All of these are best security practices. But read more about the swiss cheese model to know why you can’t just tell someone, “run a vulnerable os, you’ll be fine so long as you are perfect and nothing goes wrong.”
The swiss cheese model assumes equal risk, or in other words fails to differentiate actual risk from multiple sources. You aren’t being targeted by a state actor. DDoSing via zombies is more expensive (including risk capital) than using VPSs these days. The actual people targeting you are going to be bottom of the barrel commercial scammers and skiddies wanting the least possible effort targets, and again unless all the holes magically line up in your model, they won’t ever get that. Your adblock is a layer, your browser is a layer, these days your DNS is a layer, your router is a layer, your search engine is a layer, if you live in a particularly hell hole your ISP is a layer. Given the inherent insecurity of WIndows it was never a layer.
If you care about security and/or are paranoid enough about security that you care about whether or not your OS is updated, you aren’t on windows. No security professional will ever recommend windows, and all real world infrastructure using windows as a backbone never has windows as a security layer. Lets be honest if someone has access to any windows PC on your network, it does not matter if windows is up to date, they have total control over that computer, and its not windows nor windows server preventing access to other devices on the network.
Good luck out there
Sec+ holder, I’ll be fine. So will anyone with any amount of common sense.
Don’t download strange executables. Use trusted sites. keep your browser up to date and run an effective adblock.
Congrats you’ve eliminated 99.9% of all attack vectors in use today. I guarantee you aren’t going to be targeted by the last .1%.
All of these are best security practices. But read more about the swiss cheese model to know why you can’t just tell someone, “run a vulnerable os, you’ll be fine so long as you are perfect and nothing goes wrong.”
The swiss cheese model assumes equal risk, or in other words fails to differentiate actual risk from multiple sources. You aren’t being targeted by a state actor. DDoSing via zombies is more expensive (including risk capital) than using VPSs these days. The actual people targeting you are going to be bottom of the barrel commercial scammers and skiddies wanting the least possible effort targets, and again unless all the holes magically line up in your model, they won’t ever get that. Your adblock is a layer, your browser is a layer, these days your DNS is a layer, your router is a layer, your search engine is a layer, if you live in a particularly hell hole your ISP is a layer. Given the inherent insecurity of WIndows it was never a layer.
If you care about security and/or are paranoid enough about security that you care about whether or not your OS is updated, you aren’t on windows. No security professional will ever recommend windows, and all real world infrastructure using windows as a backbone never has windows as a security layer. Lets be honest if someone has access to any windows PC on your network, it does not matter if windows is up to date, they have total control over that computer, and its not windows nor windows server preventing access to other devices on the network.
Stand aside, Sec+ holder coming through
Edit: why don’t you put your Sec+ badge in your lemmy comments so we can be impressed by your knowledge