Video plugin issue with fullscreen
-
@Dashrender said in Video plugin issue with fullscreen:
Sadly, there are times that I feel that way to.. Leo is definitely nothing more than a hobbyist at best. Any pedestal that I used to have Steve Gibson on definitely doesn't exist anymore.. that said.. I do still learn a fair amount of knowledge, and like any place you gain knowledge from I have to temper what I hear from them with things I learn elsewhere.
That's my fear with the things that I hear that these guys say (I have to preface that because I have never heard either of them directly and only heard of them from people on here talking about them, so none of this is an opinion of what they have said, only what people have said that they have said) is that they act or sound like their technical and know what they are talking about and give horrendously reckless advice that would easily hinge on professional negligence if they worked in IT. The only thing that protects them is that they are just entertainers, but dangerous ones. Their audience, likely, thinks that they are experts and that's really horrible for end users.
-
I have listened to three show so far, and made a lot of changes because they seem really to knoiw what they are doing. I mean, they are on the Internet, how bad could it be?
(That was just for Jared to see if he was reading.)
Anyway, I have really listened to 3 shows, and I think they could help people who have NO clue about security. But like everything they need to be taken with a grain of salt.
-
@BRRABill said in Video plugin issue with fullscreen:
Anyway, I have really listened to 3 shows, and I think they could help people who have NO clue about security. But like everything they need to be taken with a grain of salt.
Does "running old systems and not running AV" sound like helping people? I think anyone at a level to where they would listen to a podcast of that nature is likely to a point where that would be pretty dangerous advice.
-
I give you the craziness about the running of old systems.. but as for the AV, I see their point and in general don't disagree.
As for backups, they do preach backups when the subject comes up. In fact Steve's daily + image/backup solution is pretty solid. There are times I disagree with some of the ideas they have/present, but that's no different than when I disagree with you.
-
@Dashrender said in Video plugin issue with fullscreen:
I give you the craziness about the running of old systems.. but as for the AV, I see their point and in general don't disagree.
But AV remains an important piece of protection on Windows systems today. Why do no corporations with security consultants and cost analysts follow this advice? Because it is reckless. Why is it only some consumer guys on a podcast saying it? Because it's kind of crazy and only in the consumer space can you get away with it.
I'm not saying that AV is as important as it was ten years ago, but in reality, isn't it? Nothing has made AV less important. There is a myth that because some threats aren't stopped by AV that AV isn't still needed. That's totally wrong. AV does a better job today and has stopped certain categories of risks - for those that continue to use AV. That doesn't mean that it is failing, that could equally mean that it is succeeding.
The idea that AV isn't important to day I think is just crazy. That it gives a false sense of security is also, crazy, IMHO. I don't believe that any of their tenants of that theory hold water. It's one mistake on top of another.
-
The idea of AV not being needed is predicated on someone knowing what they are doing. This is fundamentally flawed. End users absolutely do not know what they are doing.
Are you really telling me that end users are not running as admins? That they are really not running old OSes? That they really keep them patched? that they really don't just download and install things? That they don't just visit any website?
And even if you can convince me that end users are doing all of those things (which you cannot, even the people in question are not) AV is still regularly stopping threats.
-
I'm going to have to think about that for a while.
That said.. what AV are you recommending?
FYI, while Leo has (and agree with you) crazily told people that they don't need AV - Steve specifically avoids the question and does not give an answer.
-
@Dashrender said in Video plugin issue with fullscreen:
FYI, while Leo has (and agree with you) crazily told people that they don't need AV - Steve specifically avoids the question and does not give an answer.
My honest to goodness security advice is... do not listen to this podcast. I mean it. When you have reckless people like this, they are a lot like sales people - they are not your friends. Maybe they have an agenda, maybe they are just clueless, doesn't matter. They are attempting to give advice on things that they are not knowledgeable. Because of this, the format that they use, gives a sense of credibility even to things that should sound obviously insane. This is very dangerous because you are setting yourself up for an emotional response to take people who lack credibility as being credible. that means that you are increasing your likelihood of making bad decisions because you have bad input.
You can't avoid all bad input. Of course. But you can identify known bad input sources and choose not to make that your continuous input. These are people who time and time again we see saying crazy things and no one is checking up on them. That's not a good thing to be feeding yourself and "hoping you can filter something good out of it."
That's not how good data input works. You start with good sources and try to make them better. You don't start with random background noise and hope that the right filter turns it into something useful - that just doesn't work.
-
@Dashrender said in Video plugin issue with fullscreen:
That said.. what AV are you recommending?
We use Webroot, it's been good. I've heard good things about Cylance. Vipre was okay, but not so much any longer. It's so so. Avast is good for home as is that other one that starts with an A and I just can't think of the name. And really, even Microsoft's own is fine.
-
I think a big piece to understand is that security requires a lot of layers. Because of this, skipping any one layer often lets us be okay. Run as non-admin, have AV but skip firewall? You might be okay. Run as non-admin, have firewall but skip AV? Might might be okay.
The problems start to come when you have people who intentionally skip key protections they then don't have those protections to cover for other mistakes that they make. A layer or two is gone. That's bad enough on its own. But people who skip important layers are exactly the people who make lots of mistakes, too. Or don't even know the basics.
So we have a compounded problem. You take Leo, for example. First he skips AV because he doesn't understand it. Then he runs an ancient, unpatched OS because he doesn't understand software maturity. Then he starts running as admin all the time because he's unaware of security basics. Then he uses a short, but "complex" password that he can't remember so he writes it down which doesn't matter because it only takes two hours to crack anyway. Then he doesn't have a firewall because he decided to use a third party one tied to AV instead of the Windows one but then got rid of his AV and his firewall went with it. Next he downloads malware from a website because he needs to replace functionality missing from his old OS. Ooops... he's been rooted and his data is gone.
It's a slippery slope of bad decisions. People who start down the path are most likely to be the ones to continue down it. So you never advise that someone start down the path - because the only people who will listen to you are the ones that need the protection the most. If anyone was in a position to skip AV, they'd have known it and never needed the advice.
-
Well, before you think I'm totally crazy, I've been running Webroot since I learned about journaling feature.
-
I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.
Now, if he has said other things in the past, I do not know.
-
@BRRABill said in Video plugin issue with fullscreen:
I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.
Now, if he has said other things in the past, I do not know.
Leo is the one that specifically says that AV is more or less pointless.
-
@BRRABill said in Video plugin issue with fullscreen:
I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.
Now, if he has said other things in the past, I do not know.
Problem would be... is he saying it is okay to use because he thinks that it is a good product? Or is it okay to use because he thinks that AV is pointless and doesn't care if they work or not?
Basically, if you perceive something as snake oil, all you care about is that it isn't poison.
-
@Dashrender said in Video plugin issue with fullscreen:
Leo is the one that specifically says that AV is more or less pointless.
I'd ask this... does he feel that it was always pointless? If not, why not? If so, I think pretty much all of us have evidence that suggests that this is very much not true.
-
Funny that this gets mentioned now. I would point to an article on SW where someone asked if patching computers was still worthwhile for the same logic. He felt that "since there were two high profile breaches that could not have been prevented with patching" that it might no longer be worth doing.
Of course that was completely failed logic. It's similar to wondering if because brakes can't save you from every possible accident that you should not bother installing them on cars.
But the attitudes feel similar: someone perceives the threats that they concerned about being something different than what patching or AV helps primarily to protect against and then thinks that that protect isn't viable because of that perception.
-
If I let it run for a few seconds first, it works fine in full screen (using chrome) - if I attempt to go full screen straight away the same thing happens as you reported...
-
@scottalanmiller said in Video plugin issue with fullscreen:
@Dashrender said in Video plugin issue with fullscreen:
Leo is the one that specifically says that AV is more or less pointless.
I'd ask this... does he feel that it was always pointless? If not, why not? If so, I think pretty much all of us have evidence that suggests that this is very much not true.
Steve Gibson does advocate for people to run a local AV of some sort. Security Essentials had been testing to be at about the same level of protection as the other big security vendors ~2 years ago, which is why he says it's "good enough". Partially outdated at this point. He did recently move to Windows 7, but is backwards with his arguments for holding back.j
Leo named his network perfectly imo, twit. He is really just a news person, and we've been over what we think of American based news already this morning!
-
From my perspective, what little I have seen of Leo, he only styles himself a news person. Which makes it mostly innocent. But sadly, a news person relaying opinion stops being a news person.
-
@scottalanmiller said in Video plugin issue with fullscreen:
Funny that this gets mentioned now. I would point to an article on SW where someone asked if patching computers was still worthwhile for the same logic. He felt that "since there were two high profile breaches that could not have been prevented with patching" that it might no longer be worth doing.
Of course that was completely failed logic. It's similar to wondering if because brakes can't save you from every possible accident that you should not bother installing them on cars.
But the attitudes feel similar: someone perceives the threats that they concerned about being something different than what patching or AV helps primarily to protect against and then thinks that that protect isn't viable because of that perception.
I disagree. The patches thinks keeps most know, hopefully all known, bad things at bay. With AV, the rate of new infections, etc... unless you're running heuristic, the sig only based solutions are pretty pointless, as long as you have the rest of your defenses up and running.
I only am willing to pay for and run Webroot because of journaling. If not for this feature, I would, well not skip it since Windows Defender is free - so I'd just stick with Windows Defender.
Leo's point, assuming I remember correctly is that most AV still use primarily definition files and they are pretty useless considering how fast things continue to morph. I don't recall him specifically making a recommendation to use or not use, but he's stated that he himself doesn't use, but in the same breath he says he doesn't use Windows much any more, mostly using Linux or Mac stuff.