Slashdot Mirror
Microsoft Says Windows 10 Version 1607 is The Most Secure Windows Ever (thurrott.com)
A new white paper from Microsoft claims that "devices running Windows 10 are 58% less likely to encounter ransomware than when running Windows 7". But an anonymous reader brings more news from Windows-watcher Paul Thurrott:
in a separate blog post, it also makes its case for why Windows 10 version 1607 -- that is, Windows 10 with the Anniversary Update installed -- is the most secure Windows version yet. Improvements in this release include: Microsoft Edge runs Adobe Flash Player in an isolated container, and Edge exploits cannot execute other applications... [And] the Windows Defender signature delivery channel works faster than before so that the in-box anti-virus and anti-malware solution can help block ransomware, both in the cloud and on the client. Additionally, Windows Defender responds to new threats faster using improved cloud protection and automatic sample submission features, plus improved behavioral heuristics aimed at detecting ransomware-related activities.
Interestingly, the paper also touts Microsoft's "Advancing machine-learning systems in our email services to help stop the spread of ransomware via email delivery."
Interestingly, the paper also touts Microsoft's "Advancing machine-learning systems in our email services to help stop the spread of ransomware via email delivery."
That's only because it won't boot. That way, the machine can't get infected.
And what of small businesses ? Medical practices ? Only the Enterprise Edition of Win10 gives any real control over security. Not controlling your own security will make things like, oh, HIPAA and PCI compliance problematical.
Claiming security controls for the public is like handling firearms without training ? Well, there goes Linux as a replacement for Windows, by your argument. . .
If it was secure, I could control which outside servers the operating system contacts and what information it sends to them. An operating system for which you cannot even control where it connects to is insecure by definition.
It connects to more than a hundred outside servers Microsoft refuses to publish a complete list of these places and what data it exactly transmits, so it is also practically impossible for the end user to reliably distinguish Microsoft traffic from trojan horses and malware. It's ridiculous to call that secure.
Security that the USER cannot control is not what **i** would call a selling point
A fine stance if you are a a technically competent IT pro or equivalent. However for the 99+% of the people out there who don't fit that description, having the security handled by the system vendor can actually be a good idea. Microsoft can do a better job of it than my mother can. (yes I know... stop snickering) The VAST majority of users don't have the foggiest idea how to properly secure their computers nor any meaningful interest in learning. Having the option of user control for those with the ability is a good idea but probably not a good default for most users. Microsoft may not do a great job but they'll probably do a better job than the majority of users (which is kind of a sad commentary but it is reality). It only is a problem if they deny competent users the ability to control security when the need arises.
I have no issue of the company doing the updates and users having no control. I do blind updates on my Debian as well. The issue is that you can't turn it off. If have not done updates because I have read there where issues, so I waited two days.
So Windows tries to be too clever for its own good.
Don't fight for your country, if your country does not fight for you.
Are you new to the industry?
If you work for a company that lives in Windows you should be living in Windows as well. It forces you to live like your users. After all, you're the technical expertise and you will see opportunities for improvement that users many not see.
My 2 cents.