You mean that still could run Windows10? Mint. I don’t really like laptops and use my big box most of the time. I only use the laptop to run and play RPGs at the table with my game group. But I do my prep on the box down in my nerd lair, with two nice monitors.
I’m running 10 with no security features as my main gaming system. I turned off as much of Windows defender as I could because it was slowing down texture downloads in Second Life + was trying to say my fan control software was malware.
I hope I get a virus because it’ll be the final tug I need to fully cover to linux. I just converted a 10 year old laptop to linux mint to run as a server since everything is getting enshittified and requiring monthly fees, like Mint the budgeting app, so I’m dipping my toe into self-hosting.
I have nothing to lose.
I’m also still running Android 9 on my phone because I refuse to buy a new one due to planned obsolescence.
I’ve tried to install windows 11 and it fails lol. I have a 2.0 tpm. I’ll probably switch over to opensuse or mint soon.
Actually thats my desktop. My laptop is came with ubuntu.
I have TPM disabled in the bios so Windows 11 can’t install itself.
With a hammer
By installing Linux on it
debian trixie was released at just the right time, about two months before win10 went on life support.
Mint on the laptops. Bazzite on the gaming PCs
Yep. Recently convinced my brother to install Fedora Silverblue on it.
Is it… could it be…. The year of the Linux desktop??
Mint on the laptops. Bazzite on the gaming PCs
IdkWhatIExpected.gif
What do you mean? Win10 still works. MS didn’t Thanos snap it.
No, I mean is it prone to being hacked now more than before? Or has MS actively pushing updates to worsen it to force people to move to Win 11?
It was simple to get extended security updates for w10 for a year. After Oct, it’ll require payment for another year, up to 3 years total I believe.
Did something happen to Windows 10 that made them vulnerable?
Support has been extended, but 10 is EOL, which means soon™ it’ll stop getting updates. Once that happens, any vulnerabilities that exist (discovered or not) will stop being fixed.
This doesn’t effectively increase your risk as a consumer. It only increases risk at the enterprise and infrastructure level.
All threat models include who you are and the environment the OS is run in for a reason. Just browsing the web is fine as a consumer, until browsers stop targeting your OS for updates.
The main vector for infection for any OS isn’t the OS itself. Malware doesn’t just spawn on your computer the second you plug it in to a router (no matter what Trump’s FCC thinks with their chinese router ban). It needs to get on your computer.
An up to date browser will prevent the majority of infections, with common sense preventing the rest. I kept Windows XP well into windows 7 years, and windows 7 well into windows 10 years before switching to linux. Just don’t download malware, you’ll be fine. Worst case scenario you keep a backup clone of your hard drive on a usb stick (which you should have anyway) and just reflash your drive every few months (or just switch to linux, it can do anything windows can do at this point with enough faffing about.)
You could download a Trojan that takes advantage of a known vulnerability.
It is part of the swiss cheese model.
Your browser could have a vulnerable plugin, or maybe the user delays updates.
I bought a USB drive off a sketchy guy in college which had auto-run Malware on it – but it didn’t work on Ubuntu.
Not a good idea to use an unpatched OS.
You could download a Trojan that takes advantage of a known vulnerability.
Just… don’t do that?
This is part of Common Sense™. It’s a package that every single human being in a developed country is taught in regards to technology, and has been taught since the 1990s. (2000s for developing countries like the US).
Every single person that interacts with a computer in a professional setting has been taught explicitly how to never have a single virus on their computer. And they have been repeatedly taught this every 6 to 12 months for the last 3 decades. It is only people that purposefully infect themselves or purposefully choose to remain stupid — not ignorant, just stupid — that get infected with Trojans.
Your browser could have a vulnerable plugin, or maybe the user delays updates.
See above, and the previous comment.
I bought a USB drive off a sketchy guy in college which had auto-run Malware on it – but it didn’t work on Ubuntu.
See above. You did not use common sense™. You chose to be stupid, despite your college freshman orientation clearly covering basic safety.
Just… don’t do that?
This is part of Common Sense
Kinda. For people like you and me, sure this sense is common. How many normies do you know that have your level of technical paranoia?
Here’s an outlier example: I recently bought a carded, new micro SD card from the local brick and mortar because urgent reasons that don’t matter for this story. I went to load up the card, and its capacity was only 8MB, rather than 256GB. More than that, it was also loaded with 3 different auto-run malware. I was prepared for something like this (well, not the inconvenience of a counterfeit card). How many here are genuinely prepared to deal with brand new card that came from a trusted retailer with malware? Do YOU genuinely expect malware in this context?
I think a little empathy and education can go much further than “I’m smarter, just git gud.”
Good luck out there
You still need some sort of exploit to be able to hit your machine. If you’re behind a firewall and not raw dogging it on the internet then you’ve got a decent layer of security.
At that point it’s just your web browser (or your brain) that needs an exploit to for something bad to happen. And both chrome and Firefox will be supporting 10 for years to come.
LTSC IoT Enterprise support until 2032 - massgrave dot dev/windows10_eol
No windows 10 left in the house.
Mint, Debian. Dual Boots are now all off. Couldn’t be happier. It was a pain getting everything setup correctly, but wow. I love having an OS that only does what I tell it.
Same way you’d use a phone that’s EOL. Even my old ass EOL router still held up because it accepted no incoming calls as if it wasn’t even there. Any other more involved attack vectors would probably fall outside of scope for the people potentially targeting an average person. Where the real danger lies with outdated systems, especially W10 while it’s still fairly fresh, is user error - visit the wrong link or download a wrong file and you are in the world of pain.
All my laptops are running Linux. Daily driver is currently on Manjaro with a dual boot to a very stripped down Win11 for some professional software with no Linux version.
Main PC is on Mint.
HTPC is on Win10 and I do not give a single shit what happens to that installation. Its purpose is to run Steam and VLC. If it gets a virus, it gets a virus. If it steals my info and sends it to China, then someone in China will know I play Jackbox games and watch weird arthouse Japanese movies. I could not care less. And if a virus ruins the OS, I’ll flatten, reinsrall Win10, and go back to not giving a shit 2 hours later.
By turning it on.
What am I saying, it never gets turned off.
I also have both XP and Win7 VMs for running software that won’t run under 10/11.
Google and Apple have done a great job making people believe that an “unpatched” system is somehow dangerous.
Nearly all of my system failures/OS problems since about 2010 have been from updates breaking things - both Windows and Android
I haven’t seen a virus since Win2k and running a decent AV became standard.
And I’m in Enterprise IT - our biggest concern is social engineering, not direct attacks.
Security/stability is about layering protections/mitigations to prevent alignment of “risk holes”, like stacking Swiss cheese.
The slew of recent zero days in everything from the Linux kernel to Firefox warrant urgent patching…
By telling win 11 to constantly to fuck off.
You can still safely browse the internet with an adblocker and don’t download unofficial software. Only idiots and security people raw dog a windows machine online without a firewall and a NAT gateway.
What is your real question?
NAT is not a security feature. Just use a gateway with a proper firewall.
we still have some win10 here. not too worried given who is using them and for what purposes. we’ve retired from some of our work so we don’t have or access any sensitive data (medical records mostly) anymore.
if you need it, try to score the extra update time for ‘free’ (check settings-windows update for the offer). i’ve done that for a few people and it didn’t even mess up their ‘backup’ status… but do check to make sure it’s off if you do that method. there are other ‘methods’ but idk if LW lets you discuss them.
I’m not
