a friend recently told me that using it for online banking is risky because of security vulnerabilities. They advised me to switch to Linux instead.
I don't use linux, but conceptually I do believe it's a safer OS than Windows (any version), so can't argue with that advice. My question, though, is whether that kind of solution is overly drastic or really necessary. For instance, you probably shouldn't go outside without your tin foil hat because the NSA could be reading your thoughts from spy satellites.
Okay, maybe not. But tires and other pieces are falling off airplanes in flight, so where do you draw the line? My point is it's a matter of degree, and for most users are the vulnerabilities in Win7 really that exploitable?
Personally, I still stand behind everything I wrote in this thread from last year: "
Windows 7 and Internet Use". In post #24 I explain my reasoning.
As a computer tech retired after 30 years in SOHO consulting, my opinion is the two most important factors are to use your own router as a secondary layer of security behind your ISP's router/gateway (i.e., don't trust your ISP), and use a modern web browser. In a home environment, all threats have to enter through your router and web browser, so keep those up to snuff.
Behind those factors, I believe the choice of OS is far less critical. Even if your OS has vulnerabilities (and face it, they all do, it's just a matter of degree), it won't matter if the bad guys can't get through to exploit those vulnerabilities.
Using a modern browser is crucial, but for Win7 the choices are becoming fewer. Nobody should be using Chrome 109 or Firefox 115, as those are several years out of date by now. As of this writing, there are browser forks that are still being maintained for Win7 -- Supermium (Chrome fork) and R3dfox (Firefox fork) are still taking the modern (post-109/115) open-source base code and back-porting it to Win7. IMHO, they are every bit as secure as running modern Chrome or Firefox on Win 10/11. If/when the developers stop doing that, my advice will change, but until then I maintain the choice of OS is far less critical.
Also, don't do stupid stuff. Don't click links in emails, don't download or open anything you didn't specifically ask for, yada, yada. Your choice of OS isn't going to protect you if you do stupid stuff. Phishing and social engineering are by far your greatest threats, and are designed to get around safeguards in your browser and OS anyway. That responsibility is on you.
As for financial institutions, and as I noted in post #31 of the aforementioned thread, a few of them are starting to use ulterior means to bypass your browser and sniff out your underlying OS, all for the purpose of blocking Win7 just as a matter of policy. If your bank is one of those, sometimes adding "Ray's User-Agent Switcher" extension from the Add-ons store will help. It doesn't work for every website, but so far it's solved road-blocks thrown up by the banks I use. If it doesn't work for your banking website, you'll have no choice but to change your OS. Even then, a don't think it's really necessary to go to linux, but that wouldn't be a bad idea if you're going to have to learn a new OS anyway.
