How Microsoft Should Improve Windows 10 Security (Op Ed)

[daglesj]

As to the "It's encrypted, we cannot access it!".... bullplop! Numerous companies I know of have solutions where they can take the platters out of one drive, put them in the exact same chassis, and transfer the data... EVEN WHEN ENCRYPTED!
No reason to bring up that lie here.

Nope. You are another person who doesn't deal with 'normal people' and their IT aren't you?

Going clean room with platter removal etc. to recover data costs a fortune (around $600 minimum) and that's just for standard data, not encrypted. Add encryption into the mix and we are talking $1000+. HDDs are not as reliable as they used to be. I get a lot of data recovery requests and guess what the maximum people are actually willing to pay 8 times out of 10? $150! No way you'll get clean room and decryption for that.

So...getting back to the real world. No I stand by my assertion that 'normal folks' should stay well away from full disk encryption unless they know the risks and take precautions.

Trust me, 'normal people' don't. They have more important things to do than backups and not drop their laptops.

Full disk encryption would be carnage. But you go ahead and encrypt all your friends and families, they'll really thank you in due time.

 

[daglesj]

Oh yes and another encryption doozy you'll get with 'normal people' is the following -

"Hello I'd like you to (insert PC related job there) but I have to tell you my laptop is encrypted."

You say that's okay and ask them for the decryption key/CD etc. so the data or laptop can be modified.

"Oh what's that?

Yep they never made a note of the key, or the recovery file/CD. Just thought it would be cool/sensible to encrypt it. Ignored all the instructions...as they do.

Hilarious. Some folks still haven't learnt how to lock their own home or car. Don't ask them to do it with their laptop.

 

[Pherule]

Online Armor is still the best defense you can add to a computer IMO. It's like the UAC, except it controls everything, and it remembers your responses. After using it for about 1 week, it almost never bugs you.

It is only a firewall though, so it does not protect against local attacks; nor virus/spyware detection/removal.

It's not a firewall, it's a HIPS defense, and yes, it does defend against those things. The only thing it doesn't do of the above-mentioned things is malware removal. It's not an antivirus, it's meant to be used in conjunction with your antivirus.

Situation 1: You don't have Online Armor installed.
worm.exe bypasses your browser defenses
worm.exe is missed by your antivirus' heuristics
You are now infected.

Situation 2: You do have Online Armor installed.
worm.exe bypasses your browser defenses
worm.exe is missed by your antivirus' heuristics
worm.exe asks for permission to run. You block worm.exe
Your computer remains clean.

 

[Someone Somewhere]

...That sounds like you described UAC.

 

[Vlad Rose]

It sounds a lot like ThreatFire actually (was free), which I found to be unneeded (at least for my habits) and slowed my machine to a crawl.

Btw, I referred to it as a firewall because they call it Online Armor Personal Firewall:

http://en.wikipedia.org/wiki/Online_Armor_Personal_Firewall

and added in a couple extra features in their 'premium' version.

The best defense against infections is still good browsing habits. If I HAVE to go to a questionable website, I use a virtual machine running linux. I am running Bit Defender free edition, the built in Windows Firewall, Malwarebytes Antimalware and sophos Anti-rootkit for good measure. The best thing is they don't run 24/7 and are free; meaning performance doesn't get crippled.

 

[Pherule]

No, Online Armor is hardly like UAC at all. UAC to my knowledge doesn't remember a decision, so if you want to run command prompt as admin, it will ask permission every single time. Online Armor doesn't just block something from running, it blocks things from accessing other files, accessing the internet, accessing explorer.exe, etc. and most importantly, it allows you to make it remember your decision, so it doesn't keep asking stupid questions like UAC does. It's far more powerful than UAC. Another plus is that all this power comes with the free version. You don't need to buy it. Moreover it does not slow down your machine, I noticed no difference at all (both on Windows XP and Windows 8) Online Armor is far more powerful than Windows Firewall.

Yes it works somewhat like a firewall, but it is first and foremost a HIPS, and should always be referred to as such if you are classifying it.

The best defense is twofold:
-Multilayered defense (browser defense, antivirus, HIPS, and if you need, a virtual machine in certain instances)
-Non-standard defense (self-explanatory; use a mix of defenses that most other people don't use (at least not together), malware and attackers target the popular software. Go for something uncommon)