Which is now safer, Win7 or Linux?

Topic

New Reply

I now have a patched up Win 7 HP 64 bit system.  I also have EMET, Zone Alarm free firewall, Kaspersky free AV, run Firefox 75.0.0 in a Sandbox and have switched to a user account.  I also have LinuxLiteOS (based on Ubuntu 18.04) on a external USB HD with little or no security measures installed by me.

I have used the Linux disk up until now for financial and web surfing unfamiliar sites.  I know that nothing is ever completely safe, but can I feel confident using this Win 7 system until the April updates or should I stay with the Linux for the above explained purposes?

Thanks

Reply | Quote

Replies

If it were me, I would feel confident Web surfing with that Windows 7 system protected as you describe.

In case you’re not using one, you might want to consider installing an ad blocker such as uBlock Origin on your Firefox. I use it, not so much to stop advertising as such, but to stop the malvertising that too often gets delivered to our PCs along with legitimate ads.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

2 users thanked author for this post.

Steve, Charlie

Reply | Quote

I use the 0patch Pro  micro-patches.  UBlock,  and MSE.   No problems so far.  Really pleased with the daily micro-patches .  Patchs Adobe also.  W7 x64, AMD, Firefox 75.

3 users thanked author for this post.

WSJCitizen, doriel, Cybertooth

Reply | Quote

Which is safer? I’d say Linux, since its desktop market share is so low that few (if any) malware writers target it for exploitation.  If it was a server on the internet, it would be a target, but desktop Linux isn’t really worth their time.

Regarding your non-titular question, though:

Larry B wrote:

but can I feel confident using this Win 7 system until the April updates or should I stay with the Linux for the above explained purposes?

I think you’ll be fine until the April updates.  Windows 7 didn’t change overnight when it passed the end of support date.  Most people who get malware ended up infecting themselves, whether by downloading an attachment from an unknown email sender, running a program from a questionable source, or some other similar thing.  It’s a minority who get infected by a true “drive by” malware.

As Cybertooth noted, you can improve the odds with an adblocker.  I go even further and also use uMatrix (by Raymond Hill, same author as uBlock) to block many scripts.  I use Linux, so my exposure is small, but that does not mean it’s zero.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

4 users thanked author for this post.

Steve, Charlie, OscarCP, Cybertooth

Reply | Quote

[WSJCitizen]

I use Opatch too; and I am convinced my Win7 system is more secure than ever, because when I examined the list of other apps besides the operating system that Opatch takes care of, I found apps that I had forgot were even onboard the PC!! These were things that got more and more difficult to chase down, because since Secunia PSI went defunked, it has become extremely difficult to keep up with all the apps, and software for updates.

I used to run a honey pot lab, and I am still convinced Win 7 is a very secure platform to do online shopping and banking provided you do at least a few other things: like

1. Make sure you are logged in as a restricted (standard) user.

2. Close the browsers occasionally and run CCleaner ( although Avast is about to ruin it)

3. Install IBM’s Security Rapport – I’ve tested this and it is the only one that passes every test by the AKLT tool. Buying KeyScrambler Pro can’t hurt either as the IBM end point protection is also compatible with it.

4. Run the paid version of Malwarebytes Anti-malware Premium and enable the malware and adblocker extension for Chrome or other browsers. MBAM also fights ransomware.

5. And last but not least – I like to use Web Of Trust as a search link evaluation tool; but it only works on certain search tools – DuckDuckGo is the best for Chrome.

6. Use a password manager and take advantage of the password generator to create secure passwords.

I’ve caught malware running in the background on my PC occasionally, and my critical information has never been compromised. Besides, after breaches like the one at Equifax, everyone is vulnerable to banking and credit card attacks – you have to watch your accounts and/or configure alerts for these to watch for fraudulent PayPal and other apps that might gain access to your accounts using breach information. The sooner you catch the “micro-payments” that crook uses to verify your account on his PayPal the sooner you can block them and get your small amount of money back. I’ve had great success on this, and it is just more likely the crooks will use breach information than trying to do it by attacking your PC or orchestrating a man in the middle attack. Breach dumps are the going thing for criminals now, the data analysis they can do on all that information makes ripping people off much easier, I’m afraid! Linux boot discs are great for banking, but they aren’t the end all, unless your bank shuts down all outside electronic banking to your account – and for me that just isn’t practical now a days!

 

• This reply was modified 4 years, 10 months ago by WSJCitizen. Reason: Adding one more important detail

1 user thanked author for this post.

Cybertooth

Reply | Quote

Based on my limited knowledge of the security aspects in question, here is my three-dollar note of wisdom. Please feel free to correct the mistakes, so I can learn something that way:

As far as I know, any particular distribution of Linux. let us say Ubuntu, is supported by its developers as long as one keeps updating the OS after a new version comes out, which I believe is once every few years in no particular cadence, and I get the impression that experienced users choose to upgrade only if they think that the new version is a significant improvement in the features it offers them, having annoying bugs and worrying security vulnerabilities fixed , etc. So not upgrading to every single new version of, e.g. Ubuntu, might not be such a big deal. There are also patches that come out now and then for the same reasons as they do for Windows, but more rarely.

Windows 7 is no longer supported by MS for free: it is supported if one pays and only for up to three years. 0patch is another paid alternative and, if it picks up enough business and also with some luck, it might be around for longer than three years.

Because Win 7 it is no longer supported, but it will still be running on many computers worldwide for quite some time and not everybody is going to be taking such measures as geekdom, for example, has been advising others to adopt to stay safe, Win 7 might attract the attention of more unsavory hackers than Linux. And Linux, as Ascaris just pointed out, here, does not attract that much attention from those hackers at the worst of times, anyway.

So I would think that there is less security with Windows 7 that with Linux. But, if one is careful how one and for what uses Win 7 from now on, the difference with Linux might not be that important. Or so I hope, for the sake of us all Win 7 holdouts.

And no: I don’t think that the experience of people that have been using Win XP for years after it went out of support without serious problems is a good guide for the future of those that plan to continue using Win 7. Because I am inclined to believe that the world, as far as the use of the Internet is concerned, has become a much more wicked place since those days — and that it will keep getting worse.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

OscarCP wrote:

As far as I know, any particular distribution of Linux. let us say Ubuntu, is supported by its developers as long as one keeps updating the OS after a new version comes out, which I believe is once every few years in no particular cadence, and I get the impression that experienced users choose to upgrade only if they think that the new version is a significant improvement in the features it offers them, having annoying bugs and worrying security vulnerabilities fixed , etc.

Ubuntu releases a new version in April and October of each year, with the April release in even-numbered years being a LTS that’s supported for 5 years.  You don’t have to upgrade to any new versions during that 5 years to keep getting updates.

The short-term releases are only supported for 3 months beyond the release of the subsequent version.  They’re for people who want the newest packages in their Ubuntu, so upgrading every six months should be what they’re looking for.

Current versions of Mint are always based on the most recent LTS release of Ubuntu (not counting LMDE, which is based on Debian).  All of them are supported until the LTS version upon which they are based is out of support.  You don’t have to upgrade from one Mint release to the next to stay supported until the base LTS edition is out of support, and upgrading to new Mint releases that are based on the same LTS release of Ubuntu won’t get you any additional support time.

 

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

1 user thanked author for this post.

OscarCP

Reply | Quote

ADWcleaner is also handy.

Reply | Quote

Did not mention, I do use an ad blocker.  I use Adblock Plus.  I tried using Ublock Origin for awhile, but it broke too many of the sites I visit and became annoying.  I do have to whitelist some sites with ABP, but it is less daunting.  I also use Privacy Badger.

Doesn’t Firefox have a script blocker so wouldn’t installing Umatrix be redundant?

Reply | Quote

Firefox has a tracking blocker built in, not a script blocker.  By default the tracking blocker is set to a low level of tracking protection, since that’s least likely to cause problems. It’s the same trade-off for a lot of security and privacy addons, programs, and features in various programs.  The more protection that is offered, the greater the odds that it will inadvertently break something that isn’t a threat.

I’ve never used that tracker blocking feature, so I don’t know much about how it works, but a script blocker like NoScript or uMatrix allows a great deal of granularity, so that you can enable just the scripts that are needed to make any given site work, but no more than that.  It does require some experimentation at times for sites that have not been visited (and configured) before, and that was why I switched from NoScript to uMatrix– the uMatrix tabular display makes it easier (for me at least) to see what needs to be unblocked to get the site working again.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

Reply | Quote

[Mike]

I have two computers.  one is Win10 (upgraded from Win7). The only reason I use Win10 is for specialized software support.  The other computer is Linux Mint.  There are 3 styles of Linux Mint: Cinnamon, Mate and Xfce.  As far as the graphics, look and feel,  Cinnamon is most like Windows.  Xfce is the one that is plain and uses less resources, and runs faster on an older system with less Ram.  Mate is somewhere in between. All three come with Linux software to do the basics: surf, email, documents, spreadsheets,  play media, etc. Security and Firewall enabled.

When I installed Linux Mint Xfce on a Dell i5 desktop it was amazingly easy. Everything, including my Canon printer was found and the drivers installed. Maybe I was lucky. We use this computer for entertainment, online surfing, creating docs, xls, pp and finances using Libre Office, VLC, Firefox and Ublock Origin. The interface/gui/desktop and “File Exlorer” are simple and easy to use. Updates are automatic and seamless, never had an issue.

In short, for the uses we need, I see no reason to use Windows.

Mike

• This reply was modified 4 years, 11 months ago by Mike. Reason: added content

2 users thanked author for this post.

Steve, doriel

Reply | Quote

How do you deal with files that you get and need to use, that have been created using Windows applications by people who have Windows as their OS?

For example: Zipped files (with WinZip or WinRar), Word and Excel documents, etc.?

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

For example: Zipped files (with WinZip or WinRar), Word and Excel documents, etc.?

You should have no issues with zip files or Office files in the Linux distros that are “Windows-users-friendly”. Libre Office is pretty interoperable with MS Office these days; and browser-based Office 365 (soon-to-be MS 365…) works pretty well in Linux in my experience. Fonts are the biggest bug-bear, but even that has good workarounds that are usually already included in distros like Ubuntu.

Things that don’t work on Linux are mostly proprietary things, some forms of DRM, and some Flash-based websites (cuz there still are some, including some tools used by my employer…). VLC media player can handle most of the media file formats, although if you’ve been a heavy iTunes user the translation to Linux isn’t always smooth.

Plus if you are very fond of particular apps/software tools that don’t have a Linux version, you may find yourself learning how to use a Linux equivalent.

Some hardware isn’t Linux-friendly. The good news is that you can test this from the install media before you install the OS, and find out where you might need to tweak drivers.

I have used Mint and Ubuntu/Kubuntu, and am now a big fan of Solus with the new Plasma desktop integration. With Mint and the Ubuntu flavors you have the benefit of a lot of tools and workarounds designed to bridge the Windows experience. And all of Linux has fab support from fellow users (like here in the Lounge!).

I just converted an old Win7 desktop to Solus 4.1 Plasma, and it went very smoothly. The only hiccup was a driver for my old Broadcom wi-fi card; but thankfully I could plug in to Ethernet for the first round of updates, find the Broadcom tools in the Software Center, and Bob was indeed my uncle!

Good luck with whatever you choose to do. I enjoy Linux, but there are still some things (ahem, Logitech and my old Harmony remote) that I need Windows for. Plus, you know, work is M$ everything.

4 users thanked author for this post.

Steve, LHiggins, OscarCP, Ascaris

Reply | Quote

Abbie Anderson: Thank you.

One reason I started using Windows, back in 98 (Win 98, of course) was that I found with any other system it was often less that straightforward exchanging documents with people using Windows, ditto email, etc. So, because many of those I was working with, here and abroad, were using Windows, as most people then were, I decided that to stay in touch and communicate properly with the rest of the world I was going to be better off using a Windows PC. That concern has lingered in the back of my mind ever since.

So it is reassuring to learn about the effective progress that has been made since those days to make it possible, using Linux, to stay in touch with the world, for work and for fun. Even when much of the rest of the world is still using Windows.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

doriel

Reply | Quote

I understand your question, but there are less and less file extensions, that cant be handled in linux distros these days. I use Fedora and I never ran to problem, that I cant open certain files, I tried Linux Mint and its so simple.. It works from the beginning as it is supposed to! I have also notebook from 1999 With Fedora 14 and it still works. No forced updates as windows does, just functional system, that remains the same – just as I want it.
Linux distors have SW repository like MS and Apple store does. You dont need to be command line guru anymore to install SW, it installs all depencies automatically, basically as @Mike worte.

Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

PRUSA i3 MK3S+

Reply | Quote

From time to time I consider if I should move to Linux. Last time was when I came off Win XP. I tried Linux (can’t remember the flavour) along with Wine for 2 Windows apps that I needed: Quicken and The Bat! plain text email. Overall it was less than ideal. So I went to Win 7. (as an aside, with 11 email accounts and 20k historic emails, no way could I move to a web based email system – with The Bat! I simply press Alt+F2 to update all accounts).

I have just updated my wife’s Win 7 to Win 10 and it’s like treacle (1/2 the speed I guess) so on my PC I went to the extended Win 7 support. If I were to move to Win 10 I would need a new PC. So next January I will probably revisit that perennial question: should I move to Linux?

My nagging question about Linux security is the integrity of any additional packages. I’m currently installing home automation on a Raspberry Pi 4 which is a variant of Debian. For some functionality or hardware, I’ve had to install code from other libraries or from github or from the Docker Hub.

One is told to occasionally do an update: <span class=”st”>apt-get update – I suppose it’s the equivalent of Windows Update. </span>As I understand it, this goes off to the various repositories and updates the libraries on my PC. What if one of those other libraries/github/Docker Hub etc. was to be compromised, either by the author or a hacker. Won’t I be exposed?

At least with Windows there are organisations like Ask Woody that scrutinise  Windows updates, and MS themselves presumably have robust security on their Windows Update libraries.

PS Maybe it could be argued that installing from other libraries etc is like installing apps from various sources on Windows (though on Windows I always install from the apps own web site, not a 3rd party). But working on the Rasp Pi I get the feeling that I incorporating code at a more lower system level rather than at an applications level, but that might be my ignorance!

Reply | Quote

You can run Win7 happily by following the details in the links posted above. That includes reverting from 10 to 7 (I would on a slow machine).

If you are happy in Linux and don’t need Microsoft or specific 3rd party apps then you only need to update your base image occasionally and can steer clear of other code. And make regular backups to recover from disasters, of course.

cheers, Paul

Reply | Quote

Hi Larry,

Do you use Linux Lite on a Thumb drive or USB SSD type device? Do you boot from the external device? Never tried this before—is the external drive able to save any info you might create? What banking open source do you use…

Too many ?’s?

Appreciate any help

Reply | Quote

I have been using Linux both for my own use running a business, and for my clients. Usually I install Linux on client machines due to virus issues on Windows which have caused loss of time and work documents for them. I am at over 400 installs over the last 15 years and never had one back with virus issues. It is rare I get any comparability issues and never need any extra complex bits installing. My preferred version is Linux mint mate as it is closer to the look and feel for Windows users. Part of the install asks about finding extra drivers for the machine which you simply select, no need to detail what or how, mint just does it all.

It comes with protection built in.

It comes ready to run for free, with all the apps you need for free

The upgrades if you choose are free but you are not forced to accept them. I have 2 clients on former xp machines running Linux mint 14 (we are now on 19) who have never done an upgrade and no problems using 32 bit technology

Support is easy and free, plus there are many sites similar to woody with free help as well as the main suppliers of Linux own version sites.

We have come a long way in the development and design of the Linux desktop but it’s like changing from a Windows machine to using a Mac, it all works and it’s all there but sometimes the colour or icon placement is different.

Once you go Linux you never want to go back

1 user thanked author for this post.

DrBonzo

Reply | Quote

Would you please elaborate on your comment “It comes with protection built in.”? I’ve seen this comment quite a number of times but it never comes with any explanation/eleboration as to just what built in protection is.

Would you also please point me to one or two sites that are “similar to Woody” for Linux Mint?

I’ve run Ubuntu 16.04 LTS and 18.04 LTS for about 3 years and I could take it or leave it. I’ve been running Mint 19.2 for several months and you’re right: I never want to go back to Windows. Mint is by far the best OS I’ve ever used (I’ve used a handful of Windows versions, Mac OS Sierra, High Sierra, and Mojave, the above mentioned Linux, and even DOS and a bit of VMS (Vax).

I’m interested in sites similar to AskWoody because, honestly, I find some Linux help sites to be pretty snobby with a prevailing attitude of ‘If you really have to ask THAT, then you’re just not worthy of running Linux; better leave Linux to the smart folks.’

I’m interested in the built in protection because after year of running Windows, I find it almost incomprehensible to not run at least a good antivirus program.

Reply | Quote

And since this topic is about security, I’d like to say, that I never cought virus on any Linux distro. Security is more about awareness and not clicking links, that I dont trust and not to enter my for example bank account credentials nowhere else, but the bank site.

Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

PRUSA i3 MK3S+

1 user thanked author for this post.

DrBonzo

Reply | Quote

For additional security you may want to add some things to your hosts file. I use some of the things from this web site:

https://someonewhocares.org/hosts/

I went from XP to Linux (now using Mint) and have never had a virus. As was pointed out above, the biggest weakness is the user. Use good passwords and use a password manager. I use KeePass. Turn off UPnP in your router and make sure all unnecessary ports are closed. Run ShieldsUp at grc.com. Get rid of unneeded IOT devices, if they have bad security they expose your network.

 

3 users thanked author for this post.

Steve, doriel, DrBonzo

Reply | Quote

I’ve been using Linux Desktop for personal use since 2012

I was formerly a Windows Domain Administrator at a Fortune 500 company, and I’ve personally installed over 400 instances of Windows from Windows 3.11 to Windows 10

(1) Linux is generally more secure than Windows for two reasons –

Most viral malware is written in code that executes on a Windows device – EXE, BAT, COM – and, that kind of code will not run natively on Linux – cannot be executed in Linux.

And, Linux by default is used by a non-root, non-admin, non-administrator account.

(2) If you use Linux Mint, an excellent support forum is https://forums.linuxmint.com/

Newbies are treated kindly, and those with a bit more experience, as well as experts, are only too glad to help.  I also have used https://www.linuxquestions.org/ but generally, my best support comes simply by querying your favorite search engine (https://duckduckgo.com/)

I’ve used RedHat, Ubuntu, Slackware, TinyOS, Xubuntu, and many others.

I formerly used SuSE & CentOS because we used them in business, but I’ve moved my servers to Ubuntu and my desktops to Linux Mint, as I prefer the support I find online.

(3) As for repositories –

Generally, software from repositories is software from a trust source, and that includes GitHub, kernel.org and many others – https://www.ubuntuupdates.org/ppas

Before software and/or patches can be submitted to a repository, they are tested and checked so that security can be maintained.  The promise of “open source” is that the code is easily reviewed by many eyes, and generally, that works.  The problem with “closed source” or proprietary code is that it’s only viewed by those who work for the company.

We all know that even large companies like Microsoft sometimes allow “shoddy” patches to be released, even foisted, onto the unsuspecting public.  That’s no worse, and usually, better with “open source” repositories than it is with Windows Update or similar sources.

However, I’d never suggest someone install Linux and ignore it for the next five years.

No, one of the great things about “open source” software is that it’s continually developed, and new patches are being released daily – KEEP YOUR SOFTWARE UPDATED

I have never had one problem with installing a Linux patch or update!

And, those who think Linux servers are vulnerable should realize that the reason most of them became vulnerable was because system administrators failed to keep their systems updated, and things like SSH & kernel vulnerabilities, snuck their way into existence.

The largest majority of those have now been resolved, and they have been for me.

https://linux-audit.com/linux-vulnerabilities-explained-from-detection-to-treatment/

I’ll leave it here!  I’m sorry for such a long post, but I really think many more people should test the Linux waters.  I still use Windows for specific applications, but it’s rare, and then I use Windows in VirtualBox or a remote server.  Then again, if more people used Linux, perhaps, Woody’s work would dwindle enough, he’d have time for a vacation!

 

7 users thanked author for this post.

Steve, WSJCitizen, DriftyDonN, LHiggins, doriel, DrBonzo, Cybertooth

Reply | Quote

anonymous wrote:

Hi Larry,

Do you use Linux Lite on a Thumb drive or USB SSD type device? Do you boot from the external device? Never tried this before—is the external drive able to save any info you might create? What banking open source do you use…

Too many ?’s?

Appreciate any help

I loaded LinuxliteOS on a thumb drive and then installed it to an external HDD.  The install on the HDD will remember your settings, whereas the thumb drive will not.

As to your banking sources question, not sure what you mean.  I have an online account with my bank.  I use a password manager (dashlane) for logging into that and any other online account I have.  Fortunately Dashlane has version for Windows and Linux so I was able to use all of my saved setting on either system.

Reply | Quote

Thank you for the answers! Clear and succinct unlike my question re:banking. I was asking about software. Been a Quicken user for decades but dislike the new model( afraid m$ft is going that way w/ windows too) Looked at Moneydancer briefly- any suggestions?

Again, Thank you and be safe in this time of trouble!!

Don

Reply | Quote