I've enabled Protected Folders but I can't copy/paste files inside the protected folder. I can if I temporarily disable Protected Folders. How is it done?
In my testing it just worked. The only time the protected folder did anything was when I tried to run an installer that was trying to place files in those folders. Recognized processes should be able to access them without issue. I would assume the copy/paste you were doing was with the built in File Explorer?
Well this is an invitation to the ransomware folks. All but a few Microsoft programs can access that folder how long will it be before the bad guys figure out it will easy to get into that folder. That isn't very good protection
Pete, so far I've had to allow.... outlook.exe imagew.exe imagew64.exe tbosdtw.exe ccleaner.exe everything.exe firefox.exe explorer.exe notepad.exe cmd.exe keepass.exe popman.exe
Depending on how critical data is I'd do very frequent back ups into the secure folder and just protect the backup program. I wouldn't allow access to any common windows utility.
I have Emsisoft AM installed but I can't find the Windows Controlled Access Folder feature Is this right? Thanks
I believe you need Windows Defender to be enabled. www.wilderssecurity.com/threads/windows-defender-is-becoming-the-powerful-antivirus-that-windows-10-needs.383448/page-45#post-2702605
Interesting. That's way more work than I had to do. Per the dialog in Windows Defender: "Most of your apps will be allowed by Controlled folder access without added them here. Apps determined by Microsoft as friendly are always allowed." That was pretty much my experience. Most things just worked. The only thing I had blocked was the software we develop and use here internally. I was surprised that it allowed as much as it did. I expect this to be a "more trouble than it is worth" solution until I see evidence otherwise because I think it will be too easy to circumvent.
futile feature - worth: nothing. windows uses blacklist administrated by defender - user can add whitelist entries. windows itself locks out several system apps - in fact this feature can be worse for (these) apps, settings and anything else. and in case of trojans or ransomware (this is the main reason for feature) it absolute fake security. forget it and use a decent backup strategy.
LOL wise choice. I've made a shift to Ubuntu and EXT4 file systems. Much more smooth experiences so far.
Sounds like it might be a reasonable "built-in" alternative to installing Macrium MIG or other anti-ransomware protection for backup files alone, but what's your opinion about its comparative effectiveness as a security measure?
Hi Arvy I use an Excubits driver pumpernickel to protect the other drives. It black black list the whole drive. Then Macrium is allowed to only access macrium files. Same with other programs. Heck if I want I can even black list the Macrium program files, and only allow Macrium access to then. It is solid protection provide by a kernel driver, and there is no service or gui program that can be comprised.
Installed Ubuntu in UEFI full disk mode, so it should be a GPT disk.. I customized the partition so that it only has EFI system partition and / partition. No Linux Swap as the RAM is larger than 8GB.
Not quite sure about others - I think even if people only has 4GB of RAM, it's still safe to eliminate Linux swap partition. Overall Linux is not as memory hungry as Windows. But the default full disk installation by Ubuntu installer still will create a Swap partition, which I think is not really necessary nowadays. Also, it'll do more harm than good for a Swap partition on SSD, which is another reason I did not use a Linux Swap partition.
I tried this for about 5 minutes. I also got a block from Firefox as well as Enpass. Can you allow the program from the prompt?
Thanks Brian. That's not very user friendly so I think I'll pass. Why couldn't MS give you a way to allow from within the prompt? Seems like a pretty big oversight to me.