dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1185
share rss forum feed

weatherman10

join:2013-04-29

1 recommendation

Security of restricted XP system past End Of Life

I'll be upgrading my main systems to Win 7 or 8 before XP goes end of life. There is one function that I've been unable to find a way of getting to work without XP. I run a couple of attached Olympus digital cameras as high quality time lapse webcams using software that only runs on XP.
I was considering getting an old xp laptop and only run the webcam capture program on it.

There were two methods I was thinking of...
1. Use the webcam program to upload to my website through the router and keep the laptop off my windows network. Only the webcam program would be used this uses built in ftp routines to upload the images on a regular schedule to my website.
2. Put the laptop on my windows network and save the webcam images there and use some other method from a windows 7 or 8 PC to routinely upload to my website, somehow blocking all direct access to the internet to the laptop.

In both scenarios the laptop would get the final XP security updates before being semi isolated from the internet and would have the latest available zone alarm firewall installed to prevent all traffic other than the webcam progam
So I wondered how secure these options would be and if there was a preferred one out of the two. Any advice gratefully received.
Stuart


Frodo

join:2006-05-05

If you get windows 7 professional, you can get a virtual XP pro 32 bit to run in it. You might be able to get your cameras working in the virtual image.

I'm not sure whether you can get a virtual XP for free in Windows 8 professional. I read in the past that you could, but it was a 64 bit XP, now a quick search suggest you can't get a virtual XP in Win 8. (edit: at least, not for free)
»windows.microsoft.com/en-US/wind···indows-7
"Using Windows XP Mode, you can run programs that were designed for Windows XP on computers running Windows 7 Professional, Enterprise, or Ultimate editions. Windows XP Mode is not supported on Windows 8."



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

FYI you can run XP VMs on Win7 Home Premium if you wish. To my knowledge there's nothing special about "Windows XP Mode" that you can't get by creating your own VM from a licensed version of XP.

I have an XP VM on Win7 SP1 x64 and have some Canon camera drivers in it.
--
Don't feed trolls--it only makes them grow!


weatherman10

join:2013-04-29
reply to Frodo

I had thought of that but not only does my program not work in XP mode but xp mode itself becomes end of life at the same time as actual Windows. It would also mean shelling out for the Professional version of Win 7 in addition to a licence for the XP.


Frodo

join:2006-05-05
reply to StuartMW

said by StuartMW:

To my knowledge there's nothing special about "Windows XP Mode"

The only thing I'm aware of that is special is the price. It is a licensed XP that is included in the purchase of Windows 7 professional.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
reply to weatherman10

Ok but you can keep an XP VM isolated from the host machine and/or the internet if you wish.

Are you sure your software won't work in an XP VM on Win7? VM's can access USB devices on Win7 (my Canon drivers are USB).
--
Don't feed trolls--it only makes them grow!



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
reply to Frodo

said by Frodo:

The only thing I'm aware of that is special is the price.

That is my understanding too.

I already had an XP VM and Microsoft wants about $90 to upgrade from Home Premium to Professional. The going rate on eBay for a copy of XP is about $50. One has to be very wary of eBay however. Everyone says you get an unused key but how do you know?
--
Don't feed trolls--it only makes them grow!

weatherman10

join:2013-04-29
reply to StuartMW

Yes the software writer couldn't get it to work and eventually stopped selling it.
But if you think a virtual XP is safe enough then that would mean the restricted access laptop should also be.?



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

said by weatherman10:

...then that would mean the restricted access laptop should also be.?

Not sure what you're asking.

An XP VM is just a virtualized version of the real thing. As with any VM one can choose what privileges it gets (internet access, host drive access etc). If you keep it isolated I don't see how it's a security risk.

BTW VM's have a virtual hard drive (i.e. file on the host) so you can back them up easily.

Also are you sure you're not confusing "Windows XP Mode" (virtual machine) and XP Compatibility mode? They're very different things.
--
Don't feed trolls--it only makes them grow!

Frodo

join:2006-05-05
reply to StuartMW

The license says "END-USER LICENSE AGREEMENT FOR MICROSOFT SOFTWARE MICROSOFT WINDOWS XP MODE
(WINDOWS XP PROFESSIONAL SERVICE PACK 3 IN VIRTUAL HARD DISK IMAGE FORMAT FOR USERS OF WINDOWS 7 PROFESSIONAL, ENTERPRISE AND ULTIMATE EDITIONS)"

This means that if I upgrade to Windows 8, the VM becomes toast, according to some posts I've been reading.

I'm not obligated to run it under Microsoft's VM. I have it running using VMplayer, using Unity mode.


Frodo

join:2006-05-05
reply to weatherman10

said by weatherman10:

But if you think a virtual XP is safe enough then that would mean the restricted access laptop should also be.?

You can secure an XP if you know what you're doing. The biggest vulnerability is the browser and anything that runs in it. So if you're not running a web browser, the attack window shrinks. If you're behind a router using a private IP address on the XP and only forwarding the appropriate ports, the attack window shrinks further. If the internet facing processes are running without administrative privileges, the window continues to shrink. I can go on and on.

weatherman10

join:2013-04-29

Thanks all for the replies. Think the laptop route seems best connected to router with only necessary ports and programs allowed. And also I have no way of knowing if my program works with any other virtualisation solution.
Worst that can happen the laptop does succumb to something there will be no personal data on it and the rest of the network is safe.
Stuart



Triple Helix
Go Blue Jays Go
Premium
join:2007-07-26
Oshawa, ON
kudos:7
Reviews:
·Rogers Hi-Speed
reply to weatherman10

Or go all the way and buy VMware Workstation as it is compatible with Win 7 & 8 the only downside is big bucks. $249.00US »www.vmware.com/products/workstat···iew.html

TH


weatherman10

join:2013-04-29

At these prices I am as well ditching the cameras altogether and getting an old Cannon Power shot and a copy of PSRemote which does work with Win 8!


OZO
Premium
join:2003-01-17
kudos:2

1 edit
reply to weatherman10

I think you're overreacting here. After the EoL day nothing will make your XP installation less secure, than it is now. What you feel is just a marketing pressure on you to buy a new OS from them... If you believe whatever marketing departments want to tell you, I have Brooklyn Bridge to sell...

And BTW there is no difference from security stand point if you run XP on standalone laptop and / or within a virtual machine.
--
Keep it simple, it'll become complex by itself...


weatherman10

join:2013-04-29

Wasn't feeling the marketing pressure so much as the combined weight of technology blogs news articles etc. Anyway old cheap XP laptop it is then and should be cheaper still by next April as the "scare stories" ramp up!


TheMG
Premium
join:2007-09-04
Canada
kudos:2
Reviews:
·NorthWest Tel
reply to weatherman10

The chances of a computer becoming compromised simply by being connected to the internet and running outdated Windows is very very slim.

Most attacks occur through other means, the most common being the web browser, social engineering, trojan horses.

I wouldn't really worry about it.



antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable
reply to Triple Helix

said by Triple Helix:

Or go all the way and buy VMware Workstation as it is compatible with Win 7 & 8 the only downside is big bucks. $249.00US »www.vmware.com/products/workstat···iew.html

TH

Or go free with VirtualBox.org. :P
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


Triple Helix
Go Blue Jays Go
Premium
join:2007-07-26
Oshawa, ON
kudos:7
Reviews:
·Rogers Hi-Speed

said by antdude:

said by Triple Helix:

Or go all the way and buy VMware Workstation as it is compatible with Win 7 & 8 the only downside is big bucks. $249.00US »www.vmware.com/products/workstat···iew.html

TH

Or go free with VirtualBox.org. :P

Sorry Never.

TH
--
Triple Helix - Microsoft® MVP Consumer Security 2012/14
VIP Member Of ASAP - (Alliance of Security Analysis Professionals™)
Official Webroot SecureAnywhere (Prevx) Support Forum Helper.
(H59 Clan)