Fuzzfas

Level 3
Verified
I am not saying that Windows 10 is 100% secure, but it gets patched none-the-less. Windows 7 isn't going to get patched anymore. Remember WannaCry Ransomware in 2017? It infected mostly Windows XP. It had patches but organisations didn't bother to install them. This is one way in which Windows 10 is safe, as the updates keep getting installed automatically. Had they patched theirs before, WannaCry wouldn't have done so much damage.
Yes, but the more Windows 10 becomes prevalent, the more malware writers will target it. Windows 7 will be let's say more vulnerable, but patches won't save Windows 10 either, because only the most incapable malware writer will make a malware that can't infect Windows 10.

The only certain thing an attacker knows about potential defenses is the OS and WD. By the time a malware is spread, defenses adapt, malware writers dont' expect their malware to "work" eternally either. They will just write another or a new variant. If you use 3rd party programs that can block the malware, you are most likely safer than having Windows 10 at "default" configuration. Because when the malware is still "fresh", it will be coded to infect Windows 10 + WD. Windows 7 may be more vulnerable for longer period of time, because it will be unpatched, but the malware must first land on your installation, which might depend not on the OS itself but other program (like the browser). And if something manages to land and try to exploit a kernel hole, well, ok, if you don't have a 3rd party program, you are toast.

But after 20 years of reading security forums, i am not so prone to panic anymore about these "impeding threats" that await around every corner, because i haven't really seen them. I had arrived to the point to downloading malware on my own to test them in Shadow Defender, just to see my antivirus "work". I can't explain how people get so easily infected other than clicking on their own to unknown origin executables or sharing infected USB keys.

One thing i 've realized over the years. If one super-hacker wants to infect you, he will, no matter how well patched OS you have. But unless you are a mega-corp, you aren't worth his time.
 

Fuzzfas

Level 3
Verified
Best defence is stay up-to-date..OS is core and need more protection from Windows.I suggest to upgrade to Windows 8.1 from Windows 7 SP1
"Anti-ABCD+light virtuallization"is secondary layer.

Best defense, is the unpredictable and proactive defense. Windows 10 is the most predictable and retroactive defense. Patch = some poor basterds got infected somewhere in the globe and malware had spread enough so that some company took notice and created a signature or MS made a patch. It's great, as long as you are not one of those poor basterds.

I would take my chances of Windows 7 + 3rd party programs against any "default Windows 10 user", anyday, against any 0 day exploit.
 

poirotz

Level 1
Verified
@Umbra- I just would like to pinpoint just a few things now,as i said i dont have much time

available now

I said :


I hear a lot of advice these days about the need of 'upgrading' to Windows10 as a measure of


security, but i think all this fanfare is -perhaps- greatly exaggerated.



Did i say 'untrue' or 'false'? No.

But you vented your fury immediately stating

you are maybe the first one that contradict himself in the same post
.


Great : i was the FIRST!!!


First in all history of the forum or of all time?

In both instances i think there were many more before me.

But I have to invite both readers and moderators to read my post carefully and find a hint

of contradiction in what i wrote in this first sentence.


Either something really bad happened to you in the ten minutes prior to your post, or you

have something personal?


You never had any issues with Windows10? Good for you,but there's a million people who

had.especially in the first year,a lot of problems.

This may have nothing to do with security,but it was annoying. Now this has improved for

Windows10pro to the point you can defer updates for a while,a fact which i mentioned as

improved,regarding the OS.

Then you launch yourself into 'imaging' what i would do or think with my installed software

which is a really remarkable feat.

You go as far as stating that i run NVTExe,because 'i dont trust' Kaspersky...:

if it were so i wouldnt spend money every year on 'untrusted' software....

with Windows 10 i have a secure OS out-of-the-Box
in my post it is VERY CLEAR i consider Windows7 safe WITH a bunch of security

software which i mention, so i think you are trying to overturn the cards here as my post

was NOT a comparison btw OUT OF THE BOX oss, which is obviously in favour of W10.

because you seems to ignore what are kernel exploits delivered via fileless malware.
This point needs further study on my part,i dont have time now,but i'll search and come back

in a couple of days time perhaps. It seems to me what you say is irrilevant-regarding the

type of OS- but depending on other factors which can be adressed by security programs.


try again without any 3rd party securty tools, will you do? i dont think so.
When you compare stuff, you compare them at the same level, both out-of-the-box or both with additional tools;
Definetely! But i was not endorsing the use of Windows7 as it came out in 2009....

this was only in your imagination.


I bet you will never run Windows 7 without any security tools
NAP: you can bet your house on it.
But ,again, I NEVER STATED that.
Rather comical.



The whole "fanfare" as you claimed
You're hit,it seems,by the word 'fanfare' about upgrading to W10,which may i remind you means


1: a short and lively sounding of trumpets


2: a showy outward display


3: a lot of talk or activity showing that people are excited about something


the arrival of a warning from MS in all windows7 computers of the planet i guess justifies the definition.


I observed many security-oriented people, bashing Windows 10 because "i can make Windows 7 very safe", sure, but does 99% of the users worldwide can do the same? not at all.
Am i writing my post for the 99% or for myself?

From now on anyone posting here has to speak for those who know nothing and dont use any

security software?



So yes , i'm hypercritic to those who mislead users stating upgrading to Windows 10 is not necessary, while they safely relax behind their security knowledge/tools and let Average Joe struggle and be victims of keyloggers and ransomware

ahahah!!! so you are heavily contradicting yourself here,as you imply that i,for one,can

SAFELY RELAX with Windows7 provided i run suitable softwares....

I also didnt know that everytime i express an opinion i have to speak to 'average joe'.

This stance would reduce to rubble 50-60% of the forum.


That was true during WinXP/7 era, but you didn't have much ransomware or credential stealers like now.
Bloody hell!! I did not know MS had devised a total protection against ransomware in windows10!!!
I will immediately remove Comodo protections in my notebook running W10,must be redundant
and useless and i wouldnt like MS gets offended by it.

you dismissed upgrading Windows 10 as security measure, while you keep Windows 7 boosted
with 5 security apps.
Exactly.As the intent of my post was establishing that Windows7 could be used safely

even without updates for a COUPLE OF YEARS more....no more than that....but you

misrepresented my entire post.


Furthermore you immediately used a quasi-offensive tone without any reason,so when i have time i will reply to you about some tek things you mentioned.
 

Azure

Level 25
Verified
Content Creator
Regarding W10 security. Sure, having the latest patches is always important.

But in addition to that here's an article of how W10 protected users from vulnerabilities even without patches.

One of the technologies used was appcontainer. Something W7 doesn't have.
 

Fuzzfas

Level 3
Verified
Regarding W10 security. Sure, having the latest patches is always important.

But in addition to that here's an article of how W10 protected users from vulnerabilities even without patches.

One of the technologies used was appcontainer. Something W7 doesn't have.

Applocker exists in Windows 7 Enterprise and Ultimate. But the big question is: How many use it at home and whether it's easier to use Applocker instead of a 3rd party program that it's easier to use. Personally even if i had Windows 7 Ultimate (i have pro), i wouldn't use Applocker, because it's easier to do the same with other software.

But worry not. Should the vast majority of Windows 10 users, decided to use Applocker, the malware writers would adapt to bypass it.
 

Local Host

Level 20
Verified
Applocker exists in Windows 7 Enterprise and Ultimate. But the big question is: How many use it at home and whether it's easier to use Applocker instead of a 3rd party program that it's easier to use. Personally even if i had Windows 7 Ultimate (i have pro), i wouldn't use Applocker, because it's easier to do the same with other software.

But worry not. Should the vast majority of Windows 10 users, decided to use Applocker, the malware writers would adapt to bypass it.
AppContainer =/= Applocker, they're entirely different components with different objectives.

Windows 7 does not have AppContainer nor Applocker (Applocker is exclusive to Enterprise and Ultimate Editions, not available for Home Users), AppContainer was introduced with Windows 8, and is used to block Write and Read Access to most of the system.

Windows 7 could never mitigate the attacks described in the article, the same way Windows 10 did.
 
Last edited:

Umbra

Level 25
Verified
I 've read and partecipated in countless "internet wars" in the past about the same issue, every time there is a change in Windows. The thing is, the OP isn't a newb and the other thing, is that the OS will always have holes that get exploited before they are patched, because the attackers also have Windows 10 at home, so they have ample time to test their new malware against the "fully" patched system. If Windows 10 was so secure, it would be the end of malware. But it never is! The one PC i 've seen with ransomware, was running fully updated Windows 10 and was running an expired antivirus demo version (new laptop with WD disabled).
There is a difference between "safe" and "invincible".
In you car you use a seatbelt and an airbag because it is safer for you and will help you survive a crash. You know they wont do much if a tank hit you at full force.
Whatever people say, Windows 10 is safer than any previous version, reason why people should upgrade asap (if they are concerned about their security).

Windows 7 is now at 25% of marketshare. I doubt that malware writers are just weeping because they are now unable to infect the 75% of the machines around and in the next years malware will disappear... Or that they think "hey, it's ok, i will just write a malware that might hit the 25% of the dudes that run Windows 7. I can live without being able to hit the 75% of the market. I am a modest guy!"
you miss the one point, it is not only about being affected, it is being the vulnerability being fixed and not be used again. This is what being safe means.
You got a sickness, you use a vaccine to cure it, and to prevent to catch it again.


The truth is, the in security forums, paranoia reigns supreme, where the latest and greatest exploit is waiting every second around the corner to infect the poor forum member. When at the end of they day, you go the topic of "when was the last time you got infected" and the vast majority there counts the last encounter in years.
Of course ! that is the point of a security forum... you talk about the most worse case and how to protect yourself against it. it doesn't require to be victim to talk about it.
In security forums who care about PUP and worms that get blocked by your average AV, no one. That is for general computer forums.

And then the discussion continues: "Oh, but with this program you only block the exe after the exploit, but not the exploit itself! So get this program too!" .
And all is fine when you see it as a hobby, but at the end, if i had the minimum suspicion that something landed on my PC, i would just format. "Oh, but there are those that can infect the BIOS!". And this never ends. Or it does, after you take a break for a few years from forums and you just use your PC, instead of having your PC work for your antimalware applications and realize that this constant "risk" you thought you were subjected to, is maybe the same as the risk of being hit by a meteorite on the street. It exists, but it's unlikely.
That is security forum purpose, consider every aspects even the most improbable ones. Same as pentesters getting highly paid to find vulnerabilities that will probably be used against few systems.
Are you annoyed by it? if yes , why are you here in the first place?

Of course, if all day, all you do is download cracks and keygenso r files with double extension and you expect to see how lucky you are...
Some do, that is the problem.

I am not saying that Windows 10 is 100% secure, but it gets patched none-the-less. Windows 7 isn't going to get patched anymore. Remember WannaCry Ransomware in 2017? It infected mostly Windows XP. It had patches but organisations didn't bother to install them. This is one way in which Windows 10 is safe, as the updates keep getting installed automatically. Had they patched theirs before, WannaCry wouldn't have done so much damage.
Exactly but obsolete OS fans and advocate seems to always purposely "forget" this point. As if their awesome security tools will prevent a Kernel exploit like Eternal Blue...And about Eternal Blue, the thing isn't even dead yet, some malware writers still using it, perfectly knowing some organizations and individuals didn't patch their OS against it.
 
Last edited:

Umbra

Level 25
Verified
Did i say 'untrue' or 'false'? No.
But you vented your fury immediately stating
You miss why a reacted, it is the way you were saying than upgrading because of security concerns was exaggerated, and sadly it is not, i would like it was exaggerated and Windows 7 was safer but it is not.

First in all history of the forum or of all time?
In both instances i think there were many more before me.
That was a taunt to you, didn't believe you took it so seriously...

You never had any issues with Windows10? Good for you,but there's a million people who
had.especially in the first year,a lot of problems.
This may have nothing to do with security,but it was annoying. Now this has improved for
Windows10pro to the point you can defer updates for a while,a fact which i mentioned as
improved,regarding the OS.
Then you launch yourself into 'imaging' what i would do or think with my installed software
which is a really remarkable feat.
Which is irrelevant in the discussion, we are talking about security not installation or other issues.

You go as far as stating that i run NVTExe,because 'i dont trust' Kaspersky...:
if it were so i wouldnt spend money every year on 'untrusted' software....
I asked you what is your use of NVT ERP on top a full suite (especially KIS which covers almost every attack vectors)? you didn't answered...
To me seems you use it "in case" KIS get bypassed, so basically it is a lack of trust to me. correct me if i'm wrong.

in my post it is VERY CLEAR i consider Windows7 safe WITH a bunch of security
software which i mention, so i think you are trying to overturn the cards here as my post
was NOT a comparison btw OUT OF THE BOX oss, which is obviously in favour of W10.
So dont start a thread stating upgrading Windows 10 for security concerns is exaggerated and a fanfare. It is not, thanks to confirm it.
Remember, this forum is popular with beginners who have no clues of how to tweak or use sophisticated security solutions, so upgrading to Windows 10 is a huge security improvement for them.
Until Windows 10, i used to get regular calls from friends/customers for infected (Windows 7) computers , since Windows 10, i almost none...that is real experience and validate the efficiency of Windows 10 over Windows 7. So no, not an exaggeration.

Definetely! But i was not endorsing the use of Windows7 as it came out in 2009....
Doesnt matter what Windows 7 build you use, you will not get vulnerability patches against future exploits.
That is the whole point about security, you start with the safest foundation possible and then fill the possible hole with security tools if necessary. sadly with Windows 7 you start with a unsafe base that will remain this way since you won't get fixes.

Am i writing my post for the 99% or for myself?
From now on anyone posting here has to speak for those who know nothing and dont use any
security software?
A security forum is about sharing knowledge and correcting erroneous ideas, especially with beginners.
Not only to show off our formidable skills.

Bloody hell!! I did not know MS had devised a total protection against ransomware in windows10!!!
I will immediately remove Comodo protections in my notebook running W10,must be redundant
and useless and i wouldnt like MS gets offended by it.
i rather use Windows 10 built-in Security than Comodo crap...

Exactly.As the intent of my post was establishing that Windows7 could be used safely
even without updates for a COUPLE OF YEARS more....no more than that....but you
misrepresented my entire post.
you still don't get why i reacted, not about Windows 7 being safe with tons of 3rd party security tools, but your statement that upgrading to Windows 10 for security is exaggerated.

Furthermore you immediately used a quasi-offensive tone without any reason, so when i have time i will reply to you about some tek things you mentioned.
I'm well known here for my straightforward (and often considered "rude" tone) even as a mod here. It was and always will be this way.

Anyway, i got your point, you got mine. no need further explanations.
 
Last edited:

Umbra

Level 25
Verified
Yes, but the more Windows 10 becomes prevalent, the more malware writers will target it. Windows 7 will be let's say more vulnerable, but patches won't save Windows 10 either, because only the most incapable malware writer will make a malware that can't infect Windows 10.
Patches aren't only discovered after an infection, but most often made after a professional pentester found a vulnerability, reported it before the malware writers even know about it.

The only certain thing an attacker knows about potential defenses is the OS and WD. By the time a malware is spread, defenses adapt, malware writers dont' expect their malware to "work" eternally either. They will just write another or a new variant. If you use 3rd party programs that can block the malware, you are most likely safer than having Windows 10 at "default" configuration.
which is obvious but isn't a proper comparison.

And if something manages to land and try to exploit a kernel hole, well, ok, if you don't have a 3rd party program, you are toast.
Even with a 3rd party software, you are toast anyway. Nothing can block a properly made kernel exploit, they run in a session deeper than software level (read about ring 0 and session 0). Only an OS patch can prevent it. (i talk about the exploit itself, not the dropper)

But after 20 years of reading security forums, i am not so prone to panic anymore about these "impeding threats" that await around every corner, because i haven't really seen them. I had arrived to the point to downloading malware on my own to test them in Shadow Defender, just to see my antivirus "work".
So do i, but i read security forums to learn about them, not because i fear them.

One thing i 've realized over the years. If one super-hacker wants to infect you, he will, no matter how well patched OS you have. But unless you are a mega-corp, you aren't worth his time.
True, doesn't mean you have to avoid chosing a safer OS or protectyourself.

Applocker exists in Windows 7 Enterprise and Ultimate. But the big question is: How many use it at home and whether it's easier to use Applocker instead of a 3rd party program that it's easier to use. Personally even if i had Windows 7 Ultimate (i have pro), i wouldn't use Applocker, because it's easier to do the same with other software.
But worry not. Should the vast majority of Windows 10 users, decided to use Applocker, the malware writers would adapt to bypass it.
You have mistaken AppContainer ( mentioned in the article) with Applocker.
I use Windows 10 Enterprise and i setup its SRP and Applocker, it works as good (and even better) as many 3rd party tools i used before, i can run my system without any 3rd party security softs, which is great; and at least i don't have to worry about conflicts, introduced bugs and surface attacks.
 

Burrito

Level 22
Verified
...both you and poirotz are paranoids...
Laughing.... now now Umbra..



The truth is, the in security forums, paranoia reigns supreme, where the latest and greatest exploit is waiting every second around the corner to infect the poor forum member.
It's true. Cyber danger lurks behind every 'door.' And they are coming after YOU. (each and every one of YOU)

1579578739717.png




But after 20 years of reading security forums, i am not so prone to panic anymore about these "impeding threats" that await around every corner..
There is nothing more fun than a FULL SCALE PANIC about the next impending threat. It's a regular panic party.

1579578847200.png




I'm well known here for my straightforward (and often considered "rude" tone) even as a mod here. It was and always will be this way.
I want to vouch for Umbra. He's much better behaved than my dog. My dog took a big crap on the rug today.

:poop:
 

show-Zi

Level 22
Verified
In order to maintain the Porsche of the air-cooled engine, wisdom and additional investment to maintain performance are essential. The new Porsche has increased safety and performance, and has less risk of failure.
We accept that enthusiasts stick to air-cooled Porsche, but we cannot recommend them to people who have just obtained a car license or want to go shopping.

I personally guess that it is a waste of time to worry about security and worry about os. Os is the foundation of the building. All you need is a program to build on it.
 

oldschool

Level 42
Verified
Laughing.... now now Umbra..
It's true. Cyber danger lurks behind every 'door.' And they are coming after YOU. (each and every one of YOU)
There is nothing more fun than a FULL SCALE PANIC about the next impending threat. It's a regular panic party.
This is why Dr. @oldschool is here. I have created my Psyko-Emotional Scanner for diagnosing Security Forum Paranoia Syndrome, Security Application Obsessive-Compulsive Disorder, Privacy Invasion Panic Perversion and other info-tech related maladies - which are epidemic on many forums like MT. 👨‍💼
 

Fuzzfas

Level 3
Verified
AppContainer =/= Applocker, they're entirely different components with different objectives.

Windows 7 does not have AppContainer nor Applocker (Applocker is exclusive to Enterprise and Ultimate Editions, not available for Home Users), AppContainer was introduced with Windows 8, and is used to block Write and Read Access to most of the system.

Windows 7 could never mitigate the attacks described in the article, the same way Windows 10 did.
I stand corrected. Still, i will take any day Windows 7 with 3rd party software, than Windows 10 with the ordinary configuration that most people use. Because i can make Windows 7 much safer than that.



There is a difference between "safe" and "invincible".
In you car you use a seatbelt and an airbag because it is safer for you and will help you survive a crash. You know they wont do much if a tank hit you at full force.
Whatever people say, Windows 10 is safer than any previous version, reason why people should upgrade asap (if they are concerned about their security).


you miss the one point, it is not only about being affected, it is being the vulnerability being fixed and not be used again. This is what being safe means.
You got a sickness, you use a vaccine to cure it, and to prevent to catch it again.

Of course ! that is the point of a security forum... you talk about the most worse case and how to protect yourself against it. it doesn't require to be victim to talk about it.
In security forums who care about PUP and worms that get blocked by your average AV, no one. That is for general computer forums.

That is security forum purpose, consider every aspects even the most improbable ones. Same as pentesters getting highly paid to find vulnerabilities that will probably be used against few systems.
Are you annoyed by it? if yes , why are you here in the first place?


Some do, that is the problem.

Exactly but obsolete OS fans and advocate seems to always purposely "forget" this point. As if their awesome security tools will prevent a Kernel exploit like Eternal Blue...And about Eternal Blue, the thing isn't even dead yet, some malware writers still using it, perfectly knowing some organizations and individuals didn't patch their OS against it.
Ok, forgive me for not replying line to line, but i 've grown too old for that. If you want to me say that Windows 10 is more secure than Windows 7, i will say it. But i will repeat once more, that with 3rd party programs and tweaks, Windows 7 is safer than any common Windows 10 installation. If there was 1 layer of security that i had to remove and be safe, it would be OS patches. Because some 3rd party software will always not only protect from the same hole, but most likely does so BEFORE MS releases a patch.

The car analogy is flawed however, because nobody wants to kill your car or you. In malware on the contrary, there is an interested party, where its ONLY concern is to infect your OS and contrary to 2017, where Windows 7 was still majority, now Windows 10 is the majority, which means, you will always be reacting AFTER THE EVENT.

As for the infamous NSA Eternal Blue, here's the antidote even for XP since 2000. It was working BEFORE the MS Patch and will work even WITHOUT MS Patch. Even if you don't have a NAT router. Beating NSA's 2017 since 2000 and while MS has been sleeping for 17 years:


Kerio.png

As to why i am here, i will give you a hint. I registered in 2013 and i have 92 posts. What gives? I came again because of SecureAplus. And after 7 years of blissful, malware free existance, i don't intend to go back to extreme paranoia, that's for sure.


Patches aren't only discovered after an infection, but most often made after a professional pentester found a vulnerability, reported it before the malware writers even know about it.

which is obvious but isn't a proper comparison.

Even with a 3rd party software, you are toast anyway. Nothing can block a properly made kernel exploit, they run in a session deeper than software level (read about ring 0 and session 0). Only an OS patch can prevent it. (i talk about the exploit itself, not the dropper)

So do i, but i read security forums to learn about them, not because i fear them.


True, doesn't mean you have to avoid chosing a safer OS or protectyourself.




You have mistaken AppContainer ( mentioned in the article) with Applocker.
I use Windows 10 Enterprise and i setup its SRP and Applocker, it works as good (and even better) as many 3rd party tools i used before, i can run my system without any 3rd party security softs, which is great; and at least i don't have to worry about conflicts, introduced bugs and surface attacks.
A kernel exploit, must be somehow delivered. Of course it's better if you have your OS patched, but when the malware is 0 day, one this is for sure: a 3rd party software might stop it. Several antiviruses and antiexploits were blocking Eternal Blue before even MS knew what hit her. The OS NO WAY, because it's unpatched and you don't know how many years the vulnerability existed (NSA was using the Eternal Blue probably for ages and every hacker can keep his special holes for personal use for as long as he likes).

A google search for "AppContainer vulnerability", easily shows, that Appcontainer isn't safe either, like NOTHING made by Microsoft. Simply, the average Joe doesn't even use that, so they don't bother to open every single hole they can, when they can find other, easier ways to make Windows 10 like a Swiss cheese.

Since you have a malware test center and you have also a policy of "security labels", why don't you take a Windows 10 + WD installation (which i presume you label as "Secure Basic" in the forum and one with unpatched Windows 7 + Comodo with D+ manual for example and run against 0 day and see if the Windows 7 + Comodo is more at risk?

Anyway, it's just my opinion. But if you talk to a malware writer, the first thing he tells you is "of course i try my own malware before i release it". And he has patched Windows too (surprise!). Just like, once Eternal blue was made common domain, some new malware writers, made it work on Windows 10 too!

Anyway, when Eternal blue was out, i don't remember what i had, but my brother had just MSE and Tinywall, with anything related to filesharing/remote desktop/assistance/registry/management disabled and firewall set to "public". He never saw it. He has never been infected by anything actually. And he doesn't know how to open the task manager. This as a story of a "very lucky man" if you want.

I used to be paranoid too. But after years where the only malware i was seeing was malware i was downloading on my own from "malware sample sites", i thought it was time to enjoy my computer for myself, rather than having it being dragged down by "Fort Knox" configurations. Obscure defenses work well too. Besides, the game of "making the impregnable defense", died for me, when i started using regularly images. I don't have anything that i can't replace. I only want to be able to tell that i got infected. If i do, i will format , because i don't trust my "impregnable" system even after a "successful block". I can extract what i want from image or blu ray backup and go on... If you have valuable things and you think there is no way to protect them, by all means, patch your OS too and pray you are not 0 day victim.
 
Last edited:

shmu26

Level 84
Verified
Trusted
Content Creator
I hear a lot of advice these days about the need of 'upgrading' to Windows10 as a measure of security,but i think all this fanfare is -perhaps- greatly exaggerated.
Personally i have my main desktop pc with Windows7pro 64, running with a wufuc git-hub software to cope with AMD Ryzen5 six processors,a pc which i have diligently updated almost to the

end, but avoiding the last update mainly dealing to install W10.

I have two other notebooks with Windows7, one 64 bit and the other 32 bit, another laptop with Windows 8.1 and also a Lenovo Ideapad300 which
came with Windows 10 three years ago.
The latter in the beginning gave me a really hard time with sudden, unavoidable updates leading to stoppage and losses,but i have learnt to tame it now and i admit it has become a little

better with latest editions.
Not enough to prompt me to 'upgrade' the various W7 machines i run very satisfactorily up to now,though, not even free of charge.

May I add that I use a lot the Windows10 notebook, but simply because in it I run VirtualBox with a couple of Mint editions that i use when i need either more security or privacy,both in

VPN fashion.

I dont feel the need to run any VB with my main Windows7pro pc,however, which has the following protections:
1-Imaging
2-Kaspersky Internet Security
3-NVT ExeRadar antiexecutable
4-Sandboxie
5-ShadowDefender

My idea is that, having 2,3,4 and 5 running -and using either Kaspersky SafeMoney or a special hardened sandbox of Sandboxie to make deals-plus a dedicated browser, from a security point

of view there's nothing missing in comparison to Windows10.

The only missing thing is the nuisance of forced updates and telemetry.

I plan to use Windows7 at least for another couple of years with no fuss as the aired warnings about the impending disaster of having no more updates seems to me like the fire holograms in

Planet of the Apes: i know people running Windows7 who never updated in five years and were never touched by malware simply by running one software- Shadow Defender.

With the mentioned protections in place,or similar in function, I didnt get any malware in the past 13 years.

I suspect (please dont correct me its a joke) that,security wise-if there still were programs for it,one could even use Windows98.....
If you are a careful and well-informed user, and other users don't access your computer, then you don't need much more than that, because you won't let malware in the door. So Windows 7 can serve your needs. But since you are running a multi-layered advanced security setup, in which you must have invested a lot of time and thought, and maybe even money, then apparently you think that you do need more. So you have answered your own question.
 

bribon77

Level 31
Verified
MT is a computer security forum,
therefore it is not possible to advise in general terms that a system that no longer receives patches of updates is safe, each one can do what he wants, but the Sun cannot be covered with a finger.
I think that cybercriminals will be rubbing their hands with Windows 7 at this time.:)
 

Umbra

Level 25
Verified
I stand corrected. Still, i will take any day Windows 7 with 3rd party software, than Windows 10 with the ordinary configuration that most people use. Because i can make Windows 7 much safer than that.
Comparing the incomparable...
And i can make my Windows 10 Enterprise as safe than your Windows 7 + softs , or i can make my Windows 10 Home + softs as safe or safer than your Windows 7 + softs, why?
Because Windows 7 is more vulnerable than Windows 10; no argument in that. So if we add the same 3rd party soft, my Windows 10 will always be safer, because it was made with a more secure architecture; especially if you use Windows 7 x86 which lacks of Patchguard.

Ok, forgive me for not replying line to line, but i 've grown too old for that. If you want to me say that Windows 10 is more secure than Windows 7, i will say it.
I don't need you to say it , it is a fact. Only ignorants will say otherwise...

But i will repeat once more, that with 3rd party programs and tweaks, Windows 7 is safer than any common Windows 10 installation. If there was 1 layer of security that i had to remove and be safe, it would be OS patches. Because some 3rd party software will always not only protect from the same hole, but most likely does so BEFORE MS releases a patch.
Why comparing Windows 7 + Softs with Windows 10 default, this is flawed, compare them both with softs then...

The car analogy is flawed however, because nobody wants to kill your car or you. In malware on the contrary, there is an interested party, where its ONLY concern is to infect your OS and contrary to 2017, where Windows 7 was still majority, now Windows 10 is the majority, which means, you will always be reacting AFTER THE EVENT.
It seems you missed the point of the analogy...it was to demonstrate that having a built-in security was better than none...

As to why i am here, i will give you a hint. I registered in 2013 and i have 92 posts. What gives? I came again because of SecureAplus. And after 7 years of blissful, malware free existance, i don't intend to go back to extreme paranoia, that's for sure.
Nobody asked you to be paranoid. I am among those here that recommend skills/knowledge over stockpiling security tools.

A kernel exploit, must be somehow delivered. Of course it's better if you have your OS patched, but when the malware is 0 day, one this is for sure: a 3rd party software might stop it. Several antiviruses and antiexploits were blocking Eternal Blue before even MS knew what hit her. The OS NO WAY, because it's unpatched and you don't know how many years the vulnerability existed (NSA was using the Eternal Blue probably for ages and every hacker can keep his special holes for personal use for as long as he likes).
You can stop the dropper, not the kernel exploit itself, and now with fileless attacks, it is even easier to bypass security softs. Just saying...

A google search for "AppContainer vulnerability", easily shows, that Appcontainer isn't safe either, like NOTHING made by Microsoft. Simply, the average Joe doesn't even use that, so they don't bother to open every single hole they can, when they can find other, easier ways to make Windows 10 like a Swiss cheese.
i see you don't know what is Appcontainer...
Appcontainer is mostly used by Metro Apps (Edge browser, etc...), it is restriction sandboxing. Users don't have to enable it, they just need to use a metro app like Edge to gain the benefit of it.

Since you have a malware test center and you have also a policy of "security labels", why don't you take a Windows 10 + WD installation (which i presume you label as "Secure Basic" in the forum and one with unpatched Windows 7 + Comodo with D+ manual for example and run against 0 day and see if the Windows 7 + Comodo is more at risk?
Again flawed comparison, you should take Windows 10 with WD vs Windows 7 with MSE and EMET, that is the right comparison, everything else is wrong.
If you take Comodo or whatever , then i should also use it, and the result will still be Windows 10 safer than Windows 7.

Anyway, it's just my opinion. But if you talk to a malware writer, the first thing he tells you is "of course i try my own malware before i release it". And he has patched Windows too (surprise!). Just like, once Eternal blue was made common domain, some new malware writers, made it work on Windows 10 too!
Obvious again, my ex-employer was a security vendor, and i had "acquaintances" who were malware writers. So what you said doesn't surprise me...it is common knowledge.

Anyway, when Eternal blue was out, i don't remember what i had, but my brother had just MSE and Tinywall, with anything related to filesharing/remote desktop/assistance/registry/management disabled and firewall set to "public". He never saw it. He has never been infected by anything actually. And he doesn't know how to open the task manager. This as a story of a "very lucky man" if you want.
Not being exposed to any malware, doesn't make your safe or your security softs awesome...EB targeted businesses because it is a network based kernel exploits, most victims were corporations and organizations, with some poor individuals get caught in betweeen because they probably were connected to the infected network. So obviously your brother wouldn't encounter it.

I used to be paranoid too. But after years where the only malware i was seeing was malware i was downloading on my own from "malware sample sites", i thought it was time to enjoy my computer for myself, rather than having it being dragged down by "Fort Knox" configurations. Obscure defenses work well too. Besides, the game of "making the impregnable defense", died for me, when i started using regularly images. I don't have anything that i can't replace. I only want to be able to tell that i got infected. If i do, i will format , because i don't trust my "impregnable" system even after a "successful block". I can extract what i want from image or blu ray backup and go on... If you have valuable things and you think there is no way to protect them, by all means, patch your OS too and pray you are not 0 day victim.
Same for me, i am one of the few here daring to bash paranoid setup while Windows 10 + one apps is more than enough.