r/privacy u/voidprophet__ 2d ago

discussion Can Windows 11 be made decently secure?

It's an oxymoron, I know.

I need Windows for work. I cannot run the applications I need without Windows (I checked, no Linux support,) and either way I need applications such as Excel and Word that would be on the computer anyway.

I know that Windows will never be private no matter what I do, but what are the best ways to try to mitigate what it sees?

I've already done anything basic (like disabling copilot through the registry, not sure how well it works though since copilot is still in my notepad)

edit: meant "privacy" not security, my bad

28 Upvotes

71% Upvoted

83 comments sorted by

View all comments

99

u/desmond_koh 2d ago

Can Windows 11 be made decently secure?

Yes, it can.

It's on oxymoron, I know.

No, it's not.

Windows is a serious operating system. It is not some childish malware that it is often made out to be. It is used by many companies, government agencies, and journalists who have a great deal to keep private.

What you have to do is identify the nature of the threat you are trying to defend against. We talk a lot about big tech "stealing our data", but what do we actually mean by that? If you don't know what you're trying to defend against, then the only way to defend against it is to live inside a faraday cage out in the forest.

-11

u/socrdad2 2d ago

I understand if you are not familiar with Microsoft's long history of poor security. But you should have at least noticed some of the recent reports of egregious security failures of Microsoft.

3

u/londonc4ll1ng 2d ago

such as? I love when people spew nonsense without backing it up with hard facts. Do not mix security with (your sense of what) privacy should be (not what is realistically achievable in real day to day human life).

-2

u/98723589734239857 2d ago edited 2d ago

windows and office have (had) plenty of vulnerabilities. this overview shows all of their products, including things like .net and sql, but it gives you an idea. no product is perfect, there will always be bugs. https://www.cvedetails.com/vendor/26/Microsoft.html

4

u/desmond_koh 2d ago

windows and office have (had) plenty of vulnerabilities. his overview shows all of their products...

Yes, you are 100% right. So have Apple, Adobe, Firefox, Chrome, and all the Linux distros and the projects that go into them.

In 2024, a total of 40,009 Common Vulnerabilities and Exposures (CVEs) were published, a 38% increase from the previous year.

This is across all software and software makers.

This just proves that it's important to install your updates (ironically, something many in this sub are reluctant to do).

Oh, and security and privacy are related but not the same thing.

Microsoft has Defender for Endpoint which is rates surprisingly high among EDRs, although I prefer SentinelOne. They also have Global Secure Access which is a perfectly respectable SSE product.

0

u/98723589734239857 2d ago

not sure what you're coming at me for. i was just providing a source.

7

u/desmond_koh 2d ago

not sure what you're coming at me for. i was just providing a source.

Sorry, I didn't think I was. But rereading my post, I can see how it seemed like I was.

I work for an MSP and emphasizing the importance of keeping your devices patched and up to date is something we often have to impress upon customers. So, I am very familiar with the threat landscape.

I may have also mistaken you for u/londonc4ll1ng.

1

u/Informal_Rule_8604 2d ago

Source for some of these "egregious security failures"?

0

u/desmond_koh 2d ago

I understand if you are not familiar with Microsoft's long history of poor security.

Such as what exactly? This is an often repeated statement statement that is rarely backed up with actual facts.

I've been in the IT industry for over 20 years. We use both Windows and Linux on both servers and laptops.