender as your primary AV, and define those folders. They should just be monitoring for suspicious encryption activity regardless, across all folders, most users aren't going to know to go in and enable this feature and define all of the folders that hold critical files.

Nobody and nothing comes on my network, without me allowing it. Passwords (GNs) get changed without letting others know. Nobody has ever connected to my main WiFi SSIDs except me. Just like the Ethernet ports are not (easily) accessible even if someone is inside the home.

Agreed and same here. And all my unused ethernet ports are in the Guest VLANs anyway. When I had professional gear I had 802.1X but I'm not quite as paranoid, not a lot of people walking through my house with a laptop unsupervised.

The point isn't whether or not AV is used or not, though. The point is that MS products and services are more secure than any other option available to the masses today.

I guess that's the part that may be debatable or disagreeable. I guess it is also a matter of perspective. MS could have less vulnerabilities but due to the market share, targeted a lot more. Their practices are not 100% kosher, but I have not seen them reach the point of Apple or Google with "you agree to let us do whatever we want" and they are pretty forthcoming when a vulnerability is found and fix it pretty quickly. Though MS has shifted a bit in the Apple/Google direction over the years. Forced windows and driver updates "for your own good" which end up bricking your PC is one that comes to mind (and gives me a bit of PTSD). They do plenty of their own tracking, they allow you to disable some of it without impacting any features, but there is still plenty going on. They jam Bing down your throat every chance they get.

You need to be vigilant with ANY OS. Nothing is immune as some like to think. Though I think this discussion has gotten blurred between which is more vulnerable vs the original discussion of which is more unethical with their terms and hiding stuff. Apple and Google are definitely more guilty in that area from my view.

 

[drinkingbird]

What Apple and Google offers for handheld devices is not available from Microsoft. The only affected app on the list I sometimes use is from Microsoft.

Therein lies the whole problem. People don't view their phones/tablets/etc as "computers" and are not as vigilant. Whether it be accepting all of the tracking they do, or the fact that you can't just install any app and be safe. I've gone through and stripped out as many permissions from google as you possibly can (while still being able to use maps etc) but that is just the tip of the iceberg and you have to accept that they will track you. Luckily, I don't do anything interesting so they've probably given up on my data anyway.

Windows however is still very heavily targeted due to the value of infiltrating a corporate environment. Given the complexity, it is bound to have more vulnerabilities, but it also has more options for security software and hardening/customizing.

There is no single solution. You fix one thing, they figure out another. Social engineering is one of the biggest risks nowadays and no antivirus program can stop that. They literally have to train Walmart and Target employees to ask elderly people why they're buying a $500 gift card. Governments are basically powerless, the US isn't able to go after people in the main offending countries (the reason those have become the main offending countries), or at least they have shown little interest in doing so. OS makers and antivirus companies can't possibly catch every 0 day threat. And people seem resistant to learning basic safety precautions. Sometimes I look at the email that someone clicked to get a virus and just want to smack them on the head. Like, do you possess no common sense at all????

But back to the main point here, as far as shady terms and hiding vulnerabilities from the public, there is work that should be done in that area. Sadly the EU is far better at enforcing and punishing this sort of thing than any of the Americas. I love how the EU law they passed about having to warn you about cookies, the sites all just turned that into something that is such a pain that everyone just clicks "accept", totally defeating the purpose. And the California law that you have a right to have your data expunged, not only does it have a lot of exceptions, but to have it done you have to snail mail them a registered letter, which nobody is going to do.

But at least Apple has to use USB-C now. A small win, but we take what we can get.

 

[Tech9]

you have to accept that they will track you

Cell phones are trackable devices since the very beginning. You weigh the pros and cons and decide if you want one.

But at least Apple has to use USB-C now. A small win, but we take what we can get.

It doesn't make any difference in user experience. My personal phone charges wirelessly in my car when I drive around.

 

[drinkingbird]

Cell phones are trackable devices since the very beginning. You weigh the pros and cons and decide if you want one.

I am more comfortable with a general location being triangulated in the old days, than them knowing my porn preferences and that I added cheerios to my cart. But hey, you either accept that there is really no privacy anymore, or you live off the grid and go back to using paper maps. Mitigate what you can, be aware of as much as possible that you can't, and also be aware that there are things you don't even know about. Keep that stuff in mind, and just accept it for what it is.

I'm quite sure their algorithms find me pretty boring at this point anyway.

I mean, we also give them a bit more credit than they deserve. I'll buy a black ink cartridge at Staples and for the next week I will see Staples advertisements for that same ink cartridge. Guys, I already bought it, you know that. Advertise me the matching HP certified paper or a photo cartridge or something.

 

[RMerlin]

Has run its course. Locked.

 

[thiggins]

Has run its course. Locked.

Thanks for doing that. I've deleted the back-and-forth.
@L&LD @Tech9 I thought you two were going to stay out of each others' hair.
Go back to ignoring each other or you'll both get permanent bans. I just have no more patience for both of you trying to prove you are the smartest.