Sure I can. Real adversaries are interested in exfiltrating confidential data. Microsoft isn't interested in my confidential data. They don't compete with my business and they have a huge brand risk if they were to actually send out the stuff I care about. In other words, they have an interest in ensuring that third-parties don't get access to my data. On the other hand, the real adversaries are going to take advantage of any exploit they can find. I'm willing to give up *a lot* of privacy to prevent third-party threats. I'd like to have both (privacy and protection) but, in the end, given a tough choice, Windows 10 is the winner. Alternatively look at Ubuntu. But it's not going to be an old, unpatched operating system for philosophical reasons. We may all hate how much we depend on Microsoft but staying with Windows/7 is nonsense. Move to Ubuntu or move to Windows/10 but staying with Windows/7 is the equivalent of lighting yourself on fire to prove a point.
The proof that ASLR and DEP work is that when they are enabled, the exploits always require an ASLR leak! Stack sentinels work wonders. It took from 1970 to 2015 to find a solution for buffer-overflows. We now have it and the Slashdot crowd pans it because they hate the telemetry more than they like the features. I personally hate the telemetry too. But if I'm in a position where I have to decide what's better for my company or my customers, the visceral hate cannot be the deciding factor. I have to look at what solution is best. Things like call graph protection are really valuable. That has to be weighted against the telemetry. But in the end, I'd rather M$ have some details on my browsing habits than a competitor have a dump of my databases.
Nobody likes updates that break things, but this isn't unique to Windows/10. The alternative is no updates which is also problematic. If you want minimal updates, many Linux vendors offer LTS distributions that have only the minimum changes needed for security issues and you should consider one of them.
I am saying that snide quips don't add value to a discussion and the real world is way more nuanced. Expressing outrage can add value if the source of that outrage is well articulated. Every version of Windows has new things that we like and some things we dislike. Win95 had real pre-emptive multi-tasking and memory protection. It also forced a new UI that people hated. Windows/10 has a lot of exciting new security features. It also has telemetry that most people dislike. That's pretty common in commercial software. Win/7 is no longer generally available and it's not a long-term option. So if Windows 10 doesn't meet your needs you should consider Ubuntu or some other alternative. And if there are Windows/10 features not present in Ubuntu, consider taking your Windows spend and funding that development.
I don't know how this stuff gets modded up. Windows/10 has everything that was in EMET by default plus a bunch of new features that prevent bugs from becoming exploits. It clearly is superior in terms of third-party hacking. The price you pay is either money (Enterprise Version) or Telemetry (Home/Pro versions). You may not think it's worth the cost, but pretending that the features don't exist (or being ignorant of them) doesn't add any value.
I think this is targeted to Enterprise users. Very few home users upgrade if it costs money. Home users will end up on Win/10 when it comes with their new hardware purchases. And if you buy a 2 in 1 which are very popular you'll get Windows 10 for the tablet features.
The security features in Windows/10 provide exploit mitigation. What this means is that Windows/10 may or may not have more bugs, but let's assume that it does have more bugs. The changes in Windows/10 mean that bugs do not become exploitable. Let's assume that there are twice as many bugs but 10% can be successfully exploited vs 30%. You are ahead of the game on Windows 10. The new features are really strong and your assessment is discounting them because you are assuming bug = exploit. That was true on Unix systems in the 1970s but we live in a much different world today.
The first posts are pretty much what one would have expected. Many people have concerns with Windows/10 telemetry. But it's still a more secure OS than Windows/7. There are an incredible number of security features built-in to thwart malware. Stack sentinels, call graph protection, delayed freeing of memory, et cetera. I'm in no way advocating for the telemetry data. You can disable it in the Enterprise edition of Windows. I don't like this business decision from Microsoft. But I'd still rather the telemetry data than other malware. The snide quips that show up in articles like this add no value to the discussion.
What are you considering as an alternative. The closest competitor that I can find is the X1 Carbon which is a great machine (http://shop.lenovo.com/us/en/laptops/thinkpad/x-series/x1-carbon/) and it seems you can upgrade the 50wh battery to 72wh. They advertise 11 hours of battery life but it's not clear if that is with the standard battery or maxed out.
75 watt hours is actually pretty good for a laptop battery, though. Dell only offers 39 and 52 watt hour configurations in their 12" laptops. (http://www.dell.com/us/business/p/latitude-e7250-ultrabook/pd) The lightest app, surprisingly, isn't browsing, it's media playback. I also have a Lenovo Miix tablet and I can download training videos and run for the full 9-10 hours of battery in the advertisements. Web browsing (even using Edge) only gets about four hours. And this machine uses a fairly low-clock processor in order to save battery. The inconsistency is a problem because a consumer can't know what is causing it. Even the pundits here can't agree. But if Apple fixes a problem why shouldn't the rating be revised? I guess some people still won't consider a Ford Explorer either. As of a few years ago, U-Haul would not rent trailers to people driving them even if their model was much later than the ones with rollover problems. I have no idea what inspires this type of thinking. Obviously Ford can make capable towing vehicles they just made a mistake. And Apple can obviously make software that works fairly well. They fixed their bug.
I am not a doctor and I would never even attempt to give medical advice. However, it seems that many "expired" drugs work just fine. An emergency kit with an expired epinephrine injector would probably be better than one without. More research is probably warranted. Until this announcement, there were people doing just that... trying to figure out how long these could really be used. You can be pretty sure that poorer people weren't replacing these when they wore out. Schools and health providers on the other hand couldn't possibly use something expired or even give it away which is a shame. There's probably a lot of waste here. These are really an emergency supply and an emergency kit seems to be where they belong. Nothing else in an emergency kit expires so quickly.
The funny thing is, right prior to bankruptcy, GM was promising a hybrid Hummer. Their argument at the time was that it was actually easy to make larger hybrid/electric vehicles because you could carry a lot more batteries. Seems reasonable that you could put a ton (as in 2000 lbs) of batteries under the bed and have quite a bit of storage capacity. Right now those batteries, I'm guessing, would cost as much as some downmarket houses.
If the car makers can't meet emission standards and they all say the same thing to the regulators, the regulations will change so this is not really relevant. California mandated a certain number of zero-emission vehicles be sold and the manufacturers made their case that the deadline wasn't achievable. So the regulators came of with a scheme to give partial-credit for efficient vehicles with extra emission controls. Hence why you see "PZEV" vehicles. They count toward part of a vehicle for this purpose. This also opened the door for Tesla to really kick-start the EV market.
What you're saying may be true but it doesn't follow from this example. In your case, if you file a frivolous suit, your neighbors have the potential to win a judgment against you and actually collect it. So if you went on a litigation spree it would be quite harmful.
OTOH, if one of your neighbors (assuming they find out your true wealth) was borderline bankrupt, they could potentially see you as a walking ATM machine and sue you frivolously using a lawyer who gets paid on contingency. They have nothing to lose as their assets have dwindled to almost zero. But now, with this situation, before taking the contingency case, a lawyer would have to weigh the risks and wouldn't pursue if there is no merit.
I would think that those with the most wealth would rejoice at this outcome.
That's a fair point. But this doesn't get rid of contingency-based legal aid for legitimate cases. Lawyers aren't supposed to file frivolous cases but so far there has been no punishment if they do so. This is simply finding a way to enforce existing rules.
Unfortunately many sites don't render well in Lynx. I hope that as the HTML standards evolve Lynx will work better. Also there isn't as much active Lynx development and, sadly, it has it's own security holes;(
This happens in very few cars. Usually only ones with convertible tops. Fortunately if you have the top open and drive into water, you don't need to open the windows to get out.
Slashdot Mirror
Sure I can. Real adversaries are interested in exfiltrating confidential data. Microsoft isn't interested in my confidential data. They don't compete with my business and they have a huge brand risk if they were to actually send out the stuff I care about. In other words, they have an interest in ensuring that third-parties don't get access to my data. On the other hand, the real adversaries are going to take advantage of any exploit they can find. I'm willing to give up *a lot* of privacy to prevent third-party threats. I'd like to have both (privacy and protection) but, in the end, given a tough choice, Windows 10 is the winner. Alternatively look at Ubuntu. But it's not going to be an old, unpatched operating system for philosophical reasons. We may all hate how much we depend on Microsoft but staying with Windows/7 is nonsense. Move to Ubuntu or move to Windows/10 but staying with Windows/7 is the equivalent of lighting yourself on fire to prove a point.
The proof that ASLR and DEP work is that when they are enabled, the exploits always require an ASLR leak! Stack sentinels work wonders. It took from 1970 to 2015 to find a solution for buffer-overflows. We now have it and the Slashdot crowd pans it because they hate the telemetry more than they like the features. I personally hate the telemetry too. But if I'm in a position where I have to decide what's better for my company or my customers, the visceral hate cannot be the deciding factor. I have to look at what solution is best. Things like call graph protection are really valuable. That has to be weighted against the telemetry. But in the end, I'd rather M$ have some details on my browsing habits than a competitor have a dump of my databases.
Nobody likes updates that break things, but this isn't unique to Windows/10. The alternative is no updates which is also problematic. If you want minimal updates, many Linux vendors offer LTS distributions that have only the minimum changes needed for security issues and you should consider one of them.
I am saying that snide quips don't add value to a discussion and the real world is way more nuanced. Expressing outrage can add value if the source of that outrage is well articulated. Every version of Windows has new things that we like and some things we dislike. Win95 had real pre-emptive multi-tasking and memory protection. It also forced a new UI that people hated. Windows/10 has a lot of exciting new security features. It also has telemetry that most people dislike. That's pretty common in commercial software. Win/7 is no longer generally available and it's not a long-term option. So if Windows 10 doesn't meet your needs you should consider Ubuntu or some other alternative. And if there are Windows/10 features not present in Ubuntu, consider taking your Windows spend and funding that development.
For what I hope are obvious reasons, Microsoft cares the most about those users!
I don't know how this stuff gets modded up. Windows/10 has everything that was in EMET by default plus a bunch of new features that prevent bugs from becoming exploits. It clearly is superior in terms of third-party hacking. The price you pay is either money (Enterprise Version) or Telemetry (Home/Pro versions). You may not think it's worth the cost, but pretending that the features don't exist (or being ignorant of them) doesn't add any value.
I think this is targeted to Enterprise users. Very few home users upgrade if it costs money. Home users will end up on Win/10 when it comes with their new hardware purchases. And if you buy a 2 in 1 which are very popular you'll get Windows 10 for the tablet features.
Yeah who cares about stack sentinels, call graph protection, et cetera. Those are nothing.
The security features in Windows/10 provide exploit mitigation. What this means is that Windows/10 may or may not have more bugs, but let's assume that it does have more bugs. The changes in Windows/10 mean that bugs do not become exploitable. Let's assume that there are twice as many bugs but 10% can be successfully exploited vs 30%. You are ahead of the game on Windows 10. The new features are really strong and your assessment is discounting them because you are assuming bug = exploit. That was true on Unix systems in the 1970s but we live in a much different world today.
Just tell some terrorists that you will build a bomb for them. (Sorry to the few people who haven't seen Back To The Future!)
I wish I could mod this up. This was probably the best post in the thread.
The first posts are pretty much what one would have expected. Many people have concerns with Windows/10 telemetry. But it's still a more secure OS than Windows/7. There are an incredible number of security features built-in to thwart malware. Stack sentinels, call graph protection, delayed freeing of memory, et cetera. I'm in no way advocating for the telemetry data. You can disable it in the Enterprise edition of Windows. I don't like this business decision from Microsoft. But I'd still rather the telemetry data than other malware. The snide quips that show up in articles like this add no value to the discussion.
I don't see any mention of the root cause so could you elaborate?
Wish I could mod this up.
What are you considering as an alternative. The closest competitor that I can find is the X1 Carbon which is a great machine (http://shop.lenovo.com/us/en/laptops/thinkpad/x-series/x1-carbon/) and it seems you can upgrade the 50wh battery to 72wh. They advertise 11 hours of battery life but it's not clear if that is with the standard battery or maxed out.
75 watt hours is actually pretty good for a laptop battery, though. Dell only offers 39 and 52 watt hour configurations in their 12" laptops. (http://www.dell.com/us/business/p/latitude-e7250-ultrabook/pd) The lightest app, surprisingly, isn't browsing, it's media playback. I also have a Lenovo Miix tablet and I can download training videos and run for the full 9-10 hours of battery in the advertisements. Web browsing (even using Edge) only gets about four hours. And this machine uses a fairly low-clock processor in order to save battery. The inconsistency is a problem because a consumer can't know what is causing it. Even the pundits here can't agree. But if Apple fixes a problem why shouldn't the rating be revised? I guess some people still won't consider a Ford Explorer either. As of a few years ago, U-Haul would not rent trailers to people driving them even if their model was much later than the ones with rollover problems. I have no idea what inspires this type of thinking. Obviously Ford can make capable towing vehicles they just made a mistake. And Apple can obviously make software that works fairly well. They fixed their bug.
I am not a doctor and I would never even attempt to give medical advice. However, it seems that many "expired" drugs work just fine. An emergency kit with an expired epinephrine injector would probably be better than one without. More research is probably warranted. Until this announcement, there were people doing just that... trying to figure out how long these could really be used. You can be pretty sure that poorer people weren't replacing these when they wore out. Schools and health providers on the other hand couldn't possibly use something expired or even give it away which is a shame. There's probably a lot of waste here. These are really an emergency supply and an emergency kit seems to be where they belong. Nothing else in an emergency kit expires so quickly.
The funny thing is, right prior to bankruptcy, GM was promising a hybrid Hummer. Their argument at the time was that it was actually easy to make larger hybrid/electric vehicles because you could carry a lot more batteries. Seems reasonable that you could put a ton (as in 2000 lbs) of batteries under the bed and have quite a bit of storage capacity. Right now those batteries, I'm guessing, would cost as much as some downmarket houses.
If the car makers can't meet emission standards and they all say the same thing to the regulators, the regulations will change so this is not really relevant. California mandated a certain number of zero-emission vehicles be sold and the manufacturers made their case that the deadline wasn't achievable. So the regulators came of with a scheme to give partial-credit for efficient vehicles with extra emission controls. Hence why you see "PZEV" vehicles. They count toward part of a vehicle for this purpose. This also opened the door for Tesla to really kick-start the EV market.
This is a great post and a great perspective. I hope the OP gets a +5. But it isn't the same situation referred to in the article.
What you're saying may be true but it doesn't follow from this example. In your case, if you file a frivolous suit, your neighbors have the potential to win a judgment against you and actually collect it. So if you went on a litigation spree it would be quite harmful. OTOH, if one of your neighbors (assuming they find out your true wealth) was borderline bankrupt, they could potentially see you as a walking ATM machine and sue you frivolously using a lawyer who gets paid on contingency. They have nothing to lose as their assets have dwindled to almost zero. But now, with this situation, before taking the contingency case, a lawyer would have to weigh the risks and wouldn't pursue if there is no merit. I would think that those with the most wealth would rejoice at this outcome.
Law firms can only be owned by lawyers so you can't have shell law firms.
That's a fair point. But this doesn't get rid of contingency-based legal aid for legitimate cases. Lawyers aren't supposed to file frivolous cases but so far there has been no punishment if they do so. This is simply finding a way to enforce existing rules.
Unfortunately many sites don't render well in Lynx. I hope that as the HTML standards evolve Lynx will work better. Also there isn't as much active Lynx development and, sadly, it has it's own security holes ;(
This happens in very few cars. Usually only ones with convertible tops. Fortunately if you have the top open and drive into water, you don't need to open the windows to get out.