Take a look at our
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message
W7 is still safer than W10...
-
- Admin Emeritus
- Posts: 23809
- Joined: Mon Sep 18, 2006 5:17 am
- Location: Loch Garman, Éire
W7 is still safer than W10...
I'm not surprised, W7 is still safer than W10...
http://www.zdnet.com/article/key-window ... -windows-8
http://www.zdnet.com/article/key-window ... -windows-8
Re: W7 is still safer than W10...
Took just four days from the original publication, only one day after the crap article, for Microsoft to address the issue, explain the situation in full, explain why the behavior was changed, and how to get back the same security level with a single registry tweak. They also admitted the limitation in the configuration UI that does not have an interface to apply the system-wide configuration (without editing the registry), and mentioned that they are working to fix it. They will probably release an updated tool very soon.
https://blogs.technet.microsoft.com/srd ... tory-aslr/
Great job, Microsoft! Thank you, RBS, for bringing this issue up, to allow people to witness first hand that Microsoft takes not only security, but also users' perception of security, very seriously.
https://blogs.technet.microsoft.com/srd ... tory-aslr/
Great job, Microsoft! Thank you, RBS, for bringing this issue up, to allow people to witness first hand that Microsoft takes not only security, but also users' perception of security, very seriously.
Last edited by dr_st on Thu Nov 23, 2017 3:06 am, edited 1 time in total.
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- ThinkPadder
- Posts: 1756
- Joined: Thu Aug 09, 2012 3:08 pm
- Location: Calgary, Alberta, Canada
Re: W7 is still safer than W10...
Wow, who needs slice bread when you got Microsoft. The greatest ever! BARF.
Re: W7 is still safer than W10...
Yes Windows 7 after EOL will still be better than 10 IMO.
Active --- Love the X series
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
Re: W7 is still safer than W10...
How could MS let something like this migrate to the Windows 10 OS after being discovered in Windows 8?
Are they all a bunch of idiots in Redmond or is it that they just don't give a darn about their customers and think we're all a bunch of idiots ourselves?
Are they all a bunch of idiots in Redmond or is it that they just don't give a darn about their customers and think we're all a bunch of idiots ourselves?
A31p P-IV 2Ghz, 2MB, 2653-R6U
T500 T9600 2055-BE9
T510 i5 4384-DV7
T510 i7 4349-A64
T520 i7QM 4242-4UU Highly Modified
T16 i7 1260P 21BV000SUS
T500 T9600 2055-BE9
T510 i5 4384-DV7
T510 i7 4349-A64
T520 i7QM 4242-4UU Highly Modified
T16 i7 1260P 21BV000SUS
Re: W7 is still safer than W10...
Haters just hate. Nothing changes.
Why wasn't it discovered? Apparently, not a whole great deal of people use this feature. And perhaps most of those who do know about the registry setting and don't care much about the configuration tools.
Summary for those who want to be informed and don't want to read the lengthy technical documents
Who told you it was discovered in Windows 8 time frame? The reports say that it was discovered last week.
Why wasn't it discovered? Apparently, not a whole great deal of people use this feature. And perhaps most of those who do know about the registry setting and don't care much about the configuration tools.
Summary for those who want to be informed and don't want to read the lengthy technical documents
- ASLR (Address Space Layout Randomization) is a technique that provides defense against a certain class of attacks.
- It is supported since Vista but only if the application selects it during compile time
- In Windows 7, a patch was added to allow forcing ASLR even on applications compiled without support for it
- This is controlled by the registry and Microsoft provided front-ends to configure this system-wide setting without editing the registry
- In Windows 8 the technique by which it's managed was changed, and now full randomization requires two settings, not one
- This was done to allow more fine control over the feature, to decrease the chance of applications breaking due to ASLR being forced on them when they cannot really support it
- The front-ends were not updated to be fully aware of this behavior change
- As a result, configuring the feature through the front-ends in Windows 8, 8.1 and 10 results in only part of the solution being applied, which means reduced security mode for ASLR-unaware applications
- The feature can still be controlled through the registry and works as designed, in the more secure mode, when configured thus.
- The problem is therefore not in the core security features of the OS, but in the front-end tools that configure it
- Now that it has been discovered, these tools will likely be updated in the nearest future
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: W7 is still safer than W10...
ASLR is broken by third-party AV crap software most of the time.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior Member
- Posts: 715
- Joined: Sat Jan 05, 2008 1:52 pm
- Location: NY, NY
Re: W7 is still safer than W10...
There will always be a problem with "new" software, in that no one has had experience with it. Add in the mass of code and MS's habit of not discussing things, or admitting them, and it gets worse.
I found the Win10v.1511 upgrade that I was stuck on, was blocking any major upgrades a year later. Four times, I finally got genuine MS support (sounded like the Philippines and India) and spent a full day on the phone with remote access. Supposedly with MS's own techs who KNEW the new software and old. And each time we ended up with "just download (zzzz) and install this new ISO image" which resulted in a reboot that wiped the boot record on the hard drive.
That just tells me that even MS has no idea what surprises are left in the box.
And then there are some that they actually flat out deny. Like, 1511 (and I think 1706 as well) also lock out the default applications for file types. You can select new ones, but they are locked out. And if you manually change the undocumented registry entries for those? Eh, you still can't restore 100% of the old defaults you had. Yeah, sure, that doesn't happen on anyone else's machine. Just my own (fairly vanilla) system.
This is not the way to get people to embrace a new subscription service concept. (And that's what W10 really is, a push to subscription model, paid for by collecting and reselling user demographics, just like Google and Facebook do.)
I found the Win10v.1511 upgrade that I was stuck on, was blocking any major upgrades a year later. Four times, I finally got genuine MS support (sounded like the Philippines and India) and spent a full day on the phone with remote access. Supposedly with MS's own techs who KNEW the new software and old. And each time we ended up with "just download (zzzz) and install this new ISO image" which resulted in a reboot that wiped the boot record on the hard drive.
That just tells me that even MS has no idea what surprises are left in the box.
And then there are some that they actually flat out deny. Like, 1511 (and I think 1706 as well) also lock out the default applications for file types. You can select new ones, but they are locked out. And if you manually change the undocumented registry entries for those? Eh, you still can't restore 100% of the old defaults you had. Yeah, sure, that doesn't happen on anyone else's machine. Just my own (fairly vanilla) system.
This is not the way to get people to embrace a new subscription service concept. (And that's what W10 really is, a push to subscription model, paid for by collecting and reselling user demographics, just like Google and Facebook do.)
"The only good silicon life form, is a dead silicon life form." [Will Rogers]
-- Harboring a retired T61P with Vista/U/32 and housebreaking a younger W530 foolishly upgraded from Win7/64 to Win10.
-- Harboring a retired T61P with Vista/U/32 and housebreaking a younger W530 foolishly upgraded from Win7/64 to Win10.
-
- Similar Topics
- Replies
- Views
- Last post
-
-
XY Tech and CNMod Still Active?
by filipinogamer21 » Tue Oct 10, 2023 2:09 pm » in 51nb and other modded Thinkpads - 6 Replies
- 4480 Views
-
Last post by Frost
Mon Jan 15, 2024 10:55 pm
-
-
-
X230 trackpoint, mouse buttons and some keys still not working after keyboard change
by frog4 » Mon Jan 22, 2024 4:24 pm » in ThinkPad X230-X280 / X390 Series - 2 Replies
- 1225 Views
-
Last post by frog4
Tue Jan 23, 2024 5:22 am
-
-
-
x200 devotee still trying to make it work--open to any ideas...
by mtgal » Thu Jan 25, 2024 7:55 pm » in ThinkPad X200/X201/X220 and X300/X301 Series - 21 Replies
- 2738 Views
-
Last post by mikemex
Wed Jan 31, 2024 1:34 am
-
Who is online
Users browsing this forum: No registered users and 40 guests