B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
And what exactly does that have to do with using Windows Defender? It surely has no place in _any_ Enterprise IT environment and neither should in anyones home.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Windows 10: Why can't I disable Windows Defender?
- Thread starter Astralogic
- Start date
You speak so authoritatively about all of this, so I would think you have some enterprise experience. That would definitely give you some perspective on the subject, vs just a youtube video.
notarat
2[H]4U
- Joined
- Mar 28, 2010
- Messages
- 2,500
I've taken protection to the extreme. I've just deleted all executables from my co....
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
But it does though. Just because it doesn't exist in your little IT bubble doesn't mean that its not a viable solution.
https://www.av-comparatives.org/products/microsoft-windows-defender-for-enterprisehttps://docs.microsoft.com/en-us/wi...microsoft-defender-advanced-threat-protectionhttps://docs.microsoft.com/en-us/microsoft-365/enterprise/windows10-enable-security-features
SuperSubZero
2[H]4U
- Joined
- Nov 21, 2000
- Messages
- 3,780
I'll just note that in the video you posted, the guy had to literally turn real-time protection off just to run the test. He had to break the product to show the product is broken.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
I saw that too. I watched a little bit after but at that point any credibility that kid has went out the window. You can't remove a factor like that from your testing and expect anyone to take you seriously. This is why I stick to independent sources with real testing methodology, not youtube videos from people more concerned about subscribers and entertainment than real data.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
I just posted a video where it failed the test and got the computer all infected and you post me Microsoft advertisements? ROFL!
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
If you watch the video more carefully you'll see that the tests were run ensuring real time protection was ON. Second test was run without the cloud connection and that result was even weaker than when cloud was on. Both failed to protect the OS.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
The top link is an independent research site.
The 2nd two were for your own reference, since you didn't even know that Defender for Enterprise existed. ROFL indeed.
Those are microsoft documents, not advertisements by the way. Its like me linking official Ubuntu documentation and calling it an advertisement.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
I watched it. He had to disable Windows Defender or his entire test would not work since Defender would block him from copying the files over. He says it clear as day in the beginning of the video. He turns it back on after he loads the files, but a huge part of an antivirus is blocking the files from making it to your system. Something he conveniently ignores for whatever reason. Again, I'll stick to the big boy's tests.. not some kid on youtube.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Yet he does the exact same procedure to all other AV and they do not fail to protect the system like Defender does. You Microsoft zealots are something else in your denial.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Nobody in their right mind would trust a link placed by MS as opposed to real world testing fails. I have to say I'm quite amused to see you actually try to convince me Windows is safe when literally millions of people are, as we speak, infected using it. As we speak.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
Yep. Which is why I think his entire channel isn't worth watching. The only Zealot here is you. I use Linux every day, the only Windows machine I have is at work.
The sites I linked are white pages explaining what Windows Defender for Enterprise is. The entire reason I linked it was beceause it was obvious you have never heard of it. That's all the links were.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
There's two kinds of idiocy. One is to run Windows in their enterprise and second is to run their enterprise trusting on Defender. One tops the other. Microsoft can't even keep their cloud servers safe - the ones you trust for your 'protection': https://thehackernews.com/2020/01/microsoft-azure-vulnerabilities.html
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
Its your humble opinion vs the real world. Sorry. Linux in the enterprise is server side. Linux on the desktop in enterprise is a vapor dream right now.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Facts do not lie so it's not my opinion, sorry. Defender failed spectacularly on the same terms where others shined. Even the free Avast.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
I'm not defending Defender in the enterprise. I was replying to you thinking that Linux is the end all enterprise desktop solution.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
In which point did I mention Linux? Are there only two OSes on this planet? LOL! But you're right. I would definitely use Linux over Windows.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
Quit moving your goal posts.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Quit being a zealot and face the facts. A trillion flies liking manure does not make it tasty.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
Oh? What kind of zealot am I? I have Pop OS on my main computer. I run primarily on Oracle Linux, CentOS and Suse Enterprise at work. I have a Windows 10 VM that I run since we have Office 365 for our email system. I am a DBA an in Oracle 12c and 18c that doesn't touch anything Microsoft. Our ERP is linux based. My laptop is a 2016 Macbook Pro.
I just don't live in a bubble. I realize that just because I don't use something, doesn't mean that everyone else is stupid for using it. I don't try and make people feel stupid for not using what I use either, you can call me a Zealot all you want. We're done. I've made my point.
At the end of the day, AV is something we'd all rather not use as it's a resource sucking, complicating PITA.
I find the more effective an AV product is at catching infections before they reach the underlying OS, the more the AV sucks down system resources, suffers from third party firewall issues and results in issues like installer failures considering legitimate software. Furthermore, what's with the search engine hijacking?
Many AV products actually result in symptoms identical to the malware they're designed to prevent. Including pop up advertising as the vendor keeps trying up sell more products to the consumer.
It's for this reason I find Windows Defender to be a good compromise between detection and performance/sanity, and it appears to be improving all the time. At the end of the day, nothing's going to hold back the ocean of infection smashing the Windows platform.
I find the more effective an AV product is at catching infections before they reach the underlying OS, the more the AV sucks down system resources, suffers from third party firewall issues and results in issues like installer failures considering legitimate software. Furthermore, what's with the search engine hijacking?
Many AV products actually result in symptoms identical to the malware they're designed to prevent. Including pop up advertising as the vendor keeps trying up sell more products to the consumer.
It's for this reason I find Windows Defender to be a good compromise between detection and performance/sanity, and it appears to be improving all the time. At the end of the day, nothing's going to hold back the ocean of infection smashing the Windows platform.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
This is very true. I think Windows Defender does a great job for the average person who couldn't care less about an anti-virus or anti-malware program. It runs in the background and they don't have to mess with it. For the most part it does a well enough job but if someone is going to get infected, they are going to get infected. If you are smart about it, you should be looking at how to recover from it instead of how to prevent it. Even my Mac and Linux machines have excellent backups. If I lost a hard drive completely, I could be back up and running in the time it would take me to physically install a new one, installing my OS, and recovering the files. Maybe an hour all together.. maybe.
If my Mac or Linux machines went down, I'd be straight back up and running as I left off within the hour. Time Machine is literally one of the best things Apple have ever made.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
I have a good portion of my NAS set up for time machine. Linux is stupid easy since I just back up my home directory. I have my steam library on a second mounted drive but thats just a matter of reinstalling steam and the games, which is automated. Windows isn't that bad either but thats just because I have installed windows thousands of times. I know what I need to back up and what I need to do post installation. For sure Linux and OSX are much more intuitive and simple though. I'm in the camp that says the best AV is just knowing that you will get infected some day, there's nothing you can do to prevent it, but you can 100% be prepared for when it happens.
pendragon1
Extremely [H]
- Joined
- Oct 7, 2000
- Messages
- 52,029
the file would have been caught if he hadnt turned off defender to copy the file in the first place. not rocket science.
as long as its used correctly and not sitting at "568 days since last backup"...
Well, yes. This is true.
However I usually find Time Machine is pretty good in this regard, one of it's strengths is that it's made for the absolute moron.
pendragon1
Extremely [H]
- Joined
- Oct 7, 2000
- Messages
- 52,029
lol yes but those morons still need to remember to connect the drive, at least in my scenario. it has saved a couple teachers from complete rebuilds though, which is nice.
D
Deleted member 214115
Guest
My point is that anyone exaggerates wildly if they do not recognized that it is equal if not even more since so MUCH runs on *nix. It is not better. Just the points of possible compromise are-that is it.
[DERP!]
[DERP!]
My point is that once anyone recognizes just how MUCH runs on *nix, and that security is a constant problem that is equal to, or even more due to the constant attacks and patches, may finally understand that there isn't a single piece of hardware and any software that is *secure*. To say that something is secure is nothing but a true hyperbole . It may seem like I am exaggerating, but security is not a simple paradigm. It can and may be a set of simple practices to some to seem secure. However, any user on any platform of hardware and software should be concerned because security is an issue no matter what. This statement is not being hyperbolic.
*nix is not better. *nix is not more secure. If anything it is the most used to hack and is the most hacked. The only thing different and possibly better is the points of possible compromise are a different vector, but any different device or different OS will have a different vector. Honestly, you want hyperbole.....as much as they say this is more secure you think that we wouldn't have these issues anymore on any piece of hardware and software by now.....but shit man they are always patching; and that is my point.
If that point is not understood then perhaps this will: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
You want closer to "security" than this is it. But we all want to enjoy games right?: https://level1techs.com/video/forget-x86-openpower-it-talos-ii-secure-workstation
*had a 4 pint virus, my bad. Better replies on coffee....sorry
Last edited by a moderator:
Am I the only one struggling to understand this post?
"A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams.
D
Deleted member 214115
Guest
You are correct.
(Fixed/edited)
My point is that once anyone recognizes just how MUCH runs on *nix, and that security is a constant problem that is equal to, or even more due to the constant attacks and patches, may finally understand that there isn't a single piece of hardware and any software that is *secure*. To say that something is secure is nothing but a true hyperbole . It may seem like I am exaggerating, but security is not a simple paradigm. It can and may be a set of simple practices to some to seem secure. However, any user on any platform of hardware and software should be concerned because security is an issue no matter what. This statement is not being hyperbolic.
*nix is not better. *nix is not more secure. If anything it is the most used to hack and is the most hacked. The only thing different and possibly better is the points of possible compromise are a different vector, but any different device or different OS will have a different vector. Honestly, you want hyperbole.....as much as they say this is more secure you think that we wouldn't have these issues anymore on any piece of hardware and software by now.....but shit man they are always patching; and that is my point.
If that point is not understood then perhaps this will: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
You want closer to "security" than this is it. But we all want to enjoy games right?: https://level1techs.com/video/forget-x86-openpower-it-talos-ii-secure-workstation
*had a 4 pint virus, my bad. Better replies on coffee....sorry
ManofGod
[H]F Junkie
- Joined
- Oct 4, 2007
- Messages
- 12,863
LOL! I have to disable my AV so I can infect my machine but, do not worry, I will enable it back once I have infected my machine? LOL! The guy is entirely without a clue if he thinks that is standard operating procedure.
AltTabbins
Fully [H]
- Joined
- Jul 29, 2005
- Messages
- 20,387
Here's an interesting read. I'd take it with a grain of salt though since Malwarebytes is trying to make more money from Mac users.
https://www.imore.com/malwarebytes-malware-threats-endpoint-mac-double-windows
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
I run F-secure total (VPN/AV) on my macs. Besides if you do it the right way (use Mac store) your chances of getting anything are very slim as everything is pre-screened.
You are correct.
(Fixed/edited)
My point is that once anyone recognizes just how MUCH runs on *nix, and that security is a constant problem that is equal to, or even more due to the constant attacks and patches, may finally understand that there isn't a single piece of hardware and any software that is *secure*. To say that something is secure is nothing but a true hyperbole . It may seem like I am exaggerating, but security is not a simple paradigm. It can and may be a set of simple practices to some to seem secure. However, any user on any platform of hardware and software should be concerned because security is an issue no matter what. This statement is not being hyperbolic.
*nix is not better. *nix is not more secure. If anything it is the most used to hack and is the most hacked. The only thing different and possibly better is the points of possible compromise are a different vector, but any different device or different OS will have a different vector. Honestly, you want hyperbole.....as much as they say this is more secure you think that we wouldn't have these issues anymore on any piece of hardware and software by now.....but shit man they are always patching; and that is my point.
If that point is not understood then perhaps this will: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
You want closer to "security" than this is it. But we all want to enjoy games right?: https://level1techs.com/video/forget-x86-openpower-it-talos-ii-secure-workstation
*had a 4 pint virus, my bad. Better replies on coffee....sorry
Ah, now I understand what you posted I disagree with it completely.
The simple act of installing software under Linux is more secure than the process of installing software under Windows, without taking into consideration the ever present issue of multiple and hidden file extensions under Windows that are the main cause of cryptolocker installation. Out of the box, Linux is inherently more secure than Windows and UAC is an ineffective privilege escalation tool.
No one ever claimed any OS is 100% secure.
Which means you could laugh off a ransomware attack. Good on you.
D
Deleted member 214115
Guest
Installing software, safer....lol
Installing software is not safer on any platform. You may never know if something has been installed, or be able to detect. Ever hear about Evil Gnome? (q.v. https://www.google.com/search?q=lin...rome..69i57.3234j0j7&sourceid=chrome&ie=UTF-8)
How about this old 2015 Sophos article (q.v. https://nakedsecurity.sophos.com/2015/07/28/malware-on-linux-when-penguins-attack/)
WHAT ABOUT MALWARE ON LINUX?
Here’s how the argument might go if you were to ask that question:
- Malware is impossible on Linux because Linux is secure by design, unlike Windows.
- Even if Linux malware were possible, users would have to agree to run it, so that wouldn’t count.
- Even if users agreed to run it, they wouldn’t be root, so that wouldn’t count.
- Even if they were root, who cares? There isn’t any malware for Linux, so there.
As a result: there is malware for Linux; it can do plenty of harm even if you aren’t root; and it may be able to infect without you realising.
Just like on Windows.
Ever go here and see the hardware, software CVE's?: https://www.us-cert.gov/ncas/bulletins (this is
Installing software, lol. Ever hear about Google leaving flash drives in parking lots?: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/45597.pdf
Like you said they do not guarantee 100%, they say its "more secure." Its ambiguous sales bullshit because they cannot make anything secure. If you have not really got into cyber-security, and have learned just how deep of the hole it is, I highly suggest it. And what you will truly find is that it is between Hellen Keller and Benjamin Franklin quotes, and Masada (https://en.wikipedia.org/wiki/Masada).
Hellen Keller: "Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure, or nothing." (having a computer and TX/RX bits)
Benjamin Franklin: "Three can keep a secret, if two of them are dead." (espionage (https://www.businessinsider.com/cia...company-crypto-ag-spy-countries-report-2020-2), viruses, crypto, whatever)
Masada: Thinking you are secure
Installing software safer in Linux?! You not understanding the very issue....as Ken Thompson (the links previously) said: "To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software."
Installing some random .msi installer from some obscure corner of the internet with no software repository's and no secure keys is far from safe, and that's what you're doing under Windows.
Yes, no operating system is perfect, but some are closer to perfect than others and in this case Windows is stuck in 1995 and at the bottom of the heap in relation to security - And we still have the issue of double extension exploits.
I could go on and crush the rest of your argument, but this isn't a thread about Linux.
DeaconFrost
[H]F Junkie
- Joined
- Sep 6, 2007
- Messages
- 11,582
That's what happens when you tangle with someone who can only base opinions on Linux fanboy-ism, rather than attempting to provide useful, relevant information on the subject matter.