Author Topic: Windows is getting disgusting  (Read 212838 times)

0 Members and 2 Guests are viewing this topic.

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: Windows is getting disgusting
« Reply #800 on: March 20, 2019, 10:38:36 pm »
so ... Windows is no-good, MacOSX is no-good, and even Linux is becoming no-good.
What is the future? ArOS? RiscOS? a new BeOS-clone? FreeBSD? ... that's a big problem.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: Windows is getting disgusting
« Reply #801 on: March 20, 2019, 10:50:37 pm »
I vote for airgapped RISC OS. My RPC was the last computer I used that did what I told it to
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3665
  • Country: us
Re: Windows is getting disgusting
« Reply #802 on: March 20, 2019, 11:38:51 pm »
I was pretty sure I had the Defender fix, but I started Update just to check. Updates thru mid 2018 were installed, but after 20 minutes of following link after link at microsoft.com, damned if I could tell if the Defender fix was in place. Microsoft is often not so good at providing information in a straight forward way. I went ahead and installed the rest of the 2018 updates, then turned them off again.
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 21611
  • Country: us
Re: Windows is getting disgusting
« Reply #803 on: March 21, 2019, 12:55:17 am »
I suggest you turn off windows defender if you haven't updated for 3 years. There's a nasty non user invoked remote execution vulnerability in it. Basically just receiving a file in your mail client without opening it with the vulnerability injected can cause the sandbox process to execute it as SYSTEM. Fun fun fun.

This is fixed now. QED. Run updates. Don't be a dick. Or we end up with Slammer or Stuxnet again.

Edit: also check your T&C on your ISP. If you cause their network trouble and you didn't follow due diligence then expect to have a fat finger pointed at you.

I've never used Windows Defender in the first place, I've always used 3rd party products. I also keep my network pretty tightly locked down and closely monitored and everything facing outward is up to date. I'm not worried about it at all, the only time I've ever seen malware it was bundled serepticiously with legitimate software, hasn't been an issue since I wised up to that.

The plan is to transition fully over to Linux within the next 5 years or so and retire Win7 to a VM at that point. I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 5632
  • Country: au
Re: Windows is getting disgusting
« Reply #804 on: March 21, 2019, 02:37:53 am »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3665
  • Country: us
Re: Windows is getting disgusting
« Reply #805 on: March 21, 2019, 04:06:57 am »
I think I'll look at one of those extra secure and private Linux distros. I like the idea of an OS that resides in memory and loses any changes when shut down. It wouldn't be practical for everything, but this particular computer is used 99% for internet,1% Windows updates...so probably would work out fine.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: Windows is getting disgusting
« Reply #806 on: March 21, 2019, 09:06:17 am »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.

Also don't forget UPnP. I had a printer taken over because it had exposed itself via UPnP. Fortunately printers were all on their own DMZ so it was contained (my point about layered security wins here)
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: Windows is getting disgusting
« Reply #807 on: March 21, 2019, 09:08:52 am »
I think I'll look at one of those extra secure and private Linux distros. I like the idea of an OS that resides in memory and loses any changes when shut down. It wouldn't be practical for everything, but this particular computer is used 99% for internet,1% Windows updates...so probably would work out fine.

Unless it has some kind of persistence then it's useless. And when there's some kind of persistence then it's exploitable.

So you save your png file on the persistent volume, libpng is vulnerable, vulnerability spreads to all your pngs.

One of my active defences is that backups are fully diff'ed, incremental and done off line. When you see files modified that you don't remember modifying, be suspicious.
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3665
  • Country: us
Re: Windows is getting disgusting
« Reply #808 on: March 21, 2019, 11:05:41 am »
For a computer used 100% as a web browser, and only for viewing, persistence is not necessary. An OS that always boots up exactly as it was last time has some appeal. I have enough computers sitting around that dedicating one to this purpose wouldn't be a big deal. It was just a thought anyway - I have at least ten other things I could be working on right now that are far more important.
 

Online RoGeorge

  • Super Contributor
  • ***
  • Posts: 6147
  • Country: ro
Re: Windows is getting disgusting
« Reply #809 on: March 21, 2019, 12:21:38 pm »
An OS that always boots up exactly as it was last time has some appeal.

Any Linux live can do that (e.g. Ubuntu live).
Just take a USB drive of 1-2GB and put a live Linux on it.

Then, boot from that USB any time you want just to browse.  Boot time is usually less than a minute.

If you need to browse and also be less traceable, see "Tails" or "Qubes OS".  Tales and Qubes can have persistance if you need, or can be installed.  Qubes can have (run) simultaneous "disposable", "secure" or "isolated (no net)" machines running on the same screen.  If you want, Qubes can generate a fresh new Linux machine on the spot, instead of just opening a new browser window.
« Last Edit: March 21, 2019, 12:26:03 pm by RoGeorge »
 

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: Windows is getting disgusting
« Reply #810 on: March 21, 2019, 12:29:43 pm »
So what should I have to buy for FinalCut? A Mac? A PC?
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: Windows is getting disgusting
« Reply #811 on: March 21, 2019, 12:32:15 pm »
VHS splicing machine  :-DD
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 5632
  • Country: au
Re: Windows is getting disgusting
« Reply #812 on: March 21, 2019, 07:21:24 pm »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.

Also don't forget UPnP. I had a printer taken over because it had exposed itself via UPnP. Fortunately printers were all on their own DMZ so it was contained (my point about layered security wins here)

Excellent example and one which is not uncommon. A lot of people focus their efforts on hardening their PC's and servers, but forget about every other device connected to their network, i.e.: Printers, IP cameras, TVs, network connected amplifiers, IoT thermostats etc... There are essentially small PCs inside each of those and once they are popped, they are a gateway into your LAN. As b139 explained, they don't need to be on a public IP address to be vulnerable.

Aside from hardcore nerds, how many people do you think bother regularly checking for updated firmware on those types of devices?
But even that isn't enough, I can't remember the last time new firmware came out for my printer or TV, which is why a layered security model (even for a home) is important. Devices like the ones I described have no business being on your trusted internal LAN.

If all anyone had to do was place a router/firewall in between their network and the internet to remain secure, everyone and every business would be doing it. Unfortunately in reality, that's not how it works.
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 21611
  • Country: us
Re: Windows is getting disgusting
« Reply #813 on: March 22, 2019, 12:20:43 am »
I have very few connected devices and those I do have are only given the access they need.

This example more supports my assertion that keeping a pc patched isn't THAT big of a deal when there are countless other gadgets in many homes that represent a much more likely attack vector.

Now I've cleaned up dozens of infected machines over the years and for what it's worth most of those infected machines had auto-updating on and were fully patched but they got infected by users installing things or clicking attachments in emails. I remain to be convinced that OS updates are the silver bullet some make them out to be, or that disabling updates greatly increases the risk of getting infected. Again I'll clarify that I'm referring to home PCs that are behind a firewall.
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 8973
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Windows is getting disgusting
« Reply #814 on: March 22, 2019, 12:38:29 am »
Also don't forget UPnP. I had a printer taken over because it had exposed itself via UPnP. Fortunately printers were all on their own DMZ so it was contained (my point about layered security wins here)
That UPnP junk should never have been invented in the first place. DD-WRT disables it by default since it is insecure by design.
https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1057222
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9810
  • Country: 00
  • Display aficionado
Re: Windows is getting disgusting
« Reply #815 on: March 22, 2019, 12:53:30 am »
I have very few connected devices and those I do have are only given the access they need.

This example more supports my assertion that keeping a pc patched isn't THAT big of a deal when there are countless other gadgets in many homes that represent a much more likely attack vector.

Now I've cleaned up dozens of infected machines over the years and for what it's worth most of those infected machines had auto-updating on and were fully patched but they got infected by users installing things or clicking attachments in emails. I remain to be convinced that OS updates are the silver bullet some make them out to be, or that disabling updates greatly increases the risk of getting infected. Again I'll clarify that I'm referring to home PCs that are behind a firewall.
It's not a silver bullet, but it is a link in the chain. No amount of updates are going to save an incompetent user, but it definitely hardens the system and makes it less likely the holes line up. You seem to be out to convince yourself they're not that important and I won't pretend to understand why.

The people you helped were people who were apparently not very computer savvy and who were infected in ways even they could detect. Those can probably be considered bottom tier exploits, but shouldn't fool you into thinking that's representative of the threat landscape.
 
The following users thanked this post: Halcyon

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Windows is getting disgusting
« Reply #816 on: March 24, 2019, 03:12:09 pm »
It used to be true that if you didn't open spam email attachments*, used a firewall and didn't have any internet services you would be just fine. In the past someone might create a virus just for fame and laughs, now unscrupulous individuals have come up with ways of making money by infecting home users machines, so it's a more interesting target for hackers. Today you can be infected just by watching the wrong web page (there might be buffer overflows (etc) in image/video/javascript libraries (etc)), so it's generally advisable to keep your software updated.

* That unfortunately included things that people would reasonably assume were safe, like a word document. For some inexplicable reason Microsoft thought it was a good idea to include powerful scripting capabilities in all office documents that made them just as risky as any executable (exe) file. Flash files were also notoriously unsafe.
« Last Edit: March 24, 2019, 03:25:37 pm by apis »
 

Offline Bassman59

  • Super Contributor
  • ***
  • Posts: 2501
  • Country: us
  • Yes, I do this for a living
Re: Windows is getting disgusting
« Reply #817 on: March 25, 2019, 05:15:20 am »
So what should I have to buy for FinalCut? A Mac? A PC?

Apple’s Final Cut runs only on macOS, so you need to buy a Mac.
 

Offline CatalinaWOW

  • Super Contributor
  • ***
  • Posts: 5173
  • Country: us
Re: Windows is getting disgusting
« Reply #818 on: March 25, 2019, 05:43:04 am »
It used to be true that if you didn't open spam email attachments*, used a firewall and didn't have any internet services you would be just fine. In the past someone might create a virus just for fame and laughs, now unscrupulous individuals have come up with ways of making money by infecting home users machines, so it's a more interesting target for hackers. Today you can be infected just by watching the wrong web page (there might be buffer overflows (etc) in image/video/javascript libraries (etc)), so it's generally advisable to keep your software updated.

* That unfortunately included things that people would reasonably assume were safe, like a word document. For some inexplicable reason Microsoft thought it was a good idea to include powerful scripting capabilities in all office documents that made them just as risky as any executable (exe) file. Flash files were also notoriously unsafe.


I have enjoyed the used of those scripting capabilities for several applications.  It is too bad that tools can't be released to the public because there will be people who choose to misuse them.  While you can ding MS for their naivety in putting these tools out, you can't fault their intentions.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9810
  • Country: 00
  • Display aficionado
Re: Windows is getting disgusting
« Reply #819 on: March 25, 2019, 05:52:27 am »
I have enjoyed the used of those scripting capabilities for several applications.  It is too bad that tools can't be released to the public because there will be people who choose to misuse them.  While you can ding MS for their naivety in putting these tools out, you can't fault their intentions.
I don't think anyone reasonably doubts the usefulness of VBA. It's just that it's been somewhat overlooked as a vector before it was too late.
 

Offline DimitriP

  • Super Contributor
  • ***
  • Posts: 1288
  • Country: us
  • "Best practices" are best not practiced.© Dimitri
Re: Windows is getting disgusting
« Reply #820 on: March 25, 2019, 09:37:24 am »
Quote
I don't think anyone reasonably doubts the usefulness of VBA. It's just that it's been somewhat overlooked as a vector before it was too late.

Some of the smartest boneheads work for microsoft.
That's why windows always warns:
"Starting windows"


   If three 100  Ohm resistors are connected in parallel, and in series with a 200 Ohm resistor, how many resistors do you have? 
 

Online Alex Nikitin

  • Super Contributor
  • ***
  • Posts: 1150
  • Country: gb
  • Femtoampnut and Tapehead.
    • A.N.T. Audio
Re: Windows is getting disgusting
« Reply #821 on: March 25, 2019, 01:26:54 pm »
window (wĭnˈdō)
n.   An opening constructed in a wall

 :-DD

Cheers

Alex
 

Online Zero999

  • Super Contributor
  • ***
  • Posts: 19345
  • Country: gb
  • 0999
Re: Windows is getting disgusting
« Reply #822 on: March 25, 2019, 03:36:19 pm »
The word window has also been used for computer graphical user interface elements, before Microsoft Windows existed. Microsoft have had a history of using generic names for their products such as Office, Word, Publisher etc.
https://en.wikipedia.org/wiki/Window_(computing)
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 21611
  • Country: us
Re: Windows is getting disgusting
« Reply #823 on: March 25, 2019, 03:42:30 pm »
I do like the generic names, it tells you what the program does and it sounds clean and professional. One of my gripes about Linux/FOSS is that so much of the software has silly/annoying/suggestive or otherwise unprofessional names and I would not underestimate the degree to which this makes it hard for people to take them seriously.
 
The following users thanked this post: Bud

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Windows is getting disgusting
« Reply #824 on: March 25, 2019, 03:50:38 pm »
I have enjoyed the used of those scripting capabilities for several applications.  It is too bad that tools can't be released to the public because there will be people who choose to misuse them.  While you can ding MS for their naivety in putting these tools out, you can't fault their intentions.
It wasn't overlooked it was ignored, their policy was that people prefer convenience over security so they provided convenience. That seems to have changed though.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf