If you’re already with Linux, this is not for you. This is for people who’re indecisive or been contemplating for long about whether to make that jump.
For me, it’s a matter of a few things. I’m on a Windows 10 version that guarantees me until 2032 of support. That means I would effectively skip Windows 11, like I already mostly have and potentially skip Windows 12 if that turns out to be a shitty choice. I’d be coming in right in time for whatever Microslop shits out for Win13.
Should Windows 13 suck, I think that’s a consideration. Another consideration is when Valve keeps dropping support for certain Windows versions of Steam. Because I know for a fact they will drop Windows 10 support entirely one day and then Windows 11. I believe it is really stupid that they do this.
By the time my Windows 10 version expires, I’d be getting older, which means I’ll probably care less and less about computer-related things. Going to Linux wouldn’t be a problem since I’d be doing barebones things like browsing and checking e-mail.
And I’d also hope that by 2032, Linux would have better development like easier access to proprietary drivers and software among other things.
realistically not theoretically, how would you get pwned by running an outdated windows install behind a firewall, with in/outbound controlled by a very narrow allowlist.
i literally do this with win7. the machine’s in/outbound network is fully blocked except for a SOCKS5 proxy i’m running on some freebsd box. the program i need to run on it supports setting a proxy so that works, and web browser (a modded/latest build of firefox) also uses that proxy along with uBlock Origin and nuTensor (fork of uMatrix) so my javascript and fonts is blocked unless I explicitly enable it, which again is a very narrow allowlist.
there’s nothing I can’t lose on the machine, and even if it gets pwned I can afford it and can just restore from the latest backup. (ofc this should be what everyone does even on a fully updated system, user mistake can always get one pwned)
Ah so here’s the problem.
No matter how you finish that question, the answer is “no one has any clue besides the person familiar with some (potentially weird) exploit.” You cannot anticipate how security issues will be used. You may have taken steps to limit the risk but trust me, next to no one else is doing that stuff, and it’s still insecure compared to anything receiving security updates.
You’re saying “I can afford to lose this data” but can you really say there is absolutely nothing sensitive on the device? I’m willing to bet there is. And that data can be copied and used for various nefarious purposes.
I’m curious though, genuinely, why are you jumping through these hoops to keep windows 7?
ofc there could be a zero day, but highly unlikely if there’s too little attack surface. honestly i consider my win7 setup with firewall much more secure than some random person’s win11 box.
a targeted attack just for me surely could work, but that’s VERY unlikely to ever happen. there are much easier targets if some gov agent wants my personal info lol. and this sort of attack would be possible on any systems even if i keep it updated.
i use the machine for two proprietary softwares. one is a loffice writer/m$word equivalent called Hangul, the other is a whatsapp equivalent called KakaoTalk. you need these for basic stuff in this country because everyone else uses it unfortunately.
for hangul there’s a native linux build (proprietary ofc) that’s of alpha quality, barely usable for reading. WINE kinda works except it sometimes crashes on some specific features, and I don’t want it crashing while writing documents.
for kakaotalk there’s no linux build, only mac/win/android/ios. WINE works but very poorly so I need windows, and win7 works better than win10 for me since they dropped support for win7 then introduced antifeatures (mostly ads) but still keep the last win7 version functional. i RDP into the win7 machine to chat. (win7 is also much better than later versions especially when RDPing, since they support the proper classic theme unlike later versions that needs the shitty aero theme and dwm at all times. looks better, and also much faster over slow network)
I was thinking you might say this, and for all intents and purposes, it may be true. But my problem is how you wrote your first comment, stating that it was possible to keep it secured. Short of the very extreme measures you have taken, it’s not going to be secure, and most importantly, most people are not willing or able to take those steps. People may read what you wrote and gloss over details, thinking “I’m doing [a couple random things to increase security] so I’m fine”. They will most likely not be fine, given enough time someone will gain access to their machine.
You did not answer my question about sensitive data. Given you have chats on that machine, there is at least those, and those can be used for identity theft, social engineering, etc. And then there is the issue of the chink in your armor you just revealed – remote desktop. I have the understanding that RDP has had many security vulnerabilities over the years. So that is a significant chink. You likely will never have an issue, but you could. And it would be very likely due specifically to not having security updates from the past years.
Mostly though, I think it is important to spread information which, if erring on any side, causes people to be overly paranoid about data security, not less so.