- Jul 3, 2015
- 8,153
Firefox and HitmanPro.Alert sounds good to me. Windows firewall might be enough, especially if the computer connects to the internet only from safe networks.
- Jan 8, 2011
- 22,361
Reason for my reply, is there is nothing exciting about Windows XP that it needs to be used anymore, plus you're missing out on lots of fun stuff in other operating systems; Android OS / Windows 10 etc.
If hardware is your limitation, then good luck.
@shmu26 Windows XP Firewall is next to useless, but I haven't used it in a long time, so cannot comment further. (A software firewall is needed if you have no hardware firewall).
If hardware is your limitation, then good luck.
@shmu26 Windows XP Firewall is next to useless, but I haven't used it in a long time, so cannot comment further. (A software firewall is needed if you have no hardware firewall).
- Dec 29, 2014
- 1,711
Maybe the discussion could be turned a little bit by asking, "What is the most secure possible config for XP?" Then maybe a second question can be discussed, which is, "How secure is this?" These seem like alternatives, based on what I have used:
360 TS (sandbox for browser/media player/MS Office applications...my experience it's smoother for regular use than Comodo)
Comodo Firewall (Auto-sandbox on->run restricted)
EMET 4.1
or
Avast w/safe zone browser (hardened)
Sandboxie
Comodo Firewall (Auto-sandbox on->run restricted)
EMET 4.1
Add NVT ERP to monitor script activity.
So how safe is this compared to the same on Windows 7/8/10?
I am guessing out of my eyes, but think it's 99% as safe or better, especially if backups are stored safely on a disconnected drive. Thing is it is going to be less whatever the number, so there will always be an argument that XP is unsafe in comparison. It's not good, though, to assume that an exploit can get past a setup like one of these above. It's not a given100% chance and not even close to such. It's also not even remotely a given that a PC user will even come into contact with a really dangerous malware...the kind that costs them money or valuable pictures and files. I don't know, but again, probably not even close to every user. And then the config is still there. These are powerful configs, and I think that should shape the discussion some.
Great discussion, because the talk about XP being unsecurable I feel should be better focused on it being "not very fun" or "disappointingly boring" without support for full .NET/directx/hardware drivers/programs. Also, I routinely install about 30 programs in XP on a new installation, just to be able to configure things and back up things and so on. This is the reality of the OS, until someone becomes overwhelmed with curiosity to see what it could be. If there is a time for such, who knows?
360 TS (sandbox for browser/media player/MS Office applications...my experience it's smoother for regular use than Comodo)
Comodo Firewall (Auto-sandbox on->run restricted)
EMET 4.1
or
Avast w/safe zone browser (hardened)
Sandboxie
Comodo Firewall (Auto-sandbox on->run restricted)
EMET 4.1
Add NVT ERP to monitor script activity.
So how safe is this compared to the same on Windows 7/8/10?
I am guessing out of my eyes, but think it's 99% as safe or better, especially if backups are stored safely on a disconnected drive. Thing is it is going to be less whatever the number, so there will always be an argument that XP is unsafe in comparison. It's not good, though, to assume that an exploit can get past a setup like one of these above. It's not a given100% chance and not even close to such. It's also not even remotely a given that a PC user will even come into contact with a really dangerous malware...the kind that costs them money or valuable pictures and files. I don't know, but again, probably not even close to every user. And then the config is still there. These are powerful configs, and I think that should shape the discussion some.
Great discussion, because the talk about XP being unsecurable I feel should be better focused on it being "not very fun" or "disappointingly boring" without support for full .NET/directx/hardware drivers/programs. Also, I routinely install about 30 programs in XP on a new installation, just to be able to configure things and back up things and so on. This is the reality of the OS, until someone becomes overwhelmed with curiosity to see what it could be. If there is a time for such, who knows?
If it isn't secure for businesses, it isn't secure for home usage.
About security products you can choose a lot of software which could improve the protection, but if you use an outdated OS, like XP, you are at risk. OS Updates are fundamental to give more security. If they aren't avalaible, then, you are not completely secure.
- Jul 3, 2015
- 8,153
This is what I have on an old laptop:
Windows XP SP3 with the posready updates
Avira Free 15.0.19.164 (last version available for windows xp) and no avira launcher installed.
Super User SuRun 1.2.1.2 (for easy elevate standard user to run as administrator)
Spyshelter Firewall
Sandboxie 5.16
SumatraPDF
Firefox 45.7 ESR with noscript and adblock Plus extensions.
No flashplayer installed.
Never had a problem.
Windows XP SP3 with the posready updates
Avira Free 15.0.19.164 (last version available for windows xp) and no avira launcher installed.
Super User SuRun 1.2.1.2 (for easy elevate standard user to run as administrator)
Spyshelter Firewall
Sandboxie 5.16
SumatraPDF
Firefox 45.7 ESR with noscript and adblock Plus extensions.
No flashplayer installed.
Never had a problem.
- Jul 3, 2015
- 8,153
- Dec 29, 2014
- 1,711
Thanks for the comments on all of this. It's been an excellent discussion imo and one I think I have been hoping for for some time. I think security software can even secure XP now, where before there were many more risks imo.
What would be an example of a malware that renders a computer running Windows XP, configured as mentioned previously, 100% a guarantee to be hacked? The statement aboive makes it seem as though even to install the operating system is to lose all data to some idea thief...even if it's on disconnected drives. Also, this statement assumes that there is a 0% chance this would happen on Windows 10. Seriously?
Honestly, noone has detailed (in specific detail) that I have seen what MS security patches do. I'd like to see such. MS descriptions are vague AT BEST. I have seen the evidence MS tends to leave behind when the storm of its efforts at security are over. That is usually in the form of limited functionality, as in new pop ups at inconvenient times or no more gadgets, delivered in the form of "patches". Fine this serves MS' purpose of selling the next OS, and I am not against money. It makes the world go round as far as I am concerned. Nonetheless, with Comodo Firewall in place of XP firewall, what's the problem? Who can bypass this? With what we would all agree are proper backup plans in place, then what exploit, assuming the less than 1% chance I will stumble onto it, is going to bypass the best possible security config on XP that then Windows 10 would block? Now what are the odds of running into this exploit, and what are the odds that I was doing something I shouldn't at some time. So what is this mythical beast that can supposedly jump through minds? This is where common sense comes in for users of all PCs using all OSes. Are we going to talk about common sense, or do we really mean what we say about it? MS patches combined->+1% security maybe. An OS update from MS->+1% security maybe. This is my sincere observation. With MS' contributions to Windows security, I feel like we are looking at a doe and calling it the devil himself. Even worse, MS' security improvements are more or less mitigated by the quality of security software available now, even on XP.
Seriously, in a business environment, it's not worth the effort to secure Windows XP imo. Not even close to worth it. Still, I can see why some who have gone to great lengths to secure it would be in less than a big hurry to change. Aside, too many writers have bailed on it for it to be of much use anymore. That said, it doesn't seem accurate to me to proclaim that XP is a sentence to losing your money and ideas to a hacker 100% of the time. Not that we aren't driving at the same points to speak of, but I feel it can be better said by saying, "As things are don't go near XP with fun in mind. It's way over the top difficult to secure and way too limited in functionality." That should be good enough. The rest is MS banter that honestly doesn't carry much weight with me. It's true to a small degree, but that's all.
Please, let's get past the idea that XP is a 100% free pass for malware, even if the system is equipped has a rock solid security setup. Security writers deserve more credit than this for actually creating software that does a very good/outstanding job even with XP.
One last thing. Not all malware is the same. On any OS, the chances of an extremely damaging malware getting past a fully layered configuration that can then also bypass the best security practices is very low. We don't even see these today very much. They don't proclaim themselves as they lurk instead silently stealing your life and/or your identity. What are the rest in comparison? Quickly they are becoming a game, a nuisance that the best for XP can handle in over 99% of the cases on a PC where the user is using safe practices. I'd say 99% would be about the same for any OS with its best config.
What would be an example of a malware that renders a computer running Windows XP, configured as mentioned previously, 100% a guarantee to be hacked? The statement aboive makes it seem as though even to install the operating system is to lose all data to some idea thief...even if it's on disconnected drives. Also, this statement assumes that there is a 0% chance this would happen on Windows 10. Seriously?
Honestly, noone has detailed (in specific detail) that I have seen what MS security patches do. I'd like to see such. MS descriptions are vague AT BEST. I have seen the evidence MS tends to leave behind when the storm of its efforts at security are over. That is usually in the form of limited functionality, as in new pop ups at inconvenient times or no more gadgets, delivered in the form of "patches". Fine this serves MS' purpose of selling the next OS, and I am not against money. It makes the world go round as far as I am concerned. Nonetheless, with Comodo Firewall in place of XP firewall, what's the problem? Who can bypass this? With what we would all agree are proper backup plans in place, then what exploit, assuming the less than 1% chance I will stumble onto it, is going to bypass the best possible security config on XP that then Windows 10 would block? Now what are the odds of running into this exploit, and what are the odds that I was doing something I shouldn't at some time. So what is this mythical beast that can supposedly jump through minds? This is where common sense comes in for users of all PCs using all OSes. Are we going to talk about common sense, or do we really mean what we say about it? MS patches combined->+1% security maybe. An OS update from MS->+1% security maybe. This is my sincere observation. With MS' contributions to Windows security, I feel like we are looking at a doe and calling it the devil himself. Even worse, MS' security improvements are more or less mitigated by the quality of security software available now, even on XP.
Seriously, in a business environment, it's not worth the effort to secure Windows XP imo. Not even close to worth it. Still, I can see why some who have gone to great lengths to secure it would be in less than a big hurry to change. Aside, too many writers have bailed on it for it to be of much use anymore. That said, it doesn't seem accurate to me to proclaim that XP is a sentence to losing your money and ideas to a hacker 100% of the time. Not that we aren't driving at the same points to speak of, but I feel it can be better said by saying, "As things are don't go near XP with fun in mind. It's way over the top difficult to secure and way too limited in functionality." That should be good enough. The rest is MS banter that honestly doesn't carry much weight with me. It's true to a small degree, but that's all.
Please, let's get past the idea that XP is a 100% free pass for malware, even if the system is equipped has a rock solid security setup. Security writers deserve more credit than this for actually creating software that does a very good/outstanding job even with XP.
One last thing. Not all malware is the same. On any OS, the chances of an extremely damaging malware getting past a fully layered configuration that can then also bypass the best security practices is very low. We don't even see these today very much. They don't proclaim themselves as they lurk instead silently stealing your life and/or your identity. What are the rest in comparison? Quickly they are becoming a game, a nuisance that the best for XP can handle in over 99% of the cases on a PC where the user is using safe practices. I'd say 99% would be about the same for any OS with its best config.
- Jul 3, 2015
- 8,153
this metaphor is perhaps overstating the point, but protecting XP with security softs in today's digital environment is like protecting a horse-and-buggy on the freeway by cladding it in armor. It might work, more or less, but that's not the preferred way to keep safe on the road.
- Dec 29, 2014
- 1,711
100% true. This poor OS is basically completely in tatters. I do like that there is alot to learn from imagining securing it however.
The vast majority of disconcert with XP->well over 90%->should be attributed to how utterly impossible it is to find good software for, security aside. Whatever is left are security concerns, but wow, the last two years of security developments have really shown me the light. We really can layer now and even on XP for what it's worth...
- Feb 21, 2015
- 456
Who cares if it isn't secure there is nothing to steel from your system and if your security software fails and you get infected there is a system backup to restore from.
Pretty sure your ISP will care if your system gets infected with a botnet and start delivering malicious spam email, contributing in DDoS attacks, etc.
- Jul 3, 2015
- 8,153
to answer my own question: Windows XP firewall is a one-way firewall. That means it blocks ports from unauthorized incoming connections, which is the lowest level of protection that you can expect from a firewall, but it does not monitor outgoing connections. Thus it is inherently inferior to all modern firewalls.
In a default/deny setup, monitoring outgoing connections is not so critical, because unwanted processes are nipped in the bud, long before they start connecting out.
But if a user wants decent 2-way firewall protection on Windows XP, then COMODO firewall is an option to consider. In proactive mode, it will provide a strong default/deny setup + a robust firewall.
And here's the disclaimer: the user cannot expect to attain an up-to-par level of security on Windows XP, no matter what.
- Feb 21, 2015
- 456
So you just restore from system backup no problem back to clean system.
What about your system being used in illegal activities, or even infecting other users worlwide because of your negligence? We're not only talking about consequences for you or your system, but others and the danger you and your choice represents as well.
- Feb 21, 2015
- 456
If you install good 3'rd party firewall, good AV, Anti-Exe, Anti-Exploit or all in one Internet Security and make system backup there is a very slim chance that will happen.
You know that a lot of companies are now dropping support for Windows XP, right? This "solution" won't last for long, and it doesn't change the fact that your system will still not be as hardened as you think it is. Hell, I can Google Windows XP exploits, Metasploit scripts, etc. to remotely hack a system. It gives you an idea of how dangerous it is to still run XP in 2017.
Why would you even want to run Windows XP in 2017 anyway? You had YEARS to upgrade, there's literally no excuses for still being on Windows XP today.
Why would you even want to run Windows XP in 2017 anyway? You had YEARS to upgrade, there's literally no excuses for still being on Windows XP today.
- Feb 21, 2015
- 456
1. There are a lot of software that still can run on XP and some that don't run properly on Win10.
2. Who would spend time on hacking a home user that has nothing important on his system.
3. There are many reasons why people still use XP, it can run on very old hardware, it is user friendly easy to use and it's not bloated. I use XP on my old pc as multimedia player connected to my TV.
2. Who would spend time on hacking a home user that has nothing important on his system.
3. There are many reasons why people still use XP, it can run on very old hardware, it is user friendly easy to use and it's not bloated. I use XP on my old pc as multimedia player connected to my TV.
Similar threads
