You would have to block entire wordlists to combat subdomains like that. It would make more sense to whitelist subdomains instead, but it would require much more effort in order to determine what subdomains are required for the website to function. Additionally, if the site in question ever decided to change anything around, someone would have to catch the breaking change and have it corrected on the whitelists for the site to function again.
Machine learning by analyzing what displays on the page by blocking different domains. Bots can be automated to do that continuously and update a decentralized database with such information.
I think for the purposes of antivirus software, trust issues can be set aside here. Windows Defender ideally has the upper edge for choosing an antimalware solution for Windows in that it's baked in directly to the OS and therefore has more control and ability to prevent malicious activity than a third-party solution. You might not have to trust Microsoft due to privacy concerns, but for something like antivirus software that protects their operating system, intentionally making Windows Defender inferior software just isn't within their best interests.
Windows Defender is a superior AV solution for the same reason first party map solutions are superior to third party.
When part of your core functionality is dependent on coverage and total install count, you're never going to beat someone who leverages control of a lower part of the stack.
Wasn't the argument you're responding to that Defender is the superior solution so that you don't have to trust other vendors than Microsoft, of which the trust point is moot if you've already chosen to run Windows?
My point is that using Debian is the superior solution, from a privacy perspective. But yes, I do agree that Defender is the best option, if you must use Windows.
When I got my first Yubikey the first thing I did was start securing all of my accounts with 2FA. Facebook was one of the few accounts I had at the time that supported U2F, which is what I wanted to try the most. Foolishly, I saw no harm in giving up my phone number for the purposes of enabling it, but only two weeks later I was receiving daily updates from my Facebook feed that I never asked for. Oddly, the text messages stopped on their own but not before they continued a month later, with Facebook asking me why I haven't been logging in and to tell me what I've been "missing." Again, this stopped a few days afterwards.
Then, about three months ago I had a privacy scare, courtesy of Facebook. I was exchanging contact information with a friend several states away whom I had just recently met, and the moment she added my phone number to her contacts list, her Pixel phone had automatically associated my phone number with as much information about me from Facebook without my knowledge, apparently by performing a lookup that can also be done using someone's email address. This exact thing was brought to more public attention with an article that was posted here to HN a week after this happened to me, but I can't seem to find it.
Thankfully, the person that I had this scare with is someone I can trust, but the plausibility that anyone could do this again with just a phone number or email address was enough for me to finally delete my Facebook account since I could not find a way to dissociate my number now that I had given it to them. I figure that even though my information is still stored somewhere on their systems, deleting my account is as much as I can do to try and mitigate/prevent further damage.
I think this is one of those cases where you need to take into account the intent of the Intel ME and whether or not you can consider it a backdoor. Surely it's a useful tool in corporate environments but to any other average individual it's definitely a backdoor. It's a "feature" of nearly every modern x86 CPU that undoubtedly has capabilities of a backdoor that cannot be turned off or disabled by regular means. If I wanted to be able to remotely manage my machines out of band then I would've asked for it, but instead I foolishly bought myself into a very easy way for vendors to maintain control over me and my data.
