Jump to content
Tuts 4 You
Sign in to follow this  
JustAGuy

buying win 10

Recommended Posts

JustAGuy

Hi, 

I consider buying win10 and using it as a primary OS, and for reversing. There has been a lot of rant about 
privacy issues, forced updates, windows itself enabling user disabled reporting options..... I wonder if it's worth of buying. 
Is it even good idea to use legal win10 for reversing when noone knows for sure what actually is collected 
and send to MS?
Anybody here using legal version of Win10?

Share this post


Link to post
A200K

I'd buy windows 7 and update to windows 10. It's cheaper :)

I updated my pirated version of win7 and tbh I like windows 10. Then I decided to use a legal version from dreamspark.

For reversing I still use a windows 7 vm though. Some reversing tools don't work on windows 10.

If microsoft wanted to have a backdoor on your pc, they could hide it as an update on older OS versions as well, unless you disable auto updating. But who knows if that'd really prevent them from still doing so. So that's why it's not a reason for me to not use a newer OS.

However, it is up to you. If you care a lot about privacy, use linux, it's open sourced :)

Share this post


Link to post
kao

Using your primary OS for reversing is a bad idea. Sooner or later you will mess up and run some code you shouldn't be running (eg. malware).

Choose primary OS to your liking and get VMWare or VirtualBox for reversing.

I personally will take Microsoft's offer to get Win 10 for free as an upgrade from Win 7. Will it be my primary OS? Maybe yes, maybe no. Time will tell.

  • Like 2

Share this post


Link to post
Techlord

I agree with @kao that its an extremely bad idea to use your primary OS for reversing ! I stopped doing so many years ago and now always use win XP or Win 7 32-bit in a virtual machine (a fresh snapshot everytime) for teh purposes of reversing. And very important : kepp it disconnected from the internet. Pulling out the ethernet RJ-45 wire from the back of your computer is a better idea rather than simply disabling the network adapter in software, when reversing, even in a virtual machine.

Personally, I will be making a backup image of my existing Win 7 and then upgrade to Win 10. If I don't like it then I'll simply fall back to my backup image of Win 7 !

Did the same for Win 8.1 a couple years ago and rolled back to Win 7 when I didn't like the Win 8.

Best of both worlds if done in that manner :)

 

Share this post


Link to post
idrcelab
3 minutes ago, Techlord said:

Pulling out the ethernet RJ-45 wire from the back of your computer is a better idea rather than simply disabling the network adapter in software, when reversing, even in a virtual machine.

Are you serious? i think its very paranoid, can you explain more. is it some program that can be connect to internet hiddenly without showing connection status?

Share this post


Link to post
Techlord
15 minutes ago, idrcelab said:

Are you serious? i think its very paranoid, can you explain more. is it some program that can be connect to internet hiddenly without showing connection status?

No I am not paranoid.

Windows 10 connects DIRECTLY to the internet bypassing the VPN that you may installed. Research had been done a few months ago and posted by the researchers , using Fiddler or something like that. After all, its the OS and IT can decide whether to show you the REAL status or not.

But coming to your question, hidden virtual adapters can be installed by malware for example. As long as the drivers for your network card are present, then its not terribly difficult to create its OWN connection to the internet bypassing whatever VPN or proxy bindings you may have put inplace.

By teh way its COMMON knowledge now that the present days computers are not FULLy off when switched off, unless unplugged , and that the network card STILL keeps a bit of itself on and can wake up the computer remotely !

We have seen a few malwar eable to do it, in the field.

 

Will give more references later if I can find them again.

EDIT : Just wanted to add. VMWARE v12 for example, has its own virtual adapters. EVEN IF you disable your computer's network card in software, we have demonstrated that they can still access the internet using their own adapters, as long as the host has the necessary drivers for the network card and as long as the internet cable is plugged into your computer.

Also, you may notice that the VMWare 12 does not even show the list of virtual machines or allow you to open them, UNTIL the firewall for it is unblocked. So the ONLY way to avoid it accessing the internet, for example, is to pull out the internet cable  on your computer and then  enable the firewall to let the VMWare to get through. Then and then only it allows us to open our virtual machines etc.

I do not know of any setting that can bypass this. Would be very happy if anyone can help .

This issue was not there in the earlier versions of VMWare , wherein I could simply block it with a firewall, but it would still merrily run !

Edited by Techlord (see edit history)
  • Like 1

Share this post


Link to post
idrcelab
4 hours ago, Techlord said:

No I am not paranoid.

Windows 10 connects DIRECTLY to the internet bypassing the VPN that you may installed. Research had been done a few months ago and posted by the researchers , using Fiddler or something like that. After all, its the OS and IT can decide whether to show you the REAL status or not.

But coming to your question, hidden virtual adapters can be installed by malware for example. As long as the drivers for your network card are present, then its not terribly difficult to create its OWN connection to the internet bypassing whatever VPN or proxy bindings you may have put inplace.

By teh way its COMMON knowledge now that the present days computers are not FULLy off when switched off, unless unplugged , and that the network card STILL keeps a bit of itself on and can wake up the computer remotely !

We have seen a few malwar eable to do it, in the field.

 

Will give more references later if I can find them again.

EDIT : Just wanted to add. VMWARE v12 for example, has its own virtual adapters. EVEN IF you disable your computer's network card in software, we have demonstrated that they can still access the internet using their own adapters, as long as the host has the necessary drivers for the network card and as long as the internet cable is plugged into your computer.

Also, you may notice that the VMWare 12 does not even show the list of virtual machines or allow you to open them, UNTIL the firewall for it is unblocked. So the ONLY way to avoid it accessing the internet, for example, is to pull out the internet cable  on your computer and then  enable the firewall to let the VMWare to get through. Then and then only it allows us to open our virtual machines etc.

I do not know of any setting that can bypass this. Would be very happy if anyone can help .

This issue was not there in the earlier versions of VMWare , wherein I could simply block it with a firewall, but it would still merrily run !

Thanks for your explanation. I see the point now.

For internet connected through cable  - we can make sure to pull off the cable.

But how about, wireless internet - how to make sure it didn't connected to internet hiddenly?

Share this post


Link to post
Kurapica

I advise you to buy a pizza with this money instead of Win 10 :D

  • Like 5

Share this post


Link to post
Techlord

Yes, for wireless, one solution is of course to change your router wifi password but its not practical everyday.

What we personally do is, to use laptops that come with a slider switch to switch on or off WiFi in HARDWARE. Many older models of Sony (Lenovo) laptops used to have this feature. 2 slider switches that switch the wifi and blu-tooth on or off respectively.

When the switch is in OFF position, then its not possible to switch on the wifi in software. So its a very good solution.

For laptops that do NOT have such switches, then what we do is not to use the wifi on the laptop AT ALL but to just use the wired connection.

For laptops containing very sensitive material, where you cannot take ANY chances of it connecting to an open network accidentally, what we practically do is to open up teh laptop and just unplug the wifi card inside it. I agree its extreme but in some cases we DO use such measures.

BEWARE though, again, as long as the OS knows the wifi password etc, there no stopping it from QUIETLY connecting to the network. Even when apparently switched off (battery still attached to laptop).

Such behaviour is MOST common in LG Smart (4K TVs) where it was documented that they do connect stealthily and upload user info, provided they have the wifi password, even when the TV is off !

Some smart printers also used such behaviour to track if teh cartridges used were genuine or not (calling back home with the cartridge info)...

 

 

Edited by Techlord (see edit history)
  • Like 1

Share this post


Link to post
idrcelab
5 minutes ago, Kurapica said:

I advise you to buy a pizza with this money instead of Win 10 :D

:D, i'll buy it for you too, Kurapica. Come and join me in 5* Cafe.

4 minutes ago, Techlord said:

Yes, for wireless, one solution is of course to change your router wifi password but its not practical everyday.

What we personally do is, to use laptops that come with a slider switch to switch on or off WiFi in HARDWARE. Many older models of Sony (Lenovo) laptops used to have this feature. 2 slider switches that switch the wifi and blu-tooth on or off respectively.

When the switch is in OFF position, then its not possible to switch on the wifi in software. So its a very good solution.

For laptops that do NOT have such switches, then what we do is not to use the wifi on the laptop AT ALL but to just use the wired connection.

For laptops containing very sensitive material, where you cannot take ANY chances of it connecting to an open network accidentally, what we practically do is to open up teh laptop and just unplug the wifi card inside it. I agree its extreme but in some cases we DO use such measures.

BEWARE though, again, as long as the OS knows the wifi password etc, there no stopping it from QUIETLY connecting to the network. Even when apparently switched off (battery still attached to laptop).

Such behaviour is MOST common in LG Smart (4K TVs) where it was documented that they do connect stealthily and upload user info.

 

 

You are very concern on security, i love it.

  • Like 1

Share this post


Link to post
Techlord

@idrcelab : As a professional penetration tester and security specialist, it snothing really big actually... :)

We have to be careful all the time...

  • Like 1

Share this post


Link to post
JustAGuy

There is no hurry for installing win10 now,  but sooner or later win7 becomes obsolete, the mainstream support from MS ended more than year ago.

What then?

Can anyone of you who are runs win10 as primary OS (and use older OSes in WM for reversing ) share some experiences and insight how it works for you?

 

Share this post


Link to post
Zulu
2 hours ago, JustAGuy said:

Can anyone of you who are runs win10 as primary OS (and use older OSes in WM for reversing ) share some experiences and insight how it works for you?

I would advise you not to take anyone's personal opinion about it. As you can see above, everyone has a different opinion which might or might not overlap with yours.
Just install VMware Workstation (or VMware Player, it's free), download Windows 10 Trial version (also free) and see for yourself. Trying it out probably takes less time than waiting for some guy on this forum to give you a comprehensive response :)

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
https://www.microsoft.com/en-us/software-download/windows10ISO

 

Windows 10 doesn't have too many new features if you're familiar with Windows 8. The biggest one is "Cortana" (Siri for Windows)
Here is the comprehensive list: https://en.wikipedia.org/wiki/Features_new_to_Windows_10
Here is Microsoft's own "new features" list with a bit more bling-bling but less information : https://support.microsoft.com/en-us/help/17174

Enjoy

 

Share this post


Link to post
Blah

cortana..lol no thanks..they can keep it...

:)

On 7/4/2016 at 7:44 PM, Zulu said:

Windows 10 doesn't have too many new features if you're familiar with Windows 8. The biggest one is "Cortana" (Siri for Windows)

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...