Laptops are also much cheaper to run in the long-term, i.e. 15-30 watts vs desktop/monitor combinations which consume hundreds of watts. I remember measuring someone's gaming rig while they were just doing simple browsing and youtube, and the average combined output of their desktop/speakers/monitor was over 500watts. An alternative strategy to consider is a reliable source of ex-business and ex-government laptops. Often these are barely used and still have a long useable lifetime ahead of them, especially if you know how to manage dust (which IMO is the main cause of hardware failure over time). The main caveat is check out the hardware for yourself, and be prepared to replace the battery if necessary. I've had good experiences in the past: a HP Elitebook 8460p with a 250gb SSD for ~$200USD and an ultra-thin Acer Travelmate with a 64gb SSD & 750gb HDD for ~$175USD. Considering both came with SSDs and the battery life for the Elitebook still gives me over 4 hours, I consider them better buys than all the new laptops I've ever purchased.
@RJK3 I agree about ex business laptops. I recently purchased a few two refurbished Lenovo ThinkPad T410s from eBay, with the most expensive one being about $160 US. Extremly high quality, and quite fast due to Core i5 CPUs. Both were in near new condition with Windows 7 installed (eligable for the free upgrade to Windows 10), 4GB RAM and even docking stations. They both had 128GB SSDs which is on the small side, but for the price that's understandable. Also they both had batterys in excellent condition, giving around 4-5 hours battery life. A much better option in my opinion than buying a cheap new laptop which will most likely be of questionable quality.
I have not problem with XP online and that is what I'm using to post this. Xp has a great virtue in simplicity. It is much easier to secure and lock down than any later version of Windows. As I said before, it is no less secure than it was ten years ago. It was widely exploited and infected then if it wasn't properly secured and that hasn't changed. Every subsequent version of Windows has suffered the same since then in spite of the constant patches from MS. Out of the box, I can't think of a single version of Windows that could be called secure in any realistic sense. They all require additional software and tweaks. The model T would be something like Windows 3.1, not Xp which is more like a Toyota from the 80s if you want to do car comparisons. It might be a bit dated but it is still very much road worthy.
Hi @Bill_Bright. Yes I understand and accept that Windows XP is a platform for which Microsoft is no longer providing consumer support, and that in turn many software companies are making the business decision to also withdraw their support. I'm aware of the opinions of many technical commentators, writers, and security experts on the topic, and of the unpatched vulnerabilities for which exploits exist. It was for all those reasons that I was so curious to see how well a Windows XP machine with only passive security would fare, and in that context learned more about the risks for myself. What you aren't considering is that exploits need a surface area in order to work. I can navigate my Windows XP machine to any number of sites hosting exploit kits - including those for unpatched XP vulnerabilities - and it doesn't get magically compromised. I've already asked you to provide a likely mechanism of infection, or a scenario in which you'd expect one of our XP machines to get infected. If you can't, then I believe it gives an appropriate context for the technical validity of your opinion. We need a higher standard of discussion on a security forum than "there is a zero day vulnerability so you will get infected".
Ex corporate Thinkpads are marvelous and cheap. And they will run many different OSes well, several different versions of Windows usually, all kinds of Linux distros and even recent versions of OS X. OS X is the only one that is a bit challanging to install and get going. Linux is right at home in them.
You know what, from reading your posts and seeing your signature I had a strong feeling that you had done this The ThinkPads seem to be a popular ex-business item and are pretty rugged - the i5 m520 is powerful enough that in combination with an SSD it'll easily outperform a new consumer-grade laptop with a mechanical drive. I kept the EliteBook for myself, unexpectedly becoming my main machine - while I gave the Acer TravelMate to my niece who was delighted to have a well-designed, ultra-thin laptop.
The point is, tomorrow it might because there could be a new vulnerability discovered and never patched. You are defending "your" position with "your" computer. You have advanced skills and a security awareness that the vast majority of users don't. Yeah, okay, you "will" is extreme and a bad choice of words on my part. But that is the whole point of zero-day exploits - they are released by badguys before Microsoft or the security good guys are even aware there is a new vulnerability, and before they can patch or create new definition/signature files to thwart any malware that might exploit that vulnerability. And my point is, because MS will not patch, and if the good guys cannot create a definition/signature to protect XP, then if that system is exposed to that malicious code, it WILL be infected. So, yes, there are a few "ifs" in there, but those ifs are covered in newer Windows, not XP. You wear a seat belt to protect you "if" you are in an accident. With XP, your seat belt is broken. That does not mean you WILL get into an accident. But you might - and that is totally regardless the fact you may be the best and safest defensive driver out there. And again, the problem is not just that the XP computer may be compromised, it is that system will most likely then be used as threats to others. Because there are free alternatives available, XP needs to go away (or at least off-line) - perhaps repurposed as a NAS or music/video streamer isolated from the Internet. Huh? Not even. Windows 7/8/10 are much more secure right out of the box. And with Windows 8.x and now Windows 10, Windows Defender is enabled very early in the boot process right out of the box too. With XP, you have virtually zero security (except for a firewall) when you first install Windows. Unless you had the forethought to download it before hand, you must connect to a network then access the Internet with absolutely no anti-malware protection to then download some security program and then install it. Oh, and that is with a very outdated browser too. For most people, Windows Defender and Windows Firewall is all they need. That and MBAM is all I have on all my systems (free on some, MBAM Premium on this and my notebook).
He wasn't talking about right out of the box; he said it was easier to secure than its successors and I agree: fewer moving parts to contend with. It's a moot point because Vista/7/8/10 just simply isn't an option for may boxes out there. (not to mention that Vista and 8 are just plain awful from a UX perspective) It's also a moot point since any OS can reach the level of security that is 100% secure with user competence.
How do you know what he was talking about? I go by what he said, not by what you think he said. And he said XP is easier to secure and lock down - that implies from a fresh install. Fewer moving parts? Nah. But it does have more insecure parts - like old versions of IE. When was the last security update for XP? April 2014. Then go Linux. I agree, but that's a HUGE and unrealistic caveat. Plus, it assumes the user will never accidently fall for a cleverly composed socially engineered trick to click on a malicious link. And more importantly, it assumes every user of a computer is equally competent. But many households have several users, typically with only 1, if that, who is totally security savvy. And since the user is always the weakest link in security, properly securing a computer is no guarantee one of the other users will not mess up.
Seriously? Because I read all his text, specifically, "It is much easier to secure and lock down than any later version of Windows." ...to secure and lock down is an infinitive verb describing what the user does after opening the box. I assumed nothing, hence the caveat. You keep talking about John Q. User; the rest of us are talking about hardware, operating systems, and software--specifically ours and how it pertains to us. Again, we aren't talking about securing a corporate network here.
@Bill_Bright We're not speaking to the vast majority of users, but discussing technical topics with other users in a dedicated security forum. I don't think even that's the case, because we can have other mitigations in place and so prevent infection even at that late stage. If we consider the mechanisms of infection, then it's not necessary to rely so heavily on signature-based protections or on the timely delivery of patches in order to properly secure a machine, even in Windows 7/8.1/10. Even if an exploit itself is successful, it doesn't follow that infection "will" automatically happen. Hardening techniques can stop a lot of infections regardless of how novel the vulnerability or trojan. We can reduce the attack surface substantially so the exploit has nothing to work with, or prevent the malicious scripts from running in the first place. We can use default-deny and prevent trojans from dropping to system folders, being able to run from the userspace, or from altering other processes. We can use anti-exploit programs, which have the potential to block some aspect in the chain of infection - even after a kernel level exploit during a browser session. Windows XP makes it possible to close all network ports without adversely affecting function, effectively closing off a whole vector of attack - so that in practice the computer isn't actually vulnerable to particular network and internet worms regardless of what the CVE says. Windows XP also makes it possible to remove whole components, so really it doesn't matter if IE is out of date or if the default photo viewing software has an exploitable vulnerability, because if vulnerable components aren't there then they can't be exploited. With that in mind, it's very simplistic advice on a security forum that the only way to secure Windows XP is to take it off the network, and you may acknowledge that a similar argument could be made for any version of Windows. In practice, Windows XP remains a securable OS, and someone advising other technical users differently will need to have a grasp on some of these security principals and mechanisms of infection. With a setup like that, realistically the main security comes firstly from being up to date with patches, and secondarily the firewall/IP blocking. With that approach, most of us could have run Windows 7+ for years without ever having a challenge to the AM/AV. We could visit sites hosting exploit kits, and potentially not be vulnerable to any of the exploits in the toolkit (although ITW zero day exploits have become much more common). If MBAM and Defender were quarantining malware, then it would show that the security setup is relying on a roll of the dice, i.e. infection would be dependent on whether or not the AV/AM software could detect malware. Unfortunately for one user I know, the single time MBAM Pro was necessary to prevent an infection - it failed to detect the zero-day malware and their computer was infected. Consequently I set them up with contingencies like anti-exploit and a software policy so that it doesn't matter what the AV/AM does.
What I said was "Out of the box, I can't think of a single version of Windows that could be called secure in any realistic sense" Even though there have been some "out of the box" improvements, I still have to create a LUA, tweak file permissions and group policy and install some additional software to make any version of Windows secure in any realistic sense. Post Xp versions of Windows are safer out of the box but I wouldn't call them secure in any real world sense. That is for the user to implement. I have my methods, others have theirs. For those without the skills needed to lock down the OS on their own, there are many prepackaged software solutions both free and paid. There are lots of excellent threads on Wilders about them.
I was going to leave this, but since the OP weighed in again, (apologies, it was someone else) and Bill should listen to what people are trying to say without presuming things, I'll try again.... Huh? Who said anything about "unethical press"? YOU did, and what makes you judge and jury about who is ethical and who isn't. How do you know that? You'd have to have your brains in your pocket to not have seen that SO-CALLED respectable companies are no more to be trusted than the other side. What you need to do is stop putting words in peoples mouths and presuming the reasons why people come to their conclusions. The fact of the matter is the information is right here at Wilders, and from respectable voices who over time, one learns to listen to. Just one example, Windows 10 downloading automatically on peoples computers without their knowledge or permission. That was discussed here at WILDERS! Another, the telemetry fiasco. It goes on and on... How do you know that? I ditched Norton many years ago. For such a "reputable" company, they sure leave a lot of dregs on your system. Companies getting "brought off" happens all the time. How do you know who that happens to? You don't seem to get it that if the OS can be locked down, how many years back is irrelevant, as is other arguments you present. People may not want to switch to Linux, and if I was confident that later OSes than XP were able to be made secure and respected privacy, then I'd gladly do it. As (I think it was MisterB) said, there is an issue of hardware compatibility and that is something that affects me. Current High end specs are something I'd acquire in a heartbeat, but not at the expense of XP. I think that's a poor analogy. The only threat that car would present is speed. Frustrating yes, but compromise your security and privacy....hardly. You can't compare cars to internet security & privacy. No. I would recommend the opposite, for those who are willing, for whatever reason, to learn to lock it down. Your argument that later OSes are more secure doesn't fly. Edit: adjusted an error I made up the top.
If a system is vulnerable to infection from malicious links then perhaps it hasn't been setup securely.
Oh? Then why, tell me, why, than that it is called, the "Information Superhighway" huh? eh? eeeh? You can drive a Model T on the highway so long as you obey all traffic laws, like the minimum speed. This is a great analogy since 1) misinformation: nothing makes a Model T itself illegal to drive on the highway 2) it can be "hardened" to be driven safely on the highway. Now...you pick the bigger threat: Model T or double-trailer semi? Model T or crotch rocket? "Newer" doesn't mean "more secure" as everything out of the box is insecure anyway. If you harden your OS, it is hardened and therefore all have the same level of security (whitelist/anti-executable/Group Policy/virtualisation/etc.).
It's the idiots who are recklessly "surfing" the information superhighway that pose the true risk to traffic
I'd say more from ignorance than from idiocy. To non-technical types, a computer is an appliance. One doesn't need to "secure" ones TV, stereo, refrigerator, typewriter... So, really, the issue is more of the driver (user) than of the vehicle (OS).
Thanks for the earlier recommendations in a couple of posts about instead of a cheap new desktop look into a good used off business lease computer. Well I had a did a quick search and there are many businesses in my area that do just that and I saw several Lenovo Think Centre pc's selling for in the range of 100-175 so that seems like a good option. There are also many Dells for sale as well but do you much prefer the Lenovo to them? And assuming these used pc's are roughly 3-4 years old or even 5 is it still easy to add a SSD drive to them without any compatibility issues? Thanks.
I thought some destinations in the information superhighway specifically banned older OS and browsers though? Probably easy to circumvent as long as browser makers still support XP, and you can change the user agent and whatnot. But still, I'm not sure what to make of it. I guess Lenovo has better quality, but I wouldn't limit myself to either. They probably will have older versions of SATA that might be a bottleneck to the SSD (Wikipedia is your friend), but there shouldn't be compatibility issues unless they're still somehow using IDE.
A lot of the newer Lenovo products are not nearly as good as the ones from a few years ago. I'm more familiar with Thinkpads and ex corporate ones from the Windows 7 era with i5s and i7s are going for great prices right now. SSDs are also getting much more affordable. All of the recent Win7 SATA machines are going to have no issues with SSDs and the SSDs for them are going to be fast and cheap. It is the older PATA machines that aren't going to have inexpensive plug and play SSDs but there are compact flash, SD, mSata and NGFF, to IDE adapters that can be used with them. Since the PATA drives for them aren't being manufactured anymore, that is really the only option if you want a new drive for them.
I don't think Lenovo has any better quality than the other brands. It really depends on the model you select. After all, computer makers just assemble different parts from different makers. Of course, with notebooks, the makers have their own proprietary ways to put them together but a Seagate drive is a Seagate drive, an AMD CPU is a AMD CPU, and an ASUS OEM motherboard is an ASUS OEM motherboard.
Incorrect. Seagate and WD (and probably all others) have varying qualities of HDDs. WD Black > Blue > Green; the Black drives are fantastic, the Blues, not so much. That's design, then there's "binning"... Motherboards also have varying quality and aren't in the same league as their retail counterparts. Retail/quality OEM: made in Taiwan with high-quality components (i.e. Japanese capacitors); Best Buy OEM: made in China with cost-effective ("cheap") components (i.e. Chinese caps). Finally, the overall system components matter: did the OEM choose components that work well together or did they get a good deal on one and didn't worry about the bottleneck...
No. I am 100% correct. No dah! That is why I specifically said, "it really depends on the model you select. After all, computer makers just assemble different parts from different makers." For starters here, this thread is about notebooks, not PCs. There is no thriving build it yourself notebook industry where you can go out and buy a "retail" notebook motherboard. The higher end Lenovos will use higher end Seagates just as the higher end Dells will use higher end Seagates, or WD or whatever. But it is not uncommon at all for a notebook from HP and a notebook from Dell (as examples) to use the exact same ASUS OEM motherboard and Intel CPU with the exact same RAM from Micron or PNY. So again, no dah with the motherboards. We are NOT comparing OEM to retail. We are talking about OEM motherboards in notebooks from brand A to brand B. ASUS is one of the largest OEM motherboards makers in the world. This is why (if you work in a shop) you frequently see the (almost) exact same OEM ASUS motherboard in an Acer as you do a HP as you do Toshiba as you do a Lenovo - again, depending on the model you select. The only difference is the BIOS where the computer makers brand them to make them proprietary. To add to my "correct" statement - it is the same with RAM. These notebook makers buy their RAM from the same OEM suppliers. And it is the same RAM users can buy from Newegg. And make no mistake, if you go to Best Buy or Amazon and buy a $30-40 brand name retail motherboard from a maker that also supplies OEM boards, it will be nearly identical to the boards found in budget computers from the big name makers - the difference again being the branding in the BIOS. It is wrong to assume an OEM board will be inferior to a retail board. It just depends on the product line (entry level to top tier) of the board. In other words, This is why we build all our own PCs here - because we can select the components that best suit our needs, and cut corners, if we need to trim the budget, where we want, not where the big makers want. But you cannot do that with notebooks because there is no ATX form factor standard for notebooks, thus no thriving build it yourself industry of parts.
I don't work in a shop. I am the shop. Since 1981. Asus, et. al. make varying qualities of motherboards for OEMs, some are good, some ("mass market") aren't. Don't confuse "popularity" with "same". I don't completely disagree with you, just they all aren't the same. I didn't say that either.
