The section isnât meant to be about useful Windows features.
Logging into a Windows 10 account is optional and I doubt most users do.
I donât see why it should be kept. Again, that section is about Windowsâ surveillance/freedom restrictions, not its advantages. Advantages are mentioned above in the overview section.
There was no mention of a backdoor in the original source and if you read the source, youâd see itâs actually a freedom issue and not a security issue.
And from my experience, the BSI generally isnât reliable and claim some blatantly untrue things.
I donât see the need to keep those. We should instead add something like âGoing back to older Windows versions introduces new security issues and lacks supportâ.
The page isnât about Linux nagging the user less.
Itâs not Microsoftâs fault that people donât submit their apps to the store.
It doesnât. The majority of it is just âfree software is super secureâ which isnât true.
PS That Debian (host OS) Hardening section that talks about preventing module loading - it is not clear what users are meant to do with those configs etc. I thought this could break their systems based on forum chat (?). Should that be moved to /Dev section instead?
I guess thereâs enough praise of Windows but if that page should be comparison and thrive to be as neutral, factual as possible then itâs good to mention. Might even encourage developers on Linux distributions to implement these features.
I would guess most do setup a microsoft account as this is being nagged and without microsoft account using the appstore is actually more difficult and requires instructions.
Disk encryption key only uploaded if using a Microsoft account or not, still worth mentioning. Added that quote from article.
Removed following conclusion / opinion:
Ignoring for a moment its own built-in malware, Windows is a pile of legacy code full of security holes that is easily compromised.
Either not needed due to other points raised or should be proven with references.
Mistakes happen. They forgot to strip symbol names. Why would anyone add key named NSAKEY anywhere⌠To refute the accusation, the source code could have been released. We could recompile and either have a deterministic result or the diff should be minimal. There might not be enough evidence to proof NSAKEY key specifically was used or could be used to spy on users but thereâs enough evidence to seriously consider this. Due to this uncertainty, itâs worth at least leaving this mentioned in the wiki. People can read and then make up their own opinion on that.
iâm signing on with this. this isnât a new debate here. itâs been going for decades for a reason. lol!
that being said, iâll also cosign wih cleaning the page up a bit. the last things we want to do are either create a false sense of security with the use of one host os or spread fud regarding the use of others. i think this will be even easier once whonix host is ready for release, since it will hopefully be relatively straightforward to explain both the privacy and security benefits offered by whonix host.
Itâs still full of FUD and just as ridiculous as it was before. Still peddling FSF/GNU FUD, âWindows Insecurityâ FUD, âLinux is secureâ misinformation, âWindows Backdoorsâ FUD etc.
Thatâs not a valid argument at all. Itâs a baseless claim with 0 evidence. The burden of proof is on you to prove itâs a backdoor, not on Microsoft to release their source code.
Grepping the Whonix source code for ânsaâ gets me some results. Definitely a backdoor. Now hire a team of security experts to audit all of Whonix and disprove me.
Opinion by GNU Project
Opinion by Free Software Foundation
GNU/FSF calls everything that isnât free software âmalwareâ. Their claims are baseless FUD and they are not an authority on security/privacy.
Windows Insecurity
Mostly already covered. First part is a duplicate. Windows not being classed as a âsecurity-focused OSâ on some Wikipedia list tells us nothing. There are security-hardened Windows versions although I would never trust/recommend them https://ameliorated.info/
Windows Historic Insecurity
Already covered.
No Security From Diversity
Makes no sense. Every Linux distro runs the same Linux kernel so 1 kernel exploit can affect them all. Distros simply rebranding themselves doesnât make them immune to exploits that work on another.
It is effectively impossible to directly talk to developers for most people.
Not true at all. No clue where you got that from. Most developers even have Twitter accounts for example.
But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key â which can be used to unlock your encrypted disk â to Microsoftâs servers, probably without your knowledge and without an option to opt out.
âWhen a device goes into recovery mode, and the user doesnât have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key,â a Microsoft spokesperson told me. âThe recovery key requires physical access to the user device and is not useful without it.â
But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key â which can be used to unlock your encrypted disk â to Microsoftâs servers, probably without your knowledge and without an option to opt out.
âWhen a device goes into recovery mode, and the user doesnât have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key,â a Microsoft spokesperson told me. âThe recovery key requires physical access to the user device and is not useful without it.â
I didnât see it when I re-read all of this last time. Please copy/paste.
Nobody said that here afaik.
Moved accordingly.
Source?
Rewrote that just now:
Tiered Stability (Updates Testing)
Windows forces lower-paying customers to install new updates and gives higher-paying customers the option of whether or not to adopt them. Quote[archive]:
Windows 10 Enterprise does allow users to postpone any update indefinitely but it is only available in bulk licensing.
Entirely unsubstantiated is something else. Thereâs no claim of proof. Only reasonable suspicion. If that isnât suspicious, nothing is. Worth mentioning.
Difference: can read the source code. Reverse engineering the binary is way harder.
Not true.
Gross generalization. I havenât seen any serious rebuttal.
Due to Microsoftâs restrictive, proprietary licensing policy for Windows, there are no legal software projects that are providing a security-enhanced Windows fork.
ameliorated.info might not be a legal software project. I write âmightâ because nobody can know until a court solves this question. Also I canât give legal advice. ameliorated looks anonymous. For good reason. Nobody can survive Microsoft lawyers when software forking Windows without permission.
Since someone might challenge legal vs not legalâŚ
My challenge (going to be expensive if lost): 1) reside inside USA, fork Windows, redistribute, publish real names, get popularity. Then see if Microsoft is going to sue and who wins in court.
Theory vs reality. In theory it could be that way. Many things conceiveable in theory donât happen in reality. In this case in practice itâs not happening.
Keyword is effectively.
That sentence is not an absolute. Of course, someone somewhere might talk to Windows developers but itâs not the norm.
This point and above I donât think any progress can be made as for agreement.
That would need a detailed discussion point by point and not just deletion of the whole thing.
Not reviewed yet.
That was debated earlier in this forum thread. I disagree with that and I donât think itâs productive to debate this ad-infinitum.
Windows officially admits their data mining activity and gives users so-called options to âchooseâ what they share. Third parties have uncovered time and time again, these user choices are ignored and there is no way to disable data gathering completely.
Letâs take a look at net effect on privacy:
A securely coded windows that resists third party spyware + includes data snooping in its core = net loss of end user freedom/privacy and security risk as NSA has been know to use windows error reporting for aiding exploitation.
A less defended libre kernel is more vulnerable to active attacks + no privacy invasive code include by default = net gain of privacy by default as nothing is being reported anywhere unless someone decides to target you.
Windows is malware because of what it does. I donât care if you trust that particular party for some reason with all the data it collects. Their compiler was even caught slipping in telemetry features in apps compiled with it. Classic backdooring.
macOS has added telemetry to their local folder search.
Proprietary software doesnât need more defenders. I am sure their massive budgets and monopolistic agreements with OEMs and user ignorance has done more than enough to secure their tyranny. Letâs look at how we can improve what we have here so users have a reasonable shot at having any privacy in this age.
You even acknowledged yourself that it could be a useful feature, not a backdoor and even considered âbackdooringâ Whonix too.
Youâre completely misrepresenting what theyâre actually doing. As said in the articles linked, Microsoft gives some companies early access to vulnerability info/releases so they can patch their systems before itâs public.
This is done everywhere and isnât an issue. Linux does this too.
Fixes for sensitive bugs, such as those that might lead to privilege escalations, may need to be coordinated with the private <linux-distros@vs.openwall.org> mailing list so that distribution vendors are well prepared to issue a fixed kernel upon public disclosure of the upstream fix.
Itâs what youâre saying.
Itâs still hardly âsabotageâ. Should be put in the user freedoms restrictions: âOnly paying customers can postpone updatesâ.
Not a big difference since weâve already covered that hiding backdoors in open source code is just as easy.
Already debunked one of their points above as an example and am not going to spend an entire week debunking the entire website.
Actual respected experts e.g. Bruce Schneier.
Which doesnât mean anything. Windows is still far ahead than standard Linux distros and even has advantages over Qubes. Whereâs CFI in Qubes again?
It doesnât really matter. Itâs still a security-enhanced version.
It makes no sense to claim malware on e.g. Debian wonât work on Ubuntu when they use nearly all of the same software. They just come from different repositories.
Still not true. Itâs easy to talk to Microsoft devs. Again, many even have Twitter accounts where any random person can talk to them. I can even give examples if you want me to.
Files on devices can be deleted if they were downloaded from sources competing with Apple companies.
I donât see that in the GNU page.
Intentional backdoors allow remote root privileges, wipes and deletion of applications.
No, the âremote root backdoorâ was a bug that was fixed. Perfect example of GNUâs FUD. They immediately call every bug in proprietary software a âbackdoorâ with no evidence of such.
The deleting apps thing is behind a paywall so I canât see it.
An insecure design allows execution of malicious code by applications and the extraction of messaging history.
Big deal. It had a few bugs in the past. Everything has.
Devices are bricked if fixed by an âunauthorizedâ repair shop.
Thatâs true and is shitty but itâs not a privacy/security issue.
Devices are bricked that were unlocked without permission.
This just seems like they fixed a verified boot bypass.
Biometric markers like fingerprints are used for device authorization.
Thatâs not an issue. You can get fingerprint readers on Linux too.
Extensive personal information is sent to Apple servers, such as:
All telemetry can be disabled.
And there were no real rebuttals to my points.
Straw man. Not once have I claimed that Windows doesnât have privacy issues. Iâve acknowledged Windowsâ privacy issues numerous times now. Read the discussion, stop making wild assumptions and stop putting words in my mouth.
I know Windows is spyware. Iâm not claiming otherwise.
All macOS telemetry can easily be disabled and you can verify that it is with simple network monitoring.
Good to see we agree on something. I equate privacy with security because they are very much related in the real world especially for whistleblowers.
Thatâs besides the point. Most people donât know about it and will never disable it. Defaults matter. Windows in theory also allows you disable its spyware.
Itâs a really long article. And itâs not my strongest area of knowledge. Thereâs some people only waiting for any nit they can pick to proof the point theyâd love to make.
honestly, i donât think this is truly fair. it was a horrible choice of variable wording on microsoftâs part, which also became public knowledge around the same time of the controversy involving the secret nsa router closet with at&t as i recall. microsoft did ackowledge the controversy. but, if i also recall correctly, the discussions on this broke down.
this also wouldnât be the first time that something shady or unethical was exposed with microsoft. as an example, despite microsoftâs âanti-piracyâ aggressive litigation stance, metadata in wav files for their media player with xp demonstrated that a version of soundforge was used to process the wav files was supplied by a well known cracking group. despite the horrible public relations that could have caused, microsoft missed that, even though it should have been obvious. microsoft has a rediculously huge development team, both in house and out sourced. is it that unrealistic to believe that employees involved may be nefarious in the context raised in this paragraph regarding ânsakeyâ? itâs a valid concern, despite being paranoid.
yes, i agree with you that âopen sourceâ doesnât absolutely provide greater security. but, the option to audit is there, which is absent with microsoft. and that is a fair critique at the end of the day. does âopen sourceâ make something more secure? obviously not. the ancient bash vulns discovered way too late obviously prove that. but, they were discovered eventually due to it being open source, which may never have been discovered or addressed by the likes of microsoft absent a very open and problematic exploit in the wild that stood to harm their stock prices. if the exploit was discovered by microsoft privately, and it didnât stand to affect their market share if not disclosed, itâs not an unfair critique to believe that microsoft may have avoided addressing it if the thought was there that it could harm their bottom line if publicly addressed. after all, thatâs the oracle way, no?
furthermore, since you brought up the debate regarding privacy vs. security, it would appear that we agree that debian respects privacy more than microsoft, apple, google, etc. whonix host is looking to plug the security holes that exist in vanilla debian. thus, when whonix host is reaady, while i agree with you that the âlinux is more secure than windowsâ argument is largely bogus from various technical standpoints at this point as far as exploits are concerned, i think the whonix team will be able to make a case for being better for both privacy and security once whonix host is released. in my honest opinion, that should be the focus. once whonix host is ready for delivery, the âother osâ wikis can be focused on that, which i think will be more beneficial.
if anyone thinks iâm off base here, please let me know. but, letâs keep this away from a âmicrosoft/apple vs. linuxâ debate. there are way too many subjective uses which makes that debate unfinishable. but, for what whonix adrdesses, which is a fairly specific use case, i think we can do it without engaging that debate.
point blank, whonix will never be a panacea. but, for people who want a best case scenario for anonymity with an operating system, whonix fulfills a need there, which will be even better with whonix host. if we keep the focus on that without engaging in fud, hyperbole, or pie in the sky promises, i will continue to believe, and promote, that whonix is the best os for this use scenario. it will never be perfect. but, what compares?
absent qubes that implemented whonix templates, i canât offer much as an example in that regard referenced above. but, as someone who was once involved with very problematic activism as far as some govs were concerned, compatriots of mine who didnât use whonix, but used tor, got busted due to very trivial mistakes. iâm still free. that is a huge selling point for me. whonix was the main difference, and iâm not implying that i engaged in anything criminal. whonix kept me free of harassment that could have affected my immediate freedom, right to travel, or employment opportunities. whonix alone wasnât the answer there. but it was an incredibly significant part, which freed me of relying on a number of custom scripts and steps to anonymize a debian host, which iâd developed for my own use over years of experience, and could still screw up. and, for that, i will forever be thankful. if the majority of clients i have now knew of my involvement with âanonymous,â i would not have a job, despite being no threat to them. that is part of the reason that i started publicly sharing an originally private document through anonymous on how to set up a basic system using debian as a host with whonix as virtual machines. and itâs why i publicly updated it for years.
in the end, i think we all need to keep focused on the notion that whonix is both a secure and private os for people who want anonymity. that is the end goal, correct? the debates on the flaws of other operating systems are less relevant there, since the enhancements that whonix team actively works on is better for people who want anonymity in comparison to the others. letâs keep the focus there. we donât need to bother with the âlinux vsâ arguments, since this is âwhonix vsâ for those who want an anonymity geared operating system.
Since I wonât have time soon for this the potentially remaining Windows / macOS enhancements suggestions from this post Long Wiki Edits Thread by @madaidan Iâve created ticket https://phabricator.whonix.org/T993 as reminder and mentioned this in on the related wiki pages.
None of those arguments make sense. Obviously the CPU is privileged. The SP is no different from the rest of the CPU. The SP specifically is not an issue. TEEs are important. Why are Intel SGX, ARM TrustZone, RISC-V MultiZone etc. not mentioned there too if you think itâs such an issue?
Everything has vulnerabilities. You cannot expect the SP to be any different.
