No, I'm not changing my advocacy position any. I still hate everything. But I'm now having to look at the Win10 upgrade situation due to Win7 going out of support in a few weeks (3 of my 11 currently operational boxes run some Windows or other). Is that really needed? Yes; most security problems statistically target the Win7 release. BUT going to 10 brings up a new set of problems.
(If you're interested I'm looking at buying at least one preloaded computer offlease (used) from either discountelectronics.com, tigerdirect.com, microcenter.com or officedepot.com).
Windows 10 is extremely chatty in that it monitors user activity for various reasons and excuses. Fortunately, there are lots of Win10 telemetry restriction programs, scripts and procedures available via a simple web search (I'll do a further post on some). But I speculate that it's more necessary than normal that you look into Win10 security due to the new chattiness, for the following reasons.
Unlike in the past, Windows 10 monitors user activity as well as security stance with various installed tools including a keystroke logger. This means that it sends data to Microsoft for later analysis.
But note that if this shuffling (telemetry) happens, then that means two other things. First, that it gets transmitted over probably-insecure, probably-unencrypted channels. That transmission provides the opportunity for someone to use the good-ol' MITM attack. If you don't know what that is, Goo... no, Yandex it.
And then there's a third problem I haven't seen discussed much. Microsoft would, after harvesting the info, store it somewhere. It's that storage location I wonder about. Years ago, Microsoft lost the source code to a break-in when somebody got into their network at Richmond, WA - but not directly. Rather than hit MS servers frontally, the sneaks got hold of an employee list and located a manager working from home. That's right. Security wasn't quite as good on the home laptop or desktop, so they hacked the manager. Getting in via his credentials, they swiped all of Win98SE, I think it was. Oh, I forget. Goo... no, Yandex it. And I dunno; maybe Win10 is 90% Win98SE.
This last holds the greatest number of possibilities for future bad guys in my view. Cook up a... let's call it a "Prospector Program" that searches for addresses of databases and storage locations (network, attached device, cloud, whatever). Then set up a humungous data repository for it to use as a depot. Give it an obscured and encrypted communications method. Then run the program 24x7x365 at a low-intensity level of pings, attempts, etc. You're not hitting the main web interfaces or firewalls aggressively. You're hitting a secondary area that's not being DDoS'd in spectacular fashion, for example. There's a greater possibility of overstressed admins having their backs turned.
Just a few thoughts.
