Windows 10 is officially a spyware and an adware

If it doesn't fit anywhere else, drop it in here. (not to be used as a chat/nonsense section)

Moderator: Moderator Team

MadWolf
Posts: 688
Joined: Sat Dec 31, 2005 4:19 am
Contact:

Re: Windows 10 is officially a spyware and an adware

Post by MadWolf »

Konata wrote:
alexei wrote:
Z98 wrote:major structural changes that happened in the NT design that would never have happened if you were solely fixing bugs in existing functionality, because these defenses are new functionality.
In my view, these "structural changes" should be considered bug fixes.
That would have broken compatibility with countless applications. Beyond marketing purposes, there's a reason there are different versions of Windows.
ROS can't even implement UAC because it would break a lot of applications.
It's easier to say an application works on this version and up instead of this service pack and up, especially since most people probably don't even know what a service pack is.
i need to check this but i remember seeing on the back of a pc game box in the system requirements for OS min windows XP sp3 or was it sp2 ?
UAC what is the point power users to system admins ignore it they now what they are doing Average Joe ignore it because they do not what they are doing

metro is a fix for a problem ?? :? the metro apps i have seen compared to the desktop counterpart the desktop version is 100% better
florian
Posts: 510
Joined: Tue Nov 01, 2005 2:19 am
Location: Germany

Re: Windows 10 is officially a spyware and an adware

Post by florian »

By the way, have you already heard of the Israeli security startup MorphiSec with its version (in development) of Windows like 'Microsoft should be doing'?

The co-founder of MorphiSec is the CTO of Deutsche Telekom Innovation Laboratories in Israel as well as the chief security officer of Cyber Security Research Center at Ben-Gurion University.

Read more (UK Business Insider).
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Windows 10 is officially a spyware and an adware

Post by Z98 »

UAC's achievements are not about how successful it is in getting end users of Windows to pay attention to it. UAC is a manifestation of Microsoft making a fundamental change to permission levels for applications. Previously applications could assume that they had access to pretty much everything, could write everywhere, and so on. With Vista and later Microsoft by default restricts applications to a reduced set of permissions. This change was important for so many reasons, not only from a security perspective but also from a system stability perspective. Whether UAC changed end user behavior any is pretty much moot. The privilege limitation that underlies it has been successful in getting application developers to write better and less sloppier programs. That by itself makes it a success.

As for the idea of a completely secure Windows, I'll believe it when I see it. There are ways to make Windows far more secure if you don't mind losing compatibility with huge swathes of programs out there. But if you do that, then what was the point of using Windows?
User avatar
Konata
Posts: 391
Joined: Sun Apr 20, 2014 8:54 pm

Re: Windows 10 is officially a spyware and an adware

Post by Konata »

In addition to what Z98 said, UAC is an under-the-hood thing. Just like in the bootloader thread, you guys don't seem to know what something is doing beyond it's user interface. UAC is just simple enough to allow idiots to control it. Any more level of complexity (controlling what specific resources it can or cannot touch) would be too complex for the average user. UAC is more than a simple interface, it's allowing applications the ability to alter system files. And most importantly, it allows a non-root user to use the computer as if they were root (Meaning a user is less likely to break their machine). Actually, sudo on Unix systems is basically the exact same thing. Windows has always had this kind of mechanism, but it was a terminal-based thing and not very friendly. All Windows NT from XP and down had the first user logged in as root. It didn't matter what kind of account it was, if it was the first one logged in then it was root. Windows Vista and up finally changed this by locking out the root account and making it only for the system. The first account that logged in would now be an average, unprivileged account. But to allow them to still actually use applications, UAC will temporarily elevate the privileges of the program running, allowing them access to more system resources. You can disable the UAC prompt, but the functionality is still there. It was, as Z98 said, a very important step forward. Of course, people who don't know about operating system development or the NT architecture won't appreciate it.

And I didn't say anything about Modern applications, MadWolf. You misread my post. I said the Modern framework itself is Microsoft's answer to a fully secure, portable environment, where applications work on any platform with controlled permissions. I still need to really look at it, but I'm happy with the idea of it, and I hope people start making software for it.
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Windows 10 is officially a spyware and an adware

Post by Z98 »

The moment they eliminate the requirement to use the app store for distribution I'll be right with them. Until that happens they can bugger off and I'll stick with existing desktop frameworks.
User avatar
Konata
Posts: 391
Joined: Sun Apr 20, 2014 8:54 pm

Re: Windows 10 is officially a spyware and an adware

Post by Konata »

Yeah, I prefer the good old .NET framework if anything. But I still like the idea of Modern.
erkinalp
Posts: 861
Joined: Sat Dec 20, 2008 5:55 pm
Location: Izmir, TR

Re: Windows 10 is officially a spyware and an adware

Post by erkinalp »

Konata wrote:l matter what kind of account it was, if it was the first one logged in then it was root. Windows Vista and up finally changed this by locking out the root account and making it only for the system
It is true, except designated Guest account never gets root even logging in first. I know that because programs failed in unexpected ways logging in as Guest first. Guest account has the least privilege overall, even less than a regular account.
-uses Ubuntu+GNOME 3 GNU/Linux
-likes Free (as in freedom) and Open Source Detergents
-favors open source of Windows 10 under GPL2
florian
Posts: 510
Joined: Tue Nov 01, 2005 2:19 am
Location: Germany

Re: Windows 10 is officially a spyware and an adware

Post by florian »

Z98 wrote:As for the idea of a completely secure Windows, I'll believe it when I see it. There are ways to make Windows far more secure if you don't mind losing compatibility with huge swathes of programs out there. But if you do that, then what was the point of using Windows?
Sabre rattling by MorphiSec is marketing and, of course, there's no 100 % secure system - but still quiet interesting as the article concludes:
The company has raised a $1.5 million in seed funding from a major Israeli VC, JVC Partners. That's no guarantee that that enterprises will buy this new secure version of Windows. But it's interesting that Mimran and gang are working on it. And Microsoft, who has a big presence in Israel, is no doubt watching.
Last edited by florian on Sun Aug 16, 2015 9:24 pm, edited 1 time in total.
erkinalp
Posts: 861
Joined: Sat Dec 20, 2008 5:55 pm
Location: Izmir, TR

Re: Windows 10 is officially a spyware and an adware

Post by erkinalp »

God, I hated having to chmod everything I wanted to run.
NTFS has permission bits too. Very simple policy change will make new files R/W by owner, read-only for others with no execution permission.
-uses Ubuntu+GNOME 3 GNU/Linux
-likes Free (as in freedom) and Open Source Detergents
-favors open source of Windows 10 under GPL2
middings
Posts: 1073
Joined: Tue May 07, 2013 9:18 pm
Location: California, USA

Re: Windows 10 is officially a spyware and an adware

Post by middings »

Konata wrote:All Windows NT from XP and down had the first user logged in as root. It didn't matter what kind of account it was, if it was the first one logged in then it was root.
Microsoft's Raymond Chen briefly discusses the Session 0 Isolation feature that first appeared in Microsoft Windows Vista. See Session 0 isolation: Where backward compatibility loses to security. He includes a link to a Microsoft web page where the white paper "Impact of Session 0 Isolation on Services and Drivers in Windows" can be downloaded as a Word file.
User avatar
Black_Fox
Posts: 1584
Joined: Fri Feb 15, 2008 9:44 pm
Location: Czechia

Re: Windows 10 is officially a spyware and an adware

Post by Black_Fox »

middings wrote:where the white paper(...) can be downloaded as a Word file.
Oh, the irony. I've seen (white) papers published solely in PDF for so long that I see any non-PDF paper as a mistake.
hbelusca
Developer
Posts: 1204
Joined: Sat Dec 26, 2009 10:36 pm
Location: Zagreb, Croatia

Re: Windows 10 is officially a spyware and an adware

Post by hbelusca »

Black_Fox wrote:
middings wrote:where the white paper(...) can be downloaded as a Word file.
Oh, the irony. I've seen (white) papers published solely in PDF for so long that I see any non-PDF paper as a mistake.
So far the whitepapers downloadable from MSDN (for example) are in Word format (except the ones from the MS Open Specifications).
alexei
Posts: 137
Joined: Wed Oct 19, 2005 5:29 pm

Re: Windows 10 is officially a spyware and an adware

Post by alexei »

Z98 wrote:UAC's achievements are not about how successful it is in getting end users of Windows to pay attention to it. UAC is a manifestation of Microsoft making a fundamental change to permission levels for applications. Previously applications could assume that they had access to pretty much everything, could write everywhere, and so on. With Vista and later Microsoft by default restricts applications to a reduced set of permissions. This change was important for so many reasons, not only from a security perspective but also from a system stability perspective.
Sandboxing, jails, or whatever you call it, would be a better solution. Let them [applications] feel like they can do whatever they want, but not in reality :) If each applicatin runs fully encapsulated, how could it harm the system?
Z98 wrote:As for the idea of a completely secure Windows, I'll believe it when I see it. There are ways to make Windows far more secure if you don't mind losing compatibility with huge swathes of programs out there. But if you do that, then what was the point of using Windows?
The main reason for using Windows is user convenience, not application variety.
If "installation" of the application would place it into fully isolated sandbox instead of integrating it into the system, it would be much less concerns with security. Qubes OS https://www.qubes-os.org/ is a good (though rather heavy) solution and it goes only half-way, allowing appliactions running on the same VM to communicate.

In my view, ideally, each appliucation (or app suite) better be run on a designated computer with optional internet access physically controllable by the user as well ;) Communications (read-only) between these computers should be controllable by user. OS should be in the ROM, etc. With hardware prices going down, such setups may become affordable in a few years. Imagine, you plug "PC on a stick" (with ROS?) into USB-3 hub and and edit your documents on your "office PC", then unplug it and feel good because nobody can hack them.
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Windows 10 is officially a spyware and an adware

Post by Z98 »

My experiences with SELinux begs to differ. It's a heavily sandboxed restricted environment that tends to break applications in mysterious and unexpected ways unless one does a lot of manual work tuning the permissions. So, if you want to do a lot of grunt work yourself to get your system to work at all, go have at it. You seem to have an idealized view of security mechanisms and just assume that because they increase security they would be worth the cost of implementing/using them. Combined with no indication that you yourself are willing to pay for the increased cost that your demands require, we're really not going to be changing any of our plans based solely on your insistence.
alexei
Posts: 137
Joined: Wed Oct 19, 2005 5:29 pm

Re: Windows 10 is officially a spyware and an adware

Post by alexei »

Z98 wrote:My experiences with SELinux begs to differ. It's a heavily sandboxed restricted environment that tends to break applications in mysterious and unexpected ways unless one does a lot of manual work tuning the permissions. So, if you want to do a lot of grunt work yourself to get your system to work at all, go have at it. You seem to have an idealized view of security mechanisms and just assume that because they increase security they would be worth the cost of implementing/using them. Combined with no indication that you yourself are willing to pay for the increased cost that your demands require, we're really not going to be changing any of our plans based solely on your insistence.
If application "feels" like it gets unrestricted access to all system resources, you would not need to tune its permissions. If most of these resources are virtualized, the application would not be able to harm the system. That's "security by separation" approach. Windows NT already has (almost?) all capabilities to do that. MS doesn't want to go this way, it wants to keep users on a leash and spy on them.
I hope, ROS does not have such plans, so in some respects ROS has to be different.
BTW, some "application virtualization" solutions are open source, for ex. http://sourceforge.net/projects/jauntepe/.
PS
It may require some work to determine, which system resources should be virtualized, and which should not, but you just do it once per app.
Post Reply

Who is online

Users browsing this forum: No registered users and 13 guests