You, sir, are very funny!

 

Unfortunately, your arguments were lacking. At least you have a sense of humor, even if you have little knowledge.

 

So here are some arguments on a way you like to do it.

• Limited Capabilities of Windows Defender Firewall
  • The built-in firewall lacks advanced rule management (e.g. deep packet inspection, stateful inspection beyond TCP/UDP, application-layer filtering).
  • Outbound traffic control is minimal and difficult for average users to configure.
  • No support for intrusion detection or prevention (IDS/IPS), making it inadequate against modern APTs.

• Closed-Source Codebase Prevents Independent Auditing
  • Windows source code is proprietary, limiting transparency.
  • Security experts and organizations cannot fully inspect it for hidden vulnerabilities or intentional backdoors.
  • Open-source alternatives like Linux allow full community-based audits, reducing the likelihood of undetected malicious code.

• Frequent Exploitation of Zero-Day Vulnerabilities
  • Microsoft software is a prime target due to its market dominance.
  • Zero-day exploits (e.g., CVE-2021-40444, CVE-2020-0601 "CurveBall") have demonstrated critical vulnerabilities in Windows Defender, SMB, and core libraries.
  • Attackers often gain remote code execution (RCE) or escalate local privileges before patches are available.

• System Services with High Privileges
  • Windows services such as LSASS (Local Security Authority Subsystem Service) and the RPC endpoint mapper run with NT AUTHORITY\SYSTEM rights.
  • Exploiting these can grant full system control.
  • Insecure DCOM or COM objects can be abused via known attack vectors (e.g., COM hijacking, DLL sideloading).

• Tight Integration with Cloud Services and Microsoft Telemetry
  • Components like OneDrive, Windows Update, and Cortana are deeply integrated into the OS.
  • Data is sent to Microsoft servers regularly—even after disabling some telemetry options.
  • Group Policy and registry edits are often required to fully disable such communications, which most users do not perform.

• Persistent and Hard-to-Disable Telemetry
  • "DiagTrack" and "Connected User Experiences and Telemetry" services continue to collect system metadata unless forcibly disabled.
  • Enterprise and Education editions offer slightly more control, but Home users have little transparency or control.
  • Data might include usage patterns, app history, typing data, and more.

• Historical Backdoor Allegations and Government Cooperation
  • Leaked NSA documents (e.g., from Edward Snowden) indicated programs like PRISM, suggesting cooperation between Microsoft and intelligence agencies.
  • Alleged presence of “NSAKEY” (a second key in Windows Crypto API) raised speculation about backdoor access in the 1990s.
  • While Microsoft denies active cooperation, concerns remain due to lack of independent verification.

• Excessive Default Network Exposure
  • Features like SMBv1, RDP, and NetBIOS are often enabled by default or not properly secured.
  • SMBv1 was the vector for WannaCry ransomware; yet some systems still run it for legacy compatibility.
  • RDP brute-force attacks are a common attack vector, especially when exposed to the internet.

• Delayed Patch Deployment in Corporate Environments
  • Many businesses use WSUS or SCCM, delaying updates to avoid downtime or compatibility issues.
  • This delay can leave critical vulnerabilities open for weeks or months after a patch is released.
  • Attackers often reverse-engineer patches to develop exploits for systems that haven’t yet updated.

• Reliance on Third-Party Security Tools
  • Many IT professionals and power users replace or supplement Windows Defender with more capable third-party firewalls (e.g., pfSense, ZoneAlarm, GlassWire).
  • Indicates that native tools are insufficient for granular monitoring, rule-based blocking, or real-time traffic visualization.
  • Some third-party tools also offer sandboxing or HIPS (Host Intrusion Prevention Systems), which Windows lacks.

 

The only thing that helps is unplugging and staying offline. (Just kidding). Finally, some arguments, bravo! So what do we do with all this knowledge? Do we do something or keep complaining? What do you want to do, zpaces? How do you want to implement your security?

 

Right... That's why we're all here cuz we use "legit" softwarez... Get a clue please. What we're talking about here isn't warez, it's the OS. An I'd thank you to mind your own f'in business in the second place...

You're not telling me anything I don't know. I have been preaching these processes on here for a while now. Some already know the drill, some listen, and some don't. The ones who don't and are running windows out-of-the-box, and actually believe all the industry b.s. about updates, they follow the industry planned obsolescence scam to the letter, leave themselves, their machines and everything on them open to perusal by anyone who wants a look, and have unwittingly become microsoft's (and their affiliates) bitches...

Right. This is the crux of the biscuit right here. Windows is a complete piece of shit, out-of-the-box. I would never use it that way, and certainly would never venture to put that system on the internet. Which is why I haven't used a OEM ISO of windows to build out a system in years. I use nothing but pre-optimized 3rd party ISO's especially now with the ever growing gigantic levels of garbage, malware and spyware that are present in OEM iso's. Plus I am a lazy bastard and like that fact that at least 1/2 of the optimization and R/E work has already been done for me.

I am having a hard time following the reasoning behind your arguments since you have already glimpsed us to the fact that you yourself don't use the wfw or defender. Maybe it's time to call this argument moot, and simply move on...

 

Last edited: May 20, 2025 at 10:38 PM

I agree, and I think your position was clear enough in your previous points.

The guy is clearly unhinged, he's been banned twice already for crappy behavior (aka Beat16/Radio), he harasses the staff, and just floods this forum with crap making it a less enjoyable place. He floods the sister site with crap preset packs also.

Why are you treating @zpaces with such hostility and sarcasm? You haven't provided anything of substance to this thread, as usual.

 

Why don't you apologize to @zpaces for your crappy behavior buddy? You called him ignorant for no reason, then he schooled you with a detailed, informative post.

You pretend to be this arbiter of hidden knowledge, but all you offer is AI generated crap.

 

He won't do anything. he's trying to create his own show here. Well some people suffered when they fell from the changing table.

 

Hey guys, is there anyone whos been frequently using S2 with no issues? If yes, what version \ release are you using and did you take any additional measures like blocking IPs in the host file and stuff like that?

The latest version 2.0.18 time bombed recently. The GUI starts melting after dragging and dropping 3rd party wavetables into the engine.
After that I have tried most (if not all) of the other recent releases with no success.
Its always the GUI melting. Especially with 3rd party wavetables it happens quickly after importing them, often immediately.

I am looking for a solution, hopefully anyone can share their success story.
In this thread I read that apparently blocking xfer servers in the host file isnt working reliably?
What else can i do? Im on Win 10 and Live 12.1

Greetings

 

Last edited: May 21, 2025 at 7:30 PM