Windows XP Could Be Infected Within 10 Minutes Support End

Page 3 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Status
Not open for further replies.
The 10 minutes come from a guess of how long it would take for a hacker/virus maker to look at a Win7/8 update and to then analyze the information regarding what the update "fixes". Then the hacker could use that knowledge to exploit the weakness in a XP system and launch an attacked.
 
If you run XP from a user account, not from an admin account, and then use a browser other than IE you will be stopping 99.9% of infections, whether you are fully patched or not.The only two times my XP PC has been infected over the past 10 years is when one of my children used IE (after repeated warnings NOT to use it) after I was logged in as an admin and forgot to log out.
 
Hmmm, wonder why the author didn't suggest moving to a linux-based OS? Many people that are still using XP are likely doing so because of either financial reasons or hardware limitations. A lightweight Linux distro flies on older systems and is usually free. I use the netbook/lite version of Zorin on my 5 year old netbook (Atom 1.6ghz single core, 1gb ddr2) and it performs light duty tasks like web browsing just as fast as my desktop running Windows 8 (3.8ghz dual core, 4gb ddr2), and it is nearly impossible to pickup malware on a linux machine.
 

On the business side of thing, many factories, warehouses, etc. use PCs with custom software and hardware which is not compatible with newer versions of Windows or Linux. Even if the software and drivers are available, there may be licensing fees and downtime attached to the upgrade.

In my case, I have around 30k$ worth of academic software licenses tied to my old P4 running XP so I have no intention of messing with the OS on that PC and risk invalidating those licenses. That PC will run XP until it dies unless Microsoft offers to pay me 30k$ to update my old academic licenses to current retail ones.
 

Good luck with that. The safest way to work with it is to unplug it from the internet. You should be safer that way, you and your software work 30k.
 


Having worked in and written software for Manufacturing warehouse sites I should think the systems are used for VERY specific, internal purposes and held behind a good firewall. I wrote software for scanning products for distribution binning and that is all the computers were used for... no personal use, no email, no browsing, etc.
 
The lab my sis works at has computers running Windows 3.1 attached to a DNA sampling gizmo... I don't believe this kind of use case is what we're talking about here... But again, if that's all the machine is used for, that's alright. As always.
 
I was at an well known electronics store last night and they were still using XP. I'm more worried about those stores that do not upgrade and get hacked and I get my identity stolen because someone is cheap. I can see the headline now "Big Box Store Hacked". It will be Target all over again.
 


Yeah, that is a little worrying.
 

Most stores I go to only ask for name and phone number. AFAIK, they do not store PIN or card numbers aside from the first/last digit block for card matching purposes. If someone manages to steal your identity with only that much information, someone is not bothering to do proper checks. The more common type of hack is extra stripe readers put into the card reader and a camera capturing PINs, allowing crooks to clone cards and there is nothing the cash register's OS can do about that.

When you see unborn babies, dogs, cats, etc. getting approved for credit cards, it is painfully obvious that even banks and credit unions are not taking identity theft and associated checks quite as seriously as they should.
 
This can happen again , so dont rely on microsoft like companies, all banking sectors will be badly affected, go for opensource go for linux or go for a national os.
 

A "national OS"? Like that would be secure. Not sure many users would go that route unless forced to.
 


Why are you not running it in a VM? At worst you can test it, if it fails go back to the PC. There are many options such as VMware, MS, Sun/Oracle etc. We had the same problem, ended it with a VM of the pc's we had that required the PC to basically run forever 😉 the VM will never die if backed up :) VirtualPC is now free, so no cost to try it.
https://www.virtualbox.org/wiki/Downloads
Free also.
http://www.microsoft.com/en-us/download/details.aspx?id=4580
32/64bit. VMware is not free (to try yes, to use no) though probably the best, but any solution that works when you have $30K in software is good right? Assuming it doesn't cost 30K for that software...LOL. This is how you remove XP from your life without losing it (or any OS/machine) and as a bonus they run forever. My previous employer had 120K tied to machines that couldn't dump XP/Dos (yes Dos...ROFL). Problem solved :) It was either VM's or management had to approve about $500K to replace them after ~25yrs on some stuff. It is always easier to approve a few thousand than 1/2 million and management LOVES you seconds later and so does the group who doesn't have to learn new stuff :)

You:
"Hey, your VM can run forever and you'll never have to fight management for that 1/2 million again!"
Engineer:
"WTF, I LOVE YOU, I'm ordering your xmas gift today"...ROFL.

They also work great for doing dangerous stuff that you don't want to do on your PC. If infected just delete the file, copy it from backup and go again & again, & again :)
 

Because:
1- I can't - most of the licenses are locked to some form of signature based on PC hardware so the licenses would be invalid in the VM unless I somehow managed to duplicate everything the license managers checks to generate the hardware signature the licenses get cross-checked with
2- even if I could, some of those licenses were already a PITA to install even with vendor support so I most likely would not manage to install them in a VM even if I could get around the hardware signature part

For labs, factories and other places that use Texas Instrument or similar controller cards for Simulink, Labview, etc. in their process control, running a real-time process from a VM usually does not work very well for processes that require several evenly spaced iterations per second since the VM adds tons of timing uncertainty/jitter on top of the OS' own. The software and hardware from back then was definitely not meant to run in a VM.
 
Status
Not open for further replies.