Win8 Safeguarding series critiques wanted

This topic was created by Gordon Fecyk .

  1. Gordon Fecyk
    Childcatcher

    Win8 Safeguarding series critiques wanted

    I know... this is throwing myself at the wolves here. I figure along with the chewing up I'm about to get, some useful criticism will come up and I can improve on this series.

    Think what you want about Windows 8, but people are going to deal with it. So I tossed together a video series on safeguarding home desktop PCs running it, all about using what's included and nothing added. Please take a look, and consider offering some feedback I can use.

    1. Phil W

      Re: Win8 Safeguarding series critiques wanted

      Who's the target audience for this lot supposed to be?

      It feels like you're aiming it at totally novices, yet the advice spans from really basic things to quite advanced things in a very short space of times. You also reference a number of terms without explaining what they are.

      Pick your target audience and either explain the terms you're using and what the utilities you're using (like Group Policy) are and what they do better, or change the tone of the videos so it doesn't feel like you're talking to someone who's never installed Windows before.

      My next criticism is that your opening statement in the first video is false.

      Windows 8 (Pro or otherwise) on it's own with no extra security software is not better security than you can buy from any third party. Sure it's more secure out of the box than any previous edition of Windows, but there are many third party security tools that are better than what's included.

      "Windows Defender" in Windows 8 is not even as good as security essentials, as you say its "more like" MSE than the old Windows Defender and is certainly not a terrible product but if you look at the core components of it you'll see there are some missing compared to MSE on Windows 7.

      Hence why there are a number of guides on how to install MSE on Windows 8, despite it not being officially supported.

      Windows Firewall hasn't changed significantly in Windows 8 apart from some of the default rules, and is still the bizarre and sometimes ineffective bag of crap it used to be.

      If you have a firewall that detects a new program accessing the network asks if you want to allow it, while still giving the application network access before you've actually responded to the prompt, it is not doing it's job properly.

      There are any number of free firewall programs that are better and easily available.

      I also find it strange that you simply suggest installing Java with no warning. Java is becoming less prevalent on popular internet websites, but seems to have a new major security hole announced every week. Frankly I personally strongly suggest to the average user not to install it unless they actually have a need of it.

      Part 3 is titled "BIOS or UEFI", yet makes no real reference to UEFI. Perhaps briefly explain what it is and the differences between the two.

      If this series of videos is aimed at total novices is it wise to advise them to set a BIOS password? Sure it's a security measure but what if they forget the password? You make no mention of the implications of that, which can be quite serious on systems like Sony and Dell laptops where the BIOS password cannot be reset if forgotten.

      On a more positive note, the section on configuring Group Policy is not bad, and provides some useful advice that most users would not come across ordinarily. It even has some things I would not of thought of doing on a home PC, and I'm fairly familiar with using GP in a domain setting.

      The idea behind these videos is good, but they're a bit vague as to who they're aimed at and lack details and explanation in certain areas.

    2. Phil W
      Coat

      Re: Win8 Safeguarding series critiques wanted

      Also

      "I tossed together"

      huhhuhuh *snigger*

      1. Gordon Fecyk
        Thumb Up

        British sophomoric humour aside...

        ...I made some adjustments per recommendations right now, and will make further refinements.

        Bold statement, perhaps: "Better security than you can buy." After twenty years of after-the-fact garbage from the leading computer security firms, I believe it's correct, though. I take the approach of stopping the bad software before the fact and then it can't turn off the firewall or signature-based virus detection.

        1. Phil W

          Re: British sophomoric humour aside...

          For Windows 7, MSE is far better than any of the paid or free competition, and if it had been included untouched in Windows 8 your statement would of been much closer to the mark.

          But as for Windows firewall....Just look at your video segment where you launch oooVoo and get a Firewall prompt. If you had just put that prompt in the background and carrier on trying to sign in to oooVoo it would of let you. If you click cancel on the prompt, it also lets it carry on accessing the internet.

          The way a firewall should work, and most of the reputable third party ones do, is that the application gets no network access at all until you specifically click the button to allow it.

          Surely there's no way you can believe that that behavior in Windows Firewall makes it superior to third party alternatives?

          I would like to know the answer to my original question though. Who are you actually aiming these videos at?

          1. Gordon Fecyk
            Boffin

            Target audience

            My target was more the, "You can't secure Windows no matter what," crowd, to show it can be done, but up to the SRP stuff this is all noob-capable. I think. I ramble on in spots, so I might tear this all down, write some monologues and do it properly.

            About the firewall. Just like raw sockets, UPnP and outbound connections in general, my aim is to keep unwanted software at bay. If I can't keep unwanted software off, the firewall is the least of my worries.

            In that example I deliberately installed Oovoo with the intent of connecting to its network through the internet. Having a firewall ask me if I want to let this thing connect outbound when I know it's an internet instant messaging application is redundant, at least in my opinion. It was the inbound connection that caught me off guard.

            WFAS does let you change the default for outbound connections, so it's like the behaviour you're describing. Maybe I'll touch on that in an advanced video.

            WD on Windows 8 is just another after-the-fact virus product. I treat all such products as security blankets; make the user feel good. The before-the-fact stuff takes care of the real security.

            The running theme, again, is keeping unwanted software at bay. If I can do that, I don't need to worry about UPnP-capable apps, outbound connection-capable apps, or apps that use raw sockets. Because they will be apps that I chose to use.

            This is good feedback; thanks for all of this. If I could do the geek and the pint icons I'd have them both up.

            1. koolholio

              Re: Target audience

              You do need to bear in mind that a computer's network topology makes a difference... since if upnp is on, on the router, it may still be able to jump the NAT gap? And remote access technologies... such as RDP? or others? Java? Heuristics in AV engines? firewalls on both networking and devices (mobile ones too!), oh and also wifi security?

              Just throwing a few ideas about there?

              1. Gordon Fecyk
                Boffin

                Looks like I need to crack the message of keeping malicious software at bay

                A running theme I'm seeing in the feedback, is I need to make sure other defences (outbound firewall especially, but also turning off UPnP) are working in case malicious software somehow runs on a PC.

                My problem is I'm trying to prevent malicious software from running in the first place.

                At the risk of sounding like I'm from space, if I can stop unwanted software from running in the first place, I don't have to worry about unwanted software communicating outbound, or requesting open ports from UPnP routers, or using raw sockets, or taking over my display and trying to extort me for money, and so on.

                It sounds deceptively simple, and perhaps that's what's confusing the mainstream computer user.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020