1. OCAU Merchandise now available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion here.
    Dismiss Notice

[WIN10] Gone back to WIN 7

Discussion in 'Windows Operating Systems' started by Mathuisella, Apr 26, 2018.

?

All driver/game/compatability issues aside, which do you perfer 7 or 10

  1. Windows 7

    45.6%
  2. Windows 10

    54.4%
  1. dimension11

    dimension11 Member

    Joined:
    Mar 16, 2016
    Messages:
    92
    That's all fine and good in theory, however in the real world, having a patched browser and a good password will get much more security than keeping your OS fully patched.

    The above posts, if anything have shown that desperation in reliance on patches for security is pure madness at best.
     
  2. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,388
    Location:
    Brisbane
    Security is not, and has never been, about one thing. No single firewall will save you. No single AV product. No single browser.

    Wanting *ALL* your software patched and supported isn't madness. And not a single person here who is warning you about not using Win7 past EOL is suggesting the OS is the only problem. Indeed, everyone warning you on this thread has information security as some or all of their profession.

    The madness is not demanding that a supported OS is mandatory as a part of a comprehensive security policy. What's madness is dismissing it as an issue "because browser".
     
  3. dimension11

    dimension11 Member

    Joined:
    Mar 16, 2016
    Messages:
    92
    Glad we're on the same page then.

    And that's exactly what I want too, except that I will not regress my tools or compromise my workflow just for the sake of being patched, especially where patching is just a relatively small part of the entire security chain. Once again, theory v reality.

    And to be clear, running Win 7 isn't for everyone, in fact as I've said before, the general advice for 99.9% of users is to stay patched. What I'm saying is that there are plenty of users out there who are the 0.1% who know how to and can keep their systems safe despite not being patched.
     
  4. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,388
    Location:
    Brisbane
    Keeping tools up to date is a critical component of any workflow. Never in computing history have we sat on one set of tools. My whole job is lighting fires under lazy businesses to get them moving on putting in processes that allow rapid tool upgrades and changes. I don't sell specific tools, specific workflows, or push specific vendors. I help them find ways to keep their tools/workflows/vendors moving, and not end up in your position where you are substituting one compromise (tool upgrades or substitutions) for another (security).

    Locking yourself in is not good business. If you can't dump everything overnight, switch vendors and tools, and continue moving forwards, that's a huge risk. For any given thing I do on a computer for personal or professional reasons, I could name off the top of my head 2 other alternatives on top of the one I use. Diversifying your tools is just another part of a comprehensive security strategy. Lock in (whether it's too a single vendor or single product) is not.

    In my experience people think they're the 0.1% who know, until they're demonstrated to not be.

    Regardless of your expertise, you've chosen a proprietary operating system that is EOL as a base for your tools and workflows. Part of your strategy from day one needs to be a migration plan when the software is EOL. Not doing so is bad business.

    And if it's for home/personal use, then the "tools and workflow" argument is nothing but silly posturing. Nobody's home setup is that critical, or that sensitive to OS changes. That's not even mentioning the substantial backwards compatibility, emulation, simulation and virtualisation options available on countless supported OSes today, should you have any desire to put on the nostalgia goggles and use software of old (which I do, as an ardent retro gamer and amateur digital preservationist).

    And beyond ALL that, the recommendation remains: don't use unsupported software. If you, personally, are truly OCAU's elite 0.1%, then you, personally can have my blessing to continue unpatched. The other ~150K members who aren't, should move on.

    [edit]

    Speaking of patching and bad shit, Indian nuclear power plants are having a terrible time right now.
    https://twitter.com/RungRage/status/1188853620541775872

    Don't be like Indian nuclear power plants. Patch your shit.
     
    Last edited: Oct 29, 2019
    Perko, 2SHY and millsy like this.
  5. BAK

    BAK Member

    Joined:
    Jan 7, 2005
    Messages:
    1,178
    Location:
    MornPen, VIC
    You aren't even in the same genre of book.

    Continuing to use Win7 after EOL is foolish and irrational. If you choose to continue to use an operating system after no further security updates are released, then that's your choice; myriad posters in this thread already have pointed out the risks associated such such a gamble. However, trying to JUSTIFY continuing to use Win7 after EOL is asinine and cretinous, not to mention irresponsible. Readers of your post may think "oh well this guy seems to know what he's talking about, Win7 is obviously fine!" Spoiler alert: you don't, and it's not*.

    (*won't be after EOL).
     
    miicah, NSanity, Perko and 3 others like this.
  6. dimension11

    dimension11 Member

    Joined:
    Mar 16, 2016
    Messages:
    92
    Once again, all theory. When the rubber hits the road, if you can't demonstrate a good cost benefit analysis, business won't move. That, unfortunately (and wrongly), excludes "what if" scenarios. Everything is a compromise, if you aren't compromising security you're compromising something else, Eg. reliability or up time. Keeping tools up to date and being locked into a single set of tools is a completely discussion. Remember the best tool for the job isn't necessarily the newest or the best, but the one that you're most familiar with.


    100% Agreed. Except at this stage, there is no impetus for me to move, and what I'm saying is that for a select subgroup of users, a system going EOL is not necessarily impetus enough, all other things considered.

    Actually what the tweet really means is "don't be like Indian nuclear power plants. Don't use the default username and password"
    Which harkens back to my previous post, there are much easier ways to get into a system rather than chain 15 exploits together with less than 100% success rate. Patching is definitely part of keeping oneself safe, but certainly isn't the main or only way.
     
  7. dimension11

    dimension11 Member

    Joined:
    Mar 16, 2016
    Messages:
    92
    I've said multiple times, and I say again, it isn't for everyone (incase that wasn't clear enough in my previous posts for you or anyone else). It's doable, but requires effort, and care.

    Simply making a blanket statement that Win 7 is going to explode and suddenly be exploited a thousand times over as soon as EOL _is_ irrational and fearmongering.
     
  8. Dilbery

    Dilbery Member

    Joined:
    Nov 19, 2005
    Messages:
    1,252
    Location:
    Sydney, NSW
    "In the real world" I genuinely lolled at this. Thanks for the laugh...
     
    2SHY, BAK, NSanity and 1 other person like this.
  9. BAK

    BAK Member

    Joined:
    Jan 7, 2005
    Messages:
    1,178
    Location:
    MornPen, VIC
    The only person who has said that is you, just now. Speculation about exploitation is relatively meaningless, but make no mistake: it's a case of when, not if. The longer you use Win7 post EOL the greater the likelihood. This shouldn't be a difficult concept to grasp.

    As for fearmongering:
    Risk associated with using such a widespread operating system post EOL aren't exaggerated, and communicating the dangers around doing so is not needless.
     
    Last edited: Oct 29, 2019
    elvis likes this.
  10. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,964
    Location:
    Canberra
    you're 110% delusional.

    Technical Debt is the number one fucking problem in IT Security. Patching and lifecycle management is key part of any overarching security strategy.
     
    millsy, Dilbery, BAK and 2 others like this.
  11. Perko

    Perko Member

    Joined:
    Aug 12, 2011
    Messages:
    4,463
    Location:
    NW Tasmania
    No one's saying that. It only takes one exploit to succeed for someone's primary email or bank accounts to be compromised.

    The only irrational thing being put out in this thread is that GUI is more important than security. If you're hand wringing over work flow in a new OS that has the same hotkeys and general layout as the old ones, you're not in the 0.1% that you think you are.
     
    millsy, BAK, elvis and 1 other person like this.
  12. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,388
    Location:
    Brisbane
    You appear to be intentionally missing the "I do this for a profession" part of the posts.

    That, and the rest of the folks who also do this for a profession (lots of them here on OCAU, some who do it for some very serious places), who are all telling you the same thing. And the reason we're all saying the same thing? Because professional IT took some bad turns early on (decades ago), learned from their mistakes, and now has a set of best practices that can help everyone.

    And there's no secret society or esoteric elite bullshit here. This stuff is simple and publicly available. Here's our nation's best, and their advice to every single business and individual, titled "The Essential Eight":

    https://www.cyber.gov.au/publications/essential-eight-explained

    Copy / pasting from that article:

    They couldn't be any clearer if they tried. I certainly cannot argue with the true experts. If you think you can, you'll need to present some pretty bloody amazing evidence.
     
    Perko, BAK, 2SHY and 1 other person like this.
  13. miicah

    miicah Member

    Joined:
    Jun 3, 2010
    Messages:
    6,989
    Location:
    Mount Cotton, QLD
    Except for the 5000 people in this thread bitching about how Win10 forces updates on them and they like it "the old way" where they (accidentally) patched once a year when the power went out?
     
    Perko, NSanity, 2SHY and 1 other person like this.
  14. Statitica

    Statitica Member

    Joined:
    Dec 29, 2009
    Messages:
    3,236
    Location:
    Lae, Morobe, PNG
    The best tool also needs to meet the basic requirement of being one which works, and unless you're running that tool on an airgapped win 7 machine, you're running the risk of breaking your own tools.
     
  15. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,964
    Location:
    Canberra
    as someone who works in a lot of airgapped environments - its not worth it.
     
    Statitica and elvis like this.
  16. BAK

    BAK Member

    Joined:
    Jan 7, 2005
    Messages:
    1,178
    Location:
    MornPen, VIC
    Precisely. Constraining your productivity based on how long you can hold your breath is very inefficient.
     
    millsy likes this.
  17. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,388
    Location:
    Brisbane
    Amen to that. Enormous pain in the arse, not to mention huge dollar cost.
     
  18. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,964
    Location:
    Canberra
    are you allowed to send logs? because we aren't.

    Makes troubleshooting fun... Support to Vendor

    "Send me logs"
    "Yeah, thats a negative on the chicken captain..."
    "Oh ok, Can we webex?"
    "What is a response that is more definitive and negative than no fucking chance"
     
    millsy and elvis like this.
  19. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,388
    Location:
    Brisbane
    There's one (large) customer who doesn't allow it. They don't even have advice or strategies on how to allow your internal developers to talk to your internal production crew in a useful and officially sanctioned way. It's a fucking nightmare.

    Most of the other folks realise pretty quick that if you can't send logs, production stops, and real money is lost. So they lighten up. But the big dog of the biz doesn't listen to anyone.

    My god, I get this all the time (TeamViewer is still the darling of this retarded industry). How do they think that's MORE secure than any other method?
     
  20. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,964
    Location:
    Canberra
    i'm pretty frustrated that santisation (which is a multi day process - assuming text logs) includes IP's - despite being 10.0.0.0/8 stuff.
     
    elvis likes this.

Share This Page

Advertisement: