Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is Win XP still safe?


  • Please log in to reply
12 replies to this topic

#1 Red Kelt

Red Kelt

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:01:58 AM

Posted 09 June 2014 - 05:58 AM

I have a Sony Vaio laptop which was quite nice in its day with Win XP on board.

 

I'm thinking of banning my Mrs off my desktop as she insists on loving malware so I thought the laptop would suit her needs.

 

If I set up the laptop with Norton's will the system be safe?



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,384 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 PM

Posted 09 June 2014 - 07:00 AM

You can remove "still" from that question...the fact that it's unsupported and no critical security updates are forthcoming...speaks for itself in an era where spamming and malware seem to have reached an all-time high.

 

No O/S is "safe" as long as it has a user/owner.  History has proven that the user/owner is the weakest link to safe computing, IMO.

 

Louis



#3 scotty_ncc1701

scotty_ncc1701

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 PM

Posted 09 June 2014 - 07:49 AM

I always liked Windows XP, but it's seen its day.  Windows XP has officially been retired, thus no security updates will be happening, thus day-by-day, people still using Windows XP becomes more vulnerable.

Depending on the system configuration, I'd recommend going to at least Windows 7.  There are places where you can still purchase Windows 7.  On my 8-year old laptop, Windows 7 runs just fine.

All of that being said, I abandoned Norton around 2009 or 2010, and haven't regretted it.  I was a "hard core fan" for over a decade, now I won't touch it.  The last Norton Antivirus I used wouldn't live scan files, meaning as they were downloaded from the Internet, all files had to be manually scanned, which was one of the reasons I told Norton to take a flying leap.

I maintain all our computers here, and my wife doesn't use mine, and when I work on her computer, if she seems to be having an issue, which is rare, I insist on her sitting there watching me the whole time, so she knows what I'm going, and why.

I agree with hamluis' comment of "No O/S is "safe" as long as it has a user/owner.  History has proven that the user/owner is the weakest link to safe computing, IMO", up to a point.  There are a lot of people that just blow off security for convenience.  I helped a person here in this area that got infected.  Their system was rebuilt, the same security was placed on their computer as mine has.  This person agreed to keep the security intact.  But in just a day or two, the individual started to turn things off (which is their right, it's their computer), and their system started to "act funny".  They're on their own now.  They've asked me to help again, but I told them they had to take it to a computer shop.  But they said the nearest shop are hours away (we live in a rural community), in one direction.

I take an aggressive approach to protecting our PC's, some say to paranoia.  But this "paranoid" person hasn't been infected, hacked, etc in almost 20 years. :bananas: :bounce:

 



#4 Al1000

Al1000

  • Global Moderator
  • 7,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:02:58 AM

Posted 09 June 2014 - 10:31 AM

One thing that's for sure is that whatever one considers to be ''safe,'' XP is less safe than it used to be, and that will continue to increasingly become the case as time goes on.

As an indication of how frequently new ways are developed to exploit XP, consider how frequently MS used to release security updates for it.

I still have XP installed on my laptop, and my initial plan in the face of it no longer being supported was to use a live operating system, which returns to its initial state every time the computer is rebooted, for things like internet banking. However after discovering Linux Puppy, I now use it for most things on my laptop and rarely use XP.

Linux Puppy exists entirely in the computer's RAM when it's running, and can boot from anything that your hardware allows. I have mine set up so that it saves stuff to a savefile on USB, but only when I tell it to do so. So any changes I want to make to settings or if I install any new software, I do so just after a reboot, save to the savefile, then go online or whatever after. This means that if anything nefarious makes its way onto my computer, which seems much more unlikely with Linux than with XP anyway, it will only exist in RAM and will be flushed out the next time the computer is rebooted or shut down. Another nice feature of Puppy is that as long as you don't install it to or create a savefile on your hard drive, it won't ''mount'' the hard drive by default when you boot the computer up. So even if the hard drive becomes infected, the infection can't write anything to RAM on boot, therefore it won't exist in Puppy's filesystem. As an additional security measure, I have F-Prot installed to my Puppy savefile on USB, so can use Puppy to scan the Windows partition for viruses. :)

Despite the relatively tiny size of Linux Puppy, I have found it to be just as straightforward as XP for doing things like switching on the firewall and connecting to the internet, and would highly recommend it for at least stuff such as internet banking and perhaps browsing the internet in general, to anyone continuing to use XP. I am quite sure that anyone who is computer savvy enough to be able to download and install programs using Windows, and to burn stuff to a CD, will have no problems operating Linux Puppy. All it costs is the price of a blank CD, but it could potentially save you so much more.

There is also a plethora of information and links on this forum regarding how to make XP as secure as possible, as well as faster, by disabling certain features, and particularly the ones relating to network sharing that most people don't need or use. Having gone down this path myself, I would advise anyone doing the same to make a note of any settings that you change, so that you can easily change them back again if you subsequently find you have disabled something that you shouldn't have.

Edited by Al1000, 09 June 2014 - 10:35 AM.


#5 Red Kelt

Red Kelt
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:01:58 AM

Posted 09 June 2014 - 03:36 PM

Do you know I never thought of using linux.

 

I've never used it before so it might breathe some life back into that laptop.

 

Where would I get it?  Must be a section on this site I suppose :)



#6 Al1000

Al1000

  • Global Moderator
  • 7,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:02:58 AM

Posted 09 June 2014 - 05:01 PM

There are several different versions of Puppy. The latest ''official'' version and probably the easiest one to get started with is Precise 5.7.1, which you can download from here. There is lots of useful information on that page regarding Puppy, as well as the slightly larger RETRO Precise 5.7.1, which is equally easy to get along with and comes with some additional software installed. The only security issue I've heard of with with Precise 5.7.1 is the open-ssl, which can be easily updated by following the instructions here:

http://www.bleepingcomputer.com/forums/t/531940/how-to-update-ssl-puppy-linux-571/

I personally prefer Lucid Puppy 5.2.8.6 which is available for download here (top of the list - there are several 'fatter' versions with additional pre-installed software beneath) which is a revamped slightly older version, but looks better IMO and has more software available for it. (The open-ssl in 5.2.8 is reported as not being vunerable to Heartbleed.)

If you have never used Linux you will be amazed at how easy it is to install software. Most of the time it's simply a matter of clicking on Package Manager, which connects you to the relevant Linux software repositaries, then clicking on what you want to automatically download and install it. :)

There are probably several other lightweight Linux distros that could also be run on an old laptop, most if not all of which would be designed to be installed on the hard drive. While Puppy can be installed to a hard drive, it works just as well booting from a USB and/or CD, and is designed primarily to be used that way.

Edited by Al1000, 09 June 2014 - 05:10 PM.


#7 scotty_ncc1701

scotty_ncc1701

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 PM

Posted 09 June 2014 - 05:43 PM

One that people may consider is LUBUNTU.  It's interface is close to Windows 2000, and only requires a minimum of about 128MB of RAM.  However, like any change from one OS to another, there will be a learning curve.

 

Best of luck.


Edited by scotty_ncc1701, 09 June 2014 - 05:43 PM.


#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:09:58 PM

Posted 10 June 2014 - 12:11 AM

Linux Mint is about as close as it comes to an XP desktop. Familiar Start Menu, & version 13 should work on most all computers built within the last 10-12 years. Many of these 8-10 year old computers doesn't have PAE support, so Linux MInt 13, still supported until April 2017, is the latest version for these.
 
Get Linux Mint 13 from this list. For ease of use & best compatibility, it's best to go with the Mate or Xfce (32 bit) edition, the 8th & 13th links on the page below.
 
http://www.linuxmint.com/release.php?id=18

Note that this section of the forum is Not for Linux support, should it be required, it needs to be posted in the Linux/Unix section of the forum. Being that the OP has opened the door to Linux options, in line with the topic (a safe OS) it's OK to discuss & suggest replacements. Just no support, including how to install/configure.

 

That being stated, I feel that this statement in the topic is the best solution to the question of being safe & is deserving of repeating.

 

 

No O/S is "safe" as long as it has a user/owner.  History has proven that the user/owner is the weakest link to safe computing, IMO.

 

Louis

:thumbup2:

 

I have a hunch that this will be the same 50-100 years down the road. In the years that I've been involved on these forums, there are two common things that's simple to do, yet overlooked by many. The attitude, even among many that will agree it's the best thing to do, is that we'll get to it "tomorrow". Tomorrow will come & it'll still be "tomorrow" when it gets done. That hasn't changed at all on these forums, if anything, seems that it's getting worse than better. Otherwise, at least 8 out of every 10 topics wouldn't be started.

 

I'm referring to running daily security scans & at a minimum, monthly drive images (backups). The software is free. Macrium Reflect is among the best Free backup software one can find & likely the most popular & for good reason. It works. Backup drives can be obtained at promo pricing at Newegg & other sites. Sign up for email promos & they'll be received every couple of days.

 

Probably 99% of these topics are entirely avoidable. I leave a 1% margin of error for catastrophic failure of components such as the motherboard, which backup & malware scanning can't prevent. However, probably 50% or more of these can be avoided by the internal cleaning of the computer, which is to include the occasional cleaning & reapplying of thermal paste on the CPU & heatsink.

 

I mean really, think about it. For many of us, including myself, my computers are my lifeline. They're how I connect to the world, receive news, make transactions, participate on forums. Take them away, I nave nothing, am stuck on the side of the road. 2-3 hours of internal cleaning per year of the devices that connects us to the world isn't wasted time & can easily be found.

 

Of course, some of us can always wait until tomorrow to do this as well. There's never a better day in the world than tomorrow, until the inevitable happens & we ask "why didn't we do these things yesterday?", like myself (or whomever) warned.

 

Finally, it's not like these type of things (called maintenance) are dirty dark secrets whispered in back alleys to the select few, they're posted all over the Internet in front of our eyes. Subscribe to a few sites such as Ask Leo , Computerworld, How To Geek & you get all of the maintenance advise one needs & more in your (secondary) email box, plus additional tips & tricks. If a simpleton such as myself can do these things, on 5 computers (of which all has multiple OS's installed), all while maintaining some family member ones also, many can do the same with one or two.

 

Looking at some of the posts that I've read, it often has came to mind just what does the oil dipstick on their vehicles looks like. As well as all of the other rattles & funny noises that creeps up & many will say the same, "We'll fix it tomorrow".

 

It's time to start being able to state that these things were done yesterday & instead of repairing, discussing upgrade options, be it hardware or software, or just have a smooth, happily running computer, today.

 

Cat


Edited by cat1092, 10 June 2014 - 12:14 AM.

Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 signofzeta

signofzeta

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 10 June 2014 - 01:25 AM

XP should be safe, as long as you don't connect to the internet, or plug anything into it.  I also have a Windows 2000 computer that still works, but the hardware is getting dated.  I remember having great times with that computer.  That 28GB hard drive was so ancient.  I can't even install all the games I play haha.

 

I do have this issue though.  I tend to use my older computer over my newer one.  I just bought a Windows 8 laptop a few months ago, and I am still using my 5 year old Windows Vista laptop whose Hard Drive is dying.  It has something to do with me using that older laptop for a very long time and I just can't seem to let it go, even if my windows vista laptop can do the things I want to do that could be done on my windows 8 laptop.

 

I can also understand why some people want to stick with XP.  "If it ain't broke, don't fix it".  I just had a problem with my Nvidia drivers, and updating it made things worse.  Even if updating the driver fixes some things, there is a chance that it may break others.  For me, I don't want to take the risk and update drivers if the version I am using works with what I want to use my computer for.  As for XP, the same thing.  Some people just feel like if they change OS, their programs might not work, or that they have to do some things to make their programs work.  I have this game, You Don't Know Jack 5th Dementia that does not run fine on Vista, 7, and 8, which all use Intel CPU, but runs fine on my XP computer using an AMD CPU.  I don't want to change anything with that 8 year old desktop running XP, such as upgrading the OS until I can isolate the problems I am having.  I have yet to test that game on a computer running Windows 8, but uses an AMD CPU.  My cousin has one of those, so I want to install and run that game to see if there are any problems.  If there are, then it is definitely Vista and beyond's fault.  Fortunately I don't have to be online to play that game, but some people just don't have the luxury.

 

This leads to the next saying "Actions speak louder than words"  If you say that they should update OS, because XP is unsafe, it only takes a virus attack to force them to upgrade.  If a virus attack renders the computer inop, most non-tech people would just buy a new one.  Any wonders what that new computer will have?  Certainly not XP.  What I am saying is that non-tech users would probably use that computer until the hardware dies, or the computer is riddled with viruses.  If it is still usable, they will use it.  Even me, I probably should use my newer laptop to make use of the warranty, but I am so attached to my old one because I am sort of molded into that computer, if you know what I mean.

 

It's sort of like driving with the engine light on.  But I guess that would be similar to my case with my dying hard drive than an unsupported OS.  My HDD from my 5 year old vista laptop is dying, with 292 bad sectors, but my 8 year old XP desktop's HDD Is still working with no bad sectors.  That thing just keeps on moving along, while I have to write a eulogy for my 5 year old laptop soon, unless I buy a new HDD, but I am not a tech expert, so re-installing an OS is not something I want to do, which goes back to the whole virus thing.  Most times, you might need to re-install your OS to clean your computer, but some people don't bother to do that, and just outright buy a new PC.  If warnings won't take care of those people still using XP, the viruses will.


Edited by signofzeta, 10 June 2014 - 01:30 AM.


#10 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,673 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:11:58 AM

Posted 10 June 2014 - 01:28 AM

 

as long as you don't connect to the internet, or plug anything into it

Agree with signofzeta  This also means you don't connect a XP PC to any PC's in your network that are connected to the internet.

Even in space M$ still got infected.

http://www.space.com/5778-space-station-computers-catch-virus-orbit.html


Edited by NickAu1, 10 June 2014 - 01:35 AM.


#11 hamluis

hamluis

    Moderator


  • Moderator
  • 55,384 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 PM

Posted 10 June 2014 - 08:43 AM

Do you know I never thought of using linux.

 

I've never used it before so it might breathe some life back into that laptop.

 

Where would I get it?  Must be a section on this site I suppose :)

 

BC Linux & Unix Forum

 

Louis

 

Edited to add:  I still run my dual-boots (XP and Win7 on two desktops) and will continue to do so.  It has nothing to do with being in love with XP or being afraid of infection...I know that I'm the key control regarding system infection...and I also know that I routinely backup, have all the installed programs stored as backups, and I have no qualms at all about doing a clean install if something goes awry today  or even plainly abandoning my XP install.

 

But...I also know that the vast majority of users cannot reflect those same attitudes toward a possible disaster...and thus, I can never suggest to anyone to emulate me and continue to run XP.  The rtisks are clearly visible and I don't think that most are equipped/ready to deal with the risks in an honest manner when a self-inflicted mortal wound possibly occurs on their preciious systems (which they don't maintain properly and don't back up routinely.  I defy common sense only because I am aware of the risks and give them their due...yet realize all that is negated by my willingness to accept full blame if/when infected/compromised...and I need not expect or want someone to "rescue" me when/if such happens.

 

That's not true of the many members who come to us for advice/assistance...and we should advise based on who and what they are...not anomalous behavior of self or anyone else.


Edited by hamluis, 10 June 2014 - 03:20 PM.


#12 x64

x64

  • Members
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London UK
  • Local time:02:58 AM

Posted 10 June 2014 - 02:21 PM

I've just had a look through the updates that arrived today for my Windows 7 and Windows 8.1 systems.

I think that the flaw linked to below may be the first flaw that is very likely to affect Windows XP and be a significant threat to web connected XP systems.

 

https://technet.microsoft.com/library/security/MS14-036

 

It is a flaw in a graphics component, that could be exploited if you visit a malicious website, or a site which inadvertently hosts infected images or advertisements, or view infected images delivered by other means.

 

So I think we can now say that XP is no longer as protected/safe as it would have been had updates continued, and indeed by dissecting this update the bad guys will be able to engineer drive-by attacks for XP users.

 

x64



#13 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:09:58 PM

Posted 11 June 2014 - 12:01 AM

x64, I believe you have a point, there was an article about this today, XP users could benefit from the same update as the 2003 users, which by chance is also going to bite the dust next year. Yet over a million Websites are still running the OS.

 

The day is coming, all it's going to take is a couple of missing key updates & the XP infrastructure will be forever compromised. The update that the current one replaces, was deemed as Critical on XP/2003 systems last year.

 

https://technet.microsoft.com/library/security/ms13-060

 

I have a hunch that when the hammer falls, it's going to do so very hard. My advice to those who are determined to run XP at all costs, is to perform malware scans daily & create Full disk images at least once weekly.

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users