JustAGuy Posted July 2, 2016 Share Posted July 2, 2016 Hi, I consider buying win10 and using it as a primary OS, and for reversing. There has been a lot of rant about privacy issues, forced updates, windows itself enabling user disabled reporting options..... I wonder if it's worth of buying. Is it even good idea to use legal win10 for reversing when noone knows for sure what actually is collected and send to MS? Anybody here using legal version of Win10? Link to comment
A200K Posted July 3, 2016 Share Posted July 3, 2016 I'd buy windows 7 and update to windows 10. It's cheaper I updated my pirated version of win7 and tbh I like windows 10. Then I decided to use a legal version from dreamspark. For reversing I still use a windows 7 vm though. Some reversing tools don't work on windows 10. If microsoft wanted to have a backdoor on your pc, they could hide it as an update on older OS versions as well, unless you disable auto updating. But who knows if that'd really prevent them from still doing so. So that's why it's not a reason for me to not use a newer OS. However, it is up to you. If you care a lot about privacy, use linux, it's open sourced Link to comment
kao Posted July 3, 2016 Share Posted July 3, 2016 Using your primary OS for reversing is a bad idea. Sooner or later you will mess up and run some code you shouldn't be running (eg. malware). Choose primary OS to your liking and get VMWare or VirtualBox for reversing. I personally will take Microsoft's offer to get Win 10 for free as an upgrade from Win 7. Will it be my primary OS? Maybe yes, maybe no. Time will tell. 2 Link to comment
Techlord Posted July 4, 2016 Share Posted July 4, 2016 I agree with @kao that its an extremely bad idea to use your primary OS for reversing ! I stopped doing so many years ago and now always use win XP or Win 7 32-bit in a virtual machine (a fresh snapshot everytime) for teh purposes of reversing. And very important : kepp it disconnected from the internet. Pulling out the ethernet RJ-45 wire from the back of your computer is a better idea rather than simply disabling the network adapter in software, when reversing, even in a virtual machine. Personally, I will be making a backup image of my existing Win 7 and then upgrade to Win 10. If I don't like it then I'll simply fall back to my backup image of Win 7 ! Did the same for Win 8.1 a couple years ago and rolled back to Win 7 when I didn't like the Win 8. Best of both worlds if done in that manner Link to comment
idrcelab Posted July 4, 2016 Share Posted July 4, 2016 3 minutes ago, Techlord said: Pulling out the ethernet RJ-45 wire from the back of your computer is a better idea rather than simply disabling the network adapter in software, when reversing, even in a virtual machine. Are you serious? i think its very paranoid, can you explain more. is it some program that can be connect to internet hiddenly without showing connection status? Link to comment
Techlord Posted July 4, 2016 Share Posted July 4, 2016 (edited) 15 minutes ago, idrcelab said: Are you serious? i think its very paranoid, can you explain more. is it some program that can be connect to internet hiddenly without showing connection status? No I am not paranoid. Windows 10 connects DIRECTLY to the internet bypassing the VPN that you may installed. Research had been done a few months ago and posted by the researchers , using Fiddler or something like that. After all, its the OS and IT can decide whether to show you the REAL status or not. But coming to your question, hidden virtual adapters can be installed by malware for example. As long as the drivers for your network card are present, then its not terribly difficult to create its OWN connection to the internet bypassing whatever VPN or proxy bindings you may have put inplace. By teh way its COMMON knowledge now that the present days computers are not FULLy off when switched off, unless unplugged , and that the network card STILL keeps a bit of itself on and can wake up the computer remotely ! We have seen a few malwar eable to do it, in the field. Will give more references later if I can find them again. EDIT : Just wanted to add. VMWARE v12 for example, has its own virtual adapters. EVEN IF you disable your computer's network card in software, we have demonstrated that they can still access the internet using their own adapters, as long as the host has the necessary drivers for the network card and as long as the internet cable is plugged into your computer. Also, you may notice that the VMWare 12 does not even show the list of virtual machines or allow you to open them, UNTIL the firewall for it is unblocked. So the ONLY way to avoid it accessing the internet, for example, is to pull out the internet cable on your computer and then enable the firewall to let the VMWare to get through. Then and then only it allows us to open our virtual machines etc. I do not know of any setting that can bypass this. Would be very happy if anyone can help . This issue was not there in the earlier versions of VMWare , wherein I could simply block it with a firewall, but it would still merrily run ! Edited July 4, 2016 by Techlord 1 Link to comment
idrcelab Posted July 4, 2016 Share Posted July 4, 2016 4 hours ago, Techlord said: No I am not paranoid. Windows 10 connects DIRECTLY to the internet bypassing the VPN that you may installed. Research had been done a few months ago and posted by the researchers , using Fiddler or something like that. After all, its the OS and IT can decide whether to show you the REAL status or not. But coming to your question, hidden virtual adapters can be installed by malware for example. As long as the drivers for your network card are present, then its not terribly difficult to create its OWN connection to the internet bypassing whatever VPN or proxy bindings you may have put inplace. By teh way its COMMON knowledge now that the present days computers are not FULLy off when switched off, unless unplugged , and that the network card STILL keeps a bit of itself on and can wake up the computer remotely ! We have seen a few malwar eable to do it, in the field. Will give more references later if I can find them again. EDIT : Just wanted to add. VMWARE v12 for example, has its own virtual adapters. EVEN IF you disable your computer's network card in software, we have demonstrated that they can still access the internet using their own adapters, as long as the host has the necessary drivers for the network card and as long as the internet cable is plugged into your computer. Also, you may notice that the VMWare 12 does not even show the list of virtual machines or allow you to open them, UNTIL the firewall for it is unblocked. So the ONLY way to avoid it accessing the internet, for example, is to pull out the internet cable on your computer and then enable the firewall to let the VMWare to get through. Then and then only it allows us to open our virtual machines etc. I do not know of any setting that can bypass this. Would be very happy if anyone can help . This issue was not there in the earlier versions of VMWare , wherein I could simply block it with a firewall, but it would still merrily run ! Thanks for your explanation. I see the point now. For internet connected through cable - we can make sure to pull off the cable. But how about, wireless internet - how to make sure it didn't connected to internet hiddenly? Link to comment
Kurapica Posted July 4, 2016 Share Posted July 4, 2016 I advise you to buy a pizza with this money instead of Win 10 5 Link to comment
Techlord Posted July 4, 2016 Share Posted July 4, 2016 (edited) Yes, for wireless, one solution is of course to change your router wifi password but its not practical everyday. What we personally do is, to use laptops that come with a slider switch to switch on or off WiFi in HARDWARE. Many older models of Sony (Lenovo) laptops used to have this feature. 2 slider switches that switch the wifi and blu-tooth on or off respectively. When the switch is in OFF position, then its not possible to switch on the wifi in software. So its a very good solution. For laptops that do NOT have such switches, then what we do is not to use the wifi on the laptop AT ALL but to just use the wired connection. For laptops containing very sensitive material, where you cannot take ANY chances of it connecting to an open network accidentally, what we practically do is to open up teh laptop and just unplug the wifi card inside it. I agree its extreme but in some cases we DO use such measures. BEWARE though, again, as long as the OS knows the wifi password etc, there no stopping it from QUIETLY connecting to the network. Even when apparently switched off (battery still attached to laptop). Such behaviour is MOST common in LG Smart (4K TVs) where it was documented that they do connect stealthily and upload user info, provided they have the wifi password, even when the TV is off ! Some smart printers also used such behaviour to track if teh cartridges used were genuine or not (calling back home with the cartridge info)... Edited July 4, 2016 by Techlord 1 Link to comment
idrcelab Posted July 4, 2016 Share Posted July 4, 2016 5 minutes ago, Kurapica said: I advise you to buy a pizza with this money instead of Win 10 :D, i'll buy it for you too, Kurapica. Come and join me in 5* Cafe. 4 minutes ago, Techlord said: Yes, for wireless, one solution is of course to change your router wifi password but its not practical everyday. What we personally do is, to use laptops that come with a slider switch to switch on or off WiFi in HARDWARE. Many older models of Sony (Lenovo) laptops used to have this feature. 2 slider switches that switch the wifi and blu-tooth on or off respectively. When the switch is in OFF position, then its not possible to switch on the wifi in software. So its a very good solution. For laptops that do NOT have such switches, then what we do is not to use the wifi on the laptop AT ALL but to just use the wired connection. For laptops containing very sensitive material, where you cannot take ANY chances of it connecting to an open network accidentally, what we practically do is to open up teh laptop and just unplug the wifi card inside it. I agree its extreme but in some cases we DO use such measures. BEWARE though, again, as long as the OS knows the wifi password etc, there no stopping it from QUIETLY connecting to the network. Even when apparently switched off (battery still attached to laptop). Such behaviour is MOST common in LG Smart (4K TVs) where it was documented that they do connect stealthily and upload user info. You are very concern on security, i love it. 1 Link to comment
Techlord Posted July 4, 2016 Share Posted July 4, 2016 @idrcelab : As a professional penetration tester and security specialist, it snothing really big actually... We have to be careful all the time... 1 Link to comment
JustAGuy Posted July 4, 2016 Author Share Posted July 4, 2016 There is no hurry for installing win10 now, but sooner or later win7 becomes obsolete, the mainstream support from MS ended more than year ago. What then? Can anyone of you who are runs win10 as primary OS (and use older OSes in WM for reversing ) share some experiences and insight how it works for you? Link to comment
Zulu Posted July 4, 2016 Share Posted July 4, 2016 2 hours ago, JustAGuy said: Can anyone of you who are runs win10 as primary OS (and use older OSes in WM for reversing ) share some experiences and insight how it works for you? I would advise you not to take anyone's personal opinion about it. As you can see above, everyone has a different opinion which might or might not overlap with yours. Just install VMware Workstation (or VMware Player, it's free), download Windows 10 Trial version (also free) and see for yourself. Trying it out probably takes less time than waiting for some guy on this forum to give you a comprehensive response https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprisehttps://www.microsoft.com/en-us/software-download/windows10ISO Windows 10 doesn't have too many new features if you're familiar with Windows 8. The biggest one is "Cortana" (Siri for Windows) Here is the comprehensive list: https://en.wikipedia.org/wiki/Features_new_to_Windows_10 Here is Microsoft's own "new features" list with a bit more bling-bling but less information : https://support.microsoft.com/en-us/help/17174 Enjoy Link to comment
SkyProud Posted July 6, 2016 Share Posted July 6, 2016 On 7/3/2016 at 4:29 PM, JustAGuy said: Anybody here using legal version of Win10? It is said that if you are a Win7 or Win8.1 user, you can have a free upgrade to Win10 until July 29, 2016. - http://www.theregister.co.uk/2016/07/01/microsoft_gets_creepy_with_win10/ Link to comment
Blah Posted July 6, 2016 Share Posted July 6, 2016 cortana..lol no thanks..they can keep it... On 7/4/2016 at 7:44 PM, Zulu said: Windows 10 doesn't have too many new features if you're familiar with Windows 8. The biggest one is "Cortana" (Siri for Windows) Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now