dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
5301

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

4 edits

1 recommendation

Davesnothere to scross

Premium Member

to scross

Re: Strategies for Keeping XP - When You HAVE To Keep XP

said by scross:

said by PX Eliezer1:

I would gladly pay $ 50 a year for support. So would of millions of people AND companies. MS really blew this both from PR POV and from the money POV.

I wouldn't be at all surprised if MS doesn't eventually reverse course and do something like this. They're providing these patches for free now, so easy money. And they will be being PAID by large organizations (including government agencies) to produce new patches for at least a year or more still, so even easier money. (I won't even comment here on the fact that this paid patch fixing will be funded in large part with TAXPAYER money.)

 
If they are making these patches for paying customers anyway - YES, then why not leverage a few more bucks out of the general public ?!

After all, not buying a new Windows nor PC is saving us significant money, even by TODAY's price standards.

And it would give M$ a golden opportunity to test a new business model (new for THEM at least) on a receptive/captive audience.

FINALLY, the under-the-hood architecture of XP is not as different from the newer Windozes as M$ keeps telling us in their ongoing FUD/fearmongering (and which is why they kept offering XP updates even until NOW), so accepting money from those big businesses and gummints is actually GRAVY to M$ anyway.

And I openly challenge anyone reading to convince me otherwise of my last paragraph's bolded allegation !

XP is not dangerous enough to warrant change.

The combination of common sense online behaviour and 3rd party protection apps and browsers (these things alone, as described already upthread) are still enough to keep XP (and any newer OS safe), in MY book.

I submit that most Windows Updates are optional, and are part of a larger plan at MS to nurture a mindset which makes us trust and believe in them as a company, which in the longer term does little more than support THEIR bottom line !
psloss
Premium Member
join:2002-02-24

psloss to Millenium

Premium Member

to Millenium
said by Millenium:

In this way your user accounts can not write to anywhere from which they can also execute: A road block to malware. Microsoft's user permissions has holes in it that will allow a user account to write and execute from the same location. C:\Windows\Temp being one example.

Unfortunately, limited user accounts aren't much of a road block now (and that applies beyond XP) because they only protect the operating system/PC from widespread damage. That's fine for those who never, ever use their computer to do any financial transactions; however, most/all of the current major banking trojans run just fine within a limited user account and they don't need to take over the computer to steal what they are trying to steal.
Fickey
Terrorists target your backbone
join:2004-05-31

Fickey to Velnias

Member

to Velnias
said by Velnias:

Robolinux is based on popular Debian distribution and uses VirtualBox, so yes - its the same approach.

said by BlitzenZeus:

What snake oil, putting a os in a virtual machine doesn't make it immune from malware, but you can make snapshots which return it to a previous state, all changes are lost...

said by psloss:

Agreed...

Thanks, folks. My spidey sense suspected as much, but nice to have confirmation from those more knowledgeable.
Millenium
join:2013-10-30

Millenium to psloss

Member

to psloss
said by psloss:

however, most/all of the current major banking trojans run just fine within a limited user account

That's why setting permissions is important. Done correctly, there is nowhere a limited user account can write the trojan and also run it.

:::
quote:
Millenium wrote:
In this way your user accounts can not write to anywhere from which they can also execute:
You know? Execute and run are synonyms in this context.
psloss
Premium Member
join:2002-02-24

psloss

Premium Member

said by Millenium:

said by psloss:

however, most/all of the current major banking trojans run just fine within a limited user account

That's why setting permissions is important. Done correctly, there is nowhere a limited user account can write the trojan and also run it.

Sorry, missed the caveat. No way I'm touching that.
Millenium
join:2013-10-30

3 recommendations

Millenium

Member

No worries.

But why not do it? It only takes a few minutes. It's set and forget. You can log into your admin account anytime you need to install a program, which can then be safely run from limited (user) accounts.

There are tutorials about setting file permissions all over the internet if a person isn't familiar with them.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to Davesnothere

Premium Member

to Davesnothere
Even granting that their architecture is more similar than not, the problem is that vulnerabilities for XP will not be fixed ever again.
said by Davesnothere:

I submit that most Windows Updates are optional, and are part of a larger plan at MS to nurture a mindset which makes us trust and believe in them as a company, which in the longer term does little more than support THEIR bottom line !

No. Just, no.

Mashiki
Balking The Enemy's Plans
join:2002-02-04
Woodstock, ON

1 edit

Mashiki to Davesnothere

Member

to Davesnothere
said by Davesnothere:

FINALLY, the under-the-hood architecture of XP is not as different from the newer Windozes as M$ keeps telling us in their ongoing FUD/fearmongering (and which is why they kept offering XP updates even until NOW), so accepting money from those big businesses and gummints is actually GRAVY to M$ anyway.

Come on Dave. That's so easy to disprove by looking at how memory heaps are handled in crashes/hacks/etc, and attempts to get ring1/0 access to the machine that it's just plain silly. There's enough fundamental differences on how it's handled between 7 and 8, that it actually breaks some older applications that required R0/1 for sound connections, which are now actually R0/R3.

garys_2k
Premium Member
join:2004-05-07
Farmington, MI

1 recommendation

garys_2k to antdude

Premium Member

to antdude
N/M

DownTheShore
Pray for Ukraine
Premium Member
join:2003-12-02
Beautiful NJ

DownTheShore to Davesnothere

Premium Member

to Davesnothere
said by Davesnothere:

I submit that most Windows Updates are optional, and are part of a larger plan at MS to nurture a mindset which makes us trust and believe in them as a company, which in the longer term does little more than support THEIR bottom line !

Quel horreur! A publicly traded company interested in supporting their bottom line!

And this is different, how, from what car companies, clothing designers, and appliance manufacturers do with their seasonal/yearly new designs/models?

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

1 recommendation

Davesnothere

Premium Member

said by DownTheShore:

Quel horreur! A publicly traded company interested in supporting their bottom line ! ....

 
You forgot Banks and Big Oil.

Oh, and incumbent provider telecoms - We especially enjoy 'picking' on those, up here in Canada.

DownTheShore
Pray for Ukraine
Premium Member
join:2003-12-02
Beautiful NJ

DownTheShore

Premium Member

Ah, yes, like Rogers, who always seem to keep their Centre's dome closed whenever I watch a televised baseball game from there.

Didn't know you were from Canada, so the "quelle horreur" phrase usage was not aimed, though even more amusing now
scross
join:2002-09-13
USA

1 recommendation

scross to Mashiki

Member

to Mashiki
said by Mashiki:

Come on Dave. That's so easy to disprove by looking at how memory heaps are handled in crashes/hacks/etc, and attempts to get ring1/0 access to the machine that it's just plain silly.

I find it amusing that you seem to think that Microsoft has made great strides in this area. They may very well have closed a few doors here and there, but there are plenty more still out there, and this is all really just a matter of "too little, too late".

I don't really keep up with this stuff much anymore, but a quick check shows that there are R0 exploits which STILL work in Win8, go all the way back to WinNT (1993), and of course also work with all Windows versions in-between, meaning these problems have been around (unresolved) for 20 years now. And before you say "This is hard to correct because so many applications make use of it", I will remind you that when Microsoft first starting making these types of design decisions all those years ago, they were VEHEMENTLY warned not to do things like this, and they nodded their heads in apparent agreement - but then they went ahead and did them anyway!!! So they really have nobody to blame here but themselves.

In looking more into the heap thing, specifically at the Fault Tolerant Heap, if I understand this correctly they don't even turn it on for any given process until you've had that process crash at least once, and maybe even several times, and all they're doing is hiding the internal problem(s) from you (the heap corruption is still there), giving you the false impression that your system is more stable than it actually is. Since by their own admission these types of situations are easy for malware to take advantage of, from a security perspective it looks they're maybe actually aiding and abetting any potential malware here! And while they may have made even more "improvements" like this with Win8, they've managed to skunk that version so badly that nobody wants to even touch it now, so people are instead installing the "much less secure" Win7, or just sticking with the "truly awful" WinXP or whatever.

As I may have said earlier, something like 2/3 of the patches that have been coming out for WinXP also apply to Win7/8. So if you want to say that WinXP is crap from a security perspective (and that isn't a point that I would disagree with myself, ), then I would say that Win7/8 is still at least 2/3 crap.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to John Galt6

Premium Member

to John Galt6
quote:
While Microsoft may have ended its support of Windows XP that does not mean that other companies have as well. ESET realizes that not all of our own customers are able to upgrade to newer versions of Windows, and has committed to supporting Windows XP until at least April 30, 2017 [...]
»www.welivesecurity.com/2 ··· dows-xp/

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

Davesnothere to scross

Premium Member

to scross
said by scross:

....there are R0 exploits which STILL work in Win8, go all the way back to WinNT (1993), and of course also work with all Windows versions in-between, meaning these problems have been around (unresolved) for 20 years now....

said by scross:

....As I may have said earlier, something like 2/3 of the patches that have been coming out for WinXP also apply to Win7/8.

So if you want to say that WinXP is crap from a security perspective (and that isn't a point that I would disagree with myself), then I would say that Win7/8 is still at least 2/3 crap [too].

 
So much for 'upgrading', then !

Unless mayhaps to Vista.
Davesnothere

1 recommendation

Davesnothere to siljaline

Premium Member

to siljaline
said by siljaline:

quote:
While Microsoft may have ended its support of Windows XP that does not mean that other companies have as well. ESET realizes that not all of our own customers are able to upgrade to newer versions of Windows, and has committed to supporting Windows XP until at least April 30, 2017 [...]
»www.welivesecurity.com/2 ··· dows-xp/

 
So that's ESET, Avast, and MBAM which all plan to continue supporting XP ?

I could likely work with those (and already do use some of them).

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline

Premium Member

I can't speak for Avast & MBAM, but ESET have come forward and stated that they will support XP users well beyond the expiration window.

Shall post them as I'm made aware of others coming into the fold if they so choose to do so. Considering how many will run XP well beyond shelf life.

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

Davesnothere

Premium Member

 
I wonder what Norton, McAfee, & Webroot will be doing ?

Mashiki
Balking The Enemy's Plans
join:2002-02-04
Woodstock, ON

Mashiki to scross

Member

to scross
said by scross:

I find it amusing that you seem to think that Microsoft has made great strides in this area. They may very well have closed a few doors here and there, but there are plenty more still out there, and this is all really just a matter of "too little, too late".

Where did I say they made great strides? This was coming from a poster that was saying that "security fixes exist for the gullible masses."

But let's be realistic shall we? If you were going to exploit something where were are you going to do your injection? R0, or R3? Remembering that after S1 in Win7 that R1 no longer exists, and it no longer exists in Win8 either. On top of that, you have much easier vector points through flash, JS, Java, or plain old webkit vulnerabilities.

So, let's go back to the point at hand. You're writing a piece of malware and you want to infect as many machines as possible, easily as possible, and keep them as stable as possible. Now will you use one of those old stack overflows? A heap overflow that's existed in R0 which will first cause the machine to crash, or will use use a relatively stable injection loophole in say flash, or JS, which won't cause any noticeable problems with the users machine, and let you get your payload off. I know which one I'd use, how about you? I already know your answer anyway. After all, the whole point of "getting it in" is to "not let the user know, it's not there."

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline to Davesnothere

Premium Member

to Davesnothere
See remark posted further up the thread.
»These Anti-Virus Software Products Will Continue to Protect XP after the End

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

1 edit

Davesnothere

Premium Member

 
Very encouraging !

In that thread, the further-linked article gives me the feeling that security app companies stand to gain new respect and following from continuing to offer protection for the huge number of XP users still out here, and also that Microsoft is quite willing and ready to pass the ball/buck.

It also echoes much of what I and some others, both here and elsewhere, have been preaching - i.e. that the sky is NOT falling, but as usual, we will have to take proper precautions for our PCs, and do what most of us were prob'ly doing anyway, and that the same advice holds true for users of PCs equipped with more recent versions of Windows.
scross
join:2002-09-13
USA

1 recommendation

scross to John Galt6

Member

to John Galt6
Here's Cringely's take on the situation. This article and the comments on it make a pretty good read. Cringely's been around a long time, has lots of friends in the industry, and sometimes gets wind of things well before the rest of us do.

»www.cringely.com/2014/04 ··· dows-xp/
Expand your moderator at work
scross

scross to Mashiki

Member

to Mashiki

Re: Strategies for Keeping XP - When You HAVE To Keep XP

said by Mashiki:

I already know your answer anyway.

Then please enlighten me!
said by Mashiki:

After all, the whole point of "getting it in" is to "not let the user know, it's not there."

Maybe you missed my earlier point - that things like Fault Tolerant Heap might very well allow nefarious activities to still go on BUT NOT TO CRASH THE SYSTEM like they otherwise would. If I were a malware writer then I might view finding FTH turned on as an open invitation to get up to all kinds of no good.

I was going to mention earlier that good computer security goes all the way down to the hardware, and this is the way better computer systems implement security. It's quite possible that anything Intel-based just won't cut the mustard here.

Speaking of Intel (and since you mentioned so many other, supposedly easier attack vectors), I'm reminded of a story from 10 or 15 years ago. Back then most systems shipped with non-ECC RAM, and you were lucky to even get parity-checked RAM on many systems (not sure what the situation is today). People kept asking why this was so (why was memory being left so unprotected), and other than pointing out matters of expense (RAM not being quite so cheap back then as it is now), many of the explanations left much to be desired.

But then Intel came out with a white paper which cut right to the chase. Basically it said that there were so many failure-prone weak spots in a typical PC - everything from the hardware itself (presumably including the CPU) to drivers to the application software to the operating system (there was a not-so-subtle dig at Microsoft there) - that worrying about memory errors (which are comparatively rare) was just a waste of energy and money. I thought that this was a pretty candid admission on Intel's part - and also a pretty damning indictment of the entire PC ecosystem. I see that the "Yeah, this sucks - but it doesn't really matter because so many other things suck even more!" mindset is still alive and well in the PC world.
Expand your moderator at work

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

Davesnothere to scross

Premium Member

to scross

Re: Strategies for Keeping XP - When You HAVE To Keep XP

said by scross:

....Speaking of Intel (and since you mentioned so many other, supposedly easier attack vectors), I'm reminded of a story from 10 or 15 years ago. Back then most systems shipped with non-ECC RAM, and you were lucky to even get parity-checked RAM on many systems (not sure what the situation is today). People kept asking why this was so (why was memory being left so unprotected), and other than pointing out matters of expense (RAM not being quite so cheap back then as it is now), many of the explanations left much to be desired.

But then Intel came out with a white paper which cut right to the chase. Basically it said that there were so many failure-prone weak spots in a typical PC - everything from the hardware itself (presumably including the CPU) to drivers to the application software to the operating system (there was a not-so-subtle dig at Microsoft there) - that worrying about memory errors (which are comparatively rare) was just a waste of energy and money. I thought that this was a pretty candid admission on Intel's part - and also a pretty damning indictment of the entire PC ecosystem. I see that the "Yeah, this sucks - but it doesn't really matter because so many other things suck even more!" mindset is still alive and well in the PC world.

 
Hehehe - VERRRY interesting !
Davesnothere

Davesnothere

Premium Member

 
Here are more details on Avast's position on XP support :

»Avast Blasts Microsoft..Re:Win XP

Bill_MI
Bill In Michigan
MVM
join:2001-01-03
Royal Oak, MI
TP-Link Archer C7
Linksys WRT54GS
Linksys WRT54G v4

1 recommendation

Bill_MI to John Galt6

MVM

to John Galt6

IRONIC... but...

If you like irony...

I connected to work via an ActiveX control so in Linux, I run Windows as a VM to do this perfectly. Been doing it for years.

Well.. in February we get a shiny new Server 2012 and we now connect via VPN... but I couldn't! It didn't work in my Windows 2000. SO...

In February 2014 I upgraded from Windows 2000 to WinXP Pro. Back connecting again!

Now back to your regularly scheduled thread...
perryrpj
Premium Member
join:2006-06-14
Bedford, TX

perryrpj to dib22

Premium Member

to dib22

Re: Strategies for Keeping XP - When You HAVE To Keep XP

said by dib22:

Of course, Windows 7 & 8 won't run on most hardware that's running XP

Just a heads up... 7 does in fact run on most xp hardware!

THE BELOW IS NOT FOR THE FAINT OF HEART, IS ONLY FOR EXPERIMENTATION, AND THEN, ONLY IF YOU HAVE (3) CURRENT IMAGED DRIVES!!!!

Amazingly, I never had to go back to any image because of a failed upgrade.

dib22, you are correct! I give you props. In fact, I may now have to upgrade this image to Windows 7 on mine, since my Father is running it on his.

I am currently typing this on an Asus P3B-F circa 2000, that has been running XP SP3 for several years--rock solid. Also, my current image began with Windows 95a, and I've always done an in place upgrade (never a clean install).

Ooops, was I not "supposed" to be able to do this? I have to admit, it helps that I am running an Intel 1.4 Ghz Tualatin cpu (Asus beta BIOS), via a slot one adapter, have the box as tricked out as possible, and that I also know what I am doing.

dib22, the only thing that keeps this system from running Windows 8, is that my cpu supports PAE, but does not support NX or SSE2 (but I may have a workaround for this).
perryrpj

perryrpj to PX Eliezer1

Premium Member

to PX Eliezer1
[bquote/]=PX Eliezer1 See Profile]I would gladly pay $ 50 a year for support. So would of millions of people AND companies. MS really blew this both from PR POV and from the money POV.

PX Eliezer, you summed it up better than I could have.....but, I would pay $100 to $200 per year. Remember, Windows 2000 Pro was "supposed" to be for business? What is it that M$FT does not understand about gamers driving the market? W2K Pro gave us PnP, NT kernel, and good USB support.

You would think M$FT could at least contract XP security and update support to a 3rd party contract company, and make $$$'s?