Hot Take Who is safer?

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
The Corona Virus case has shown that people who are interested in health matters (for example doctors) are more vulnerable than average people. So maybe, the people interested in computer security (MT readers) can be more vulnerable as compared to average computer users.

Let's assume that average computer users are those who use Windows 10 and native security (Windows Defender + Edge Chromium) with the preference of apps from Microsoft Store. Of course, some apps have to be installed by more experienced users.
From my experience, there can be several different definitions of average users, but let's agree for the above simplistic definition in this thread. I will use quotes to distinguish "average users" from other possible meanings of average users.

About 90% of attacks are made nowadays via emails (phishing URLs and malicious attachments). So, what is the difference when one uses the email client? Many MT readers use 3rd party email clients that allow opening executable attachments. This can put them in danger. The average user will use the Windows native email client which block opening such attachments by default.

Many attacks are made via active content in MS Office documents. Many MT readers probably use MS Office or another office suite. Although the 3rd party (non-Microsoft) office suites are much safer as compared to MS Office, they often do not block some active content (like OLE attachments). This can put users in danger. The average user can use Office Online which blocks active content in documents by default.

The attackers often use archives to propagate malicious files. Many MT readers use 3rd party archiver applications (like 7-Zip) that do not transfer the MOTW from archive to its content. After downloading from the Internet and unpacking, the malicious file is ignored by SmartScreen. This can put users in danger. The average user will use the native Windows Zip archiver, which properly transfers the MOTW, so the unpacked malicious executables will be blocked by SmartScreen.

The attackers often try to exploit popular desktop applications. Most of MT readers use such applications, so some of them can be infected in this way. The average user will use more apps from Microsoft Store which generally are much safer. Furthermore, the apps from Microsoft Store update automatically when it is needed - that cannot be said about many desktop applications.

Many MT readers install/uninstall several security solutions. This usually has an impact on system stability (due to system leftovers or overkill setup). The average users do not do such things, so they can be safer against broken Windows Updates and system crashes.

MT readers can spend many hours a day while browsing and trying new applications. So, they can be in danger more often than average users.

In the case of above-average computer users, the danger comes from demanding more usability and more convenient features. The average computer users are much less demanding and can accept simple applications. More usability often decreases security.
In the end, most readers can learn on the MT forum, so they can neutralize the increased attack surface area by knowledge, safer habits or additional software. But still, I am not sure if they are much safer than average users.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Ignorance has became a virtue. Close MT(?)
Ha, ha. That was not my intention. I have rather thought about something else. Must we drive 180 km/h because the car allows it, even if we know that driving 90 km/h is twice as safer?

Many applications from Microsoft Store are better than desktop applications 10 years ago, and many of us loved the old one. So, it is not a problem for me to use the VLC media player from Microsoft Store, because I simply do not need more features. Also, the inexperienced users do not have such a problem if they do not start from the software full of convenient features (and usually unsafe). The problem is that human nature demands maximum convenience & usability in the first place. It is hard to step back even if this could increase safety.:unsure:

Most users start from usability & convenience, and after infection do not like to change the software, but rather seek for additional security applications. This usually ends with overkill setup.
 
Last edited:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
I think you make a mistake here.
The Microsoft Store is dead.
Many apps like Adobe reader touch still work, but are old and not maintained anymore.
Even Microsoft themselves discourage you from downloading from the store.
If you get an Office 365 subscription. The website let's you download an installer and does not guide you to the store. You have to search to find the 365 apps. Their latest new Bing wallpaper app is a download and not available in the store.

Noobs will not use the store.
If they need an app for something they search for it on Google and download the first thing they see.
That's why there are so much pup and even more serious infections.
They run an outdated AV on their system unaware that the subscription that came with their new computer is not valid anymore.

I know that people on this kind of forums tend to overkill setups, but with time and age comes wisdom and we will all learn.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
Even Microsoft themselves discourage you from downloading from the store.

In more ways than one: I recently deleted my M$ account (actually, I started M$'s 60 day long "deletion" process 🤬) and the only way I could use the M$ Store is to sign in, thus halting the "deletion" process. This is not a bad thing they have made it inconvenient as it prevents many users from using their store. I see no use in it any more and hope they kill it ASAP. They killed the Windows Phone so we can only hope. 🖕M$! :LOL:

Some people could specifically target MT users out of grunge.

Or stalk such users! And troll them!
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
The Corona Virus case has shown that people who are interested in health matters (for example doctors) are more vulnerable than average people. So maybe, the people interested in computer security (MT readers) can be more vulnerable as compared to average computer users.

Let's assume that average computer users are those who use Windows 10 and native security (Windows Defender + Edge Chromium) with the preference of apps from Microsoft Store. Of course, some apps have to be installed by more experienced users.
From my experience, there can be several different definitions of average users, but let's agree for the above simplistic definition in this thread.

About 90% of attacks are made nowadays via emails (phishing URLs and malicious attachments). So, what is the difference when one uses the email client? Many MT readers use 3rd party email clients that allow opening executable attachments. This can put them in danger. The average user will use the Windows native email client which block opening such attachments by default.

Many attacks are made via active content in MS Office documents. Many MT readers probably use MS Office or another office suite. Although the 3rd party (non-Microsoft) office suites are much safer as compared to MS Office, they often do not block some active content (like OLE attachments). This can put users in danger. The average user can use Office Online which blocks active content in documents by default.

The attackers often use archives to propagate malicious files. Many MT readers use 3rd party archiver applications (like 7-Zip) that do not transfer the MOTW from archive to its content. After downloading from the Internet and unpacking, the malicious file is ignored by SmartScreen. This can put users in danger. The average user will use the native Windows Zip archiver, which properly transfers the MOTW, so the unpacked malicious executables will be blocked by SmartScreen.

The attackers often try to exploit popular desktop applications. Most of MT readers use such applications, so some of them can be infected in this way. The average user will use more apps from Microsoft Store which generally are much safer. Furthermore, the apps from Microsoft Store update automatically when it is needed - that cannot be said about many desktop applications.

Many MT readers install/uninstall several security solutions. This usually has an impact on system stability (due to system leftovers or overkill setup). The average users do not do such things, so they can be safer against broken Windows Updates and system crashes.

MT readers can spend many hours a day while browsing and trying new applications. So, they can be in danger more often than average users.

In the case of above-average computer users, the danger comes from demanding more usability and more convenient features. The average computer users are much less demanding and can accept simple applications. More usability often decreases security.
In the end, most readers can learn on the MT forum, so they can neutralize the increased attack surface area by knowledge, safer habits or additional software. But still, I am not sure if they are much safer than average users.
Let’s not forget many users don’t even use an email client. Webmail is a very safe approach for casual users. I also prefer it myself. As long as the casual user can remember how to use a browser and navigate to the email login. My best friend works at the library and continually informs people how to navigate to gmail.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
the people interested in computer security (MT readers) can be more vulnerable as compared to average computer users.
There was a study done a couple of years ago that found that those who claimed greater knowledge of phishing were far more likely to fall victim to it:
Contrary to our expectations, we observed greater user susceptibility with greater phishing knowledge and awareness. Students who identified themselves as understanding the definition of phishing had a higher susceptibility than did their peers who were merely aware of phishing attacks, with both groups having a higher susceptibility than those with no knowledge of phishing.
... students who were unaware of phishing attacks performed better (28% clicked) than did students who were aware (42% clicked) or who understood what phishing attacks are (80% clicked).
We have no convincing explanation for this finding, and we do not know if it is reproducible. Nevertheless, we consider two speculations. First, it is possible that the act of falling for the phishing scheme might have increased the user’s awareness about phishing. In hindsight, it might have been wiser to have asked in the post-event survey what was the level of phishing awareness the user had when they opened the phishing email. Second, it is conceivable that users who fell for the phish might be more likely to overestimate their knowledge, including about phishing.
I found the second speculation interesting.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
I think you make a mistake here.
The Microsoft Store is dead.
Many apps like Adobe reader touch still work, but are old and not maintained anymore.
...
It is probably not dead.
The argument of old application is valid for desktop applications, but not for UWP applications, especially those which work in AppContainer (like Adobe Reader Touch). They do not need to be constantly updated because they are rarely attacked and are fully compatible with Windows 10 without any patches. Furthermore, they are specially signed that allows protecting them by strong anti-exploit mitigations.(y)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
In more ways than one: I recently deleted my M$ account (actually, I started M$'s 60 day long "deletion" process 🤬) and the only way I could use the M$ Store is to sign in, thus halting the "deletion" process.
...
On Windows Pro with a local account, you can simply cancel the sign-in alert. On Windows Home with a local account, you can still use Microsoft Store when signing to the store with any Microsoft Account.
I can see only one problem with Microsoft Store - the available apps are usually very simple with basic features. I use them only as a replacement for most exploited applications like email clients, media players, document viewers, etc.
 
Last edited:

Outpost

Level 5
Verified
Well-known
Jan 11, 2020
220
The average user is perhaps safer because someone (MS) has applied the most appropriate mitigation rules for them. I would not define an experienced user as someone who simply installs and uses alternative programs to the native ones. If a user uses third-party sw but applies mitigation is as safe as the one using MS.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
If Average Users are safer, then Microsoft wouldn't have any need to do any improvement to their basic security. But they did.
This reasoning has a few flaws.
  1. Microsoft takes care of organizations and enterprises in the first place (not average users).
  2. Windows security development is mostly related to the development of new features. Any new feature can decrease the security of all users.
  3. Criminals can adjust their attacks to any security, so security improvements are necessary.
  4. The malware can decrease the safety of all users, and still, the "average users" can be relatively safer due to smaller attack surface area.
Of course, from the above, it does not follow that average users are surely safer.:)
 
Last edited:

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,064
Reading your publication I see that you know the Microsoft operating system very well and you also know about code... So why didn't you say the basics and first in MS - If the hardware has security holes everything else in terms of protection... -

Do you use macOS and virtual machines ?

🤔
 
  • Like
Reactions: Cortex and show-Zi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top