Windows 10 Tamper Protection Security Feature

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Johnny b

John
Thread Starter
Joined
Nov 6, 2016
Messages
7,575
Article on enhancing Win 10 security

Nifty new feature that comes with Win 10 1903

How to Enable the Windows 10 Tamper Protection Security Feature

https://www.bleepingcomputer.com/tu...indows-10-tamper-protection-security-feature/

With the release of the Windows 10 May 2019 Update, Microsoft introduced a new security feature called Tamper Protection that protects security settings for Windows Defender antivirus from being disabled by malware or third-party programs.

When enabled, Tamper Protection will only allow Windows Defender related settings to be changed when done through the Windows Security settings screen. If a program, such as malware, or even PowerShell tries to change security settings or Microsoft Defender preferences, Tamper Protection will block the settings from being modified.

Due to this, Tamper Protection is an integral part of the Windows 10 security environment and should be enabled by all users for increased security and protection from malicious programs.
Directions follow in the article on how to enable.



edit: I just checked mine and found it was already enabled.
 
Last edited:

Johnny b

John
Thread Starter
Joined
Nov 6, 2016
Messages
7,575
I thought your Windows PC is offline only.
My Win 7 Home computer that I use exclusively for finances, is used offline only.

I recently bought a refurbed computer that came with Win7 Pro.
I dual boot it with Puppy Linux (from a usb flash drive) and Win 10 pro ( a free install, courtesy of MS ) from a ssd.
I'm using it as part of my living room entertainment center with a TV.
I've found OBS Studio on a Windows platform works better for me than capture programs on Puppy Linux because of sound issues.

I have others, also :D
Like the one I'm posting from now ( not in my living room) :)
 
Joined
Sep 21, 2007
Messages
12,430
Ha, I see. So you still do all your online activity using a Live CD ?
Mind you, a Live CD may be running as root all the time. Not sure about Mint, but Ubuntu does, and thus an attacker can mount your sda and write to it.
 

Johnny b

John
Thread Starter
Joined
Nov 6, 2016
Messages
7,575
I've moved to USB flash (Kanguru)drives with a write switch, so nothing can be written to it while it's locked. Very effective.

As far as the Live CD/DVD Puppies, the media ( CD or DVD ) can be unmounted and removed immediately after boot, so effectively, nothing can be written back to the disc, either.
But they are simply slow to boot to a desktop.

However, sessions can be attacked and infected. Though, a reboot brings back a clean image.

With a usb flash drive, it's easy to reboot quickly before logging into a secure site ( banking or e-commerce) insuring you're starting with a pristine system.
 
Joined
Sep 21, 2007
Messages
12,430
I might have used the wrong dev for mint, but what I meant was that the attacker can use the root privilege to mount the hard drive and write to it while you are online. Unless you physically disconnect the hard drive cables.
 

Johnny b

John
Thread Starter
Joined
Nov 6, 2016
Messages
7,575
Anything is possible depending on how and what a computer is used for.

The only computer I have online with a hard drive hooked up is the refurb for entertainment, dual booting Puppy and Win 10.

I haven't done it yet, but in the past, I set my sisters computer up with Windows on a hard drive inserted in a removable tray with an on/off switch that I got at Newegg. Less than $10.
It allowed her to boot Puppy ( edit) from a USB flash drive while the Windows drive is turned off, completely circumventing any access to that old and outdated Win XP install.

I have another tray kit, just haven't had the time to set it up for myself.



The computer I'm posting from is used for general Internet connectivity and secure sites ( e-commerce, etc ) and has no hard drive.

I've read there's no such thing as 100% security, but I think the way I'm set up/about to setup, is both effective and cost efficient.
 
Last edited:
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top