Has the XP Avalanche of Doom struck yet?

@Peter2150: Nobody said anything about throwing computers out. Most made within the last 10 years or so will run Windows 7 okay. That said, yes, software bloat is a problem on a lot of levels.

@Nebulus: apples and oranges IMO. Worms usually exploit network services, and those services cannot accept connections period if they are blocked by a firewall. In the case of application whitelisting, the whitelisting will not be effective if the mechanism by which it intercepts system calls cannot be trusted. Whitelisting on XP isn't like blocking ports with a firewall; it's like politely telling the network services to ignore incoming connections.

@noone_particular: can you tell me all of the following, just off the top of your head, without looking them up?
- 3 valid instructions in Intel-style x86 assembly, applicable to modern x86 CPUs in 32 bit mode, and their functions and typical roles in a program
- 2 flaws which allow a program to be be compromised by malformed input, what they constitute, why they are dangerous, and how they may be defended against
- 1 method by which Windows NT system calls may be intercepted, in detail, and its advantages and disadvantages relative to other methods

 

GJ,
What purpose is that going to serve?

 

@Gullible Jones: I was trying to show that patching an OS is not the only way to secure it, hence the lack of new updates for XP doesn't mean that it won't be possible to secure it at all.

 

i'd much rather have the OS handle the security than having to rely on 3rd party 'solutions'.

of course, people choosing to keep using XP will have no choice but to use 3rd party security applications.

 

If security was the only factor, the decision would be simple. For a lot of people, cost is a big issue, especially when that means a new PC. Others don't like the privacy implications of the newer versions of Windows. When all factors are considered, the decision is a tradeoff either way. I'd rather deal with the possibility of encountering malicious code that might be able to compromise my defenses. IMO, that's preferable to dealing with an OS that is logging everything I do and every site I visit. The first is a possibility. The second is what the current Windows is designed to do.

 

But throughout its lifespan didn't XP users have to continually depend on 3rd party software to help mitigate exploits to the OS? So in that context nothing has changed. Well except no more OS patches.

 

To be very blunt: demonstration that you know at least the most basic aspects of how security software works.

Edit: look, I realize this probably comes off as pretty arrogant. I'm not trying to embarrass you, and probably should have been a lot more polite. I just want bare minimum demonstration that you know what you're talking about at least as well as I do (and for the record I'm still very much a novice).

 

This would be ideal, but I don't think that it is possible to rely only on the OS security, either for XP or for any other (newer) version of Windows. Sure, you could use MSE and Windows firewall, but that is still relying on other sort of security tools than just on the fact that your system is fully patched.

 

i been using only the Windows built-in firewall and on-demand scanners (MSE disabled) for the past 3 years in Win 7 and 8.
Windows XP also has a built-in firewall, though not as good as the ones in Windows 7/8.
Windows 7 and 8 are a lot more safer by design than XP.

everything has been fine and i did not get any malware.
i'm the only person using my computer so i'm the only one i have to worry about.

of course, if you have a few users using one machine then that becomes more of a problem.

 

I don't recall anyone else here having to pass a pop quiz, including you. What comes after the quiz, comparing credentials? I started to reply to your quiz yesterday. A few minutes into it, I decided that it was a waste of time, deleted it, and forced myself to leave this alone for a day. You're right about one thing. In the 10 years I've posted here, 6 under this alias, 4 under another, that was the single most arrogant demand I've had pointed my way on this forum. I don't see one good reason that I need to "demonstrate" anything to you. I don't claim to be an expert, especially at a programming level. As much as I'd like to, that's an interest that I don't have time to pursue. If that means you'll disregard or argue anything I post, so be it. It's been nearly 40 years since I had to take a pop quiz. I didn't like them then. I like them even less now. I need to stop before I get myself banned.

 

Linux Mint, anyone?

 

Thank you for my morning laugh.

 

New post-EOL updates for XP already on the internet, there are even updates for .NET 1.1 and IE6.

 

Over the next year or so will give us a clearer picture as to the impact.

Home users that have the attitude of 'come and get me, if you can' may entice the bad guys to do just that. Maybe that is what they want as they have hidden their assets or have none. It is a lure or game that if the bad guys bite, will be a source of entertainment for the antagonists. Those not participating in this 'game' will find themselves ducking for cover if this little game turns into a war. Who is more likely to win?

Businesses that stay on XP without multiple levels of security are taking a huge risk. I would expect MS would not come to their rescue if major problems did occur. They will be expected to bare the consequences as they have had adequate warning. Obviously their intention is not to provoke the bad guys, but they will most likely be targets of opportunity. Only one winner here.

 

Would it be against the rules to post a link to May 13th updates that have been ported to XP (tested and working)?
I looked around for a list of what not to do on this forum. Maybe I'm getting old, but I can't find anything, although I find reference to "the rules".

 

Try the far bottom right of the page. The "Terms and Rules" link.

 

I saw that link, but this is all I see when I click on it:

http://s22.postimg.org/zesnqt13l/rules.jpg

IE8 or FF29, with or without ad blockers, still see nothing but the title of the page. Weird?

 

@darkrats
Perhaps it's better to create a thread about your current problem in this forum section to get a better attention:
https://www.wilderssecurity.com/forums/general-topics.5/

 

Hi GrafZeppelin.
I'm not going to worry about it. That page just doesn't work for me.

 

Where may that be? Any trustworthy sources?

 

I got a security update for Internet Explorer this month. I think that might have been because of the recent security breach that was all over the news. Other than that, only the Malicious Software Removal Tool. I don't use it but use Microsoft Safety Scanner and was pleased to see it still works on XP. Hope it stays that way. Between that, my firewall, and regular backup images I feel pretty safe.