Bottom post of the previous page:
You mean create backdoors. What do you call it when a third party uploads arbitrary files to your pc and executes them without your knowledge or consent? That's malware, pure and simple. If you have windows updates enabled, your system is being directly threatened by a very aggressive piece of malware called Windows 10 that takes over your machine, creates numerous backdoors on it allowing for, among other things, remote code execution and uploading more arbitrary files to your machine without your consent, and irreparably damaging your system often leaving you with no option to restore it to previous state short of wiping it clean completely.ColonicAcid wrote:Because Windows updates, contrary to your retarded beliefs, are there to patch break ins and back doors.
Please tell me a single thing I said that is not true. Is MICROS~1 not uploading arbitrary malicious code to unwilling users and executing it without their knowledge and consent? Are they not forcibly installing their malware on millions of computers whether you want it or not? Are they not collecting tons of data leaving users unable to disable this spyware feature completely no matter what they do short of blocking dozens of servers in the router or similar device they're connecting through? Those are all very real threats that you're exposed to if you have windows update enabled. I've had it disabled on my Windows 7 installation for 3 years now and never had a single malicious file executed on my machine. Do you know why? Because I'm not a dumbfuck and do not run any random executable off the internet. It really is that simple. No way to use 0-days on my machine if you can't get your files on it in the first place.LiamLime wrote:Windows related security exploits are found on a weekly basis. The Windows patch which comes out on every 2nd Tuesday of the month fixes many such exploits. The latest one, for example, is an exploit with regsvr32 and regsvr64, which handle OLE controls, DLLs, ActiveX stuff - often used by installers to do application - OS ties. Well, it turns out it's possible to get these programs to silently download scripts off the Internet and then execute them. These scripts can, for example, edit your registry and access files and applications, blocked by tools such as App Locker. Whoops. Expect a fix for this on May 10.mosquitoman wrote:Mind elaborating why?
I'll be honest, mosquitoman, you're not helping the "Anti Windows 10" team. They have valid complaints they can raise, but you're just going full retard on this, representing their concerns as the stuff of tinfoil hat wearing nutjobs, which they definitely aren't. I really think that the best you can do to promote your opinion is to let someone else take over - someone who actually knows what they're talking about and where the limits of technology are and what Microsoft is actually likely to be doing. I mean you're incredibly easy to argue against, because the concerns you raise are unsubstantiated and easy to counter, I just worry that you're misrepresenting and trivializing the team you're on. There are valid reasons to be concerned with Microsoft and Windows 10, your dumb paranoia isn't amongst them though.
Truly you must be an expert. That JPG "exploit" is actually a method of delivering code encoded in JPG via the browser, so Windows updates won't help you with that either. It was designed to bypass antivirus software that might be scanning the scripts on the website and preventing their execution in case it smells something dodgy. This way the code flies under the radar and is reconstructed from the image using an otherwise fairly harmless piece of js that only executes the payload. I know how this works because I wrote a small tool that uses similar method for hiding data in PNGs. And of course this will be stopped short by my browser anyway since there is no javascript that will run the binary hidden in the JPG on my machine unless I whitelist the site. And even if the browser becomes compromised somehow, I can just restore the VM from an earlier clean snapshot with no problems.
