Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Wednesday March 05 2014, @07:30AM   Printer-friendly
from the unplugging-the-network-cable dept.

Appalbarry writes:

"Microsoft is about to abandon Windows XP to the wolves. Fair enough it's ancient. However, there are still going to be a lot of XP boxes out there, and a fair number of them are unlikely to ever get upgraded until the hardware dies.

My question is: what's available to help make this old OS stay reasonably secure and safe for the people who can't or won't abandon it?

Over the years I've been through Central Point Antivirus, Norton, McAfee, AVG, stuff like Zone Alarm, and of course the various Microsoft anti-malware offerings. But since moving over to Linux I really haven't kept up on the wild and wonderful world of Windows security tools.

Suggestions?"

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Informative) by Luke on Wednesday March 05 2014, @08:59AM

    by Luke (175) on Wednesday March 05 2014, @08:59AM (#11222)

    I manage upwards of 1000 machines across a variety of businesses. I also run XP on my own machine (these days inside a VM on a Linux host, but that's another story).

    In the case of my client's machines they are almost always behind a proxy server, do not have any DNS entries, run a lightweight antivirus, do not use IE (and if they use Lookout the IE engine is prevented from accessing the 'net via a proxy rule).

    What's so interesting about that?

    Well, *none* of them have any updates installed from a bare SP3 install (if using XP). This is by design, following a particularly bad M$ update a few years ago...

    In general they do not have any issues, very rarely get a virus and almost never require re-imaging.

    My point of course is that, carefully managed, the world isn't going to end once M$ halts their update program, and there's no reason why XP-based machines couldn't continue to serve a useful life for some years to come.

    In my view there are two main reasons why this works. The first of course is the network design and protection used. The second, and most important I think, is user education. Almost all of the machines are used by people with a modicum of intelligence, who are regularly exhorted *not* to click on random email links, not to believe it when some website tells them they have a virus and all the rest of the sensible things that interweb-aware people should know. Every now and then someone messes up and a problem occurs, but there's nothing to say that wouldn't have happened if the machines were 'up to date' in any event, and usually the perp gets his or her misdemeanour publically aired so they all learn from it.

    In my own case I've used XP since it came out (and all the M$ OS's before that). I *don't* have anti-virus, my machine is direct on the 'net and other than the usual FF plugins I don't have anything else installed that protects the machine. I've not had a virus in at least ten years, probably much more than that in fact. Again I would put this down to education - and that, along with my clients, the machine is used as a business tool; there are no games or any entertainment applications or websites used.

    I realise the latter may be an anathema to some of you (horses for courses of course) but I should think the main premise would still apply - operate carefully, use recognised sites/games, avoid Nigerian money and you should be ok.

    Oh, the other story? Well it's the year of the Linux desktop don't ya know - and I *refuse* to have anything to do with W8 so good ol' XP serves to run anything I need on a M$ platform (and the case has a genuine XP sticker!)...

    Starting Score:    1  point
    Moderation   +4  
       Interesting=1, Informative=3, Total=4
    Extra 'Informative' Modifier   0  

    Total Score:   5  
  • (Score: 2, Insightful) by Gremlin on Wednesday March 05 2014, @10:09AM

    by Gremlin (2959) on Wednesday March 05 2014, @10:09AM (#11247)

    The user is definitely the weak point.

    Up until very recently my dad was running XP, since around 2005. I had him use Opera for browsing and gave him a pep talk on not clicking on suspicious links, responding to dodgy emails etc. He has had exactly ZERO problems in that time.

    Of course if he was browsing porn sites or installing software on a whim then this could be a totally different story. But for your average user, educated on not downloading toolbars, installing software to find mp3's etc I see no problem with using XP.

    • (Score: 1) by GeminiDomino on Wednesday March 05 2014, @02:23PM

      by GeminiDomino (661) on Wednesday March 05 2014, @02:23PM (#11330)

      Of course if he was browsing porn sites or installing software on a whim then this could be a totally different story. But for your average user, educated on not downloading toolbars, installing software to find mp3's etc I see no problem with using XP.

      Your "average user" is more likely going to be the one "browsing porn sites or installing software on a whim" than the one for whom "educated on not downloading toolbars, installing software to find mp3's etc" takes hold.

      --
      "We've been attacked by the intelligent, educated segment of our culture"
      • (Score: 2) by VLM on Wednesday March 05 2014, @06:55PM

        by VLM (445) Subscriber Badge on Wednesday March 05 2014, @06:55PM (#11461)

        It depends on personal perception. Is your average user my mother in law, or a teenage boy?

        • (Score: 1) by GeminiDomino on Wednesday March 05 2014, @08:41PM

          by GeminiDomino (661) on Wednesday March 05 2014, @08:41PM (#11506)

          Personal anecdotal evidence says: your mother-in-law. The teenage boys probably aren't on XP anymore unless they're on their grandmother's computers now. :)

          Still, when it comes to solutions, you have to develop for the X factor. "Education" didn't cut it for the past 13 years, why would it work now?

          --
          "We've been attacked by the intelligent, educated segment of our culture"
  • (Score: 1) by MozeeToby on Wednesday March 05 2014, @04:53PM

    by MozeeToby (1118) on Wednesday March 05 2014, @04:53PM (#11396)

    My point of course is that, carefully managed, the world isn't going to end once M$ halts their update program, and there's no reason why XP-based machines couldn't continue to serve a useful life for some years to come.Part of the concern being raised is that the black hats know the drop dead date is coming and have been sitting on zero days waiting for the opportunity to attack with no one on the other side actively defending. Your precautions all make sense, and you might even be okay but there are lots and lots of people who haven't taken those kinds of precautions and wouldn't know how to even if they wanted.