Can strong FW plug the possible backdoor in Windows?

So given recent news about possible backdoor in Windows 8 my questions is whether properly configured firewall can lock them down?
For example block all outgoing traffic with exception of open source software?

 

If there is a backdoor in windows (and you are connected to the internet) you have to assume your system is compromised no matter how much security you've got be it software or hardware, that's just my paranoid view of it.

 

He's talking about the backdoor in here:
https://www.wilderssecurity.com/showthread.php?t=352287&highlight=backdoor

@matt

If you don't trust Windows and Microsoft, then don't use their products. They might be using a trusted process for it or completely hiding it from the firewall, even third party firewalls. And I thought you were moving to Linux? No intention to flame, just my personal opinion.

 

I was but Im unable to get help configuring trackpoint. I tried here and linux mint forum. I have also recently posted on thinkpads forum and will soon so in ubuntu forums. Without a trackpoint I refuse to use any computer/OS...

 

No you'll have to strip out known backdoors in Windows, and that's only feasible in earlier versions (at most XP). Ask noone_particular for more details: https://www.wilderssecurity.com/showthread.php?p=2270752#post2270752

 

Thanks. Very informative.

 

There's big difference between adding backdoor to a system by compromising it and designing an operating to include a backdoor. On an older system, it might be possible to find the components that contain the backdoor function. If those components are not part of the core operating system and are not directly incolved in system critical processes, it might be possible to remove them. If the backdoor is part of the core operating system, there's no realistic way to remove it, especially on a closed source operating system.

 

so it seems that I should either go with linux or custom made XP?

 

That depends. Like many things, it's a tradeoff. There is no hard proof that Win 8 is backdoored. You have to decide for yourself based on the available information, much of which conflicts, Microsofts history and long term pattern of behavior, and recent events and revelations.

Windows has always had vulnerable components that could be exploited. Many of them were able to give an attacker full access/control. You have to decide for yourself if they were all bad coding or if some were deliberate. I would have thought MS would have learned about leaving open ports after Slammer, but the new operating systems have more than ever. I see 3 possible reasons:
1, MS didn't learn a thing from Slammer.
2, They've actually made it completely impossible to exploit these open ports.
3, They're open for another reason, aka remote access.
You have to decide that for yourself.
On XP, by disabling services, the user could close all of the open ports. AFAIK, this isn't possible on Win 7 or 8.

If you switch to linux, you're basically starting from scratch, and there's lots to learn. If you stay with XP, you have to accept that there won't be official patches after support ends. You'll have to rely on 3rd party security apps and unofficial patches/upgrades. This is not something to be taken lightly. You also won't have the new "features" and eye candy. You have to decide how important those are to you.

 

I wouldn't do anything that I wanted to stay private on a machine running Windows, unless it never saw the Internet.

 

Well it's nothing illegal. Just personal pictures, letters, etc... after the PRISM I simply didn't feel the same running cloud back up, using gmail and now recently with the German gov't warning of windows 8 backdoor, it seems like I have to switch up everything. I haven't completely migrated from gmail as I have used it for the past 10 years and I will have to keep it running probably for next 10 months or so until Im sure all important work/school/banks etc have my most current email address. Now since closing ports in 8 and 7 is impossible and XP will simply expire I am left with no choice but to use linux. Which is extremely difficult to get working properly for someone with no prior experience.

 

Microsoft doesn't have any more excuses. Windows 8 was their chance to start fresh with the operating system. I'd be curious to know how much of the original code was recycled and left unchanged. Hopefully they've done enough to secure the platform against attacked. Besides, if they did recycle most of it or backdoor it then it shouldn't take very long for hackers to figure this out and exploit it. Might be best to hold onto your current versions and wait to see how things go.

 

One thing is sure: Microsoft never liked third part security softwares, it would want to have the whole control of Windows also when we have regular license and we use it on our pc, to decide what we can or can't do.

 

As long as you don't really know if there is a backdoor in Windows 8 (no, Trusted Computing platform is not a real backdoor) and as long as the nature of that potential backdoor is unknown, it is hard to say what kind of defence is effective against it, if any.

 

Hi mattdocs12345,

If you can determine the manufacturer of the TrackPoint device, then surely you can look them up on the Internet and ask for configuration advice/instructions or even ask the dealer from whom you bought your rig for help/where to get the help you need rather than deny yourself Linux. Maybe even Linux doc has some help for setting up the TrackPoint device.

-- Tom

 

Hi Tom,
Thanks for the suggestion. I have actually made a little progress with the trackpoint. I managed to increase the sensititiy and speed. The changes however revert themselves to default upon restart. I switched to Ubuntu since their help forum is much more active. Hopefully I will be able to make a complete switch soon and run Windows 8 in Virtual Machine for one or two applications that I need.

 

Official support for XP will expire. XP will not. It'll run the same as it always has. The security apps that work on it now will continue to work the same. The apps that run on XP won't disappear the moment support ends. That will take a lot longer.

Don't underestimate unofficial support. As popular as XP is, I completely expect to see an XP equivalent to the KernelEx upgrade for 98, which enables it to run a lot of newer apps. The coders of these and other unofficial upgrades fixed bugs that MS couldn't (or wouldn't) and made it a better OS than Microsoft ever did. XP's best years may be ahead of it, not behind.

 

noone, thanks for the refreshing perspective on things. I am still going to try to switch to linux first. After I fail (but hopefully succeed) then I may ask you for help in setting up XP on my 2nd back up laptop. 7 and 8 is no hope so I won't even touch them.

 

There's no need to do a total switch. If you're hardware has enough RAM and hard drive space, try various versions of linux on Virtualbox. Virtual systems are also a good place to experiment with stripping down Windows. Most of my virtual Windows systems are for testing and experimenting with different ideas. You can also put linux on USB sticks. If you have the room, consider a dual or multiboot arrangement. Just make sure that you have a reliable way to restore your existing system before you start. You can go as fast or as slow as you want. The experimenting itself is an excellent learning experience. Once you get a virtual system built to your liking, you can use it for a model for a physical system. If you go this route, make sure that you document the changes you make and the order you make them.

 

Long time not here but I have read about a problem in Windows 8.1 so am looking for some help.

I've developed some formulas for tr@ding the currency markets and I want to keep that out of the hands of other parties. I regard tr@ding as the biggest game around so you can understand the interest of the real big semi g0vt boys.

From what I understand is that the new Smart Search will also upload your local searches on your computer so I do not want that on my computer. Unfortunately I am tied to Windows due to the program that I use for doing my work (yes it is a real job and took me over 12 years to get anywhere - quite a long time without any returns).

I have not much of an issue keeping my data safe (e.g. a TC container on a USB stick) but am far more concerned with the monitoring that seems to be continually going on and which I presume is going to get worse. After all now it are only the searches but the next step is every key stroke.

I went to Windows 8 because it gives some processing advantages plus with the history of the hardware vendor they'll only support their hardware so long so I want to keep the existing HW running as long as possible an I wanted to "look ahead" and have an OS that is supported for a long time. Not getting any younger and I do not enjoy having to reinstall / relearn an OS every two or three years.

If you guys can steer me in the right direction then I would greatly appreciate it. Thanks.

PS if I have posted this in the wrong location please steer me to the correct spot. Thanks!

 

@Leonardo_daVinci

I wouldn't put anything that sensitive on a Windows 8 machine that ever sees the Internet. If you must use Wildows 8, it would be prudent to do all of your sensitive work on an isolated Windows 8 machine. That is, you would get the updates from Microsoft, review them, and then apply them to your isolated Windows 8 instance.

I'm (almost) sure that there are ways to use local mirrors for Windows updates. Or, at least, I know that it was possible with Windows XP. If it's not possible with Windows 8, I would not use it.