Author Topic: How much security is needed for windows 10?  (Read 12655 times)

0 Members and 1 Guest are viewing this topic.

Offline BeaminTopic starter

  • Super Contributor
  • ***
  • Posts: 1567
  • Country: us
  • If you think my Boobs are big you should see my ba
How much security is needed for windows 10?
« on: August 24, 2021, 09:56:44 pm »
It used to be I would run an anti virus and two spyware tools but on win10 it seems like keeping it up dtaed and all security is on is all you have to do.

I still dont trust it though I will put up my bitcoin charts; bowlinger band MA etc on it but I trade through my phone with 2 factor because I dont trust the PC with all the ransomware attacks
Max characters: 300; characters remaining: 191
Images in your signature must be no greater than 500x25 pixels
 

Offline Zucca

  • Supporter
  • ****
  • Posts: 4298
  • Country: it
  • EE meid in Itali
Re: How much security is needed for windows 10?
« Reply #1 on: August 25, 2021, 11:57:34 am »
if you care about security adn privacy

format c:

install linux.

It will not solve the problem just mitigate it by a ton
Can't know what you don't love. St. Augustine
Can't love what you don't know. Zucca
 
The following users thanked this post: Ed.Kloonk, Circlotron, Red Squirrel, Exosia

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #2 on: August 25, 2021, 12:24:09 pm »
PS> alas. such topic belongs to Gen.Computing-> Security

That is partially true.

While anything MS (aka MerdSoft)  is by default unreliable...

*NIX  or Linux is by default reliable just for the most simple fact that you have not only access to the code but also a wide plethora of options to choose.

MS is like a blackbox. How much secure is a blackbox to put your hand inside ? (think of that putting your life data and privacy..)

Linux  diverted a lot  from best *NIX practices..

POTTERIX  BUNTUS and other diverted "products" are considerably less secure and troublesome than real *NIX faithful alternatives..  their goal is also business not best practices.

If you care about security choose a distro close to *NIX  like:
- Slackware
- FreeBSD
- OpenBSD

The last one is  the only one I ever recommend  for safe sites.

Nothing has been subverted or diverted from the book.
The best most competent folks about that.

Go OpenBSD.

MerdSoft is pure shit wrapped in a fancy colorful GUI

Paul


« Last Edit: August 25, 2021, 12:27:39 pm by PKTKS »
 

Offline jmelson

  • Super Contributor
  • ***
  • Posts: 2758
  • Country: us
Re: How much security is needed for windows 10?
« Reply #3 on: August 25, 2021, 05:15:41 pm »
if you care about security adn privacy

format c:

install linux.

It will not solve the problem just mitigate it by a ton
Yes!  I have a web server directly on the net, and I have constant attacks from hackers.  I had a successful break in about a decade ago, and then learned how to secure the system.  Only have one user account that allows external login, use a difficult password, and run denyhosts to watch for ssh login attempts and block them by IP address.  Then, the new thing is Russian hackers creating bogus user accounts on my web store.  That's not a security problem, just a management annoyance.  So, I get hundreds of login attempts a day, but zero success in getting in.  Why do these pathetic idiots even try?

Jon
 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2749
  • Country: ca
Re: How much security is needed for windows 10?
« Reply #4 on: August 25, 2021, 05:21:46 pm »
I second the Linux post, but if you absolutely need Windows for something like games, I would just put that on a separate vlan, and block all the MS IPs at the firewall and block that machine from accessing the rest of the network.

In fact I do the same for Android, phones are basically spy devices and who knows what the hell they're doing in the background.  My wifi is on a separate vlan that has little to no access to my main network.

At one point I was experimenting with blocking all the Google IPs but the issue is the phone complains that the wifi has no internet and keeps nagging me about it, and it also breaks the ability to access local web resources.  I wish they would get rid of that "Feature".  It gives me lot of trouble with my drone too because of that.
 

Offline PaulAm

  • Frequent Contributor
  • **
  • Posts: 938
  • Country: us
Re: How much security is needed for windows 10?
« Reply #5 on: August 25, 2021, 08:39:27 pm »
Quote
In fact I do the same for Android, phones are basically spy devices and who knows what the hell they're doing in the background.  My wifi is on a separate vlan that has little to no access to my main network.

I run a bandwidth monitor on my net and every once in a while one of the phones goes a bit rogue with a constant ~10KB data stream through the night.  A reboot clears that; only Google knows what's going on.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #6 on: August 25, 2021, 10:12:45 pm »
Oh this thread gonna be a shit show.

Use windows 10. It’s fine. Keep updates turned on. Keep your AV (use built in windows defender) up to date. Don’t download software from torrent sites. Don’t install any old shit you see on the internet. Keep at least two offline backups. Job done.

Linux won’t buy you anything. The security model on linux desktops is far far far worse. At least Microsoft bothers with a MAC framework. If your Firefox process is rooted by a zero day on linux they have all the data in your home directory and can write to .profile. Game fucking over.

In case someone thinks I’m anti Linux I am responsible for managing a metric shit ton of Linux infrastructure and writing software that runs on it. On the server yes. On the desktop hell no.

Security = hygiene. Doesn’t matter what platform.
« Last Edit: August 25, 2021, 10:19:30 pm by bd139 »
 
The following users thanked this post: tszaboo, 2N3055, Ranayna, Jacon, Chris_Walch

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2749
  • Country: ca
Re: How much security is needed for windows 10?
« Reply #7 on: August 25, 2021, 10:30:27 pm »
If your Firefox process is rooted by a zero day on linux they have all the data in your home directory and can write to .profile. Game fucking over.

Same in Windows though.  If you hit a "drive by virus" website you basically have your entire system compromised.   Yeah you can chance only redoing your profile and hope the virus did not use any form of privilege escalation exploit but you may as well just format and reinstall at that point since you're basically starting over anyway.   

Linux is not that much better in this regard either, but at least the OS itself is not acting as a trojan spying on you and constantly calling home.   Suppose you could run Firefox within a chroot jail though but that's a pain to setup.  I don't get why it's not like that by default really.   
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 5632
  • Country: au
Re: How much security is needed for windows 10?
« Reply #8 on: August 25, 2021, 10:55:12 pm »
With anti-virus, the built-in Windows Defender actually does a decent job. There isn't really a need for a third-party virus tool any more, unless you have specific needs that Windows Defender doesn't address.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #9 on: August 25, 2021, 10:59:47 pm »
If your Firefox process is rooted by a zero day on linux they have all the data in your home directory and can write to .profile. Game fucking over.

Same in Windows though.  If you hit a "drive by virus" website you basically have your entire system compromised.   Yeah you can chance only redoing your profile and hope the virus did not use any form of privilege escalation exploit but you may as well just format and reinstall at that point since you're basically starting over anyway.   

Linux is not that much better in this regard either, but at least the OS itself is not acting as a trojan spying on you and constantly calling home.   Suppose you could run Firefox within a chroot jail though but that's a pain to setup.  I don't get why it's not like that by default really.

Actually no you’re wrong. Read up on Application Guard. https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview

But if you are owned by something, the only right outcome is to burn the whole machine to the ground software wise and start again.

As for the telemetry, yep.

In linux, SELinux should be enabled on desktops and Firefox should be only allowed to write to its cache directories and downloads directory. But freedesktop and associated projects are totally clueless on this because it gets in the way of redesigning gnome every three hours.
« Last Edit: August 25, 2021, 11:02:15 pm by bd139 »
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 6733
  • Country: pl
Re: How much security is needed for windows 10?
« Reply #10 on: August 26, 2021, 11:38:57 am »
OpenBSD sandboxes Firefox by default so that could be an option too :D
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #11 on: August 26, 2021, 12:12:43 pm »
Yes that and pledge(2) is a winner. Need more of that.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #12 on: August 26, 2021, 04:00:33 pm »
OpenBSD sandboxes Firefox by default so that could be an option too :D

It is meant for security.. 

If your site is wide open to internet best option is OpenBSD.
It has all the servers configured reliable from scratch.

Although I run my workstations since 90s with  XWindows and Firefox without major issues at all as mentioned above...  since 90s Slackware distros are very well put.

MerdSoft is a shit show by default it does not need any further help
Alas .. POTTERIX follows the same way.. mimics look and feel and buz  shitshow model.

Stay way from that stinky shit you will be fine

Paul
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #13 on: August 26, 2021, 06:06:24 pm »
Dude we have 9000+ windows desktops.

The problem is the users not the technology.

No magic OS decision is going to save you from humans.
 
The following users thanked this post: MazeFrame

Offline BeaminTopic starter

  • Super Contributor
  • ***
  • Posts: 1567
  • Country: us
  • If you think my Boobs are big you should see my ba
Re: How much security is needed for windows 10?
« Reply #14 on: August 29, 2021, 09:55:26 pm »
Dude we have 9000+ windows desktops.

The problem is the users not the technology.

No magic OS decision is going to save you from humans.

I have linux on a pi I run sometimes but honest;y now that I'm older I just want to install a program and have it work, the first time. With linux there is always 10 extra steps that are not intuitive if you arent a regular linux user. When I was a kid this was great and I would learn stuff, but right now I can't be bothered with it, computers just arent that fun anymore... unless you are doing SDR but even then the computer is 2nd to the fun part.
Max characters: 300; characters remaining: 191
Images in your signature must be no greater than 500x25 pixels
 
The following users thanked this post: bd139

Offline ebclr

  • Super Contributor
  • ***
  • Posts: 2328
  • Country: 00
Re: How much security is needed for windows 10?
« Reply #15 on: August 30, 2021, 03:20:48 am »
I'm a lucky guy using MS windows 10, for years  without any kind of problem ( at least that I know), Also use Linux, and have a place for both
 

Offline BeaminTopic starter

  • Super Contributor
  • ***
  • Posts: 1567
  • Country: us
  • If you think my Boobs are big you should see my ba
Re: How much security is needed for windows 10?
« Reply #16 on: August 30, 2021, 05:15:24 am »
I'm a lucky guy using MS windows 10, for years  without any kind of problem ( at least that I know), Also use Linux, and have a place for both

Do you by chance use the camera to look at your face to log in? My computer updated recently and it cant turn on the camera anymore. Does anyone know a way to turn on the cam and take a selfie? Some banks require this so they can compare to your drivers lic. I have a surface book BTW, the one with detachable keyboard/tablet mode I never use. Even though its made of metal feels like I'm going to break the thing.
Max characters: 300; characters remaining: 191
Images in your signature must be no greater than 500x25 pixels
 

Offline Bassman59

  • Super Contributor
  • ***
  • Posts: 2501
  • Country: us
  • Yes, I do this for a living
Re: How much security is needed for windows 10?
« Reply #17 on: August 31, 2021, 04:38:52 am »
I'm a lucky guy using MS windows 10, for years  without any kind of problem ( at least that I know), Also use Linux, and have a place for both

Do you by chance use the camera to look at your face to log in? My computer updated recently and it cant turn on the camera anymore. Does anyone know a way to turn on the cam and take a selfie? Some banks require this so they can compare to your drivers lic. I have a surface book BTW, the one with detachable keyboard/tablet mode I never use. Even though its made of metal feels like I'm going to break the thing.

Windows 10 has a camera app, similar to Apple's PhotoBooth.
 

Offline Bassman59

  • Super Contributor
  • ***
  • Posts: 2501
  • Country: us
  • Yes, I do this for a living
Re: How much security is needed for windows 10?
« Reply #18 on: August 31, 2021, 04:41:28 am »
I'm a lucky guy using MS windows 10, for years  without any kind of problem ( at least that I know), Also use Linux, and have a place for both

My only problem with my Win10 box (quad Xeon, 48 GB RAM) is that it takes a ridiculous amount of time to boot from a cold start, even after a proper shutdown. As in, it takes minute to start. And then when I log in I see 100% activity on the hard disk, and that just makes everything painfully slow until that stops doing whatever the hell it's doing.
 

Offline ebclr

  • Super Contributor
  • ***
  • Posts: 2328
  • Country: 00
Re: How much security is needed for windows 10?
« Reply #19 on: August 31, 2021, 04:49:03 am »
Try using nvme SSD ( Samsung 970 pro ), mine takes less than few seconds
 

Offline ebclr

  • Super Contributor
  • ***
  • Posts: 2328
  • Country: 00
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #21 on: August 31, 2021, 08:52:08 am »
My only problem with my Win10 box (quad Xeon, 48 GB RAM) is that it takes a ridiculous amount of time to boot from a cold start, even after a proper shutdown. As in,

In my office, the computer usually takes up to 15 minutes to boot,  but that's not a problem, it's a bonus: I have the time to go to the bar, drink a cup of hot coffee and have some nice word with the two beautiful Russian secretary girls working upstairs.

I love my slow computer for this, I won't replace it for no reason :D
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 
The following users thanked this post: 2N3055, bd139

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #22 on: August 31, 2021, 09:01:43 am »
Correct priorities there  :-+
 
The following users thanked this post: 2N3055

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #23 on: August 31, 2021, 10:45:07 am »
My only problem with my Win10 box (quad Xeon, 48 GB RAM) is that it takes a ridiculous amount of time to boot from a cold start, even after a proper shutdown. As in,

In my office, the computer usually takes up to 15 minutes to boot,  but that's not a problem, it's a bonus: I have the time to go to the bar, drink a cup of hot coffee and have some nice word with the two beautiful Russian secretary girls working upstairs.

I love my slow computer for this, I won't replace it for no reason :D


Jezzuusszzzz   ...  WTF is ET phoning home...

15 minutes to boot ?  WTF is that ?

My workstations are *ALL*  systemd free.
They boot an INIT SystemV  the very old fashioned way.

All checks are made in run level 1
disks are safely checked and run level 3 enters only after all passed OK

Run level 3 starts about 3 minutes after and put server mode in a minute long..
If ALL ( i mean it all ) goes 100% pass OK XWindows took over in 15 seconds flat.

And I am always wondering how to save 5 or 10 seconds... every boot.

Jezzus WTF is ET doing in your life...
Paul
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #24 on: August 31, 2021, 12:11:39 pm »
It was difficult to get such a bad-result without the IT department thinking it was done on purpose

And I am always wondering how to save 5 or 10 seconds... every boot.

anyway, I am always wondering how to add 1 minute to every boot, so I can justify more time at the bar with girls  ;D
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 
The following users thanked this post: 2N3055, bd139

Offline alexnoot

  • Contributor
  • Posts: 27
  • Country: aq
Re: How much security is needed for windows 10?
« Reply #25 on: August 31, 2021, 02:19:58 pm »
Jezzuusszzzz   ...  WTF is ET phoning home...

15 minutes to boot ?  WTF is that ?

My workstations are *ALL*  systemd free.
They boot an INIT SystemV  the very old fashioned way.

All checks are made in run level 1
disks are safely checked and run level 3 enters only after all passed OK

Run level 3 starts about 3 minutes after and put server mode in a minute long..
If ALL ( i mean it all ) goes 100% pass OK XWindows took over in 15 seconds flat.

And I am always wondering how to save 5 or 10 seconds... every boot.

Jezzus WTF is ET doing in your life...
Paul

I'm no Windows fan, most of my computers are either Linux or macOS, but this is obviously something that has been fucked up somewhere. It could be the install itself, an old 5400rpm drive, anything really. My one remaining Windows PC, which I basically only use for gaming, boots in less than 10 seconds.

Computers can be slow and get borked, no matter the operating system. And your passionate hate for systemd is getting a bit old and repetitive, I usually prefer Debian or some of it's derivatives (meaning they run systemd) ... and they boot pretty quick too.
« Last Edit: August 31, 2021, 02:22:41 pm by alexnoot »
 
The following users thanked this post: RoGeorge, bdunham7

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2749
  • Country: ca
Re: How much security is needed for windows 10?
« Reply #26 on: August 31, 2021, 02:34:56 pm »
I'm a lucky guy using MS windows 10, for years  without any kind of problem ( at least that I know), Also use Linux, and have a place for both

My only problem with my Win10 box (quad Xeon, 48 GB RAM) is that it takes a ridiculous amount of time to boot from a cold start, even after a proper shutdown. As in, it takes minute to start. And then when I log in I see 100% activity on the hard disk, and that just makes everything painfully slow until that stops doing whatever the hell it's doing.

Ah yes the dreaded "startup lag" I like to call it.  You'd think MS would have fixed that by now.  It seems after a cold boot you need to let it "warm up" for a few minutes before it's usable.  Especially true on a regular hard drive.  SSDs are better, but that is just masking a problem not fixing it.   

Part of the actual boot process is because of UEFI though.      I find UEFI boards take super long to POST compared to older style bios, so more than half of the boot time is pre OS. 

That said, Linux is not perfect either in this regard.  Talk to me about SystemD.  :-DD
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #27 on: August 31, 2021, 04:40:24 pm »
(..)
And your passionate hate for systemd is getting a bit old and repetitive, I usually prefer Debian or some of it's derivatives (meaning they run systemd) ... and they boot pretty quick too.


Nope.. do not get it wrong.  It will affect your perspective.

I use POTTERIX systems where no security is required.
Where no important critical steps are required.

It is impossible  to discuss setups, security and proper system initialization avoiding that  POTTERIX fork of UNIX.

I do not rant or hate, it is a simple fact.
POTTERIX is a fork and requires proper mention whenever needed

I will do so when it comes necessary like booting with critical safe checks at expense of some time and fancy logos..

no hatred.  It is impossible to avoid such mentions

personally I do not use POTTERIX - but i setup POTTERIX for others fine.
although with strong advice of caution

Paul
« Last Edit: August 31, 2021, 04:42:46 pm by PKTKS »
 

Offline alexnoot

  • Contributor
  • Posts: 27
  • Country: aq
Re: How much security is needed for windows 10?
« Reply #28 on: August 31, 2021, 05:40:02 pm »
Calling Linux 'potterix' (I assume it's Linux you mean) is somewhat hateful and belittling. Childish even?
It is also impossible to discuss something when one side presents their arguements in such a way. I don't know quite enough to have a good and educated opinion on the pros and cons of systemd, but I would like to learn something. Unfortunately, it's hard to learn something from someone who argues in a tantrum-like 'just because' kind of way.

All I've learned from you from the posts I've seen on this forum is that you are 'that-anti-systemd-guy'.

No disrespect, you seem like a knowledgeable guy. But yelling 'systemd baaaad' over and over gets old.
« Last Edit: August 31, 2021, 05:49:26 pm by alexnoot »
 
The following users thanked this post: RoGeorge, cgroen, bdunham7

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #29 on: August 31, 2021, 05:45:28 pm »
Hey I’m also the anti systemd guy and anti freedesktop guy. I just complain a lot less about it  :-DD

Potterix is a perfect characterisation of the incursion against sound engineering and in favour of ego driven development. 
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #30 on: August 31, 2021, 06:26:01 pm »
Calling Linux 'potterix' (I assume it's Linux you mean) is somewhat hateful and belittling. Childish even?
It is also impossible to discuss something when one side presents their arguements in such a way. I don't know quite enough to have a good and educated opinion on the pros and cons of systemd, but I would like to learn something. Unfortunately, it's hard to learn something from someone who argues in a tantrum-like 'just because' kind of way.

All I've learned from you from the posts I've seen on this forum is that you are 'that-anti-systemd-guy'.

No disrespect, you seem like a knowledgeable guy. But yelling 'systemd baaaad' over and over gets old.

No this term is widely used and seen in forums discussing the problems (the really big issues) underneath the wide adoption of the SYSTEMD thing as a whole.

You see.. that folk is being paid to implement a business model.
That model FORKS UNIX in every single rule on the book..

These folks crammed a huge pile of things which should never ever be glued..
thus creating the "POTTERIX" system(D)..

It is not my term.. I just find it a perfect suit for the "NEW" *NIX created..
if that can be called NIX...

I use POTTERIX for people expecting a dummy drop in replacement for MS.

Kinda install and point and click and puff...

For myself .. using *NIX a long time POTTERIX is a shitshow or  EGOTRIP..
but the folk is being paid.  nothing against that..

I just will not use that thing on serious systems

Paul
« Last Edit: August 31, 2021, 06:29:13 pm by PKTKS »
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #31 on: August 31, 2021, 06:28:31 pm »
Hey I’m also the anti systemd guy and anti freedesktop guy. I just complain a lot less about it  :-DD

Potterix is a perfect characterisation of the incursion against sound engineering and in favour of ego driven development.

TRUE..  it mostly boils down to the EGO of that folk..

But the folk is being paid to do that shitshow..

ME? Like it or not a LOT of people think think it is good..
It does fill the gap as a drop in replacement MS  LOOK AND FEEL AND BEHAVE

But it is a security hazard and a tragic glue of ideas..

Paul
« Last Edit: August 31, 2021, 06:30:22 pm by PKTKS »
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #32 on: August 31, 2021, 06:45:35 pm »
The worst thing is everything is stateful, opaque and behind distributed RPC which is the opposite of everything Unix.

In fact it's basically Windows+DCOM reimplemented badly.
 

Offline alexnoot

  • Contributor
  • Posts: 27
  • Country: aq
Re: How much security is needed for windows 10?
« Reply #33 on: August 31, 2021, 07:02:16 pm »
No this term is widely used and seen in forums discussing the problems (the really big issues) underneath the wide adoption of the SYSTEMD thing as a whole.

So it's like a circle-jerk term amongst the anti-systemd-guys then? I've never heard the term, and it still teaches me nothing and leaves me still uneducated about what's actually bad about systemd.

Not all Linux users are of the point-and-click type. I started learning it as a kid on Slackware some 20 years ago, everything had to be compiled from source. But I learned.
 
The following users thanked this post: RoGeorge

Offline magic

  • Super Contributor
  • ***
  • Posts: 6733
  • Country: pl
Re: How much security is needed for windows 10?
« Reply #34 on: September 01, 2021, 06:38:20 am »
Okay, I will teach you.

The fundamental problem of system-d*** and other software from that guy is that it simply sucks. It solves problems you may or may not have, but it's shipped with your distribution (and can't be easily removed) because it claims to solve problems that others have. One after another it absorbs or replaces utilities you have been using so far and the replacement inevitably comes with bugs that have been solved in the original years ago. Some more bugs come with new features that you don't care about. And if you complain, their answer is invariably "we are all human, no software is perfect, stop wining and file bug reports". And then another bug, and another stupid issue, and a security vulnerability long solved by others, and a stupid quirk that they refuse to fix, and a request to put a kludge in the kernel to mitigate their stupid design, and ... :horse:

Just say no.
 
The following users thanked this post: PKTKS

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #35 on: September 01, 2021, 07:20:19 am »
and can't be easily removed

Yup, that's the annoying point. It comes already installed, it has a lot of dependencies, it's fully integrated, and it takes times and effort to *remove* it.
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #36 on: September 01, 2021, 03:12:09 pm »
No this term is widely used and seen in forums discussing the problems (the really big issues) underneath the wide adoption of the SYSTEMD thing as a whole.

So it's like a circle-jerk term amongst the anti-systemd-guys then? I've never heard the term, and it still teaches me nothing and leaves me still uneducated about what's actually bad about systemd.

Not all Linux users are of the point-and-click type. I started learning it as a kid on Slackware some 20 years ago, everything had to be compiled from source. But I learned.

Not exactly as you say... 
things are far more complicated.

The folk behind the "POTTERIX"  thing  is being paid to devel something that ultimately must make *NIX (all LINUX and as of today another folk is replicating that to BSDs) to behave just like MS Windooze since they removed all user interaction with the boot (circa win2K).

By removing users the system should:
- boot unattended and (hopefully) initialize all hardware and software stack
- bring everything ON as soon as possible to mimic a fast OS
- bring everything ON regardless safety and user intervention
- put that process under PRIVILEGED level 1  being the root/father of all others.

It is obviously meant to fill a niche business on the CLOUD so to rent images.
Those can be rented unattended and regardless user specific fits. 
Rent and vanish images.

It is also obvious that by removing users and system admins....
all specific tasks - mostly the critical ones related to safety are now under control of that thing  in which the other business model can be placed on top like selling security as kits of ant-this anti-that  scan-malthis scan-malthat...
anti-virus and user daemons firewalls (away from kernel ring)

The paid project started by including almost all functionality of file system, partition tables, process control.. and just kept growing to insanity by adding DNS resolvers and even home directory total control....  a total insanity egotrip - very cocky arrogant one

ISC (the BIND consortium) has put decades of research and devel into BIND.
BIND is one of the most critical part of Internet and every safe machine.
Every experienced folk will confirm you that DNS resolvers are the most vulnerable critical part of safe systems.

No surprises that systemd thing includes a DNS resolver..
and absolute pathetic unsafe..

To make things even worse.. 
MODERN UEFI can boot ANYTHING REMOTELY using http protocol and a built in TCP/IP stack..

It is not hard to see how a dummy systemd thing can boot your hardware using ANY image remotely replacing everything w/ a custom one. It has a resolver built in.

Nevertheless that thing spread cocky fooling all users with a MODERN  linux that everyone should use and every 15 days removing essential tools and incorporating that into a flaw lame limped systemd part... impossible to find a proper term...

It has gone insane and being forced into everybody throats without options..
that is the worst part.  - IT IS FORCED BY FINANCED INTERESTS - not an option

You see all packages on LINUX and UNIX are "optional" and can be integrated or not.

But not POTTERIX systemd. THEY ARE NOT removable

It is not meant for that. 
Meant to FORK UNIX into POTTERIX  thing..

controlled and dictated by those who are financing that..
And everybody knows who..

Fortunately a lot of folks see the show going under...

Paul
 
The following users thanked this post: alexnoot

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #37 on: September 01, 2021, 03:29:41 pm »
The Linux kernel is algo in perpetual regression, and it sounds no good, but even if Linux will go down hills there is always HOPE for Haiku and FreeBSD :D
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 
The following users thanked this post: bd139

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #38 on: September 01, 2021, 03:31:53 pm »
Oh, and Minix v3 is still a true *NIX and now using NetBSD packages.
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #39 on: September 01, 2021, 03:47:54 pm »
The Linux kernel is algo in perpetual regression, and it sounds no good, but even if Linux will go down hills there is always HOPE for Haiku and FreeBSD :D

it seems to be taken by assault by private interests with heavy finance/sponsor capabilities.

Google ANDROID
MS jerks using WSL and Wayland layer..
MediaTek ARM party under SAMSUNG interests.
IBM CLOUD
XXX CLOUD.

.xx cloud (fill yourself)

and several small form factors notebooks tablets and gizmos..

in which no user intervention should ever be allowed on the core OS.
They are the landlords.

It seems so for a while
the days of a secure free open OS are gone - they are left on 90/00s

Paul


 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #40 on: September 01, 2021, 04:19:08 pm »
Wayland layer

I don't know, but I am really worried about the new "open compositor" model introduced by Wayland because it will be pure hardware-vendor' duty to write it.

MediaTek ARM party under SAMSUNG interests.

I have no experience with MediaTek' SoMs, I am considering the purchase of R64 board to develop a new project based on MTK MT7622, but it's still an hypothetical target. I don't know about SAMSUNG' interests, just ... if their interests are like those of Allwinner then there is no good in the near future, only bugs and more kernel regression.
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #41 on: September 01, 2021, 05:07:39 pm »
I have no experience with MediaTek' SoMs, I am considering the purchase of R64 board to develop a new project based on MTK MT7622, but it's still an hypothetical target. I don't know about SAMSUNG' interests, just ... if their interests are like those of Allwinner then there is no good in the near future, only bugs and more kernel regression.

Almost  *ALL*  SAMSUNG models I have been taking apart to repair or inspect have some sort of MediaTek ARM processor inside.

The KERNEL has a full branch very very well maintained with MediaTek chipsets

Just check it out for yourself

Paul
 

Offline alexnoot

  • Contributor
  • Posts: 27
  • Country: aq
Re: How much security is needed for windows 10?
« Reply #42 on: September 01, 2021, 05:25:21 pm »
(...)
Thanks you for taking your time explaining. I knew systemd was a monster of everything-in-one, but I didn't know that much.
I have been looking into systemd-free alternatives, but I probably won't do anything about it until I build a new computer, I really dislike changes  :P
 
The following users thanked this post: RoGeorge, bdunham7

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #43 on: September 01, 2021, 05:28:27 pm »
If it’s any consolation as much as I hate it I still use it because I can’t be bothered with it.
 
The following users thanked this post: 2N3055, alexnoot

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #44 on: September 01, 2021, 05:29:20 pm »
(...)
Thanks you for taking your time explaining. I knew systemd was a monster of everything-in-one, but I didn't know that much.
I have been looking into systemd-free alternatives, but I probably won't do anything about it until I build a new computer, I really dislike changes  :P

OK welcome.

Try any systemd free distro of your choice and you should be far more suited...

Also for the record this is the folk :
"Hey look ma I wanna be POTTERIX"

putting that aberration into all BSDs as well

I wonder WHY  Apple will ever allow him to do that..  ::)

Check
https://anetbsduser.wordpress.com/2021/08/24/initware-comes-to-macos/

https://www.itsfoss.net/initware-as-a-systemd-fork-also-for-macos/


The bad news for OpenBSD in which they will put the same unsafe business into that as well

Paul  :palm:
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #45 on: September 01, 2021, 08:57:18 pm »
The bad news for OpenBSD in which they will put the same unsafe business into that as well

For Linux it may * somehow * be acceptable as it is considered a sort of * Swiss army knife for * NIX, but for an OS like OpenBSD that has always made security its strong point, forcing SystemD is rather like betraying the founding ideals.
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 3796
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #46 on: September 01, 2021, 09:10:50 pm »
Yesterday I ordered a Lenovo AIO 3 IdeaCentre All in One from Amazon.

Paid 300 UKP thanks to a promotion. A big parcel arrived today with a 21" Full HD display, AMD Athlon Silver 3050U, 256GB SSD, 8 GB of RAM, DVD±RW, USB-keyboard and mouse, and "Windows 10 Pro" already installed.

Not bad for the money, enough decent to be dedicated to mobaXterm (kind of ssh + X11 support for Windows), plus a couple of RDP applications like TeamViewer and Suprema.

But ... I powered on the computer this morning before having lunch, and as soon as I connected to the internet it started downloading *hundred* MB of updates and billion billion patches, so many that it took until dinner to complete downloads, update things, and restart.

hundred MB of updates ... it must be related to the level of security, I guess :D
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #47 on: September 01, 2021, 09:14:27 pm »
Ah first rule of Lenovo club is can the updates immediately and create some new latest windows 10 media from MSFT’s web site. Then wipe and install off that. Then only download the Lenovo drivers for the bits that don’t work after that is installed and updated.

On my T495 that is only the hot keys utility  :-+
 
The following users thanked this post: DiTBho

Offline Q8

  • Newbie
  • Posts: 4
  • Country: pl
Re: How much security is needed for windows 10?
« Reply #48 on: September 02, 2021, 04:09:55 pm »
damn this topic was/is a good read... if i only knew what 'folk" is... :<
 
The following users thanked this post: bd139

Offline Nominal Animal

  • Super Contributor
  • ***
  • Posts: 6173
  • Country: fi
    • My home page and email address
Re: How much security is needed for windows 10?
« Reply #49 on: September 03, 2021, 12:23:32 pm »
The problem with security in software is that it has to be designed in, as it cannot be bolted on afterwards.  This has been proven time and time again.
Unfortunately, designing security badly is too easy: see e.g. Sendmail and BIND for historically horrible security track records.

The true issue with the current situation is that we have at least one generation of desktop users who do not understand security, and see it as a hindrance instead of a tool.  So, any attempt to make things better is just plastering over the problems.  Many of those users have become developers, so it is the misunderstanding and bad practices that spreads, rather than proper understanding and security practices.

(Even though I use Tux as my avatar, the same problem affects Linux just as badly.  As mentioned by e.g. bd139 above, the defaults in Linux distributions aren't that secure either.  Making any OS –– even OpenBSD –– secure for given tasks takes a lot of effort, the overwhelming majority of which is about humans and their behaviour.)

I too have dealt with security issues, from oblivious users who keep their passwords on a post-it note stuck to their display in a publicly accessible office environment (and only grudgingly moved it –– to the bottom of their keyboard, of course), to intrusions, and to sysadmins who were so averse of being responsible and their actions trackable that they did absolutely all tasks using sudo su - so as to leave a plausible deniability wrt. system logs whether a given command was run by them or by another sysadmin.

The question of what level of security is sensible –– how much effort to spend –– in any given situation, is an interesting one.  I cannot help with Windows 10 myself, though.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #50 on: September 03, 2021, 09:35:13 pm »
No way to compare ISC sponsored BIND with obsoleted sendmail

Sendmail has been obsoleted by itself while BIND has no proper replacement even DJB tools can not replace BIND

WTF lunatic will place a wide network level safe daemon in INIT ?  Answer: systemd

Who will run a resolver before system wide proper start? A idiot.

They did that to do remote image and stuff  needed to their buz.

We dont
Paul
 
The following users thanked this post: bd139

Offline Nominal Animal

  • Super Contributor
  • ***
  • Posts: 6173
  • Country: fi
    • My home page and email address
Re: How much security is needed for windows 10?
« Reply #51 on: September 04, 2021, 12:28:53 pm »
No way to compare ISC sponsored BIND with obsoleted sendmail
Why did you ignore the "historical" in my post?

The era I was referring to was 1995-2005.  Everyone used Sendmail, and BIND was installed even on workstations that didn't need its functionality.
Their security track record in that decade is worse than buying from a drug dealer living in the sewers.

BIND has no proper replacement even DJB tools can not replace BIND
Don't be an idiot.

Most machines only need to run a DNS cache.  Several options there.  (Although if you use Windows, don't expect WSL to get it right.  Queries to e.g. "baidu.com" will include references to "ns.baidu.com", making POSIX getaddrinfo() calls yield incorrect sockets.  I'm sure MS will do the good ol' EEE trick, and suggest users will verify the ai_canonname field before trying to connect to a socket; as actually fixing their DNS cache to follow the fucking standards is outside their technical "ability".)

Most intranets don't need to be split into zones, so most companies only need a central DNS server capable of caching and forwarding queries correctly, and a DHCP server for local addresses.  Guess why I know this for a fact?

Where BIND shines, is at ISPs and IP address vendors and larger organizations; basically at root DNS servers, but that's about it.
Numerically, that's a rather small fraction of all servers, a tiny minuscule fraction of all network-connected machines.

Yet, it is the most widely used.  Remember VHS and Betamax?  No, popularity does not mean it is technically the best option.
And it for sure as hell does not mean it is "not replaceable"; only that you don't know what it could be replaced with.

The BIND8 codebase was so atrocious they had to rewrite BIND9 from scratch.
And even BIND9 is so crappy it was rewritten a decade ago, yielding Bundy, which basically died in 2014 due to ISC cutting support.

Are you sure you're not in love with BIND just because it is the only option you think you have?
That's exactly the reason so many people love systemd, after all.  Ironic, don't you think? 

The fact that it is the only available alternative for a tiny fraction of use cases makes it indispensable there, but it has nothing to do with its security track record, or utility as a software for other purposes.

To me, BIND is just another single-vendor piece of crap.  Not because I dislike ISC, but because if it behaves like a crap and has a crap security track record, it is crap, even if it is crap I'd have to use.  (Not being an ISP or in charge of a root DNS server or various IP address zones, I don't.  Which is a happy thing for me; one less crappy thing to worry about.)

If you weren't so enamored of BIND, you'd take a look at the track record –– of ISC, too ––, and like me, you'd start to wonder why the heck aren't they working to make things better.  Hell, it really looks like they're spending more effort in trying to keep their own status, than anything else.
And suddenly, stuff like DNS-over-HTTPS efforts by Alphabet and others suddenly start to reveal the picture: this, too, is one of the damn power struggles –– over control of a facet of the functionality of internet ––, and has very little to do with actual security or utility.

I must admit, I really expected you (PKTKS and bd139) to be fully aware of this, based on your rants.
It is sad to see you fall into the same trap you berate others for.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #52 on: September 04, 2021, 02:47:26 pm »
I did not ignore the post.

It just happens that sendmail has at least half dozen ready replacements.

BIND has none. ZERO.

We all deal with it knowing how hard it is/was to put that code together.
Decades of devel and bug fix. Still a lot to check audit maintain.

BIND is non optional as long as you run your own otherwise you will fall in the hands of some other DNS resolver which by now we all know what they do. And how bad that can be

Running a resolver other than BIND is nuts.
Running that at INIT level with PRIORITY 1 is beyond nuts.

But systemd is not optional  you live with that or drop it

Hence the need to raise questions of how to mix bugs into the same sack?

Latest BIND versions are better and being a whole dedicated maintained software which is fairly independent from commercial hands.. is the sane path.

I run my own DNS server and that is not an option.

Hardly we will get free of BIND in the current scenario..
Unless of course you run no DNS at all
or a crappy dummy resolver bundled in some "INIT" thing..

They call this shit "modern"  go figure

I also run DJB very safe DNS internally for other reasons..
Both do a fine job - very reliable

have no alternative so far
Paul
 

Offline Nominal Animal

  • Super Contributor
  • ***
  • Posts: 6173
  • Country: fi
    • My home page and email address
Re: How much security is needed for windows 10?
« Reply #53 on: September 04, 2021, 05:04:24 pm »
BIND has none. ZERO.
That's exactly what the Poettering fanboys say about systemd, too.  Exactly.

Although I haven't maintained a root DNS server, I've done everything smaller, and I know there are a number of other (less known) software packages I can use to achieve the same end result.  Zone transfers are the key bitch, and they exist only because it ensures ISC dominance in this era.  Much better update transports have been discussed, especially since so many serious security issues revolve around zone transfers.

BIND has none. ZERO.
Latest BIND versions are better and being a whole dedicated maintained software which is fairly independent from commercial hands.. is the sane path.[/quote]
Nope.  It is the ISC-approved path of ensuring ISC authority and ability to block any significant advances that endanger their position in this domain.

I really, really expected more sense from you; at least a self awareness of recognizing in yourself the same logical fallacies you accuse others of having.

Plonk, one more myopic idiot to ignore, I guess.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #54 on: September 05, 2021, 08:43:36 am »
I will be very happy running a reliable alternative to BIND on my servers

It has been a major security always and systemd or proprietary closed sources are not an option

What do you trust and run instead of traditional BIND?

Paul
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23018
  • Country: gb
Re: How much security is needed for windows 10?
« Reply #55 on: September 05, 2021, 09:28:00 am »
I run my DNS on Route53 and nscd  :-DD
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: How much security is needed for windows 10?
« Reply #56 on: September 05, 2021, 10:08:22 am »
I run my DNS on Route53 and nscd  :-DD

Not an option to me...

They charge per query and monitor all your system traffic..  like having your landlord monitor you by cam 24h/7

Private systems assume no cloud and even you may be offline having only internal traffic eg intranet privacy

Alternative to BIND is not a cloud thing

Paul
 

Offline MazeFrame

  • Contributor
  • Posts: 34
  • Country: de
  • = != ==
Re: How much security is needed for windows 10?
« Reply #57 on: November 02, 2021, 09:19:14 am »
The problem with security in software is that it has to be designed in, as it cannot be bolted on afterwards.  This has been proven time and time again.
A lot of fantastic security can easily be undermined by allowing a user near it.
Never Forgive, Always Forget.
Perpetually Angry and Confused!
 
The following users thanked this post: HobGoblyn


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf