non-linux mostly, but serious security question - i'd like comments please
I have a steam game and Asians device drivers installed. Both are run from outside the country, require administrator access / permission, and auto-update, and run in the background permiscuously (you never know when they may be running and some cannot be closed).
I want to buy and sell on Amazon without worries that Steam or Asians will be extorting or fishing me or my bank by breaking and entering my home computer. My second worry is Win10 (apple too) has like 100 processes running. I want to know what applications can "connect" to these 100 (ie, like rpc or cortana) and what can access to (ie, edge web browser) can be achieved. For example, can an Asian driver install a TCP sniffer (noting they completely control "update" my ethernet driver anyway) that can sniff into frame delivery to or from Edge web browser? --------------------------- If you are going to say check settings or disable cortana or use chrome (full of Asian hacks btw) please don't answer: I know you know zero about security if that's all you know. I'm only asking the question on the chance someone actually took a course on security and knows what my ps(1) list should look like and any special boot instructions: if there are any, if there are any, so I can feel safe I will not be prosecuted by my bank for allowing a 3rd party access to their system. Microsoft Windows 10 official answer is "contact your bank for software you need to be secure for online shopping" I have no idea if people are using Amazon for web purchases and what legally may happen to them. I'm NEW TO THE TOPIC. I'm only asking the question who knows computer security and can answer for sure "if Windows 10 is as secure as Apple High Sierra" when it comes to online shoping on Amazon. If Win10 can become as secure and what to do. thank you (PS. I realize it's not a Linux question and it pains me. however I feel if anyone knows what i'm talking about (ie, DLL, memory reads, sniffing) and knows a reasonable answer - chances are they may be here on lq ----------------------------- I was told "it is a egregious" to mention a nationality. That's absurd. China has most certainly run hacks on USA citizens. It's a valid concern and INFACT some linux jobs go to people who LOOK for such attacks. egregious is ridiculous. nationality has everything to do with it. should I say UK is doing it? but they are not. should i "blame the hardware"? it's the people behind the hardware certainly. it's a VERY VALID question. if i have persons outside of USA legal reach free to get higher than administrative control on MY PC - then i cannot do banking or other purchases on the PC: do i need to buy new hardware? why wasn't i told about this security issue ahead of time? what can be done about it other than throwing it away? what can be done about it other than throwing it away? it's a serious question. ------------------ If i didn't say so already: steam and the PC are GREAT for gaming. However I was hoping it would be useful for more than "anonymous gaming without purchasing". Window 10: for now unless i throw away hardware all i can do is good gaming. |
I handled windows 10 by not even giving it my name and confining it top a VM. It wakes up occasionally when I need it and says "Hello, Tight Ass!"
The GUI sucks real bad. You can hardly do that as a gamer. I'd go dual boot. Be yourself in one system, be spied on in the other. |
Windows restart problem
I use the Windows 7 operating system and suddenly my windows restart on its own during I have many faces problem about restarting windows.
|
Quote:
are you saying that you'd do online banking using (which linux? who wrote your drivers) before you'd use win10? if so i'd like to hear your argument. i currently use imac for business. my future plan is to get an all intel motherboard for the PC and not use the gaming video card (or keep it off somehow, no drivers installed) IF / WHEN i use that box for business assuming i have to run win10 to do business (banking, amazon, documents, egov, win10-only software not requiring admin passwd, whatevr). but if you have views that running win10 as VM is "better", or about hardware security, or about if a win10 PC (perhaps with linux dual boot) is worth (or not worth) using in a secure manner - let me know. but let me know WHY :) real details :) |
Quote:
win10, if anything, is stable. as for speed win10 ran well on an old Dell D510 Lattitude laptop (1 Ghz) (better than freebsd did actually) but without sound (driver for that particular 32bit laptop was simple never ported). if you said "win 95" or anything of that class (win98, win200, ...) i'd agree: i couldn't use it for days of homework and use before completely re-installing - it was absolutely awful. but win10 simply isn't a re-release of w95. i haven't had one problem yet across many boots and power failures. |
Quote:
Quote:
Quote:
|
Quote:
My openSUSE box just works, period, no surprises. |
https://www.bloomberg.com/news/featu...-top-companies
(lq covers up URL: the title is that Super Micro, made in china, physically added a chip to the design telling no-one that was determined to be a "spy chip" by investigators) This is an example of why one must be aware who makes their electronics and software. It very well may never make a difference to the "average linux user", but Super Micro is a board many linux users run. (the first instance reported was the 1980's - IBM reported faulty chinese chips in their keyboards allowed access to command the bus). I don't mean to pick on china but it's an easy example :) Who should worry? Banks and day traders, countries that may be at war in the coming decades, pension fund managers ;) Today, there's plenty of "hack space" on chips (unlike the 386 days where the die could hardly fit what it had on it). Chip makers hack in silicon and can control things like "forced upgrades", linux compatibility, even secret driver support (or security) for "the pc big makers", and more by hacking in silicon. I have to ad I've read security programming articles, some but not much electronic engineer (transistor level security / bus) security, but myself avoid the topic - like most do. I use only standard security in linux that gets there before i install it (is integral in the OS). |
I ask myself "why didn't older unix need modern security to be secure?". The answer is people ran trusted apps that didn't have anonymous "source code edits" and users allowed keyboard and physical access to a PC were assumed to be honest. Passwords "really worked" because there was just no way around providing them without physical access (to take apart the pc). None of that is true anymore.
|
Quote:
back to original question: me - i'm not even sure how secure win10 is and Microsoft won't say. but i know if i give admin passwd to an asian driver i'm "in trouble" if they ever have a reason to, say, cause my machine to reboot allot: they can. security isn't all about banking - there could be "other impacts" to worry about (forced upgrade, suspicious failure, anything). (i've personally seen a foreign website that was devoted to investigating X11's "socket" and how to use it to cause rebooting on target people. simply to cause continual interruption to hold others back from progress without their knowing why) |
Don't get me wrong, updates are very important, the problem was the updates continuously failed and the box would blue screen after bouncing it. The updates finally took and it seems to be fine. I disabled the update service, changed what settings I could in control panel, etc, but m$ still pushed updates.
Not a "damaged" version, running win10 pro because it's the only thing that supports my hardware configuration. I do not have any faith whatsoever in microsoft's ability to produce a quality, usable product so have used windows for gaming only the past 20 years. I have made the attempt to switch to Linux for gaming only but there are a number of games I enjoy that either refuse to run in wine or run badly in wine. I would love to be able to dump windows entirely and just game on Linux. I may have to just give up the games I like but I don't want to do that... |
Quote:
Quote:
meanwhile i think china is easy to pick on as an example but your right: they certainly are not the only game in town |
I don't believe there is a single piece of electronics (computing, phones) that is NOT made in China or a country it controls. (except maybe South Korea, which is why I own a Samsung phone) If I could buy hardware from another country if I could but does any of this hardware exist? Would that even matter? All large countries have spy campaigns, either external or on own citizens...
|
Quote:
|
|
All times are GMT -5. The time now is 06:58 PM. |