You still need some sort of exploit to be able to hit your machine. If you’re behind a firewall and not raw dogging it on the internet then you’ve got a decent layer of security.
At that point it’s just your web browser (or your brain) that needs an exploit to for something bad to happen. And both chrome and Firefox will be supporting 10 for years to come.
Support has been extended, but 10 is EOL, which means soon™ it’ll stop getting updates. Once that happens, any vulnerabilities that exist (discovered or not) will stop being fixed.
This doesn’t effectively increase your risk as a consumer. It only increases risk at the enterprise and infrastructure level.
All threat models include who you are and the environment the OS is run in for a reason. Just browsing the web is fine as a consumer, until browsers stop targeting your OS for updates.
The main vector for infection for any OS isn’t the OS itself. Malware doesn’t just spawn on your computer the second you plug it in to a router (no matter what Trump’s FCC thinks with their chinese router ban). It needs to get on your computer.
An up to date browser will prevent the majority of infections, with common sense preventing the rest. I kept Windows XP well into windows 7 years, and windows 7 well into windows 10 years before switching to linux. Just don’t download malware, you’ll be fine. Worst case scenario you keep a backup clone of your hard drive on a usb stick (which you should have anyway) and just reflash your drive every few months (or just switch to linux, it can do anything windows can do at this point with enough faffing about.)
You could download a Trojan that takes advantage of a known vulnerability.
Just… don’t do that?
This is part of Common Sense™. It’s a package that every single human being in a developed country is taught in regards to technology, and has been taught since the 1990s. (2000s for developing countries like the US).
Every single person that interacts with a computer in a professional setting has been taught explicitly how to never have a single virus on their computer. And they have been repeatedly taught this every 6 to 12 months for the last 3 decades. It is only people that purposefully infect themselves or purposefully choose to remain stupid — not ignorant, just stupid — that get infected with Trojans.
Your browser could have a vulnerable plugin, or maybe the user delays updates.
See above, and the previous comment.
I bought a USB drive off a sketchy guy in college which had auto-run Malware on it – but it didn’t work on Ubuntu.
See above. You did not use common sense™. You chose to be stupid, despite your college freshman orientation clearly covering basic safety.
All of these are best security practices. But read more about the swiss cheese model to know why you can’t just tell someone, “run a vulnerable os, you’ll be fine so long as you are perfect and nothing goes wrong.”
No, I mean is it prone to being hacked now more than before? Or has MS actively pushing updates to worsen it to force people to move to Win 11?
It was simple to get extended security updates for w10 for a year. After Oct, it’ll require payment for another year, up to 3 years total I believe.
You still need some sort of exploit to be able to hit your machine. If you’re behind a firewall and not raw dogging it on the internet then you’ve got a decent layer of security.
At that point it’s just your web browser (or your brain) that needs an exploit to for something bad to happen. And both chrome and Firefox will be supporting 10 for years to come.
Did something happen to Windows 10 that made them vulnerable?
Support has been extended, but 10 is EOL, which means soon™ it’ll stop getting updates. Once that happens, any vulnerabilities that exist (discovered or not) will stop being fixed.
This doesn’t effectively increase your risk as a consumer. It only increases risk at the enterprise and infrastructure level.
All threat models include who you are and the environment the OS is run in for a reason. Just browsing the web is fine as a consumer, until browsers stop targeting your OS for updates.
The main vector for infection for any OS isn’t the OS itself. Malware doesn’t just spawn on your computer the second you plug it in to a router (no matter what Trump’s FCC thinks with their chinese router ban). It needs to get on your computer.
An up to date browser will prevent the majority of infections, with common sense preventing the rest. I kept Windows XP well into windows 7 years, and windows 7 well into windows 10 years before switching to linux. Just don’t download malware, you’ll be fine. Worst case scenario you keep a backup clone of your hard drive on a usb stick (which you should have anyway) and just reflash your drive every few months (or just switch to linux, it can do anything windows can do at this point with enough faffing about.)
You could download a Trojan that takes advantage of a known vulnerability.
It is part of the swiss cheese model.
Your browser could have a vulnerable plugin, or maybe the user delays updates.
I bought a USB drive off a sketchy guy in college which had auto-run Malware on it – but it didn’t work on Ubuntu.
Not a good idea to use an unpatched OS.
Just… don’t do that?
This is part of Common Sense™. It’s a package that every single human being in a developed country is taught in regards to technology, and has been taught since the 1990s. (2000s for developing countries like the US).
Every single person that interacts with a computer in a professional setting has been taught explicitly how to never have a single virus on their computer. And they have been repeatedly taught this every 6 to 12 months for the last 3 decades. It is only people that purposefully infect themselves or purposefully choose to remain stupid — not ignorant, just stupid — that get infected with Trojans.
See above, and the previous comment.
See above. You did not use common sense™. You chose to be stupid, despite your college freshman orientation clearly covering basic safety.
Good luck out there
Sec+ holder, I’ll be fine. So will anyone with any amount of common sense.
Don’t download strange executables. Use trusted sites. keep your browser up to date and run an effective adblock.
Congrats you’ve eliminated 99.9% of all attack vectors in use today. I guarantee you aren’t going to be targeted by the last .1%.
All of these are best security practices. But read more about the swiss cheese model to know why you can’t just tell someone, “run a vulnerable os, you’ll be fine so long as you are perfect and nothing goes wrong.”
Stand aside, Sec+ holder coming through
Edit: why don’t you put your Sec+ badge in your lemmy comments so we can be impressed by your knowledge