ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Video plugin issue with fullscreen

    Platform and Category Issues
    video plugins nodebb
    8
    60
    17.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottalanmiller
      last edited by

      The idea of AV not being needed is predicated on someone knowing what they are doing. This is fundamentally flawed. End users absolutely do not know what they are doing.

      Are you really telling me that end users are not running as admins? That they are really not running old OSes? That they really keep them patched? that they really don't just download and install things? That they don't just visit any website?

      And even if you can convince me that end users are doing all of those things (which you cannot, even the people in question are not) AV is still regularly stopping threats.

      1 Reply Last reply Reply Quote 0
      • D
        Dashrender
        last edited by

        I'm going to have to think about that for a while.

        That said.. what AV are you recommending?

        FYI, while Leo has (and agree with you) crazily told people that they don't need AV - Steve specifically avoids the question and does not give an answer.

        S 2 Replies Last reply Reply Quote 1
        • S
          scottalanmiller @Dashrender
          last edited by

          @Dashrender said in Video plugin issue with fullscreen:

          FYI, while Leo has (and agree with you) crazily told people that they don't need AV - Steve specifically avoids the question and does not give an answer.

          My honest to goodness security advice is... do not listen to this podcast. I mean it. When you have reckless people like this, they are a lot like sales people - they are not your friends. Maybe they have an agenda, maybe they are just clueless, doesn't matter. They are attempting to give advice on things that they are not knowledgeable. Because of this, the format that they use, gives a sense of credibility even to things that should sound obviously insane. This is very dangerous because you are setting yourself up for an emotional response to take people who lack credibility as being credible. that means that you are increasing your likelihood of making bad decisions because you have bad input.

          You can't avoid all bad input. Of course. But you can identify known bad input sources and choose not to make that your continuous input. These are people who time and time again we see saying crazy things and no one is checking up on them. That's not a good thing to be feeding yourself and "hoping you can filter something good out of it."

          That's not how good data input works. You start with good sources and try to make them better. You don't start with random background noise and hope that the right filter turns it into something useful - that just doesn't work.

          1 Reply Last reply Reply Quote 0
          • S
            scottalanmiller @Dashrender
            last edited by

            @Dashrender said in Video plugin issue with fullscreen:

            That said.. what AV are you recommending?

            We use Webroot, it's been good. I've heard good things about Cylance. Vipre was okay, but not so much any longer. It's so so. Avast is good for home as is that other one that starts with an A and I just can't think of the name. And really, even Microsoft's own is fine.

            1 Reply Last reply Reply Quote 0
            • S
              scottalanmiller
              last edited by

              I think a big piece to understand is that security requires a lot of layers. Because of this, skipping any one layer often lets us be okay. Run as non-admin, have AV but skip firewall? You might be okay. Run as non-admin, have firewall but skip AV? Might might be okay.

              The problems start to come when you have people who intentionally skip key protections they then don't have those protections to cover for other mistakes that they make. A layer or two is gone. That's bad enough on its own. But people who skip important layers are exactly the people who make lots of mistakes, too. Or don't even know the basics.

              So we have a compounded problem. You take Leo, for example. First he skips AV because he doesn't understand it. Then he runs an ancient, unpatched OS because he doesn't understand software maturity. Then he starts running as admin all the time because he's unaware of security basics. Then he uses a short, but "complex" password that he can't remember so he writes it down which doesn't matter because it only takes two hours to crack anyway. Then he doesn't have a firewall because he decided to use a third party one tied to AV instead of the Windows one but then got rid of his AV and his firewall went with it. Next he downloads malware from a website because he needs to replace functionality missing from his old OS. Ooops... he's been rooted and his data is gone.

              It's a slippery slope of bad decisions. People who start down the path are most likely to be the ones to continue down it. So you never advise that someone start down the path - because the only people who will listen to you are the ones that need the protection the most. If anyone was in a position to skip AV, they'd have known it and never needed the advice.

              1 Reply Last reply Reply Quote 0
              • D
                Dashrender
                last edited by

                Well, before you think I'm totally crazy, I've been running Webroot since I learned about journaling feature.

                1 Reply Last reply Reply Quote 0
                • B
                  BRRABill
                  last edited by

                  I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.

                  Now, if he has said other things in the past, I do not know.

                  D S 2 Replies Last reply Reply Quote 0
                  • D
                    Dashrender @BRRABill
                    last edited by

                    @BRRABill said in Video plugin issue with fullscreen:

                    I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.

                    Now, if he has said other things in the past, I do not know.

                    Leo is the one that specifically says that AV is more or less pointless.

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      scottalanmiller @BRRABill
                      last edited by

                      @BRRABill said in Video plugin issue with fullscreen:

                      I've only listened to a few of these podcasts, but in the recent one he did NOT say to avoid AV. He said the one built into Windows is OK to use.

                      Now, if he has said other things in the past, I do not know.

                      Problem would be... is he saying it is okay to use because he thinks that it is a good product? Or is it okay to use because he thinks that AV is pointless and doesn't care if they work or not?

                      Basically, if you perceive something as snake oil, all you care about is that it isn't poison.

                      1 Reply Last reply Reply Quote 0
                      • S
                        scottalanmiller @Dashrender
                        last edited by

                        @Dashrender said in Video plugin issue with fullscreen:

                        Leo is the one that specifically says that AV is more or less pointless.

                        I'd ask this... does he feel that it was always pointless? If not, why not? If so, I think pretty much all of us have evidence that suggests that this is very much not true.

                        T 1 Reply Last reply Reply Quote 0
                        • S
                          scottalanmiller
                          last edited by

                          Funny that this gets mentioned now. I would point to an article on SW where someone asked if patching computers was still worthwhile for the same logic. He felt that "since there were two high profile breaches that could not have been prevented with patching" that it might no longer be worth doing.

                          Of course that was completely failed logic. It's similar to wondering if because brakes can't save you from every possible accident that you should not bother installing them on cars.

                          But the attitudes feel similar: someone perceives the threats that they concerned about being something different than what patching or AV helps primarily to protect against and then thinks that that protect isn't viable because of that perception.

                          D 1 Reply Last reply Reply Quote 1
                          • N
                            NattNatt
                            last edited by

                            If I let it run for a few seconds first, it works fine in full screen (using chrome) - if I attempt to go full screen straight away the same thing happens as you reported...

                            1 Reply Last reply Reply Quote 0
                            • T
                              travisdh1 @scottalanmiller
                              last edited by

                              @scottalanmiller said in Video plugin issue with fullscreen:

                              @Dashrender said in Video plugin issue with fullscreen:

                              Leo is the one that specifically says that AV is more or less pointless.

                              I'd ask this... does he feel that it was always pointless? If not, why not? If so, I think pretty much all of us have evidence that suggests that this is very much not true.

                              Steve Gibson does advocate for people to run a local AV of some sort. Security Essentials had been testing to be at about the same level of protection as the other big security vendors ~2 years ago, which is why he says it's "good enough". Partially outdated at this point. He did recently move to Windows 7, but is backwards with his arguments for holding back.j

                              Leo named his network perfectly imo, twit. He is really just a news person, and we've been over what we think of American based news already this morning!

                              1 Reply Last reply Reply Quote 1
                              • S
                                scottalanmiller
                                last edited by

                                From my perspective, what little I have seen of Leo, he only styles himself a news person. Which makes it mostly innocent. But sadly, a news person relaying opinion stops being a news person.

                                1 Reply Last reply Reply Quote 1
                                • D
                                  Dashrender @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in Video plugin issue with fullscreen:

                                  Funny that this gets mentioned now. I would point to an article on SW where someone asked if patching computers was still worthwhile for the same logic. He felt that "since there were two high profile breaches that could not have been prevented with patching" that it might no longer be worth doing.

                                  Of course that was completely failed logic. It's similar to wondering if because brakes can't save you from every possible accident that you should not bother installing them on cars.

                                  But the attitudes feel similar: someone perceives the threats that they concerned about being something different than what patching or AV helps primarily to protect against and then thinks that that protect isn't viable because of that perception.

                                  I disagree. The patches thinks keeps most know, hopefully all known, bad things at bay. With AV, the rate of new infections, etc... unless you're running heuristic, the sig only based solutions are pretty pointless, as long as you have the rest of your defenses up and running.

                                  I only am willing to pay for and run Webroot because of journaling. If not for this feature, I would, well not skip it since Windows Defender is free - so I'd just stick with Windows Defender.

                                  Leo's point, assuming I remember correctly is that most AV still use primarily definition files and they are pretty useless considering how fast things continue to morph. I don't recall him specifically making a recommendation to use or not use, but he's stated that he himself doesn't use, but in the same breath he says he doesn't use Windows much any more, mostly using Linux or Mac stuff.

                                  1 Reply Last reply Reply Quote 0
                                  • B
                                    BRRABill
                                    last edited by

                                    Here is the transcript from this week where they discuss it. (And also my issue with using Malwarebytes instead of a reformat.)

                                    P.S. Maybe time to fork this post?

                                    Leo: Nice to wipe them out. All right. This is the no-antivirus question: Steve and
                                    Leo, I've been listening to the show since the start of the year, and I'm hoping - so
                                    these are all people who are fairly new, I guess; you know? I'm hoping that I will
                                    become more knowledgeable in security, mostly by osmosis. Thank you so much for
                                    your interesting conversations and for sharing your infinite wisdom. Aw. Thank you.
                                    My questions may show my true naivete, though: I was listening to a recent Security
                                    Now!, and Leo mentioned that you need not have an antivirus. What? I personally
                                    use Avira's free antivirus, and I like to scan to make sure that I have no intruders. Is
                                    there a better way to do this? Does this even protect me in the slightest? Can you
                                    recommend any episodes of Security Now! that could possibly teach me some more
                                    basics, or any other free - minimum-wage laborer here - educational tools. Thanks
                                    so much. I look forward to your podcast every week. Marissa.

                                    Steve: So you and I are on the same page on this, which is that the AV which is now
                                    available for free - and I assume that Marissa is a Windows user. She didn't say. But
                                    Windows incorporates either, what, Windows Defender or Security...

                                    Leo: It used to be called Security Essentials. And in Windows 10 it's just called
                                    Defender.

                                    Steve: Right. And it's being updated. It's constantly updated. Microsoft has sort of slowly
                                    crept into this business so they wouldn't upset the existing AV industry that first formed
                                    around Windows. But at this point I just - I don't suggest anyone use a third-party AV. If
                                    something really gets - somehow passes that and gets in, I like - I just use
                                    Malwarebytes, free edition, run that to clean a system, and then remove it. But
                                    otherwise, I don't have anything running all the time.

                                    Leo: I pretty much agree with that. The problem is that viruses spread so fast now
                                    that an antivirus probably isn't going to protect you.

                                    Steve: Correct.

                                    Leo: So in some ways that's a false sense of security. You get a free antivirus. You
                                    don't need one on a Mac, really. There's really not an issue on the Mac. And the
                                    other one I would say is there are a lot of companies trying to sell you antiviruses on
                                    mobile, on iOS and Android. And there's no reason in the world to use those. They
                                    can't do anything of value. And Google and Apple already do everything that can be
                                    done. In fact, Google will scan every app before you install it. And Microsoft won't
                                    even allow you to have an app that isn't scanned before. Doesn't keep stuff out of
                                    the store, but they have ways of killing it. And even if you download it, and it gets in
                                    the store, having a antivirus on iOS or Android is not going to prevent you from
                                    getting hurt.

                                    Steve: Right.

                                    Leo: So they're of limited utility. And they have some negative impacts. They slow
                                    your machine down. Sometimes they can keep you from doing things. A lot of the
                                    bugs that I hear about on the radio show, first question, I say, do you have security
                                    software running?

                                    Steve: Well, and we also know that they've had some questionable practices, too, that
                                    they have installed security certificates in the root store, and they're looking at all of the
                                    security traffic coming in and out of your machine. Now, on one hand, it's like, well, yes,
                                    but that's local, and it's for your benefit. But if they're not careful, third parties can
                                    obtain the key and use that as a means of getting into your system. So it just - I don't
                                    think that, on balance, the benefit outweighs the collection of problems. And, for
                                    example, if you do have Windows, just use what's there.

                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      scottalanmiller
                                      last edited by

                                      So he has the "Macs are magically safe" issue, too.

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        scottalanmiller
                                        last edited by

                                        Although I think there might be confusion. Is he saying no AV, or no third party AV?

                                        wirestyle22W 1 Reply Last reply Reply Quote 0
                                        • wirestyle22W
                                          wirestyle22 @scottalanmiller
                                          last edited by

                                          @scottalanmiller said in Video plugin issue with fullscreen:

                                          Although I think there might be confusion. Is he saying no AV, or no third party AV?

                                          Third party AV. He said specifically because we have defender and its updated constantly.

                                          S 1 Reply Last reply Reply Quote 0
                                          • S
                                            scottalanmiller @wirestyle22
                                            last edited by

                                            @wirestyle22 said in Video plugin issue with fullscreen:

                                            @scottalanmiller said in Video plugin issue with fullscreen:

                                            Although I think there might be confusion. Is he saying no AV, or no third party AV?

                                            Third party AV. He said specifically because we have defender and its updated constantly.

                                            Yeah, that's VERY different from not saying to have AV. Not replacing AV and removing the AV that we have are incredibly different.

                                            wirestyle22W 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 1 / 3
                                            • First post
                                              Last post