Search the Community
Showing results for tags 'win 10'.
I have mentioned this before and must do so again so that you understand what we are speaking about when discussing Security vs. Privacy. Also let me state that I often come across a bit judgmental, that is not my intention here. Win 10 is a very solid and well secured OS, but not good for those looking for privacy and anonymity. Privacy vs. Security At a quick glance you will think that they are more or less the same, and that would be the case if we were speaking of material privacy. If your Laptop is secure than your Private photos remain private. But in cyber security we are speaking of privacy as a concept, not a thing. In this case it breaks down like this: Security: This generally speaks to your machine, hardware and software. It deals with Trojans, worms, viruses, adware, malware, ransomware, as well as system vulnerabilities like un-patched or old software, old anti-virus signatures. Keeping permissions tight, keeping access blocked, etc. Privacy: In this case we are talking about you rather than your things. Privacy is about protecting your data, not giving out your SSN, not posting embarrassing photos, not letting other know what you are doing. It is about the information and actions and beliefs that make up you. The basis of all cyber security considerations is which of these two things is most important to you? It is not about choosing one or the other, they are very much entwined, but you will always have to choose between which one weights more in your worries. That decision will often form your choices. If you are a political dissident, if you have a secure PC, but you announce your name online you will be arrested and jailed and any adversary with your hardware will eventually crack it. If you protect your identity online, the government will not who to arrest and not get your machine. So, Privacy is more important, though you would protect your PC too. Windows 10 – Go for it or hold off? So, we come back to Windows and my question above: What do you care more about? If you go out and get a new PC, it will likely have Win 10. The question is then, do I simply accept IU am forced to have Win 10? Do I wait until the next generation of Windows? Or do I simply purchase or change my OS to another type, Like Linux? Here is a break down for you and why the question is so important. I will go Positive first as I am not trying to influence you as it is a personal choice, you just need to understand what is at stake. Security Win 10 is getting some praise by the traditionally anti-Microsoft security experts. 10 is proving to be a major change for Microsoft, it is solid and far more secure than any other Windows in history. Remember that Windows has always been “Dumbed Down” for the users. They want it ridiculously easy to use so you’re the user do not have to think, just point and click. This however has resulted in decisions that, although making your life easier, also made the system massively insecure. Granted, it was also conceived in a time period where nobody saw a real need for security. Here are just a couple reasons I can think of off the top of my head why Windows has finally become more secure. Security and ease of use rarely go hand in hand. Virtualization-based security: Greatest thing to hit Windows since they started using Windows. Most of you know what virtualization is. You install a Virtual Machine and then you can run any type of Operating System (OS) on that machine. So, you boot into Windows, open your VM and you can run a Linux computer on your Windows machine as an example. Win 10 uses a version of this to run much of it’s security virtually, so even if a hacker gets into your admin account, that does not give them the needed permissions to change many major settings. This is a major change for Microsoft and something the security field has been preaching for years. Virtualization is one of the keys to security keeping different parts of the system separate from each other. You can imagine it as a virtual sandbox. Defender Application Guard for Edge: This is another example of Virtualization. Cyber security is a technical field mostly and I try to keep from getting to deep in the technical stuff with you as most of you may want to be safer but now follow the technical stuff. Basically, Application Guard decides if the web site you visit can be trusted. If it is Edge shows it as usual, if not, you still see it as usual, but the web site is shown in a virtual browser and anything bad it includes is unable to infect your browser or the machine. Here is a Happy & Bubbly video on how it works for users. Device Guard: Virtualization again shows its power with this tool. It uses the “Zero Trust Model” where everything is considered untrustworthy. You then “Whitelist” apps you trust or know where they came from. Traditional security counts on having a signature of “Bad” software, so new threats are not recognized as threats. This way everything is considered a threat until proven otherwise, so new threats do not get through. All software must be signed, from Microsoft, the developer, or now you can vouch for software you trust. Using virtualization keeps any malware that reaches the system from running code that will write or change code to the Kernel of the OS programming. Device Guard will also work hand in hand with AppLocker which is in Windows since Vista and can be used to limit permissions to applications. How Windows Defender Device Guard features help protect against threats NOTE: Currently Device Guard only works on High-end editions like Enterprise, Business and maybe Education editions. It does require some hardware etc. that supports the technologies used. Many producers have signed on to support this technology, but they have not shipped such machines, so at this time the average Home edition user will not be able to take advantage of this tool. High-end computers may be able to if they run high-end editions. There are more things making Win 10 the most secure operating system form windows yet, these are just a few real worthwhile mentions. You can see more at: What's new in Windows 10. Privacy This is a completely different matter. As mentioned above, ease of use & security rarely works well together, nor does ease of use and privacy. Here I look at it from both a security point of view and generationally. I am an old guy, so I come from a different world and cannot understand all this linking of stuff. A Phone and a camera are two different things, so why combine them, which was my opinion with the iPhone 1 announcement. Along those lines, why would I go on Facebook and post a selfie of me and my dinner while telling everyone following me what I am eating and at what restaurant at this moment. Who cares? And why would I want to follow anyone anyways? But the millennials and later, it is simply the way things are and what you do. Win 10 is made in the image of Millennials, or at least what Microsoft thinks they want (rather than need). The result is, we get things like the required addition of a Microsoft controlled email to use the OS fully. More and more Microsoft in creeping into our private lives. Win 10 is riddled with Apps that identify you, they track you, they call home and let MS know where you are, what you like, and much more data about you which MS then uses to target you for advertising and among other uses, makes a profit off you. This is why you must decide what is more important, a secure OS or an OS that phones home without your knowledge and permission to tell businessmen everything about you just so you can use Skype with fewer clicks. That is the reason it all depends on you, if you want security and do not care about secret communications between your machine and MS, you just want easy access to all your social tools, then Win 10 will work for you. If your privacy is important and you don’t like this idea of MS possibly spying on you, then go with another OS or wait and see if we privacy advocates can force MS to back off and respect our privacy in the next OS. Here are some privacy examples for you: Synchronization is the default. Everything synchronizes with Microsoft to include, web sites you visit, passwords, personal data, browser history, hotspots, software settings etc. Do you trust MS with your user IDs and passwords? Do you visit sites that maybe you do not want others, especially strangers to know you visit? Each instance of Win 10 gets a unique Advertising ID to customize advertising you receive to your interests. They do not do this to be nice, advertisers pay them good money to target you with their advertising based on what you surf to or for. Cortana Data Collection, seriously, was your life so difficult before Cortana? To serve you it must learn about you. To work and meet your requests Cortana (and Siri etc.) collect data such as device location, information & location history, your contacts, voice input, search history, calendar details, content & communication history from messages and app, key strokes, debit & credit card details, movies you watch and music you listen too, as well as info about your device to name a few. When you agree to use Win 10 you are agreeing with sharing your data with Microsoft and how they will track you. Read their privacy statements and service agreements. You have some great services to gain, but it will cost your privacy, so be sure it is worth it for you. https://www.microsoft.com/en-gb/servicesagreement/default.aspx https://privacy.microsoft.com/en-us/privacystatement/ So, decide if you want an Easy to use/Semi-secure/Gadget driven link to your online life or if you are more worried about Security AND Privacy. Many of you do are not much worried about your privacy and that is fine if it works for you and you can feel more secure with Windows 10 than you should feel with whatever Windows you use today. If however your privacy is important to you, stay away from Win 10 as long as possible and seriously consider Linux or even Mac.
Also good if you want to play with Linux and get used to it before switching, but Kali has lots of apps not normal on Linux distributions and used only for security work/hacking. Run 'Kali Linux' Natively On Windows 10 - Just Like That! https://thehackernews.com/2018/03/kali-linux-hacking-windows.html