Sure! Sorry for forgetting to put them there Windows Update backdoor: http://www.informationweek.com/micr...ut-user-permission-apologizes/d/d-id/1059183? http://slated.org/windows_by_stealth_the_updates_you_dont_want Tor removed from more than 2 million people: http://blog.insecure.in/?p=1373 http://www.dailydot.com/technology/tor-botnet-microsoft-malware-remove/ "NSAKEY" that made even Microsoft crypto-developers make a "whaat" face: https://en.wikipedia.org/wiki/NSAKEY
Thanks. I knew about windows updater updating itself but didn't know about other two. For Tor there is also respond from MS [second link]: So I don't know who was right... The same for third, who is telling the truth? That's the problem with close source software - we can't check it out
And who said that, exactly? We're not 100% safe from the NSA just by using Linux, but at least our systems are much harder for them to crack. Sorry, I don't understand what you just said
Ever heard of that saying "too many cooks spoil the broth?" Sometimes that happens if too many people are involved into a project, it's like inviting 30 married women into your house to cook that special family recipe that your grandma did by herself: They'll all try to make their own perfect version of the broth and it will come out HORRIBLE hehehee. That's the main reason we have 2000 Linux Distros and almost no compatibility between them. I've talked about this on the Debian Forums: http://forums.debian.net/viewtopic.php?f=20&t=123756#p586248 On Windows, on the other hand, you know with 98% certainty that everything will work, because they have one audio system, one package manager, one package format that works from Windows 3 up till Windows 10...... it's ONE company that will follow ONE idea, be it stupid or impressive. Every system has it's ups and downs The good thing, though, is that VALVe will probably save Linux on the Desktop in the same way that the systemd guys are doing. I can't wait to see the day where Debian, openSUSE, Ubuntu, Arch, etc, will all be binary compatible. Then developers will have time to do what actually is important, like improving drivers and fixing bugs; not repackaging thins to fit their "perfect view of what the world should be like".
Or you could go down the path of isolating Windows from the internet. There are compromises to doing this (such as dealing with online applications). The isolation be achieved either by dual booting and having no internet or through the use of a VM (either virtualbox or Qubes style). Personally I used Qubes but as this forum relates to Windows 10 I would recommend either dual boot or VM solutions. I believe the idea that you proposed would still allow Windows access to the internet? If this is the case then I agree that the effectiveness is questionable. Is there any flaws to using windows without internet access through a VM or dual boot? I cant think of any personally but I am sure a three letter level agency would be able to get in if they really want to. They would really have to work for it though.
Yes open source has other problems but there are solutions which can minimize your attack surface. I use Qubes personally with the following setup: 1.) Linux VM for my personal stuff (limited external access) 2.) Windows VM (no external network access) 3.) Linux VM with VPN for web browsing 4.) Linux VM without VPN for the few sites that require (whitelist network access) 5.) Central dom0 VPN (no external network access) Even with compromises within Linux this system really limits your exposure. Dont want to distract this thread but wanted to point out that some of the open source solutions leave windows in the dust. The ability to structure and control the OS really makes a difference in the privacy and security.
My personal wishlist would be more along the lines of: Making Waylands solid and secure Using that as a basis for a hardened, secure, default kernel (with stuff like grsecurity, pax and so on) Default application hardening profiles, jails, sandboxes etc. And - glory be - applications which actually used sandboxing facilities built-in, were architected properly, and that respected privacy. All too often, we can achieve hard things in improving the core security and privacy, but then invite a cuckoo into the nest which wrecks it all, modern browsers being the worst culprits of all.
Yup. I think that even if "only" openSUSE developers stopped repackaging things, we'd get all of that you just said
Is Linux Secure, maybe not so fast? Net of insecurity The kernel of the argument Fast, flexible and free, Linux is taking over the online world. But there is growing unease about security weaknesses. ..But while Linux is fast, flexible and free, a growing chorus of critics warn that it has security weaknesses that could be fixed but haven’t been. Worse, as Internet security has surged as a subject of international concern, Torvalds has engaged in an occasionally profane standoff with experts on the subject. One group he has dismissed as ~Possibly offensive phase removed~ In blasting the security features produced by another group, he said in a public post, “Please just kill yourself now. The world would be a better place.” Apparently, Linus Torvalds is not overly concern. Get yourself a firewall instead kind of attitude.
Updated Windows privacy policy a little more reassuring http://arstechnica.com/information-...dows-privacy-policy-a-little-more-reassuring/
I switched to a local account and edited the group policy and registry, I use O&O Shut up and Spybot Anti-Beacon FYI.
Currently on Windows 7 and found the update icon in the tray a bit annoying, so I began planning on researching how to get rid of the little bugger. Then a friend mentions how W10 has all kinds of anti-privacy related goodies, that you can "totally" opt out of and move on with your day. So I figured just stay with 7 until the next update of Windows doesn't include such options and or go with another OS. Then I read that some of those options that come with W10 may have already been downloaded \ integrated into W7 updates. So first, officially, is that true? I've been going along fine with 7 updates but now am wondering if those options are now included without my knowledge. Like I said I have no plans on upgrading to 10, now more than ever, and if nothing else will probably move onto a new OS if it's too late. Thanks in advance!
Here is a thread that describes Windows 7 Telemetry updates: https://www.wilderssecurity.com/threads/list-of-windows-7-telemetry-updates-to-avoid.379151/ You can check if you have any of them installed and uninstall it. I also check each new Win 7 update and install only necessary.
Microsoft shows off just how much data it’s collecting from Windows 10 users https://bgr.com/2016/01/05/microsoft-windows-10-spying-2015-user-data/
Interesting. It just confirms that there is nothing "free". If you don't pay something with your money, you pay it with your data.
