Define "security?"
What does security mean to you? Does it mean having the ability to use your favorite social media websites like Facebook or Twitter in the most "secure" fashion? Or online banking, or the fear of some black hoodie, Guy Fawkes wearing hacker that somehow managed to get into your supposed "insecure" OS due to lack of precious "updates?"
Without writing a massive volume that could be archived at the Library of Congress, I'll just tell you now that in large part "updates" are a fallacy on so many levels. This idea one must have the latest and greatest with all of it's wonderful and fanciful "updates" to stay away from the Guy Fawkes wearing boogie man is in large part a way to get you onto a new platform. A new OS is really not needed at present right now. Not until some major hardware and software evolution's take place like with HTTP/TLS for example, or 80% of all games requiring DX 12, hardware or just software that needs .Net versions that don't run in 7, and all the rest.
Updates are important, especially on the server front, but I'd only roll with critical only which is in principal what in most part an update should be. Unfortunately for 10 that's impossible from what I know.
I can tell you that you can update, and update, and UPDATE! to your little heart's content, but you will STILL get hacked, and you will STILL get malware on your computer. I could toss together something polymorphic and create a reverse shell and not a single cruddy little update will stop it. And that's just the OS. Many people don't even think of their router or modem. There's a Python script that can take over a router and now it has been turned into what is called a zombie botnet. A stepping stone if you will for the hacker to go from your IP to a corporate server or what ever the hell where all traces lead back to your ISP, your home and your equipment. I see these infected routers and modems try to hit my site and fail all the time. So from this perspective, you can gain entry into a router and probably NetBIOS your little butt through the local network and into all your wonderful IoT devices that lack code signing and practical security that the manufacture's are too cheap to add to their products. It WILL take an act of Congress I'm afraid. In fact, the largest DDoS was conducted by a take over of several thousand IP camera and other IoT devices.
So back to the whole "update" thing. I personally have never committed myself to the great patch Tuesday fanfare since I ran Windows 98se. I only have but a handful of updates installed for hardware and software requirements. And do you wanna hear something crazy? I've never gotten a malware infection and never been hacked beyond my router flashed with third-party firmware. For one, I run my niche browser Pale Moon in Sandboxie. I do the same for Firefox and UnGoogled Chromium. Every once in a while I scan the living crap out of my computer with tools most people never even heard of let alone use. I'm looking for things like alternative data streams, DLL hooks, hidden DLLs, boot code malware, and any and all new modules installed since I last ran a scan of the whole system. Then I do a full 1:1 disk clone so if disaster should strike (never has yet) I can clone back from my external HDD and it'll be like nothing happened outside of some small amounts of provisionary data loss between cloning cycles. I also augment my backup strategy with encrypted data backups stored in various places. When I download a file, no matter what file it is, I scan it at Virus Total. Of course I know if a file is self executing and all that rot. On top of that I monitor the NIC (Network Interface Card) for what goes in and out and watch hard drive changes to files and the registry. Despite all that, I'm left to wonder with a sense of
sadness if I'll ever get malware that'll have me pull out my disk clone.
As the Donkey said to Shrek, "I'm all aloneee."
Now Windows 7 went EOL in January of 2020. And looking at the current known CVEs (Common Vulnerabilities and Exposures) for Windows 7 in 2020, I only count ten. The rest may have been patched.
CVE -
Search Results
And I count nineteen for 2020 for Windows 10.
CVE -
Search Results
But wait, it gets better. Windows 7 was released way back in October of 2009 and as of today has reportedly garnered some 1,200+ CVEs in that time frame.
Windows 10 was released in July of 2015 and so far has garnered some 1,100 CVEs in its five year life span.
Now some of those CVEs for 7 and 10 are not really 10 and 7 related per say, and I did round the numbers down.
Now doing the math, Windows 10 netted an average of 220 CVEs per year since its inception. Where's Windows 7 netted an average of 109 CVEs per year since its inception. However, the major, and I mean MAJOR difference here is that Windows 10 already caught up to Windows 7's CVE count in only five short years.
What does this all mean? It means Windows 10 has a serious lack of QC (Quality Control) both on the internals of the OS security as well as the "updates" being jammed down everyone's mouth that can and WILL mess your day up but good. Refer to my signature below.
Nothing is free, it all has a cost. Windows 10 wasn't offered by Redmond because they wanted to be nice. They have systematically turned the idea of a PC (Personal Computer) into a data mining machine. I have Windows 10 LTSC installed in VMware and I have recorded tons of traffic going in and out of the NIC. In all, about 20 or more ASNs (Autonomous System Numbers. Whole groups of IP addressees at the BGP, Border Gateway Protocol level). This is in sharp comparison to 7 or XP where no such thing existed in a virgin install except local network traffic talking back and forth, Windows time and that built-in facility to tell you whether you have Internet or not. That little yellow exclamation mark you see over your NIC if you have no Internet? That's the direct result of a periodic ping to a CDN (Content Delivery Network) called Akamai. If that ping fails then Windows assumes you have no Internet ability and thus shows that little yellow exclamation mark over your network adapter icon in the task bar.
Windows 10 as a "PC" OS? More like just for gaming. You want real SOHO (Small Home Office)
personal computing without the "man" making a buck off your behalf, roll Linux, check out Qubes. I would NEVER roll Win 10 in my office or workplace. They'd all run Linux, and I'm sure my IT staff would thank me.
-Off topic
Sorry William "Tell" Gates. You might as well just focus on blotting out the sun in the name of a religion known as "climate change/global warming" what ever the word du jour. I'm old enough to remember when toxic waste was a huge "issue." They even centered movie and TV show plots around it. Even a cartoon called Toxic Crusader.
Blotting Out the Sun to Save the Earth? Seriously? - EcoWatch
Bill Gates backs plan to tackle climate change by blocking out the sun
Like 10, what could go wrong!? LOL!
Now where's my damn hoodie and Time Warner owned Guy Fawkes mask?
