Is Windows 10 and 11 as secure as Windows 7? Calling Into Question About Security of Windows

While on Odysee’s website on a video titled “Thunderbird’s huge update and Google’s new antitrust issues - Linux and open source news,” one user, Tcll5850, commented about the user interface being so flat with no gradients, no shadows, and no outset/inset styling.

So I commented on how is my website and mentioned about testing Windows 7, even though it’s end of life. I would like to copy parts of the comment from Tcll5850 into here:

This does make me wonder how Windows 7 looks

actually, Vista had the target style with the blurred glass effect in the panels and such
7 toned things back to where it’s just the frame and taskbar

Windows 7 is end of life

bruh I still use XP (in a VM) for testing that my software works on Windows :smiley:
modern APIs are retarded (not an opinion) and generally insecure

Windows 10 and 11 is just as vulnerable as Windows 7

actually much worse since Win8, especially 11 (they’re all much more dystopian, so there is no security.)

I’m speaking for myself.

no you’re speaking pure, raw, hard facts

Windows hasn’t been secure since XP, and even then there was barely anything to be had

As I’m not sure where the user got the facts from, I have been doing a search about questioning the security of Windows in general regardless of whether it’s Windows 7, 10, or 11. While I know that Windows 7 is end of life and no more patches are available for Windows 7 except for extended paied support for businesses only, what if I have compensating controls in place such as NoScript for Firefox, use NextDNS for denying malware sites, use Pi-Hole for ad-blocking (especially malvertising), and keep my security hygiene in good shape? And besides, the first line of defense is humans; however, I’m not speaking for the masses, but I’m speaking for myself. However, the user on Odysee platform commented “no you’re speaking pure, raw, hard facts.”

Right now, I’m currently using Arch Linux and I use Firefox with NoScript. I have not had any security problems in my computer for more than 10 years although I probably did get malware back during the XP days but those days should remain the past. And plus, I make use of multiple email addresses that tie to my single inbox. No plus aliases and no catchall for my domain. And since phishing or scam messages can lead to malware, I have not received any phishing messages for a very long time. Sure, I do get spam, but only 0 to 2 per month.

I’m willing to submit to the fact that Windows 10 and 11 is no more secure than Windows 7, even with TPM and Secure Boot protections in place. At least I know about the Sony’s rootkit incident. If I’m going to rip music from CD and store them in my home server, I’ll just use Linux just for the purpose. I would probably think that those who are using Windows 7 are for advanced security-minded users online—those who know what they are doing when not falling for any cybersecurity mistakes.

I have not been to dodgy sites and I have NoScript running in Firefox with all the protections in place (yes, I’m only speaking for myself), so what’s stopping me from using Windows 7 besides not receiving security patches from Microsoft? Even with backups in place? What’s so secure about Windows 10 and 11 despite the fact that Windows 11 requires TPM and Secure Boot?

And please note: no Linux vs. Windows debate, please. I am only focusing in questioning the security of Windows as a whole.

I skimmed your post and am not going to directly address the core question because I don’t have any hard data about whether newer versions of Windows are more or less secure. What I can tell you is that to renew our Cyber Security Insurance for 2022, we had to have all machines on Windows 10 by June and all on Windows 11 by December. In other words, the people who we pay to cover our butts financially in case of a major incident, whose best interest is us not having a major incident, are requiring newer versions. That’s alongside a lot of other requirements, like expanding our use of MFA (by the way, passwordless login is forbidden, because then you don’t have MFA). This is a Fortune 500 publicly traded company (having Cyber Insurance is better for the shareholders than an incident).

Did I understand you correctly? You are actually considering switching from Arch Linux to Windows 7 because you like the design better? :wink:

For me this is an absolute “no brainer”. An OS that is no longer actively maintained and does not receive regular security updates should no longer be used. Period! In addition to that, there will be more and more software incompatibilities over time, because most software manufacturers do no longer support it and therefore no longer test their products on it…

This user does not present any facts. I mean what does “actually much worse since Win8, especially 11 (they’re all much more dystopian, so there is no security.)” even mean?? He just claims that there is no security without backing it up with facts. I guess he mixes up security issues with data collection and the resulting privacy concerns, which have indeed become more prevalent since Windows 8. Security and privacy issues are related to each other in many ways, but they are not the same thing.

I wasn’t planning on switching to Windows 7 as my primary computer, but more like having Windows 7 as my secondary computer while still keeping Linux as my primary computer. So even with compensating controls in place and that I am well-trained in cybersecurity hygiene, I still can’t use Windows 7 as my daily driver due to lack of software compatibilities over time. Hmm… Seems like I cannot work around the software incompatibilities while still keeping the aesthetics and design language of Windows 7… :frowning:

Seems like you are speaking for the masses instead of those who are tech- and security-savvy.

Well beside of all the security implications, it depends of course on what software you are planing to use. But sooner or later, you’ll run into issues. The longer you use it, the more likely it will become.

Maybe you could theme your Linux Desktop accordingly. I would recommand using KDE Plasma for this purpose, as it is very customizable and there are many themes available. I didn’t look but I’m pretty sure with a little googeling, you’ll find multiple guides on how to make Plasma look like Win7.

What has Bill Gates to do with any of this?

Btw. OP explicitly asked not to turn this in a generic Windows vs Linux discussion.

Anyways, The issue at hand is that Windows 7 is an abandoded and unsupported OS, with all the implications this entails.

I’ve done an experiment in the past but the problem with theming is that Aero Glass cannot be applied to some parts of the application. As far as I’ve tried, the Aero Glass effect can only be applied to a title bar and applications that use Qt or GTK cannot take advantage of that effect unless applications use a Desktop Window Manager that is in Windows, or DWM for short. Plus, running Windows applications using Wine is half-baked. No Aero Glass in Wine either.

Here’s an example of what I mean:

Notice the Aero Glass effect where there are transport controls. However, it seems like Aero Glass can be done in Windows 10, which is interesting… Maybe I should give it another try if I build me another PC that runs Windows 10 or 11, but I do love Windows 7 due to the Aero Glass and flatness is not for me.

That’s why I started a thread about running Windows 7 in a secondary PC just to see if I can run it as a daily driver. It seems to me what whether I would have compensating controls in place or not is irrelevant when it comes to running Windows 7 for browsing the Internet. I for one could live without security patches even in Windows 10 and 11, but again, I’m not speaking for the masses and I am very security-minded. I could care less if Windows 7 is unsupported by Microsoft. I would be very happy if Microsoft quits supporting Windows 10 and 11 by tomorrow, but then I do not want to offend everyone here. In fact, this is not my place to troll here. I already have Linux for gaming, so I have that covered.

Sometimes I simply cannot help when it comes to trading security for aesthetics—I mean, I cannot have both, right? Because if I am forced to use Windows for work, I do not have a choice whether I want Aero Glass or not. But then this thread is about security, so there’s that.

Anyway, Windows versus Linux has already been debated to death a lot which is the reason why I ask not to repeat this debate in my thread and no, this thread has ZERO to do with Bill Gates.

Thanks everyone.

Well I guess as long as you’re able to use current browser versions on it, you’ll be probably safe by just browsing the internet. But I’m not a security professional, so take that with a grain of salt. Also Chrome and other Chromium based browser are using the certificate store of the OS they are running on, which means sooner or later you’re likely to run into issues with sites that enforce newer TLS versions and standards. I personally wouldn’t do it, just not worth the potential risks and hassle…

So as long as I use Firefox which has its own certificate store, I should be good, correct?

Here’s my results:

 $ grep -r . /sys/devices/system/cpu/vulnerabilities/
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on, RSB filling
/sys/devices/system/cpu/vulnerabilities/itlb_multihit:Not affected
/sys/devices/system/cpu/vulnerabilities/mmio_stale_data:Not affected
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/srbds:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected

With security precautions in place, I’m not too worried about CPU vulnerabilities.

Yes, that’s correct. Mine is an AMD Ryzen 9 5900X.

1 Like

Yes with Firefox you could avoid this specific issue and yes it will probably work at least for the foreseeable future. But I still won’t recommend doing it. :wink:

1 Like

OP, give me 5 min on your network with Windows 7 computers connected to it, and I will show you why it is not a secured OS. Seriously, either you are trolling here, or you have no idea what you are talking about.

I know what I’m talking about and I am not trolling at all. And I apologize for the name calling, but I do not want to argue with trolls and I want to prevent a flame war from occurring in my thread, so unless we want my thread to get locked by moderators, I would appreciate if we keep it civil in the forums.

And besides, I want to keep this debate in a professional manner.

Thank you.

I have extensive experience inside Windows, dating back to NT. As I’m sure you are aware, the core of Windows is really MS-DOS, which had essentially no security. In particular, the interrupt handlers are effectively the same. If you can get into supervisor mode, you can “hook” an interrupt, typically the timer, and have your code called whenever a specified event happens, such as the expiration of a timer. This is one of the tricks to chasing down malware – hook the timer, have it give you control every second, and have your code examine what code has hooked other interrupts in the last second.

You might want to briefly research why Microsoft abandoned the joint development of OS/2, which was designed utilizing IBM’s extensive knowledge of operating system security. Over simplifying a very complex dispute: the IBM OS/2 architect refused to support the Win32 API because it couldn’t be secured.

Windows is bolted onto something very close to MS-DOS, and it’s not possible to properly secure an operating environment when the core wasn’t designed with security even considered.

1 Like

Using any OS that is out of support and security patches etc is just very bad practice. No matter what OS you use…