Will you upgrade to Windows 8? Why or why not?

Discussion in 'polls' started by acr1965, Nov 26, 2011.

?

Will you upgrade to Windows 8? Why or why not?

  1. Yes, going to purchase a new computer with Windows 8 installed.

    10 vote(s)
    7.6%
  2. Yes, going to purchase the Windows 8 disk and install.

    21 vote(s)
    15.9%
  3. No. I'm happy with my current Windows OS.

    80 vote(s)
    60.6%
  4. No. Switching to another OS (Linux, Apple, etc)

    10 vote(s)
    7.6%
  5. Other reason for upgrading or not.

    11 vote(s)
    8.3%
  1. Hungry Man
    Offline

    Hungry Man Registered Member

    Integrity and the new token system was a really big change for security.

    Pre/Superfetch were really big changes for performance.

    A new runtime, new filesystem, kernel performance changes, smartscreen, new classes of startup types, optimized UI, kernel security improvements, are all large changes all coming in a single OS.

    Just as huge as moving from XP to 7.
  2. Page42
    Offline

    Page42 Registered Member

    Is this what you really meant to say?
  3. dw426
    Offline

    dw426 Registered Member

    The problem with ASLR is that practically very little software uses it, nor any of the other built in protections. Of course, that's the developers' fault, not Windows. Superfetch is awesome, no argument there. DX 11 is barely used yet, so not much to say there. Besides, that's only important to certain users. Look Hungry, you've got to be a power user to really get anything about of these "enhancements", most of it affects very little average day use. Understand when I'm talking about what I am, it's from a user perspective, not a benchmark geek or high end pro.

    I'm also not pretending anything about a 12 year old OS or any other OS. I'm simply saying there are no groundbreaking improvements, and throw all the bullet points at me that you want, but I'm not talking out of my rear end. I've used both, and this is my opinion based on use. As far as security, again, big whoop. Win 7 is just as easily owned, and you only need to stay in this forum to find that out. I don't care if it's Windows 100, it will always be busted open, pried apart by hackers and owned so long as everybody and their brother uses it.

    Windows needs to be completely redone. It's at that point, and only that point, where Windows will actually be something more than just business as usual.
  4. dw426
    Offline

    dw426 Registered Member

    I seriously doubt it, lol.
  5. Hungry Man
    Offline

    Hungry Man Registered Member

    Yeah, that's what I meant to say.

    The OS does. All major browser do (Chrome, IE, Firefox, Opera). Flash does. There's 3 huge attack vectors right there.

    DX10 is though. And that's not supported in XP.

    Me either. I think we can both agree that superfetch is significantly faster. Superfetch is a product of RAM not being used by applications/ the OS and when the OS has more RAM to spare you get more out of superfetch.

    File system changes give across the board performance improvements.

    Depending on a users configuration (Say, 1GB-2GB of RAM, which I'd bet is about the average that users have) it can be drastically faster to have an extra 100-250MB free.

    It really isn't. Maybe just as commonly owned but exploits are not as easy to make on a 64bit Win7, negating patchguard. Buffer overflows are a lot harder to come across. ROP is significantly harder. DEP is virtually useless without ASLR as it is.

    And again, Win8 brings in further mitigations like anti-ROP, which will be incredibly effective in defeating legacy exploits, which will continue to be an issue since XP, V, and 7 are still so widely used.

    It's easy to say this. But give me even the vaguest idea of what you mean.
  6. Hungry Man
    Offline

    Hungry Man Registered Member

    Evidence to the latest Windows security achievements is obvious. XP exploits are very commonly in the OS. Vista and 7 exploits are very commonly in 3rd party programs.
  7. Hungry Man
    Offline

    Hungry Man Registered Member

    http://news.softpedia.com/news/XP-A...ed-for-Microsoft-Vulnerabilities-140734.shtml

    pic with stats
    http://news.softpedia.com/newsImage...Combined-for-Microsoft-Vulnerabilities-3.jpg/
  8. dw426
    Offline

    dw426 Registered Member

    What I mean by Windows being redone is to, as I stated earlier, remove the registry, not default to an Admin account, among other moves. Of course, much needs to be changed in the software world as well, things like demanding admin rights to install or run (outside of security programs that truly need it). Windows is just poorly designed, in my opinion. I do have to step back a moment about easy vs common when it comes to actually creating malware. That statement isn't really what I was thinking, it was more common, as you said. The end result is the same though, Win7 is just as hacked as XP is. The difference is 64 bit (for those that use it, remember, Win 7 32 is out there as well), UAC (which many turn off for whatever reason) and the protections you mentioned. All of them depend on either programs using said protections or users enabling and not ignoring them.

    Windows still lets you decide how to protect your system, and as long as that is true, Windows will be Windows, no matter what performance enhancements they put in. And, security will always see us constantly patching.
  9. Hungry Man
    Offline

    Hungry Man Registered Member

    Not defaulting to an admin/ UAC based account would be a huge mistake. No OS does this for good reason. Being able to elevate without switching to an entirely new account every time you want to install a program is incredibly useful. And it wouldn't stop users from just switching to another account to install malware and it wouldn't stop malware from escalating either (that's a kernel level exploit) except for certain occasions.

    The convenience factor is way too huge.

    There's basically nothing wrong with a registry. I've seen so many people say "config files are better" and never once seen a decent argument for it. Please provide one for me if you've got it. Virtualized registry is great since it can be app specific (each app gets their own little piece.)

    SEHOP (very effective) doesn't. Forcing developers to run their programs at medium integrity and not escalate doesn't.

    I agree that they should be more aggressive but ASLR and SEHOP have been hugely effective at stopping OS exploits (and 3rd party as well that take advantage of it - in SEHOPs case they have to.)

    Win7 really isn't just as hacked. Applications have become the larger target because of how much more difficult it is to hack Windows 7.
  10. funkydude
    Offline

    funkydude Registered Member

    You've stated that it's easier to create an exploit for 7 than XP, so I also doubt that's what you meant to say, something more suitable would have been:

    "there is no world in which creating an XP exploit is as hard as creating a 7 exploit"

    But the structuring of the sentence is terrible really.
  11. Hungry Man
    Offline

    Hungry Man Registered Member

    Gotcha.

    I even went ahead and edited it.
  12. luciddream
    Offline

    luciddream Registered Member



    I'd call the odds at about 60/40 that they will push it back. I think as that date nears a lot of people will still be on it. And they (MS) will hear cries from these complacent, procrastinating people (referring to businesses here) to the effect of "if you do this to us, we're DOOMED!", and they will ultimately yield and push it back another year.

    ... putting the true EOL on the 2'nd Tue. of April 2015 (April 14'th).

    As for the argument here: I think the truth (as usual) lies somewhere in the middle... between 7 being a quantum leap forward from XP, and it having very little to no benefit. If it were purely a matter of choice, I'd be running 7 right now instead of XP. But I don't think it's worth spending the money, time & effort at this time to change. Not when the money is tight, and the setup I have right now suits my needs just fine. And my PC is clean and uncompromised as it is, has been that way for 6+ years, and will likely remain that way until XP's EOL.

    By then Windows 9 may very well be on the market, and I will have skipped the cost & effort of learning 3 OS's from now until then.
  13. Hungry Man
    Offline

    Hungry Man Registered Member

    XP isn't the most used OS anymore I don't think and at this point it's in MS's best interest to move users to a more secure OS so they can stop getting blamed every single time for being so terrible at security.

    If they push it back it's probably going to be a last minute thing so that businesses really feel the pressure.
  14. DigitalMan
    Offline

    DigitalMan Registered Member

    8>7 so I'm expected to upgrade
  15. wat0114
    Online

    wat0114 Guest

    Is there evidence to support this statement?
  16. Hungry Man
    Offline

    Hungry Man Registered Member

    There's certainly evidence supporting the opposite:
    Attackers are finding 3rd party exploits much easier to find rather than OS exploits. Except in XP they go after the easiest target.... XP.
  17. luciddream
    Offline

    luciddream Registered Member

    No argument there, but I still foresee my scenario coming to fruition.

    ... much to your dismay :p

    In fact, they may push the date back just to irk you.
  18. wat0114
    Online

    wat0114 Guest

    Based on all that I've read, that's how I perceive it, too.
  19. luciddream
    Offline

    luciddream Registered Member

    Depends on the 3'rd party software. Win7 is probably an easier target than Sandboxie, Shadow Defender, or Defensewall. If we're just talking a traditional AV setup, then yeah. But more and more people are beginning to wise up to this and are moving away from that dated approach... many of which still happen to use XP as their OS.
  20. Hungry Man
    Offline

    Hungry Man Registered Member

    Possibly. All of those are written in the same language - there are two main differences I see:
    1) Microsoft has thousands of developers working on their code, checking for exploits, rolling out patches. Those programs don't have nearly that kind of power and have one or just a few devs.

    2) Windows is a considerably large piece of software, which will inherently have more vulns.

    Either way they're both closed source written in C/C++, which isn't a great language for security.
  21. Sully
    Offline

    Sully Registered Member

    user A -
    I have been told that new is better. But new costs what I don't want to pay. It has things changed that I don't like. My old is fine, I have no problems. Why should I switch to new then?

    user B -
    I have had nothing but problems with the old. I cannot wait for the new, I hear it is better, more secure. (time goes by) I still have problems with the new too. I cannot wait until the next new comes out, I hear it is better yet.

    user C -
    I had no problem with the old. I have no problem with the new. Some things I like about the new, some about the old. (sigh) I wish they would have left this or that alone, I liked it that way, but time to move on.

    user D -
    Wow, I like the looks of the new thing. My current thing is now a year old, I want something new. I don't care if I have problems or not, it is new, so it must be better. Just give me something new and exciting!

    Funny how something like computer security can be defined in so many different ways, each of them having merit to the user because of how differently they are configured and used.


    Sul.
  22. dw426
    Offline

    dw426 Registered Member

    Though I agree with Hungry in that applications are easier to go after perhaps, there are still plenty of exploits for Win 7, and quite a few bypass ASLR and other protections.

    @Hungry: Not defaulting to an Admin account would be a huge mistake? How is it a huge mistake to not be forced to be a user? Look at how Linux does it, you make a password for root access, and then you get plopped down into a user account. Even a UAC account is higher in the food chain and more damage can be done, and that's exactly what you get right out of the gate. Not to mention UAC pops up for everything, and most people ignore it or turn it off...which is stupid because without it, you're still hosed.

    The registry, well, here's my thing. I think it's a piece of crap, and yes, I do believe config files are better and easier to keep control of. Messing with a config file might mess up a program..and only the program that config file is associated with. You do that sort of screwing about with the registry, you're likely to be faced all kinds of hell if the computing gods are not with you that day. Why do you think people get into so much trouble with registry cleaners?
  23. acr1965
    Offline

    acr1965 Registered Member

    When is Windows 8 supposed to be released? Also, is anyone running the Developer Preview?
  24. moontan
    Offline

    moontan Registered Member

    supposed to be around for the holidays shopping season next year.

    a lot of us here (by a lot i mean at least 20 people, lol) are either running it or have tried it.
  25. m00nbl00d
    Offline

    m00nbl00d Registered Member

    Indeed, the registry as we know it should disappear. It has always been a mess. But, I have my doubts that Windows 8 will bring any changes in that field.