Advanced Plus Security Brambedkar59's Security Config 2024

[bazang]

It's a mess. MS can't be bothered to make proper documentations. Like Why Group policies have no effect on Defender service?

Because even the people at Microsoft do not know or understand how Windows GPO works. This is an accurate statement.

The people that write Microsoft documentation are not Windows internals gurus at Mark Russinovich's level. They're most just technical writers.

The vast majority of Windows internals is uncharted and undiscovered territory - changing as Microsoft changes the OS with every update.

 

[bazang]

I have already disabled defender service with DControl.

There for a while, Sordum's DControl stopped working; it no longer prevented Microsoft Defender from starting/it did not block it.

So it is good to know that it is working again for at least one person.

Just so you are aware, Microsoft knows about the method that Sordum uses. So it could close that ability to block Defender whenever it decides.

 

[Vitali Ortzi]

There for a while, Sordum's DControl stopped working; it no longer prevented Microsoft Defender from starting/it did not block it.

So it is good to know that it is working again for at least one person.

Just so you are aware, Microsoft knows about the method that Sordum uses. So it could close that ability to block Defender whenever it decides.

Disabling a few components and then a registry edit worked for me to disable defender and I just followed a guide from Microsoft fourm

 

[brambedkar59]

Just so you are aware, Microsoft knows about the method that Sordum uses. So it could close that ability to block Defender whenever it decides.

Well, I hope they don't.

 

[bazang]

Disabling a few components and then a registry edit worked for me to disable defender and I just followed a guide from Microsoft fourm

Officially and ultimately, Microsoft wants to remove any unmanaged user's ability to block Defender.

Microsoft uses the term unmanaged to mean 1) any system not connected to a Microsoft Account (a local account, for example) or 2) any system not managed by an Administrator (not a home Administrator but an enterprise or government IT administrator).

Sooner or later M$ will "patch" the various ways that users can block Defender. When I cannot say, but it has been on their bucket hit list for quite a while.

M$ is OK with the whack-a-user game.

One thing about Microsoft is that for the most part they don't care about what users can and cannot do on older builds of Windows. So if a system is not Windows 11 latest build then M$ will rarely release a patch for an older build to address what it considers to be a security gap or hole that results not from a bug or feature, but some unintended or unwanted way that Windows internals create the hole.

 

[Vitali Ortzi]

Officially and ultimately, Microsoft wants to remove any unmanaged user's ability to block Defender.

Microsoft uses the term unmanaged to mean 1) any system not connected to a Microsoft Account (a local account, for example) or 2) any system not managed by an Administrator (not a home Administrator but an enterprise or government IT administrator).

Sooner or later M$ will "patch" the various ways that users can block Defender. When I cannot say, but it has been on their bucket hit list for quite a while.

M$ is OK with the whack-a-user game.

One thing about Microsoft is that for the most part they don't care about what users can and cannot do on older builds of Windows. So if a system is not Windows 11 latest build then M$ will rarely release a patch for an older build to address what it considers to be a security gap or hole that results not from a bug or feature, but some unintended or unwanted way that Windows internals create the hole.

With all the low level security they have been pushing they could make it impossible for a user to do that if they wanted
Eh would definitely be a weird ride in the security by default where everyone will be adminless with low level firmware checks
Unless they pay for some administration license to unlock paid enterprise features with the cloud

Not sure if it will happen but it's always a possibility with their security by default agenda

Only good thing is that every PC will be as secure as their Xbox

 

[bazang]

With all the low level security they have been pushing they could make it impossible for a user to do that if they wanted
Eh would definitely be a weird ride in the security by default where everyone will be adminless with low level firmware checks
Unless they pay for some administration license to unlock paid enterprise features with the cloud

Not sure if it will happen but it's always a possibility with their security by default agenda

Only good thing is that every PC will be as secure as their Xbox

Over the years Microsoft has slowly been wearing-down users and making a strong attempt to manage their devices for them (at least the basics such as applying security patches):

1. Forced updates
2. Forced use of a Microsoft Account
3. Forced Windows S Mode on certain devices

However, to a very large extent, Microsoft wants no parts of home users and all the stuff that they bring.

The entire "users want to use stuff and they should be able to do what they want" is dinosaur thinking. That model has never worked and is the cause of everything that you read about in the daily cybersecurity news.

Do not blame Microsoft or any other company for terrible user security. Blame the users because they are 90% of the cause of device insecurity. Microsoft and OEMs could make extremely secure devices for consumers, but those consumers will not let them. The consumers want what they want when they want it. Well that is just like catering to a 4 year old child that throws temper tantrums and giving them what they want every single time because that is what makes the child stop carrying on like the little obnoxious thug that it is.

I do not think humanity is smart enough to be secure (or prevent catastrophic climate change or fix any other major problems such as the coming world war). Too many soft people. Too many people that want what they want when they want it.