INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: Thoughts on data security and data protection  (Read 675 times)

rolf_eigenheer

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 303
  • nothing more to say...
Thoughts on data security and data protection
« on: December 08, 2020, 01:51:52 am »

In addition to MediaCenter, only the operating system and Defender itself access so much of my data. For MediaCenter I open ports and make exceptions in the firewall and security. Mediacenter can therefore be classified as critical.

Anyone who is on the move in this forum will sooner or later, in any thread, come across the instruction to restrict Defenders function.

It is possible and makes sense to cooperate with Defender. My compilers open and write thousands of small files. For sure! A little faster without Defender. I have no other program which cannot operate with Defender. So why should a media player behave differently?

After the database has been set up, the many and fast accesses are only required to the database files and thumbnails. And even if Defender delays access to the title to be played by 100ms, who cares.

I would like to remind you of the history of the Swiss CRYPTO AG. That was an honorable company that sold encryption technology. And because they were Swiss, they dealt with East and West, good and bad. At some point a capital increase became necessary. Today it is known that since that day the German and American secret services have held the controlling majority and the encryption has become 'soft' for certain customers.

Even if we trust Jim and Matt, we have to realize that JRiver is worth far more than just this player application. JRiver has access or can gain access to all of our files.

I had my shock when I found that MediaCenter was scanning files which are not in my index. It then turned out that files removed from db are still being checked. So nothing dangerous happened. But things like that makes you think ...
Logged

InflatableMouse

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3978
Re: Thoughts on data security and data protection
« Reply #1 on: December 08, 2020, 06:39:55 am »

It is possible and makes sense to cooperate with Defender. My compilers open and write thousands of small files. For sure! A little faster without Defender. I have no other program which cannot operate with Defender. So why should a media player behave differently?

And even if Defender delays access to the title to be played by 100ms, who cares.

I have all my media files on network shares. When I import an MKV video of 40 to 60 GB into MC, I let it analyze audio. What happens with Defender is that it halts MC's access to the file and starts scanning the file first. MC will popup a hang message 'not responding', and from the process monitor I see defender eating up 900Mbit on my network interface, scanning the MKV file. You can do the math on 40 GB scanning at 900Mbit.

If MC imports 4 files from a network share, accesses them and does 4 simultaneous analyzes on audio streams from video files, you can guess what happens. Audio stops playing, MC crashes, etc.

The only way to prevent this is to exclude these locations  and / or file extensions.

As far as I am aware, there is no way an application can "play nice" with defender to overcome things like this? I could be wrong though, love to hear a better way.
Logged

Maltsters

  • Junior Woodchuck
  • **
  • Posts: 51
Re: Thoughts on data security and data protection
« Reply #2 on: December 08, 2020, 06:52:14 am »

When I run JRiver as a media player there are several things I do:
1. The user credentials that JRiver uses on my network to play media from network shares only have read access and not write or delete access
2. JRiver can only see media on the network and does not have read access to any other share
3. I use a different PC for uploading media and writing the tag information in which case JRiver only runs when in active use
4. All UPnP/DNLA renderers are located on a different subnet which is firewalled off (via the router) from my physical servers with JRiver Media players sitting on both subnets
5. I agree, I always run defender - JRiver continually accesses the internet searching for images to use in Playing Now display..accessing the internet without running Defender would be very risky. I have no issues with Defender when uploading media, if people do they can excluded specific local folders from its real time scanning.
6. UPnP is disabled on my routers for security - I dont want things to open ports on the routers without proper authentication.
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72438
  • Where did I put my teeth?
Re: Thoughts on data security and data protection
« Reply #3 on: December 08, 2020, 07:38:38 am »

Anyone who is on the move in this forum will sooner or later, in any thread, come across the instruction to restrict Defenders function.
That's misleading.  We recommend following Awesome Donkey's advice in the Taming Windows Defender thread.  By doing so, you're allowing MC to do its job.   Antivirus software must be told to allow access needed by legitimate software.  It isn't restricting Windows Defender.  It's letting it to its job correctly.
Logged

rolf_eigenheer

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 303
  • nothing more to say...
Re: Thoughts on data security and data protection
« Reply #4 on: December 08, 2020, 07:44:16 am »

As far as I am aware, there is no way an application can "play nice" with defender to overcome things like this? I could be wrong though, love to hear a better way.

You're right. But things like this are not every days business. I'd like to have a better control if I'm using MC for administrative work as tagging, moving analyzing and all the other situations where I just want to enjoy my music or photos. In second case Defender would not affect operation. But with all that automated background operations it is not always clear what happens.
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72438
  • Where did I put my teeth?
Re: Thoughts on data security and data protection
« Reply #5 on: December 08, 2020, 07:56:59 am »

I'll let this thread run for a day, then close it.  If you have a problem, please post it.  If you want to discuss antivirus and other security software, please find another forum.  It's a big, complicated subject, about which very little is publicly known (guess why), so there is a lot of paranoia about it.

We need to be able to do our job and not wander off into the weeds.

If anyone questions my attitude about antivirus software, please read this thread:
https://yabb.jriver.com/interact/index.php?topic=86096.msg588759#msg588759

Logged

dtc

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3118
Re: Thoughts on data security and data protection
« Reply #6 on: December 08, 2020, 08:05:15 am »

The only way to prevent this is to exclude these locations  and / or file extensions.

There is Microsoft documentation saying that if you exclude a folder that excludes the files within it, including executables. So excluding Program Files\JRiver will also exclude MC27.exe.  This is discussed in the Taming thread. In addition, there is Microsoft documentation that says that if an executable is excluded, then the files it opens are not scanned. I have documented this in this forum before. But, I have never seen anyone provide evidence whether using the folder exclusion actually prevents the media files the MC opens from being scanned.  That is, given the exclusion for the JRiver folder or the MC executable, do you really have to also exclude the media files themselves?

Have you tried not excluding the media files themselves to see if the folder exclusion (or a specific exclusion on MC27.exe.) prevents the scanning of the media files?  I do not have enough big enough files to do a meaningful test.

If the folder exclusion actually excludes the executables and that also excludes the files that then executable opens, then the whole Taming process becomes much simpler.  A single exclusion of a single folder would be pretty much all that is needed.

Any insight or experience would be appreciated.
Logged

Awesome Donkey

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 7804
  • Autumn shade...
Re: Thoughts on data security and data protection
« Reply #7 on: December 08, 2020, 09:25:38 am »

I'd say there's two folders that need excluding; the J River folder in Program Files (or Program Files (x86) if using the 32-bit version of Media Center on 64-bit) and the J River folder located in %APPDATA%. The latter because that's where MC downloads the video (LAV filters) and web (Chromium) plugins it might need and AVs can certainly interfere with that.

In addition, I'd also add exclusions for the drives/folders where your media is located. Reason for this is to prevent the AV from actively scanning files and directories while being accessed, which can cause issues with slowness especially if your media is located on a NAS that appears mapped as a network drive in Windows.
Logged
I don't work for JRiver... I help keep the forums safe from "male enhancements" and other sources of sketchy pharmaceuticals.

Windows 11 24H2 Update 64-bit + Ubuntu 24.10 Oracular Oriole 64-bit | Windows 11 24H2 Update 64-bit (Intel N305 Fanless NUC 16GB RAM/500GB M.2 NVMe SSD)
JRiver Media Center 33 (Windows + Linux) | iFi ZEN DAC 3 | JBL 306P MkII Studio Monitors | Audio-Technica ATH-M50x Headphones

rolf_eigenheer

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 303
  • nothing more to say...
Re: Thoughts on data security and data protection
« Reply #8 on: December 08, 2020, 09:52:21 am »

Back to main topic. I understand that Defender slows down file access. It would be great for me if I could make exclusions when I need to read a lot of files in a short time for rebuild database or cover art.
But in any other use case 1 (one) file every 6 seconds has to be read while watching a slide show. Or one song every 3 Minutes.

Where Defender or any other anti virus conflicts with MC, it would be great if MC could give a hint when it detects slow access or timeout. I've done this 'taming' several times in the past. But after installing a new Version it is not the first I think about.
Logged

dtc

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3118
Re: Thoughts on data security and data protection
« Reply #9 on: December 08, 2020, 10:00:08 am »

I'd say there's two folders that need excluding; the J River folder in Program Files (or Program Files (x86) if using the 32-bit version of Media Center on 64-bit) and the J River folder located in %APPDATA%. The latter because that's where MC downloads the video (LAV filters) and web (Chromium) plugins it might need and AVs can certainly interfere with that.

In addition, I'd also add exclusions for the drives/folders where your media is located. Reason for this is to prevent the AV from actively scanning files and directories while being accessed, which can cause issues with slowness especially if your media is located on a NAS that appears mapped as a network drive in Windows.

Microsoft documentation indicates that if the executable is excluded then the files it opens are also excluded, which means excluding the media file directories is redundant. Do you have any experience with that?  I fully understand the reasons for excluding media files. I am discussing how they are excluded.  If the folder exclusions also exclude the media files, the exclusion process just becomes easier.


Additional Information :

Here is a current Microsoft document that says the excluding a folder also excludes the applications under that folder and the files that the applications open.

Any file on the machine that is opened by any process under a specific folder   Specifying c:\test\sample\* would exclude files opened by:
c:\test\sample\test.exe
c:\test\sample\test2.exe
c:\test\sample\utility.exe

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus

Something to consider.
Logged
Pages: [1]   Go Up