App Review Windows Defender vs Ransomware! (Shocking Results?)

[Practical Response]

It's not supposed to stop all infections. My point is that you're aware of this, which is why the definition of "good habits" keeps shifting.

One source for your point is this:

91% of all cyber attacks begin with a phishing email to an unexpected victim | Deloitte Malaysia | Risk Advisory | Press releases

Cybersecurity practitioners have, for many years, been promoting the adage ‘it's not if, but when’ organisations will be impacted by a cyber attack.

www2.deloitte.com

The first point is correct because "good habits" won't be enough.

What happens if the infection comes from a non-questionable website?

What happens if the infection comes from a reputable mobile app?

What happens if the e-mail comes from a non-questionable company that unknowingly has been compromised?

and so on. If you have a lot of time in your hands, then you can add more "good habits" by waiting things out, checking the site against another that checks site, using more scanners, and letting things run in a sandbox to see what happens.

Which is what developers are adding to security programs because it turns out that "good habits" involve a lot of time in your hands.

Good habits are not shifting they are as they sound, habits you develop to negate issues based off being informed and applying methods.

Now if you care to show everyone how to negate these issues you claim being aware and using habits and deploying intelligent contingencies, will not affect, I'm listening. Only you need to do it by explaining how average users who don't have time or are not skilled enough to learn to be aware and use and deploy these habits and contingencies can manage to learn complicated software efficiently and thoroughly enough to stay safe from all these threats you claim other methods won't touch as well as do it without misconfiguring their systems, causing damage or expanding the attack surface.

I'm assuming you will state, just throw 3rd party suites on and be click happy right, ain't got time to have good habits.

 

[Practical Response]

With all due respect, average people DO NOT want to learn good habits and DO NOT care about them.
People are lazy and this is why security suites exist. Most people do not even tweak them, they are using the defaults.

All due respect back that's why users with 3rd party suites that don't care end up here looking for help removing infections.

 

[monkeylove]

Dear readers,

Please choose any position by moving the slider.
Any position can give similar protection, when the amount and quality of "Safe habits" can be in harmony with 'Layered protection'.

View attachment 282651
Of course, you can be safer when the strength of "Layered protection" is higher without changing "Safe habits" or when the amount and quality of "Safe habits" are higher without changing "Layered protection".

Layered protection takes place because there are too many features included. That's what increases the attack surface.

That, in turn, leads to adding to more "safe habits", and if one wants to avoid using layered protection, taking on the role of the security program replaced. That's why the suggestions for such habits start with accessing only safe sites and using safe software, and then when realizing that even those can be compromised, adding more features, like checking sites and apps via cloud protection, using sandboxes (because letting things sit out doesn't help if work can't be delayed, various apps and the OS download things automatically, etc.), all sorts of transmissions between the OS and various apps in it and other apps and sites on networks, etc.

 

[monkeylove]

Good habits are not shifting they are as they sound, habits you develop to negate issues based off being informed and applying methods.

Now if you care to show everyone how to negate these issues you claim being aware and using habits and deploying intelligent contingencies, will not affect, I'm listening. Only you need to do it by explaining how average users who don't have time or are not skilled enough to learn to be aware and use and deploy these habits and contingencies can manage to learn complicated software efficiently and thoroughly enough to stay safe from all these threats you claim other methods won't touch as well as do it without misconfiguring their systems, causing damage or expanding the attack surface.

I'm assuming you will state, just throw 3rd party suites on and be click happy right, ain't got time to have good habits.

They always shift, and will need to do so, especially given processes like the OS and apps also downloading things without user intervention, legit sites and apps that can be compromised, malware that can go straight for embedded software, and so on.

I didn't argue that advanced security programs should be used and that one should be click-happy. Rather, one doesn't have to be click-happy for infection to take place. Hence, your references to checking apps and sites just to be sure.

 

[monkeylove]

All due respect back that's why users with 3rd party suites that don't care end up here looking for help removing infections.

And then they're told that they should have followed "good habits" and either tweak built-in security programs, restrict and take matters into their own hands via default-deny, and avoid getting third-party programs because it's layered protection that adds to the attack surface.

 

[Gangelo]

All due respect back that's why users with 3rd party suites that don't care end up here looking for help removing infections.

This is irrelevant. If someone is a 'happy clicker' or generally someone with bad habits they will be eventually infected no matter the protection.
The point I was trying to make is that it is not easy to teach safe habits because nobody cares about them.

Edit: The thread has gone way off topic.

 

[Practical Response]

And then they're told that they should have followed "good habits" and either tweak built-in security programs, restrict and take matters into their own hands via default-deny, and avoid getting third-party programs because it's layered protection that adds to the attack surface.

You are twisting things in an unhealthy way.

I have stated that average users will not know how to use advanced softwares that misconfigured will expand attack surfaces. I have stated layering applications "go look through the ridiculous amounts of software in some users systems in config thread" add more bugs potential issues and expand the attack surface.

I have stated just using a 3rd party suit without habits is not the answer, cant protect a user from themselves

I also stated quite sometime back that a balance of security, habits and contingencies is what's called for. Helping average users learn to become aware.

I have stated social engineering is a big reason why, as it accounts for most "real world" infections. A look through the help section will confirm this.

On a side note I've also asked, many user here before, that have spent time in the forum, the one thing they probably all have in common. That is most of them have not seen an infection in a long time, why, because they have learned to become aware. They certainly are not all running the same security that's secretly saving their behinds.

Is this clear and concise enough.

 

[Practical Response]

This is irrelevant. If someone is a 'happy clicker' or generally someone with bad habits they will be eventually infected no matter the protection.
The point I was trying to make is that it is not easy to teach safe habits because nobody cares about them.

Edit: The thread has gone way off topic.

It's very much relevant, in the video the ransomware was not showing/tested as route of infection. Regardless, it had to be executed even if not in a phishing email, either way, verifying things before you click them "which is the base of good habits" would negate this, not more expensive security.

If you want to be lazy have at it, but it's irresponsible to state others should be as well, it's bad advice.

 

[Gangelo]

It's very much relevant, in the video the ransomware was not showing/tested as route of infection. Regardless, it had to be executed even if not in a phishing email, either way, verifying things before you click them "which is the base of good habits" would negate this, not more expensive security.

If you want to be lazy have at it, but it's irresponsible to state others should be as well, it's bad advice.

Who said anyone should be lazy?
All I said is that all average users are.

Again, this thread has gone off topic. It is not 'safe habits VS security suites', it is 'Microsoft Defender VS Ransomware'.
I'm out of this discussion.

 

[Practical Response]

Who said anyone should be lazy?
All I said is that all average users are.

Again, this thread has gone off topic. It is not 'safe habits VS security suites', it is 'Microsoft Defender VS Ransomware'.
I'm out of this discussion.

Because normal users download a folder full of ransomware and run an automated script to execute them correct?

Which is my point, still very much on topic. Route of infection has a lot to do with how security will respond to threats, in how the security is designed and at what stages its bolstered at to help negate the infection from happening.

I bet he had to disable the security to build those zip files full. What does that tell you. How do I know, I used to test, and had to disable windows security in order to build a folder to test with.

Now add in the fact that users could simply look at the files, realize they do not look right, and decide to verify before executing, and again, the system would not be infected. Even if they did accidentally execute something of the nature, having system images and personal items backed up externally would rectify the locked system.

Now before I get hit again with "it wont stop leaked data" I can attest to you, I have seen many security suites stop infections as such, but much too late as the sample had indeed already connected outbound to the command and control. All you can do in that instance is damage control. Nothing is 100% but learning to be aware, and use habits will help users. These "look at me videos" that are not performed real world style "route of infection" do not help users, as they are not accurate. "No offense meant to the creator" although I'm sure you understand exactly what I'm saying.

 

[roger_m]

I didn't answer your question because that wasn't my point. This is: you post anecdotes about yourself which we can't verify and which probably doesn't represent what others do and have. How does that make sense?

The reality is that on the whole, people who keep their systems updated and aren't click happy will find it very hard to get infected. If you choose to keep believing otherwise, that's up to you. It really doesn't matter in the course of this discussion, if others are being click happy, as obviously I've been talking specifically about my situation. Of course, a lot of people are click happy and this is the main reason they get infected.

If you are so sure that's it's easy to get infected when you're not click happy, it should be rather surprising that you don't want to answer my question. It's not however, since you just want to keep talking nonsense, even when myself and others correct you.

 

[Practical Response]

The reality is that on the whole, people who keep their systems updated and aren't click happy will find it very hard to get infected. If you choose to keep believing otherwise, that's up to you. It really doesn't matter in the course of this discussion, if others are being click happy, as obviously I've been talking specifically about my situation. Of course, a lot of people are click happy and this is the main reason they get infected.

If you are so sure that's it's easy to get infected when you're not click happy, it should be rather surprising that you don't want to answer my question. It's not however, since you just want to keep talking nonsense, even when myself and others correct you.

I'm done here, he can keep arguing with himself, it will be about as effective as clapping with one hand, much like the nonsense he is spewing.

Notice how he keeps twisting things yet really not saying anything different and as you pointed out not providing anything relevant to his claims nor any substantial solutions.

I would just ignore this thread from this point forward as everything that needed stated has been already. It's a shame it was let go this long and derails from good advice readers could benefit from.

I wouldn't let him or others "bait" you back in here.

 

[monkeylove]

This is irrelevant. If someone is a 'happy clicker' or generally someone with bad habits they will be eventually infected no matter the protection.
The point I was trying to make is that it is not easy to teach safe habits because nobody cares about them.

Edit: The thread has gone way off topic.

Not only that, but there's more malware that does not involve "happy clicking".

 

[monkeylove]

You are twisting things in an unhealthy way.

I have stated that average users will not know how to use advanced softwares that misconfigured will expand attack surfaces. I have stated layering applications "go look through the ridiculous amounts of software in some users systems in config thread" add more bugs potential issues and expand the attack surface.

I have stated just using a 3rd party suit without habits is not the answer, cant protect a user from themselves

I also stated quite sometime back that a balance of security, habits and contingencies is what's called for. Helping average users learn to become aware.

I have stated social engineering is a big reason why, as it accounts for most "real world" infections. A look through the help section will confirm this.

On a side note I've also asked, many user here before, that have spent time in the forum, the one thing they probably all have in common. That is most of them have not seen an infection in a long time, why, because they have learned to become aware. They certainly are not all running the same security that's secretly saving their behinds.

Is this clear and concise enough.

For the same reason, they will not be able to use advanced software to put apps or even the browser in a sandbox. Or turn on (or off) features like virtualization. Or tweak the built-in security program and then try to figure out what went wrong when other apps slow down or they can no longer access their data folders. Also, attack surfaces don't simply expand with misconfiguration or even new security apps but even new features in apps and the OS.

And not only do "ridiculous amounts of software" (talk about drama queen statements!) add more bugs, so do the same features. Did you forget about that?

The problem isn't using third-party software without habits, it's that people can forget those habits, and your definition of those habits become increasingly complicated (e.g., wait it out, check the app or site through VirusTotal first) it comes out you're essentially insisting that users do things manually.

You don't talk about balancing things. Rather, you kept insisting in each post that more security apps will lead to more complications, so one has to keep things simple and let the user figure things out. Incredible.

Next, what about social engineering? You keep ignoring the point that more malware infections don't involve that, and not once did you address that point in your posts.

Now, there's your problem: you talk about users in this forum that have not been infected. How do you know? And is an average user, which is what we have been talking about, one who would participate in forums this like?

 

[monkeylove]

It's very much relevant, in the video the ransomware was not showing/tested as route of infection. Regardless, it had to be executed even if not in a phishing email, either way, verifying things before you click them "which is the base of good habits" would negate this, not more expensive security.

If you want to be lazy have at it, but it's irresponsible to state others should be as well, it's bad advice.

See what I mean? In your other posts, you argue that people should check apps and even sites out via checking sites just to be sure. Why? Because some of those apps and sites are legit.

That means if they get infected even though they were following "good habits," they'd still be blamed because they were "lazy".

 

[monkeylove]

Because normal users download a folder full of ransomware and run an automated script to execute them correct?

Which is my point, still very much on topic. Route of infection has a lot to do with how security will respond to threats, in how the security is designed and at what stages its bolstered at to help negate the infection from happening.

I bet he had to disable the security to build those zip files full. What does that tell you. How do I know, I used to test, and had to disable windows security in order to build a folder to test with.

Now add in the fact that users could simply look at the files, realize they do not look right, and decide to verify before executing, and again, the system would not be infected. Even if they did accidentally execute something of the nature, having system images and personal items backed up externally would rectify the locked system.

Now before I get hit again with "it wont stop leaked data" I can attest to you, I have seen many security suites stop infections as such, but much too late as the sample had indeed already connected outbound to the command and control. All you can do in that instance is damage control. Nothing is 100% but learning to be aware, and use habits will help users. These "look at me videos" that are not performed real world style "route of infection" do not help users, as they are not accurate. "No offense meant to the creator" although I'm sure you understand exactly what I'm saying.

All you need is one, and it can be undetected and hidden in a legit app and site, and the company, which also follows "good habits," didn't detect it, either.

 

[monkeylove]

The reality is that on the whole, people who keep their systems updated and aren't click happy will find it very hard to get infected. If you choose to keep believing otherwise, that's up to you. It really doesn't matter in the course of this discussion, if others are being click happy, as obviously I've been talking specifically about my situation. Of course, a lot of people are click happy and this is the main reason they get infected.

If you are so sure that's it's easy to get infected when you're not click happy, it should be rather surprising that you don't want to answer my question. It's not however, since you just want to keep talking nonsense, even when myself and others correct you.

If that's the case, why is Microsoft and other companies developing more advanced security programs? Why are we receiving news of corporations with "good habits" and the same programs in place reporting hacks and so forth? And malware that don't involve being "click happy"?

Again, why do you want me to answer your question? Didn't I point out to you my reason: you're saying something about yourself that you can't prove. So how is your statement even relevant?

 

[monkeylove]

I'm done here, he can keep arguing with himself, it will be about as effective as clapping with one hand, much like the nonsense he is spewing.

Notice how he keeps twisting things yet really not saying anything different and as you pointed out not providing anything relevant to his claims nor any substantial solutions.

I would just ignore this thread from this point forward as everything that needed stated has been already. It's a shame it was let go this long and derails from good advice readers could benefit from.

I wouldn't let him or others "bait" you back in here.

You, I, and others have been done some time ago. The fact that you were not only coming up with shifting views of "good habits" you were even disagreeing with the point about default-deny proves my argument, as manual default-deny is what one has to do if one doesn't want to use advanced software.

I'm posting this so that others will see my points:

You start with "good habits" involving only visiting "safe" sites and using "safe" apps. And then news comes out of malware spreading from the same, and companies not realizing that they were infected before it was too late. So you now shift your definition to checking the same "safe" sites before accessing them and doing the same for the "safe" apps, and even delaying work by several days just to see if anyone else gets infected.

Meanwhile, someone else defines "bad habits" as being "click happy," but visiting "safe" sites and using "safe" apps aren't examples of that, and infection can still take place.

Still others now talk about using secondary scanners. What happened to the built-in one? Not "advanced" enough? This is in light of your point that advanced security apps increase vulnerabilities. It never occurred to you that the reason why they become advanced is because of increasing features added which increase those vulnerabilities.

Still more talk about letting users decide what to run by default and what to deny. Hopefully, BSODs or malfunctioning apps won't take place.

And all that to replace advanced security programs, which started with checking signatures in a database. When that was found not to be good enough, it used more features like checking against multiple databases, which is what happens when you check sites and apps against online scanners. From there, if nothing was detected, it used other features like looking for any incidences happening to others that also report to the cloud, and seeing what the app is doing or what's happening in the OS to see if anything is going wrong, and probably even deciding to let the app or browser run in a sandbox to see what happens. And so on.

But the average user can learn to do all those things by himself given "good habits", right?

 

[Practical Response]

@monkeylove First I would love to point out that nifty little "Quote" button on each post, please learn it so as not to post 15 posts in a row each time.

I was not going to respond, but since I have submitted to staff I'm tired of the stalking and cyber bullying by certain members and they don't seem to care, I will then respond on my own behalf and if I get banned so be it.

You have done nothing but buried this thread and useful information in it with the same repeated gibberish. I feel you are one of those got to have last word kind of people that if I keep responding, so will you. Hence why I was going to stop, but then I decide, nope, I'm not letting you off that easy.

I was the user under the name ultimatevision, the one you did this very same thing to in a PDF reader thread. You have made this personal it seems and I wonder why. I was also a user by the name of illumination, I was a moderator here, so I know the ins and outs of the forum quite well. You came around first in 2014, good for you, I did back in 2011.

Now back on topic, you claimed what about infostealers in the beginning when I claimed a system image and external backups would off set a ransomware infection, even though the video is rubbish because there is no true route of infection displayed.
You have yet to provide an example/solution how to stop an inforstealer from extracting data for an average users that will not know how to use advanced software. Third party suites can stop the infection sure, but many times its too late as the information is extracted before the infection gets hammered. So all a user can do is keep good habits with their security, have contingencies and use caution and awareness.

Anything beyond that is more than likely beyond their abilities. If they choose not to even do that because they don't have time or just don't care than that is their problem, of course that becomes a problem for everyone else if those same careless users infect others.

There is literally nothing more to add to this thread, it can be locked for all I care, the demonstration was pointless much like a lot of the spewed misinformation here.

 

[monkeylove]

@monkeylove First I would love to point out that nifty little "Quote" button on each post, please learn it so as not to post 15 posts in a row each time.

I was not going to respond, but since I have submitted to staff I'm tired of the stalking and cyber bullying by certain members and they don't seem to care, I will then respond on my own behalf and if I get banned so be it.

You have done nothing but buried this thread and useful information in it with the same repeated gibberish. I feel you are one of those got to have last word kind of people that if I keep responding, so will you. Hence why I was going to stop, but then I decide, nope, I'm not letting you off that easy.

I was the user under the name ultimatevision, the one you did this very same thing to in a PDF reader thread. You have made this personal it seems and I wonder why. I was also a user by the name of illumination, I was a moderator here, so I know the ins and outs of the forum quite well. You came around first in 2014, good for you, I did back in 2011.

Now back on topic, you claimed what about infostealers in the beginning when I claimed a system image and external backups would off set a ransomware infection, even though the video is rubbish because there is no true route of infection displayed.
You have yet to provide an example/solution how to stop an inforstealer from extracting data for an average users that will not know how to use advanced software. Third party suites can stop the infection sure, but many times its too late as the information is extracted before the infection gets hammered. So all a user can do is keep good habits with their security, have contingencies and use caution and awareness.

Anything beyond that is more than likely beyond their abilities. If they choose not to even do that because they don't have time or just don't care than that is their problem, of course that becomes a problem for everyone else if those same careless users infect others.

There is literally nothing more to add to this thread, it can be locked for all I care, the demonstration was pointless much like a lot of the spewed misinformation here.

My suggestion is don't resort to personal attacks, like referring to what I share as "gibberish," especially given the fact that you've not addressed them effectively. More important, stop with the personal attacks, like claiming that I'm "confused". Lastly, why are you making different user accounts?

Now, my points:

Backups and restores don't reverse data theft.

I didn't argue that advanced security software provides 100-percent protection against data theft. What I said is that data theft increases due to more vulnerabilities, and that's brought about not only by more advanced security programs but by more advanced features in operating systems and applications. And the reason why security programs become more advanced is because of additional features in both the system and apps. In fact, that's one of the reasons why developers have to keep patching both. Why are you not aware of that?

If you're looking for examples, read this forum.

Finally, why "misinformation"? I've addressed every point you and others raised correctly. Do you need another recap?