News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • A night mare: Windows 10 and the OneDrive vulnerabilities

    Home Forums Code Red – Security/Privacy advisories A night mare: Windows 10 and the OneDrive vulnerabilities

    Viewing 1 reply thread
    • Author
      Posts
      • #211744 Reply
        gborn
        AskWoody_MVP

        Just let you know, I’ve been using some information I obtained from security expert Stefan Kanthak and digged a bit deeper into Microsoft’s Windows 10 OneDrive client. My findings may be read within the following three articles – a collection of security don’ts, from installing in profile folders (where all users, an malware, have access) up to using outdated OpenSSL and Qt5 libraries.

        Windows 10 and the OneDrive vulnerabilities – Part 1

        Windows 10 and the OneDrive vulnerabilities> – Part 2

        Windows 10 and the OneDrive vulnerabilities – Part 3

        Just have fun, we are using the ‘moste secure Windows 10 ever build …’ – according to Microsoft 😉

        Microsoft Windows Insider MVP, Microsoft Answers Community Moderator, Blogger, Book author

        https://www.borncity.com/win/

        6 users thanked author for this post.
      • #211798 Reply
        Elly
        AskWoody MVP

        As a non-techy, I could never delve down into the aspects of W10 and One Drive… but have simply watched… but my gut feeling was that W10 and its associated apps were not more secure. It doesn’t ‘feel’ like they are when patching is so messed up and causes so many problems. So, my tendency is to stand back and watch (and help my family go to other operating systems when W10 didn’t work for them)…

        Interestingly, One Drive, or the ‘Cloud’ is where Microsoft wants people to go… and they are failing to provide a secure product there… which is detailed in these three articles.

        At the end of the third article:

        The question remains whether you can and should use agile development and continuous delivery for a platform like Windows 10 (or at least the basic operating system)? Maybe the whole approach isn’t helpful for Windows development, where we depend on a a core OS solid as a rock (and won’t see disruptive agile ‘not ready yet’ prototype development).

        I appreciate the technical details, the facts, about why One Drive is not secure… but my overall (albeit limited to family and friends that had problems with W10) experience has led me to believe that not only the changes serve Microsoft rather than the end user, but that they really don’t care if the Home end user has a bad experience, whether tossing them into beta tester status, or coding known vulnerabilities into their operating system and apps.

        I really don’t understand how pushing an unstable OS and insecure Cloud platform benefits anyone other than executives that will walk away with bonuses no matter how it all crumbles in the end. In a way, it looks like the top executive decision makers are ripping off their own company by promoting a dream of ‘agile’ that they cannot actually produce to meet standards that Microsoft held 20+ years ago. Those standards were why Microsoft was successful… was…

        Non-techy Win 10 Pro and Linux Mint experimenter

        4 users thanked author for this post.
    Viewing 1 reply thread

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: A night mare: Windows 10 and the OneDrive vulnerabilities

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.