I don't fully understand. Is Windows 10 completely dead in the water due to lack of security updates? You can just keep using an old Windows 10 PC and take your chances. The browser will be a barrier, and the built in firewall and anti malware as well. Not perfect, but a solution.
It’s actually really wild that OS vendors apparently sell software that is so defective that it is assumed unsafe without ongoing updates, and then use the threat of not providing updates to spur adoption of their subsequent products.
In a more reasonable world they’d owe their customers a recall.
The point is that to get further security updates, you have to spend money to run the new major version of Windows. You can run the most up-to-date Linux for free on a computer from 1989.
I tend to play around with old machines (late 80s, early 90s mostly) and getting any kind of modern-ish distro working on old machines, even distros really cut down, can be quite challenging.
As a response to the kernel's various SNAFUs, I've gone ahead and refunded to myself all of the money I've spent on Linux kernels over the past several decades -- and updated my install to the new version for free.
It only took about 7 years between XP’s EOL and EternalBlue based attacks like Wannacry and NotPetya.
A well configured firewall between your computer and the internet, uBlock Origin in the browser, and not downloading untrusted files off the internet can do a long way to help. Not stopping everything but at least shielding you from the worst.
I think the bigger issue is like on iPhones and Androids. Your software and apps stop supporting your OS long before the hardware or OS fails you.
It affected anything using SMBv1 and improperly configured SMBv2. SMBv3 requires all mitigations in place
Which from what I understand is that even Windows 11 still has support for SMBv1.
But my point was that your standard “up to date” XP install in 2016 was highly vulnerable and could effectively be nuked by such an attack. It took nearly 7 years after support ended for that to happen. So you could theoretically get another 7 years out of Windows 10 before a similar situation happens where a global cyberattack negatively impacts you with no way to protect yourself because your OS doesn’t support a configuration that would prevent you from being a victim.
I see. But even after the 7 years, XP users were still able to protect themselves from WannaCry once the patch was created. Or they could've disabled SMB even before that, good idea anyway.
Btw I do have a spare PC, it only got Win10 because the GPU didn't support 7, and it's not getting 11 even though it supports it. Microsoft's job to keep that secure.
Well I would hardly say that protections against being obliterated in a global ransomware attack that comes out after the ransomware attack occurs helps the victims that much but yes it is possible if there is another massive cyber attack Microsoft could release a fix for 10 years after support has ended.
It is definitely possible to heavily lockdown a Windows computer to prevent 99% of attacks and if you don’t need WAN access especially that becomes significantly easier.
It is far more likely browsers will drop support for 10 in a few years and that will be what stops the average user from being able to continue to use their Windows 10 computer.
Ah, I missed the part where the vuln had already been patched for newer versions before it was patched for XP, it's just that many didn't install the patches. Although, the exploit happened to not be compatible with XP just because the creator didn't bother. Security through poverty (jk)
