mirror of
https://github.com/TommyTran732/Windows-Setup.git
synced 2024-11-09 17:51:43 -05:00
Compare commits
No commits in common. "212897255e9fffd332cbd887d88003ab81277a36" and "e0143704808d4d9abf000db15bbab9661e1abc45" have entirely different histories.
212897255e
...
e014370480
@ -1,12 +0,0 @@
|
||||
# Windows Defender SmartScreen
|
||||
|
||||
`Computer Configuration\Administrative Templates\Windows Components\Windows Defender SmartScreen`
|
||||
|
||||
- Enhanced Phising Protection -> Service Enabled -> Disabled
|
||||
|
||||
**For a corporate scenario or when you cannot trust the user you are configuring it for and you choose to have SmartScreen enabled, do the followings:**,
|
||||
|
||||
- Explorer -> Configure Windows Defender SmartScreen -> Enabled -> Warn and prevent bypass
|
||||
- Microsoft Edge -> Prevent bypassing Windws Defender SmartScreen prompts for sites -> Enabled
|
||||
|
||||
There is also Explorer -> Configure App Install Control that you might want to look into. Probably theatre though, it doesn't appear to block anything, or anything meaningful at least.
|
@ -45,11 +45,7 @@ Consider scenarios where you use Proton Drive/Mega/PrivateBin which append the e
|
||||
|
||||
### Phising protection
|
||||
|
||||
This is extremely invasive to the point where I do not think it's okay to keep it on under any circumstances, with any kind of threat model.
|
||||
|
||||
https://support.microsoft.com/en-us/topic/protect-your-microsoft-password-from-being-phished-e4e8e611-e4b3-4be9-914c-db1657c337cf
|
||||
|
||||
The protection is minimal - it only "protects" the Microsoft account used to sign into Windows. The whole exercise is theatre, use a proper password manager and FIDO2.
|
||||
Not sure if this does online or offline checks, so privacy implications are unclear. It is theatre anyways - use a proper password manager and FIDO2. Best to keep it off.
|
||||
|
||||
### Potentially unwanted app blocking
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user