this post was submitted on 21 Jul 2024
32 points (94.4% liked)

Pulse of Truth

514 readers
260 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
krogoth@infosec.pub
32
Microsoft says it cannot wall off its OS due to a 2009 deal with the EC to give security software makers the same level of access to Windows that Microsoft gets (Wall Street Journal) (www.techmeme.com)
submitted 4 months ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
9 comments fedilink hide all child comments
 

Wall Street Journal: Microsoft says it cannot wall off its OS due to a 2009 deal with the EC to give security software makers the same level of access to Windows that Microsoft gets  —  Global outage on Windows machines caused by CrowdStrike highlights Microsoft's security challenges

you are viewing a single comment's thread
view the rest of the comments
[–] Redredme@lemmy.world 22 points 4 months ago

Which is bullshit. As a sysadmin i was battling with low level tcp/Ip filters and other shit since at least WinXP. And probably nt4sp3.

I've been saying that antimalware is worse or at least the same as the stuff it tries to protect against for decades. Invisible cpu cycles. Hidden disk io. Tcp filters. Maxing out your network connection trying to access every resource on your network. Assraping SNMP. Blocking network access when the license expires. (mcafee) criplling java code. (decompressing every jar known to man)

And most of this is still true. Is your pc slow or hanging without any visible reason? Chances are defender is doing some ultra secret very hush hush antimalware shit.

I always disabled everything on my own systems on my own private lan and did ferocious edge protection, log reporting and scanning everything from one node.

Then came ransomware. And the risk of running without on local nodes just became too big.

Anyway This has been an issue since forever. If anything it became less worse as of 09 because everybody got access to documentation so they finally learned what NOT to do.