But see if they started using gentoo like myself. If they start compileing now They will have a full desktop by then
Hell my win10 pc hasnt had an update since '21 so no great loss
That computer better be air gapped. Security updates are essential.
i know you guys are probably right when you say that security updates are important, but why exactly? give me an example of how i could be fucked over while i’m just mindlessly playing my steam games and watching twitch+youtube on a system that hasn’t been updated since 2016.
i blindly assume that as long as i don’t download and run stupid .exes or click stupid links, i am completely fine
You don’t need to click anything suspicious. Remote code execution has in the past been done through images, PDFs, comments on some webpage, or supposedly trustworthy games. Just recently, Minecraft would let an attacker run anything on the victim’s computer due to a vulnerability in Log4j.
If your computer is not directly exposed to the internet, you might get away with some security updates that for example fix vulnerabilities that target the system firewall. But the point is, you’re constantly exposing yourself to attackers without knowing so.
A few example vectors:
-
Cross-Site Scripting (XSS) allows an attacker to run arbitrary code on the victim’s browser. All that’s required is a website that doesn’t validate its input properly. That is, an attacker can write executable code into a YouTube comment and when you view that comment, your computer will execute that code. Obviously YouTube is secured against that, but there are plenty of websites where this attack can be done. Therefore, modern browsers isolate the code execution to only that “browser tab”, so the attacker can’t access some sensitive data (unless the browser has some undiscovered vulnerability or for example the page itself contains sensitive information, say your bank account details). While modern browsers should provide sufficient protection against such attacks, the take-away point is that you don’t necessarily need to click any “suspicious links”. A vulnerability in a well-known website you frequent could be discovered any day.
-
An attacker can easily make your PC go to their website when typing google.com. DNS (how your computer is able to tell which web address is which computer) is not encrypted. It is incredibly easy tamper with. Why you don’t get scammed everyday is because of TLS encryption. Your computer is able to tell that the website is not Google, because it doesn’t have Google’s cryptographic “keys”. Assume that we discover a vulnerability in TLS (encryption of webpages) tomorrow and you refuse to update your operating system. Suddenly, an attacker can route any traffic they’d like back to them and you would be none the wiser. Same thing would happen if some vulnerability is discovered in X509 certificates, if ICANN’s private keys are leaked, and so on.
There are a lot of things that could go wrong. And they go wrong daily. Security updates fix vulnerabilities that we constantly find. They may be updates for your browser, your games, or indeed your operating system, depending on where that vulnerability is. The examples I gave are exaggerated, because they’re meant to be simple to understand. We do not find vulnerabilities in TLS every single day. Still, weak points are being discovered and fixed constantly. One of the bigger exploits were Spectre/Meltdown (attacks on the CPU) that let an attacker read any data they want, provided they can simply run some code on your computer in some way.
Also, obviously, if you expose yourself to the internet directly (e.g. port forwarding) or connect to an unsecure WiFi network, you’ll be bombarded with automated attacks that exploit holes found in firewall and the likes. If you open a port on your computer right now, you’ll get around a few hundred such knocks per day.
There are plenty of videos online that display what happens if you for example use a Windows 95 computer, either directly exposed to the internet or not. Might be worth watching to see just how easy it is for attackers to take over in the case of such an ancient system. Same principles apply to newer systems as well, the attacks are just more complex.
thank you for the explanation and the examples :) i will no longer be so ignorant about security updates
-
For web browsing, that almost makes no difference. As long as the browser is being updated, the most important attack vectors are closed. Even if there are any exploitable vulnerabilities on the OS, that will stop malware from even getting to them.
Absolute joke of a comment. You are assuming the browser is a holy grail completely isolating the internet from the operating system.
First of all. The browser runs on the operating system’s services. In particular, the isolation that you implicitly cite is done entirely by the kernel. (That’s for example why you cannot run chrome in an unprivileged docker container - the crucial isolation-centered system calls are not available) The whole network stack is managed by the operating system. Cryptography can also partially be done OS-sided. The simplest example is CSPRNG, which is usually provided by the OS. (Advanced systems may rely on external physical generators, see Cloudflare’s lava lamps).
Secondly. Completely and utterly wrong. The linked video displays the execution of Meltdown/Spectre within a browser. Using JavaScript. This allows the attacker to gain access to any data they want on your computer simply by running some JavaScript code. Easily remotely executed via XSS on a poorly written website. You may read the full article here. Or inform yourself about Meltdown and Spectre here. How is that relevant? Combating this vulnerability was primarily done via critical OS updates. The exploits are inherit to certain CPUs and are therefore not fully fixable. Still, the combination of BIOS, Chipset, OS, and browser updates help prevent very serious attack vectors. (That’s the reason why the browser’s time measurement is only accurate to about the millisecond.)
So no. Browsers aren’t the magic solution to everything (sorry Ubuntu Snap). They very much depend on the OS providing the assumed security guarantees. And even assuming no direct vulnerabilities in the OS, we can never exclude side-channel attacks, like what Meltdown and Spectre were (or still are if you refuse to update your system).
Here is an alternative Piped link(s):
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
It has no internet connection, so no
You mean yes lol. That’s air gapped.
is this real? windows 10 literally came out yesterday
in 2015
My dude, are you high? This was released in 2015…
That’s what he said.
Very much so and very much so
Remember when W10 was going to be the last windows you’d ever need.
I’ve never tried 10. 8 was all I needed to switch.
Yes, it’s the last version of Windows I’ll ever need.
Yep, not moving on. I still have a lot of things to figure out though. Unfortunately windows is easier for a lot of things but I’m completely done.
Oh, I meant I’m going to use a different OS after 10.
This is linuxmemes after all…
It is… for me
On released they didn’t know yet how far they can push that telemetry shit down their users’ throats. I bet, 11 is better optimized for that. And eventually, it’ll be Win365 OSaaS anyway…
Windows…optimized.
It takes 4GB just to idle in windows 11.
Why optimize when you can just mandate insane resources for your OS?
I miss running XP on an system with 768MB of RAM and having enough left over to play Morrowind.
It was a pinky promise.
deleted by creator
To be fair, that is entirely accurate. It is the last windows I will ever need because I switched to linux.
It honestly still feels like Windows 11 has only been out for a year
I run mint btw
But what’s an ᗋR𝖢ꔠ?
Arc# is what happens when Microsoft copies it.
You just summoned a demon
Btw
No I think it’s a daemon they summoned. Maybe the notification daemon?
Intel ARC grapHics cards?
Let’s be honest, real nerds use Gentoo
(I wish I was that advanced, maybe some day.)
Not really any harder then Arch if you know about how linux systems work and didn’t just copy paste or script your entire arch installation.
Better start compiling now so its ready by October
I started my Gentoo compile in 2008. It should be ready by next October.
I did it on sparc way back in the day, took a solid week. Once was enough
Old news, gentoo has binary packages as an option
What’s the point of using Gentoo if you don’t compile?
You don’t have to choose between binary and source, you can get some pre-compiled packages that you don’t care about, but e.g. run a custom kernel at the same time.
a good starter distro but ideally you should make your own from scratch so you know what’s in it
Honestly you’re not a real one until you’ve written your own kernel entirely
You guys would have deployed your own internet protocol if this conversation continued
Writing your own internet protocol is a good idea but you shouldn’t stop there. You need to run your own internet cables too to make sure it does what you want and isn’t controlled by someone else.
And develop your own plastic to cover the cables?
And what are you going to cover with it if you haven’t even started mining your copper and inventing a machine to make your fiber optics.
Wait, maybe we need to start with the electromagnetic spectrum in general.
Oh my god😭
Linux has a good starter kernel but ideally you should
Can I use Video Editing programs like Vegas on Linux?
Like Vegas? Sure. Open source stuff like kdenlive and shotcut exists. Davinci resolve is available for Linux for more professional stuff. Specifically Vegas? Probably only under a VM, and you’d likely get awful performance, so not worth it. If you’re a professional, Linux isn’t always an option, especially if you are in a software ecosystem that doesn’t work there
Worth noting that the free version of Davinci Resolve doesn’t support H.264/H.265 under Linux. You will need to use another format or pay for the full version. ($295)
Yeah I mean blame the MPEG group for that. There’s a reason all the tech companies tired of their licensing fees built avc1
Yes, using the Wine translation layer.
Vegas work under proton
KDEnlive is useful for inline video editing, and Davinci Resolve is more of a pro level tool. I have no idea about Vegas.
Linux mint cinnamon but cool cool
(╯°□°)╯︵ ┻━┻
¯_(ツ)_/¯
\ you dropped this
btw
*mint
What would be The Linux that works for most windows games and majority of enterprise corporate software? Or a linux version that can get older warez windows software to work, like Photoshop CS 6 and the like?
popOS just because they have an installer that includes nvidia drivers out of the box.
I second this. Works almost flawlessly out of the box (I had to install another version of the Nvidia driver from the pop shop because my 3080 didn’t like the 470 version but other than that I had no issues, except with some games that require a kernel level anticheat)
1Ooh that sounds nice, because I have an Nvidia card.
Mint also does, no?
dunno, if it does, then yay?
Installing pop os on my desktop failed.
How ? I did manage to accidentally lock myself out of my main Nvme drive the first time because I chose the encryption option and fucked up the password because of keyboard layout shenanigans, so I reinstalled it without encryption because I’m the only person with access to this PC anyway, but everything else went smooth as butter.
I don’t remember the error, but it was the Nvidia edition on my old 2016 bought desktop. I restarted the install 3 times, and it failed at the same point.
I still don’t have an OS on it at the moment, because the error was after formatting.
Was it some vendor’s prebuilt PC maybe ? Those can have some weird parts that can be hard to get to work properly on Linux.
It wasn’t potentially and I ran several Linux distributions on it over the years, including Manjaro and mint.
Mint.
Garuda Linux Gaming Edition is another option if you can get over the teenage “Dr4gonized” theme. I’d recommend it over PopOS because it’s basically Arch with everything you need for a smooth transition from Windows pre-installed. PopOS is Ubuntu-based.
Garuda has been great to me. Changing the universal theme in KDE is a really painless process, too.
I like how they end support for OS without providing an upgrade for a lot of people. Might as well put a Linux ad in their “Your PC is not supported” bullshit.
They even have a guide on how to install Linux: https://learn.microsoft.com/en-us/linux/install
“Bare Metal Linux”. I like it!
My laptop which is still perfectly usable doesn’t have support for 11. Im probably gonna switch to mint or popos but I know lots of ppl that dont have new laptops and they just fucked? And there are tons of end users that just have no desire to learn some of the intricacies of linux even if it is something mostly simple like mint. They’re gonna have to support security updates when they see the adoption numbers. Just like they had to do with 7 till they basically got to 10.
Now now, let’s keep honest here. They did provide option to install Win 11 on unsupported hardware. It’s just slightly hidden, prolly to avoid people bricking their pc’s an blaming MS. And also it won’t update.
Debian + KDE Plasma
DebianArch + KDE PlasmaBut I want Plasma 6…
Debian sid?
Fair. In that case I’d recommend openSUSE.
I try to avoid things with Red Hat or Canonical stink on it (which is why Kubuntu and Fedora are out)… and it’s more friendly than something more barebones like Arch.
I‘d recommend endeavorOS, because I like installing from AUR using yay more than installing from https://software.opensuse.org/
But if you don’t like the terminal, go for OpenSuse.
Archinstall script worked fine for me tho, it gives blank which you fill in and press enter, then installer will do it’s job without you. p.s i love opensuse tubleweed tho, my top 3 distros is debian gentoo opensuse, gentoo also have gentooinstall script derived from archinstall one
70% of the market. Half of those computers can’t even run windows 11. Good to see Microsoft taking charge in the fight against the environment by asking tens of millions of people to throw away their perfectly good computers and buy new ones
I can’t wait for some new bargain Linux machines.
For real. I’m genuinely trying to grasp why. Is it seriously just so they can require secure boot and then say Windows 11 is secure from ransomware even though that’s a feature of the motherboard and not the OS?
They have added so much ad stuff and other garbage that the OS is slowing down, to combat the user perception that the OS is slow they have increased the hardware requirement.
The home-user PC market has been hit HARD by smartphones and tablets. Suburban families no longer have a desktop in a home office plus a laptop for each member of the family. They may have a laptop, and it’s probably a Mac.
This decision is too make people buy new devices or upgrade to an OS that has a lot more tracking built in.
Microsoft is pressing AI and other data-scraping tech hard, but they’re necessarily going to have to have enterprise and government licenses that allow admins to block those features for legal and security reasons.
So they desperately need new home users they can data-mine.
I see I sideload of Gentleman Agreement with the hardware vendors here:
- Hardware Vendors : “Oh No, The Market is Slowing Down!”
- Microsoft: “Hold My Beer, it’s Payback Time”
Everyone wins. Well, the usual suspects win as usual. The environment and the customer can go kiss Mr Gates and Mr Dell’s asses.
Windows 10 can’t take screenshots at will…
That they will admit, at least.
