That doesn't make what's happening ok.
Come on, dude. Now you are just arguing to argue.
NO WHERE did I (or anyone here) say it was ok. NO WHERE did I (or anyone else) say Defender was for everyone.
And yet, you are still bashing it because it is not perfect for everyone.
Probably because people were talking about Defender and they are by far the biggest elephant in the room, market wise. They also are one of the most common big offenders in this practice and largely pioneered using it at scale. But either way, my bad.
Huh? So now you blame Defender users for bringing up the fact they use Defender in a thread about security software?? Are you kidding me? "
Using it to scale?" Wow!
Implying I generally like it...Words in context matter.
Oh bull feathers! You do realize those of us reading this thread can read, right?
Claiming you have a "major beef" IN NO WAY implies you like it all. And you said you have a "few" major beefs. So stop the deception, okay?
"Context"? Okay then. Lets look at your context. In 3 pages of posts, did you say
anything good about Defender or Microsoft?
In your first post, you said you dumped it because of false positives. Anything good in that post? Nope
In your second post, in response to where
@Onasi correctly pointed out that people often mistake Defender tagging unsigned programs as false positives. Your reply? You claimed that was an "
extortion scheme". Total nonsense!!!! Misleading and wrong!!!!
Then you went on to say,
one of my few major beefs with Defender.
Did you say anything good in that post? Nope.
In your third post, did you say anything good about Defender? Nope.
In your forth post, did you say anything good about Defender? Nope. You accused Defender of "
shenanigans". Then attempted to defend your criticisms by saying "
people were talking about Defender".
So when someone says they use Defender, you feel it is your duty to bash it? Repeatedly? You also accused them of a "bad practice" for tagging unsigned code when in fact, it is a good and safe practice.
And BTW, Microsoft requires signed code for apps on the Microsoft Store. But when you post your unsigned code on your site, or Github or what ever, Microsoft does not require it be signed, nor is it demanding you pay them one cent. So not sure who you are accusing of extortion. It is not MS.
But, if as you now say it is the entire AV community, that would be one HUGE and totally illegal conspiracy. Do we need to invest in
Tin futures again?
So please, R-T-B. Stop denying (to us and maybe yourself too) you don't have a biased aversion specifically against Defender. Your posts make it clear. That said, I appreciate you
eventually admitting "it" (tagging unsigned code) is an AV industry-wide issue and not just Defender. I appreciate you admitting, "either way, my bad".
***
Look! I get it! I really do. You know you are not developing malicious code.
I totally believe you are NOT developing malicious code. But sadly, there are many bad guys out there (some highly organized, some also "state" sponsored) who ARE developing malicious code.
How is the AV industry, including MS, supposed to know your code is safe? Just because you say so? No!!
Microsoft would MUCH RATHER get blamed for making things a little inconvenient for a few than get blamed (again!) for an unsafe security environment that was not of their doing. And I applaud them for that.
Please note the 2nd line in my signature.
I mean come on, folks! If this code signing was not a requirement, malicious code would be a much greater problem than it is. Mass infections would be possible, if not probable. And who would the MS haters immediately blame for not blocking that code? Microsoft, of course.
***
Now can we get back on topic instead of this relentless Defender bashing?
In an attempt to get back on topic,
while praising the MS defender as something that should be used by default, and as a minimum.
It is not about "praising" Defender. Once again, as far as I see NO ONE said Defender is perfect or that Defender, specifically, "should" be used.
What was said, and what I want to make clear from my point of view now is that "
a" security solution should be used. It does NOT have to be Defender. Just about any of the major security apps available today, along with keeping Windows and the security app current, and the avoidance of being "click-happy" on unsolicited links is more than adequate for keeping the vast majority of users safe and secure.
Defender is simply suggested often because (1) its already in there and (2) its very effective.
If someone does not want to use Defender, Microsoft has made it simple to use an alternative. In fact, Defender will automatically step out of the way when the alternative solution "registers" itself in Windows Security Center during installation. No action required by the user.
What some here don't seem to understand (or, sadly refuse to accept) is it is NOT just about their own computers getting infected. Not all malware is designed to corrupt the compromised computer - at least not immediately. Instead, some is designed to hide, very discretely and effectively, to later be used (perhaps months later) before deploying its payload and then used to send spam, or replicate and distribute itself to other computers, or to participate in a DDoS attack somewhere, or some other malicious deeds.
This includes unsupported versions of Windows computers and Linux computers which CAN be infected too. Then these computers may then be used to infect other computers - all without the user even being aware they've been infected!
We all need to use security software to help protect ALL users, not just our own systems.
And to that,
how would one know they are not infected if they don't use security software? That's the silly part. Is it because they are too clever to get infected? Or because they use Linux so they can't be infected?
Moose Muffins! (Sorry Lex, but its such a good expression!)
.
