You, sir, are very funny!

 

Unfortunately, your arguments were lacking. At least you have a sense of humor, even if you have little knowledge.

 

So here are some arguments on a way you like to do it.

• Limited Capabilities of Windows Defender Firewall
  • The built-in firewall lacks advanced rule management (e.g. deep packet inspection, stateful inspection beyond TCP/UDP, application-layer filtering).
  • Outbound traffic control is minimal and difficult for average users to configure.
  • No support for intrusion detection or prevention (IDS/IPS), making it inadequate against modern APTs.

• Closed-Source Codebase Prevents Independent Auditing
  • Windows source code is proprietary, limiting transparency.
  • Security experts and organizations cannot fully inspect it for hidden vulnerabilities or intentional backdoors.
  • Open-source alternatives like Linux allow full community-based audits, reducing the likelihood of undetected malicious code.

• Frequent Exploitation of Zero-Day Vulnerabilities
  • Microsoft software is a prime target due to its market dominance.
  • Zero-day exploits (e.g., CVE-2021-40444, CVE-2020-0601 "CurveBall") have demonstrated critical vulnerabilities in Windows Defender, SMB, and core libraries.
  • Attackers often gain remote code execution (RCE) or escalate local privileges before patches are available.

• System Services with High Privileges
  • Windows services such as LSASS (Local Security Authority Subsystem Service) and the RPC endpoint mapper run with NT AUTHORITY\SYSTEM rights.
  • Exploiting these can grant full system control.
  • Insecure DCOM or COM objects can be abused via known attack vectors (e.g., COM hijacking, DLL sideloading).

• Tight Integration with Cloud Services and Microsoft Telemetry
  • Components like OneDrive, Windows Update, and Cortana are deeply integrated into the OS.
  • Data is sent to Microsoft servers regularly—even after disabling some telemetry options.
  • Group Policy and registry edits are often required to fully disable such communications, which most users do not perform.

• Persistent and Hard-to-Disable Telemetry
  • "DiagTrack" and "Connected User Experiences and Telemetry" services continue to collect system metadata unless forcibly disabled.
  • Enterprise and Education editions offer slightly more control, but Home users have little transparency or control.
  • Data might include usage patterns, app history, typing data, and more.

• Historical Backdoor Allegations and Government Cooperation
  • Leaked NSA documents (e.g., from Edward Snowden) indicated programs like PRISM, suggesting cooperation between Microsoft and intelligence agencies.
  • Alleged presence of “NSAKEY” (a second key in Windows Crypto API) raised speculation about backdoor access in the 1990s.
  • While Microsoft denies active cooperation, concerns remain due to lack of independent verification.

• Excessive Default Network Exposure
  • Features like SMBv1, RDP, and NetBIOS are often enabled by default or not properly secured.
  • SMBv1 was the vector for WannaCry ransomware; yet some systems still run it for legacy compatibility.
  • RDP brute-force attacks are a common attack vector, especially when exposed to the internet.

• Delayed Patch Deployment in Corporate Environments
  • Many businesses use WSUS or SCCM, delaying updates to avoid downtime or compatibility issues.
  • This delay can leave critical vulnerabilities open for weeks or months after a patch is released.
  • Attackers often reverse-engineer patches to develop exploits for systems that haven’t yet updated.

• Reliance on Third-Party Security Tools
  • Many IT professionals and power users replace or supplement Windows Defender with more capable third-party firewalls (e.g., pfSense, ZoneAlarm, GlassWire).
  • Indicates that native tools are insufficient for granular monitoring, rule-based blocking, or real-time traffic visualization.
  • Some third-party tools also offer sandboxing or HIPS (Host Intrusion Prevention Systems), which Windows lacks.

 

The only thing that helps is unplugging and staying offline. (Just kidding). Finally, some arguments, bravo! So what do we do with all this knowledge? Do we do something or keep complaining? What do you want to do, zpaces? How do you want to implement your security?

 

Right... That's why we're all here cuz we use "legit" softwarez... Get a clue please. What we're talking about here isn't warez, it's the OS. An I'd thank you to mind your own f'in business in the second place...

You're not telling me anything I don't know. I have been preaching these processes on here for a while now. Some already know the drill, some listen, and some don't. The ones who don't and are running windows out-of-the-box, and actually believe all the industry b.s. about updates, they follow the industry planned obsolescence scam to the letter, leave themselves, their machines and everything on them open to perusal by anyone who wants a look, and have unwittingly become microsoft's (and their affiliates) bitches...

Right. This is the crux of the biscuit right here. Windows is a complete piece of shit, out-of-the-box. I would never use it that way, and certainly would never venture to put that system on the internet. Which is why I haven't used a OEM ISO of windows to build out a system in years. I use nothing but pre-optimized 3rd party ISO's especially now with the ever growing gigantic levels of garbage, malware and spyware that are present in OEM iso's. Plus I am a lazy bastard and like that fact that at least 1/2 of the optimization and R/E work has already been done for me.

I am having a hard time following the reasoning behind your arguments since you have already glimpsed us to the fact that you yourself don't use the wfw or defender. Maybe it's time to call this argument moot, and simply move on...

 

Last edited: May 20, 2025 at 10:38 PM

I agree, and I think your position was clear enough in your previous points.

The guy is clearly unhinged, he's been banned twice already for crappy behavior (aka Beat16/Radio), he harasses the staff, and just floods this forum with crap making it a less enjoyable place. He floods the sister site with crap preset packs also.

Why are you treating @zpaces with such hostility and sarcasm? You haven't provided anything of substance to this thread, as usual.

 

Why don't you apologize to @zpaces for your crappy behavior buddy? You called him ignorant for no reason, then he schooled you with a detailed, informative post.

You pretend to be this arbiter of hidden knowledge, but all you offer is AI generated crap.

 

He won't do anything. he's trying to create his own show here. Well some people suffered when they fell from the changing table.

 

Hey guys, is there anyone whos been frequently using S2 with no issues? If yes, what version \ release are you using and did you take any additional measures like blocking IPs in the host file and stuff like that?

The latest version 2.0.18 time bombed recently. The GUI starts melting after dragging and dropping 3rd party wavetables into the engine.
After that I have tried most (if not all) of the other recent releases with no success.
Its always the GUI melting. Especially with 3rd party wavetables it happens quickly after importing them, often immediately.

I am looking for a solution, hopefully anyone can share their success story.
In this thread I read that apparently blocking xfer servers in the host file isnt working reliably?
What else can i do? Im on Win 10 and Live 12.1

Greetings

 

Last edited: May 21, 2025 at 7:30 PM

Use glasswire, block glasswire's own service if necessary...end of issues like this.

Enjoy your solution Windows users. It works 100%

 

Xfer Records Serum v2.0.18-V.R 29 April 2025
Uninstall the old version and install the latest V.R version, you don't have to block anything, just install it.

 

Running 2.0.17 V.R. and never have the issues as you describe. No internet to production machines so nothing to block.

 

When I import wavetables, the GUI is melting.
Strange that you are having no issues. What could I be doing wrong?

Interesting, thanks. Will check it out.

\edit, i actually tried it. you cant manually block IPs (like the xfer websites). i can block ableton, but it doenst help. GUI still melting when importing wavetables

 

Last edited: May 22, 2025 at 6:46 AM

Not saying this is the case for you, but in general; when you have a plugin or program that deauthorizes because demo period has expired or more like what you are running into; if you do not clean up the prior installation first, simply installing over it isn't necessarily going to help.
Remove it cleanly (with Revo Uninstaller if possible). Then try installation again.

 

Thanks. I will attempt another clean try today when im back home. Thanks and greetings

 

It does not work. I used Revo and deleted every single thing it could find about Xfer \ serum.
Then a clean install of Xfer Records Serum v2.0.18-V.R.
(by the way, when applying the patch, the window closes automatically, but others on the sister site have said its normal and still working).
I open it in Live, drop some 3rd party wavetables in the engine and not even 10 seconds and the GUI starts melting.
I dont know what else I can try to get it to work.
In the last few pages of this post, people in here are suggesting firewalls and blocking additional IP.
Because apparently the host file blocking in Windows isnt enough.
Glasswire has been mentioned, which surprises me, as you cant even block IPs \ hosts with it, so I dont see the point.
Does anyone know about a (simple and maybe even free) firewall to block it properly?
I have some doubts about people reporting its working. I always imagine they install it, open it in their DAW, think its working and then close it and call it a day. Is there anyone whos been using it like 50+ hours or something including 3rd party wavetables with no issues?

What else could i try?

Thanks guys and have a good one

 

Xfer Records Serum v2.0.18-V.R 29 April 2025 (Just install ~ that's all)

I installed this V.R. and it works without any problems. I made a free sound bank.
Download it and follow the instructions to install the wavetables.

The Cosmic Trigger Soundset by CHE for the Xfer Records - Serum VSTI
https://mega.nz/file/qjhCDK6L#YlHjLWBC10fkbcdg_jAzcGIn4aWS0PFHEW2fu9CyNcs

Install Instructions - Comic Trigger Soundset
1. Copy the 64 Presets from the " Cosmix Trigger " Folder into:
C:\Users\YourName\Documents\Xfer\Serum Presets\Presets\User
2. Open Serum, use the Patch Browser - Go to the " User " Presets

Install Instructions Tables
1. Copy the " 12 Cosmic Trigger Wavetables "
from the folder Cosmic Trigger Wavetables
2, Into the Serum ' Tables ' Folder
C:\Users\YourName\Documents\Xfer\Serum Presets\Tables

 

Interesting, well now that means that its definitely some error on my side, because it looks like youre working with 3rd party wavetables a lot.
its the first time I have issues like this.. im really not some noob. wonder what else i can do. introduction dicount ends soon lol, but i have PTSD from buying plugins and regretting it.
i wonder what im doing wrong....

 

I was trying to be pretty careful about how I worded that post, because I was just talking about general "best practices" when you are trying to figure out a problematic k'd plugin. If you do not mention it is a completely clean install, you have not ruled out that very common source of problems. It's why R2R nfo files very frequently mention uninstallation as the first steps. Now you really know the only factors at play are the current release/version you have installed and your firewall settings. (DAW could be one too, but only if you were using something uncommon)

Make sure when you install any plugin, which plugin formats you actually install. If you do have to directly firewall something, it does not help to have other versions of the plugin on the machine and not firewalled. Especially if your DAW can use multiple plugin formats and you have not firewalled your DAW entirely.

Remember when you are using host file to block various domains due to a problematic plugin, that www.example.com and example.com as two different line entries can be not the same thing so add them both. If you can add a Wildcard to your firewall such as *.example.com it may not work but won't harm anything either. Many plugins will use api.example.com and is probably the most common subdomain used.

I'm going to assume Glasswire should already be a good enough firewall, but if you want to really look at network activity as the source of your issue on Windows; you should consider learning and using Wireshark to do it. It is the most widely accepted network protocol analyzer and packet sniffer for a reason.

All general purpose information. I think your guess is probably correct and it is still not fully cracked correctly. I am using legit version for years now and not dealing with this stuff from my favorite synth plugin has been worth every dollar spent.