Advice Request What is your opinion about Microsoft Windows Defender (Windows 10)?

[codswollip]

I am speaking in general about the 99.9% + of users who have absolutely no interest in becoming knowledgeable in regards to cybersecurity.

99.9%+ of all people just want to sure that their computer is protected and they are only traumatized when their security fails to do so.

... and, in my experience, those 99.9%+ folks are content with the out-of-the-box protection that comes preconfigured with their PC, whether that is WD or the latest McAfee 6-month trial. Other security tools are of no interest, until the day when the 99.9%+ click on that ill-fated email link.

Only the nerds among us who are curious about how alternative security solutions compare, dare dabble in the after-market solutions. In the end, they too drop back to the basics, tiring of all the extra click to ward of FPs (ha... that's my story anyway... and it's killing me not to try WiseVector StopX).

 

[Andy Ful]

Many non-native speakers visit websites that use the English language (gaming forums, gaming websites, shopping websites, porn websites, etc.). They can be fooled by a fake website especially when the attacker promises the golden mountains.
Of course, it is not hard to learn how to recognize most of the phishing websites and avoiding spam. The harder part for many people is to ignore the attractive offer.

... and, in my experience, those 99.9%+ folks are content with the out-of-the-box protection that comes preconfigured with their PC, whether that is WD or the latest McAfee 6-month trial. Other security tools are of no interest, until the day when the 99.9%+ click on that ill-fated email link.
...

Most of the infected users have the AV with old signatures or no AV at all (especially on Windows 7).

 

[bribon77]

Most people want everything automatic, they are not going to bother with difficult things.
Only a handful of people care about security.
Like others, they are interested in photography or video editing etc.
Each one conceives their PC in a different way from another person.

 

[ForgottenSeer 86663]

Learning about security can usually remove some fear, so learning can be a possible cure for it, but probably not for paranoia.

The answer is not security software.
Most of what people do on these forums is utter overkill. But then that is because these forums attract those pre-disposed to irrational paranoia who are going to use security software and configurations that are out of proportion to reality.
Microsoft already does well enough job of protecting systems. The data supports this fact. It is marketers, click-bait sites and software publishers that make people think that they are not protected.
One can offer up a million item list that supports security software and then at the same time one can offer up a 10 million item list that supports that it is hype and overkill.
Paying for any security software is a waste of money.

 

[Andy Ful]

It would be interesting to create a special learning section on MT about safe habits, avoiding spam, recognizing phishing websites, phishing emails, fake security (fix-it) websites, etc.
It is true that the proportion of several security solutions is probably too big, and people are focused on what to install, but underestimate the simple learning about how to behave.

 

[plat]

Paying for any security software is a waste of money.

I partially agree but not fully. My core security did not require a direct cash transaction, no. But what would you pay for the knowledge that gets you to an effective, efficient "free" security setup? It's a rite of passage, one isn't born with this knowledge. Nor is it a statement of: hey, my setup is iron-tight and it's also free. I am therefore more savvy and adept at this than you, a paying customer of brand X, Y or Z.

You want an antivirus to go that extra mile to save you some work and effort, you pay for that. You want an antivirus that conveniently bundles a Password Manager, a VPN and other items, you pay for that. So, if you want someone to watch your kids for the night, you'd pay, right? Same deal, in a way.

 

[Andy Ful]

I partially agree but not fully. My core security did not require a direct cash transaction, no. But what would you pay for the knowledge that gets you to an effective, efficient "free" security setup? It's a rite of passage, one isn't born with this knowledge. Nor is it a statement of: hey, my setup is iron-tight and it's also free. I am therefore more savvy and adept at this than you, a paying customer of brand X, Y or Z.

You want an antivirus to go that extra mile to save you some work and effort, you pay for that. You want an antivirus that conveniently bundles a Password Manager, a VPN and other items, you pay for that. So, if you want someone to watch your kids for the night, you'd pay, right? Same deal, in a way.

Yes. People usually spent more money on less important things than good AV.
Anyway, most people in home environment would gain more security by training safe habits and learn how to avoid risky activities. But I have the impression that many MT readers just like installing and tweaking.

 

[ForgottenSeer 86663]

I partially agree but not fully. My core security did not require a direct cash transaction, no. But what would you pay for the knowledge that gets you to an effective, efficient "free" security setup? It's a rite of passage, one isn't born with this knowledge. Nor is it a statement of: hey, my setup is iron-tight and it's also free. I am therefore more savvy and adept at this than you, a paying customer of brand X, Y or Z.

You want an antivirus to go that extra mile to save you some work and effort, you pay for that. You want an antivirus that conveniently bundles a Password Manager, a VPN and other items, you pay for that. So, if you want someone to watch your kids for the night, you'd pay, right? Same deal, in a way.

These security forums are not representative of what society thinks and how society behaves.Y ou are talking like a security software geek. The people who actually buy security software do not visit security forums. Normal people do not practice with software. They have no inclination to play with security software and they certainly are not going to prioritize it. 99 % of people that get infected cause the infection themselves, because either they don't know how it works or, even if they have half a clue, they disregard the warnings.

Nobody can show that digital system infections are a pandemic. Windows is not susceptible to COVID-19, despite all the misleading fear monger reports across the web reporting stuff in a way that makes people think every time they connect to the internet they are about to be infected.

@Evjl's Rain has showed over and over that a a zero-knowledge person need not spend a penny to obtain excellent protection. Same applies to Hard Configurator.

 

[danb]

... and, in my experience, those 99.9%+ folks are content with the out-of-the-box protection that comes preconfigured with their PC, whether that is WD or the latest McAfee 6-month trial. Other security tools are of no interest, until the day when the 99.9%+ click on that ill-fated email link.

Only the nerds among us who are curious about how alternative security solutions compare, dare dabble in the after-market solutions. In the end, they too drop back to the basics, tiring of all the extra click to ward of FPs (ha... that's my story anyway... and it's killing me not to try WiseVector StopX).

I totally agree (and actually I agree with pretty much every post on this thread). I talk to security people every day and almost none of them are aware of all of the great products that are discussed on the various security forums. They are typically only aware of the "top 10" or so products. Then when I talk to non security people, especially novice and average users, they have only heard of Norton and McAfee.

On a side note, Windows Defender has come a very long way the last 3-4 years and it certainly is amazing protection. But I strongly believe that it is important to have at least one extra layer of robust protection, simply because malcoders focus on bypassing Windows Defender and its protections because it is the common denominator. Also, I agree with @Fuzzy_Bunny that the majority of attacks will be blocks with a good url filter.

On another side note, there are tons of SMB and enterprise customers who HAVE to install robust protections on their endpoints, either because they are required to do so because of regulations, or because they are concerned that if they are infected they might lose their business, and they do not mind paying for an additional layer of security.

 

[ForgottenSeer 86663]

Yes. People usually spent more money on less important things than good AV.

Like music, clothes, and fast food.

Anyway, most people in home environment would gain more security by training safe habits and learn how to avoid risky activities.

Security is not software. It is a process.

- Bruce Schneier

And people do not plan for disaster. Today people are much better protected by having identity theft protection like LifeLock and managing their finances in such a way as to greatly reduce the potential of them being wiped out by malware.

Localhost security is an anachronism.

But I have the impression that many MT readers just like installing and tweaking.

That is why sites like this are not really about security. They are for people who are addicted to forums and want to play with software.

 

[bribon77]

People use the PC and even work with it, but they don't even know the basics.

The other day was at the Bank, and I asked the lady who attended to me (very kind indeed) what operating system she used and she said that she did not know, and that they are people who work all year with a computer. !Amazing!.

 

[Andy Ful]

Although the H_C settings are intended for casual users, the initial configuration and occasional help are required from the advanced user.

 

[danb]

People use the PC and even work with it, but they don't even know the basics.

The other day was at the Bank, and I asked the lady who attended to me (very kind indeed) what operating system she used and she said that she did not know, and that they are people who work all year with a computer. !Amazing!.

How funny... something similar happened to me several months ago. I was at my bank making a deposit, and the teller was banging on her mouse and keyboard while saying "I hate these things, I do not understand computers" (or something like that). So I casually asked her if she is able to browse the internet and check email, and she said "Yeah, of course". Very scary.

If anyone believes malware is not an issue, simply google "Ransomware", then click then News tab. Sure, the odds are somewhat small, but the consequences are devastating. I am not religious, but I am praying that the hospitals being overwhelmed by covid victims somehow all miraculously avoid malware infections the next couple of months. Especially since malcoders love to attack when people are most vulnerable.

 

[danb]

Although the H_C settings are intended for casual users, the initial configuration and occasional help are required from the advanced user.

Have you thought of creating a web management console so admins can allow necessary blocked items?

 

[plat]

These security forums are not representative of what society thinks and how society behaves

Of course not!

Normal people do not practice with software.

Oh my god, I'm abnormal.

Again, I don't disagree with most of what you're saying, far from it. But what's wrong with interacting on this forum, which does in fact provide an abundance of great security info every day? Nothing whatsoever. I'm a basic user with an interest in specialized software like Sandboxie and Hard_Configurator. So what? I'd rather make value judgements on idiots standing by building entrances coughing and sneezing.

Insofar as 99% not caring about security, who cares. Take care of your own. It's been said before, many times.

 

[ForgottenSeer 72227]

A lot of great points all around.

For me both security awareness/knowledge and a decent security program/setup go hand in hand, with education being of more importance IMO. I think the points dicussed thus far will depend on which crowd you are referring to. I would say that for most average users with little knowledge all they want is for their computer to work and not get in their way. WD is a great option for that because it fits that criteria very well, but it doesn't have to be WD only. There are many great programs/suites from the likes of Norton, Bitdefender, Kaspersky, etc..which for the most part don't get in the way too much and may be a little more comprehensive compared to WD.

That being said W10 and WD have improved a lot, so one can get by using WD and the built-in security measures within W10 and be fine. It will really come down to preference. If your talking about more advanced users/techies, their criteria may change, simply due to the fact they may want more control, or a certain feature.

At the end of the day no setup is perfect, so following good computing practices is still very important. I've always been of the opinion that education should always take precedence over recommending a security program with the assumption that using x will make all your problems go away. I agree that just because someone likes to try different security programs/setups, doesn't mean they are security paranoid. All it means is they either like to try different programs just to see, or they haven't found one that meets their needs just yet.

As to security paranoia, I think a lot of that comes from not understanding whats going on and what it means. Everyone hears this and that about major breaches, people losing data to ransomware etc... take that with people putting out facts on how much new malware is created daily and it becomes a recipe for fear and paranoia. Furthermore forums like this one can also lead to paranoia because very advanced attacks are discussed, many of which probably would never apply to home users to begin with, but they buy in. Same goes for seeing other people's security setups and the constant talking about they various programs and the constant rating of, well this one sucks, you need x to protect you form y and so on....So I would say that education can both be a very good thing, but also a bad thing if taken in the wrong context.

It's why I may come across frustrated at times when I see a vs b threads, or discussions about programs in general/tests. It's not that I am against any of this at all, I think it's great and fun, I do really enjoy it. I only get frustrated when all I see is discussions about using/recommending x,y or z as a here you go this will solve all your problems/worries, but little is said about education and trying to tamper the fear that some may be expressing.

Well that's my two cents.

 

[Andy Ful]

Have you thought of creating a web management console so admins can allow necessary blocked items?

This would be an interesting idea, but I have no time to develop something more than H_C.

...
Oh my god, I'm abnormal.
...

Ha, ha. I do not think that @wearelegion thinks so. The word "normal" has also the meaning "typical". There are not many typical computer users on MT.

 

[Cortex]

My feeling is I prefer the uncontrollably of alternatives to WD - Its maybe hard to explain but it feels the right thing (it is the right thing) if it means paying a few pounds extra I'm very happy with that - I'm never that happy with most inbuilt MS modules, well almost all of them & AV is one of them - I understand some may fee it's a waste of money but it's my cash - I recently got a ten seat KIS for under forty UK pounds, well worth it - Can' see my opinion changing?

 

[ForgottenSeer 86663]

There are not many typical computer users on MT.

Exactly. Security forums are comprised of users with an unusually high interest in security software. On the user spectrum bell curve, such users represent the extreme right tail.

Your granny does not surf here and she tolerates you tweaking and hardening her computer only because you are her grandchild. What she'd really like to do is crack you over the head with a rolling pin so you stop messing with her rig and blocking stuff or installing software that throws notifications she does not understand.

 

[Andy Ful]

My feeling is I prefer the uncontrollably of alternatives to WD - Its maybe hard to explain but it feels the right thing (it is the right thing) if it means paying a few pounds extra I'm very happy with that - I'm never that happy with most inbuilt MS modules, well almost all of them & AV is one of them - I understand some may fee it's a waste of money but it's my cash - I recently got a ten seat KIS for under forty UK pounds, well worth it - Can' see my opinion changing?

I do not see anything unusual in such an opinion. Windows Defender on Windows 10, should be a starting point. There are many ways to security.