Given all these security holes and anti-features, that pattern spanning back decades, and Windows is proprietary, I don’t understand why some people claim Windows is secure at all or at least “more secure than Linux” when it clearly isn’t.
- WDAC
- VTLs and VBS more broadly
- CFI/CFG
There’s a reason why cybersecurity classes often get students to learn about buffer overflows and hijacking process execution on a semi-recent Ubuntu rather than Windows or macOS. Just because you’re not aware of what security features Windows actually has, doesn’t mean they don’t exist. Sure, the marketing fuckers do their best to try and get stupid anti-features into the OS that can break those security features, but you can usually strip them out or at the very least disable them.
It’s been years I’d like to switch to linux but at least for my specific use case (mainly work production software + hardware compatibility) and a mainstream use we are still not there.
I find the article quite poor, it mainly talks about exploits and bugs (which every single operating system has) not really security architecture.
Privacy on Windows is another matter and I agree that linux is way better.
There are unlimited articles, posts and comments pointing at Windows flaws (which is fair) but I found interesting that there are a lot less informations on linux limitations. Usually discussions on Windows vs Linux are just sterile black and white positions, I do not care OS wars, I want to be informed.
Here are a couple of articles I found interesting, not exactly on topic but related:
https://itvision.altervista.org/why.linux.is.not.ready.for.the.desktop.current.html
https://madaidans-insecurities.github.io/linux.html
That said, I really hope to switch to linux sooner or later.
Did you read the articles I linked?
Totally unbiased author:
Steven is an advisor to Cathey Communications, a PR company which represents CIQ, a FOSS company that work on behalf of Rocky Linux
And no, pointing out a few critical severity vulnerabilities does not count as a good argument against Windows’ security.
Privacy is terrible on Windows by default and it seems to be getting worse and worse. Even after doing a lot of adjustments, while being much better than by default, there is still some chatter between Windows and Microsoft servers, and I don’t mean necessary connection for updates or similar.
Usability also does not seem to be getting much better and so does resource usage. Anti-features also.
Both Linux and Windows suck in terms of privacy and security.
Windows is just spyware in itself and also doesn’t protect your privacy from the apps that you install.
Linux is less secure than Windows, but Linux distributions are privacy-friendly, but you still have no privacy protections from the apps that you install, which is not that big of a deal if you really trust those apps.
MacOS is the only mainstream desktop OS that actually has decent security and okay-ish privacy.
Then we have Qubes OS, which is the best if you configure everything correctly.
Sure. Mr. Admin, pls bring VBS to Linux. Mr. admin, pls, bring modern exploit mitigations to distro XY. Mr. Admin, pls write strict Selinux policies for all processes and update them on each update. Mr. Admin, pls sandbox all applications without breakage and still keeping them usable. Mr. Admin, pls provide versions close to upstream, while still keeping our OS stable. Mr. Admin, pls provide verified boot with downgrade protection.
Mr. Admin, please replicate Android permission model on Linux. Would love it.
Mr. Admin, could you also consider bringing a RISC-V secure element to my PC?
Can we please tone down the unhinged nonsense.
@dngray who you pertain to?
And i think y’all need to take another look at
What does this have to do with security?
@Lukas security in broader meaning covers stability also.
Just to add my general thoughts & perspective:
I don’t see any way anyone could trust a Microsoft product or service with their data, especially after after what’s going on with Outlook, which I don’t think was covered enough in the mainstream at all, I guess people are just way too used to this type of data collection at this point. Selling data to over 800 advertising companies is insane. Not to mention every time I hear about this story, the number of ad companies seems to go up - It looks like we’re now at 840.
I think the key in general when it comes to this stuff is finding a balance between privacy & security. Windows does have some neat technical security features… but does it really matter if they’re just going to sell your data to over 800 ad companies? Sure, you can use group policies & regedit to mitigate the damage, but that’s only until the next surveillance feature gets added.
Linux is far from perfect from a security perspective, there’s no denying that (In general the desktop security model is just completely broken & a disaster IMO), but I think it can be a solid and good enough option for most people, especially once hardened. All just depends on one’s threat model and specific situation. It’s also worth noting that there’s a difference between insecure & less secure.
I think sometimes people just get too caught up with technical security features (Ex. seeing people shill Microsoft Edge & ChromeOS), but I’m not sure how you can say something is secure if it’s just sending all of your data to some remote server somewhere anyways. Similarly you of course can’t say something is private if it’s insecure and easy for one to break into. Again, the key is striking the right balance and what works best for you and your needs.
I think security is mostly a config thing now
Windows 11 LTSC with enterprise group policies >>
This is only applicable for free version of the personal Outlook accounts, right? Not Personal Premium or the business versions?
@Bhaelros AFAIK it pertains to ALL Outlook variants. But I may be wrong.
That advertising section which was mentioned on Proton’s blog doesn’t exist on M365 Family
and below is the only thing that is blocked by uBlock
Those advertising and data collection is not happening on business plans, that I am sure. You can even select your datacenter with business plans, along with a lot of DLP and compliance configurations. So, I can say with confidence that the advertising and data collection from Outlook happens only with Free and consumer accounts.