5

509322

But I quite like being able to do whatever I want on systems I own.
Then you are a menace. A user that wants to use stuff. Sorry mate, but just because you are an advanced user, that doesn't mean your system cannot be pwned and your system is not used to infect the rest of humanity.

Microsoft can make OS and devices with the most abused stuff removed so most people can do what they want while greatly increasing security. Essentially iOS. Remove the vast majority of choices from all users, because that is the safest thing to do. The needs of the many over the needs of the few.

The very nature of digital devices needs to change. If they don't, things will simply get worse. The OS as some general-purpose free-for-all needs to stop.
 

n0k0m3

Level 1
Microsoft can make OS and devices with the most abused stuff removed so most people can do what they want while greatly increasing security. Essentially iOS. Remove the vast majority of choices from all users, because that is the safest thing to do. The needs of the many over the needs of the few.
I agree. And also it seems like that's where MS is heading towards with windows 10 S (or S mode). They are constantly improving user experience for S users. And tbh atm I can do most of my work on an S machine. Also, imo couple of current desktop updates for windows 10 is basically a test sandbox for microsoft so they can cherry pick best thing for S mode as well
 
  • Like
Reactions: simmerskool
5

509322

I agree. And also it seems like that's where MS is heading towards with windows 10 S (or S mode). They are constantly improving user experience for S users. And tbh atm I can do most of my work on an S machine. Also, imo couple of current desktop updates for windows 10 is basically a test sandbox for microsoft so they can cherry pick best thing for S mode as well
My views aren't popular, which I really don't care.

There was a time when the digital world was all about discovery and exploration, people doing stuff to see what they could do, freewares, basically the wild-wild west of people doing whatever they wanted - and Microsoft and OEMs catered to that. However, we're decades on and things have to change. There is big money losses nowadays. The most effective and efficient change can be made by Microsoft. That is where the change has to come from. Windows 10 S was a feeble attempt that sputtered because no one really wants Microsoft's expensive tablets.

Restricted use does not mean inconvenient. There are people that have these PCs with Windows on it and use it only to surf the web, watch a movie in the browser, perhaps write a document now and then. Their PC is ridiculous for what they need. All they need is a Chromebook with no access to the web or Android store.
 

shmu26

Level 76
Content Creator
Trusted
Verified
I really think that rants against Microsoft would be much more effective on Reddit, Twitter and Facebook. These media reach the masses>influence public opinion>change policies. But rants on security forums are shouting in a padded cell.
 
D

Deleted member 178

I'm not really certain a default deny setup adds anything to the security of my systems. I am not running scripts, files, word documents, etc., that I don't either expect to be recieving or hav enot been downloaded from legitimate websites.
You are not running them as far as you are aware, the beauty of advanced malware is to run without you noticing; then Default-deny will save your ass.

One of the most recent times I've been compromised was using a default deny setup. The second issue a default deny setup would do nothing because I believe the file to be safe, so I'm going to allow it anyway.
if you use a decent default-deny application, set it up right, even if you run a weaponized known apps like Ccleaner, your D-D soft should block its attempt to do damage, because malware will often use some other processes to do its malicious task.
(like using powershell.exe or rundll32.exe to create a backdoor, trying to call home, etc...).

There is 2 words that all experienced default-deny users know very well : Vulnerable Processes
Those are used in almost all malware attacks, block them, most malware will be harmless.
 

artek

Level 3
You are not running them as far as you are aware, the beauty of advanced malware is to run without you noticing; then Default-deny will save your ass.



if you use a decent default-deny application, set it up right, even if you run a weaponized known apps like Ccleaner, your D-D soft should block its attempt to do damage, because malware will often use some other processes to do its malicious task.
(like using powershell.exe or rundll32.exe to create a backdoor, trying to call home, etc...).

There is 2 words that all experienced default-deny users know very well : Vulnerable Processes
Those are used in almost all malware attacks, block them, most malware will be harmless.
I would probably assume that whatever alert from CCleaner was legitimate and I wouldn't really give a second thought to whitelisting or allowing the file. Any AV system also has the same flaw. Do I trust that my anti-malware is saying that CCleaner.exe is malware? How many other times have I seen alerts on legitimate files in the past? What's more likely that the alert is generated by an .exe loaded with malware from the offical site or it's another false positive?
 

Windows_Security

Level 22
Content Creator
Trusted
Verified
Compare PC's with smart phones. What percentage of smartphone owners root their smartphone to have full control over their phone? So why would not 95% of average home PC user be services adequately with Windows 10S or Chrome-book? With telecom prices dropping constantly and 5G on the horizon, why would I install a program at all (just use a cloud service or a sandboxed app instead)?
 
Last edited: