- Oct 23, 2012
- 12,527
Please stay on topic and respect each other.Thanks
Why are we even messing with anything other than WD these days?
- Thread starter ncage
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
truefacts
Level 1
- Jun 9, 2020
- 12
WD truly is great and out performs other security software. Nobody can definitively prove or establish that any user needs to install a 3rd party software. WD with BAFS and SmartScreen have been shown many times to be solid protection without installing a third party solution that needlessly adds complexity and over burdens the user. When my brother helps family members and friends, time and again he finds that the users can't handle security, that anything that requires the user to make a decision is a burden and leads to the wrong choices. The solution that completely removes the user from the equation is always the best solution. This is know since Unix and Windows 95.
Default deny solutions are only the answer to a tiny miniscule audience. The user base is almost non existent. Default deny has virtually no appeal to the greater end user community. The ultra low demand for default deny is the reason that entire space is relegated to simple specialty niche products.
Last edited:
Rollers127
Level 1
- Jan 4, 2020
- 35
For me its simple, its a performance issue. I find WD does affect and slow down performance when using certain programs that I regularly use. Nothing more than that, performance!
- Dec 23, 2014
- 8,510
Ha, ha. You have made a smart manipulation of my post. But OK. It is great among several free AVs, together with one or two other free products.
- Jan 10, 2017
- 1,061
WD is a nice freebie for basic protection, without phishing protection and with some old performance issues.
- Dec 23, 2014
- 8,510
Yes and No.
WD free is like a basic Fiat with a Ferrari engine. So, it is not exactly basic Fiat nor Ferrari.
I would add the the phishing protection is a bit of yes no. If you use Edge (original, or new chromium version) that part is covered by smartscreen. If you use a 3rd party browser, then yes WD doesn't really have that per say. However, you could always add an extension (netcraft, BDTL, Emsisoft, etc...) to gain that protection, while not having to go above and beyond the built in security if that's what one wants to use.
- May 31, 2017
- 1,719
Interesting... your brother's brother was a big fan of deny-by-default.
Edit: Unix / Linux is deny-by-default... you have to sudo to do anything. This is not removing the user from the equation.
Last edited:
truefacts
Level 1
- Jun 9, 2020
- 12
No manipulation. Just re-stating Microsoft's official position on WD. All one need do is read what they say in their statements about WD. Also based upon real world observations and use experiences of people that install third party software.
Interesting... your brother's brother was a big fan of deny-by-default.
No one in my family ever used default deny. Causes too many problems . Have always used just WD. Greatest Windows compatibility with the least amount of problem for user is first priority. Third party softwares cause too many problems.
- May 31, 2017
- 1,719
I am happy we are in agreement, although I find your first 3 points on home immunity somewhat silly, and I will explain why.@danb,
Generally, I agree with you about the weaknesses of the standard security solutions (in the home or in the enterprises). If I would think otherwise, I would not develop several security tools.
But, I think that some of your statements might be misunderstood by readers.
Yes, you are right. It was not evident from the short article you posted, but it is clear after reading the full reference report "infocyte-Q2_2019_mid-market_threat_IR_report.pdf".
Thanks for pointing it out - I corrected my previous post.
In fact, the report shows that popular commercial solutions (AVs + ATP) are not especially efficient to protect enterprises. Of course, one can easily deduce that WD free cannot be a sufficient solution too.
The home users are immune to most of the enterprise attacks for several reasons:
Anyway, some malwares that are used in the attacks on enterprises can be also (re)used in the widespread attacks (spam campaigns). So you are right - home users are not immune to them. Furthermore, the chances of nasty infections are much greater on not updated systems.
- Most enterprise attacks use exploits, that are already patched by Windows Updates on the home computers.
- Many enterprise attacks propagate via the enterprise network, which is absent in the home environment.
- Many home users do not use MS Office.
- Many attacks on enterprises are targetted.
We agree with the conclusion. I just tried to explain that the assumption about SmartScreen was not precise and might be misguiding for many people. Simply the most popular and dangerous attacks are not related to SmartScreen protection. The SmartScreen does not cover (and never was intended to cover) exploits, scripts (except .jse, .vbe) and fileless attacks.
1. I would disagree that most enterprise attacks use exploits. Especially considering how everyone says how rare exploits are, but then claims that they are prevalent when it fits their case .
.2. Absolutely, but there is still patient zero on the network. This does not change anything.
3. I have never seen stats on MS Office home use, but then again, I rarely see a computer without MS Office.
4. Absolutely!
The info about SMB was in the article I posted, all you had to do was read it
.
- May 31, 2017
- 1,719
I recently performed a Windows 10 2004 clean install on my main computer. For the same reason you do not lock the doors to your house when you are moving in, I relied solely on WD while downloading and installing the various software on my system. Once I was finished installing software, it was time to lock the system down, so I installed VS. WLC immediately found and infection, and it turned out to be a particularly difficult infection to remove (it took me a couple of hours to figure it out).
This is not an isolated incident. Our users (including MT members) have experienced similar situations. I was just shocked that it happened so quickly, over a span of a day or so, which is why I posted on this thread.
WD is great and has come a very long way, but it is not as perfect as some people lead you to believe. At the very least, second opinion scans should be performed weekly.
Also, I agree that fulltime deny-by-default is overkill, especially for home users. But when a user is about to click on a questionable link and the hair is standing up on their neck, they are probably going to wish they had the peace of mind knowing that their computer is locked.
Sorry but why bother with hours of trouble shooting during an new install (while never be 100% sure you got all removed) and not just say f... it and do a proper clean install to be sure?
To stay on topic: When choosing MSDefender as main AV I think taking the time to install configure defender and press the button for "high" or "max" setting would be 2 minute well spend
- Aug 4, 2016
- 1,465
If no one in your family have ever used 'default deny' how do you know it causes to many problems? - As for 'third party software causes to many problems' - Again in your opinion., KIS, ESET, F-Secure, Emsisoft etc has rarely if ever caused me any problems on multiple systems/people - As for me I use very few built in MS modules regarding, search, ripping, disc maintainable, all audio-visual & Office for starters - My reason, most third party programs are far less complex, faster, and generally less hassle & in the case of Office vastly easier to maintain - WD comes in to the category above - I have 26 years experience in Windows to come to these conclusions - But still my opinion only.
Microsoft defender offers great download protection against EXE files especially if you use Microsoft edge as well. Microsoft edge sucks big time when it comes to phishing pages. If you are trying to use this as a default.... please supplement it with another add-on. Microsoft edge is horrible horrible with phishing sites and if it's the only thing your going to use on an inexperienced users system..... You are setting them up to crash and burn!!
There no software that is going to protect you from the major of phishing pages, they take less than 5 min. to create, and the majorly of pages are taken down in less than a day.
Common sense is what you need for phishing pages.
- May 31, 2017
- 1,719
I had already spent around 15 or so hours installing software and configuring my system, and I had it "just right". The last thing I wanted to do was to reformat again.Sorry but why bother with hours of trouble shooting during an new install (while never be 100% sure you got all removed) and not just say f... it and do a proper clean install to be sure?
To stay on topic: When choosing MSDefender as main AV I think taking the time to install configure defender and press the button for "high" or "max" setting would be 2 minute well spend
Edit: Yeah, then I would have had to deal with all of the ridiculous WD prompts that are impossible to respond to, and besides, odds are I still would have been infected.
Last edited:
- Aug 4, 2016
- 1,465
Not so common these days though sadly?
- Dec 23, 2014
- 8,510
Are you serious? Do you know that the exploits from ten years ago can still work against many enterprises? Do you know that WannaCry family ransomware (based on the old EternalBlue exploit) was one of the most detected ransomware in the last year?I am happy we are in agreement, although I find your first 3 points on home immunity somewhat silly, and I will explain why.
1. I would disagree that most enterprise attacks use exploits. Especially considering how everyone says how rare exploits are, but then claims that they are prevalent when it fits their case
Press Releases | Ivanti
Read our recent press releases to stay current on the latest news and events at Ivanti.
risksense.com
I am sorry that you cannot see the difference between silly arguments and valid arguments. Let's look at statistics:
- ...
- It does if the network has many computers. Let's say that the network has 100 computers, then one person can easily infect 100 computers. So, you have 100 times greater probability of infection as compared to the home users.
- My family and many friends do not use MS Office. It is hard to say how many home users use MS Office. Let's say 30%, so you have three times smaller probability to be infected.
Last edited:
- May 31, 2017
- 1,719
I am not here to argue, people can read and decide for themselves.
BTW, I thought you were joking about not being about the create a .vba file a couple of weeks ago. If you need an MS Office license for testing, please let me know, I might have an extra one you can have.
From the article you posted “While consumer ransomware targets Windows and Adobe vulnerabilities, enterprise ransomware targets high-value assets like servers, application infrastructure, and collaboration tools since they contain an organization’s critical business data,”
I would have to read the article to be sure, but I believe they are discussing exploits and vulnerabilities specifically. From what I have read, most attacks are simple attachments (91% if memory serves). If true, these are two very different things.
BTW, I thought you were joking about not being about the create a .vba file a couple of weeks ago. If you need an MS Office license for testing, please let me know, I might have an extra one you can have.
From the article you posted “While consumer ransomware targets Windows and Adobe vulnerabilities, enterprise ransomware targets high-value assets like servers, application infrastructure, and collaboration tools since they contain an organization’s critical business data,”
I would have to read the article to be sure, but I believe they are discussing exploits and vulnerabilities specifically. From what I have read, most attacks are simple attachments (91% if memory serves). If true, these are two very different things.
Last edited:
- Dec 23, 2014
- 8,510
Yes, I do not have any license. It would be easier for me to have one (instead of installing a trial several times). You know my email. Thank you.
...
Enterprises have many more vectors of attack as compared to home users.
Nowadays, most attacks start from emails with phishing links. The second initial vector is related to email attachments. Both vectors often use documents as payloads. One popular method uses the MS Office old equation editor exploit. But, there are several exploiting possibilities too, because many enterprises do not update properly MS Office.
Top 10 Routinely Exploited Vulnerabilities | CISA
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching...
www.us-cert.gov
But it seems that exploits in Enterprises are especially popular in successful attacks on servers. Here is the useful report (not new):
Server-side exploits dominate the threat landscape - Help Net Security
During 2017, 76% of exploits affected server–side applications. Skybox Security CTO Ron Davidson points out that dealing with server–side vulnerabilities is always more difficult because the higher–value assets require more consideration.
www.helpnetsecurity.com
Top 20 Critical Windows Server 2008 Vulnerabilities And Remediation Tips | UpGuard
Learn about the top 20 Windows Server 2008 vulnerabilities, exploits, and security flaws that can lead to a data breach and how to fix them.
www.upguard.com
The cybercriminals are not stupid. Using well known (not new) exploits is the simplest way to bypass enterprise security and obtain persistence, so they are often used in attacks. The popularity of the WannaCry ransomware family is the simplest example of it.
Last edited:
Similar threads
