Is Windows 10 safe to use?

[Seliph]

Windows 10 is better than 7 imo, I use O&O ShutUp10 and it's pretty good at dealing with all the spyware garbage.

 

[GCS]

Hehe, hooray for common sense. Best antivirus program to have.

Ive been sticking to win7 for a loooong time too. Win10 used to run in virtual box ;p Eventually i had to switch because of that new mainboard and missing drivers.

Spend quite some time deactivating tons of those super smart features, killing telemetry stuff manually, using tools like SU10.
So, everything unnecessary is removed. Im using VPN, block most of the stuff in firefox, use different browsers for different purposes and keep things separated. Clean up regularly and dont forget backups. Call me paranoid, but this makes me feel..like nearly safe, lol.

Guess it depends on what kind of software you need to run. Linux would be an easier path; security-wise, but its about compatibility too, sadly^^

Yeah you are right, though no one can be sure if all telemetry is gone because of the fact that win10 is closed source. btw what kind of programs/games do you run that may not be compatible with linux?

 

[LostRabbit]

Yeah you are right, though no one can be sure if all telemetry is gone because of the fact that win10 is closed source. btw what kind of programs/games do you run that may not be compatible with linux?

Yea, thats absolutely true. There is no "100% safe" i guess, especially nowadays. Windows, Google, Facebook, Whatsapp, that brand new mobile phone..

While it may be technically possible to get along without all of those, that sounds like way too much of a hassle for me tbh. Guess theres also that "convenience factor", or lets just call it.. pragmatic.

Ive been a windows user for ages, got everything to work properly, have purchased a lot of software and everything..

My main desktop computer is used for a lot of different stuff, running not quite so common hardware, a quite expensive sound card that does quite some work in real time, an audio interface, video editing software, emulators and quite some old games that i barely got to work on windows 10.

But in the end, it all comes down to priorities and efford, i guess. If achieving the highest possible level of security was my main goal, i should have probably buried windows long ago, hehe. I dont think thats really necessary tho. Im not the president and dont have alot of super secret stuff going on here. Its still possible to collect some data of me and analyse some of my activities, but im not making it all that easy.

By the way, what kind of llinux distribution do you use yourself and why?

 

[wolf-snake]

uhhmmm... Being this worry about security makes you look kinda suspicious... What is it that you're trying to keep away from anyone? do you have terabytes of... Cuestionable material?

 

[LostRabbit]

uhhmmm... Being this worry about security makes you look kinda suspicious... What is it that you're trying to keep away from anyone? do you have terabytes of... Cuestionable material?

haha, yea, tons of evil stuff ;D

no, seriously its more the idea of someone spying on me, silently collecting my data without asking. that mentality, its more like.. a question of principle?

I know all of this is irrelevant for most windows users. It doesnt really matter much, if they log activities and do.. what the fridge ever with it This doesnt seem to be a problem in most countries, obviously. Im generally quite perfectionistic and i really dont like that behavior at all. When using my computer, i want it to do exactly what i tell it to do ^^

 

[Barloomo]

Well I've been usin' it for years and I'm still alive. So yes? xd

 

[GCS]

uhhmmm... Being this worry about security makes you look kinda suspicious... What is it that you're trying to keep away from anyone? do you have terabytes of... Cuestionable material?

First a fancy quote: "If you think privacy is unimportant for you because you have nothing to hide, you might as well say free speech is unimportant for you because you have nothing useful to say."
Now I can continue:
1) Let's say you are ok with giving your sensitive data to componies like FB, Google, Microsoft, etc because you think your data is in secure hands. But you are wrong, your data is not secure. Facebook, Google, Microsoft has been hacked many times and they are surely not secure (there is no such thing called unhackable actually every device is hackable.), so if one of these companies gets hacked then all your sensitive info will be out there in the wild for any stranger to look. Your home adress, contacts, name, id, credit cards, favorite restaurant, photos, chat logs do you want me to continue?
2) Quote from u/SkynetEnginner:

The problem I keep seeing is people think that because you don't post it publicly, and assume that everything else is "private"
I have tried to explain how important your medical information is to Google and Facebook, having a one-on-one conversation over Facebook chat/Gmail, or doing a Google search on a medical condition will tie those medical conditions to you online profile, and marketing companies are willing to pay for your medical conditions. And do you really want embarrassing medical conditions being shared with unknown 3rd parties or leaked publicly.
Are we really that far from having our car insurance rates increased because Google monitors our speed and driving skills on Android devices and think your a shitty driver even if you have never had a ticket or an accident. Maybe our rates are increased because you have many Facebook friends who are bad drivers and now your insurance company assumes you are a bad driver like your friends.
Are we really that far from having an insurance company deny you coverage because you did a search for a condition on Google and the insurance might use that to build a risk factor.
Are we far from having our credit score tied to data collected via Google or Facebook, maybe too many of your friends have bad credit so that increases your credit risk factor.
Are we really that far from having a divorce lawyer use embarrassing data about a spouse collected by Google (Has happened in divorces after Ashley Madison data leak)
Can't get it up? Google knows.
Got hemorrhoids? Google knows
Constipated? Google knows
Have an STD? Google knows
Having an affair? Google knows
Have a small penis? Google knows
Looking for a hook up? Google knows
Closeted/Curious gay or bi? Google knows
You secretly voted for Trump? Google knows

3) Principals.
I may have got a bit off-topic but security builds privacy in the end.

 

[GCS]

Yea, thats absolutely true. There is no "100% safe" i guess, especially nowadays. Windows, Google, Facebook, Whatsapp, that brand new mobile phone..

While it may be technically possible to get along without all of those, that sounds like way too much of a hassle for me tbh. Guess theres also that "convenience factor", or lets just call it.. pragmatic.

Ive been a windows user for ages, got everything to work properly, have purchased a lot of software and everything..

My main desktop computer is used for a lot of different stuff, running not quite so common hardware, a quite expensive sound card that does quite some work in real time, an audio interface, video editing software, emulators and quite some old games that i barely got to work on windows 10.

But in the end, it all comes down to priorities and efford, i guess. If achieving the highest possible level of security was my main goal, i should have probably buried windows long ago, hehe. I dont think thats really necessary tho. Im not the president and dont have alot of super secret stuff going on here. Its still possible to collect some data of me and analyse some of my activities, but im not making it all that easy.

By the way, what kind of llinux distribution do you use yourself and why?

Well, if you have programs that aren't supported on linux (such as adobe stuff ) you can fire up a Windows KVM which would take at most 2 hours to configure. Since you only need to do the configuration once it isn't that much of a deal. With a KVM you can get performance nearly as same as natively booting Win10 on your pc.
About the convenience part you are mostly right but personally I used Windows 10 for ~4 years and my first switch to Linux Mint wasn't that easy as you can guess. But after a month I completely got used to it. Another thing that scares people in Linux is the terminal but you won't be using that a lot of the time and even if you need to do use it, only thing that you will be doing is just copying and pasting text.
btw 99% of the emulators are open-source and support Linux so that won't be an issue.

I use arch . Because it is lightweight and has AUR. AUR is basically a program pool that let's you install any program with just writing it's name, no next-next'ing the installers or accepting annoying ToS. Just write the program name and boom, it installs.

 

[LostRabbit]

Well, if you have programs that aren't supported on linux (such as adobe stuff ) you can fire up a Windows KVM which would take at most 2 hours to configure. Since you only need to do the configuration once it isn't that much of a deal. With a KVM you can get performance nearly as same as natively booting Win10 on your pc.
About the convenience part you are mostly right but personally I used Windows 10 for ~4 years and my first switch to Linux Mint wasn't that easy as you can guess. But after a month I completely got used to it. Another thing that scares people in Linux is the terminal but you won't be using that a lot of the time and even if you need to do use it, only thing that you will be doing is just copying and pasting text.
btw 99% of the emulators are open-source and support Linux so that won't be an issue.

I use arch . Because it is lightweight and has AUR. AUR is basically a program pool that let's you install any program with just writing it's name, no next-next'ing the installers or accepting annoying ToS. Just write the program name and boom, it installs.

Thanks for your feedback. Thats quite some useful tips there.

Ive been experimenting with some linux distributions in the past, including ubuntu and mint, using virtual box. performance was not all that great really. Guess i gotta check out KVM and consider switching, next time i have to set up my system

 

[weatMod]

It don't matter , none of this matters
nothing is safe anyways , spectre and meltdown say hello
also you probably have IME or PSP too
the vulnerabilities are hardware embedded now , and that is just what we know about
but I wouldn't worry too much

 

[GCS]

It don't matter , none of this matters
nothing is safe anyways , spectre and meltdown say hello
also you probably have IME or PSP too
the vulnerabilities are hardware embedded now , and that is just what we know about
but I wouldn't worry too much

It does matter. If people who use these kind of services would decrease cooperations would need to adapt and become privacy and security friendly, pretty simple.
If a hardware gets vulnerable, then you should buy a new hardware, again it's simple. (obv this loop will continue so you are kinda right but wrong at the same time)
Saying that it doesn't matter is just running away from the problem imo.

 

[AsPika2219]

I am using Windows 10 right now! Also updated with Windows Update! Waiting for Windows 11 and will install it anytime soon.

 

[LostRabbit]

I am using Windows 10 right now! Also updated with Windows Update! Waiting for Windows 11 and will install it anytime soon.

Hehe. Well, thats like.. really great for you Im using windows 10 right now too.

Have you ever had any security concerns? Maybe you used shutup10 or anything like that?

Cheers

 

[cearp]

Yeah you are right, though no one can be sure if all telemetry is gone because of the fact that win10 is closed source.

People aren't expecting the telemetry to be gone/uninstalled, just turned off.
It's easy to check if you use a firewall!

It don't matter , none of this matters
nothing is safe anyways , spectre and meltdown say hello
also you probably have IME or PSP too
the vulnerabilities are hardware embedded now , and that is just what we know about
but I wouldn't worry too much

it's not super simple, but not rocket science - if you want to disable intel me you can.
I don't like that we can't do it from the bios, but at least it's possible to disable it via flashing.

If you're really worried, don't use a laptop, don't use windows or mac.

 

[GCS]

People aren't expecting the telemetry to be gone/uninstalled, just turned off.
It's easy to check if you use a firewall!

Nah I am pretty sure a great number of win10 users think telemetry is off when you turn it off from settings lol.

Firewalls huh, I don't have that much exp with them since I haven't in need of one before but I know the basics of it (tell me if I make a mistake here). So what if Microsoft uses other domains/subdomains for telemetry too, will you be able to figure out that connection with a firewall too? If you would block all Microsoft related domains then you probably wouldn't get security updates which is even worse then giving your data to Microsoft.

 

[cearp]

Nah I am pretty sure a great number of win10 users think telemetry is off when you turn it off from settings lol.

Firewalls huh, I don't have that much exp with them since I haven't in need of one before but I know the basics of it (tell me if I make a mistake here). So what if Microsoft uses other domains/subdomains for telemetry too, will you be able to figure out that connection with a firewall too? If you would block all Microsoft related domains then you probably wouldn't get security updates which is even worse then giving your data to Microsoft.

Well you can have a 'software' level firewall in windows, windows 10 has one built in - and block what you want.
There are many different urls/ips that will get used, and so I'm sure it's possible to block telemetry but still receive updates.
If you are really paranoid, you can download the updates on a different computer and install them offline manually.

You can have an external firewall, then you wouldn't need to worry about windows having any backdoors, all network traffic would be routed through your firewall running on a separate machine, and you'd be in control of that.

(sounds extreme to some people, I don't do these things myself, I don't use windows too much, I just play around for fun)

 

[GCS]

Well you can have a 'software' level firewall in windows, windows 10 has one built in - and block what you want.
There are many different urls/ips that will get used, and so I'm sure it's possible to block telemetry but still receive updates.
If you are really paranoid, you can download the updates on a different computer and install them offline manually.

You can have an external firewall, then you wouldn't need to worry about windows having any backdoors, all network traffic would be routed through your firewall running on a separate machine, and you'd be in control of that.

(sounds extreme to some people, I don't do these things myself, I don't use windows too much, I just play around for fun)

I wouldn't trust built-in firewall to check telemetry tbh. There might be a way to get updates while blocking telemetry but even blocking telemetry has it's limits. 3rd party firewall software might not be able to detect if we are connecting to some specific microsoft servers or not because of the fact that windows is a closed sourced OS, so who knows what is going inside it.

 

[raging_chaos]

Firewalls huh, I don't have that much exp with them since I haven't in need of one before but I know the basics of it (tell me if I make a mistake here). So what if Microsoft uses other domains/subdomains for telemetry too, will you be able to figure out that connection with a firewall too? If you would block all Microsoft related domains then you probably wouldn't get security updates which is even worse then giving your data to Microsoft.

No IT department anywhere is just going to sit on their thumbs and not lock down all outgoing connections. As had been said before in multiple different ways all telemetry domain servers have already been figured out and the exact data that is sent is well known. Microsoft has disclosed this and it has been independently verified several times over, you can't mess around when it comes to big businesses and their databases. Telemetry has also been backported to Win7 a very long ago, a quick Google search will confirm all points. Apple collects the same type of data they just don't share with outside sources or let the public know and everyone with an Android device has already told Google more than they will ever tell Apple or Microsoft combined.

Anyone stuck on Home edition should be figuring out how to enable gpedit instead of using a crap script that uses a shotgun approach and breaks security/driver updates. An informed user wouldn't be using a Home edition of Windows anyway nor would they be using scripts on Pro/Enterprise because of gpedit/powertools. Any third party free firewall will automatically block a connection the second something tries to go online and you turn off the appropriate services as needed, there's no need to block every individual IP address, this is very common sense stuff. For anyone that can't do any of that preconfigured images with these services turned off can be found online too.

As far as Linux vs Mac vs Windows, Linux is not meant to replace any OS it's meant to supplement. NAS file servers/web servers and the like are meant to be setup with Linux as a foundation, actual terminals, stations, laptops and anything else a layman human will interact is where Windows and Mac will excel at because (to borrow and Apple line) everything 'just works' and is designed to be plug and play with any new hardware that comes out. I can tell you this after having deployed 1200 PC's in a medical building the average user, even a young adult that has grown up with tech, is not as savvy as anyone browsing this website looking for hacks and the learning curve would be longer than just a few weeks/months. A Chromebook, which is just Gentoo Linux, is an easy example of just how dumbed down the OS has to be before it can be sold to and used by the average user.

If I'm flashing an EEPROM or dumping a chip, I'm certainly doing it in Linux, but for something like using CAD software I'm doing it in Windows because not everything can be virtualized and the software is usually a lot more mature and full featured. The Windows Subsystem for Linux has actually had me booting up Linux less lately when it comes to writing to RFID cards and with native Android support coming not having to setup a virtual machine or dealing with the CPU/RAM overhead is even more welcome. Linux has certainly come a long way but it's still not a 100% replacement OS in many cases that don't even involve gaming. I won't even get started on the software that runs on the medical equipment or is used by the billing dept.

3rd party firewall software might not be able to detect if we are connecting to some specific microsoft servers or not because of the fact that windows is a closed sourced OS

Firewalls monitor and block all ingoing/outgoing connections on all ports period you can't hide from one and a connection isn't allowed unless you explicitly set it to be allowed. Outside of Windows all connections are logged via routers (which are just hardware firewalls) and going beyond that there's always ISP logs. Routers themselves can be setup to block Microsoft domains but that's still overkill for the actual data people are sending. You don't block the domain, you disable the service that's calling Microsoft. The fearmongering is getting beyond childish and shouldn't be used as a strategy to grow a userbase. Windows is perfectly safe, in fact it's probably what's running the machine that is keeping one alive in the ER during the next visit.

 

[Valwinz]

Windows Vista is where it is at

 

[LostRabbit]

As far as Linux vs Mac vs Windows, Linux is not meant to replace any OS it's meant to supplement. NAS file servers/web servers and the like are meant to be setup with Linux as a foundation, actual terminals, stations, laptops and anything else a layman human will interact is where Windows and Mac will excel at because (to borrow and Apple line) everything 'just works' and is designed to be plug and play with any new hardware that comes out.

Thats a good point.

THE (best/perfect) OS does not exist. Its like "whats the best car?", "whats the best tool?"

Like i said before, it really depends on what you need.


long term stability, reliability, efficiency -> wouldn't really recommend windows

for most casual desktop users, compatibility, convenience -> windows is no bad choice


there will always be software that was designed for/runs best on X, which you can maybe get to run on Y aswell, if you really wanna do that. i use virtualization a lot too and/but generally like the idea of keeping things separated.


in general its always a good idea to have your home network configured properly, your modem, router, network switch, whatever. .

but also, keep your common sense and dont abandon security completely. keep important stuff backed up somewhere else
(Not only RAID!)

all in all, i think one can say windows is safe enough for most people. there are quite some things you can do, but there wont ever be a 100% but thats like.. life, isnt it?