App Review Windows Defender vs Ransomware! (Shocking Results?)

[roger_m]

Apparently, your good habits weren't enough.

It's a silly argument to make when no one is saying is that good habits are going to provide 100% protection. Also it's very important to note, that it's impossible to get 100% protection no matter how hard you try to secure your computer.

If I can find the thread in this forum, I'll let you know. For now, all I can say is that I consider reports from AV Comparatives and others as verifiable and representative, and thus meaningful, and your personal anecdotes not.

Of course you didn't answer my question.

 

[Andy Ful]

Lastly, from what I've been reading in this forum, you no longer need to run "shady stuff" or even turn off protection for problems to happen. That is, malware can also be found in "non-shady" stuff and protection used might not be enough.

It is true. But, neither "Layered protection" nor "Good habits" can be advantageous in such cases.
Oh, there is one exception, when one uses very strong "Layered protection" (default-deny) and has a "good habit" of avoiding stuff blocked by it.

Edit.
It is another example of "the superiority of Easter over Christmas".

 

[Practical Response]

Restoring from backups don't negate data theft.

You seem to have a lot of time on your hands, and yet still do not understand a basic concept. So enlighten me, how is a 3rd party suite going to stop all infections from happening, and when it does, will it protect your data privacy completely. Do you know it will stop an infostealer from reaching outbound in time, better yet will you prove it can. Are you hacker proof, are you telling me you have devised a way to not worry about anything, so as to not lose any of your personal things, or get around without good habits.

How hard is it to understand, that it is easier to teach average users good habits then it is to teach them complicated layered security apps, how to use, when to use, and what to do to adjust them. It takes less time too. Literally 90% of data breaches are the results of social engineering aka phishing. This means even above average users being tricked into "clicking" things to "allow" these breaches/infections. Your answer is again to what, slap a antivirus on it and call it a day?

 

[Practical Response]

It is true. But, neither "Layered protection" nor "Good habits" can be advantageous in such cases.
Oh, there is one exception, when one uses very strong "Layered protection" (default-deny) and has a "good habit" of avoiding stuff blocked by it.

Edit.
It is another example of "the superiority of Easter over Christmas".

Default deny would be more complicated for an average users to use then learning good habits though. Think of the time it would take them to learn it as well, as it seems no one has time to do anything security wise, so I doubt this answer would apply. The user would be in a forum like this having to ask questions constantly on how to do things or allow applications. Certainly they would not have time for that either.

Sorry Andy, you know I had too.

 

[Trident]

Certainly they would not have time for that either

 

[Andy Ful]

Default deny would be more complicated for an average users to use then learning good habits though. Think of the time it would take them to learn it as well, as it seems no one has time to do anything security wise, so I doubt this answer would apply. The user would be in a forum like this having to ask questions constantly on how to do things or allow applications. Certainly they would not have time for that either.

Sorry Andy, you know I had too.

You did not notice the nub of my post.
It is not important if the average user can use default deny. But even if so, one still cannot skip some good habits. The whole discussion about what is better can last until we all die, just like the discussion "About the superiority of Easter over Christmas".

 

[Practical Response]

You did not notice the nub of my post.
It is not important if the average user can use default deny. But even if so, one still cannot skip some good habits. The whole discussion about what is better can last until we all die, just like the discussion "About the superiority of Easter over Christmas".

Oh I did notice lol.

Good habits needed even for advanced software. What a concept. Especially if the average users had default deny and just "allowed" things to use it, because it does drift back onto the shoulders of the user to make intelligent choices.
I would state that the habits literally are the most important aspect here no matter which angle you look at it from.

 

[Andy Ful]

Dear readers,

Please choose any position by moving the slider.
Any position can give similar protection, when the amount and quality of "Safe habits" can be in harmony with 'Layered protection'.

Of course, you can be safer when the strength of "Layered protection" is higher without changing "Safe habits" or when the amount and quality of "Safe habits" are higher without changing "Layered protection".

 

[Practical Response]

Dear readers,

Please choose any position on the slider.
Any position can give similar protection, when the amount and quality of "Safe habits" can be in harmony with 'Layered protection'.

View attachment 282651

Holy wow, you had that ready and waiting to apply didn't you lol

On a serious note, above I state that most data theft breaches "around 90%" happen from phishing, this is literally negated by good habits. By understanding what to look for in emails and scams. To question things legitimacy.

I mean, it feels like analogy time.

Let's take an average person, that can barely understand how to drive a car, place them in war, in a tank, and tell them your ok, you have armor now, you can drive right through the worst of it with no worries. They are now tooling along thinking they are invincible until that antitank weapon slaps them with reality.

Its a ridiculous argument, without proper knowledge all these tools are pointless. If you can not understand simple habits, you will certainly not understand complicated layered security. If you can not understand layered security, you are using, you are actually placing yourself in a wider attack surface most likely from misconfiguration.

Ask most businesses where the weakest point is in their IT strategy , and realize this is generally the case for home users too.

 

[Andy Ful]

Holy wow, you had that ready and waiting to apply didn't you lol

On a serious note, above I state that most data theft breaches "around 90%" happen from phishing, this is literally negated by good habits. By understanding what to look for in emails and scams. To question things legitimacy.

I mean, it feels like analogy time.

Let's take an average person, that can barely understand how to drive a car, place them in war, in a tank, and tell them your ok, you have armor now, you can drive right through the worst of it with no worries. They are now tooling along thinking they are invincible until that antitank weapon slaps them with reality.

Its a ridiculous argument, without proper knowledge all these tools are pointless. If you can not understand simple habits, you will certainly not understand complicated layered security. If you can not understand layered security, you are using, you are actually placing yourself in a wider attack surface most likely from misconfiguration.

Ask most businesses where the weakest point is in their IT strategy , and realize this is generally the case for home users too.

You really want to draw me into the discussion "About the superiority of Easter over Christmas". No chance.

 

[Practical Response]

You really want to draw me into the discussion "About the superiority of Easter over Christmas". No chance.

But your honor, he's intimidating the witness.

Easter was originally a Pegan holiday based off renewal and rebirth that praised Eostre the goddess of fertility and spring, as for Christmas, there is no mention in the bible of Christ being born that day, matter of fact most scholars believe he was born in early spring closer to Easter.

So when you speak of superiority of one over the other, I have no clue what you are referring too.

 

[Andy Ful]

But your honor, he's intimidating the witness.

Easter was originally a Pegan holiday based off renewal and rebirth that praised Eostre the goddess of fertility and spring, as for Christmas, there is no mention in the bible of Christ being born that day, matter of fact most scholars believe he was born in early spring closer to Easter.

So when you speak of superiority of one over the other, I have no clue what you are referring too.

You will not draw me into the discussion about Easter and Christmas, too.

 

[Trident]

This thread now looks like Bible School on Sunday…

 

[monkeylove]

It's a silly argument to make when no one is saying is that good habits are going to provide 100% protection. Also it's very important to note, that it's impossible to get 100% protection no matter how hard you try to secure your computer.

Of course you didn't answer my question.

I wasn't referring to 100-percent protection.

I didn't answer your question because that wasn't my point. This is: you post anecdotes about yourself which we can't verify and which probably doesn't represent what others do and have. How does that make sense?

 

[monkeylove]

It is true. But, neither "Layered protection" nor "Good habits" can be advantageous in such cases.
Oh, there is one exception, when one uses very strong "Layered protection" (default-deny) and has a "good habit" of avoiding stuff blocked by it.

Edit.
It is another example of "the superiority of Easter over Christmas".

You have a default-deny situation and you deny. Then a BSOD takes place.

 

[monkeylove]

You seem to have a lot of time on your hands, and yet still do not understand a basic concept. So enlighten me, how is a 3rd party suite going to stop all infections from happening, and when it does, will it protect your data privacy completely. Do you know it will stop an infostealer from reaching outbound in time, better yet will you prove it can. Are you hacker proof, are you telling me you have devised a way to not worry about anything, so as to not lose any of your personal things, or get around without good habits.

How hard is it to understand, that it is easier to teach average users good habits then it is to teach them complicated layered security apps, how to use, when to use, and what to do to adjust them. It takes less time too. Literally 90% of data breaches are the results of social engineering aka phishing. This means even above average users being tricked into "clicking" things to "allow" these breaches/infections. Your answer is again to what, slap a antivirus on it and call it a day?

It's not supposed to stop all infections. My point is that you're aware of this, which is why the definition of "good habits" keeps shifting.

One source for your point is this:

91% of all cyber attacks begin with a phishing email to an unexpected victim | Deloitte Malaysia | Risk Advisory | Press releases

Cybersecurity practitioners have, for many years, been promoting the adage ‘it's not if, but when’ organisations will be impacted by a cyber attack.

www2.deloitte.com

The first point is correct because "good habits" won't be enough.

What happens if the infection comes from a non-questionable website?

What happens if the infection comes from a reputable mobile app?

What happens if the e-mail comes from a non-questionable company that unknowingly has been compromised?

and so on. If you have a lot of time in your hands, then you can add more "good habits" by waiting things out, checking the site against another that checks site, using more scanners, and letting things run in a sandbox to see what happens.

Which is what developers are adding to security programs because it turns out that "good habits" involve a lot of time in your hands.

 

[n8chavez]

Dear readers,

Please choose any position by moving the slider.
Any position can give similar protection, when the amount and quality of "Safe habits" can be in harmony with 'Layered protection'.

View attachment 282651
Of course, you can be safer when the strength of "Layered protection" is higher without changing "Safe habits" or when the amount and quality of "Safe habits" are higher without changing "Layered protection".

and....ofc I tried to move the "slider"!!

 

[monkeylove]

Default deny would be more complicated for an average users to use then learning good habits though. Think of the time it would take them to learn it as well, as it seems no one has time to do anything security wise, so I doubt this answer would apply. The user would be in a forum like this having to ask questions constantly on how to do things or allow applications. Certainly they would not have time for that either.

Sorry Andy, you know I had too.

That's what I mean. "Good habits" has several definitions here, and one of them involves restrictions and let users take matters into their own hands, e.g., default-deny.

Others would advice coupling that with tweaking the built-in security program, which may lead to other complications, like some apps no longer able to access data folders, or slowdown when virtualization is turned on, and so on.

Meanwhile, to avoid all that one has to take on the role of a security program: either let things sit out for days (and hoping that it won't be reported that they turn out to be infected after those days are over), or run them in a sandbox (or in a fake machine), or run them (whether they were downloaded manually or automatically by the OS) against other sites to check them, and son.

Which is something one can do if one has a lot of time in his hands, and which unfortunately isn't the case for average users.

 

[Gangelo]

How hard is it to understand, that it is easier to teach average users good habits then it is to teach them complicated layered security apps, how to use, when to use, and what to do to adjust them.

With all due respect, average people DO NOT want to learn good habits and DO NOT care about them.
People are lazy and this is why security suites exist. Most people do not even tweak them, they are using the defaults.

 

[monkeylove]

Oh I did notice lol.

Good habits needed even for advanced software. What a concept. Especially if the average users had default deny and just "allowed" things to use it, because it does drift back onto the shoulders of the user to make intelligent choices.
I would state that the habits literally are the most important aspect here no matter which angle you look at it from.

That's not the point but that one does not need advanced software. That's why it's the latter that takes matters into its own hands. The reason is simple: it (the security program) has a lot of time in its hands, and it has more abilities to make "intelligent choices" compared to the ave. user.