I abandoned Comodo when they screwed over Kevin and Nancy of Nsclean when they acquired BOclean and Melih just regaded out of Kevin's contract terms. I haven't touched them since and that was what? 2006?
Microsoft Defender- Hard to Explain
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Haha good for you. I have few hard coded ones that I keep in a personal safe that are pointed toward personal finances and insurance info. Just in case I suddenly die I want my wife to have access to it without going through the federal red tape.you should see my keepass!
(actually i hope you cant!!!)
no everything is random, ive no idea what they are
- Aug 16, 2021
- 232
that makes sense, but if the truly are separate entities... they have separate IT.. separate databases.......
id still have separate PW#s/2fa for each x
- Aug 16, 2021
- 232
the thing is as long as YOU are happy with your backup plan.......
WHAT if your computer doesn't switch on? can you get to your most important data? what is the master password to get to that? has it been shared elsewhere?
how do i recover my data? cloud/local/immutable copy... has anyone else ever know these passwords?
go over the scenarios and make sure your ok.. is there internet? can i restore from cloud? or is that password breached?
whats the latest local backup?
for me i'm quite anal on backups both local and cloud and have ran over all scenarios of what if.. when... why
WHAT if your computer doesn't switch on? can you get to your most important data? what is the master password to get to that? has it been shared elsewhere?
how do i recover my data? cloud/local/immutable copy... has anyone else ever know these passwords?
go over the scenarios and make sure your ok.. is there internet? can i restore from cloud? or is that password breached?
whats the latest local backup?
for me i'm quite anal on backups both local and cloud and have ran over all scenarios of what if.. when... why
Yeah I was also very anal about my backups that's why I drink fiber.
- Apr 5, 2021
- 620
We're all aware of home pc security best practices and why it's ill advised to download cracks and such, but the whole point of the video, I believe, was to demonstrate that after a full two months, Defender still does not detect and stop the tested malware variant.
- May 9, 2017
- 159
Funny you mention that combo- i been monitoring WVSX progress on one of my systems Windows 10 and it sure is a potent interceptor. Dug out an old malware from XP i kept for years that can still reek havoc even on Win 10. Mainly a joke type program but is in the same class as ShellLocker ransomware in that it's full screen lock makes it near impossible to browse around to kill it with task manager etc. I submitted it to WVSX and the next day they already had it johnny-on-the-spot capturing that bug in advance. I mean just the mouse pointer movement of such files (indicative of AV's Real-Time) and WVSX jumped right on it.
Defender just seems so laggy sometimes and of course sports good misses that once skipped (like in @cruelsister 's video test) the endpoint is already compromised and damage done.
Based on that knowledge could WVSX AI engine be used to fingerprint a user or better yet log a user and their motions and keystrokes? I am being paranoid but assume you are someone high up in the important circles. Could that software be used to intercept your keystrokes and behavior?
Couldn't this possibility be assumed for every av out there?
- Oct 22, 2018
- 590
I run a Microsoft OS. Long ago I gave up worrying about spying. You can't seriously run a Windows OS and wonder about who is spying. WVSX could be, but I'm fairly sure Microsoft IS spying, and has been for years.
- Aug 19, 2019
- 1,170
I remember that. I think the issue was they were allocated to a team within Comodo but there was some working together issues. Boclean was a great addition to security.
Anyway, these videos often have me going to Comodo even these days but the Hard_Configurator default deny can be just as powerful. I guess we all use what works for us best and our individual kit.
Great video @cruelsister
- Dec 23, 2014
- 8,510
It looks strange, but such unique and old samples are not dangerous in the wild.
They were really dangerous several months ago (for most AVs) when they were never-before-seen malware.
Although similar samples can be still found on a few websites with malware samples, they are used only in malware tests (not reused in real-life attacks).
The tests performed with a delay cannot show the real protection of the AVs. A significant part of the protection is only used to wean the attackers away from reusing the malware samples. Many AVs do it, so the attackers prefer to use new samples, because the older ones are not so efficient. Making a new sample takes a minute, many times quicker than finding the older samples missed by the AV.
Currently, it would be interesting to test how AVs can protect against real-life attacks with modified Magniber MSI samples (delivered from compromised websites including archives, documents, scripts, etc.) without using any signatures.
- Dec 23, 2014
- 8,510
I am afraid that only the "spying" AVs ("spy" = use massive telemetry) can be both user-friendly and effective. The telemetry is required for Machine (Deep) Learning and post-execution detection.
With you 1005% on this. I said the same thing back then when Kevin and I exchanged e-mail. Then he went to work for Apple.
- Aug 22, 2013
- 886
What's wrong with her test? She is not "just a youtuber" here, any longtime member of this forum knows that. If you don't want to believe her, it's your choice. Public at large has no say in it. But same logic can also be applied vice versa.
- Apr 16, 2017
- 2,610
Realize if it matters, that ESET cloud detection is only available on Premium version. I have ESET on my win10 and it is light, but annoyed by ESET not provide its LiveGuard to all versions.
- Dec 23, 2014
- 8,510
Yes, although @cruelsister's videos can be found on YouTube, "just a youtuber" would diminish the importance of her videos in finding security weak points. One should only remember, that some weak points can be covered in real life by other security layers (not tested in the videos).
In the case of Magniber MSI files, I do not think that they could impact in-the-wild many Defender users. But I know that the attack vector used by this malware can be very dangerous for Defender and should not be ignored by Microsoft. The attack was localized, and Korean language users were most impacted, especially those interested in pirated software. That is why the Magniber was not recognized as a serious problem by AV vendors (except maybe 360 AV and AhnLab AV).
Last edited:
- Apr 19, 2017
- 249
- Apr 13, 2013
- 3,224
I'm not on the Dev channel so can't test it at this point and can only give an uninformed opinion. Personally I have reservations about SAC if the preliminary things Microsoft states are true (such as a clean W11 install only and blind blocking of many files types that MSFT deems inappropriate (cmd, vbs, bat, etc.). Plus, if CFA didn't blink at the encryption process why would SAC?
@cruelsister did you run it standard account or administrator account?
Similar threads
