No, this is not an Onion article. But it very well could be. Can somebody explain why on Earth somebody would think this is a good idea?
" The US Department of Defense is the latest big name to give Windows 10 the seal of approval apparently unconcerned with the privacy and telemetry issues that have put off others."
I've read comments on both sides of the fence, but I can't imagine this would be a good idea. Considering Windows is known for all kinds of backdoors, doesn't make it ripe to exploited by hackers? Educate me if I'm off base.
source:
http://betanews.com/2016/02/17/windows-10-to-be-installed-on-4-million-us-department-of-defense-computers/
They have to upgrade from XP eventually. ..
Probably they'll get backdoor free edition. AFAIK in enterprise edition, spying can be switched off in setting without tinkering deeper, unlike in other editions.
The government is the organization doing the spying. So they don't really care if they are able to spy on their own computers...
You spy for the US government you win government contracts.
It's probably a highly customized and sanitized alternative to the consumer spyware version, with only a vague resemblance to the original. Microsoft calling it Windows 10 is just a publicity stunt.
It is a bit deceptive to provide an unattributed quote and a single source. The natural inference the reader will draw is that the quote comes from the source. As you know it is a quote from some comment respondant who goes by the moniker "roborat". It is not a quote from the original noted source. WTF
No, if you go to the link I posted as the source of the quote, you will find that line I quoted is a direct quote from the article, in the first paragraph. As for you assuming I'm trolling, well that's your opinion. Yes, I'm new to the forum. But I saw the article and thought it might be a good thing to post to jump into the mix, since it did seem to be in the area of subject matter here. But like I said to start, you are incorrect in your initial assertion. The quote I posted is directly from the link I sourced it from.
But if you got some sort of kick out of scolding me, than I guess it's all good.
You can't make this stuff up.
Maybe the Pentagon *wants* an OS with permanent keylogging?
I wonder if the F-35 will get Windows 10?
Govt's position has always been "trust but verify".
They've got their tendrils deep within M$, so that shouldn't be a problem.
What will be a problem is when M$ inevitably experiences a leak, and millions of personal, corporate and government records get loose...
Tim
Its a good thing the US has no operable nuclear weapons left.
So a glitch in Windows 10 can't accidentally start World War 3.
Not all computers are critical, and Win10 is likely better than XP. They also have to learn about there targets.
Anyway one of the worst parts with Win10 are the terms of usage, at least for the home version - here DOD might get a different version.
At least from HP, upgrading from Home to Pro when ordering a machine is an additional 49 lousy bucks.
Isn't getting rid of the "Home" baggage worth 49 bucks?
You 'can' use Windows on a secure network containing sensitive data... even for highly sensitive defence based stuff that only authorised/cleared staff should see. But you have to keep the network as a secure internal network within a company for example. So there would be an internal network connecting all the computers but this network would not be connected to the internet and it would be arranged such that even a deliberate attempt to connect to the internet would not be possible and any attempt to try would cause an alert.
You 'can' use Windows on a secure network containing sensitive data..
So there would be an internal network connecting all the computers but this network would not be connected to the internet
In a flowershop with 3 machines, you are probably right. The largest the organization the more likely someone is to "plug-in" to the local network to see what kind of fun they can have
You 'can' use Windows on a secure network containing sensitive data..
So there would be an internal network connecting all the computers but this network would not be connected to the internet
In a flowershop with 3 machines, you are probably right. The largest the organization the more likely someone is to "plug-in" to the local network to see what kind of fun they can have
No, I'm right for a very large company because that's how it is done in the real world. The only people with access to the network would have relevant security clearance and the network will be inside secure buildings requiring various access security codes and door keys and logins. This is all quite normal in the real world.
window$ 8 is still sensitive to 'man in the middle' attack, so most probably windows 10 too, in that way security is, most probably, reduced to zero (I haven't tested yet).
I don't understand why the don't fix that code and make as Linux that ignore not requested packages, would solve 90% of serious attacks instantly. I started to think that they like to be hacked.
More complicated attacks come from user software and computer/laptop use outside of secure network. Injection code from websites apply too.
This is bad idea, but I suppose that teach people to use other OS is more expensive or give more problems than maintain Windows.
No, I'm right for a very large company because that's how it is done in the real world. The only people with access to the network would have relevant security clearance and the network will be inside secure buildings requiring various access security codes and door keys and logins. This is all quite normal in the real world.
That was right back a few years ago. Today we are implementing even INTERNAL network security like requiring that all web pages are https. Even if you have security protocols that prevent unauthorized access to the network, when you have high-value data and 10s of thousands of of employees and contractors with authorized access, you can't assume that even someone with proper access isn't sniffing for things THEY aren't authorized for.
No, I'm right for a very large company because that's how it is done in the real world. The only people with access to the network would have relevant security clearance and the network will be inside secure buildings requiring various access security codes and door keys and logins. This is all quite normal in the real world.
That was right back a few years ago. Today we are implementing even INTERNAL network security like requiring that all web pages are https. Even if you have security protocols that prevent unauthorized access to the network, when you have high-value data and 10s of thousands of of employees and contractors with authorized access, you can't assume that even someone with proper access isn't sniffing for things THEY aren't authorized for.
It's correct NOW and has been like this for many years. Turn the problem around... what super secure and 'untappable' OS do YOU expect employees to use when designing new equipment and writing secure documentation? What modern CAD tools do you expect them to use? Eg for designing critical code for FPGAs or MCUs or for creating design documents for sensitive projects? How do you expect them to share and review data within the company without a secure network? Do you still think it's only done using old fashioned typewriters and glued on photographs and microfilm inside a brown document folder like in the movies?
You have completely missed the point. We no longer consider the network INSIDE the firewall and other mechanism to be "secure". This has nothing to to with operating systems. There are levels of security and compartmentalization of information even INSIDE the protected environment.
You have completely missed the point. We no longer consider the network INSIDE the firewall and other mechanism to be "secure". This has nothing to to with operating systems. There are levels of security and compartmentalization of information even INSIDE the protected environment.
But you are just stating the obvious. There are/is "levels of security and compartmentalization of information" in everyday networks including the internet and even computers in the family home or in schools and it's been like this for many, many years. The same applies to secure networks in the defence industry.
Note that 'secure' here describes the aim (and is often the descriptive name) of the network and isn't meant to imply the network can ever be 100% secure. But such networks are used in the defence industry and they can carry material up to quite high security classifications.
That was right back a few years ago. Today we are implementing even INTERNAL network security... etc etc
So I'm left wondering if you think that having various levels of access/security within a network (any network) is a new fangled idea introduced a few years ago.
So I'm left wondering if you think that having various levels of access/security within a network (any network) is a new fangled idea introduced a few years ago.
No. I am saying that modern security is much more complex than the simple outside vs inside as you seemed to imply in Reply #17.
So I'm left wondering if you think that having various levels of access/security within a network (any network) is a new fangled idea introduced a few years ago.
No. I am saying that modern security is much more complex than the simple outside vs inside as you seemed to imply in Reply #17.
I described the human factors of the system (eg the people and the computers and the secure building)
using just a single sentence across two lines of text. Did you expect me to include a comprehensive description of all the security measures/levels? How big a document did you expect me to write?
The point (relevant to this thread) is that it can be done (and is done and has been done for many years) using a Windows OS.
Govt's position has always been "trust but verify".
They've got their tendrils deep within M$, so that shouldn't be a problem.
What will be a problem is when M$ inevitably experiences a leak, and millions of personal, corporate and government records get loose...
Tim
Write some script to inject lots of fake data. Then not only would they have to figure out what's real in order to make use of the data, but hackers who get a hold of it would have the same problem.