Advice Request What is your opinion about Microsoft Windows Defender (Windows 10)?

[monkeylove]

Telemetry is used on everything, is not exclusive to neither Google and Microsoft.

Meaning whining about Windows collecting telemetry (which is not private data in the first place), while using other much more invasive software is ridiculous.

Even AVs collect telemetry data, is essential for software development.

In this case, though, the data was sold to third parties for marketing purposes.

 

[ForgottenSeer 823865]

1- everybody here thinks there is some vast dedicated team of uber security experts sitting in Redmond, WA developing Windows Defender
nah... not true.
2- a lot of it is subbed-out to India and the former Eastern Block

1- Not all of them, but probably some.
2- This is known since ages, i worked in the security industry, most of my colleagues were Ukrainian , Russians and (especially) Indians (decent skills, low salary demands).

and if Windows Security doesn't block it at the very beginning, there is a high probability that the system will be compromised

This applies to any software in the world... Do you think a security solutions' first release is invincible?
if an attacker is really focused to target a system, has the skills, resources and time, he will succeed whatever it is Windows 10 security or a 3rd party vendor that protect the system.

There is some security mechanism that works very well (not prefect obviously, like everything else) and even better than 3rd party products but they are mostly oriented for businesses (Win10 Enterprise).
Home Version users will never get them, so will have no experience with them, and most don't even know their existence...
Look at @Andy Ful Hard Configurator, it just use what Windows 10 offers to make some hidden Windows built-in security accessible to Home Users.
Just using it, make WD as solid as some 3rd party AV. Then add Applocker/SRP and co; and you can't deny Win10 security to be subpar; far from it.

however fanbois don't wanna hear this despite facts proving it have been published over and over
it's hard to convince people who don't want to believe in the first place

Indeed, like everywhere, but if the parties has no experience or skill in infosec, the debate is just for show.

 

[Azure]

Convenience vs security. The eternal dilemma for people that want pc protection.

Do I use A that gives me good security but makes it harder for me because of the constant pop-ups or do use B that isn't as secure but is much more lax on notifications?

People would typically go with the more convenient and easy to use solution. Sure Windows Defender is built-in and that certainly helps have so many users. But I can imagine if Microsoft for some weird reason develops an HIPS feature for Windows Defender on Home and Above Editions many will quickly switch to a 3rd party.

 

[ForgottenSeer 823865]

it's not like people are being infected left and right anyway, so these constant "what is best AV" and switching softs really has nothing to do with increasing a person's security.

It is just toying, we all did in some point. in the past i didn't really play this game, i just looked at which soft i could tighten the most (aka with tons of settings) or how far can i go when stockpiling security apps without breaking my system.
I am notorious here to managed getting some very efficient "complex" combos, but i got tired of it , and i, now, just enjoy what Win10 Enterprise offers and actually use my computer instead of answering alerts.

so someone with the right behaviors can use XP with no security softs and never be infected

I wont go so far, you can only avoid what you know. If an attack vector is unknown to you, you will be even less safe than one with a modern OS.

the ones i see infected are the smart kids (mostly boys) who are prolific downloaders and webpage surfers
i see a lot of that in india where they don't want to pay for anything so they go far and wide to get stuff for free
i'm not picking on indians because i know the same thing goes on everywhere
well, anyone with even a basic understanding of security knows that behavior is going to cause an infection sooner or later

I see that too.

way too much focus here on things that really do not increase anyone's security - which is supposed to be 100% about data protection
all their data is already across the world residing on unsecured systems
so all this effort on forums like this to secure localhost i find curious and weird
i know a lot of it is driven by plain ingnorance and software addictions

Exactly, add on top of that a sick-like emotional attachment for obsolete (and vulnerable) soft/OS...and you have seen the worst.

i mean you can only analyze av so far, then after that you are just wasting all your efforts unless you are bored and just want to play with something

Exact, especially me, im a natural tweaker, can resist tweaking any electronic device/softs/OS, i got my hands on.

 

[Andy Ful]

ignorant users who are mindless downloaders and web page surfers that don't know much of anything about IT routinely get infected with using default Windows Defender

Simply, such users ignore alerts and turn off the protection - this behavior is not related to the concrete AV.
Of course, if you think about WD on Windows 7, then it is not a true AV (only antispyware).
It is true, that WD on Windows 10 has the default settings set to simplicity and convenience, which can probably lower its protection level. But, most of the real-world AV tests show no real difference between WD and other free AVs (and some paid AVs too).

the statistics show it is a very poor choice for the average user

There are no such (reliable) statistics for WD on Windows 10. Furthermore, a good choice for average users should also include such things as simplicity, system compatibility, etc. It is probable that WD is not the best choice for above-average home users, except when they learn how to tweak WD via PowerShell or accept using 3rd party configurators.

so convenient security is obviously not the answer

It is not an answer but a fact. The more users buy computers, the fewer of them can accept unconvenient security.

 

[Dex4Sure]

ignorant users who are mindless downloaders and web page surfers that don't know much of anything about IT routinely get infected with using default Windows Defender
the statistics show it is a very poor choice for the average user
so convenient security is obviously not the answer



this is not just a security forum thing
emotions are like a cancer killing the entire internet
it's pathetic how so many are so easily butthurt

Well I must say you're probably right. But people like that should run user account, not admin account to increase their security. I really don't care to run user account, I'm too lazy for it... But I have never gotten infected by using Windows 10 default protection. I used Windows Defender ever since Windows 8.1 days actually and never got infected while using admin account. I think for most people, if they ran adblocker it would dramatically decrease infections as malvertising would be blocked automatically. Honestly ads are the most likely source for infections...

I personally run AdGuard on all my computers and mobile devices these days. Its pretty insane how much bandwidth you save as well... I think over the weekend I used 1.4GB of traffic on my phone and AdGuard saved about 750MB of bandwidth. Internet is full of obtrusive junk ads these days.

 

[Nagisa]

After all they're just signatures, and every single good aspect of their protection is paid.

Could you give a bit information about this? KSC Free has all the essential protection modules enabled. Signatures, heuristics (part of file system shield anyways), web shield, BB module, etc.

 

[Andy Ful]

users turn off security or ignore the security because it provides them some benefit or allows them to do something that they want
it just shows that the problem is not the security but the user
you cannot program a solution to the problem of the user - despite everybody trying to do so for decades
like one highly respected security programmer said about security for the average person "we can't solve the problem unless we remove the thing sitting in front of the computer"

It is good that we can agree on things not related to WD, but generally to all security solutions.

average kid don't care about av or windows defender
heck most don't even know windows defender is there
so windows defender is definitely not the answer

... and any other AV, too. Please, do not use WD to explain things that are true for most AVs. The readers can think that other AVs do not have similar issues that WD has.

 

[Lenny_Fox]

Lenny's lesson learned

As a junior member of this forum, I was fooled by this trick question and posted an answer. I now understand it is the like asking an American his/her opinion about the taste and quality of an Italian dish called "mac and cheese". Ask the same question to any Italian about the taste and quality of an American dish called "mac and cheese". This OP-question is similar: fun to read, but going no-where

Keep on posting

 

[Dex4Sure]

unruly kid don't care
hot wire car and steal it
same thing with computer security

WD is not that great
other AVs at max settings do much better
countless AV lab tests show it
plus 3rd party av provide features WD missing
i know all the arguments, but this place has become a Windows Defender echo chamber and that is just plain wrong
there are serious shortcomings with Windows Defender
just start with MotW

Unruly kids will turn off any AV, or infect the machine eventually by downloading possibly hundreds of executables over time... Eventually some zero day threats get past the AV and infect the system due to stupid user. All the "features" Windows Defender is lacking are mostly useless gimmicks, like "banking protection" which is just sandboxed browser window... You can do the same by using sandboxie and running the browser through sandbox, or I believe also with WDAG on Edge. Password manager, again you can use Bitwarden, LastPass or even Chrome's built in password manager... VPN, again the better VPN providers are not bundled with AV products. All these gimmicky "features" you are praising are in fact useless.

As I've said before, literally the only thing WD lacks that 3rd party AVs do have is caching. That is the only real drawback, others are imaginary drawbacks. There are plenty of people who think bloatware is useful, but those people tend to also fall for all kind of advertisement tricks. People who know better won't use these VPNs and password managers and "data protection" these 3rd party AV's bundle with them. For all these tasks there are better tools elsewhere. The very reason these AV companies bundle all that crap with their products is because they try to justify their existence.

EDIT:
Oh and also should just mention, if you have "unruly kids" you should not let them have access to admin account. Just create standard user account for them... Most infections are automatically blocked by doing this. Way better than just trusting 3rd party AV to keep them safe.

 

[Dex4Sure]

lmao, Microsoft won't get WD and Windows Security until the month before it will discontinue Windows 10
that's how Microsoft do it

nowadays security got very little to do with localhost
all the really serious problems are not on localhost, they are elsehwere
good security today is more about how you handle your money such as credit monitoring and 2FA for everything
localhost security is a legacy problem

Exactly, which is why WD is all you need.

 

[Andy Ful]

...
WD is not that great
other AVs at max settings do much better
countless AV lab tests show it

This is not a WD-fanboys thread. Everybody here knows that WD is not great on default settings, but this is true for most AVs. It is true that many AVs on MAX settings should give better detection. Although it is not true that countless AV lab tests show it.

plus 3rd party av provide features WD missing
...

That is the point. WD is made to be a part of Windows built-in default security. As you already noticed, it is not complete protection when dropping other Windows built-in features.
If the user does not do anything then he/she has good protection based on WD + Edge (SmartScreen anti-phishing + antimalware + AppContainer + strong anti-exploit mitigations) + "Block At First Sight". This security can be easily maxed by adding anti-ransomware protection (via Security Center). It can be also maxed by more advanced users by configuring Exploit Protection. Other WD features are not available without using PowerShell or 3rd party configurator.

The problem starts when some "expert" installs another web browser without covering anti-phishing and "Block At First Sight" features. The problem is growing when the above-average users ignore the SmartScreen file reputation alerts (average users do not know how to bypass SmartScreen). Another problem can arise when above-average users install 3rd party archivers that do not preserve MOTW (average users do not know how to install 3rd party archivers).

there are serious shortcomings with Windows Defender
just start with MotW

There are many shortcomings and this is normal with free AVs. MOTW is a kind of shortcoming, but many AVs are worse, because they do not use it at all and do not use special protection for files originated from the Internet Zone. Some solutions (like Kaspersky KSN) are better, but require the telemetry of all executed files (not only from the Internet Zone).

for better or worse, Windows Defender is best option for most people under most circumstances
but that is like saying a car with wheels is the best auto for most people

I would rather say that WD on WIndows is a good option for most people, like a good car that does not require much attention.

 

[Andy Ful]

DCK247,
I think that your general arguments related to localhost security are interesting. But, it will be better to open a separate thread about it. The OP is related to the concrete solution that is intended to protect the localhost.

 

[Andy Ful]

Lenny's lesson learned

As a junior member of this forum, I was fooled by this trick question and posted an answer. I now understand it is the like asking an American his/her opinion about the taste and quality of an Italian dish called "mac and cheese". Ask the same question to any Italian about the taste and quality of an American dish called "mac and cheese". This OP-question is similar: fun to read, but going no-where

Keep on posting

Ha, ha. You must be cautious.
Anyway, the posts about WD are somewhat special. Most users can hardly understand that it is an integral part of Windows built-in security (WD, Edge, Anti-Ransomware Protection, Exploit Guard). So, changing security by replacing some parts of it by 3rd party software, can have negative consequences.
We talked many times about WD, but still, there are many unjustified and simplified opinions about WD (both negative and positive). That is why I think, that posting about WD is necessary.

 

[Handsome Recluse]

It's very slow when I'm doing most things other than browsing.

 

[Andy Ful]

It's very slow when I'm doing most things other than browsing.

It can be slow when one wants to copy many files, install/uninstall applications, make backups, perform full scans, open (first time after reboot) the folders with many executables, and when WD tries to remove/fight the malware.
It should be fast for other activities like browsing, gaming, viewing/editing documents, (re)starting the system, using already installed applications.
Of course, on some computers, any AV (also WD) can behave differently.

 

[blackice]

Go ask any professional malware removal expert and ask them what they think about Windows Defender on Windows 10.

If you are going to make a claim, then at least get the evidence from those with the evidence. Common sense, right ?

I’m confused about what this is specifically in response to? The op asked for opinions, though many varying claims (not just opinions) have been made by various members.

 

[Outpost]

Malware removal experts what softs do well and which don't.

It's not for sure. I also know "pseudo" experts to whom my daughter could teach something. I have friends who work at various levels in the world of information technology (consultants, programmers, analysts) and who know little or nothing about information security. So to each his own ...

 

[ChoiceVoice]

it is mediocre in testing labs. and while some will try to disparage these labs, they are truly the only metric one has to offer a scientific comparison. any other opinion is feelings based. I also dislike how poorly it defends itself from being disabled, with a simple registry change messing it up. that said, i have never seen it mess with a window's update.

 

[ForgottenSeer 823865]

I have to remind people, WD is a basic layer of Win8/10 built-in security, it isn't supposed to give users absolute protection against superior 0-days malware, but to protect Average Joe from prevalent ones.

So any debate about WD being better than 3rd party vendors or not , is just pointless and based on emotional feelings of haters/fanboys.
Don't worry, Average Joe doesn't care of what you say about WD, they are glad they have a free decent AV that doesn't require their intervention at all.