I was using Windows for a long time, from 95, XP, 7 and 10. Games just worked out fine, software that I needed I pirated. But I was annoyed from updates, (cannot turn off MY pc, just update and turn off option) bing, fokin bing and oh the best - F1 binded to it.
On parent’s pc is 7 still installed lol, not gonna change soon, anyway, my old laptop(server since 2017) wasn’t working properly with win, so only option to save it was Linux. Ubuntu was my choice in few years back, That was the moment I discovered open source software (head exploding image).
Recently i switched my main computer into PopOs, since I worked on it I was ,scared, to do it, because of some windows specific software. (I’m still able to boot into win, I kept it for some programs that I need once per year).
But I will never go back to windows as a main. First month was little bit stressful, configuring things and getting used to new workflows, but it is just a pleasure to use. No annoying popups, no preinstalled spyware, no stress related to running unknown .exe files, no bing. I just went from small dark closed box to a nice huge green open(source) forest…
Everything just works. If not, I still can fix it (mostly). I’ve got better with security, I understand more how things works generally. I found my peace in getting to know more how things works, not just guessing what it can do and never actually find out.
So if there is some one that is disgusted with how windows pc works, and is still using it, just switch it for Linux. Just do it, it will bring joy into using your machine as you need to and want to.
Just wanted to say this…
…and share the software, you’ll be free… https://youtu.be/9sJUDx7iEJw
…unless you are an experienced security person like me. My family occasionally use internet on a Windows 7 home desktop that I set up 6 years ago with perhaps what would sound simple – a combination of group policy edits and an anti-executable. If nothing I want executes, it will not execute. Browser end is taken care of with uBlock Origin on Firefox with malware and other lists enabled.
Funny thing, a virus executable was laying in AppData since ages, unable to do anything, and I did not even know until probably months or years. Deleted it.
Viruses don’t need to be .exes by the way. There were spectre/meltdown proofs of concept that only ever used front end JavaScript.
Because the modern style of CPU attack (zenbleed too) usually side chains access to private memory (where your authentication details exist) they can get full system control without executing any .exes.
That computer would need a firewall disabling all incoming traffic, the latest bios firmware patches and js disabled on Firefox to be close to safe. And that’s the base level stuff.
Edit: changed VPN to firewall. That was silly.
The blocker allows to block any kind of executable code, that includes EXE, DLL, VBS and all kinds of extension formats, and allows to whitelist what directories, processes and programs can run as well. It intercepts all IPC as well. There is also a HIPS firewall that intercepts all network traffic and processes. All bases are covered in my approach, and I discussed this personally with The PC Security Channel on a Discord voice call.
The only kind of vulnerabilities would be a CPU or OS/firmware level attack, but the latter is plugged largely due to combined maxed UAC slider/antiexecutable/HIPS firewall blocking any and all execution, and group policies taking care of any elevations. All this runs under a standard user account.
I do not recommend people this approach, considering how complex it is to setup and fully understand, but once it is setup, it is set and forget since years now. Only advanced users and pentesters who have experience and knowledge should do this. I am doing this because it allows both the machine to support legacy hardware like scanner, printer, DVD writer et al, and allows to run legacy Windows programs, besides allowing to use internet with Firefox/custom uBO.