
Security: from Linux to Windows - CircleJerk
I&#x27;m looking for a &quot;Windows for Linux users&quot; kinda of guide, any suggestions? I&#x27;m not talking about how to use the OS, but how to protect myself from it.<p>My new job &quot;requires&quot; that I move to Windows ASAP but I&#x27;m worried about all the cloud stuff. I&#x27;m waiting for the Windows 10 release to start the dual boot pain.<p>- Is there a &quot;Microsoft Block&quot; list for the hosts files for all the cloud, ads on MS apps (like Skype) and data collection stuff? That would still allow me to receive updates<p>- I hate everything about Antivirus software. Is there any lightweight solution? Any options besides UAC on max level to increase security?<p>- For shaddy .exe&#x27;s, is there a battle tested sandbox solution or I&#x27;m gonna need a VM? Is it worth paying for Sandboxie?<p>- Windows Firewall: good enough?<p>Feel free to share your experiences about switching to Windows, security related or not.<p>Thanks!
======
LarryMade2
Setup a limited user account and use that to work and surf from, that keeps
bad programs from jacking your access rights.

Never use Internet Explorer (well, only to install another browser - make sure
you get it from the official site, there are so many underhanded
browser/utility download sites there.)

Install the adblock plugin on Firefox

MS Security essentials is good

use Malware Bytes - it will catch a lot of stuff.

When in doubt (especially on suspicious messages,) do nothing, shut down and
reboot.

Be prepared to wait a lot for updates to complete

If you can avoid outlook, go with Thunderbird, otherwise be wary of emails
(addresses are hidden)

Turn "on" view all file extensions in folder options.

Be very wary on installer dialogs, some have checkboxes you need to uncheck to
not install additional unwanted things, others frontload installers for
unwanted apps ahead of the main installer, etc.

Make sure you keep acrobat, flash, office, java, etc. updated.

If you don’t just click on any link you will be fine for the most part, a lot
of the traps are crafted to get the rubes, be careful on clickbait.

------
higherpurpose
Create a Standard user account after the default Admin one. Use that.

Use EMET on max settings.

Try to use whitelists if possible (AppLocker). Relevant post:
[https://community.spiceworks.com/how_to/59664-free-almost-
pe...](https://community.spiceworks.com/how_to/59664-free-almost-perfect-
malware-protection-with-gpo-app-locker)

I would use Avira over Microsoft's default antivirus. Use Malwarebytes.

Always stay up to date.

You can try GlassWire as well for easy monitoring of your traffic:
[https://www.glasswire.com/](https://www.glasswire.com/)

Use Chrome (most secure for now) - uBlock Origin, WOT, HTTPS Everywhere
extensions.

Windows 10 should be much better security wise, especially if you only stick
to store applications, but I think it will include some security features for
older programs, too (app signing, I think some virtualization/isolation stuff,
etc). In about a year laptops with fingerprint authentication should come out,
too. Unfortunately you'll still have to get the Pro version to get Bitlocker
(or you can use one of the Truecrypt forks like Veracrypt).

~~~
CircleJerk
GlassWire, EMET and AppLocker are new to me but they sound promissing!

Why do you prefer Avira? I find hard to compare since the reviews are usually
personal experiences without any real data, and since they are usually closed
source it's even harder.

~~~
higherpurpose
Avira is usually among the top for free antiviruses and Microsoft's antivirus
is last. For some reason I can't find the links anymore right now but I saw it
on a recent AV comparison chart.

------
brudgers
Microsoft Security Essentials is a free download from Microsoft [I suspect
it's not bundled to avoid running the risk of antitrust litigation]. Anecdote
is not data, but I've been using it for five years and have had no problem,
and unlike commercial antivirus, its business model isn't based on selling
your browsing history or recurrent credit card charges.

Windows firewall has a bad wrap because XP shipped without it turned
on/installed for years. Since Vista and the new security infrastructure it's
about what one would expect as part of an OS. It just took Microsoft a while
to overcome the problems of Windows' success in less technical installations.

None of which is to say a person can't easily do something stupid. But the
same is true for Linux or a BSD based OS.

~~~
pzxc
Security Essentials is bundled starting with Windows 8, but it's been renamed
to "Windows Defender". Same thing though.

------
znpy
I used to use ZoneAlarm free firewall back in the day I was using Windows.

At first it's annoying because it'll ask every single time a process wants to
use the network, but after you train it, you'll get warned and explicitly ask
whenever a program outside your regular ones wants to access the internet.

But keep in mind that if, for example, you allow Firefox to access the
internet, you won't be protected from code run by Firefox doind nasty
networking stuff.

