Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No longer receiving security updates on an OS who receives most malware and has a history of vulnerabilities isn't FUD


Exactly the sort of brainwashing I was referring to. Security depends entirely on your threat model.

Look up the CVE stats by OS and you'll see the truth.


I agree security depends on your threat model but CVEs counts tell you newly noted vulnerabilities and you don't really need to bother with that when the you've already got dozens that'll never be patched.


> Look up the CVE stats by OS

2024: https://www.cvedetails.com/top-50-products.php?year=2024

9 of 10 are Windows branded operating systems. 3,276 across all of these platforms. Of these, over 1,000 are different versions of Windows 10. Compared to 1799 on the Linux kernel, which is actively developed and will be actively developed for the foreseeable future.

Are you arguing that Windows doesn't continuously get CVE entries? That is not supported by the data.

It is not logical to arrive at the conclusion that after the manufacturer states they will no longer address vulnerabilities, which are actively being found as if this year, that this is FUD.


>9 of 10 are Windows branded operating systems. 3,276 across all of these platforms. Of these, over 1,000 are different versions of Windows 10. Compared to 1799 on the Linux kernel, which is actively developed and will be actively developed for the foreseeable future.

How many of those CVEs actually affect you in a tangible way as to disturb your sleep at night?

If you are not considering your threat model to discern which threats you should actually care about, you are doing computer security wrong.


The OP invoked CVEs for the FUD argument, not me

I agree completely that they have a low signal to noise ratio


I'm saying that the newer the version, the more CVEs it has.

Of these, over 1,000 are different versions of Windows 10

Precisely. Windows 11 will be worse.

Of course this doesn't exclude bogus/trivial ones, since CVE-chasing is a thing now, but how many were found in older versions?

...and no surprise that I'm being downvoted by the corporate-authoritarian shills for speaking against the narrative. Yet it should be clear that the newer the code is, the buggier it is --- especially with the sort of competence that passes for developers these days. MS is adding more and more attack surface every day.

"Truth doesn't mind being questioned. A lie does not like being challenged" ;-)


> Precisely. Windows 11 will be worse.

The difference is Win11 continues to address these vulnerabilities. Or you switch to a Nix or air gap the machine. The incorrect approach is to continue using Win10 in production as if nothing is going to happen.

I suspect we have gotten sidetracked into arguing different things at each other for this reason


>Of course this doesn't exclude bogus/trivial ones, since CVE-chasing is a thing now, but how many were found in older versions?

Glad I am not the only one who has observed this. That Python int to str conversion “denial of service” CVE from a few years back was a complete joke.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: