You don't understand what you are talking about. No one is looking to 'find anything'. They want the capability a hacked machine gives them.
Win XP vs Win 7 - an internet security debate.
- Thread starter blahblah
- Start date
- Views 5,179
- Replies 94
- Likes 3
You don't understand what you are talking about. No one is looking to 'find anything'. They want the capability a hacked machine gives them.
Mmm-hmm. All of them are things grandpa and grandma will come across on their boomer websites. Evil Chinese hackers will for sure try to hack their mainframe and steal their... Nothing, because that's a ridiculous premise.
Yes, of course they will, on account of malvertising. Which is an epidemic, even on the most mainstream of sites. This isn't a state sponsored hacker thing. This is a HackFourms 14 year old kid thing. And, again, it's not about stealing directly from the user, it's about the capabilities having a hacked machine gives the attacker.
Please don't speak about things you have absolutely zero understanding of.
Last edited by blahblah,
Speak for yourself, kiddo - I know exactly what I'm talking about. 99.9% of users are perfectly safe online on a well-setup system that blocks most infection vectors.
If you understood, you wouldn't say the things you are saying. There are numerous unpatched XP RCE exploits. One bad banner ad - commonly found on the most mainstream of sites - and that's it. Trying to go after vectors while you have gaping holes beneath you is silly. The problems are due to the gaping holes.
I'm not saying that it is secure, I'm saying that it's perfectly serviceable for most users. You're welcome to live in paranoia land, meanwhile everybody else runs an adblock and some kind of freebie Internet security pack. A "bad banner" is likely to show up on a dodgy website from Russionigeriastan, not on Google AdSense. Stop browsing weird porn sites, job done. Again, not recommended, not secure, but perfectly serviceable.
And, again, you continue to be wrong & are saying things that are laughable to technically proficient people. You are in direct contradiction with well documented reality.
No, it's not 'serviceable'. No, it's not 'paranoia' that well known, public exploits will be used against you in the exact way they are used against other people all day long.
Adblock can help you avoid malvertising, but sooner or later Facebook will update their anti-adblock stuff (for the 8 millionth time) and Boomer User will get infected and that's that.
Your comment about the kind of sites that host bad ads is outright untrue and kind of is a joke - just Google it. Mainstream sites run them all day long. Just the nature of the ad business - malvertising slips through, shows up on the Alexa Top 10 all the time.
Not serviceable, and you are not knowledgable enough about technology to argue with me.
Last edited by blahblah,
I actually dont use the hyperV. The vm software i use is version 1. No hyper v support. Anything of importance i store on discs on my shelf. Id like to see a hacker hack them from his basement when they are on the shelf.
I just thought of something. What region is his laptop from. I came across a Dell Pentium 4 laptop from the middle east as it has the Arabic keyboard. Even tho the hardware was the same as the US version, only the middle eastern drivers would work with its hardware. It was the dumbest thing dell did. Im beginning to wonder if that may be OP's problem since he was looking for a Dutch windows xp.
I just thought of something. What region is his laptop from. I came across a Dell Pentium 4 laptop from the middle east as it has the Arabic keyboard. Even tho the hardware was the same as the US version, only the middle eastern drivers would work with its hardware. It was the dumbest thing dell did. Im beginning to wonder if that may be OP's problem since he was looking for a Dutch windows xp.
I didn't say anything about HyperV, and the version number of your software is not important to me. You clearly do not know enough about computers to be responsible for your own security in the way you insist on being.
A virtualization hypervisor is a technology. HyperV is a product.
I assume that there's only one of us with an IT degree, and it's probably not you. Most people are not targets, you are not that important. Assuming that you would *somehow* get infected because an ad went past your block, there's plenty of software capable of interrupting execution, but let's assume that this also failed - so what? Your ancient laptop will become a part of a botnet? It'll mine bitcoin? Okay. This might be a shock to you, but nobody cares about you on the Internet. Again, you're purposefully reframing what I'm saying. I said that it's serviceable, not that it's safe.
Hah, an 'IT degree'. That explains a lot.
No one has to be targeted here. This isn't a targeted attack thing. One bad ad and that's it. It's generic. The attacker targets XP users broadly, not little ol' you.
Yeah, again, you are completely wrong in every way. Even if it were realistically possible for security software to save the day here, security software that operates at that level isn't even supported on XP anymore. Developers have dropped the platform. Browser vendors have dropped the platform. You can take over the users browser with near-zero effort and just fire off different exploits until you have taken the machine. Security software won't see anything, just a normal Chrome process up until it's too late.
It impacts the health of the internet as a whole when machines are taken over. It's impossible to say exactly what it would be used for as that varies based on the attacker, but it won't be anything good.
Either learn what you are talking about or stop posting. You are arguing with someone immensely more knowledgable than you, and it is visibly obvious to everyone else.
Last edited by blahblah,
Everything you are saying is true, I never disagreed with that. What I said was that most users don't care, are not affected by it and do not experience the repercussions. In fact, many modern malwares don't even run on XP anymore, that's how outdated it is. In order to take over the machine and *actually do something with it* you need a bad actor, and bad actors are infinitely more interested in large, old school networks that still run on XP because those can collectively do some damage or can be held at ransom. It is generally not wise to assume someone's level of knowledge when you don't know them, I'm pretty confident that I could run circles around you. You're misunderstanding "not caring" with lack of knowledge. We can put your assertion to the test - set up an XP VM, use it 24/7 for a month and get back to me, we'll see how infected it gets. I'll put my money on "not at all", barring the occasional spy cookie or adware.
Some of the most common infections these days involve monetizing the user directly. Ad injection. Replacing their browser with a malicious one. Intercepting banking credentials. The possibilities are limitless when you have full control.
There are XP-specific malware packages. Those are what we see attached to malvertising that feature XP RCE.
Bad actors vary. Not all are capable of bitcoin ransoms. The capability required successfully take over a ton of XP machines is far lower. The risk of attracting unwanted attention in the form of press attention and the like is way lower.
I'm assuming your knowledge level because of the things you are saying. Lots of the things you are saying are factually incorrect, like the types of websites that run malicious ads. Even more of it does not reflect any kind of intelligent thinking on security. I am more knowledgeable than you are. All technologically proficient people reading along can tell.
I am not terribly interested in browsing inside a XP VM for a month. That sounds like zero fun & is unnecessary - that things are the way I say they are is already well documented.
Right at the end, you reveal how little you know. Again. For the millionth time. If adware is running on the machine & is running on the machine without any kind of purposeful user interaction required to trigger that, that's game over. You are now compromised. Code is running that you did not seek out & did not consent to downloading & cannot be trusted.
Last edited by blahblah,
Okay then.
I don't disagree with you, what you're saying is true, but grandma and grandpa probably don't care, they just want to watch cat videos on YouTube. I understand your insistence on an upgrade and yes, it would be beneficial, however in this use case I would probably advocate for Chrome OS or something simple like Mint that will not overburden the old hardware (easy on the laptop) and will not involve a massive change of UI (easy on grandpa and grandma). The tl;dr is that you're not wrong, but you're taking this back asswards. Your solutions need to be tailored to the user to maximise utility, something you'll learn over the course of your career if you ever choose to monetise your skills. Again, XP is serviceable, albeit not recommended, for this use case besides high risk activities. I certainly wouldn't put my CC information or private details on a machine like that, but would I browse YouTube on it? Probably, because it just doesn't matter. And no, you're certainly not more knowledgeable, but you can think that if it lets you sleep at night.Okay then.
That's not an argument. If an ignorant user doesn't care that their computer is being used to commit crimes, that's on them. Maybe they'll care when they try to login to online banking and get a page stating that online banking is down for maintenance. When they try buy groceries the next day and get declined for insufficient funds, maybe they'll put two and two together. There are so many scenarios that can result in direct harm to the operator of the infected computer, and they all are trivial to pull off when the user is running an operating system and a browser (at the least) that have serious vulnerabilities that have public exploits available for.
Reality exists. Solutions have to exist inside the confines of it. Running XP while connected to the internet is absolute lunacy. The only thing XP is serviceable for is for running software designed for that version of Windows while disconnected from the internet. And, yes, I am more knowledgable than you. Note how the things I present as fact hold up as facts while the stuff you say often does not.
Last edited by blahblah,
Similar threads
-
- Article
