Is Securing Windows worth it?

F

ForgottenSeer 58943

Sadly, even being diligent with clicking this or that, etc. Often isn't enough to keep windows safe. Unless specific windows apps or games are needed, it is unwise to use Windows as a primary operating system when there are faster, lighter and vastly more secure options for free.
 

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,014
Sadly, even being diligent with clicking this or that, etc. Often isn't enough to keep windows safe.
While I can't speak for anyone else, it is enough in my case. Now I'm not saying that I never will get infected. But I do know it's highly unlikely. I use my main laptop for 90 to 100 hours and week and spend a lot of time browsing the web and don't get infected.
Unless specific windows apps or games are needed, it is unwise to use Windows as a primary operating system when there are faster, lighter and vastly more secure options for free.
In my case, I don't need a faster, lighter or more secure OS, as Windows 10 (for the most part anyway) works flawlessly for me. However, I certainly do acknowledge that for many people who don't need to use any Windows specific apps, then Linux may be a better alternative.
 
F

ForgottenSeer 58943

It's pretty amazing to see quite well secured organizations still get infections on M$ systems. I recently witnessed a couple Win10 laptops behind a considerably secured environment get infected and it was an eye opener, especially considering the layers of security involved. Yet I routinely witness organizations with vastly less security, using Debian/Linux systems going for what amounts to years without any security incidents at all.

It's quite the eye opener, and why I consider Windows a compromised environment with each interaction I have with it. But that's me.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
I don't do anything to secure Windows other than installing an antivirus. I don't do anything else, because I don't need to.

I keep Windows and vulnerable software updated and I'm not click happy. If you are click happy and open random files and don't keep your systen uodated, it's very easy to get infected. But with a little bit of care, it has been my experience over many years, that it's extremely hard to get infected.

For daily use, for the most part, I don't need to use any Windows specific apps. So I certainly could use Linux. But in my case there's just no point. Windows is fast, stable and generally (while not being perfect) works very well.

I have no experience with Linux, so I can't compare the two systems. Since I made a project of learning more about Windows and security generally (thank you MT members!), I may do a little bit more than @roger_m to secure my Windows machine, but otherwise my experience is the same as his.

@ForgottenSeer 58943 is talking about infected Enterprise environments in the post above, and these are more heavily targeted than the average home user. Now, if we're talking about a happy clicker, does it matter what environment Windows is in?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Just install Linux Mint Cinnamon and get it over with. It's a pleasure to use. Easiest of all distros. It's made to just work.
If you are skilled enough to secure Windows, you are skilled enough for Linux Mint Cinnamon, and you don't even have to waste your time and nerves on security.

There is a reason why Linux doesn't have real-time malware protection: it doesn't need it. :)

Spin up a Windows XP virtual machine for things you can't do easily in Linux. XP runs so light in VM, it's like running an app. And no updates. Just pure Windows functionality.
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
While I can't speak for anyone else, it is enough in my case. Now I'm not saying that I never will get infected. But I do know it's highly unlikely. I use my main laptop for 90 to 100 hours and week and spend a lot of time browsing the web and don't get infected.

In my case, I don't need a faster, lighter or more secure OS, as Windows 10 (for the most part anyway) works flawlessly for me. However, I certainly do acknowledge that for many people who don't need to use any Windows specific apps, then Linux may be a better alternative.

Any user who follows simple safe practices and updates won’t be infected 99.999% in a home environment. I haven’t been infected since the days of DOS if you exclude a case when someone I gave my laptop to planted a virus but that’s really misplaced trust.
An elder in the family who’s super careful with computers like with everything in life has never been infected and they don’t know what an exe is. They vet everything, if you send them an email , they’ll call and ask if indeed it was you ( they worry about fraud but what they do also works for security)

However, when I look at the broader picture, there are family members who have been infected and there are always juniors who will do anything but safe computing, especially if you tell them don’t do it.

For these a setup that’s secure is a good thing. Some people just have more risky habits
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
Just install Linux Mint Cinnamon and get it over with. It's a pleasure to use. Easiest of all distros. It's made to just work.
If you are skilled enough to secure Windows, you are skilled enough for Linux Mint Cinnamon, and you don't even have to waste your time and nerves on security.

There is a reason why Linux doesn't have real-time malware protection: it doesn't need it. :)

Spin up a Windows XP virtual machine for things you can't do easily in Linux. XP runs so light in VM, it's like running an app. And no updates. Just pure Windows functionality.

Mint was comprised in the summer, I’d stick exclusively to major distributions that also have enterprise products and provide both hash and signature
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Sha 256 is not enough, it doesn’t say much, you need a signature for it to make the sha a useful item
That's true if you get the hash value from the same website that you suspect might have been compromised. But you can get the hash value from a different site, and compare it to your download. Then you're good. Unless the entire internet has been hacked.
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
That's true if you get the hash value from the same website that you suspect might have been compromised. But you can get the hash value from a different site, and compare it to your download. Then you're good. Unless the entire internet has been hacked.

The other site has no way to publish a valid hash if the push for a fresh built and the hash at the distribution site is compromised . It will either hash the iso and get the compromised image’s hash or it will copy over the compromised hash from the site of the distributor.

The only way is signatures
 
  • Like
Reactions: Weebarra

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
The other site has no way to publish a valid hash if the push for a fresh built and the hash at the distribution site is compromised . It will either hash the iso and get the compromised image’s hash or it will copy over the compromised hash from the site of the distributor.

The only way is signatures
1 The major Linux sites usually get the hashes for new distro releases right away, so if a download site gets compromised at a later date, there will be a discrepancy.
2 What distros have signatures on their ISOs?
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
1 The major Linux sites usually get the hashes for new distro releases right away, so if a download site gets compromised at a later date, there will be a discrepancy.
2 What distros have signatures on their ISOs?

Not if the built push itself is compromised as I explained above. The whole reason for signatures is the reduce the number of ifs

I don’t know for other distros (I’m sure there are others that do it) for Ubuntu see eg

 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Not if the built push itself is compromised as I explained above. The whole reason for signatures is the reduce the number of ifs

I don’t know for other distros (I’m sure there are others that do it) for Ubuntu see eg

Well, if you can't trust an independently verified SHA-256 for a Linux ISO downloaded from the official site, then I guess the answer to this thread's original question is yes, it's worth it to secure Windows. :unsure:
 
L

Local Host

This whole article feels biased towards Linux from the start, the moment it was said Linux has less bugs than Windows I almost spilled my drink laughting.

Linux distros tend to have lots of bugs in the most basic levels, just changing the resolution, theme and even installing APPs can give an headache. Just two years ago all the Ubuntu variants didn't have a working APP Store (which is the most basic funcionally one can have to install APPs).

As for Malware, Linux is extremely vulnerable, doesn't even include a Firewall from the get go. The only thing that makes people believe Linux is more secure than Windows is the fact it's not heavily targeted. But if Linux was as targeted as Windows it would fall in seconds with no effort.

I rarely see people infected with malware nowadays, and there's lots of suites like Kaspersky which are install and forget.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
As for Malware, Linux is extremely vulnerable, doesn't even include a Firewall from the get go. The only thing that makes people believe Linux is more secure than Windows is the fact it's not heavily targeted. But if Linux was as targeted as Windows it would fall in seconds with no effort.

The 15 min. you take to setup Windows after a clean install, are 30 min. to 1h to setup Linux (counting with the amount of bugs and problems you'll run into along the way).
All true, and even understated. But after the 1 hour (at least) of struggling with various Linux bugs and quirks and oversights, you don't have to worry very much about security. You have no bullet-proof vest, but you are alone on a desert island. That's safer than wearing a MS-guaranteed bullet-proof vest in the bad streets of a major city.
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
Well, if you can't trust an independently verified SHA-256 for a Linux ISO downloaded from the official site, then I guess the answer to this thread's original question is yes, it's worth it to secure Windows. :unsure:

It’s verified when it’s signed that’s the point of signing it
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
The common dangers for Windows users:
  1. cracks, pirated software, malicious email attachments.
  2. phishing webpages, malware inside the browser;
  3. friend's pendrive (or USB drive).
The common dangers for Linux users:
  1. phishing webpages, malware inside the browser;
So, let's say that Linux is trhree times as secure as Windows. But, it is still insecure for the happy clickers due to web browsers (hacked email and shopping accounts, stolen credit card data, stolen passwords, etc.). There is no other way - the user must be taught/trained to avoid the common dangers.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top