hate these ads?, log in or register to hide them
Page 1 of 2 12 LastLast
Results 1 to 20 of 21

Thread: Segregating Windows Installations? (Windows 10 for Non-Gaming Help)

  1. #1
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,063

    Segregating Windows Installations? (Windows 10 for Non-Gaming Help)

    I want to use my gaming PC as my 3D CAD/CAM box as well.

    Problem is, if I use it as a work computer I'm going to have critical logins / keys (obviously separately generated for just this box) so I want to keep the gaming stuff in a ghetto. I also haven't taken Windows seriously as an OS in ages so am pretty unsure about software and general security recommendations.

    Here's my "plan":

    - Purchase a separate drive (probably another M.2) for the new installation.
    - Change my Microsoft Account PW
    - Nuke the old install and re-install, activate, etc w/o Microsoft Account.
    - Remove Drive and Insert New.
    - Install Windows 10 Pro onto the new drive.
    - Use Bitlocker to encrypt the drive
    - Run a simple hardening / privacy pass
    * http://www.tomsitpro.com/articles/wi...gs,1-3665.html
    * http://www.zdnet.com/article/how-to-...ranoids-guide/

    Here's my questions:

    - What's the best backup strategy? Should it even be bothered with?
    - Does Windows do anything like .dotfiles? https://dotfiles.github.io/
    - Is there any way to make the gaming drive _invisible_ on a system level? I don't want to Bitlocker both as it requires an MS account and well, that kinda defeats the purpose unless I want to create another one, which I guess I could do.
    - Do I need to worry about any AV besides Defender? I really won't be using this machine for anything but explicitly trusted stuff.

    Any "essential" software recommendations?

  2. #2
    Straight Hustlin's Avatar
    Join Date
    April 14, 2011
    Posts
    9,975
    This is for your 3d printer right? I know this doesn't help you but I would highly recommend you do not use your PC to control a piece of machinery; your PC will have a slight hiccup at some point and it can and will really fuck up what ever you are trying to do, and in a extra bad case, fuck up your machine. There is a reason why all 3d printers have a SD card slot and why very expensive printers and CNC machines have onboard memory that the G-Code gets shunted to before the process begins.

  3. #3
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,063
    It's not for controlling anything.

  4. #4
    מלך יהודים Zeekar's Avatar
    Join Date
    April 10, 2011
    Posts
    14,703
    I think you're overthinking this. Your use case will be light 3D modelling on simple and light weight models in free cad software. There is honestly no need for a separate work only windows install.


    

  5. #5
    Donor halbarad's Avatar
    Join Date
    April 9, 2011
    Posts
    4,818
    Check out the last week or two of tweets by a guy called Matt Graeber (@mattifestation). He's been locking down a machine with Device Guard, application whitelisting and more to see if it's possible and what vendors are rubbish at releasing unsigned code etc.

    I haven't been following it too closely but he's had some success and if you want to get very security conscious about a machine.

  6. #6
    Corwyna's Avatar
    Join Date
    April 10, 2011
    Location
    Croatistan
    Posts
    3,239
    Quote Originally Posted by Aea View Post
    - Is there any way to make the gaming drive _invisible_ on a system level? I don't want to Bitlocker both as it requires an MS account and well, that kinda defeats the purpose unless I want to create another one, which I guess I could do.
    Just go to disk management and unmount the drive to keep it 'hidden'.
    Hiro Cor

  7. #7

    Join Date
    May 31, 2011
    Posts
    3,330
    Quote Originally Posted by Aea View Post
    - Use Bitlocker to encrypt the drive
    I'd stay away from BitLocker. It depends too much on SIds for my liking, which can cause you troubles (irrecoverable data) in some circumstances. If you need encryption, use something like TrueCrypt/VeraCrypt.

    Also: create different (limited, if possible) user accounts for running different stuff.

    As for dotfiles - Windows does not really have it for the most part. If so, it keeps them in the respective user profile (see above).

  8. #8
    Straight Hustlin's Avatar
    Join Date
    April 14, 2011
    Posts
    9,975
    Quote Originally Posted by Aea View Post
    It's not for controlling anything.
    Quote Originally Posted by Aea
    I want to use my gaming PC as my 3D CAD/CAM box as well.
    Ah thats' how I interpreted that. Why do you feel you need separate/segregated installs for CAD software? I've gamed on my CAD systems, and run CAD on my gaming systems; There is really nothing to it

    edit: unless of course you're maybe trying to obfuscate some less than legally owned software or something? In which case I'd say just get Autodesk Fusion 360 as you can get a perpetual free education license so long as you don't earn more than like 10 grand a year from it.

  9. #9
    מלך יהודים Zeekar's Avatar
    Join Date
    April 10, 2011
    Posts
    14,703
    Quote Originally Posted by Straight Hustlin View Post
    Quote Originally Posted by Aea View Post
    It's not for controlling anything.
    Quote Originally Posted by Aea
    I want to use my gaming PC as my 3D CAD/CAM box as well.
    Ah thats' how I interpreted that. Why do you feel you need separate/segregated installs for CAD software? I've gamed on my CAD systems, and run CAD on my gaming systems; There is really nothing to it

    edit: unless of course you're maybe trying to obfuscate some less than legally owned software or something? In which case I'd say just get Autodesk Fusion 360 as you can get a perpetual free education license so long as you don't earn more than like 10 grand a year from it.
    TBH id just pirate CATIA v5 and call it a day. OTOH I work with CATIA in ze job so there is that.


    

  10. #10
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,063
    No, nothing illegal.

    I don't want my keys / logins / cookies (i.e. to git, google, etc.) exposed on a Windows Machine. Mostly because I don't trust windows to be secure, and I certainly don't trust the software I download from hardware manufacturers to be secure.

  11. #11
    Mallet Head Donor 56k Lagman's Avatar
    Join Date
    May 5, 2011
    Location
    Vancouver, BC
    Posts
    4,362

    Quote Originally Posted by Duckslayer View Post
    I should be home.now but I keep stopping to post. I'm in need of a mega poo. so much so that I'm tempted to leave slurry across one of these gardens and deal with the wiping later. gonna toss a coin

    phoneposting

  12. #12
    Frug's Avatar
    Join Date
    April 10, 2011
    Location
    Canada
    Posts
    13,228
    Quote Originally Posted by Aea View Post
    No, nothing illegal.

    I don't want my keys / logins / cookies (i.e. to git, google, etc.) exposed on a Windows Machine. Mostly because I don't trust windows to be secure, and I certainly don't trust the software I download from hardware manufacturers to be secure.
    *frysquint*

    Piratebay isn't a manufacturer, you know.

    I would have thought different user accounts would be sufficient. But then, I was never able to understand windows permissions very well.

    Quote Originally Posted by Loire
    I'm too stupid to say anything that deserves being in your magnificent signature.

  13. #13
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,063
    Why are you guys thinking I plan on pirating anything? I'm literally a hardline piracy is theft and theft is bad guy.

  14. #14
    Frug's Avatar
    Join Date
    April 10, 2011
    Location
    Canada
    Posts
    13,228
    That's exactly what a pirate would say.

    Quote Originally Posted by Loire
    I'm too stupid to say anything that deserves being in your magnificent signature.

  15. #15
    Corwyna's Avatar
    Join Date
    April 10, 2011
    Location
    Croatistan
    Posts
    3,239
    Quote Originally Posted by Frug View Post
    That's exactly what a pirate would say.
    Hiro Cor

  16. #16

    Join Date
    May 31, 2011
    Posts
    3,330
    Quote Originally Posted by Frug View Post
    Quote Originally Posted by Aea View Post
    No, nothing illegal.

    I don't want my keys / logins / cookies (i.e. to git, google, etc.) exposed on a Windows Machine. Mostly because I don't trust windows to be secure, and I certainly don't trust the software I download from hardware manufacturers to be secure.
    *frysquint*

    Piratebay isn't a manufacturer, you know.

    I would have thought different user accounts would be sufficient. But then, I was never able to understand windows permissions very well.
    Lo and behold, the Windows permission system is just fine. I've even read claims from people working both with Linux and Windows that it's more granular than its Linux equivalent, but I can't verify that due to my lack of Linux knowledge. However - even these days, it's often (Windows) software (developers) , that insist on breaking it, in order to successfully run the application.

  17. #17
    Donor erichkknaar's Avatar
    Join Date
    April 10, 2011
    Posts
    9,126
    Quote Originally Posted by Hel OWeen View Post
    Lo and behold, the Windows permission system is just fine. I've even read claims from people working both with Linux and Windows that it's more granular than its Linux equivalent, but I can't verify that due to my lack of Linux knowledge.
    Depends on whether you count POSIX as the standard or use something more modern (https://selinuxproject.org/page/Main_Page).
    meh

  18. #18

    Join Date
    April 14, 2011
    Posts
    5,589
    lol, fuck selinux.

    I'd actually kill for windows's permissions models under linux. selinux gets some of the way but it's nigh on impossible to configure for anything but the most trivial of systems.

  19. #19
    Donor erichkknaar's Avatar
    Join Date
    April 10, 2011
    Posts
    9,126
    Quote Originally Posted by elmicker View Post
    lol, fuck selinux.

    I'd actually kill for windows's permissions models under linux. selinux gets some of the way but it's nigh on impossible to configure for anything but the most trivial of systems.
    That's not necessarily true, but it is pretty fucking nerdy.

    I say this having cut my teeth on Solaris RBAC.
    meh

  20. #20
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,063
    Isnít AppArmor eating SELinux? Mostly due to not being a total pain in the arse.


    Sent from my iPhone using Tapatalk

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •