Ask HN: Are Windows 10 and 11 considerably more secure than the old versions? Is it enough to avoid opening unverified executables and emails to stay safe? or I'm being oblivious |
Ask HN: Are Windows 10 and 11 considerably more secure than the old versions? Is it enough to avoid opening unverified executables and emails to stay safe? or I'm being oblivious |
That said, I don't really consider Windows "secure", when it's still filled with legacy cruft that was written before Microsoft's focus on secure coding. We are still seeing font exploits in 2022, FFS.
The track Windows 11 is headed seems like a decent approach given realities. For whatever reasons, Microsoft's efforts to eliminate legacy cruft has proved unsuccessful/untenable, so the next best compromise is to harden the OS against itself and everything else.
For something more foolproof and secure, consider iPadOS or a Chromebook.
Here’s a useful resource: https://techsolidarity.org/resources/basic_security.htm
Any examples? Suppose we have a Windows computer connected to a NAT with an access to an Internets, but the computer doesn't download anything. I am not a sysadmin but from my understanding this is almost safe.
It can even change system settings without you noticing
You should feel naked when you manipulate sensitive data with Windows, because you are indeed naked
Hence why most companies forbid their employees to use windows with public internet access for work
I have literally never heard of a single company doing that.
I've never worked anywhere that's done this, and I work in healthcare. Most commonly they will put you behind a proxy that does malware and data loss protection.
1) You’re browsing the web from the old machine. Your HTTPS connection gets MITM’d due to a TLS vulnerability, and the attacker is able to gain control of your email account.
2) Unbeknownst to you, another machine on the network is infected with some virus. That machine uses a CIFS vulnerability to remotely infect and root your old computer.
2. Great example.
Call your bank, and ask them if their employees PCs have access to the public internet
Same for your local hospital, call them
Bonus:
https://www.hipaajournal.com/internet-access-control-for-hos...
Apparently developer machines not being able to access the internet somehow makes users interacting with a website over the public internet insecure?
Security is important, but not the only concern.