W7 security

[DIYspanner]

Now that MS have ended updates for W7, what's the state of play with online security?

I presume the like of antivirus software like Avast will continue to update but what about online banking? Will banks use you're still W7 as liability clause if anything with an account happens?

 

[chalkywhite]

Good question. I wouldn't risk the aggro personally.

If Win10 isn't an option, try the free Linux Mint. It still uses Google Chrome as a browser, and LibreOffice is fully Microsoft Office compatible. Works perfectly on my HP Pavillion, which was struggling to run Windows anymore

 

[DIYspanner]

You make a valid point. W10 will be mainstream in a few years anyway.

Its only one PC, the rest we have came with W10 on.

Regarding Linux, I use it by default. PCLinux is my distro although Manjaro seems to be a top gun.

 

[mattylad]

The banks are probably all still using XP so W7 will be a new thing for them

 

[Chris---]

Given the state of hacking with whole towns in Eastern Europe dedicated to it, I suggest you either upgrade (free or otherwise) or scrap it.
One hacked machine opens up your home network to vulnerabilities. I was caught out twice with XP machines back in the day.

I think you can still trick a free w10 upgrade or just use without a licence key for a bit

 

[IT Minion]

Upgrade. Shop around and you'll find a copy of Windows 10 home for £30 or less. Not worth the tine, effort or risk of running an old windows 7 copy.

 

[dogfonos]

Now that MS have ended updates for W7, what's the state of play with online security?

I asked a similar question on a dedicated W10 forum and was surprised by the response. Most folk kind enough to answer suggested I stick with W7 and thought it would continue to run just fine, assuming good third-party security software. Admittedly, I stated that W10 was giving problems and I found it a bit of a Frankenstein product (i.e. an inelegant mashup of W8/8.1 and W7) and that I was tempted to return to W7 - which ran problem-free for me.

I think you can still trick a free w10 upgrade or just use without a licence key for a bit

Yes, you can - as long as you have W7 registered. Did it a few weeks ago. Advice I read said to upgrade first then do a clean install, otherwise there can be problems with registration. Simple enough process but good luck with the installation. Found it a real pain. I haven't done the clean install yet as I'm likely to return to W7.

Given the state of hacking with whole towns in Eastern Europe dedicated to it, I suggest you either upgrade (free or otherwise) or scrap it.

Wouldn't the hackers more likely target W10 vulnerabilities as it's a current operating system with more users globally than W7?

 

[IT Minion]

Wouldn't the hackers more likely target W10 vulnerabilities as it's a current operating system with more users globally than W7?

Both actually. A lot of the code in windows 10 is based on or the same as that used in 7. Which means that if you target 7 you probably also target 10 and vice versa. When they were both being patched that wasn't a problem, but now it is a real problem. Also an operating system that isn't being updated may mean that your ability to use any attacks you find is longer or greater.

The idea of using good third part tools is also flawed. There is a lot baked into or limited by the operating system. Think of the encryption that your internet browser uses to connect to your online banking. That relies on encryption software baked into the OS which isn't being updated anymore.

 

[EddieM]

Think of the encryption that your internet browser uses to connect to your online banking. That relies on encryption software baked into the OS which isn't being updated anymore.

Surely that uses the encryption protocols available in the browser, which if using TLS 1.1 is fine regardless of OS in terms of browser traffic anyway.

 

[IT Minion]

Surely that uses the encryption protocols available in the browser, which if using TLS 1.1 is fine regardless of OS in terms of browser traffic anyway.

Yes and no, the browser normally uses the libraries provided by the OS. I've hit issues on some legacy systems around this.

https://docs.microsoft.com/en-gb/archive/blogs/kaushal/support-for-ssltls-protocols-on-windows

I mostly worry about enterprise systems and I've lost count of the number of times I've had to explain to the client that yes, their new shiny software promised something but because of the old tat they are running in the arts and crafts tram we can't use it.

But that was an example of one of the ways that AV doesn't and can't do everything. Far from the only one!

 

[EddieM]

Hmm... we're only gonna upgrade our 100' of win2003 & win2008 servers to win2012.

Personally I reckon browser wise you'll be fine on win7.

 

[IT Minion]

Hmm... we're only gonna upgrade our 100' of win2003 & win2008 servers to win2012.

Personally I reckon browser wise you'll be fine on win7.

2008 R2 was an excellent OS, but it's very long in the tooth now. 2003 needs to be taken outside and disposed of humanely.

2012 is still a bit elderly. If you're going to the trouble of updating then I'd go for 2018 or 2019 now. Not that much extra work and puts off migrating again for a few more years.

 

[EddieM]

2008 R2 was an excellent OS, but it's very long in the tooth now. 2003 needs to be taken outside and disposed of humanely.

2012 is still a bit elderly. If you're going to the trouble of updating then I'd go for 2018 or 2019 now. Not that much extra work and puts off migrating again for a few more years.

Absolutely not, for many reasons win2012 it is.