Image Map Image Map
Page 3 of 6 FirstFirst 123456 LastLast
Results 21 to 30 of 51

Thread: Leaving Windows update turned off, just use up to date antivirus

  1. #21
    Join Date
    Mar 2009
    Location
    Pleasant Hill, CA USA
    Posts
    2,722
    Blog Entries
    1

    Default

    Quote Originally Posted by Mr. Horse View Post
    You know, this may sound crazy, but I worked with a company that used unsupported legacy software and OS's. They had an in house sec/dev team that made their own patches for the software. Simply because M$ dropped the OS doesn't mean others can't pick up were they left off. Some how they had an agreement that got them the source code for a older version of windows to probe, but they took it one step further.
    Well ok, there are always fringe cases, and if the use case makes sense, and everyone is in the know about it and it's all based on an informed decision, then more power to you. I was commenting on the fact that a person, in charge of a small companies IT stuff, knowingly keeps them at risk, without bother to explain the risk to the owner, even though said owner would "go for it" if it was explained to them.

    I have worked for some companies that run old software that can't be brought forward onto newer hardware/software. But I am always careful to make damn sure they know the risks, and I document it and have them sign off on it, and then I support it as best as I can. Point is, if something blows up, data is stolen or the machine is used as a SPAM bot I am not legally liable for it (ie they cannot sue me).


    Quote Originally Posted by SomeGuy View Post
    I hope I never see the day when running something "old" is explicitly illegal. You know manufactures would love that.

    That'll never happen, but it all ends up being about the liability. Customer is never informed of the risks, they get "hacked" and you, the IT tech, are left holding the bad and get sued into oblivion. This is why gross negligence insurance is a must for *any* small IT shop.



    Quote Originally Posted by KC9UDX View Post
    I liken the "MUST UPDATE" criers to the people on bike trails shouting at me for not wearing a helmet. You put your trust where you will, and please don't worry about me.
    Well it's like the other rider has 9 stitches in his head, and a bandage around it, advising you to put on a helmet because the trail you are heading down has lots of hard to see pot holes and sharp pieces on concrete all over the place. Will you definitely crash and get hurt, no, but the risk is high enough that you have to ask why take the chance just to keep your hair looking cool...

    Must Update, not at all, but when a significant number of VERY smart people, who have either been compromised, or seen the results of such attacks, advise it then you best take notice and at the very least acknowledge that it might be a good idea...

    IBM 5160 - 360k, 1.44Mb Floppies, NEC V20, 8087-3, 45MB MFM Hard Drive, Vega 7 Graphics, IBM 5154 Monitor running MS-DOS 5.00
    IBM PCJr Model 48360 640kb RAM, NEC V20,, jrIDE Side Cart, 360kb Floppy drives running MS-DOS 5.00
    Evergreen Am5x86-133 64Mb Ram, 8gb HDD, SB16 in a modified ATX case running IBM PC-DOS 7.10

  2. #22

    Default

    Windows update is a free service, once your system is verified. I don't know if Microsoft is even obliged to offer the service. Some people look upon free stuff with suspicion, saying it's too good to be true, there has to be a catch. If you don't want the updates, then fine, I suppose. It's your funeral, and hopefully nobody else has to pay.

    Now, tbh, I don't know what these updates are actually doing, or what they are supposedly fixing. I have to take it on faith. Still, I like the idea of getting new features, bug fixes and so on at no real expense. The only real problem, from what I've heard from multiple sources, is Windows 10, where you never know if your machine will even be working after getting updated. Microsoft needs to get its house in order about that. Breaking people's computers is not nice.

    Those that say your computer is never fully secure are correct. Both the American NSA, and the Chinese, and probably other state actors, know how to enter any computer no matter how well protected. You'd have to remove all outside connections to be reasonably sure of safety.

    Now, correct me if I'm wrong, but from what I've seen the most common way to get infected to to click on a link on a spam email, or open an unsolicited document. This infects you with malware or adware of some kind. So, do the sensible thing and just delete all the spam upon arrival. Of course, there's shady websites too. Again, use your brain. I have a whole list of banned sites in my hosts file. This gets rid of most ads too.

    As for businesses with ancient software, this is an all-too-common situation. Just get the signatures and contracts to protect yourself. Doing nothing leaves yourself wide open, especially in countries where suing is the first option.

  3. #23

    Default

    Quote Originally Posted by Chuck(G) View Post
    For those with vintage systems, needing to network--you might want to do what I do. The old stuff is locally networked (VPN), with no direct internet access. Rather, the connection from the router is made to a "master" safe machine keeping things up to date. File transfers are made only from machine-to-machine on the VPN or between the master and the VPN-connected systems. No way for the vintage systems to directly connect to the cold, dangerous outside. If one of the vintage systems runs a web browser for jollies, no harm done.
    Who needs networking if you have a bunch of USB thumb drives?

  4. #24

    Default

    Quote Originally Posted by Mr. Horse View Post
    You know, this may sound crazy, but I worked with a company that used unsupported legacy software and OS's. They had an in house sec/dev team that made their own patches for the software. Simply because M$ dropped the OS doesn't mean others can't pick up were they left off. Some how they had an agreement that got them the source code for a older version of windows to probe, but they took it one step further.
    Heh, if only you told us what exactly they did patch, and which Windows version.

  5. #25

    Default

    Big question: Would using unpatched Windows affect the stability and functionality of newer drivers and software that support the OS?

  6. #26
    Join Date
    Jan 2014
    Location
    Centero
    Posts
    6,878
    Blog Entries
    2

    Default

    Quote Originally Posted by Unknown_K View Post
    The thing is nobody cares if you fall of your bike and crack your head open (unless you block their path), but people will get pissed if malware opens your contact lists and starts flooding everybody on the list with advertisements for erection pills.

    Except that these days there is no personal responsibility. If your helmet twists breaks your neck because you somehow stupidly landed on your head, you are a menace to society because everyone shares the cost of your funeral.

    Updates won't make me give up my contact list. Irresponsible use of popular software because it's popular might. It could be the update that caused a new unforeseen vulnerability.

    People who are in favour of bike helmets don't understand the physics of helmets and have apparently no experience crashing a bicycle. People who are in favour of endless updates don't take any interest in the proper operation of their computers. They want the benefits without the effort.

    We used to have a term for unplanned accidents, but I suppose that is taboo now. He who causes them also causes them not to happen.

  7. #27
    Join Date
    Feb 2011
    Location
    NorthWest England (East Pondia)
    Posts
    2,082
    Blog Entries
    10

    Default

    Quote Originally Posted by KC9UDX View Post
    Except that these days there is no personal responsibility. If your helmet twists breaks your neck because you somehow stupidly landed on your head, you are a menace to society because everyone shares the cost of your funeral.

    Updates won't make me give up my contact list. Irresponsible use of popular software because it's popular might. It could be the update that caused a new unforeseen vulnerability.

    People who are in favour of bike helmets don't understand the physics of helmets and have apparently no experience crashing a bicycle. People who are in favour of endless updates don't take any interest in the proper operation of their computers. They want the benefits without the effort.

    We used to have a term for unplanned accidents, but I suppose that is taboo now. He who causes them also causes them not to happen.
    The problem with this logic is that few of us car drivers (I can't speak for what in the UK we call "white van men") are intentionally trying to kill cyclists. We might get careless once in a while, and take one out, but generally we try and avoid the paperwork and possible court cases and resulting internment...

    .. this isn't true for those folks writing Malware. There is a huge industry out there trying to exploit any exploitable holes in my system. I might say I only visit safe sites, but who knows what is safe. The first point of call for any hacker is a poorly secured web site. Hey not so long ago one of my local council's web sites got hit. And last year my Spanish (well he is English but lives in Spain) builders web site got hacked. He did fit me a couple of taps on the terrace in return for me fixing its. I hate plumbing so I thought it was fair exchange...

    So these days I take the view that whilst there are armies of folks in Russia, China, Korea and possibly even Canada actively trying to hack my system, there is only me here. I don't have the time to check every patch, see which is useful and which might get me, then apply and test. By the time I have done that the armies above have got me with a day zero exploit. So IMHO the least risk approach is to apply the updates as they appear and sort out any consequences later.
    Dave
    G4UGM

    Looking for Analog Computers, Drum Plotters, and Graphics Terminals

  8. #28
    Join Date
    Jan 2012
    Location
    Connecticut, USA
    Posts
    2,059

    Default

    We run win 7 64 with updates turned off. Only Antivirus. We have been running the same image for years no problem. I never up date, I never have problems.
    --My phone updates all the time.. my phone always has problems. Dont fix what isn't broke.

  9. #29
    Join Date
    Mar 2017
    Location
    New Jersey, USA
    Posts
    430

    Default

    This thread is full of anecdotal evidence "this approach worked for me", but keep in mind that what worked for others may not work for you unless you fully understand their situation, your situation, and how they differ. If you don't fully understand that, treat such statements as testimonials rather than as advice.

    The things I recommend are not the same as the things I do myself, because I know how my own situation differs from the ordinary and I can evaluate the risks reasonably well.

    Beware of advice that boils down to "I was lucky, so you should also plan to get lucky": https://www.youtube.com/watch?v=q-JgG0ECp2U

  10. #30
    Join Date
    Jan 2012
    Location
    Connecticut, USA
    Posts
    2,059

    Default

    Quote Originally Posted by kgober View Post
    Beware of advice that boils down to "I was lucky, so you should also plan to get lucky": https://www.youtube.com/watch?v=q-JgG0ECp2U
    Of course I agree with your statement, being hesitant and investigating options and solutions is always best. Mass updating EVERYTHING without even the foggiest idea of what your updating and what it will affect is equally risky if not more so.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •