• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

"Attestation" A new feature coming to Windows Defender in Windows 10

Status
Not open for further replies.
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Tech Republic - Upcoming Windows Defender feature will tell you when security fails
An upcoming feature of Windows Defender, called runtime attestation, will be able to detect the most minute signs of security compromise, all the way down to the kernel level.

Runtime attestation is designed to improve antivirus software detection, detect changes caused by rootkits, kernel tampering, and other exploits, ensure security of sensitive transactions, and ensure conditional access systems are secure.

The end goal of runtime attestation is to create a security system that can detect the most minute of symptoms, Microsoft said. "The idea is to continually elevate defense across the entire Windows 10 security stack, thereby pushing attackers into a corner where system changes affecting security posture are detectable."

This seems very promising. Microsoft is in the unique position to know what Windows should look like, even before Windows Update pushes out new changes. As long as MS can properly sync WD with WU changes AND this new features does not make any "noticeable" hit on system performance/resources, all without any false positives, this should be a big step forward for consumer security, and a blow to the bad guys - always a good thing.

Of course, there will likely be some hiccups the Windows/Microsoft/Windows Defender bashers will surely pounce on - regardless how extensive the Beta process is. But hopefully open and unbiased minds will prevail. After all, the goal is to stop the bad guys and if this gets us closer to that, that's a very good thing.

For more detailed information, see Introducing Windows Defender System Guard runtime attestation)
 
Joined
Sep 17, 2014
Messages
20,692 (5.96/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
Agreed on all points Bill. Promising indeed
 
Joined
Aug 3, 2016
Messages
151 (0.05/day)
System Name Ryzen 3 Build
Processor Ryzen 5 5600x
Motherboard Gigabyte Aorus Elite b550
Memory GSkill Ripjaws V (2x16GB)
Video Card(s) MSI GeForce RTX 3080 Trio 10GB
Storage SSD (250GB) + SSD (500GB) + HDD (1TB)
Case Phanteks Enthoo Pro PH-ES614P
Power Supply EVGA SuperNova 750W 80+ Gold
Software Windows 10 64Bit

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,105 (1.31/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
Will be interesting to see how it works and if its affected by people who have gone thru the available Privacy Settings and the various telematary settings or will it reset everything ????
 
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
I disagree. The My goal is to remain secure while still retaining your basic rights to privacy and information.
Except this isn't about your goal. Please don't degrade this information thread into yet another biased campaign against Microsoft or Windows. Nothing in the information provided said anything about privacy or telemetry settings.

It is pointless to start raising criticisms before this new feature is even seen. Please read the "for more information" link I included above and note the first two sentences.
At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware.

Being aware suggests users will be notified, not that their personal modifications will be undone without permission or warnings. I say wait and see if Microsoft meets those objectives. If they fail, feel free to start your own thread where you can criticize all you want - with valid evidence to justify those criticisms.
 
Joined
Aug 3, 2016
Messages
151 (0.05/day)
System Name Ryzen 3 Build
Processor Ryzen 5 5600x
Motherboard Gigabyte Aorus Elite b550
Memory GSkill Ripjaws V (2x16GB)
Video Card(s) MSI GeForce RTX 3080 Trio 10GB
Storage SSD (250GB) + SSD (500GB) + HDD (1TB)
Case Phanteks Enthoo Pro PH-ES614P
Power Supply EVGA SuperNova 750W 80+ Gold
Software Windows 10 64Bit
I say wait and see if Microsoft meets those objectives.

This I can agree with. I use Microsoft products every day. That doesn't mean I won't criticize them where they can improve.
 
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
That doesn't mean I won't criticize them where they can improve.
Nor should you. And I will support your right to do so and will even stand right there with you.

But again, it makes no sense to pre-judge and criticize something for something that is not even happening!

So let's wait and see what happens. It might surprise you and do exactly what the stated goal is.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
40,435 (6.62/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Nor should you. And I will support your right to do so and will even stand right there with you.

But again, it makes no sense to pre-judge and criticize something for something that is not even happening!

So let's wait and see what happens. It might surprise you and do exactly what the stated goal is.

How is it pronounced even?
 
Joined
Mar 18, 2015
Messages
2,960 (0.90/day)
Location
Long Island
I don't see the advantage to getting a "Hey, you're screwed" message. Would rather they focus on preventing the changes from ocurring.
 

rtwjunkie

PC Gaming Enthusiast
Supporter
Joined
Jul 25, 2008
Messages
13,909 (2.43/day)
Location
Louisiana -Laissez les bons temps rouler!
System Name Bayou Phantom
Processor Core i7-8700k 4.4Ghz @ 1.18v
Motherboard ASRock Z390 Phantom Gaming 6
Cooling All air: 2x140mm Fractal exhaust; 3x 140mm Cougar Intake; Enermax T40F Black CPU cooler
Memory 2x 16GB Mushkin Redline DDR-4 3200
Video Card(s) EVGA RTX 2080 Ti Xc
Storage 1x 500 MX500 SSD; 2x 6TB WD Black; 1x 4TB WD Black; 1x400GB VelRptr; 1x 4TB WD Blue storage (eSATA)
Display(s) HP 27q 27" IPS @ 2560 x 1440
Case Fractal Design Define R4 Black w/Titanium front -windowed
Audio Device(s) Soundblaster Z
Power Supply Seasonic X-850
Mouse Coolermaster Sentinel III (large palm grip!)
Keyboard Logitech G610 Orion mechanical (Cherry Brown switches)
Software Windows 10 Pro 64-bit (Start10 & Fences 3.0 installed)
Joined
Aug 20, 2007
Messages
20,674 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
I don't see the advantage to getting a "Hey, you're screwed" message. Would rather they focus on preventing the changes from ocurring.

The advantage varies depending on whether the recipient is a "do-it-yourselfer" or not.

If one is, one reinstalls.

If one is not, one calls tech support.

Either way, the advantage is there.
 
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
I don't see the advantage to getting a "Hey, you're screwed" message. Would rather they focus on preventing the changes from ocurring.
That is not how those articles say it will work.

For one, it is not going into full detail for obvious reasons - you don't give the bad guys the blueprints to the bank and its security system.

The way I read this is that this additional feature will inspect and "attest" to the integrity of the OS and alert you to possible changes that might screw you.

Again, let's not assume when there are no facts to base the assumptions on, then criticize based on that assumption. Let's wait and see.

A (hard A) test ation (like station): A tes tation
I see it (or hear it in my head as) "A tess STAtion".

But according to this, it is "AT us STAtion"
 

rtwjunkie

PC Gaming Enthusiast
Supporter
Joined
Jul 25, 2008
Messages
13,909 (2.43/day)
Location
Louisiana -Laissez les bons temps rouler!
System Name Bayou Phantom
Processor Core i7-8700k 4.4Ghz @ 1.18v
Motherboard ASRock Z390 Phantom Gaming 6
Cooling All air: 2x140mm Fractal exhaust; 3x 140mm Cougar Intake; Enermax T40F Black CPU cooler
Memory 2x 16GB Mushkin Redline DDR-4 3200
Video Card(s) EVGA RTX 2080 Ti Xc
Storage 1x 500 MX500 SSD; 2x 6TB WD Black; 1x 4TB WD Black; 1x400GB VelRptr; 1x 4TB WD Blue storage (eSATA)
Display(s) HP 27q 27" IPS @ 2560 x 1440
Case Fractal Design Define R4 Black w/Titanium front -windowed
Audio Device(s) Soundblaster Z
Power Supply Seasonic X-850
Mouse Coolermaster Sentinel III (large palm grip!)
Keyboard Logitech G610 Orion mechanical (Cherry Brown switches)
Software Windows 10 Pro 64-bit (Start10 & Fences 3.0 installed)
I see it (or hear it in my head as) "A tess STAtion".
I tried to convey the short A by saying "hard A". It’s a common word in my workplace, but strange to those not familiar. Thanks!
 
Joined
Oct 2, 2004
Messages
13,791 (1.94/day)
If only Microsoft bothered to make scanning less ridiculously slow and also stop doing the damn quick scan daily. The thing has real time scanner, there is literally no point in doing an on-demand scan daily because of that.
 
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
If only Microsoft bothered to make scanning less ridiculously slow and also stop doing the damn quick scan daily. The thing has real time scanner, there is literally no point in doing an on-demand scan daily because of that.
:( If you wish to make clearly biased, opportunistic bashes at Microsoft, Windows Defender, and WD's on-demand scanning times which have absolutely nothing to do with the new "System Guard Runtime Attestation" feature, please start your own thread for your rants.

Thanks.
 
Joined
Oct 2, 2004
Messages
13,791 (1.94/day)
And the point flew right over your head. To clarify, they can add space rockets and lasers to Windows Defender, if they can't make the very ESSENCE or CORE of it at least half functional (real time scanning part), it doesn't matter. At all. It's like smearing glitter on a turd. It's still a turd, it's just shinier. And they keep on adding features that are perpetually either non effective or just plain broken. Like the Anti-Ransomware feature which was suppose to use whitelisting, but keeps blocking everything left and right, even signed stuff and stuff that is for sure known by Microsoft to be verified.

I don't get it why can't they make file scanning faster as top priority. And then fix the Anti-Ransomware. And then maybe consider adding this feature you're talking about when foundations they've already set and used for ages actually work... It's a great security package ruined by dumb design. Coz I'd use it on my systems if it worked.
 
Joined
Jul 25, 2006
Messages
11,955 (1.85/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
And the point flew right over your head.
No, your point was clear. You are complaining about a feature that is not even here yet. You are bashing Microsoft for features you don't like that have nothing to do with this feature.

Mods - please close this thread.
 
Status
Not open for further replies.
Top