|
|
|
|
|
|
by musjleman
404 days ago
|
|
|
> Let’s cut the bullshit, Defender is basically unchanged as a concept since Windows Vista or maybe even Windows XP. It runs completely fine on 15 year old hardware. Exactly. It's the same legacy scan every fucking thing you open AV architecture. Back in the day of spinning disks it probably wouldn't have been too noticeable for the AV to marshal scanning to its usermode service and the filesystem to pull the data from cache for the original request afterwards. However now that we have 10GB/s+ capable SSDs the factor of slowdown is exponentially larger. I can run ripgrep on a massive directory, make myself a cup of tea and return to it still searching for matches versus being done in < 10 seconds with defender disabled. |
|
|
For 98% of systems, there is probably no reason to scan every file on opening it. If people have enabled that setting, or left that default on, then that's their problem; it's not Windows Defender's fault.
My current AV dashboards are screaming at me that I'm only 35% protected. That's because I've exercised a lot of prudence in enabling paranoid settings, based on my rather limited and simplistic threat modeling. Installing AV software comes with the understanding that it can steal resources, but they nearly always have plenty of settings that can be disabled and win back your system responsiveness.
I am beginning to believe that commenters giving bingo-card winnings are not the brightest bulbs in the Windows MCSE pool, honestly. I can relate: Linux and Unix admin in general is far more intuitive and comfortable for me, so I have generally stayed on that side of things, but knowing how to properly set up Windows is an indispensable life skill for anyone.