WingNews logo WingNews
top | item 43961097

(no title)

stuffoverflow | 9 months ago

I have yet to see concrete evidence that disabling Windows update and windows defender would elevate risk of having the system compromised in any meaningful way.

I installed Windows 10 2016 ltsc on a VM at the end of last year out of curiosity to test that. Disabled wupdate and defender before letting it access the internet so that it was basically 8 years behind on any updates. I tried browsing all kinds of sketchy sites with Firefox and chrome, clicking ads etc. but wasn't able to get the system infected.

I would guess that keeping your browser updated is more important.

discuss

order

keepamovin|9 months ago

Correct! The browser is now the key vector because it's the most promiscuous and lascivious-for-code-and-data software on most devices.

Browser-zero days are why I factored out a way to distribute "web RPA agent creation" on any device, with no download - into its own product layer for browser-isolation. It's a legitimate defense layer but main barriers to adoption are operating friction, even tho it makes the task of hackers who want to compromise your network with browser 0-days much harder.

Because of that the RBI aspect is not as popular as ways its being used where you need a really locked down browser, with policies for preventing upload/download, even copy and paste, etc - for DLP (data loss prevention), for regulated enterprises.

Even so I think the potential applications of this tech layer are just starting.

amne|9 months ago

Just the other day I went to a website to flash a new firmware on a zigbee dongle. Straight from a chrome tab. wild!

Then it hit me: the only thing keeping a rogue website from sweeping your entire life is a browser's permissions popup.

mr_toad|9 months ago

> I have yet to see concrete evidence that disabling Windows update and windows defender would elevate risk of having the system compromised in any meaningful way.

It’s much less likely than it was 20 years ago. A lot of attack vectors have already been fixed. But hypothetically a bug in the network stack could still leave an internet connected machine vulnerable.

tmcdos|9 months ago

Do not connect it directly - use a dedicated router device.

kenjackson|9 months ago

You benefit from the fact that most machines are patched. If a lot more people used 2016 builds and didn’t patch you’d see a lot more exploits.

tmcdos|9 months ago

I use stock Win7 SP1 with just a couple updates (recently TLS and SHA-512, but only 27 hotfixes in total) and the only way to break something is if I deliberately run unverified executables that were manually downloaded from untrusted sources. And since I don't do this - my machine is still running the same installation that I did on December 24th 2014.

e12e|9 months ago

> browsing all kinds of sketchy sites with Firefox and chrome

How did you install those - downloaded via another system? Because with that old system, you are missing ssl certificates (Firefox and Chrome bring their own).

smileybarry|9 months ago

Maybe, but with good old Windows PKI you’re bound to still have a working chain of trust with Mozilla/Google.

…either that or the machine cheated and updated root CAs in the background (which isn’t Windows Update-controlled anymore).

Yizahi|9 months ago

How do you know your system weren't infected in that experiment?