okay so i did and he defs claims windwos was secure out of the box. so again, i ask if he really said that ahaha, with a straight face.
SMB 1.0 is enabled, non admin users have powershell access, defender can be disabled with a single command, user is admin by default, passwords can be reset via booting to a bootable media device and then swapping its CLI to c:
there are so many basic insecurities out of the box in windows.