I have a Dell Lattitude E7440 that is all the computer I will need for a long time. I basically use Chrome, Thunderbird (email) and OpenOffice for spreadsheets.
I need a new battery which looks to be $50 investment.
I do banking so I need it to be safe.
Any suggestions?
What is “safe”?
Malwarebytes is usually a couple of dollars per month.
I have one laptop with Qubes OS installed on it, and various virtual machines on it (including Windows 7) isolated from each other. So you could keep your email/browsing/gaming and your banking separate, for example.
Win7 is now past support.
So any security faults it has will never be fixed. it’s just a matter of time before you get pwned.
The less you do on that computer the better off you’ll be.
But every email, or especially email attachment, is an attack vector. Every website displaying an advertisement (i.e all of them) is a source for malware.
If you’re knowledgeable enough to be careful enough, you’ll probably be safe enough. But you won’t be “safe”. Nobody is “safe” online.
To follow up what LSLGuy said: We have a couple of computers at work that must keep Windows 7 on them to continue running a legacy laboratory program just a few months longer. There’s no way in hell our outside IT support or outside quality-control auditors will allow those computers to have internet access.
I have that model computer here that I use occasionally. It can run Windows 10 and it will probably be more secure if you are able to upgrade to it.
If you’re wedded to Windows 7, then the main solution for individual users is to subscribe to the paid version of 0patch, which is 23 Euro a year, so around $25. They’re currently keeping Windows 7 up to date with their micropatches that fix small problems, using both stuff from Windows 10 and the business-only extended updates.
That said, Dell supports Windows 10 on your computer, and the upgrade is still free. The main downside is just putting up with the updates–but this is less of a problem if you actually have “quiet hours” where you’ve shut down all your programs and just leave your computer on (plugged in, of course) so it can update (and restart).
There still are more potential headaches with the upgrade, since the updates are not tested as well, and Microsoft will move you to the latest Windows 10 when you get close to the end of support for the previous version, instead of the previous, more stable version (but you can mitigate this). But it’s free, and you’ll never have to worry about your online programs (Chrome especially) dropping support for the latest Windows.
Just how safe do you want to be?
Windows 7:
- Get every last possible update on it.
Browser:
- Don’t visit websites you don’t trust.
- Do keep a script blocker set to a strict whitelist as well, Just In Case.
- If you’re really paranoid, don’t load images off websites either.
Network:
- Get a router, and lock all ports down except the SMTP and HTTP/HTTPS protocols. **
- Be sure to change the admin account password on the router too.
- Turn off UDP and NAT punchthrough on your router.
- For thorough overkill, also install a third-party firewall, set as strict as you can.
Software:
- Just don’t run anything you don’t thoroughly know.
- Keep a trusted third-party antivirus program on your computer and give it complete, thorough, free rein.
- Scan your computer on a regular basis.
- Keep that antviral updated. (Note: Based on your router and/or firewall settings, this may prove challenging. You may need to open some few extra ports, depending on the antiviral.)
- Maybe actually consider running two antivirals, one that just runs on demand, to ensure the first antiviral isn’t infected.
Email:
- Don’t open any e-mail from anybody you don’t know or trust.
- Don’t open any attachment, even if it’s from somebody you trust, until you’ve thoroughly scanned it for viruses.
Hardware:
- Ensure all forms of autorun are turned off.
- Just in case, hold down shift while inserting USB keys, etc. It manually overrides autorun, even if it’s off.
Now, this is an utterly paranoid set of rules, but it will keep your old computer snug and safe. You can maybe loosen up on this paranoia as needs dictate. Most of these rules (don’t run unknown software, don’t go to unknown websites, don’t open unscanned attachments) will likely knock off 90+% of your potential infection vectors.
I’m in a similar situation, in that I have a really elderly scanner that only has Windows XP drivers. I have a dedicated XP laptop just for the scanner. It stays off the network, and it only scans, and everything is fine.
win-7 … if the choice was mine … i’d yank out the internet connection … install some children’s games from disk … and give the computer to the grand-kids. imo … win-7 should not connect to internet.
then, i’d purchase a cheap, new, win-10 computer (4gb ram) … and make sure the os is always updated. as for thunderbird and open-office/libre and banking … you should never use same user-id and same password. so, this necessitates using a password manager … think chrome browser probably integrates one. windows-defender and malwarebytes (free) might provide enough security … that’s your call. you might also consider also using ad-blocker.
and, as a friendly reminder … never click on email links … no matter how legitimate the emails appear.
I hate to be “that guy” but the OP’s needs could easily be met with one of the Linux distributions that is reasonably similar to Windows, Linux Lite or Kubuntu (etc)
Pro: more secure than Windows 7 * (but not a silver bullet) and will perform well on the hardware and so will the automated updates. All the OP’s preferred software (Chromium substituted for Chrome) will work fine. The OP can try it out using a USB bootable OS and/or dual boot until comfortable.
Con: the two I mentioned are sort-of-like Windows, but there’s still going to be a learning curve. Linux UI historically sucks somewhat. Also - and inevitably - the OP is going to need basic terminal/console commands… which is pretty scary for a novice.
- part of “security” in the Linux world is security by obscurity: while each distro may have known exploits it is just not worthwhile to craft an exploit that, say, targets Mint : there may be a few million Mint users but their collective value is way less than several hundred million Windows 7 users. Plus an attack vector that works for Mint might not work for the closely related Kubuntu, it is just too much hard work for Jo Average hacker to “support” all the variations.
The support for Windows 7 will end soonly but I can recommend 360 anti virus for free. It is really secure, it doesn t consume so much RAM
“GNU”-me want to know how to run win7 after end of support?
Thanks for all of the tips. I’d like to address this one first as it also applies to my office situation. My office desktop is also still running Windows 7. It’s not up to me to fix it. We do have a pretty capable IT guy that deals with our system. However our boss/owner is pretty loosey goosey with all kinds of security situations…despite the fact that our business is somewhat financial related and we have info on a couple thousand clients. I don’t particularly use that data so its possible that my computer is walled off from that kind of stuff.
Do not connect a Win7 computer to the internet (you’re probably OK for a few weeks but it is NOT a long term solution). Upgrade to Win10, or use the $50 to go towards a newer laptop. (Unfortunately prices for laptops are a bit high these days… seems there’s a lot of demand…)
And, do not let the work thing go: ask your IT guy, with lots of alarm and concern, why your work computer is running a no-longer-supported OS. If you have to, mention things like ‘potential legal liability’.
And bring it up with your boss if that doesn’t work. You know how to manage your boss better than us, but consider demanding something in writing from your boss saying that it’s not your fault if your clients’ information gets stolen due to outdated OS software. It’s easy to put off things like upgrades, but having to take responsibility in writing tends to focus attention.
If they’re still running Windows 7 and your capable IT guy is handing it, it’s very possible they have Extended Support Updates, or ESU. ESU means they will keep updating Windows 7 for security stuff. If you do any work on your laptop, you might see if your IT guy could get you set up with ESU as well.
That said, since you use open source programs and like the Gnu, it’s possible you are familar with GNU/Linux. Just dual boot on your laptop for a while. It’s pretty easy to resize your partition in Windows, and then install Linux. And you can even just try it out using a USB drive with the installer on it.
With Chrome, your profile can transfer over (if you let it sync with your Google account.) With Thunderbird, you can just copy the profile over to the correct location. And OpenOffice doesn’t have all that much to need to transfer over (and you really should consider updating to at least LibreOffice anyways). So you don’t have many hurdles to get things working–no software you won’t be able to run in Linux. Then gradually phase out using Windows at all.
I didn’t notice your username before, and just assumed by your question that you were more a novice. And, in that case, my recommendations stand: get 0Patch, update to Windows 10, or get the ESU version from your work if appropriate.
Thanks for all of the input. I’ve pretty much decided to move away from that laptop and I purchased an HP that runs Windows 10 in S Mode. I will prob start a new thread seeking input on customizing it for my needs including possibly turning off S mode. Let’s put that discussion away for a while please but since this thread was about being “safe” I would like to get some input here on the safety features of S-mode. That is part of the concept isn’t it? TIA!!
S Mode was new to me, so I Googled. Apparently, you’re limited to apps available through the Microsoft Store so it’s sort of like how iPhones/iPads are limited only to stuff available through the Apple App Store (although at this point virtually everything is there).
Here’s an article on the improved security. At this point (after 48 hours), its prob the only reason I would leave it in S Mode rather than switching out to regular mode (you can’t switch back).
The main reason I would consider keeping a laptop in S mode would not be security, which I argue isn’t that big a deal unless you run untrusted apps. (Your OP suggests you don’t). It’s more that S mode is mostly loaded on lower spec machines, as a competitor to Chromebooks. I’d want to know your specs before recommending upgrading to full Windows 10, as it would suck if your computer slows down too much.
One big one is that 32 MB is NOT enough to run proper Windows. You can get it to run, but updates will be screwed up and involve completely reinstalling Windows from scratch every year or so, while leaving you with basically no storage.
Since you like open source apps, S mode isn’t the best fit. But, since you already have the laptop, it may be the most performant. And you can always use Google Docs and the Chromium-based Edge. (Thunderbird appears to be available in the store, which is good.)
In other words: what are your specs on that S mode machine?
Based on my experience with our Win98 machines at work, “a matter of time” could run to decades. We haven’t tested longer than that.
Here are the specs…HP Stream 1.1 Ghz, 4GB ram, 64 bit
I travel alot and use about any hotel network that will have me. I’m guessing that prob falls under the "untrusted’ category. Thanks again for all of the help!