Windows: Insecure by design

Given all these security holes and anti-features, that pattern spanning back decades, and Windows is proprietary, I don’t understand why some people claim Windows is secure at all or at least “more secure than Linux” when it clearly isn’t.

7 Likes
  1. WDAC
  2. VTLs and VBS more broadly
  3. CFI/CFG

There’s a reason why cybersecurity classes often get students to learn about buffer overflows and hijacking process execution on a semi-recent Ubuntu rather than Windows or macOS. Just because you’re not aware of what security features Windows actually has, doesn’t mean they don’t exist. Sure, the marketing fuckers do their best to try and get stupid anti-features into the OS that can break those security features, but you can usually strip them out or at the very least disable them.

6 Likes

It’s been years I’d like to switch to linux but at least for my specific use case (mainly work production software + hardware compatibility) and a mainstream use we are still not there.

I find the article quite poor, it mainly talks about exploits and bugs (which every single operating system has) not really security architecture.
Privacy on Windows is another matter and I agree that linux is way better.

There are unlimited articles, posts and comments pointing at Windows flaws (which is fair) but I found interesting that there are a lot less informations on linux limitations. Usually discussions on Windows vs Linux are just sterile black and white positions, I do not care OS wars, I want to be informed.

Here are a couple of articles I found interesting, not exactly on topic but related:

https://itvision.altervista.org/why.linux.is.not.ready.for.the.desktop.current.html

https://madaidans-insecurities.github.io/linux.html

That said, I really hope to switch to linux sooner or later.

4 Likes

Did you read the articles I linked?

1 Like

Totally unbiased author:

Steven is an advisor to Cathey Communications, a PR company which represents CIQ, a FOSS company that work on behalf of Rocky Linux

And no, pointing out a few critical severity vulnerabilities does not count as a good argument against Windows’ security.

Privacy is terrible on Windows by default and it seems to be getting worse and worse. Even after doing a lot of adjustments, while being much better than by default, there is still some chatter between Windows and Microsoft servers, and I don’t mean necessary connection for updates or similar.

Usability also does not seem to be getting much better and so does resource usage. Anti-features also.

5 Likes

Both Linux and Windows suck in terms of privacy and security.

Windows is just spyware in itself and also doesn’t protect your privacy from the apps that you install.

Linux is less secure than Windows, but Linux distributions are privacy-friendly, but you still have no privacy protections from the apps that you install, which is not that big of a deal if you really trust those apps.

MacOS is the only mainstream desktop OS that actually has decent security and okay-ish privacy.

Then we have Qubes OS, which is the best if you configure everything correctly.

1 Like

Sure. Mr. Admin, pls bring VBS to Linux. Mr. admin, pls, bring modern exploit mitigations to distro XY. Mr. Admin, pls write strict Selinux policies for all processes and update them on each update. Mr. Admin, pls sandbox all applications without breakage and still keeping them usable. Mr. Admin, pls provide versions close to upstream, while still keeping our OS stable. Mr. Admin, pls provide verified boot with downgrade protection.

3 Likes

Mr. Admin, please replicate Android permission model on Linux. Would love it.

Mr. Admin, could you also consider bringing a RISC-V secure element to my PC?

1 Like

Can we please tone down the unhinged nonsense.

6 Likes

@dngray who you pertain to?

And i think y’all need to take another look at

8 Likes

What does this have to do with security?

@Lukas security in broader meaning covers stability also.