Windows Defender is the only AV Playing Fair with Browsers

[Ink]

Read Article: Google Engineer Says Windows Defender Is the Only AV Playing Fair with Browsers

Justin Schuh, a Google Chrome engineer focused on security and desktop platform praises Windows Defender for working correctly with third-party software.

In a tweet, Windows Defender is actually a well-behaved antivirus that plays well with other software solutions, explaining that all the other security products impacted Chrome performance in one way or another:

“Browser makers don't complain about Microsoft Defender because we have tons of empirical data showing that it's the only well behaved AV. Defender is the only one I know of that hasn't broken Chrome's security mechanisms,” - Justin Schuh (Twitter)​

__________________________________________________________________________________________​

Does your antivirus break your browser, integrate (install extensions/certificates) or sabotage Chrome's security?

 

[_CyberGhosT_]

I'm not a "regular" or frequent user of Chrome, but on occasion I have used it when FF
was acting up. I use HMP.A and I have never had any issues with how HMP.A and Chrome
mesh.
His statement sounds pretty bias to me, sounds like he's puckering up and smooching
a lil rump there. Is it just me ?
Thanks Spawn.

 

[Claw]

I too have never had a problem in any way shape or form with Chrome.

 

[Cch123]

Actually, there were ex firefox developer who also said the same thing as well: disable AVs other than Windows Defender. Its not just chrome.

The issue here is that most Antivirus softwares interfere a lot with other processes in an attempt to "protect" them. However, they often screw up, with injecting non ASLR enabled dlls being most common. AV hooks can also be poorly implemented so much so that certain security features in the browser can be disabled such as the sandbox in chrome.

 

[Andytay70]

Never had any issues with AV's and browsers, Maybe they guy is after a job at M$?

 

[Wave]

I understand the concern from what they are saying and they are right, but AVs inject code into processes for protective mechanisms to help secure the user, not the opposite. I guess they need to deal with it, it's not the AV vendors problem because people still buy and use the protection. Maybe Google should speak to the vendors 1-1 independently to improve things.

Never had any issues with AV's and browsers, Maybe they guy is after a job at M$?

LOL

 

[Ink]

statement sounds pretty bias to me, sounds like he's puckering up and smooching

How would you feel if you knew these third-party software vendors made your users more vulnerable? Not sure about ESET or Emsisoft, but I am sure they can be excluded, would this make it unbiased? Get where I am going?

Of course, his Twitter are his own views outside of work.

 

[Parsh]

Actually, there were ex firefox developer who also said the same thing as well: disable AVs other than Windows Defender. Its not just chrome.
The issue here is that most Antivirus softwares interfere a lot with other processes in an attempt to "protect" them. However, they often screw up, with injecting non ASLR enabled dlls being most common. AV hooks can also be poorly implemented so much so that certain security features in the browser can be disabled such as the sandbox in chrome.

Yes there are such issues prevalent with AVs, but the FF employes calling them rogue dlls (just in order to justify their spersuit for security) and calling out to disable all AVs except for WD is no less insane!

I understand the concern from what they are saying and they are right, but AVs inject code into processes for protective mechanisms to help secure the user, not the opposite. I guess they need to deal with it, it's not the AV vendors problem because people still buy and use the protection. Maybe Google should speak to the vendors 1-1 independently to improve things.
LOL

Nailed it!
This practice by AV products would be needed and the AVs' and Browsers' devs need to sort out the issue maybe by coming to terms with a win-win standard or keeping it out of blame games.

 

[Marko :)]

Hmm, why is everyone now saying that Windows Defender is the best antivirus in the world? I'm really starting to think that Microsoft pays them to say that...

 

[DJ Panda]

Windows Defender and the default security Windows 10 has is more than enough if you practice smart surfing habits. (No need for any extra software/extentions cluttering the computer.) Jump between Edge and Chrome and neither have any problems with Avast.

 

[Wave]

Hmm, why is everyone now saying that Windows Defender is the best antivirus in the world? I'm really starting to think that Microsoft pays them to say that...

It's not the "best antivirus in the world" and no one has said that, but I know you were just using it as a figure of speech... In fact, there is no "best antivirus" in existence due to how many different samples are released on a regular basis and the difference in detection algorithms among all the products out there on the market; Windows Defender is sufficient protection to keep someone secure as long as they make sure they think before they do, however.

All the fancy features within third-party security software is not necessary to keep your system protected, you don't need zero-day anti-ransomware or anti-exploit mechanisms or a nefarious behavior blocker/host intrusion prevention system... All you need to do is make sure you have sufficient real-time protection, and not be click-happy, which includes: doing research before downloading and running new programs, not aimlessly opening up e-mails from untrusted senders (and definitely not handling attachments from e-mails who are not verified trusted senders), not randomly clicking on the first search result you see just because it's on Google (and assuming it's safe), etc.).

On top of this, mixing Windows Defender with User Account Control (and SmartScreen for system-wide usage if you're on Windows 8 or above) is even better - however the additional protection components within Windows need to be used correctly... If you just allow the consent for programs to run as administrator without them really needing to be running with those privileges (and without checking that the program is genuinely safe prior to providing the consent) and ignore the SmartScreen alerts then you aren't using those components properly.

Even Microsoft Edge which is now built-in to Windows 10 is much better than previous browsers provided by Microsoft and has hit the ratings regarding security...

Windows 10 alone contains enough built-in protection for anyone who is cyber-security knowledgeable and can think before they do things.

 

[tonibalas]

In my experience WD doesn't brake down chromium browsers.
But it's slowing down my browsing.
At the moment i am using Eset av in my system.
Eset has better cpu usage than WD and my fan in my laptop isn't working as hard as when i have WD active.
And by the way Eset hasn't broken down my browser yet.

 

[Wave]

In my experience WD doesn't brake down chromium browsers.
But it's slowing down my browsing.
At the moment i am using Eset av in my system.
Eset has better cpu usage than WD and my fan in my laptop isn't working as hard as when i have WD active.
And by the way Eset hasn't broken down my browser yet.

If you calculate everything then ESET cannot have better CPU usage than Windows Defender because overall ESET has more functionality than WD and therefore requires more CPU instructions to be executed. This includes both GUI and protection. It might "seem" lighter, but in reality it really isn't.

 

[tonibalas]

@Wave maybe you are right.
I am just saying what i see on my system and on Task manager.
Eset is not heavily tweaked, just a couple of ticks

 

[Wave]

@Wave maybe you are right.
I am just saying what i see on my system and on Task manager.
Eset is not heavily tweaked, just a couple of ticks

Don't worry I know why you said it and I also feel ESET is lighter when I was using it/testing it, and as for Task Manager it's not really the most reliable thing since there are kernel-mode drivers loaded on the system and Task Manager does not leave the scope of user-mode monitoring. As well as this, ESET performs DLL injection for some things at some points (or used to at least awhile back) which means the memory usage of the target processes to be injected into will increase more (and the CPU usage also due to the target processes running additional code on a new thread from ESET), which is another example of something that WD doesn't do.

WD is pretty minimal and sufficient for anyone using the other built-in Windows protection mechanisms who know what they are doing and is capable of thinking before doing something on the system

 

[Pat MacKnife]

Chrome works flawless with third party AV's (my experience), but FF seems to have more problems ...

 

[sudo -i]

but FF seems to have more problems ...

Also your experience? Where? How? Which AV?

 

[uncle bill]

It's not the "best antivirus in the world" and no one has said that

..except "one" coming from firefox development structure and an "unknown one" coming from google. Knowing google's employee policies it feels like a strange statement coming out from nowhere and without a reason.

 

[_CyberGhosT_]

Also your experience? Where? How? Which AV?

Right, a claim like that needs to be validated.
I test a multitude of set up's and find his statement to be misleading and , well for a lack of a better term "BS".

 

[Pat MacKnife]

Also your experience? Where? How? Which AV?

Yes also my experience, in the past i had several issues with FF , but never had problems with Chrome.