I work in automation with PLCs etc and our OS is so locked down it takes weeks to have software installed to fix urgent repairs, literally to the point you have customers screaming at you……it’s an absolute joke, I understand that people are hopeless but when these big companies make these stupid blanket rules for engineering task it legit holds everyone back. I have even driven 6 hours to go home to grab a personal laptop so that I could flash a PLC card with the correct firmware.

@@aussiegruber86 would you let some freshmen operator to configure PLC? Tinker with parameter. For example you got value 39 but, he likes rounded numbers so he change them to 40, even when he has warning sign right above PLC controller, DO NOT SET VALUE OVER 39! And as result it cause machine malfunction and several days out of order. What would you explain to the customers? "We let the control panel unlocked so when the alarm goes off, we don't have to input password several times a day?"

😄 good one

why do u want to do so??

@@mukeshsolanki7772 Why would I ever need to run software signed in India?

I'm not aware of anything like this, but there are two other approaches: 1. Make manual control with HIPS/IPS/IDS utilities. 2. Use firewall like Safing Portmaster to ban all traffic to any country that you don't like. It won't save you if bad actor will use VPN or server located in other countries, but it's at least something

@@ТоварищКамрадовСоциалистКоммун I already block traffic by country. The question was, can we block signed applications by the country of origin of the certificate?

@@GerardPinzone the country of the origin of the certificate is the company that included this indian company in the trusted list. It should be seen if Leo would at 0:30 click on the company name and then press on 'details' button. That would reveal the CA data. About your question looks like rather no. You either use the normal list of CA, or you don't use it ) In fact, the alternative to it is the web of trust. You can edit the CA list, but it's rather a manual control, not what you asked

However any software that installs for all users requires UAC, so not many else would be suspicious.

Yup ​@@fred-youtube

@ True! The official Teams installer installs in a user's appdata by default, and only will install for all users if you manually run the installer as an admin. That's why from my experience a Teams installer should only give a UAC prompt if I prompt it to do so.

Problem is, you can't really expect the ordinary user to notice and remember such tiny details ​@@anxiousfool

Because of IT policy, I have to click that prompt so many times a day, so most people will not read the signature, especially under always-tight deadlines. IT preinstalls Teams via Intune, so this exact malware situation would not happen.

I've had the same thought about VMs

Mobile threats are very rare if you not download any apks from anywhere

yep, as long as you stick to the app store, you are pretty safe

What about clicking on links​@@ТоварищКамрадовСоциалистКоммун

@@lukamanevski links are normally processed by browsers, so it's about how secure the browser is. If you are interested in just security, staying with google products, including chrome, is a safe side. You can still ramp up your security by using some extensions for security and privacy. The top 3 of them: uBO, noscript, bitwarden or keypassxc

AppManager using virustotal, still need to check the repo manually tho eg false positive solved in breeze weather

Unironcially I still use windows xp. Despite being cautious I'm sure my PC is infected, due to there being no decent or working anti viruses for it.

I'm willing to bet Bitdefender or ESET caught it. Maybe Kaspersky too

solving an issue starts from localizing it. First to do is to find out what doesn't work. It's not likely that both your gadget (PC?) and router are affected because of possible malware. If you don't have any other PCs, get a linux from your flash stick, load from it, and check if router is OK. Oh, you don't have any linux on a flash drive? what a shame

it might be that your system doesn't work properly. You need first to stop using your possibly infected system and find something that you can rely on. If not another laptop, then at least another system loaded from it. Desirably some linux from a flash drive. Ask your friends/ neighbors to make it for you

when router will be working again, fix your laptop. Safe way is to reinstall your system. Your laptop may have a system backup sector, you can use it to restore your system

Microsoft's Defender is fine. Just don't open executables you shouldn't be opening to begin with.

@@Fugalism "Just don't open executables you shouldn't be opening to begin with." lol

The level of tech illiteracy in the average office would blow your mind..

perhaps consider watching the video