Edit: typo
most windows programs haven’t run as root in over a decade.
a program only runs as “root” in one of three situations:
- The app manifest says it is a requirement.
- The executable does not have an app manifest and has the “Run as Administrator” compatibility flag (only applies to apps built for XP or older).
- The user manually invokes the program with super user permissions (right click and “Run as Administrator", or manually set the above compatibility flag).
There are still far too many system components which run with spooky elevated privileges. Don’t believe me? Try nuking permissions on Windows update or activation nagware, disconnect from the internet and see how long those changes persist. Sometimes it is a few reboots.
This is a fundamentally insecure security framework, which no amount of glue or sandboxing can fix.
how would you expect something like windows update to function without elevated privileges?
activation nagware
what?
What do you mean by “most Windows programs running as root?” I don’t think that’s accurate, unless you’ve disabled UAC.
OP still uses Windows XP.
Pretty most of the people i know who work in IT are all just using Defender now, i have even stopped paying for AV and just use defender out of the box. Unless you are doing something that exposes you to risk there really is no use to use anything other than defender. In saying that enterprise or businesses environment i would still say 100% have something other than defender in place.
i’m one of those people. haven’t used anything other than Windows Defender for over a decade at this point.
Meanwhile, giving myself root access to my own computer is a bitch. I need to just switch to Linux
- Omega_Haxors ( @Omega_Haxors@lemmy.ml ) 7•7 months ago
If you want to criticize windows for being shitty, you should have went with their certification system. You know that popup that shows up whenever you run an exe from an “unknown publisher”? Well viruses can (and do) get certification since all you have to do is send Macroshaft money, leaving you completely unprotected from actual threats. It’s security theatre only there for fundraising purposes. Completely useless.
And no this isn’t a case of “no oversight” there are cases where Windows Defender will let you run a program its own database knows is a virus. Even if they know your program is flat out malware, as long as you buy that certificate your program will forever be treated as legitimate.
Windows Defender bad?
It’s Not Bad, but against the malware that always is a step ahead it stands little of a chance as it can’t solve the “legacy” problems that keep windows from becoming more secure
Precisely because Windows has been the main target for hackers and malware, for being by far the most used OS, it has caused Windows today to be the best protected OS, with a Defender that is currently one of the best AVs on the market and a effective Sandbox system that prevents any changes without user intervention in the root system. Hopefully in terms of privacy it will be just as good, at least by default it is not like that.
I understand that antivirus software is necessary on Windows, but I’ll never understand the existence of Windows Defender. If Microsoft knows enough to prevent a virus that exploits something in windows, why are they putting their effort into an antivirus program, and not fixing ththe problem in Windows? If someone has a good explanation for this, I’d love to hear it.
Tell me you know nothing about software without telling me.
I know nothing about software. That’s… Why I asked.
because that isn’t really how these things work. It doesn’t matter how secure your operating system is, it can still get infected with malware if you let the user download and install arbitrary software. every modern desktop operating system that allows this has this hole.
features that pop up warnings when running code not signed by the OS vendor (like Windows SmartScreen or macOS Gatekeeper) help to an extent, but are not magic bullets since users can still override them.
at the end of the day, the best defense is to make sure you actually trust any software you download before running it.
Because… They are? Whenever there is a problem in Windows itself, they release an update to fix that ASAP.
Defender doesn’t just work against viruses that exploit weaknesses in Windows. It also works against viruses in programs the user installs. The purpose of Defender is the same as any other antivirus software, to detect known virus signatures in downloaded software, as well as attempt to detect programs that display virus-like behaviour. It also attempts to ensure that users only install software from sources they trust. For these purposes, Windows Defender is at least as good as most other antivirus software on the market.
I would also generally recommend using an antivirus program on a Linux/OSX machine, unless you really know the risk you’re accepting by not using one. Even then, I recommend occasionally running ClamAV or a Malwarebytes scan. There is a misconception of “there are no viruses for non-Windows platforms”, but the thing is that a lot of viruses these days are cross-platform compatible, and all it takes is one program or dependency becoming an infection vector. Keep yourselves safe, people!
The only caveat I’ll add is that because of the way package managers work in Linux, it’s much less likely someone will be running something from an untrusted source. It’s less true these days with snap and flatpak but those are at least sandboxed.
It’s not that common these days for Linux users to be downloading random binaries and running them.
That makes a lot of sense, thanks!