• Midnight Wolf@lemmy.world
    link
    fedilink
    English
    arrow-up
    84
    arrow-down
    7
    ·
    2 days ago

    Running an EoL operating system is surely what you want to do with your personal dat-

    Aaaaaaand it’s been compromised

      • kipo@lemm.ee
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        2
        ·
        2 days ago

        To be fair, plenty of telemetry is still being sent by Microsoft in Windows 10. It’s not as bad as 11 though.

        • Takumidesh@lemmy.world
          link
          fedilink
          English
          arrow-up
          16
          arrow-down
          2
          ·
          2 days ago

          Depends on how you define security.

          Is win11 more cryptographically secure, absolutely.

          Does that matter if you don’t trust the holder of the keys (the Microsoft keys stored in the tpm) not really.

          implementing a more secure platform doesn’t mean much if the only way you are doing it is by handing over control to a third party.

          Would you trust a better lock on your front door if it meant a proven bad actor was the one who could unlock it?

          • SabinStargem@lemmy.today
            link
            fedilink
            English
            arrow-up
            3
            ·
            2 days ago

            If the EU is allowed to employ guards in MS’s buildings and to roll their own secured version of Windows, I wouldn’t mind sticking to Windows 11 EU. On the other paw, if DOGE is given access to Microsoft, I shall flee to Linux. Hopefully, SteamOS Desktop will be a thing if the latter happens.

          • histic@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            6
            ·
            2 days ago

            For the avg person why not trust them I’m not too worried about what they can collect on an average person I use Linux personally so I’m not shilling for Ms but 11 will keep out more hackers then 10 cause I wouldn’t be worried about them stealing my card info but a hacker yes i would be

            • Dran@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              2 days ago

              Even if you trust their intent to not misuse your data, there are now a lot of live rpc hooks into your operating system, controllable by anyone who can compromise their azure implementation, which has happened at least twice in recent memory. If the data never leaves your device, and they didn’t have a way in, they wouldn’t have those things to lose in the first place.

              The interdependency itself, regardless of intent, is inherently more dangerous than the previous separate paradigm that used to exist.

    • crusa187@lemmy.ml
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      2 days ago

      It’s windows users were talking about here, data security is not exactly top of mind. But maybe many of them are about to find out it should be…

    • PNW clouds@infosec.pub
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      2
      ·
      2 days ago

      I’m pretty sure all personal data leaks to me and my friends and family have nothing to do with personal EOL OS on personal PCs/laptops.

      My Dad, ran Windows 7 (yes, 7) until he passed last year, almost 80. We had his credit locked down, we had antivirus running, we kept the browsers up to date, and he was very good about not clicking weird links or calling fake support numbers.

      His biggest data breach (and ours too)? Was from myChart a couple years ago, he got a letter that his data was part of the big hack, yada yada yada free credit reporting - so sorry. If you don’t know, myChart is like The Main medical everything portal in the US at least for most doctors and hospital systems. So all your test results, making appointments, sending messages, requesting Rx refills, all through myChart’s website. The hospitals and doctors using MyChart can see pretty much everything in your myChart health record (some exceptions)

      So using super secure OS on your personal computer means nothing when you are part of a hundreds of millions data dump from someone hacking into that. Not having an account just means you don’t have access to your own records, they are still part of the system.

      But Yes, I was in the process of getting Dad an upgrade to a flavor of Linux that would be the closest to what he was used to. And the only reason was because browser support was coming to EOL for Windows 7. He really didn’t want to change or lose his solitaire games and he deserved a stress-free life to play his damn games like he wanted.

      THAT SAID - if businesses are using EOL OS and getting hacked - they definitely need to do whatever they need to do and protect their customer data. But EOL OS for an average person checking email, making doctor’s appointments, checking headlines, and playing solitaire while streaming music certainly doesn’t call for a need to panic.

      IF you are a power user doing sometimes sketch things (according to Apple/MS anyway) probably switch to Linux sooner than later.

      We have computers running Linux, Windows 10 (one of which was on 8.1 until a year ago), and Windows 11 in our house. The one on 11 is being tested basically, and will probably be reinstalled with Linux. But we are trying to give it a shot.

      • Dran@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        2
        ·
        2 days ago

        Your dad probably got lucky, and your router’s firewall probably did a lot of the heavy lifting. If you were to connect a win 2000/XP computer to the internet today without a firewall between, it would be compromised in minutes (there are loads of videos of people demoing this).

        While I don’t have proof that 7 would be the same, I strongly suspect it would be the same. 10 will get there soon too. Firewalls will stop most of the low hanging fruit, but an application that bridges connections through the firewall are that much more vulnerable to exploitations that won’t be integrated by your running kernel.