Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Wasabi to Windows Defender exclusions #12892

Open
soosr opened this issue Apr 18, 2024 · 1 comment
Open

Add Wasabi to Windows Defender exclusions #12892

soosr opened this issue Apr 18, 2024 · 1 comment
Assignees
@Szpoti
Labels
feature/enhancement
Milestone
v2.0.9

Comments

@soosr
Copy link
Collaborator

soosr commented Apr 18, 2024

After the installations of Rider, it pops a Post-Installations Steps window which has a option for adding Rider to Windows defender exclusions as it will improve startup time.

image

After asking chatGPT it has several advantages of doing it:

  • Normally, when an application starts, Windows Defender scans its files to ensure there's no malicious software. This is particularly intensive if the application, like Rider, consists of numerous files and possibly generates additional files dynamically. By adding Rider to the exclusions list, these files aren't scanned, thus reducing the time taken for these security checks.
  • Integrated Development Environments (IDEs) like Rider frequently read and write a lot of files and may also compile code in real-time. Antivirus scanning can slow down these operations because each file access could trigger a scan. Excluding such applications from antivirus checks can significantly speed up these file operations.
  • Development environments can sometimes be flagged by antivirus software as suspicious due to the behaviors they exhibit (like network connections, frequent file system operations, etc.). Excluding them can prevent unnecessary interruptions from false alarms.

Would it be worth for us doing the same?
@molnard molnard added this to the v2.0.9 milestone Apr 22, 2024
@remcoros
Copy link

remcoros commented May 3, 2024

I don't think this is a good idea.

As far as I know, Defender exclusions work based on folder paths and executable names, not on file content signatures.

So what will happen, when a user blindly accepts adding the exclusions (More performance, yes please), it adds exclusions for 'program files/Wasabi' / wasabee.exe / etc.

Then he opened himself up to be infected by ANY malicious software calling itself "wasabee.exe" or injecting it into wasabi's program files / data folder / etc.

There's already "fake" wasabi releases out there. And with exclusions in Defender like this, they have zero chance of being detected anymore.

The "Rider" use-case is a bit different, it's targeted at developers, who, most likely, have a very good understanding of what they are doing and what they install on their machine.

I also doubt this will bring noticeable performance improvements. Rider/MSBuild/csc.exe are special in that regard, as they do A LOT of disk access/caching/compiling/etc.

I'm afraid normal users will just blindly accept the exclusions, and that leaves them vulnerable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Szpoti Szpoti

Labels
feature/enhancement
Projects
Relevance Realization
Status: ✋Will Do
Milestone
v2.0.9
Development

No branches or pull requests
4 participants
@remcoros @molnard @soosr @Szpoti