Without implementing a restrictive hardware IP whitelist, can an internet-connected Windows 10 device be considered secure?

One of the many criteria for a connected device to be considered secure is that one must be able to log, account for, and understand all data leaving the device.

With most Linux distributions, this is easy. You can capture and record every packet being sent over the internet using simple hardware, and then compare those packets to the processes running on the Linux device. Since Linux is open-source, you can account for every byte being sent, and understand its exact purpose.

Using similar methodology, this can also likely be achieved with Microsoft’s Windows 7 operating system (although not with its default settings). Although it is closed-source, it appears that it likely can be configured to never transmit any mystery data. (The qualifiers “appears” and “likely” need to be employed because, in theory, it could potentially have one or more payloads that have so far gone undetected, or are triggered by events that have yet to occur.)

With Microsoft’s Windows 10 operating system (Home and Pro), I’m trying to determine if this is possible. Although Microsoft has finally published documents stating what type of data they claim to transmit from Windows 10 devices, that’s akin to “the fox watching the hen house”. (Remember how another mega-corporation, Google, drove around with vehicles collecting everybody’s WiFi traffic, and then claimed they didn’t even know they were collecting it?)

Given that Windows 10 is closed-source, no one can verify Microsoft’s claims by examining the code. Also, to my knowledge, no one has reverse engineered a sufficient amount of Windows 10 executables to verify those claims.

Despite much searching, I have been unable to find any documents sufficient to allow a person to verify Microsoft’s claims. From what I can tell, Microsoft has not publicly documented the structure of the data that Windows 10 transmits so that researchers can verify Microsoft’s claims.

Do such documents exist for the public to view? If not, how can any internet-connected Windows 10 device be considered even somewhat secure unless it employs a narrow hardware-based IP whitelist?


A little of the reading I performed before posting this question:

  • How can I prevent all Windows 10 Telemetry?
  • Information collected by Windows 10 at maximum privacy configuration
  • How does Windows 10 allow Microsoft to spy on you?
  • Does Windows 10's telemetry include sending *.doc files if Word crashed?
  • https://www.extremetech.com/computing/247311-microsoft-finally-reveals-exactly-telemetry-windows-10-collects-pc
  • What are the privacy and security implications of Windows Telemetry
  • https://www.zdnet.com/article/windows-10-telemetry-secrets/
  • https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/
  • Is there evidence to proof that Windows is spying us ? Are the anti-spy programs works and are they trustable?
  • https://www.cbsnews.com/news/hiybbprqag-how-google-tripped-up-microsoft/

Implementing Filters as Tabs in a Web Dashboard

We are trying to provide users with a strong filter mechanism on a Dashboard that collects visit data. It feels like we have arrived at a point where only a few pieces of the puzzle are missing and we don’t know how to place them.

The user should be able to:

  1. Define the filter parameters.
  2. Save them for future use along with a name.
  3. Apply them for one-time use to quickly check or search something without the need for saving them.
  4. Modify the parameters of an existing saved filter and save it again.
  5. Open tabs in the software itself and apply different filters (saved and unsaved) to easily switch from one type of data to another.
  6. Close tabs.

Constraints:

There is a live view tab that is static and can’t be modified or removed by the user. (Mentioned from now on as the default tab)

Solution: (So far) 1. A filter button on the dashboard that opens a side panel for filters that contains all the parameters and allows the user to save a filter, save as existing or just apply. Filter Panel View

  1. A Tab System that works like you’d expect. It allows the user to change the filter applied in a tab by clicking on a drop-down icon on the right side of the tab itself and selecting from the saved filters list. Drop-down implementation to select filters in tabs

  2. A plus button at the end of the tab list which works exactly like the drop-down above, prompting the user to select which filter view to apply on the new tab avoiding any empty states or empty tabs open.

Points we still can’t seem to get a grip on:

  1. How to make the experience of applying a filter to any open tab as seamless as possible? For example, if the user is on a tab and he clicks on the Filters button and changes some parameters and clicks Apply. Should we update the view to Unsaved View? Should we keep the name of the tab same with an asterisk to denote unsaved state with a reset button? Or should we open a new tab (potentially leading to a lot of unsaved tabs open?)

  2. If subsequently, he refreshes his page? Should the unsaved view disappear (being unsaved) or should we keep it in memory (potentially not really creating a need to use the ‘Save Filter’ feature)

  3. How to treat the default tab in all this? Should we disable all filtering options in the default tab to avoid any confusion leading to some loss in discoverability of filter features that are available as they will not show in the default tab or should we show filtering options on the default tab and open any changes made on the default tab in a new tab leading to a little bit of inconsistency (changing any filters from the default tab always opens a new tab while changing any filters from other tabs only makes changes to that specific tab and then implementing a fail safe or an error state if the user tries to make changes to the default tab with the maximum limit reached)

  4. Creating a responsive design around the solution.

It’ll be great to get insights and thought process on how to go about this problem.

Timeline for Implementing UX Process

I am in the process of presenting and implementing a brand new UI/UX process. I have gotten buy in for the proposed phases of the design process. But I am getting timeline questions regarding how long it would take to implement the full process or how much could be done within a 6month window and how to plan out a 6month window. I know this is super subjective but has anyone had any experience with anything similar? Or how long each step in a design process could take to nail down/implement?

Thanks!

Are there any benefits of implementing the Fisher–Yates shuffle algorithm from tail to head instead of head to tail?

I was looking at the Fisher–Yates shuffle algorithm and followed the Python implementation for it.

Python starts from the end of the array to the start. Looking at the algorithm I didn’t see any benefits in doing so compared to starting with the start and going to the end.

I was wondering, considering that looping backwards adds a thin layer of complexity, are there any benefits in doing so?

Implementing design sprint on a scrum methodology

We’re a startup company. I and my team are planning to implement a design sprint during a sprint cycle. But we have changed some minimal aspect of GVs Design sprint and make our own style. Since that we have all user stories ready. Our approach would be:

enter image description here

We create this process to oversee the potential problems in early-stage and generate solutions from time to time. To achieve users goals effectively

Note:

  • We already started creating User Story Mapping and we have Use stories ready

I will really appreciate your feedback or comments about this. I’m very open to gain new knowledge in this industry since I’m new with UX design.

Thanks!

Implementing DNS over TLS on 18.04

I am not very familiar with Linux, as I have predominantly been involved with everything Microsoft for the majority of my IT life, but I am just looking at the possibility of implementing a pair of Ubuntu DNS Servers that will perform external lookups using Cloudflare’s DNS over TLS.

I have read some articles saying that you can use:

  • Stubby
  • Bind9 with stunnel
  • nginx as a TLS proxy

However, I am not sure of the best and easiest method and just wondered if anyone had an opinion on what I should be using and if there is any documentation on how to setup and configure.

Implementing N-tier with Entity framework and repo pattern

I’m trying to clean up this code but can’t figure out the best way to go about it.

The UI will access the business layer and shouldn’t know about EFContext in doing this I end up with an almost exact copy of the EFContext class in my RepoBase class. If I need a entity specific method, I’m creating a entity specific repo and deriving from the RepoBase

MS examples seem to skip the RepoBase and just implement each CRUD method in each and every entity, this seems like even more code duplication.

RepoBase does provide separation but at the cost of duplication. I would like to know if there’s a better way.

Data Access Layer

public interface IDataContext {     T GetById<T>(int id);     void Delete<T>(T entity); }  public class EFContext : DbContext, IDataContext {     public virtual DbSet<Student> Student { get; set; }      public T GetById<T>(int id)     {         ...     }      public void Delete<T>(T entity)     {         ...     }  } 

Business Logic Layer

// Generic repo public class RepoBase {     private IDataContext _context;      public RepoBase(IDataContext context)     {         _context = context;     }      public T GetById<T>(int id)     {         return _context.GetById<T>(id);     } }  // Specific repo public class StudentRepo : RepoBase {     public Student GetByStudentId(int studentId)     {         ...     } } 

Implementing a better algorithm for calculation of bacterial growth

I am working on a mathematical model that describes the growth of 4 different bacterial populations and immune system cells under certain conditions. The model is governed by the equations below.

POPULATION 1:

$ {\underbrace{\frac{dN_{PS}}{dt}}_{\text{ Population change rate }}=\underbrace{r N_{PS}}_{\text{ Exponential growth }}\cdot\underbrace{\left(1-\frac{N_{PS}+N_{PR}}{K}\right)}_{\text{ Growth limitation }}-\underbrace{\theta_{PS}N_{PS}}_{\text{ Natural death }}-\underbrace{A_{PS}N_{PS}}_{\text{Biofilm formation}}+\underbrace{D_{BS}N_{BS}}_{\text{Biofilm dispersion}}-\underbrace{\phi_{PS}N_{PS}}_{\text{Mutation rate}}-\underbrace{\eta\delta_{PS}A_{m}N_{PS}}_{\text{Antibiotic inhibition}}-\left\{ \underbrace{\Gamma N_{PS}I}_{\text{Immune system}}\right\} }$

POPULATION 2:

$ {\frac{dN_{BS}}{dt}=(r-c_{b})N_{BS}\cdot\left(1-\frac{N_{BS}+N_{BR}}{K}\right)-\theta_{BS}N_{BS}+A_{PS}N_{PS}-D_{BS}N_{BS}-\phi_{BS}N_{BS}-\eta\delta_{BS}A_{m}N_{BS}-\left\{ \Gamma N_{BS}I\right\} }$

POPULATION 3:

$ {\frac{dN_{PR}}{dt}=(r-c_{r})N_{PR}\cdot\left(1-\frac{N_{PS}+N_{PR}}{K}\right)-\theta_{PR}N_{PR}-A_{PR}N_{PR}+D_{BR}N_{BR}+\phi_{PS}N_{PS}-\eta\delta_{PR}A_{m}N_{PR}-\left\{ \Gamma N_{PR}I\right\} }$

POPULATION 4:

$ {\frac{dN_{BR}}{dt}=(r-(c_{b}+c_{r}))N_{BR}\cdot\left(1-\frac{N_{BS}+N_{BR}}{K}\right)-\theta_{BR}N_{BR}+A_{PR}N_{PR}-D_{BR}N_{BR}+\phi_{BS}N_{BS}-\eta\delta_{BR}A_{m}N_{BR}-\left\{ \Gamma N_{BR}I\right\} }$

NAIVE CELLS (IMMUNE SYSTEM):

$ {\frac{dV}{dt}=\frac{-\sigma VB}{\pi+B}}$

EFFECTOR CELLS (IMMUNE SYSTEM):

$ {{\frac{dE}{dt}=(2\sigma V+\sigma E)\cdot\frac{B}{\pi+B}-hE\left(1-\frac{B}{\pi+B}\right)}}$

MEMORY CELLS (IMMUNE SYSTEM):

$ {{\frac{dM}{dt}=fEh\left(1-\frac{B}{\pi+B}\right)}}$

TOTAL BACTERIAL DENSITY:

$ {\frac{dB}{dt}=N_{PS}+N_{PR}+N_{BS}+N_{BR}}$

IMMUNE SYSTEM DENSITY:

$ {\frac{dI}{dt}=V+E+M}$

ANTIBIOTIC UPTAKE 1:

$ {{\eta}=\begin{cases} 1 & t_{1}\leq t\leq t_{1}+t_{2}\ 0 & t_{1}>t\:or\:t>t_{1}+t_{2} \end{cases}}$

ANTIBIOTIC UPTAKE 2:

$ {{\eta}=\begin{cases} 1 & B\geq\varOmega\ 0 & B<\varOmega \end{cases}}$

I am interested in how $ N_{PS}, N_{PR}, N_{BS}, N_{BR}, V, E, M $ change over time for which I implemented an algorithm in Python to solve the equations. Greek letters and other undescribed parameters (e.g. r, K, etc.) are mainly constants that are set at the beginning of the execution of the program.

One example of the functions used is shown below. Currently as you can also see from the code I’m using an Euler method to solve the equations, however I’d like to implement at least Heun’s method or even some higher order Runge-Kutta method to solve them.

I’m stuck already with Heun’s method and don’t know how to implement it. I ask for help with how to modify the following code and change it to for example Heun’s if that’s even possible with those equations.

def sensitive_bacteria_PS(previous_density, growth_rate, density_PR, maximum_density_P, death_rate_PS, attachment_rate_PS, mutation_rate_PS, antibiotic_uptake, antibiotic_inhibition_PS, antibiotic_concentration, lymphocyte_inhibition, total_immune_cells, detachment_rate_BS, density_BS, time_step):      return previous_density + ((previous_density * (growth_rate * (1 - (previous_density + density_PR) / maximum_density_P) - death_rate_PS - attachment_rate_PS - mutation_rate_PS - antibiotic_uptake * antibiotic_inhibition_PS * antibiotic_concentration - lymphocyte_inhibition * total_immune_cells) + detachment_rate_BS * density_BS) * time_step)