Author Topic: Windows is getting disgusting  (Read 158578 times)

0 Members and 1 Guest are viewing this topic.

Offline SiliconWizard

  • Super Contributor
  • ***
  • Posts: 5453
  • Country: fr
Re: Windows is getting disgusting
« Reply #825 on: March 20, 2019, 04:18:42 pm »
MS just released an "update" for Windows 7 which will serve as a reminder starting jan. 2020 to annoy the hell out of people who will still be using 7. This update is optional  for now, but I wouldn't count on that forever.

I'm ever more glad that I disabled updates completely 3 years ago after the GWX fiasco. Updates have caused far more damage, grief and wasted hours than they have prevented. It's asinine that they abuse the update process in order to push crap. It should be possible to get security fixes only rather than mixing those with features. I don't want my operating system to be a service, I want it to stay out of my way and let me work.

The mentioned update is the following: https://support.microsoft.com/en-us/help/4493132/windows-7-update-kb4493132
It appears unchecked by default in Windows update, but is flagged as "important". I think that's exactly what MS did at first with GWX. You can still mask it though so it doesn't constantly reappear... until next time.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 2364
  • Country: pl
Re: Windows is getting disgusting
« Reply #826 on: March 20, 2019, 06:05:40 pm »
Nothing leaves my network without me knowing about it.
Do you block tor too? What if Windows starts exfiltrating your data to a hidden service? Or even some random server on Azure cloud, no different from a million other servers your users visit?

I'm ever more glad that I disabled updates completely 3 years ago after the GWX fiasco. Updates have caused far more damage, grief and wasted hours than they have prevented.
Including security updates? That may turn into an adventure one day, be sure to have backups at least ;)
« Last Edit: March 20, 2019, 06:07:33 pm by magic »
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4016
  • Country: au
Re: Windows is getting disgusting
« Reply #827 on: March 20, 2019, 07:18:59 pm »
Nothing leaves my network without me knowing about it.

That is just what you *wish* to achieve.  An external firewall might help, but there is no guarantee that the wish really happens.

Everybody should keep that in mind at all times.

As I said, I know what goes in and out of my network at all times. Apart from the use of firewalls, there are other ways to achieve this. For example, I use whitelisting on other parts of my network, where completely untrusted device sit.

Someone else mentioned side-channel attacks, those can be mitigated too with some careful planning (such as not buying devices with microphones built-in).

As for my Windows 10 machine, even if it did manage to talk back to Microsoft, I can still control what data it provides by giving it fabricated information to begin with and keeping personal/private information off that system. In my case, that box is only used for gaming. Any telemetry is not personally attributed to me in any way and contains no private information (because the system doesn't hold that information to begin with).

Network security is just as much about the humans as it is about the systems in place.
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 12266
  • Country: us
Re: Windows is getting disgusting
« Reply #828 on: March 20, 2019, 07:34:20 pm »
Including security updates? That may turn into an adventure one day, be sure to have backups at least ;)

Well I've already had adventures including having to reinstall machines due to borked updates so I'll take my chances. Despite cries that the sky is falling I've yet to ever be a victim of an exploit so at this point updates have caused me far more problems than they have fixed and it is only getting worse. Naturally I have all my important data backed up.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #829 on: March 20, 2019, 07:59:36 pm »
I suggest you turn off windows defender if you haven't updated for 3 years. There's a nasty non user invoked remote execution vulnerability in it. Basically just receiving a file in your mail client without opening it with the vulnerability injected can cause the sandbox process to execute it as SYSTEM. Fun fun fun.

This is fixed now. QED. Run updates. Don't be a dick. Or we end up with Slammer or Stuxnet again.

Edit: also check your T&C on your ISP. If you cause their network trouble and you didn't follow due diligence then expect to have a fat finger pointed at you.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 2364
  • Country: pl
Re: Windows is getting disgusting
« Reply #830 on: March 20, 2019, 08:15:44 pm »
Well I've already had adventures including having to reinstall machines due to borked updates so I'll take my chances. Despite cries that the sky is falling I've yet to ever be a victim of an exploit.
Malware is a concern though. IIRC, a year or two ago some shitty Ukrainian ransomware completely shut down large part of Maersk, a global shipping company, for something like a day or two. Not a good place to be, I guess.

But indeed, I am quite Zen about security myself too. Relevant old joke:

noob's password: suzy, because no one on the Internet could possibly know his girlfriend's name
hacker wannabe's password: bugfkfon3598up..11!!.1, because no one could possibly guess that
actual hacker's password: suzy, because anyone who cares will find a way to break in anyway
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Windows is getting disgusting
« Reply #831 on: March 20, 2019, 08:30:54 pm »
Most of the time an infection of a home computer will just silently sit and wait for a command to be used for a denial-of-service attack or some such. I suppose they could silently log your keystrokes and send it off to a server as well. You wouldn't notice it. Ransomware (like wannacry) is more spectacular though.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4016
  • Country: au
Re: Windows is getting disgusting
« Reply #832 on: March 20, 2019, 09:04:00 pm »
I suggest you turn off windows defender if you haven't updated for 3 years. There's a nasty non user invoked remote execution vulnerability in it. Basically just receiving a file in your mail client without opening it with the vulnerability injected can cause the sandbox process to execute it as SYSTEM. Fun fun fun.

This is fixed now. QED. Run updates. Don't be a dick. Or we end up with Slammer or Stuxnet again.
But I haven't been infected before! I mean, I don't know what an infection would look like. I suppose it's very obvious, but I haven't been infected before.

Why bother getting immunised either? I mean, I've had Hepatitis before. ;-)
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #833 on: March 20, 2019, 09:12:53 pm »
Just to note on telemetry, even the server versions (2019+) and the enterprise editions report telemetry when it's turned off now.

The company I am currently consulting with consider this to be a grave enough security risk they are planning a whole site migration to RHEL / CentOS at the moment which is paying the bills nicely. So thanks Microsoft!  :-DD
Do you have a source for that? I know some people who'd be very interested in that information.

Nothing public yet. This is from internal testing of windows server 2019 in a sandbox in AWS. Traffic identified by wireshark. This is with all the GPOs that control telemetry turned off. This may be a bug as this has happened before where they screwed up but at the best it shows their quality control is a risk in itself.

 
I suggest you turn off windows defender if you haven't updated for 3 years. There's a nasty non user invoked remote execution vulnerability in it. Basically just receiving a file in your mail client without opening it with the vulnerability injected can cause the sandbox process to execute it as SYSTEM. Fun fun fun.

This is fixed now. QED. Run updates. Don't be a dick. Or we end up with Slammer or Stuxnet again.
But I haven't been infected before! I mean, I don't know what an infection would look like. I suppose it's very obvious, but I haven't been infected before.

Depends on the goal. 90% of the time you know nothing. Only the ransomware and poorly written worms tend to make a lot of noise. Much like a disease it’s ineffective if it kills the host too quickly or draws attention to itself.
 

Offline Richard Crowley

  • Super Contributor
  • ***
  • Posts: 4310
  • Country: us
  • KE7GKP
Re: Windows is getting disgusting
« Reply #834 on: March 20, 2019, 09:31:40 pm »
Considering the likely monitoring by NSA, China and Russia, what the guys in Redmond may be doing pales by comparison.  I'm one of the people who don't give a toss because the battle has been lost.  Unless you like aluminum foil headwear.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #835 on: March 20, 2019, 09:39:35 pm »
Microsoft hand over their vulnerabilities to the NSA before we get patches under their early disclosure scheme. Everyone shits in the same toilet.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4016
  • Country: au
Re: Windows is getting disgusting
« Reply #836 on: March 20, 2019, 10:30:57 pm »
Microsoft hand over their vulnerabilities to the NSA before we get patches under their early disclosure scheme. Everyone shits in the same toilet.

Quite often its the other way around. Vendors don't like sharing with Government and vice versa.
 
The following users thanked this post: Mr. Scram

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: Windows is getting disgusting
« Reply #837 on: March 20, 2019, 10:38:36 pm »
so ... Windows is no-good, MacOSX is no-good, and even Linux is becoming no-good.
What is the future? ArOS? RiscOS? a new BeOS-clone? FreeBSD? ... that's a big problem.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #838 on: March 20, 2019, 10:50:37 pm »
I vote for airgapped RISC OS. My RPC was the last computer I used that did what I told it to
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3040
  • Country: us
Re: Windows is getting disgusting
« Reply #839 on: March 20, 2019, 11:38:51 pm »
I was pretty sure I had the Defender fix, but I started Update just to check. Updates thru mid 2018 were installed, but after 20 minutes of following link after link at microsoft.com, damned if I could tell if the Defender fix was in place. Microsoft is often not so good at providing information in a straight forward way. I went ahead and installed the rest of the 2018 updates, then turned them off again.
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 12266
  • Country: us
Re: Windows is getting disgusting
« Reply #840 on: March 21, 2019, 12:55:17 am »
I suggest you turn off windows defender if you haven't updated for 3 years. There's a nasty non user invoked remote execution vulnerability in it. Basically just receiving a file in your mail client without opening it with the vulnerability injected can cause the sandbox process to execute it as SYSTEM. Fun fun fun.

This is fixed now. QED. Run updates. Don't be a dick. Or we end up with Slammer or Stuxnet again.

Edit: also check your T&C on your ISP. If you cause their network trouble and you didn't follow due diligence then expect to have a fat finger pointed at you.

I've never used Windows Defender in the first place, I've always used 3rd party products. I also keep my network pretty tightly locked down and closely monitored and everything facing outward is up to date. I'm not worried about it at all, the only time I've ever seen malware it was bundled serepticiously with legitimate software, hasn't been an issue since I wised up to that.

The plan is to transition fully over to Linux within the next 5 years or so and retire Win7 to a VM at that point. I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4016
  • Country: au
Re: Windows is getting disgusting
« Reply #841 on: March 21, 2019, 02:37:53 am »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3040
  • Country: us
Re: Windows is getting disgusting
« Reply #842 on: March 21, 2019, 04:06:57 am »
I think I'll look at one of those extra secure and private Linux distros. I like the idea of an OS that resides in memory and loses any changes when shut down. It wouldn't be practical for everything, but this particular computer is used 99% for internet,1% Windows updates...so probably would work out fine.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #843 on: March 21, 2019, 09:06:17 am »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.

Also don't forget UPnP. I had a printer taken over because it had exposed itself via UPnP. Fortunately printers were all on their own DMZ so it was contained (my point about layered security wins here)
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #844 on: March 21, 2019, 09:08:52 am »
I think I'll look at one of those extra secure and private Linux distros. I like the idea of an OS that resides in memory and loses any changes when shut down. It wouldn't be practical for everything, but this particular computer is used 99% for internet,1% Windows updates...so probably would work out fine.

Unless it has some kind of persistence then it's useless. And when there's some kind of persistence then it's exploitable.

So you save your png file on the persistent volume, libpng is vulnerable, vulnerability spreads to all your pngs.

One of my active defences is that backups are fully diff'ed, incremental and done off line. When you see files modified that you don't remember modifying, be suspicious.
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3040
  • Country: us
Re: Windows is getting disgusting
« Reply #845 on: March 21, 2019, 11:05:41 am »
For a computer used 100% as a web browser, and only for viewing, persistence is not necessary. An OS that always boots up exactly as it was last time has some appeal. I have enough computers sitting around that dedicating one to this purpose wouldn't be a big deal. It was just a thought anyway - I have at least ten other things I could be working on right now that are far more important.
 

Offline RoGeorge

  • Super Contributor
  • ***
  • Posts: 2442
  • Country: ro
Re: Windows is getting disgusting
« Reply #846 on: March 21, 2019, 12:21:38 pm »
An OS that always boots up exactly as it was last time has some appeal.

Any Linux live can do that (e.g. Ubuntu live).
Just take a USB drive of 1-2GB and put a live Linux on it.

Then, boot from that USB any time you want just to browse.  Boot time is usually less than a minute.

If you need to browse and also be less traceable, see "Tails" or "Qubes OS".  Tales and Qubes can have persistance if you need, or can be installed.  Qubes can have (run) simultaneous "disposable", "secure" or "isolated (no net)" machines running on the same screen.  If you want, Qubes can generate a fresh new Linux machine on the spot, instead of just opening a new browser window.
« Last Edit: March 21, 2019, 12:26:03 pm by RoGeorge »
 

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: Windows is getting disgusting
« Reply #847 on: March 21, 2019, 12:29:43 pm »
So what should I have to buy for FinalCut? A Mac? A PC?
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 15569
  • Country: gb
Re: Windows is getting disgusting
« Reply #848 on: March 21, 2019, 12:32:15 pm »
VHS splicing machine  :-DD
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4016
  • Country: au
Re: Windows is getting disgusting
« Reply #849 on: March 21, 2019, 07:21:24 pm »
I've just seen zero evidence of exploits being an issue worth worrying about when dealing with a private network that is NATed behind a firewall. My machines aren't just sitting out there on the wide open internet.

It's much more common than you think. Once an attacker/malware gets access to a machine somewhere on your network (or at the perimeter), it becomes easier to pivot from that machine to others on your LAN. A NAT'd connection won't necessarily protect you.

Also don't forget UPnP. I had a printer taken over because it had exposed itself via UPnP. Fortunately printers were all on their own DMZ so it was contained (my point about layered security wins here)

Excellent example and one which is not uncommon. A lot of people focus their efforts on hardening their PC's and servers, but forget about every other device connected to their network, i.e.: Printers, IP cameras, TVs, network connected amplifiers, IoT thermostats etc... There are essentially small PCs inside each of those and once they are popped, they are a gateway into your LAN. As b139 explained, they don't need to be on a public IP address to be vulnerable.

Aside from hardcore nerds, how many people do you think bother regularly checking for updated firmware on those types of devices?
But even that isn't enough, I can't remember the last time new firmware came out for my printer or TV, which is why a layered security model (even for a home) is important. Devices like the ones I described have no business being on your trusted internal LAN.

If all anyone had to do was place a router/firewall in between their network and the internet to remain secure, everyone and every business would be doing it. Unfortunately in reality, that's not how it works.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf