NSA recommends users ditch Windows XP

Oh my god, patches for an OS? You never see those on Linux and OSX right?

I don't think that Wilderssecurity is the place to start conspiracy theories based on no facts.

 

Let's go full-force hypothetical (just for arguments sake) that the NSA has true benevolent motives here. (I did write 'full-force hypothetical')

If the average user (e.g. running admin), is better off having Vista/7 instead of XP, it must mean, the NSA is counting on UAC and/or IE9 to make the world a better place?

 

The modus operandi of the NSA etc, is NOT to make the world a better place. If only it were !

 

As soon as it was revealed that the NSA "helped" Microsoft to "secure" Vista, my decision was made. I will never own it or Win-7. I won't use it. I will not even allow one to be hooked up to the same LAN as my primary unit.

The more I look back at Vista and Win-7 since the time of that announcement and see just about every security "enhancement" they've come up with defeated, including 64 bit, I don't accept that they did anything to make it more secure for users. I'd be more inclined to believe that it's been "improved" from a national security point of view, for their benefit only. It's the same repeating story. A new OS looks secure for a while, but once the malware writers figure out what's changed, the new OS proves to be as vulnerable as its predecessors, if not more so. I trust what I have far more than any of Microsofts current and supported systems and will continue to until I actually see my security package defeated.

When almost every other electronic user device is being found to track users, call home with their data, and store extended records of user activities, how can anyone believe for one minute that Windows and MS aren't doing the same thing? I'm betting that they do and that it just hasn't been found yet.

 

Contrary to your beliefs, the fact is that newer versions of Windows are more secure than older versions without third-party programs.

A few rootkits infect 64-bit. Compare that with the thousands that infect 32-bit. UAC lowers the rights of processes that do not need admin access. Compare the amount of malware working with limited rights to those with admin rights. Once again, a huge difference. Etcetera, etcetera.

 

That's like saying MI5/6 doesn't want to make the world a better or safer place. That is sort of their job description now the Cold War has ended. Well, that & driving Aston Martins with ejector seats maybe.

 

They've had a lot longer to exploit 32 bit. Give it some more time. They'll find a lot more. It won't be long before Vista and 7 get patched as much as XP does.

As for 3rd party security apps, I trust them more than I trust MS to protect my system or privacy. Nothing has defeated them yet and I don't expect to see it happen anytime soon.
If switching to linux didn't require re-learning everything all over again, I probably would. But after spending years with DOS, Linux command line feels like a foreign language.

 

That's not the main reason, which is PatchGuard. Also it doesn't explain the lack of limited rights malware.

 

All this updating is getting complete out of control. Where does it end? If the corporate giants have their way not until every single person is bankrupt. Besides, the best security software is between your ears anyway.

 

Unsupported assertions. Gee, the view from Mount Olympus must be great this time of year.

 

Plus One all the way!

 

I just supported them. Read the rest of the post and #33. Gee, I must've been too far away for you to see properly.

 

No need for the wait. 7 already gets a boat load every other month. Sometimes, twice monthly. I installed 7 on the day it was released. Installed it on 16.5 gig partition and was left with about 12.5 gig free space. I've installed about 20 very small useful apps which amount to, I'll be generous here and say .5 gig. Today, I have 5.5 gig of free space with System Protection and hibernation turned off. I'm sure not all is due to Win updates but I'd bet a big portion of it is.

 

Oh, Goody,another thread saying how much XP sucks,and it's just a security nightmare and needs to be replaced,ASAP!

Thanks for the laughs!

 

+1.

 

Until every single person is bankrupt.

You took the words right out of my mouth LOL!

Hopefully ...

 

Anyone not convinced by the value of new stuff like ASLR, SEHOP, the above already mentioned PatchGuard etc?
OK, 3rd party software suppliers will have to make sure, some of it is actually used on their stuff but isn't this also an advantage over XP?
Probably/perhaps it doesn't warrant spending hundreds of dollars on new HW and a new MS OS license but surely there are some improvements in Vista/7 we can all agree on? Or am I being naive here?

 

Isn't that what a LUA does in XP?

 

Is this recommendation by the NSA based on XP vs. Vista/7 when both use their built-in security structure (Windows Firewall, Windows Defender, UAC, etc.), or is there something fundamentally more secure about Vista/7 than XP even if both use the same 3rd party firewall and antivirus with Windows security apps disabled.

For example, would XP with Norton 360 Premium be less secure than Vista with the same security suite assuming both have the same UAC and other policies in place?

 

I'm afraid you can say that about a lot of 3-letter word organizations

You don't have to update if you want, you can use windows 3.1 until the end of time. You can't expect a company (Microsoft, Apple, Google, whatever) to support a product forever for free, personnel have to be paid.

Try system tools -> disk cleanup. A lot of files (like with SP1) are saved so, in the case it goes wrong, you can undo the patch. Otherwise you can use CCleaner to clean up your browser and other applications.

 

11GB just for the system? That's a lot of code, all of it potentially containing flaws and vulnerabilities. Just the quantity of it all but guarantees there's undiscovered vulnerabilities, and lots of places for an NSA backdoor to hide. There's no sensible reason that an OS has to be that big, except to force users to upgrade their hardware. By comparison, this dual boot unit has 2 system partitions. One is 3.78GB. The other is 1.09GB.

In this respect PCs are going in the opposite direction of other user goods.We got past the bigger is better mentality with cars. The typical presnt day car is a far cry from the 4000+ lb monsters we had in the 60s and early 70s. Todays cars don't need 300 horsepower just to pull their own weight. PCs just keep going in the opposite direction, with more RAM, more speed, and needing more power just to run the OS. In this respect, they're just like the old gas guzzlers that used almost as much fuel idling as the new ones do driving. Maintaining all those user activity records must use a lot of power.

Even if one accepts the "more secure" argument for Win 7, I wouldn't trust it in regards to protecting your privacy, not after the NSA got involved. If we really want to improve our personal privacy and security, we should ditch the NSA.

 

It can't conveniently elevate processes though. Also UAC provides more protection like IE's Protected Mode and locks down the settings for MSE, ESET, and AVG.

Also forgot to mention the greatly improved Windows Firewall.

 

Maybe I should post this somewhere else, but this seems to fit in this thread.

NSA file, for home users -http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf-

The recommendation to use a modern OS makes sense for the average user.
A 'no brains' approach. This may not protect you against nosy government, but it will keep hackers and some businesses at bay.

I'm a little surprised that they recommend a HIPS for average home users.
As they say: 'A comprehensive host-based security suite
provides support for anti-virus, anti-phishing,
safe browsing, Host-based Intrusion Prevention
System (HIPS), and firewall capabilities.'

For as far as I know, most suites provide no HIPS functionality or only very limited HIPS functionality. Am I wrong ?

Upgrading to the latest version of M$ Office ? If you don't need the features it's a waste of money.

Keeping application software patched ? That makes sense, but often it's redundant. You really don't need to have all your applications fully patched.
In my experience (as a home user) patches tend to break security software or cause other issues. They should have mentioned uninstalling Java ...

Don't download the file if you're afraid the NSA is spying on you ...

Moderators: feel free to move this post if you feel that is more appropriate.

That eagle in the NSA logo reminds me of something .. if only I could remember what ...

 

You can't elevate a single process, but you can elevate all processes by switching to the admin. account. Gotta give you that J-L, Win 7s way is safer and more convenient.

LUA on XP with a Sandboxed browser pretty much locks down the browser and setting though.

No doubt Win 7 firewall is an advancement. But improvement...IDK. If you place priority on prevention by using LUA and Sandboxie, you're probably just as safe and don't really need the two way firewall/hips.

Good discussion.

 

This topic...

NSA - (regardless of thier motive)
Be safe. Spend money on new stuff which is designed better. Use tools which will keep you safe.

USERS -
I would like to be safe. I don't know if I can afford the new stuff - software or hardware. I am not sure what a file is, and sometimes I lose things I download. I've been trying for years to lose my HIPS, now you want me to put them back on? Is my firewall good if I never see it asking me questions? Oh, and why can't I play my favorite online games now?

ADVANCED USERS -
How exactly is a new operating system going to give me any better protection than I already have? If I haven't been infected with a virus or installed a malware in the last few years with my current security setup, why am I suddenly supposed to be afraid and ante up for something I don't need?

REALLY ADVANCED USERS -
Dude, like what are you talking about? You can't be serious.

Sul.