My laptop from work runs 7 and will until IT sends me a new one with something else on it. For our home system, we ditched Windows sometime ago and never looked back.

I wouldn't stop all automatic updates. Keep accepting the critical ones, those are very important security fixes. Never10 is totally safe. It doesn't install anything at all. It simply edits your registry to set the options that Microsoft provided to stop the automatic installation of Windows 10.
--
Bob C

... yes, not to mention the data collection your SmartPhone does and myriad other companies (Yahoo, Google, TOTV, and on and on).
--
Bob C

I'd bet your corporate IT folks have already set the same registry options that Never10 does. That's totally fine. If you don't have an investment in a lot of expensive Windows software that you'd lose if you switched platforms (e.g. to Linux or Mac) and you really don't like Windows for some reason, that's a completely reasonable strategy, although I would strongly caution inexperienced users from choosing Linux. It is very secure and stable but its hardware driver library is a bit lacking (meaning it may not support your recently purchased printer, scanner or other device) and if you need to install and/or configure some software that didn't come pre-installed it can be a bit of a nightmare. A Mac might be a better choice in that instance (or skip the general purpose computer altogether and get a ChromeBook or a tablet).
--
Bob C

We just use Group Policy :thumbup:

Of course. I believe setting the options in Group Policy causes the same registry updates that Never10 makes (or that you can make manually with regedit if you're up to it). Its only two registry keys. Not a big deal.
--
Bob C

My Windows laptop is administered remotely, which is fine with me. The only reason I have it is because my company forces me to have it. The "real" computers I use run SUSE. My wife's system is an iMac (which is essentially unix). I have built Redhat systems for home use before and they worked fine. My computer count is way down from the past. Once I retire, there will be no more Windows boxes in my house.

I've had to use RedHat Enterprise Linux on my work machine. Meh. When I retire (next month) there'll be no more *ix boxes in my house. I was at Bell Labs when Unix first became a thing. I never really warmed up to it (though there's no question it is far more secure than Windows). I was at IBM when OS/2 first became a thing. I never really warmed up to it either. Each to their own, I suppose.
--
Bob C

Funny. The ONLY reason that they are "more secure" is because they are not good targets. Hackers go after the mass', not the "one off's". Just as hunters go after a field of ducks as opposed to a lone duck.

I have seen MANY Mac's that have been taken over by remote users (often people who think they are on with technical support of some flavor).

If I was a hacker I would go after the most common system as well...but, alas - that is the reason for perimeter security long before OS security.

I have been developing code on unix/linux boxes (command line interface almost exclusively ) for about 30 years - everything from unicos to a/ux to aix to sles. If you aren't a developer, it is hard to appreciate what it brings to the table. When I worked at IBM they gave me a laptop (for profs access, no less) running os/2. I have always considered Windows to be/have a poor foundation to hang a gui on top of. Either you speak grep, awk, emacs, etc. or you don't. But you are right, to each his own. Our only systems in the near future will be Macs with Apple's flavour of unix under the gui, but a command line is always available when/if you need it.

Even Cisco has left CLI for all practical purposes...and yes, on their security devices (as has SonciWall, WatchGuard and on and on...)

Most developers in the HPC arena use command line interfaces. Most code is written with "vi" or "emacs" and "make" is the preferred build vehicle.

Developers sure (as in the guys in San Jose creating an image for IOS). But, even getting my CCIE Security we used very little CLI and many MFG's are simply blocking access to the CLI (as end users will jack things up). That said, I have left the Cisco realm in the dust as there are solutions as secure if not more - for far less of the budget. The things we do at the edge now are mind boggling compared to just five years ago.

I run the T50 at home (fully featured) and dont bother running any thing more than Microsoft Security on my systems. Performance is drastically improved over even a light AV application (plus the WLC is super hand for my AP's).

Product Comparison Chart Results | WatchGuard Technologies

Apples vs. bananas. I guess you aren't familiar with root access as the mechanism to limit what users can accomplish?? Command line interface or not makes no difference what users can or can't do, at least in a unix/linux enviornment. I am not sure what your point is as you have stayed off of my post.