Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Software Topics > Windows Operating Systems

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old 9th January 2017, 2:52 PM   #136
broccoli
Member
 
broccoli's Avatar
 
Join Date: Feb 2010
Location: Perth
Posts: 15,358
Default

Quote:
Originally Posted by EvilGenius View Post
Problem is, you're just plain wrong about this,
Ok, blanket generalised statements are justifiable without considering the basis for them. shrug.
__________________
Quote:
Originally Posted by elvis View Post
People are idiots.
Quote:
Originally Posted by GreyWolfe01 View Post
don't connect via usb, since that is the devil.
broccoli is offline   Reply With Quote

Join OCAU to remove this ad!
Old 9th January 2017, 2:56 PM   #137
Wolfje
Member
 
Wolfje's Avatar
 
Join Date: Jul 2007
Location: Brisbane
Posts: 919
Default

Quote:
Originally Posted by broccoli View Post
I don't need a lecture on security. I don't need help to transition to linux.

My point:

Telling people that Windows 10 is "safer" than XP is not accurate.

It is the equivalent of telling somebody to get an alarm, and deadlocks and security lights on their house, while handing their key to a stranger or letting some bloke move in to the spare room. Or brainwashing the kids about "stranger danger" while allowing "Uncle Bob" unfettered and unsupervised access.

The risk is different, but neither is "safe". It's up to the user to ensure their "safety" and to decide how they do that. Simply parroting off that XP isn't safe and Windows 10 is, is, IMHO, silly.
Perfect infosec is a myth. Windows 10 is not safe. Linux is not safe. Your processors are not safe, neither are any firmwares you use or anything to do with computers. Even crypto is not safe. The only reason you can transfer money from your bank via the internet without losing all of it to the red army is merely on the premise that it's just really really hard to find encryption keys.

It's not about comparing the safety of one to another. None of your analogies will hide the fact that you're not making a valid comparison between the two.

Windows 10, is technically, and only technically, safer than Windows XP, for reasons explored above. The difference being that it's technically infeasible (without exploits) to infiltrate a recent NT-based system verses the system actively encouraging, and doing nothing to stop, basic computer attacks based on reverse engineering principals that have been around for 40 or so years.
Wolfje is offline   Reply With Quote
Old 9th January 2017, 2:56 PM   #138
martini.txt
Member
 
martini.txt's Avatar
 
Join Date: Jan 2015
Location: YouTube / Brisbane
Posts: 3,693
Default

Plenty of examples on the net of people setting up test XP machines with nothing on them fully patched and connecting to the internet and being immediately compromised.

If you're using it on a private network for some specific app I don't see a big issue with that, but under no circumstance would I recommend anyone go near it for web use.
__________________
YouTube twitch.tv
Rig - 6700k(AIO) - ROG Gene VIII - STRIX 1080 - 16gb DDR4 - Fractal Node 804
Boop - ATH-A700X - Yeti Blackout
Micro - HP N40L w/ Ubuntu, Sickrage, Plex, Deluge
Garage - Honda Hornet 900 & Fiesta ST & BF XR6 Turbo
martini.txt is offline   Reply With Quote
Old 9th January 2017, 3:03 PM   #139
EvilGenius
Member
 
EvilGenius's Avatar
 
Join Date: Apr 2005
Location: _Rocky Status:_Folding!
Posts: 8,914
Default

Quote:
Originally Posted by broccoli View Post
Ok, blanket generalised statements are justifiable without considering the basis for them. shrug.
It's not a blanket generalised statement, it's objective fact? What part aren't you considering having been justified?
__________________
i7-4820k @ 4.6 | X79-Deluxe | 64GB GsKill Ares PC-14900 | EVGA GTX 970 | Corsair HX-850 | CM690II
Once more unto the breach dear friends, once more
Cry fold for Team24, OCAU and all the world!
Wanted - N64 console - decent controller/s
EvilGenius is offline   Reply With Quote
Old 9th January 2017, 4:31 PM   #140
Scarpetta
Member
 
Scarpetta's Avatar
 
Join Date: Nov 2016
Posts: 84
Default

I use it still as a few clients use older accounting programs that simply aren't compatible with the newer OSs.

It's rare I use it (quarterly usually) but I still get updates from Microsoft.
Scarpetta is offline   Reply With Quote
Old 9th January 2017, 4:38 PM   #141
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 48,893
Default

Quote:
Originally Posted by martini.txt View Post
Plenty of examples on the net of people setting up test XP machines with nothing on them fully patched and connecting to the internet and being immediately compromised.

If you're using it on a private network for some specific app I don't see a big issue with that, but under no circumstance would I recommend anyone go near it for web use.
XP needs a proper new virus that just fucks it up royally. Blaster style but destructive.
__________________
this is who we are.
power is offline   Reply With Quote
Old 9th January 2017, 4:43 PM   #142
EvilGenius
Member
 
EvilGenius's Avatar
 
Join Date: Apr 2005
Location: _Rocky Status:_Folding!
Posts: 8,914
Default

Quote:
Originally Posted by Scarpetta View Post
It's rare I use it (quarterly usually) but I still get updates from Microsoft.
Really? Did you do the reghack to tell it it's a POS device?
__________________
i7-4820k @ 4.6 | X79-Deluxe | 64GB GsKill Ares PC-14900 | EVGA GTX 970 | Corsair HX-850 | CM690II
Once more unto the breach dear friends, once more
Cry fold for Team24, OCAU and all the world!
Wanted - N64 console - decent controller/s
EvilGenius is offline   Reply With Quote
Old 9th January 2017, 5:47 PM   #143
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 15,952
Default

Quote:
Originally Posted by broccoli View Post
Someone who thinks that giving access to a third party to be safe from "others" does not "know better", they just think they do. No longer seeing "the worst" happening is not because the users are "safe", it's because "the worst" is happening in the background. Giving some bloke from the shopping centre a key to your house to protect you from "burglars" is not security, it's pure idiocy.
So lock them out.

Bitlocker your machine. You can pay Microsoft all the money in the world. You can engage Microsoft Research to do crazy hardware based shit with your TPM. They will not get into your machine before our Sun fades into existence.

Microsoft cannot access your data at a whim. Your password isn't reversible. Nothing short of a keylogger will get your password. Utilise 2FA with a 3rd party (or even host it yourself) and everyone is fucked.

Quote:
Originally Posted by broccoli View Post
Telling people that Windows 10 is "safer" than XP is not accurate.
Wrong. In literally every single possible way.

Quote:
Originally Posted by broccoli View Post
It is the equivalent of telling somebody to get an alarm, and deadlocks and security lights on their house, while handing their key to a stranger or letting some bloke move in to the spare room. Or brainwashing the kids about "stranger danger" while allowing "Uncle Bob" unfettered and unsupervised access.
XP collects similar data. It collects it when you touch windows update. It collects you when you have any form of CIEP reporting. It collects it when you use IE. Google Collects it *constantly* whilst you use Chrome.

Everyone is still banging on about telemetry. Has anyone actually managed to decrypt it? ever? What is it sending? Name an incident where your leaked data has been linked to Microsoft Telemetry. Anywhere. In the World. Ever.

Microsoft told you it collects it - its the only reason you have any idea that they do collect it.

Guess what. Windows 10 is installed at the Pentagon. Yes - the crown jewels of the US Armed Forces runs Windows 10. Governments and Militaries around the world that have source code access to review have declared it safe under their install guidelines.

Just what do you think you have to protect and hide - that the Pentagon doesn't?

Maybe, just maybe - Microsoft is literally collecting configuration and failure metrics to make their OS better (you know, telemetry).

Do you lot lose your fucking mind when you put your car in for a service? Because a *shitload* of telemetry is taken there - more than enough to prosecute you for speeding beyond reasonable doubt.

Quote:
Originally Posted by broccoli View Post
The risk is different, but neither is "safe". It's up to the user to ensure their "safety" and to decide how they do that. Simply parroting off that XP isn't safe and Windows 10 is, is, IMHO, silly.
What?

You've changed the question.

The question here is - Should you use Windows XP on the Internet in 2017. The answer is no.

Its no from Microsoft
Its no from AV Companies
Its no from Security Researchers

Its yes from some random guy on the internet who doesn't really have enough information about the topic to form a valid and informed opinion.

In 2017 - what OS from Microsoft is the safest to use on the Web - the answer is Windows 10 1607 with Current Patches.

If you want a rough guide for securing your PC in the best way possible - listen to a security expert talk about it - https://decentsecurity.com/#/securing-your-computer/ - note that Full Disk Encryption, Secure Boot, TPM and UEFI are not supported in XP.

Last edited by NSanity; 9th January 2017 at 6:06 PM.
NSanity is online now   Reply With Quote
Old 9th January 2017, 7:44 PM   #144
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 28,504
Default

Quote:
Originally Posted by broccoli View Post
Telling people that Windows 10 is "safer" than XP is not accurate.

The risk is different, but neither is "safe". It's up to the user to ensure their "safety" and to decide how they do that. Simply parroting off that XP isn't safe and Windows 10 is, is, IMHO, silly.
You are giving disturbingly dangerous advice here. I genuinely hope people take the opportunity to educate themselves on the matter, and avoid what you're advising here.

Quote:
Originally Posted by broccoli View Post
Ok, blanket generalised statements are justifiable without considering the basis for them. shrug.
There is ample basis for the arguments. A number of professionals have all given you huge volumes of objective reasons in this thread (see the "XP grants admin access to ring0", which is well documented, and something you've ignored constantly and entirely), and all you've done in return is say "I don't trust Microsoft", while insisting on using a different Microsoft product, failing to see the irony in the process.

When folks get frustrated with your circular, unfounded arguments and call you out on them, they're not forgetting the three pages early of arguments they posted. Sadly, you are.

You *are* putting yourself at risk by using Windows XP. That is irrefutable. If you want to argue whether XP is "more secure than 10" because of Microsoft's data gathering, I'd still weigh the odds in 10's favour. As I've said countless times, I switched away from Microsoft all together, because I don't trust them. But you can't stick with their product AND get to say you don't trust them AND tell me that not switching to something else is a better overall option than anything else presented to you thus far.
__________________
Play old games with me!

Last edited by elvis; 9th January 2017 at 8:13 PM.
elvis is offline   Reply With Quote
Old 9th January 2017, 10:15 PM   #145
Cpt.J.Sparrow
Member
 
Cpt.J.Sparrow's Avatar
 
Join Date: Sep 2010
Location: South Korea
Posts: 801
Default

XP is still alive and kicking; [way too] many POS devices still run XP. Extended support for the POSReady variant will end in 2019.

I have a retro gaming rig running Windows XP, and it is pretty secure (no network/internet connection and locked in my man cave).

delusion: n. an idiosyncratic belief or impression that Windows XP is secure despite being contradicted by what is generally accepted as reality or rational, typically a symptom of the batshit crazy.
Cpt.J.Sparrow is offline   Reply With Quote
Old 10th January 2017, 9:03 AM   #146
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 28,504
Default

So a big part of my job is technical security. I work for an organisation whose client list require strict confidentiality agreements, and as a part of that we have to put several layers of security in place to ensure our client's data doesn't get released to the public.

There's no silver bullet here, clearly. But just one of the many layers we have in place is OpenDNS. This is a pay-for service that monitors Internet nasties, "zero day" attacks, and other things, and blocks them at the DNS level.

Even with up to date anti virus software, tightly controlled firewalls and Internet proxies, ad blockers, up to date, fully patched operating systems and application software, and a large chunk of our business running Linux on the desktop, in the last 24 hours OpenDNS reports that there were 333 blocked requests to known malware hosting domains, and 10 block requests to known botnets.

One could ignorantly assume it's a case of users "clicking on things they shouldn't", but it's not even close to being that trivial. "Trusted" websites people visit every day use all sorts of third party scripts and code, and those vendors in turn use third party code from elsewhere. Somewhere along the chain, all it takes is for one of them to either be hijacked or intentionally malicious, and bad code makes it to your browser.

Running ANY operating system on the Internet today that doesn't get up to date patching, and doesn't have adequate user privilege separation abilities is data suicide. That statement doesn't stop at Windows XP. It goes for anything that matches. Consider that there is a website available now that lets you connect to IoT devices that aren't adequately secured which includes poor patching (and in some cases even view their attached cameras realtime):

http://arstechnica.com/security/2016...eeping-babies/

Or that NAS devices sitting silently on people's networks have been compromised, join larger BotNets, and use your electricity and Internet access to mine Internet currency:

http://www.zdnet.com/article/nas-dev...er-two-months/
https://www.deepdotweb.com/2014/08/0...-cloud-botnet/

Want to capitalise for yourself? You can buy a botnet! Yes, you can pay money and get unfettered access to literally thousands of compromised computers of innocent home and business users like you and I, even without their knowledge. For a couple of hundred bucks, access is yours:

https://threatpost.com/how-much-does...-022813/77573/

And what about good old WindowsXP? Oh yes, it's a juicy, juicy target, thanks to a lack of updates available:

https://www.technologyreview.com/s/5...among-hackers/

If you have genuine need for these legacy operating systems (whether that's as high end as commercial requirement, or as low end as retro gaming) ensure you're running them with an "air gap" between that system and the Internet. Keep physical access limited to people you trust, and make sure that the only way it gets data on or off it is via trusted/scanned removable media.
__________________
Play old games with me!

Last edited by elvis; 10th January 2017 at 9:18 AM.
elvis is offline   Reply With Quote
Old 12th January 2017, 1:55 AM   #147
Kafoopsy
Member
 
Kafoopsy's Avatar
 
Join Date: Sep 2002
Location: Right Here!
Posts: 1,451
Default

Quote:
Originally Posted by mareke View Post
Out of XP, Windows 7 and Windows 10 I like XP most followed by Windows 7 which was XP with a few things shuffled around to different places that weren't an improvement. Windows 10 is in last place for me. It's an abomination because Microsoft removed choice from users (e.g. what updates they wanted to install) and forced a ghastly looking interface on them.
Quote:
Originally Posted by elvis View Post
Folks may baulk at upgrading to newer OSes because they don't like the look and feel, or even just due to licensing reasons.
This is something that I feel doesn't get near enough coverage. Its the question of why people like XP and don't want to upgrade. I believe that I speak for the vast majority of those who don't/didn't want to upgrade. It is the interface. People don't like Windows 8 and 10 as they are just too different in look and feel to what they are accustomed to.

Lets say there was a hypothetical Windows OS that has all the upgrades, security fixes etc of Windows 10, but was identical to Windows XP in look and feel. Would people upgrade to it? Sure they would. In droves. Probably including me.

This begs the question of why Microsoft wants to foist a completely new and widely hated interface on us while at the same time removing all traces of the old classic mode? Why not keep the old classic mode for those who like it? I am quite certain that Windows 10 would have had much greater acceptance had Microsoft done that. There really isn't any reason to change the interface. If I upgraded to Windows 10, I should not be able to tell the difference when I reboot into it after the upgrade completes, aside from a new version number. If they want to introduce a new interface, add it as an optional extra.

In my idealistic dreamworld, the interface of Windows would be completely decoupled from the base operating system and you would be able to upgrade one or the other without breaking anything.

So elvis, I know you are right, but I am going to sit in the corner and mourn over the loss of the old Windows interface. I like it and would happily use it for many long years to come. (I was forced away from XP as I need more than 4GB RAM and bigger hdds than 2TB)
__________________
I was a member of the THE SLOT-T PARTY!
I did have a: Tualatin Celeron 1.2 on MSI 6163 Slot 1
My motto: Latest version of software is not always best.
Kafoopsy is offline   Reply With Quote
Old 12th January 2017, 5:05 AM   #148
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 28,504
Default

Quote:
Originally Posted by Kafoopsy View Post
So elvis, I know you are right, but I am going to sit in the corner and mourn over the loss of the old Windows interface. I like it and would happily use it for many long years to come. (I was forced away from XP as I need more than 4GB RAM and bigger hdds than 2TB)
I'm not going to argue the subjectivity of interface use, because that falls under personal preference, and there simply is no right and wrong. I spend all day in a Linux terminal doing command line tasks, and supporting creative professionals who use full screen applications. In my working life, the user interface matters little (and honestly, I dislike them all, even XP, and even everything on Linux). But I know it's a big deal to others.

I'm also not going to defend companies for their choices in these matters. It's clear the Win10 interface has split the Windows community. I refer to it as "XBoxOS" to my Windows loving colleagues to drive the point home and give them a bit of grief. I legitimately consider Windows a toy for gaming in general, and not a professional OS, even if I know others may use it that way. But in the same breath, I also dislike the macOS interface, despite still recommending it to non-technical computer users.

I don't say all this just to rant. My point is I'm entirely indifferent to arguments of UI across any vendor or platform, which seem to dominate the reasons people choose particular OSes far beyond more important matters like security. When people tell me they put subjective reasoning ahead of objective reasoning, being the objective-to-a-fault person I am, I struggle to understand why.

With all of that said, you have a few options courtesy of the open source community:

http://www.classicshell.net/gallery/

Classic Shell does a fair bit to knock some of the sting out of the Win10 interface. It's not a complete XP interface clone, but it might ease the transition. If the UI is your only stumbling block to the upgrade, strongly consider that. As above, if your XP box is Internet facing, you've got some hard decisions to make.
__________________
Play old games with me!

Last edited by elvis; 12th January 2017 at 9:12 AM.
elvis is offline   Reply With Quote
Old 12th January 2017, 3:01 PM   #149
Kafoopsy
Member
 
Kafoopsy's Avatar
 
Join Date: Sep 2002
Location: Right Here!
Posts: 1,451
Default

Quote:
Originally Posted by elvis View Post
I don't say all this just to rant. My point is I'm entirely indifferent to arguments of UI across any vendor or platform, which seem to dominate the reasons people choose particular OSes far beyond more important matters like security. When people tell me they put subjective reasoning ahead of objective reasoning, being the objective-to-a-fault person I am, I struggle to understand why.
You're right, the user interface is very important to many people (including me), and to some, even to the disregard to almost everything else. This is why I can't understand why Microsoft keep making drastic changes to it. It would be like buying a car and finding that the gear stick is in a different spot, the steering wheel is in the back seat, all the gauges are swapped around etc. If the average Joe could upgrade their OS to the latest version without noticing anything different about the interface, I really do think that 95% of the whinging and moaning about Windows 10 would not have happened.
__________________
I was a member of the THE SLOT-T PARTY!
I did have a: Tualatin Celeron 1.2 on MSI 6163 Slot 1
My motto: Latest version of software is not always best.
Kafoopsy is offline   Reply With Quote
Old 12th January 2017, 3:22 PM   #150
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 28,504
Default

Quote:
Originally Posted by Kafoopsy View Post
You're right, the user interface is very important to many people (including me), and to some, even to the disregard to almost everything else. This is why I can't understand why Microsoft keep making drastic changes to it.
Easy to understand if you've ever worked on a large development project over time.

Microsoft isn't one person. It's literally thousands of people, all pushing and pulling in different directions on projects. On top of that, the market is fickle, and as you've rightly pointed out, UI is the most obvious thing to people. Make something that looks the same as before but is different under the hood, and nobody notices. Hell, look at macOS release notes, where they talk endlessly about how they've changed 3 pixels on the corner of a window which is utterly meaningless, but fail to mentioned they replaced their entire SMB implementation which is a huge deal.

On top of that, times do change. Like it or not, we've got a new generation of users who are coming into operating systems with 25+ years of Windows95 use. I know you like to think the UI is something you like because it's "better", but it really isn't. You've had training forced on you, and the interface you're used to now shoved down your throat for decades.

To a millennial who grew up on touch devices, Windows95 is an ancient monster from some distant past time. It may as well be hieroglyphics on the wall of the pyramids.

So what to do? Do Microsoft make a UI for their shrinking by loyal existing customer base? Or do they make a UI for their growing but fickle new customer base? Ask anyone under the age of 20 what they think, and Windows10 is pretty cool (the resident millenials in my office all love it, despite all the 30-somethings I know telling me how much "nobody" likes it).

Perspective is a glorious thing. People frequently tell me that Windows is the best option because more people use it (which fails to convince me as much as telling me McDonalds is the best restaurant around because more people eat their food). But regardless of that fact, much like any democracy, you're now a part of the population that's ruled by the lowest common denominator. Within your own circles and your own echo chambers, you may be convinced that nobody likes this new UI. But the few hundred people you might talk to about this in an average year pales in comparison to the 1.5 billion Windows users worldwide. And, once again, don't forget that Windows IS NOT the most popular UI on Earth. Right now there are 1.8 billion Android users. And while I understand that there is a world of difference between a phone, a tablet, and a PC, the fact remains that there are more individuals using that sort of interface than there are using something that ever looked like Windows95.

Like it or not, you have chosen to be a part of the masses. The numbers rule, and you are now the minority.

And forgive me for repeating it, but I moved away from Windows long ago because I wanted to make an OS about my choices and needs, and not about the needs of the masses. The option I chose isn't perfect - far from it. It's riddled with bugs and design faults and things that make it a royal pain in the arse. But the fact remains that I still have far more control over the system I use compared to what I see here, with you, as someone who is struggling to deal with a "one size fits all" system that really doesn't fit you.

Perhaps you, like millions of others, need to step back and ask yourself what it is you really need out of a computer, how you're going to achieve that safely and securely, and what you need to compromise to get there.
__________________
Play old games with me!
elvis is offline   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 7:30 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!