W7 is still safer than W10...

Windows 10 on Lenovo hardware
Post Reply
Message
Author
RealBlackStuff
Admin
Admin
Posts: 18263
Joined: Mon Sep 18, 2006 5:17 am
Location: Mt. Cobb, PA USA
Contact:

W7 is still safer than W10...

#1 Post by RealBlackStuff » Wed Nov 22, 2017 1:56 pm

I'm not surprised, W7 is still safer than W10...
http://www.zdnet.com/article/key-window ... -windows-8

dr_st
Senior ThinkPadder
Senior ThinkPadder
Posts: 6950
Joined: Sat Oct 29, 2005 6:20 am

Re: W7 is still safer than W10...

#2 Post by dr_st » Wed Nov 22, 2017 2:36 pm

Took just four days from the original publication, only one day after the crap article, for Microsoft to address the issue, explain the situation in full, explain why the behavior was changed, and how to get back the same security level with a single registry tweak. They also admitted the limitation in the configuration UI that does not have an interface to apply the system-wide configuration (without editing the registry), and mentioned that they are working to fix it. :thumbs-UP: They will probably release an updated tool very soon.
https://blogs.technet.microsoft.com/srd ... tory-aslr/

Great job, Microsoft! Thank you, RBS, for bringing this issue up, to allow people to witness first hand that Microsoft takes not only security, but also users' perception of security, very seriously.
Last edited by dr_st on Thu Nov 23, 2017 3:06 am, edited 1 time in total.
Current: X220 4291-4BG, T410 2537-R46, T60 1952-F76, T60 2007-QPG, T42 2373-F7G
Collectibles: T430s (IPS FHD + Classic Keyboard), X32 (IPS Screen)
Retired: X61 7673-V2V, A31p w/ Ultrabay Numpad
Past: Z61t 9440-A23, T60 2623-D3U, X32 2884-M5U

Cigarguy
ThinkPadder
ThinkPadder
Posts: 1474
Joined: Thu Aug 09, 2012 3:08 pm
Location: Calgary, Alberta, Canada

Re: W7 is still safer than W10...

#3 Post by Cigarguy » Wed Nov 22, 2017 6:15 pm

Wow, who needs slice bread when you got Microsoft. The greatest ever! BARF. :jhem:

shawross
Junior Member
Junior Member
Posts: 354
Joined: Mon Oct 28, 2013 5:48 am
Location: Perth Aus / Thailand

Re: W7 is still safer than W10...

#4 Post by shawross » Wed Nov 22, 2017 6:33 pm

Yes Windows 7 after EOL will still be better than 10 IMO.
Active --- Love the X series
X301 SU9400 IDA Mod - W 7 / X201 540M - W 7 / X220 2520 - W7

Nostalgia
X61 T7500 / T43's / T42

Rogue daily driver - Samsung RV511 15.6 " Screen - W 7

MikalE
Senior Member
Senior Member
Posts: 567
Joined: Sun Sep 13, 2015 9:51 pm
Location: Marissa, Illinois

Re: W7 is still safer than W10...

#5 Post by MikalE » Wed Nov 22, 2017 7:37 pm

How could MS let something like this migrate to the Windows 10 OS after being discovered in Windows 8?

Are they all a bunch of idiots in Redmond or is it that they just don't give a [censored] about their customers and think we're all a bunch of idiots ourselves?
T500 C2D 2055-BE9
T510 i5 4384-DV7
T510 i7 4349-A64
T520 i7 4242-4UU(CTO)


T520: i7-2760QM(2.40GHz),16GB, 500GB SSD/500GB 7200 RPM Drive, 15.6in 1600x900 LCD, 1GB NVIDIA, DVDRW, Smartcard reader, media card reader, FPR, Win10 Pro64, whitelist BIOS, Ultimate-N 6300 AGN, German KB, Bluetooth 4.0.

dr_st
Senior ThinkPadder
Senior ThinkPadder
Posts: 6950
Joined: Sat Oct 29, 2005 6:20 am

Re: W7 is still safer than W10...

#6 Post by dr_st » Thu Nov 23, 2017 12:25 am

Haters just hate. Nothing changes. :lol:
MikalE wrote:
Wed Nov 22, 2017 7:37 pm
How could MS let something like this migrate to the Windows 10 OS after being discovered in Windows 8?
Who told you it was discovered in Windows 8 time frame? The reports say that it was discovered last week.

Why wasn't it discovered? Apparently, not a whole great deal of people use this feature. And perhaps most of those who do know about the registry setting and don't care much about the configuration tools.

Summary for those who want to be informed and don't want to read the lengthy technical documents
  • ASLR (Address Space Layout Randomization) is a technique that provides defense against a certain class of attacks.
  • It is supported since Vista but only if the application selects it during compile time
  • In Windows 7, a patch was added to allow forcing ASLR even on applications compiled without support for it
  • This is controlled by the registry and Microsoft provided front-ends to configure this system-wide setting without editing the registry
  • In Windows 8 the technique by which it's managed was changed, and now full randomization requires two settings, not one
  • This was done to allow more fine control over the feature, to decrease the chance of applications breaking due to ASLR being forced on them when they cannot really support it
  • The front-ends were not updated to be fully aware of this behavior change
  • As a result, configuring the feature through the front-ends in Windows 8, 8.1 and 10 results in only part of the solution being applied, which means reduced security mode for ASLR-unaware applications
  • The feature can still be controlled through the registry and works as designed, in the more secure mode, when configured thus.
  • The problem is therefore not in the core security features of the OS, but in the front-end tools that configure it
  • Now that it has been discovered, these tools will likely be updated in the nearest future
Current: X220 4291-4BG, T410 2537-R46, T60 1952-F76, T60 2007-QPG, T42 2373-F7G
Collectibles: T430s (IPS FHD + Classic Keyboard), X32 (IPS Screen)
Retired: X61 7673-V2V, A31p w/ Ultrabay Numpad
Past: Z61t 9440-A23, T60 2623-D3U, X32 2884-M5U

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2417
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: W7 is still safer than W10...

#7 Post by Puppy » Thu Nov 23, 2017 5:01 am

ASLR is broken by third-party AV crap software most of the time.
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8

hellosailor
Senior Member
Senior Member
Posts: 710
Joined: Sat Jan 05, 2008 1:52 pm
Location: NY, NY

Re: W7 is still safer than W10...

#8 Post by hellosailor » Thu Nov 30, 2017 4:24 pm

There will always be a problem with "new" software, in that no one has had experience with it. Add in the mass of code and MS's habit of not discussing things, or admitting them, and it gets worse.

I found the Win10v.1511 upgrade that I was stuck on, was blocking any major upgrades a year later. Four times, I finally got genuine MS support (sounded like the Philippines and India) and spent a full day on the phone with remote access. Supposedly with MS's own techs who KNEW the new software and old. And each time we ended up with "just download (zzzz) and install this new ISO image" which resulted in a reboot that wiped the boot record on the hard drive.

That just tells me that even MS has no idea what surprises are left in the box.

And then there are some that they actually flat out deny. Like, 1511 (and I think 1706 as well) also lock out the default applications for file types. You can select new ones, but they are locked out. And if you manually change the undocumented registry entries for those? Eh, you still can't restore 100% of the old defaults you had. Yeah, sure, that doesn't happen on anyone else's machine. Just my own (fairly vanilla) system.

This is not the way to get people to embrace a new subscription service concept. (And that's what W10 really is, a push to subscription model, paid for by collecting and reselling user demographics, just like Google and Facebook do.)
"The only good silicon life form, is a dead silicon life form." [Will Rogers]
-- Harboring a retired T61P with Vista/U/32 and housebreaking a younger W530 foolishly upgraded from Win7/64 to Win10.

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Windows 10”

Who is online

Users browsing this forum: No registered users and 2 guests