Windows XP - Page 2 - Technology - Contractor Talk

Windows XP

 
Thread Tools Search this Thread Display Modes
Old 05-27-2014, 12:11 PM   #21
Registered User
 
PremierHCG's Avatar
 
Trade: Construction
Join Date: May 2014
Location: Loganville, GA
Posts: 4
Rewards Points: 16

Re: Windows XP


Quote:
Originally Posted by SectorSecurity View Post
Spoken like a true Microsoft rep, the only true answer is to upgrade.

This spying feature you reference, I assume you are talking about RDP or remote assistance, both of which are easy to disable, or control via a firewall, as well as you have the ability to limit which user accounts can login via RDP. And yes the RDP feature is still present in Windows 7.

I can load up a meterpreter session through Metasploit just as easy against a Windows 7 box and gain access.
Windows 7's remote access capabilities cannot be controlled via CMD lines without permission - Microsoft still hasn't fixed this issue in XP.

Not to mention the, more recently, "Send Error Report Info to Microsoft" feature (which is used every time a program errors) was massively exploited by the NSA - and was also a 0day exploit. Meaning this feature has more than likely been used to steal data since the XP launch date. The data collected, and target were both easily changed in a number of ways. You could also force (let's say) notepad to crash every time it was closed (by tweaking the registry, or a number of other ways) - so the data that Notepad was "holding" - would be passed along to the attacker. This is just a single example of the infinite number of ways XP is exploitable and vulnerable.

Most authentication keys are not encrypted on a user's machine - say Microsoft Word crashed - an attacker could change the registry of the Report feature to grab your authentication key and send it to a server, or even an email. Quite possibly one of the simplest exploits on XP - and it can grab nearly any data from your machine.

Not to mention it was extremely simple to corrupt registry data, change user access, and transfer data with a batch file, no permissions required.

It's not that i'm a microsoft rep, or that I even support Microsoft's constantly-failing products and business practices (in fact, I dual boot Linux and Windows - almost always using Linux) - it's that there is a difference in an infinite amount of laughably simple exploits (XP), and just a few simple exploits (7).

Last edited by PremierHCG; 05-27-2014 at 12:16 PM.
PremierHCG is offline  

Warning: The topics covered on this site include activities in which there exists the potential for serious injury or death. ContractorTalk.com DOES NOT guarantee the accuracy or completeness of any information contained on this site. Always use proper safety precaution and reference reliable outside sources before attempting any construction or remodeling task!

   

Advertisement

 

Old 05-27-2014, 03:14 PM   #22
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


Quote:
Originally Posted by PremierHCG View Post
Windows 7's remote access capabilities cannot be controlled via CMD lines without permission - Microsoft still hasn't fixed this issue in XP.

Not to mention the, more recently, "Send Error Report Info to Microsoft" feature (which is used every time a program errors) was massively exploited by the NSA - and was also a 0day exploit. Meaning this feature has more than likely been used to steal data since the XP launch date. The data collected, and target were both easily changed in a number of ways. You could also force (let's say) notepad to crash every time it was closed (by tweaking the registry, or a number of other ways) - so the data that Notepad was "holding" - would be passed along to the attacker. This is just a single example of the infinite number of ways XP is exploitable and vulnerable.

Most authentication keys are not encrypted on a user's machine - say Microsoft Word crashed - an attacker could change the registry of the Report feature to grab your authentication key and send it to a server, or even an email. Quite possibly one of the simplest exploits on XP - and it can grab nearly any data from your machine.

Not to mention it was extremely simple to corrupt registry data, change user access, and transfer data with a batch file, no permissions required.

It's not that i'm a microsoft rep, or that I even support Microsoft's constantly-failing products and business practices (in fact, I dual boot Linux and Windows - almost always using Linux) - it's that there is a difference in an infinite amount of laughably simple exploits (XP), and just a few simple exploits (7).
My guess is you have never looked at anything like metasploit? Windows 7 has numerous exploits, not just a few simple ones. All I need is a reverse shell, and mimikatz to get your password and Im set even on a Win 7 box.
SectorSecurity is offline  
Old 06-09-2014, 03:11 PM   #23
Member
 
prolongroofcare's Avatar
 
Trade: roof cleaning
Join Date: Jun 2014
Location: seattle wa
Posts: 52
Rewards Points: 128

Re: Windows XP


I don't think any current hackers are targeting xp. Not enough users out there to make it fun. in that respect you are probably safer than Windows 8 users! Your biggest problem might be use of new software that doesn't run on XP. Hard to say what that might be. Not likely that Chrome, Firefox, etc are being tested for XP compatibility so sooner or later you will run into a problem. You can run your machine in dual boot mode so you can boot up in XP and then turn around and boot up in a more modern OS. That would allow you both worlds.

Tony
Pro Long Roof Care
prolongroofcare is offline  
Sponsored Links
Advertisement
 
Old 06-09-2014, 03:34 PM   #24
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


Quote:
Originally Posted by prolongroofcare View Post
I don't think any current hackers are targeting xp. Not enough users out there to make it fun. in that respect you are probably safer than Windows 8 users! Your biggest problem might be use of new software that doesn't run on XP. Hard to say what that might be. Not likely that Chrome, Firefox, etc are being tested for XP compatibility so sooner or later you will run into a problem. You can run your machine in dual boot mode so you can boot up in XP and then turn around and boot up in a more modern OS. That would allow you both worlds.

Tony
Pro Long Roof Care
Might want to think that over again, something like 60% of people are still on XP, like many major organizations.
SectorSecurity is offline  
Old 06-09-2014, 03:45 PM   #25
Member
 
prolongroofcare's Avatar
 
Trade: roof cleaning
Join Date: Jun 2014
Location: seattle wa
Posts: 52
Rewards Points: 128

Re: Windows XP


You have a valid point. Recent reports say 24%, not 60%. That is substantial but still any hacker worth their salt will be more interested in newer OS's not XP. I still stand by the fact that it is old and not a focus.

Tony
Pro Long Roof Care
prolongroofcare is offline  
The Following User Says Thank You to prolongroofcare For This Useful Post:
SmallTownGuy (06-09-2014)
Old 06-09-2014, 10:40 PM   #26
Member
 
PatsPainting's Avatar
 
Trade: painting contractor
Join Date: Sep 2010
Posts: 70
Rewards Points: 103

Re: Windows XP


Quote:
Originally Posted by SectorSecurity View Post
Might want to think that over again, something like 60% of people are still on XP, like many major organizations.
I bet they won't be for long, once they start getting the bills for not being compliant with using point of sale systems.

Pat
__________________
www.PatrickMillerPainting.com
PatsPainting is offline  
Old 06-10-2014, 07:17 AM   #27
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


An old OS would be more in focus because most will not be getting security patches, making it more of a motivation for hackers as it becomes easy to attack as exploits are seen in the wild and remain unpatched.

As far as point of sale systems, most are running embedded windows, not windows xp, so they are still supported.

Anyone who thinks XP isn't worth attacking I urge you to download Metasploit and look at the ever growing list of exploits which work against Windows XP.
SectorSecurity is offline  
Old 06-10-2014, 07:34 AM   #28
John the Builder
 
SmallTownGuy's Avatar
 
Trade: Carpenter/Builder Professional Painter
Join Date: Sep 2012
Location: Oxford, MI
Posts: 16,993
Rewards Points: 6,114

Re: Windows XP


So, which OS did the recent Heartbleed Bug focus on?
__________________
All my Life loving Hippie friends turned into soul-sucking Conservatives - or died. Same difference.
"Mornin' ladies, my goodness don't you look happy. Must be cuttin' somebody up pretty good." - Andy Griffiths
SmallTownGuy is offline  
Old 06-10-2014, 07:46 AM   #29
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


Quote:
Originally Posted by SmallTownGuy View Post
So, which OS did the recent Heartbleed Bug focus on?
It focused on a flaw in OpenSSL?
SectorSecurity is offline  
Old 06-10-2014, 11:46 AM   #30
Member
 
prolongroofcare's Avatar
 
Trade: roof cleaning
Join Date: Jun 2014
Location: seattle wa
Posts: 52
Rewards Points: 128

Re: Windows XP


30 days in to lack of XP support and I'm not hearing about a deluge of attacks. Only thing I have heard is IE vulnerability not being fixed on XP. IE is not part of XP.....If there is an attack on XP that is significant the solution is to update OS when it happens.

Tony
Pro Long Roof Care
prolongroofcare is offline  
Old 06-10-2014, 01:54 PM   #31
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


Quote:
Originally Posted by prolongroofcare View Post
30 days in to lack of XP support and I'm not hearing about a deluge of attacks. Only thing I have heard is IE vulnerability not being fixed on XP. IE is not part of XP.....If there is an attack on XP that is significant the solution is to update OS when it happens.

Tony
Pro Long Roof Care
My guess is you also believe your computer isn't infected because your virus scanner has never alerted you to anything....
SectorSecurity is offline  
Old 06-10-2014, 02:28 PM   #32
Member
 
prolongroofcare's Avatar
 
Trade: roof cleaning
Join Date: Jun 2014
Location: seattle wa
Posts: 52
Rewards Points: 128

Re: Windows XP


I don't run a virus scanner
prolongroofcare is offline  
Old 06-10-2014, 05:28 PM   #33
Registered User
 
emeraldstate's Avatar
 
Trade: general contractor
Join Date: Apr 2014
Posts: 12
Rewards Points: 24

Re: Windows XP


Quote:
Originally Posted by prolongroofcare View Post
I don't run a virus scanner
You must be crazy!

Also, keeping with Windows XP doesn't make sense either. Why wait til it gets hacked (which it will). Get off it and get a life. If you have XP software you have to run on XP, then keep a machine just for that but moving everything else. Yikes!

Todd
Emerald State
www.emeraldstate.com
emeraldstate is offline  
Old 06-10-2014, 06:17 PM   #34
John the Builder
 
SmallTownGuy's Avatar
 
Trade: Carpenter/Builder Professional Painter
Join Date: Sep 2012
Location: Oxford, MI
Posts: 16,993
Rewards Points: 6,114

Re: Windows XP


Quote:
Originally Posted by emeraldstate View Post
You must be crazy!
Yah, I don't run AV on XP - haven't since 2007-08..

I just realized - Oh MY GOD - we are all gonna die!


__________________
All my Life loving Hippie friends turned into soul-sucking Conservatives - or died. Same difference.
"Mornin' ladies, my goodness don't you look happy. Must be cuttin' somebody up pretty good." - Andy Griffiths
SmallTownGuy is offline  
The Following User Says Thank You to SmallTownGuy For This Useful Post:
shanekw1 (06-10-2014)
Old 06-10-2014, 06:44 PM   #35
LRG WoodCrafting

 
Leo G's Avatar
 
Trade: Maker of Fine Sawdust
Join Date: May 2005
Location: Windsor Locks, Connecticut
Posts: 42,332
Rewards Points: 5,251

Re: Windows XP


Quote:
Originally Posted by prolongroofcare View Post
30 days in to lack of XP support and I'm not hearing about a deluge of attacks. Only thing I have heard is IE vulnerability not being fixed on XP. IE is not part of XP.....If there is an attack on XP that is significant the solution is to update OS when it happens.

Tony
Pro Long Roof Care
The XP IE issue was updated.
__________________
Sawdust Follows Me Everywhere
I can explain it to you, but I can't understand it for you.
Sanding is the bane of my existence
WWG1WGA

Quote:
Originally Posted by HusqyPro View Post
Carpenter by day.
Mad scientist by night.
http://lrgwood.com
Custom Cabinets in Hartford County Connecticut
Leo G is online now  
Old 06-10-2014, 10:15 PM   #36
The Ultimate Wire Hider
 
tedanderson's Avatar
 
Trade: A/V & Home Theater Installation
Join Date: May 2010
Location: PG County MD
Posts: 4,455
Rewards Points: 2,116

Re: Windows XP


I'm still waiting for the storm troopers to show up at my door and forcibly take it from me before I permanently switch over to Linux.
__________________
I'm always looking for the answer to my troubles at the bottom of a paint can.
tedanderson is offline  
The Following User Says Thank You to tedanderson For This Useful Post:
SmallTownGuy (06-11-2014)
Old 06-11-2014, 05:30 AM   #37
Pro
 
builditguy's Avatar
 
Trade: Carpentry
Join Date: Nov 2013
Location: Missouri
Posts: 2,303
Rewards Points: 1,974

Re: Windows XP


My computer on XP is done for. My spyware started blocking a virus every hour. At 3 minutes til, every hour a virus was being blocked. Blocked but un-removable. (yea, not a real word) After a couple days of that the computer is worthless.
I was only using it for printing small stuff, and scanning. I wasn't getting on the internet, but it was connected wireless.
builditguy is online now  
Old 06-11-2014, 07:44 AM   #38
LRG WoodCrafting

 
Leo G's Avatar
 
Trade: Maker of Fine Sawdust
Join Date: May 2005
Location: Windsor Locks, Connecticut
Posts: 42,332
Rewards Points: 5,251

Re: Windows XP


Go download Kasperski Rescue Disk and put it on a USB drive. Set the computer to boot from the USB drive and follow the prompts. You'll have to enter your encryption key to your internet, let it update the program and then run it.

It is pretty good at getting rid of a lot of virii.

It is Linux based so you don't boot into your operating system on the computer. So it can clean it as a separate entity looking in.
__________________
Sawdust Follows Me Everywhere
I can explain it to you, but I can't understand it for you.
Sanding is the bane of my existence
WWG1WGA

Quote:
Originally Posted by HusqyPro View Post
Carpenter by day.
Mad scientist by night.
http://lrgwood.com
Custom Cabinets in Hartford County Connecticut
Leo G is online now  
Old 06-11-2014, 09:09 AM   #39
Pro
 
SectorSecurity's Avatar
 
Trade: Low Voltage Wiring
Join Date: Nov 2013
Location: Ontario
Posts: 4,048
Rewards Points: 2,828

Re: Windows XP


Im not suggesting anyone switch off XP, at the end of the day run what makes you happy, and run as much or as little security software you feel you need.

The point I was trying to make was the longer an exploit sits in the wild, unpatched, the more likely the exploit becomes automated and thrown into a toolkit like Metasploit, making it more likely it will be exploited against vulnerable machines.

Such exploits exist on every operating system, including Windows 8, and of course you have 0 day exploits which are active in the wild yet unknown.
SectorSecurity is offline  
Old 06-11-2014, 10:48 AM   #40
John the Builder
 
SmallTownGuy's Avatar
 
Trade: Carpenter/Builder Professional Painter
Join Date: Sep 2012
Location: Oxford, MI
Posts: 16,993
Rewards Points: 6,114

Re: Windows XP


[html][/html]
Quote:
Originally Posted by tedanderson View Post
I'm still waiting for the storm troopers to show up at my door and forcibly take it from me before I permanently switch over to Linux.
With Balmer at the helm, that was more than a possibility. Now that he's "Fully engaged" in being a screaming maniac NBA owner, we may have a stay of execution.

Advertisement

__________________
All my Life loving Hippie friends turned into soul-sucking Conservatives - or died. Same difference.
"Mornin' ladies, my goodness don't you look happy. Must be cuttin' somebody up pretty good." - Andy Griffiths
SmallTownGuy is offline  


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
clad windows FRAMERBEN Windows, Siding and Doors 6 10-31-2010 07:17 PM
Faux Round Top Windows Tkelly Remodeling 7 10-13-2010 10:07 PM
Problems with VETTER WINDOWS & DOORS Kycym General Discussion 4 07-04-2010 08:01 AM
Labor Est. for swapping vinyl rep. windows to wood clad rep. windows? Tallguy1 Windows, Siding and Doors 6 02-10-2009 12:58 AM
Caulking Replacement Windows Bettercarpentry Windows, Siding and Doors 10 11-08-2008 04:34 PM

Join Now... It's Fast and FREE!

I am a professional contractor
I am a DIY Homeowner
Drywall Talk is for
PROFESSIONAL CONTRACTORS ONLY!

At DrywallTalk.com we cater exlusivly to professional contractors who make their living as a contractor. Knowing that many homeowners and DIYers are looking for a community to call home, we've created www.DIYChatroom.com DIY Chatroom is full of helpful advices and perfect for DIY homeowners.

Redirecing in 10 seconds
No Thanks
terms of service

Already Have an Account?