Philipitous

Are MS Updates for XP really necessary?

93 posts in this topic

I can name quite a number of things, though it may get somewhat technical, and I don't know what level you'd understand.

Well, you can try, rest assured that if the things you name will be so mindboggingly complex as to become beyond our understanding capabilities, we will ask you to stop the listing before our little brains will risk to explode.

jaclaz

0

Share this post


Link to post
Share on other sites

...

Everything you are describing is about protecting the average user, the "Sheeple" as they are affectionately known to so many. I'll be the first one to agree that they are hopeless, I see their handiwork everyday.

However, if I do not invite you in from the inside, and you cannot hack your way in from the outside, the computer will not be compromised, period. This includes any version of Windows including Windows XP, unpatched, running as administrator, bare naked with no antivirus.

I think there are two kinds of people in the world nowadays, in large part thanks to Microsoft, Apple and others. There are those with situational awareness, and those without. In the former case the people are not connecting everything they own to the Internet, especially anything important, and obviously not clicking on everything in sight. In the latter case, well, they go online with everything they own and click on it all. And they don't really care. If it means digging into a menu to change a setting they won't even bother. Strong passwords and passphrases, forget it. Many times they don't have any clue that they are even online, and again we can thank Microsoft and others, but especially Microsoft for blurring the distinction between online and offline. It has been their obsession since Windows 98. These are natural born victims. It's positively Darwinian. Microsoft and all their patching cannot save them.

Any remote kernel exploit will quite obviously bypass everything other than hardware based security. Any local kernel exploit combined with RCE in a program such as a browser will bypass your NAT/ network Firewalls, and provide full system control regardless of sandboxing.

That's one way of saying that the sheeple invited the malware into the computer and executed it. And that wouldn't really be "bypassing" a NAT router, it would be normal use of communications by design. It did not break in, it did not bypass anything. All the discussion above about 8/8.1 and its countless patches and ductape to numerous files compared to earlier versions of Windows come into play after the sheeple invited the malware into the computer and executed it. You are describing an OS that is built for the worst case scenario, and I agree, it is. It is reduced to the lowest common denominator, the sheeple that operate in this environment. And that's fine. It keeps many of us in business cleaning up after them, despite all the exploit patching.

Since you named "8/8.1" and used the phrase "considerably more secure", can you explain how its security is increased over say 7 or 7(sp1) ? It will have to be mega-gigantically more secure to even make a dent in the flourishing infection rate on those Windows 7 systems. Note that the inclusion of MSE out of the box does not count as a security boost because it still needs to get the latest signature update anyway as soon as 8/8.1 is installed. The only thing it saves is the initial download of the engine and this is a tiny download every tech keeps on a stick anyway.

I can name quite a number of things, though it may get somewhat technical, and I don't know what level you'd understand. MSE makes no difference to me, since bypassing AV isn't difficult, and it also isn't a technology that makes 8 any harder to hack than XP.

One major difference over XP is a proper implementation of ASLR. XP lacks all ASLR, making remote code execution trivial. Windows 8 ASLR is the first proper implementation on Windows, with multiple information leaks removed, and the ability to have all memory maps randomized. There is significantly more entropy as well.

Vista+ are immune to shatter attacks. On XP the difference between Admin and restricted user is not enforced properly, making escalation attacks incredibly easy. Microsoft released a patch to solve this, and it does somewhat, but it's not as well implemented.

Privileges in general are improved, as system services run with lower rights on Vista+, and areas of the kernel have been moved to userland, where an exploit won't be so critical.

/GS is used further in 8+ for system services.

I could go on.

These changes are considerable.

Okay fine, I can accept all that as fact. But nothing you said there was about Windows 8.x versus Windows 7. We're well aware of where Windows XP sits in the evolutionary tree ( ironically it's a benefit to XP in many ways that is not weighed down by a hundred services and tasks, and yes this was correctly said about Win9x compared to XP ). But I asked about 8 versus 7 specifically because unless there is a giganto-humongous increase in real security over Windows 7 ( and I highly doubt it ) then the never ending stream of infected Windows 7 systems will simply evolve into never ending streams of Windows 8.x systems. All the bullet lists of patchwork and ductape from version to version has made no difference in over a decade when those systems are owned and operated by sheeple. Please note that none of what I am saying here is aimed at you in any way, it is aimed at the security treadmill industry whose chief product is bullet lists full of theoretical vulnerabilities.

Wait, "not really relevant" ? Sorry, but this is incorrect. Hardware firewalls are everything when talking about home PC's on broadband. And history backs this conclusion as the proliferation of NAT routers ( thanks mostly to so many people getting laptops ) served to lock down many homes from port scanning attacks that were popular in the dawn of the broadband era before Windows shipped with any software firewall. Throwing away most incoming packets is the first line of defense because they never even arrive at the computer in the first place. It is why my software firewall logs are always empty.

No one attacks a users laptop anymore in any way that a network Firewall will matter much. Worms like conficker are remnants of the past, anyone on a modern system is far more likely to be attacked through a service that already is taking in input.

This is where I disagree. You can't even use remote assistance without opening ports on the NAT router. You cannot torrent. P2p comm programs and other utilities will not work. Even Xbox requires a change. Everything is opt-in, and it really can't get much more secure than that, can it? Many common pathways are slammed shut by default, arriving packets tossed and no CPU wasted in the process.

Maybe I was unclear in that phrasing above. When Windows XP came out useful broadband was just arriving for the average home consumer ( speeds above ISDN ) and this meant they now used a modem from the ISP. People just shoved their ethernet wire from their single home PC into it and were off to the races. Thus began the download era, the worm era and also the near instantaneous computer virus infection era when a typical user clicked on those attachments and those "click me" links in email or on pictures of Pamela Anderson ( or was it Anna Kournikova? ). Then when laptops arrived in quantity and demanded either another ethernet jack or a wireless access point now a local router was added. Thankfully these routers mostly came with NAT ( lucky too, this was long before IPv6 was talked about much ) and thus home computers and networks suddenly became relatively secure overnight. Well, until the geek in the home started reconfiguring for torrents and other stuff.

It's not at all about how a laptop is attacked because there are so many methods. The victim clicks a link or opens an attachment or autoruns a local file with a malware payload that quickly infects the PC with malware that uses port 3389 ( or any other ) which are now blocked. It's what happens after that. At today's CPU speeds malware can quickly change the registry settings for a software firewall to open all those ports or disable it completely ( even on a reduced user account tricking them into "OK" a prompted change, or I suspect simply using SetACL silently because I have a few unexplained cases with customers that swear they never clicked anything in Windows 7 ). Anyway, the point is that none of this ( opening up the firewall ) is possible with hardware security without intentionally entering the configuration interface for the router.

The hardware based security therefore is immune to unintentional alterations, and reduces CPU load at the same time. So I'm trying, but failing to understand why you keep saying that a hardware firewall in a router is somehow inconsequential. It really is anything but that.

MSIE has little to do with it, as other browsers will be just as useless on XP, especially without patches. Do you think Chrome's sandbox will save you? It won't. NoScript? Nope. We've already seen in this topic an attack that would bypass both of those things, attacking font rendering in the kernel via truetype.

In terms of money, you're missing the point. All attacks, virtually, are about money. If I hack you it's not to trick you into giving me money, it's to hook you up to my botnet so I can sell your system off to someoen for a couple hundred thousand dollars a year. And I'll likely sell off whatever accounts I access as well just for a couple hundred dollars extra.

A point of agreement in that Windows XP will likely run out of usable browsers. This is not something Microsoft should ever brag about though because they are the malevolent force behind this by obsoleting a working operating system, and spreading FUD daily about the cut-off date Armageddon and no doubt whispering into the ears of the other browser makers to get them to stop developing for XP because it will somehow save them money or something. They should get crucified again over this issue because even though their strategy is different this time ( obsoleting their own browser and operating system ), the end result is till the same, thwarting development and use of 3rd party browsers on a working perfectly operating system. This goes double for device drivers for new hardware. Microsoft is trying to force people to upgrade to a new operating system. Has anyone ever asked them why? Yes, Opera and Mozilla and Google are also to blame, but they are merely being stoopid while Microsoft is being reckless and yes, evil. No company that really cares about security would stop making their super duper secure browser for their own working operating system, which runs at least one third of all computers on the planet.

Now about MSIE, Internet Explorer has always been the single biggest Achilles heel for Windows users on the Internet. Sure it's getting better ( could it get worse? ) but I have screenshots from last year of the FBI trap on Windows 7 ( non-administrator, MSE running, etc ). Dialogs painted by Internet Explorer can look exactly like the operating system itself because Microsoft jammed MSIE it into the operating system itself. The social traps love to simulate official looking boxes which MSIE happily accommodates and is yet another fabulous reason to use try to third party browser software that does not mimic the Windows native look ( personally I use Opera with a custom skin I made but on Vista/7 you can always just kill the Aero glass look on an ad hoc basis in a shortcut's properties ). This means the potency of the trap bait is reduced because the phony dialog will stand out differently. But this problem is actually getting worse now - MSIE is actually getting more problematic because as Windows itself drifts more towards a web look the difference between what is "official OS business" and what is online garbage and what is a phony dialog all converges into a mess.

Worst of all, MSIE is often quite stoopid. Just unplug your ethernet wire and then click something in MSIE. It still serves up a "cannot display ..." page with that "Diagnose" option to scramble your network settings because the plug is out! That's just plain dumb. And dangerous because it trains the sheeple to accept that very low-quality web page as "official OS business" and later when that same user is confronted with a much more "official looking" but fake dialog they will understandably click it. The operating system looks like a web page so web pages easily look like the operating system. What I am trying to say is that by blurring the difference between online and off, and by not distinguishing the "official" interface from crappy webpages they are hurting the users because they no longer can discern what something is and where they are. IMHO, Microsoft isn't even trying to protect the user. They simply are not thinking these things through properly. And we're not even mentioning ActiveX yet. How can anyone take seriously a browser that allows something like this?

Oh, Botnets. Well I do agree that they are an evolving form of threat and I wasn't even thinking of them because I have seen so few so far. But point taken. Just don't underestimate the social traps like FBI and FixMeUp or PC Antivirus 2011 or whatever else. These I see all the time. And some of these folks have already paid cash ( the AV traps ) by the time I got their PC and then they had to undergo the whole credit card canceling and everything else. I don't believe those numbers though ( "hundred thousand dollars" ) but I'm not saying it's not a threat. Like above, they will have an easy go of it if the sucker hosting the botnet client is connected straight into the ISP modem, I doubt that will be the same for a hardware firewall.

Microsoft has stated that they consider 8 to be the most secure Windows operating system. They are correct. Again, NAT isn't important or relevant to modern attacks for desktop users.

They are correct with respect to protecting the hapless sheep. That's as far as I'll go though.

8/8.1 are not magic. You can get far more secure using Linux, and MS has more work to do. But attacking 8/8.1 is considerably more difficult than attacking XP.

(...)

Windows 8 would be far far far more secure in this case. But I'm not sure why you can't just... you know... have Windows 8 behind a router.

Well you can definitely put it behind a router also, but it sounds like you really don't think it's necessary. Here are two scenarios again ...

(1) Windows 8 system plugged directly into ISP modem ( NO Router ), standard user account, Windows firewall and the full CPU hogging disk thrashing MSE antivirus running. Using MSIE.

(2) Windows XP system plugged into NAT router, administrator account, no antivirus, bare nude naked. Anything but MSIE.

The answer depends largely on one's situational awareness and competency. I would think that someone such as yourself that used the phrase "it may get somewhat technical, and I don't know what level you'd understand" would be comfortable in either scenario. But there is a very good reason to select #2 and it addresses something you said in another comment: "But, of course, performance is not the question here. Security is.". Life is full of choices, we are constantly mapping out plus-minus decision matrices in our heads and this is a good case of that. Sure XP has some disadvantages thanks to planned obsolescence from Microsoft. But it has advantages that for many trump all the new potholes built-in to later versions. It is fast. There are less events occurring per millisecond because there is less housekeeping and disk indexing ( none in my case ). Also, of ever increasing importance is the fact that while Windows XP is less secure to all those theoretical exploits, it is quite reasonable to conclude that it is more secure with respect to government intrusion. The Windows 6.x kernel was entirely developed post 9/11 and then scrapped and re-written again - Longhorn to Vista. Windows XP has been service packed three times since 9/11 but so far I see no indication of a major Microsoft sanctioned spyware injection, but I could be wrong. We'll see.

Therefore I'll gladly go with scenario #2. And in fact I have been going with #2 for several years now. Why not? In the never-seen-yet scenario of some malware or infection I would just swap in a backup HDD or just drop the HDD in another computer and scrub it. It's not rocket science. ... Benefits? ... You gain back in the full power of your CPU which in scenario #1 is already taxed by numerous standard operating system tasks in Windows 6.x, but then what is left over is spent servicing the realtime antivirus, not to mention running the software firewall which is going to be busy rejecting all those packets that will never make it past the router in scenario #2 in the first place.

Scenario #1 simply repulses me. It does not fit my personality. I do not need hand-holding, or a browser that screens websites or an AV that downloads stuff to scan for threats ( and I forgot to mention scans folders clicked on in Explorer, and scrubs inserted flashdrives for what it thinks are threats wiping out my Nirsoft files, etc ). Nothing about this makes me want to do anything except vomit. There are far, far too many negatives in this scenario. It is simply unacceptable.

BTW, I'm not in this thread evangelizing scenario #2 over #1 for the average person out there. Let me be clear. Both scenarios have perfectly logical applications in the real world. #1 for the average user out there. If it was 5 and 10 years ago these Sheeple would be Apple users. But Microsoft has been busy grooming them, somewhat successfully and now they have their own flock to tend to. I get that. So for them, scenario #1 it is. For the rest of us who have been in this game since Microsoft was a hyphenated word, we'll just have to muddle along, taking our chances.

0

Share this post


Link to post
Share on other sites

However, if I do not invite you in from the inside, and you cannot hack your way in from the outside, the computer will not be compromised, period. This includes any version of Windows including Windows XP, unpatched, running as administrator, bare naked with no antivirus.

Well first of all a remote kernel exploit, like one in the TCP/IP stack will compromise a system, even if all ports are closed. Vulnerabilities exist in Firewalls (we've seen this on Windows, even) that allow an attacker to exploit a closed port as well.

But generally a box that has all closed ports is relatively safe. But as I've said, attacks don't rely on open ports anymore.

These are natural born victims. It's positively Darwinian. Microsoft and all their patching cannot save them.

I disagree. The majority of attacks against users go through hacked legitimate websites.

One really good example of this is the recent hack of Ubuntuforums.org. That's a "good" website, but for 6 days it was controlled by an attacker. In that time he could have easily put up an exploit page, and no "common sense" would have saved anyone - I'm a security professional and I visit that website, so do many others.

So I don't think the user being knowledgeable is so critical, because that fails very quickly.

That's one way of saying that the sheeple invited the malware into the computer and executed it.

Not really, trickery is not always necessary. Though it's easy. But as I stated above, Ubuntuforums.org was compromised - no one had to be tricked into executing code, or visiting a site, they went to it believing it was legitimate when an attacker controlled the content.

This happens often. There's no social engineering involved.

And that wouldn't really be "bypassing" a NAT router, it would be normal use of communications by design

Of course - the NAT did exactly what it's supposed to do. It's just completely useless in modern attacks.

All the discussion above about 8/8.1 and its countless patches and ductape to numerous files compared to earlier versions of Windows come into play after the sheeple invited the malware into the computer and executed it.

I doubt anyone invites malware onto their systems. They are either tricked into clicking on a link, tricked into downloading an executing a file, or they hit an unlucky webpage that's been compromised.

. It is reduced to the lowest common denominator, the sheeple that operate in this environment. And that's fine. It keeps many of us in business cleaning up after them, despite all the exploit patching.

No, not really. Users aren't critical to security, but that's not really the point I want to make, since it'll just lead to a whoel other discussion.

But nothing you said there was about Windows 8.x versus Windows 7

Yes, actually. Appcontainer (MAC) and ASLR are both unique to 8.x. 7 implements ASLR (as did Vista) but 8 is the first implementation that's done properly.

/GS improvements on Windows services are unique to 8 services AFAIK.

There are actually a large number of significant improvements to 8.x over 7. I can link you to a PDF that lists them in much greater detail if you'd like.

This is where I disagree. You can't even use remote assistance without opening ports on the NAT router. You cannot torrent. P2p comm programs and other utilities will not work. Even Xbox requires a change. Everything is opt-in, and it really can't get much more secure than that, can it? Many common pathways are slammed shut by default, arriving packets tossed and no CPU wasted in the process.

Well first of all your router must be screwed up, becuase you should definitely be able to torrent without opening ports on the router.

Packets are definitely not just tossed. You're reading this webpage right now, aren't you? That means that, somehow, someone is sending you data to your computer. That's all an attacker needs. They can MITM your connection, hack the website, send you a link, etc. Once you get to an area where they control the content (like opening an email from them) they can attack you. That's all it takes.

The hardware based security therefore is immune to unintentional alterations, and reduces CPU load at the same time. So I'm trying, but failing to understand why you keep saying that a hardware firewall in a router is somehow inconsequential. It really is anything but that.

Your malware doesn't need to mess around at all with your router ports. I'm not sure why you think that a router has to do something special when your web browser doesn't. Do you open ports on your router for your browser? No? Then why would malware need to? It's nto doing anything special.

(1) Windows 8 system plugged directly into ISP modem ( NO Router ), standard user account, Windows firewall and the full CPU hogging disk thrashing MSE antivirus running. Using MSIE.

(2) Windows XP system plugged into NAT router, administrator account, no antivirus, bare nude naked. Anything but MSIE.

Like I said, Windows 8 is better off. Although your 8 services are exposed more directly, getting into the XP box is not going to be hindered much. Of course, I wouldn't recommend either - you should be behind NAT, becuase you don't want to be exposed. But NAT isn't going to make up for an operating system full of holes. MSE isn't relevant, AV is stupid and anyone can bypass it completely.

In terms of performance there's a lot more to it than services running. On modern hardware 7/8 will run faster than XP depending on the task. But the reason I'm avoiding discussing performance is because it changes depending on the hardware - an old system will run XP faster than 7, a new one will run 7 faster than XP. That's just how it is.

The point is, as it has been, that given the same network setup, given the same user, given all things being the same, it is much easier to get into an XP box than 8.x. And it is trivial when the user doesn't patch.

0

Share this post


Link to post
Share on other sites

In terms of performance there's a lot more to it than services running. On modern hardware 7/8 will run faster than XP depending on the task. But the reason I'm avoiding discussing performance is because it changes depending on the hardware - an old system will run XP faster than 7, a new one will run 7 faster than XP. That's just how it is.

Could you give some examples (specific applications, benchmarks)? I'm no expert but I did some benchmarking myself and the results show that Windows 2000 is faster than Windows 8. Not a big difference but still...

Out of curiosity I ran a few benchmarks to compare performance of Windows 8 (32-bit) & Windows 2000:

CrystalMark 2004R3

Windows 2000

IhYDw.png

Windows 8

Jvqws.png

CineBench 11.5 (CPU)

Windows 2000 - 2.86

Windows 8 - 2.84

7-Zip (compression)

Windows 8 - 03:11

Windows 2000 - 03:15

Configuration:

AMD Athlon II X4 631

ASRock A55 Pro3

Samsung 8 GB DDR3 1333MHz

3x Fujitsu MAX3036RC (15k rpm SAS RAID0)

GeForce 6600

0

Share this post


Link to post
Share on other sites

You can't even use remote assistance without opening ports on the NAT router.

Well first of all your router must be screwed up, becuase you should definitely be able to torrent without opening ports on the router.

You're both right, and you're both wrong. Neither of you mention UPnP, which allows a router to open ports when requested LAN-side by an application. It should be disabled by default for tighter security "out of the box," but some manufacturers may not follow this philosophy for the sake of "ease of use."

0

Share this post


Link to post
Share on other sites

Tomasz,

I have no benchmarks on me. Benchmarks aren't always reliable either, as in terms of pure FLOPS CPU cycles will matter most, and an older OS will have more to spare. But for more complex applications, like a browser, CPU scheduling, memory management, superfetch, etc will be very important. So on a single core system with 512MB-1GB of RAM XP may be faster. But on a dual core/ quad core system with 4GB+ of RAM, 8 should be considerably faster, as it will make use of those resources much better.

One really simple example of where a benchmark won't see any performance improvement is Superfetch. HDD's are very slow, RAM is very fast. Your operating system (after XP) realizes this, and caches a lot of your file system into RAM. But it only has a little RAM, and a ton of file system, so it has to decide what goes into it. A benchmark, which you only run a single time, and which is specifically looking for HDD performance, will show really slow performance for disk access. But a normal program will end up benefiting significantly from Superfetch.

@5eraph,

uPnP is not necessary for browsing, nor torrenting. If you want to host a server, then ti is, because servers take in unsolicited information, but any program that creates an outbound connection will allow for inbound.

The IPTables rules would look something like:

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -m state --state NEW,INVALID -j REJECT

That's why your browser can work. It creates the connection (RELATED, ESTABLISHED) which then allows for inbound access. New connections are not allowed for inbound access.

So your system is not completely blocked form the internet, otherwise your router would kill internet completely. This means that, if you're running behind NAT, an attacker can still access your system. It's harder, to the extent that they can't just send packets straight at services, but it's really not difficult.

Edited by enxz
0

Share this post


Link to post
Share on other sites

The proper way to use a router/firewall as a protection against most kind of malware isn't a nat but blocking most traffic in both side and only allow browsing/internet access through a proxy (more secure with a whitelist of safe website and a realtime malware/antivirus scanner).

0

Share this post


Link to post
Share on other sites

Tomasz,

I have no benchmarks on me. Benchmarks aren't always reliable either, as in terms of pure FLOPS CPU cycles will matter most, and an older OS will have more to spare. But for more complex applications, like a browser, CPU scheduling, memory management, superfetch, etc will be very important. So on a single core system with 512MB-1GB of RAM XP may be faster. But on a dual core/ quad core system with 4GB+ of RAM, 8 should be considerably faster, as it will make use of those resources much better.

Still, I think at least some "hard" data would be required to prove your point. I don't really see any significant difference when running same applications under Windows 2000, XP and 7/8 on the same hardware configuration which was listed above. Benchmarks also don't show any large difference, and when there's a difference it's always favourable for the NT 5.x line (I think Windows 2003 Server actually scores highest but I've got no numbers to show at the moment).

Multiple cores and gigabytes of RAM are really nothing new to Windows. Even Windows 2000 is technically capable of handling up to 32 CPUs (cores) and 32 GB of RAM.

Edited by tomasz86
0

Share this post


Link to post
Share on other sites

uPnP is not necessary for browsing, nor torrenting. If you want to host a server, then ti is, because servers take in unsolicited information, but any program that creates an outbound connection will allow for inbound.

The IPTables rules would look something like:

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

It depends on how clever your nat router is - some will know to open related ports, but with consumer grade kit you usually have to open ports for torrents and xbox etc, if not using uPnP.

Please do link to the win8 pdf - I'd like to know what /GS is.

Cheers

0

Share this post


Link to post
Share on other sites

uPnP is not necessary for browsing, nor torrenting. If you want to host a server, then ti is, because servers take in unsolicited information, but any program that creates an outbound connection will allow for inbound.

I never disputed that. But I would recommend you look into how bittorrent works. Two peers on separate NAT routers cannot connect to each other unless at least one of them opens a port on his or her respective router. This is where UPnP comes in handy if the bittorrent client supports it.

0

Share this post


Link to post
Share on other sites

@Thomasz,

CPU scheduling has changed a lot, because while old Windows versions could absolutely handle multiple cores and threads, we didn't have mainstream hardware that did it.

Try a browser benchmark. But I'm not really hear to convince anyone of performance improvements, only that XP is not a secure operating system.

@uid0,

/GS is a stack canary feature that heuristically determines which functions should have one (to avoid the 3% performance hit for function returns).

I'll find you the PDF a bit later, for some reason it's not coming up in a quick search.

@5eraph

I never disputed that. But I would recommend you look into how bittorrent works. Two peers on separate NAT routers cannot connect to each other unless at least one of them opens a port on his or her respective router. This is where UPnP comes in handy if the bittorrent client supports it.

Maybe so. But it doesn't matter at all, since, as I've said, no attacker is going to be going directly at a service - attacks these days work by hijacking some website users visit and putting up an exploit page. Exploit pages are already on your system, they don't care about the firewall/NAT.

0

Share this post


Link to post
Share on other sites

Try a browser benchmark. But I'm not really hear to convince anyone of performance improvements, only that XP is not a secure operating system.

I thought you were after attempting to convince everyone that XP is less secure than Windows 8 and Windows 8.1. :unsure:

jaclaz

0

Share this post


Link to post
Share on other sites

It's not mutually exclusive. XP is both an insecure operating system and less secure than Windows 8.

0

Share this post


Link to post
Share on other sites

XP is both an insecure operating system and less secure than Windows 8.

As the good Judge Patrice Lessner would put it: "...in *your* opinion!"

To affirm that as a fact, at the very least a double-blind test is required, with representative samples for each group of machines.

You've shown no reliable data, in fact, no data whatsoever.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.