Basic settings for power users

derdenis

Hello,

I had already reported that deactivating F-Secure activates Windows/Microsoft Defender and received an answer (thank you for that). I can't really understand the argument that deactivating F-Secure activates Windows/Microsoft Defender as basic protection. One reason for choosing F-Secure is that as a customer I get significant added value in terms of basic protection and don't have to have my data processed in the American cloud with Microsoft's basic protection. Of course, the exceptions included in F-Secure are not available in Windows' basic protection, which means that data may be blocked or deleted unintentionally. Therefore the following request for future releases of F-Secure:

1. In the settings menu, give the “Power Users” the optional possibility that F-Secure always remains activated (even if you deactivate it manually or the license expires) and thus prevent the basic protection of WIndows from being activated (of course also when updating the program). In Windows version 1809, it was still possible to deactivate the basic protection of Windows completely and permanently, which is no longer possible since then.
2. I do not want to use the browser extensions. In the past, I had a warning message in the browser when blocking websites with F-Secure, where I could also skip the warning message. Now only the website is blocked, i.e. nothing is loaded and no information message appears in F-Secure, so I cannot understand this blocking in the user interface. When using the extension, everything works without problems, but there should also be a global solution that works without extensions.
3. More focus should be placed on ransomware protection, there are also customers who have several hard disks installed in their system and do not know that only the base folders under “C:\Users” are protected.
4. The settings menu is kept very clear (which I think is good), perhaps there will also be the option to export/import the settings made in the future.

Ukko

Hello,

Sorry for the discussion. I am also only an F-Secure user. And these are not expert thoughts, just my own ones.

In the settings menu, give the “Power Users” the optional possibility that F-Secure always remains activated (even if you deactivate it manually or the license expires) and thus prevent the basic protection of WIndows from being activated (of course also when updating the program). In Windows version 1809, it was still possible to deactivate the basic protection of Windows completely and permanently, which is no longer possible since then.

I think the main point of enabling (back to using) Windows Security's Microsoft Defender after disabling (deactivating) the F-Secure solution is to ensure that users continue to have at least some protection. Which would be fine for most people. Including since they have already chosen "Windows" as their operating system (and trust F-Secure not to leave their system unprotected while their subscription is active). And in particular, it would partially save us from deliberate exploitation of such a situation by the creators of malware. They would no longer have to think about bypassing the "two", but only about one solution. And it can be very "dangerous" to leave such an opportunity as to give the appearance of "the system is protected by some kind of security solution, when in fact it is not". Even if only to the 'power users'.

This will also likely make it very difficult to understand when an F-Secure solution is not functioning as expected. Or it will significantly complicate the internal logic (tell the "users" one thing, tell the "system" another, in fact - something else).

But my position is more that I think power users should still have some way to disable (or not use) Microsoft Defender. Or, at a minimum, do not use the most creepy (for him) functionality. Is it really no longer possible to disable / not use Windows Security's Microsoft Defender "manually"? Or will disabling F-Secure just restore it? Or is the main point "completely and permanently"?

For example, this article tells that you can disable real-time protection; and there are even some exclusions lists. KB: Turn off Defender antivirus protection in Windows Security - Microsoft Support

And in particular, the web is full of discussions and instructions on how to disable Microsoft Defender relatively "permanently". Including discussions even on Microsoft's resources itself (community, Q&A boards and so on). For up-to-date use.

And there are also a lot of initiatives (tools for any no defender ideas) from third-party that simplify this whole process. But whether to trust such decisions and implementations is not entirely clear. But this is exactly where the "power user" should and can show and use their power and knowledge. Somehow giving the F-Secure solution the opportunity to "fool" the system would not be entirely correct. Since a random user could potentially unknowingly use such functionality (option). While "manual" methods are the power user’s own choice for his own benefit. Regardless of whether it is justified or not.

During some temporary outages (?) like updating - I think Windows Security's Microsoft Defender does not become involved. Because I think the update process of F-Secure solutions use a layered approach and the protection is not turned off all at once.

Also I don't think such an option (or trick) could be properly interpreted by the OS vendor and they would question F-Secure.

I do not want to use the browser extensions. In the past, I had a warning message in the browser when blocking websites with F-Secure, where I could also skip the warning message. Now only the website is blocked, i.e. nothing is loaded and no information message appears in F-Secure, so I cannot understand this blocking in the user interface. When using the extension, everything works without problems, but there should also be a global solution that works without extensions.

Do you have any ideas about what this solution should be? I think that using a browser extension is a good way out of F-Secure to preserve user privacy and the reliability of HTTPS connections as such.

However, I also thought about this, that in cases where F-Secure does not show blockpage and blocked resource when visiting in the browser (HTTPS and without the help of extension for the blockpage displaying), then it would still be a good idea to add this event to the event list. This could probably slightly spam the list with a fair amount of blockings in the background. But also in such situations - probably - the user has not formally even entered, connected-to or visited the web page. That is, there was no event as such. Maybe this is the reason for the current design.

As a workaround you can understand this blocking via using Event Viewer (Windows journal). In some F-Secure solutions, an additional log is kept, including a description of blocking events (not only those sent to the interface). Just to check if the connection was rejected/blocked (since the browser will most likely have a GENERIC SSL or HTTP 403 error) due to F-Secure. Maybe only I have this in the beta installation (and with additional options enabled in the settings).

More focus should be placed on ransomware protection, there are also customers who have several hard disks installed in their system and do not know that only the base folders under “C:\Users” are protected.

how do you mean? Something like adding some additional pop-up somewhere or instructions saying that you can add almost any folders and drives/disks to the list of protected folders?

or automatically (by default) to protect/cover all existed drives/disks in the user system? But what if user do not want all of their hard disks to be covered by default (for example, one of drives is 'too sensitive' for extra looking at it by anyone)?

also adding the entire system will cause an additional performance difficulties when using system, these directories, chosen folders.

that's why user is free to chose which folders to protect (and where he stored data for extra protection).

Thanks!