Post by grega on Nov 3, 2014 11:52:51 GMT -6
IF you are testing Windows 10 - be careful NOT to do anything that is private or sensitive in any way . . . as MS will not only track your usage, web-sites,etc., BUT will also record your key-strokes and VOICE if the PC has an embedded mic.
LINK
MS will likely remove these logger-agents when the system goes gold . . . but that's not 100% certain as that's the risk we take when running a 100% locked-closed-blackbox system like Windows or MacOS.
While I don't believe MS or Apple will intentionally do "bad things" . . . if these capabilities are built into the Operating Systems, then hackers and unhappy employees could represent another layer of risks that just aren't necessary (to run a desktop system of any kind).
Similar issues exist in the mobile OS's also, which is why a smart way to go for better security is:
1. Run Linux or BSD as the main goto OS, using windows via a Virtual Machine (which is software by the way, not a physical machine),
2. Run Two Browsers . . . Firefox or "Chromium" (not Chrome) for sensitive transactions, . . . a 3rd party browser like Qupzilla or Midori for general web browsing,
3. Use a search engine on the browser (like "Duck Duck Go" vs Google or Bing)
4. Use different passwords - - do not duplicate or re-use ANY passwords (and use complex, non-word passwords)
5. Use encryption for all passwords (like KeePassX)
6. Always run as USER vs ADMIN (especially on windows),
7. Never allow login without a STRONG login password (10 multi-chars minimum)
Just my usual 2 cents for what it's worth . . .
LINK
MS will likely remove these logger-agents when the system goes gold . . . but that's not 100% certain as that's the risk we take when running a 100% locked-closed-blackbox system like Windows or MacOS.
While I don't believe MS or Apple will intentionally do "bad things" . . . if these capabilities are built into the Operating Systems, then hackers and unhappy employees could represent another layer of risks that just aren't necessary (to run a desktop system of any kind).
Similar issues exist in the mobile OS's also, which is why a smart way to go for better security is:
1. Run Linux or BSD as the main goto OS, using windows via a Virtual Machine (which is software by the way, not a physical machine),
2. Run Two Browsers . . . Firefox or "Chromium" (not Chrome) for sensitive transactions, . . . a 3rd party browser like Qupzilla or Midori for general web browsing,
3. Use a search engine on the browser (like "Duck Duck Go" vs Google or Bing)
4. Use different passwords - - do not duplicate or re-use ANY passwords (and use complex, non-word passwords)
5. Use encryption for all passwords (like KeePassX)
6. Always run as USER vs ADMIN (especially on windows),
7. Never allow login without a STRONG login password (10 multi-chars minimum)
Just my usual 2 cents for what it's worth . . .
