non-linux mostly, but serious security question - i'd like comments please
 

I have a steam game and Asians device drivers installed. Both are run from outside the country, require administrator access / permission, and auto-update, and run in the background permiscuously (you never know when they may be running and some cannot be closed).

I want to buy and sell on Amazon without worries that Steam or Asians will be extorting or fishing me or my bank by breaking and entering my home computer.

My second worry is Win10 (apple too) has like 100 processes running. I want to know what applications can "connect" to these 100 (ie, like rpc or cortana) and what can access to (ie, edge web browser) can be achieved. For example, can an Asian driver install a TCP sniffer (noting they completely control "update" my ethernet driver anyway) that can sniff into frame delivery to or from Edge web browser?

---------------------------

If you are going to say check settings or disable cortana or use chrome (full of Asian hacks btw) please don't answer: I know you know zero about security if that's all you know.

I'm only asking the question on the chance someone actually took a course on security and knows what my ps(1) list should look like and any special boot instructions: if there are any, if there are any, so I can feel safe I will not be prosecuted by my bank for allowing a 3rd party access to their system.

Microsoft Windows 10 official answer is "contact your bank for software you need to be secure for online shopping"

I have no idea if people are using Amazon for web purchases and what legally may happen to them. I'm NEW TO THE TOPIC.


I'm only asking the question who knows computer security and can answer for sure "if Windows 10 is as secure as Apple High Sierra" when it comes to online shoping on Amazon. If Win10 can become as secure and what to do.


thank you

(PS. I realize it's not a Linux question and it pains me. however I feel if anyone knows what i'm talking about (ie, DLL, memory reads, sniffing) and knows a reasonable answer - chances are they may be here on lq

-----------------------------

I was told "it is a egregious" to mention a nationality.

That's absurd. China has most certainly run hacks on USA citizens. It's a valid concern and INFACT some linux jobs go to people who LOOK for such attacks.

egregious is ridiculous. nationality has everything to do with it. should I say UK is doing it? but they are not. should i "blame the hardware"? it's the people behind the hardware certainly.

it's a VERY VALID question. if i have persons outside of USA legal reach free to get higher than administrative control on MY PC - then i cannot do banking or other purchases on the PC: do i need to buy new hardware? why wasn't i told about this security issue ahead of time? what can be done about it other than throwing it away?

what can be done about it other than throwing it away? it's a serious question.

------------------

If i didn't say so already: steam and the PC are GREAT for gaming. However I was hoping it would be useful for more than "anonymous gaming without purchasing". Window 10: for now unless i throw away hardware all i can do is good gaming.

I handled windows 10 by not even giving it my name and confining it top a VM. It wakes up occasionally when I need it and says "Hello, Tight Ass!"
The GUI sucks real bad. You can hardly do that as a gamer. I'd go dual boot. Be yourself in one system, be spied on in the other.

Windows restart problem
 

I use the Windows 7 operating system and suddenly my windows restart on its own during I have many faces problem about restarting windows.

very interesting. i have it set up as dual boot - unfortunately my linux (stuck on x11R6) forces me to use an older pci card but that works (niether gaming video nor embedded do VGA/VESA that works, and no backport drivers released). because my 1GHz linux box works fine i haven't hardly used it yet.

are you saying that you'd do online banking using (which linux? who wrote your drivers) before you'd use win10? if so i'd like to hear your argument. i currently use imac for business.

my future plan is to get an all intel motherboard for the PC and not use the gaming video card (or keep it off somehow, no drivers installed) IF / WHEN i use that box for business assuming i have to run win10 to do business (banking, amazon, documents, egov, win10-only software not requiring admin passwd, whatevr). but if you have views that running win10 as VM is "better", or about hardware security, or about if a win10 PC (perhaps with linux dual boot) is worth (or not worth) using in a secure manner - let me know.

but let me know WHY :) real details :)

i've seen a gov worker "serving me" use a nice dell with win7 loaded and she continually had issues keeping it working, continually said "i have to take it in for repair again - and they don't allow win10"

win10, if anything, is stable. as for speed win10 ran well on an old Dell D510 Lattitude laptop (1 Ghz) (better than freebsd did actually) but without sound (driver for that particular 32bit laptop was simple never ported). if you said "win 95" or anything of that class (win98, win200, ...) i'd agree: i couldn't use it for days of homework and use before completely re-installing - it was absolutely awful. but win10 simply isn't a re-release of w95. i haven't had one problem yet across many boots and power failures.

To at least some extent, yes.

The UK has spy agencies the same as most other countries. Heard of the GCHQ? What do you think they do? Bake cookies? I don't think so. "Signals Intelligence" are the keywords there. The line between defensive and offensive are often blurred - regardless of the country(s) involved, it's a fact. It's not just China and Russia doing it, although they are most certainly quite notorious for doing it and are probably some of the biggest offenders.

Possibly, it really depends on the manufacturer of the hardware in question. The US for one (but not limited to) has banned at least some Chinese manufacturers from supplying hardware (eg. security cameras) to US government installations over fears of espionage.

Interesting because that is not my experience at all: I would never count on windows 10 for production work because I do get unrecoverable crashes occasionally, (blue screen), and Microsoft's update policy is horrendous because they will install and attempt to forcibly reboot my gaming pc right in the middle of doing something, without warning. I have disabled automatic updates and reboots to no avail. This is why I only use windows 10 for gaming, nothing more. Everything that matters gets done on Linux.

My openSUSE box just works, period, no surprises.

https://www.bloomberg.com/news/featu...-top-companies

(lq covers up URL: the title is that Super Micro, made in china, physically added a chip to the design telling no-one that was determined to be a "spy chip" by investigators)

This is an example of why one must be aware who makes their electronics and software. It very well may never make a difference to the "average linux user", but Super Micro is a board many linux users run. (the first instance reported was the 1980's - IBM reported faulty chinese chips in their keyboards allowed access to command the bus). I don't mean to pick on china but it's an easy example :) Who should worry? Banks and day traders, countries that may be at war in the coming decades, pension fund managers ;)

Today, there's plenty of "hack space" on chips (unlike the 386 days where the die could hardly fit what it had on it). Chip makers hack in silicon and can control things like "forced upgrades", linux compatibility, even secret driver support (or security) for "the pc big makers", and more by hacking in silicon.

I have to ad I've read security programming articles, some but not much electronic engineer (transistor level security / bus) security, but myself avoid the topic - like most do. I use only standard security in linux that gets there before i install it (is integral in the OS).

I ask myself "why didn't older unix need modern security to be secure?". The answer is people ran trusted apps that didn't have anonymous "source code edits" and users allowed keyboard and physical access to a PC were assumed to be honest. Passwords "really worked" because there was just no way around providing them without physical access (to take apart the pc). None of that is true anymore.

Thanks I'll keep that in mind. However I disabled auto-updates and it does not update (i simply want to play games and don't care if i get updates). You may have an OEM version or a damaged version of Win10. You should be able to disable it. (my use is just games for now: i installed the ubuntu component of win10, also a VM running linux and dual boot - and haven't used them much because i run bsd and linux on other machines. someday the game box will be a linux box, not today). but there's the question: can i expect to EVER turn this box into a box "i trust for banking" or is it an equivalent to a chinese printer with windows-only drivers - good for gaming?

back to original question: me - i'm not even sure how secure win10 is and Microsoft won't say. but i know if i give admin passwd to an asian driver i'm "in trouble" if they ever have a reason to, say, cause my machine to reboot allot: they can. security isn't all about banking - there could be "other impacts" to worry about (forced upgrade, suspicious failure, anything). (i've personally seen a foreign website that was devoted to investigating X11's "socket" and how to use it to cause rebooting on target people. simply to cause continual interruption to hold others back from progress without their knowing why)

Don't get me wrong, updates are very important, the problem was the updates continuously failed and the box would blue screen after bouncing it. The updates finally took and it seems to be fine. I disabled the update service, changed what settings I could in control panel, etc, but m$ still pushed updates.

Not a "damaged" version, running win10 pro because it's the only thing that supports my hardware configuration.

I do not have any faith whatsoever in microsoft's ability to produce a quality, usable product so have used windows for gaming only the past 20 years. I have made the attempt to switch to Linux for gaming only but there are a number of games I enjoy that either refuse to run in wine or run badly in wine. I would love to be able to dump windows entirely and just game on Linux. I may have to just give up the games I like but I don't want to do that...

Yes your right. However if you see the bloomberg URL above you'll see these "government workers", despite their funding, do not necessarily know themselves what is going on until it's too late (ie, after severe breaches are reported). It has to do with the hiring process maybe (picked winners)?

yes. only recently. they say that in the news. but look on the shelf of a pc store in usa: mostly chinese sans intel cpu and chipset on chinese board. Apple computer has some straight up iMac but they likely contain many asian components despite being actual intel motherboards. they say that but when the cost sheet hits the ceo - they often bend ;)

meanwhile i think china is easy to pick on as an example but your right: they certainly are not the only game in town

I don't believe there is a single piece of electronics (computing, phones) that is NOT made in China or a country it controls. (except maybe South Korea, which is why I own a Samsung phone) If I could buy hardware from another country if I could but does any of this hardware exist? Would that even matter? All large countries have spy campaigns, either external or on own citizens...

I think they (particularly spy agencies) recruit internally, like from the police force, etc.