I always remember WannaCry as a reason to keep Windows updated (no, I wasn’t affected by it), but every new update is full of AI bloat :S
I keep all the communication with the mothership blocked and open just the Wuauserv, Bits and few domains just for updates, and every new update that are new services trying to call home, and this one update sitting here waiting for me to allow internet access I read the content and it is very descriptive about “Copilot+ PCs unique features”, “AI-Powered experience”, “Accessibility and input” (they added AI to a bunch of stuff), “User interface and experience” (more AI and widgets), then they say they added this Windows Hello and Windows Share that I don’t even want to know, and for security all they say is “Critical security fixes are included to help keep your system protected against emerging threats.” but to get this I need to get all their AI crap that might be a bigger security and privacy risk than whatever “Critical security fix” they included :S
To use windows at all.
Join the Linux revolution!
Updating windows is (usually) great for security and terrible for privacy.
The only winning move is not to play.
Linux!
Not to be adversarial but it’s either their way or the linux way 🤷♀️
I think it’s way more fun to mess around and problem solve Linux issues than do whatever is you’re doing on windows.
Maybe you have some specific windows use case, in which case my condolences, but you will probably never be as safe you’d like on windows ever
Every new internet-connected feature they add seems to also increase attack surface, so this is a weird dilemma. Still better to keep things up to date in the short term. In the long term, I’ve made the choice to switch to an OS that respects user preferences.
Edit: I’ve also heard that the Windows 11 IoT enterprise edition doesnt come with all this bloat but still gets regular security updates
Your safest bet would be to install Linux and be done with closed source software completely
not updating only works if your so out of date that there are tons more machines with new attack vectors that have not been patched. As time goes by new sotware is not all that new in the way it functions. Its just not a good way to go. I will say to that all the work with blocking windows telemetry is more than any work dealing with linux. Especially so if you use an easy distro.
Keep it updated.
If you’re using Windows 11, either your privacy is less important than your convenience, or your threat model doesn’t include Windows telemetry (which honestly can be tamed for the most part). I do have some concerns about Windows, but I’m a Mac user, so I only use Windows at work. Where I feel like I’m losing a battle trying to get others to not tell Copilot anything that isn’t public information (i.e. they don’t realise that talking to the computer may not be private) and hardening it — any time I sit at a computer, I tend to go in and “fix” the settings… and I’m not even the IT guy. The IT guy doesn’t care, but he’s not a total loss. I told him I want Firefox (it’s not in the image by default), he asks why, I say I know how to harden it. Mostly that’s turn off telemetry and install uBlock Origin, but there are a couple other things too. Stuff that doesn’t work in Edge and Chrome (which oddly, IS included in the image). So yeah, as a Mac user and a privacy guy, I’m good with Windows 11 and my relationship with it. Keep it updated.
But we are in a privacy comm, so obviously know your threat level and know how to harden the software you use. It’s not as easy as “just use Linux.” The person who can’t harden a Windows installation shouldn’t just be thrown to Linux, and I don’t even mean Arch. Even if they just use Ubuntu or Mint. People should learn to secure the software they have. Moving to Linux is a great recommendation for someone who can harden Windows but it’s not enough for them. Someone like me — I would be using Linux now if my computers didn’t die. Laptop died, I made a great choice by getting a MacBook. Love it. M2 Air, 16GB RAM. Best laptop ever, obviously not counting the newer models (or the MacBook Pro). So when my desktop died, I was quickly becoming an intermediate Mac user. Sometimes I regret not getting a cheap PC, throwing Linux on it, and gaming via Proton. Linux gaming is kind of awesome now? Still tempted to get an older/new-ish office PC that got stuck on Windows 10, one without a hard drive, put a SATA SSD in it and run Linux. Get a dock for my desk and run all the peripherals to it, then run it to my Mac (M2 Pro, also 16GB RAM) and be able to hot-swap it to the Linux desktop. I dunno, computers are fun to fuck around with, I just don’t really have the room (or the money). And Mac is fine (like Firefox, it has telemetry stuff), but I could be a Linux user. I just chose easy this time. But my privacy threat level doesn’t require me to not use Apple products. If yours does, you’re probably already running Linux, and more power to ya. It’s just about knowing your threat level and skill and working within that.
It is pretty much always more dangerous to not update. The internet is an extremely hostile environment (from a security perspective). You really should avoid having devices that are not updated or EOL connected to it.
Windows is an extremely hostile environment from a security perspective. You should really avoid infecting your devices with anti-libre software.
Based on what? The number of attacks you see thwarted by the shiny new update?
I’d say you keep at least one out-of-date honeypot, so you can get some hard data on how important those ai «updates» are
Based on basic security principles. There is not a real security expert out there that would ever tell you to not update. Leaving a backdoor in your network as a “honeypot” is an absolutely awful idea.
You are also conflating security updates with feature updates. Please take a look at the different terminology.
Anyway if you really hate all the bloat of Windows there is a wide variety of other operating systems to choose from that also offer security updates.
You must be expert!
