Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Windows Defender vs Ransomware
Message
<blockquote data-quote="Lenny_Fox" data-source="post: 856908" data-attributes="member: 82776"><p>It is fair to test security products for average PC users on default settings. Since we all became more dependent on the internet, testing an AV without internet connection is not a realistic scenario. As far as I know, four of the the five most dominant infection sources are internet related:</p><p>1. Malware included in e-mail where user is tricked in clicking on it</p><p>2. Malware included in user initiated downloads, often executed by the user</p><p>3. Malware dropped on user's device after visiting a website or viewing content</p><p>4. Malware received at hotspots/public WIFI networks (press accept to gain access to free WIFI nonsense)</p><p>5. Malware received on USB-disks</p><p></p><p>The execute from disk seems a realistic approach since most of the infections are shoot in the foot errors of PC users, when:</p><p>a) all samples have the MOTW before executing</p><p>b) internet connection is ON when malware is executed.</p><p></p><p>Only the execute from USB is feasible in an offline situation and something is executed/opened from an USB in stead of file-sharing service (because there is no internet connection).</p><p></p><p>I really don't understand - when WD is OS-aware - why WD can't simulate a MOTW when something is opened from a removable device. How difficult is it to add one WD option "threat all executions from removable devices als untrusted" like it is done in Microsof Office?</p></blockquote><p></p>
[QUOTE="Lenny_Fox, post: 856908, member: 82776"] It is fair to test security products for average PC users on default settings. Since we all became more dependent on the internet, testing an AV without internet connection is not a realistic scenario. As far as I know, four of the the five most dominant infection sources are internet related: 1. Malware included in e-mail where user is tricked in clicking on it 2. Malware included in user initiated downloads, often executed by the user 3. Malware dropped on user's device after visiting a website or viewing content 4. Malware received at hotspots/public WIFI networks (press accept to gain access to free WIFI nonsense) 5. Malware received on USB-disks The execute from disk seems a realistic approach since most of the infections are shoot in the foot errors of PC users, when: a) all samples have the MOTW before executing b) internet connection is ON when malware is executed. Only the execute from USB is feasible in an offline situation and something is executed/opened from an USB in stead of file-sharing service (because there is no internet connection). I really don't understand - when WD is OS-aware - why WD can't simulate a MOTW when something is opened from a removable device. How difficult is it to add one WD option "threat all executions from removable devices als untrusted" like it is done in Microsof Office? [/QUOTE]
Insert quotes…
Verification
Post reply
Top
