TL;DR: Windows Defender had a bug that made certain system calls expensive on CPU cycles when Defender's Real-time Protection feature is enabled. After discovery, Mozilla reported this issue to Microsoft. Microsoft is releasing a patch that should result in lower CPU usage when using Firefox on sites like YouTube (a ~75% CPU usage reduction was noted when browsing YouTube in Firefox with the fixed version of Defender).<p>It seems like the HN submission form truncated the # from the end of the URL I linked to, which linked to the relevant comment. I'll try that here:<p><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c82" rel="nofollow">https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c82</a><p>and<p><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c91" rel="nofollow">https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c91</a>
> a ~75% CPU usage reduction was noted when browsing YouTube in Firefox<p>I wonder how many of the people who say "Firefox is significantly slower than chrome" are using windows... On my computer, Firefox IS slower than chrome but (with ad blockers enabled) by an insignificant amount. By still being "the last remaining mostly independent, maintained and reasonably popular browser" I'd prefer it to use over chrome even if it is a bit slower.<p>Of course, ms is no longer the "old micro$oft" but their history on how they handle competitor browsers makes one think how much interest they could have in investigating and fixing such a bug.<p>My takeaway is: prefer independent software as much as you can.
Windows Defender is a long standing bug in the Windows operating system. ;)<p>My impression is that its invention was for the sole purpose of eradicating the idea that Windows is insecure and prone to viruses, which explains why it can be overzealous and CPU hungry.<p>I would only enable it for family members who don't know what they are doing. For some reason, I haven't needed any form of active virus scanning in something like 15 years. If it turns out I've been infected this entire time, the criminals sure are taking their time stealing my money, etc.
Random thought:<p>I am not sure what the at-scale energy use reduction of this bug fix will be, but...<p>If I had a pile of money I would consider creating a special bug bounty style program for energy use reduction.<p>This might be a very efficient way to reduce carbon output from personal and data center computing.
Well, windows defender is the single largest CPU hog Ive found on these low end cherry trail/silvermont/goldmont/etc tablets.<p>Particularly when windows update kicks on the CPU's go to 100%, the thing overheats, and generally is absolutely unusable as it downloads and scans/etc the update its preparing. The devices go from usable but slow, to put it down for a couple hours cause you won't get anything done levels of usability.<p>Disabling windows defender for the 24 hours (or whatever it takes) before windows decides to turn it back on, is the single largest performance hack I've found to make those devices run reasonably. Guess this "bug" just reinforces that fact.<p>Maybe someone should donate a few to MS's windows engineering teams so they can enjoy the monster they have created running on the low end hardware that is still being sold.
This just reminds me of constant "things worked so fast on my Windows 95 machine back in the day with 16MB RAM". Meanwhile any piece of software could crash your PC and it did so regularly (I still keep spamming save in software because of those days) and internet was a pandoras box.<p>I wonder how much overhead in modern OS/PC user experience comes from security/stability abstractions and tools.
I've experienced a bug related to the on-disk real-time scanning of Windows Defender, but instead with 100% disk bandwidth usage for unreasonable amounts of time.<p>I purchased a license of a proper antivirus software to avoid that bug and the performance issues gone away.<p>When you install another AV software, Windows Defender steps down and leaves scanning to the 3rd-party security solution. I selected one of the most lightweight ones I could find. It has been a net win for me.<p>One shouldn't need to do this, but it has worked so far, for years now.
Is Windows Defender even worth enabling?<p>It eats up a lot of CPU. It doesn’t seem like much help in a default update enabled system where you are using a regular user account instead of an administrator account.<p>In addition, anti-virus and real time scanning is itself potential surface area for an exploit (for example a few years back there was an exploit based on Norton antivirus email scanner).
Every security app seems to have problems like this all the time, and they never seem to be able to detect them themselves. Security software that didn't suck would be a huge opportunity, and yeah as others have alluded too, a huge carbon emission reduction!<p>I had two different IT mandated apps taking up a total of 3.5 <i>complete</i> CPU cores for a week before I undocked and noticed the fast battery drain. On an M1 no fan blast to alert me. It's a terrible terrible state of affairs.
I remember some people reporting that their old PCs with unsupported CPUs got a high CPU usage after installing Windows 11, and I remember some people saying that it was because they lacked TPM, which increased the CPU load. But it turned out to be just a bug, didn’t it? After all, features like memory randomization that require TPM couldn’t be enabled on Windows 11 anyway, and similar CPU usage spikes were seen on Windows 10 as well.
Biggest headache with Windows Defender is it's abysmal single threaded IO bottlenecking.
Writing large number of files to disk? Windows defender will be busy slowing down every single one of those writes as it scans... wouldn't be so bad if it didn't do so on a single thread. I have 10 cores, use them!
Orders of magnitude slowdown of mmap() on <i>ix platforms would never be accepted by users or developers on </i>ix. Seems the expectations are quite far gone in the malware-ridden win* world.
Defender's Real-Time feature also creates 100% CPU usage when burning a Windows To Go ISO using Rufus. Need to turn it off or things will go slowly.
Wait so they… they have a hook in the mmap() equivalent that allows AV software to scan new pages mapped as executable? I see the reasoning but damn does that feel cursed.
It used to be possible to disable real-time protection but know it’s not. The UI toggle is only for a limited time and the Group Policy option doesn’t work anymore.
I think I have been experiencing that! I just turned off realtime protection, it's useless anyway and I think it cripples filecopy performance too.
If Firefox engineers spent more time on Firefox bugs, maybe we would be able to fully use MS Teams and other important for work video conferencing apps on Firefox. (Hey, don't take me too seriously.)