The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sun Nov 24, 2024 2:47 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 26 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Thu Nov 14, 2013 7:30 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
How critical is it for individuals, small businesses, churches, etc, to migrate off XP now that it reaches EOL in April? How risky is staying on XP?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Nov 14, 2013 8:08 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Let's put it this way.

Technet lists 1137 security bulletins (which then correspond to a security update that was published) for Windows XP.

So Windows XP averages around 100 security vulnerabilities found and fixed a year since Oct. 2001... and will no longer be fixing them.

Hackers love targeting systems that don't get updated, because they're the ones the vulnerabilities work on. With stuff that's not EOL, hackers have to work on the assumption that only a portion of the systems out there will be vulnerable to a non-zero-day exploit, and the efficacy of a newly found zero-day exploit has a limited window of utility. Come April, 100% of systems will be unpatched for known exploits, and zero-days will last against XP systems forever. So EOL OS's that are still in widespread use get lots of hacker attention, because they're the ideal targets.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
PostPosted: Thu Nov 14, 2013 8:17 pm 
Offline
User avatar

Joined: Thu Feb 04, 2010 2:08 am
Posts: 906
As someone with an older machine using XP, I am already preparing myself to budget for a new machine and OS. I really don't want, since I have many other things I need to use the moneys for, but 5 or 6 years is probably more than I should have expected out of this machine anyways. I only upgraded small stuff like ram, video, and my PS along the way. My old coreduo from cyberpower has served me really well. With my 4770hd upgrade, it runs WoW (not maxed out) very well still.

Now, gotta explain to my wifey that I need to spend 800ish dollars in a few month on a new rig =)


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Nov 14, 2013 8:18 pm 
Offline
The Dancing Cat
User avatar

Joined: Wed Nov 04, 2009 2:21 pm
Posts: 9354
Location: Ohio
The biggest risk is if you have to reformat.

_________________
Quote:
In comic strips the person on the left always speaks first. - George Carlin


Top
 Profile  
Reply with quote  
PostPosted: Thu Nov 14, 2013 8:27 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
The biggest risk is probably more like having confidential information stolen or exploited resulting in the destruction of your organization because the decision makers are cheap ****.

You know, worst case.


Top
 Profile  
Reply with quote  
PostPosted: Thu Nov 14, 2013 8:35 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Lenas wrote:
The biggest risk is probably more like having confidential information stolen or exploited resulting in the destruction of your organization because the decision makers are cheap ****.

You know, worst case.

This.

Even if you're an individual.. do you keep any tax records on your computer? Access any email from it -- and receive e-bills? Access electronic banking? Etc.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 12:30 am 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
And don't forget online banking,shopping, your personal contact information for family and friends, etc...


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 15, 2013 11:54 am 
Offline
User avatar

Joined: Sat Oct 10, 2009 4:39 am
Posts: 452
Sam wrote:
As someone with an older machine using XP, I am already preparing myself to budget for a new machine and OS. I really don't want, since I have many other things I need to use the moneys for, but 5 or 6 years is probably more than I should have expected out of this machine anyways. I only upgraded small stuff like ram, video, and my PS along the way. My old coreduo from cyberpower has served me really well. With my 4770hd upgrade, it runs WoW (not maxed out) very well still.

Now, gotta explain to my wifey that I need to spend 800ish dollars in a few month on a new rig =)


You know, just buying Windows 7 or 8 is an option, you don't have to upgrade your computer. I'm running Windows 7 on a computer that's 8 years old and it's actually quite a bit faster than Windows XP. I can understand if you want to get a new computer anyway, and take advantage of Windows being bundled with it, but I just wanted to make sure you're aware of your options.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 12:02 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
See, that is kind of what I thought. My question was kind of general sense I didn't want to bias it. But this is specific to the church I go to. There are several machines running XP.

Their I.T. guy is insistent that it isn't an issue and not to bother. He owns his own I.T. company that "manages 1500 systems" and has been in business for years. Someone else on the board at the church has quite a bit of experience and also says not to do it, that it's a waste and not a big deal.

Every bit of research I've done indicates THIS IS A BIG DEAL. So now I'm left baffled. I'm convinced, but people with much more experience in I.T. than me (I'm a software developer, not I.T.) say it's no big deal.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 12:10 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Does the guy who manages the systems for the church get paid to do it, or not?

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 12:11 pm 
Offline

Joined: Wed Sep 02, 2009 10:49 pm
Posts: 3455
Location: St. Louis, MO
That's because you have to understand that most IT people have zilch in the way of security consciousness.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Fri Nov 15, 2013 12:30 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Aegnor wrote:
He owns his own I.T. company that "manages 1500 systems" and has been in business for years.


Owning a company doesn't make you a master of its operations. My boss doesn't know **** about day to day web development work but he's great at marketing. Just because this guy walks past a server farm or something when he goes to work doesn't mean he could run any of it without his staff. Anyone that says any software is not worth updating shouldn't be allowed to make security decisions. We run niche websites on a platform that gets updated monthly and I still need to deal with the occasional SQL injection or whatever. If you have vulnerabilities then someone is going to exploit them, and if the security hole is big enough you may never even realize that anything is wrong.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 12:34 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
Yes, he does get paid. He's not a member of the church or anything, he is just the owner of the I.T. company that they hired.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 1:08 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
He needs to be dismissed with prejudice


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 1:50 pm 
Offline
The Dancing Cat
User avatar

Joined: Wed Nov 04, 2009 2:21 pm
Posts: 9354
Location: Ohio
Seriously this goes beyond security, if you have to reformat how do you get from clean install to SP3 + updated drivers for all your sheez? It is hard enough with Microsoft providing updates for XP today, let alone when they shut that off.

_________________
Quote:
In comic strips the person on the left always speaks first. - George Carlin


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 2:19 pm 
Offline
Bull Moose
User avatar

Joined: Wed Sep 02, 2009 7:36 pm
Posts: 7507
Location: Last Western Stop of the Pony Express
Upgrade to Windows 7. My Department finally did because of the EOL coming around and the security issues involved. They are seriously cheap about this stuff. Heck, they even upgraded to IE9, which wasn't as good as I had hoped but better than I expected.

_________________
The U. S. Constitution doesn't guarantee happiness, only the pursuit of it. You have to catch up with it yourself. B. Franklin

"A mind needs books like a sword needs a whetstone." -- Tyrion Lannister, A Game of Thrones


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 2:26 pm 
Offline
User avatar

Joined: Fri Feb 05, 2010 11:59 am
Posts: 3879
Location: 63368
I'd say it depends on the role these systems play.

"Not connected to the internet, used for a proprietary app, re-imaged from ghost regularly" isn't as serious an issue as "mission critical".

That doesn't mean it's not serious, just means it's less serious.

I don't plan, for instance, to upgrade the XP image on my personal VMs. They're stand alone systems, basically just set up to serve as a backup container for the docs/apps I have in whatever ancient file format they were created in, like Illustrator or PageMaker. 10 year old crap, but recently I went back in to get data from it, so I can't say its useless.

_________________
In time, this too shall pass.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 2:52 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
They are used for various purposes. Email, web, MS Office, etc. In other words, ripe for infection. And of course they have access to the shared drive on the server.


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 15, 2013 3:15 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Well if they can't shell out a few hundred dollars for some Windows licenses, maybe the pastor can just pray to keep the malware away.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 15, 2013 3:36 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
It is more than a few hundred dollars. All told it will cost in the neighborhood of $8k. That includes the licenses, some HW updates needed to run 7 (mostly video cards), and then there are some that are so old they have no hope of running 7 and would need to be replaced.

So that's not chump change. And they've got their I.T. guy saying don't bother, while I'm over here saying they're wrong, and this is a big deal.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Nov 16, 2013 12:10 am 
Offline
Manchurian Mod
User avatar

Joined: Fri Sep 04, 2009 9:40 am
Posts: 5866
Is this guy the same person who is hired to fix your church's computers is they get infected with malware?

It sounds to me like he's trying to take a group of underinformed churchgoers for a ride. Right now it looks like he's saving you a ton of money. You'll be so pleased with all the money he just saved you that you'll be happy to hire him to clean up your computers when they get infected.

_________________
Buckle your pants or they might fall down.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Nov 16, 2013 4:54 am 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
What is the integrity of the overall computer environment? Is data being backed up? Stored securely?

I also wonder if he is accountable/responsible in any way for costs associated with data loss, compromise, etc...


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 16, 2013 8:57 am 
Offline
User avatar

Joined: Fri Feb 05, 2010 11:59 am
Posts: 3879
Location: 63368
If cash is an issue, go Linux, but don't stay on an unsupported OS.

_________________
In time, this too shall pass.


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 16, 2013 12:02 pm 
Offline
The Dancing Cat
User avatar

Joined: Wed Nov 04, 2009 2:21 pm
Posts: 9354
Location: Ohio
Taskiss wrote:
If cash is an issue, go Linux, but don't stay on an unsupported OS.

Image

_________________
Quote:
In comic strips the person on the left always speaks first. - George Carlin


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Nov 16, 2013 4:11 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
Scheduled backup with onsite and offsite backup. There's a firewall AVHIDS, etc.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 26 posts ]  Go to page 1, 2  Next

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 174 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group