1
0
mirror of https://github.com/TommyTran732/Windows-Setup.git synced 2024-11-13 19:51:43 -05:00

Compare commits

..

4 Commits

Author SHA1 Message Date
212897255e
Update
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-14 16:36:01 -07:00
3cec6edfe7
Update
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-14 16:03:48 -07:00
7de25f2b16
Windows Defender SmartScreen
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-14 15:59:13 -07:00
da8557b39a
Update
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-14 15:48:23 -07:00
2 changed files with 17 additions and 1 deletions

View File

@ -0,0 +1,12 @@
# Windows Defender SmartScreen
`Computer Configuration\Administrative Templates\Windows Components\Windows Defender SmartScreen`
- Enhanced Phising Protection -> Service Enabled -> Disabled
**For a corporate scenario or when you cannot trust the user you are configuring it for and you choose to have SmartScreen enabled, do the followings:**,
- Explorer -> Configure Windows Defender SmartScreen -> Enabled -> Warn and prevent bypass
- Microsoft Edge -> Prevent bypassing Windws Defender SmartScreen prompts for sites -> Enabled
There is also Explorer -> Configure App Install Control that you might want to look into. Probably theatre though, it doesn't appear to block anything, or anything meaningful at least.

View File

@ -45,7 +45,11 @@ Consider scenarios where you use Proton Drive/Mega/PrivateBin which append the e
### Phising protection ### Phising protection
Not sure if this does online or offline checks, so privacy implications are unclear. It is theatre anyways - use a proper password manager and FIDO2. Best to keep it off. This is extremely invasive to the point where I do not think it's okay to keep it on under any circumstances, with any kind of threat model.
https://support.microsoft.com/en-us/topic/protect-your-microsoft-password-from-being-phished-e4e8e611-e4b3-4be9-914c-db1657c337cf
The protection is minimal - it only "protects" the Microsoft account used to sign into Windows. The whole exercise is theatre, use a proper password manager and FIDO2.
### Potentially unwanted app blocking ### Potentially unwanted app blocking