Securing Windows 98(SE) in the Modern Age

  • Thread starter Thread starter Dan
  • Start date Start date
Re: Securing Windows 98(SE) in the Modern Age

98 Guy wrote:


> There is a very important distinction between a vunerability that only
> requires internet connectivity (and no user involvement) vs running a
> vulnerable application on an otherwise secure system.


I knew you were going to say exactly that, I said so in my post. Your
claim is that If you connect Windows 98 to the internet and do
absolutely nothing, you don't surf, don't send email, or don't connect
to another network and share information that Windows 98 is safe. To
which I say, well duh...! If you connect and do nothing then why the
heck bother connecting? Why do you even need the internet if you won't
use it? That is like starting your car engine but never taking it out
of park and never ever even moving it then claiming that you have never
had a traffic ticket or an accident!


> All you've shown is a series of IE vulnerabilities. Your examples
> break down if I use a non-MS browser and e-mail client.
>
> But that's irrelavent.


Oh is it? Then tell us which Windows 98 version shipped with a non-MS
browser and e-mail client? On a fresh install of Windows 98, and
without another "safe" computer to rely on how will you download those
non-MS applications? And what about the masses out there who know
nothing about these things, the ones who think that Internet Explorer is
the only browser available, how safe are their Windows 98 installations
fresh "out of the box"?


> Many Win-2k and XP systems were victimized by the welchia, sasser, SQL
> Slammer and Opanki network worms, for example.
>
> Doesn't matter if you practice "safe hex". Doesn't matter if you ran
> Mozilla or netscape or firefox or opera and you didn't touch IE with a
> 10 foot pole. If you ran 2K or XP you were screwed. Those systems
> went on to take their place in botnet land. You most likely received
> spam from them.
>
> Power users who quickly migrated to 2K and early adopters of XP were
> screwed over by all manner of worms while win-98 users stood by and
> watched those clowns fight off their infections.


Well, shows how much you know about NT systems. It is true that these
systems had (unacceptable) security holes the size of Texas in them, but
then almost all who used them knew that from day one. I have been using
NT systems since 1996 or 1997 and guess what? We knew what firewalls
were long before you did and none of the worms and pests that you
mentioned have ever affected any of my machines, none not a single one
of my machines were ever infected! And if we are to use the example
that you mentioned earlier, "Windows 98 is safe when connected as long
as you don't actually 'use' the internet", well that is no more
different than having an NT box that isn't connected at all to the net,
as I said, what is the sense of connecting to the internet if you don't
use it?

Another thing that you conveniently omit or that you simply don't
realize is that because of it's commercial or corporate nature, (as
opposed to W9x's home & consumer nature), NT systems have networking
components that are not available on W9x, so it is easy to say that W9x
doesn't suffer the same vulnerabilities. Install Windows 98 fresh, then
enable File and Printer Sharing and go on the internet, or connect to a
remote network then tell us how safe Windows 98 really is. Use an
unpatched IE, leave TCP port 139 open and tell us once again that
Windows 98 is perfectly safe "out of the box"!

The only claim that we see in your posts is that Windows 98 is
completely safe because as shipped Windows NT/2000/XP was more
vulnerable than the aforementioned, of course that is completely
irrelevant, what may or may not ail NT systems does not make an
unpatched Windows 98 a secure operating system.

John
 
Re: Securing Windows 98(SE) in the Modern Age

"98-Guy" <98@Guyy.com> wrote in message news:4728879F.BB268D4C@Guyy.com...
> "Brian A." wrote:
>
>> I stated that a "Properly Configured" XP Pro machine is by far
>> more secure than 98. That's not saying it's less vulnerable to
>> attack or that it can't be compromised,

>
> Great logic.
>
> That's like saying 4 is larger than 2, but 2 isin't necessarily
> smaller than 4.


Nowhere near what's implied.

>
>> it states that it can be locked down tighter when properly
>> configured.

>
> Win-98 has far fewer vulnerabilities than XP, and none of win-98's
> vulnerabilities were was crippling or debilitating from a
> remote-access, remote-control POV than were XP's. None of Win-98's
> vulnerabilities came close to allowing remote takeover and code
> execution simply by having a working, unprotected internet connection.


You'll have to better define statements such as the above since they leave a broad
opening for interpretation.

>
> And please explain how XP can be "locked down tighter" than win-98.
> What aspect can be made "tighter" when compared to win-98?
>
>> As long as it has the name of Microsoft attached to it, it
>> will be targeted.

>
> So a Meekro$oft apologist takes pride in how MS has used their illegal
> monopoly position to become the dominant OS, thereby he can throw up
> his hands and say the evil hackers go after MS software for political
> or ideological reasons.


Apologists? If that's how you read into the statement made on MS being targeted,
no one need wonder why, it's evident.


--

Brian A. Sesko { MS MVP_Shell/User }
Conflicts start where information lacks.
http://basconotw.mvps.org/

Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
How to ask a question: http://support.microsoft.com/kb/555375
 
Re: Securing Windows 98(SE) in the Modern Age

"MEB" <meb@not here@hotmail.com> wrote in message
news:eVWKT3AHIHA.4592@TK2MSFTNGP02.phx.gbl...
>
>
> "Brian A." <gonefish'n@afarawaylake> wrote in message
> news:O9IlJf5GIHA.3600@TK2MSFTNGP06.phx.gbl...
> | "MEB" <meb@not here@hotmail.com> wrote in message
> | news:%238DnevoGIHA.4712@TK2MSFTNGP04.phx.gbl...
> | >
> | >
> | > "Brian A." <gonefish'n@afarawaylake> wrote in message
> | > news:%23rT65QmGIHA.4808@TK2MSFTNGP05.phx.gbl...
> | > | "Dan" <Dan@discussions.microsoft.com> wrote in message
> | > | news:6ADCFC6A-B689-4DF8-ADC8-3527FB29FE0A@microsoft.com...
> | > | >I will focus on your last question and I think Chris Quirke, MVP
> would
> | > agree
> | > | > with me that Windows 98 Second Edition is safer than XP
> Professional.
> | > Here
> | > | > are my web-links to prove my case:
> | > | >
> | > | > http://secunia.com/product/22/
> | > | >
> | > | > Vendor Microsoft
> | > | >
> | > | >
> | > | > Product Link N/A
> | > | >
> | > | >
> | > | > Affected By 192 Secunia advisories
> | > | >
> | > | >
> | > | > Unpatched 16% (30 of 192 Secunia advisories)
> | > | >
> | > | >
> | > | > Most Critical Unpatched
> | > | > The most severe unpatched Secunia advisory affecting Microsoft
> Windows
> | > XP
> | > | > Professional, with all vendor patches applied, is rated Highly
> critical
> | > | >
> | > | > http://secunia.com/product/13/
> | > | >
> | > | > Vendor Microsoft
> | > | >
> | > | >
> | > | > Product Link N/A
> | > | >
> | > | >
> | > | > Affected By 32 Secunia advisories
> | > | >
> | > | >
> | > | > Unpatched 9% (3 of 32 Secunia advisories)
> | > | >
> | > | >
> | > | > Most Critical Unpatched
> | > | > The most severe unpatched Secunia advisory affecting Microsoft
> Windows
> | > 98
> | > | > Second Edition, with all vendor patches applied, is rated Less
> critical
> | > | >
> | > | >
> | > | > That is my case.
> | > |
> | > | I responded without question. The only way 98 is safer than XP Pro
> is
> | > because it's
> | > | not targeted, that's all and no more. When XP Pro is configured
> properly
> | > it is by
> | > | far more secure than 98. Soon enough XP will be forgotten altogether
> as
> | > the full
> | > | attack goes Vista, and so on.
> | > |
> | > | --
> | > |
> | > | Brian A. Sesko { MS MVP_Shell/User }
> | > |
> | >
> | > I disagree. As XP is based upon the same base code as VISTA it will
> always
> | > be attacked, and vigorously.
> |
> | As long as it has the name of Microsoft attached to it, it will be
> targeted.
>
> Not necessarily true. Should Microsoft lose its market mastery, then
> whatever takes its place would become the target.


It would only be not necessarily true if the MS name was retained, A Rose Is A
Rose......

>
> |
> | > The coding differentials are so minuscule, that even if specific to
> VISTA,
> | > the attack will work upon XP with equal if not more effectiveness, and
> even
> | > less difficulty as there will be less to work-around. What hacks VISTA
> | > *WILL* hack XP.
> |
> | In many of those aspects, true, but not in every one. As code changes
> so do the
> | targeted systems, that's not saying Vista will pull away from XP, yet it
> can and will
> | change in ways.
>
> Well, of course I would by necessity agree in part. There will be VISTA
> *only* hacks created sometime in the future, but for the present time, as
> the coding is shared [XP now in the position that 9X was during the XP><9X
> support days, e.g., receiving patches more designed for VISTA than XP] these
> shared aspects will continue to supply the necessary entry points.
> Regretfully, it appears Microsoft shows even less interest in patching all
> the holes in XP than it did with 9X or even NT.
>
> |
> | > 9X on the other hand, will receive less and less attention. One need
> look
> | > no further than this group. There aren't many people who can even write
> a
> | > simple batch file for 9X/DOS anymore.
> | > Not saying there will be no attacks, as there is still sufficient viri,


Although a late response, more of an understanding, I'm sure you meant "can't".
The people are out there yet they move on with the code.

> |
> | Watch yourself and gear up for battle using the word viri, there are
> those out here
> | that will chastise you for it, been there already.
>
> Yeah, I remember those... strange that semantics such as that tend to bring
> lengthy discussions, as if those are world shaking/changing.
>
> |
> | > hacks, and Spyware available [and targeted at installable 9X files]. But
> it
> | > brings no recognition, and the OS is not being used now [very much
> anyway]
> | > within supposedly secured areas and businesses as XP and VISTA are...
> |
> | That doesn't make 98 any more secure, only less vulnerable.
>
> Hmm, that seems to create a contrast. If less vulnerable [be it because of
> lack of interest or otherwise], then by mere extension, it becomes more
> secure. Less interest attended towards attacking, less chances of being
> attacked = by omission > more secure.


It's not more secure simply because it isn't a major player anymore, although
unlikely the game can turn 180 at any time.

>
> |
> | >
> | > You can ignore these rather obvious aspects and continue to spout how
> | > supposedly secure the newer operating systems are, but that smacks in
> the
> | > face of the purpose of the attacks... glamour, fame, recognition, ID
> theft,
> | > and all the other things now found with those NEW OSs... and the systems
> | > which use them..
> |
> | I don't continue to spout about anything, I'm certainly not on any
> crusade to push
> | a product (not stating you implied that). I stated that a "Properly
> Configured" XP
> | Pro machine is by far more secure than 98. That's not saying it's less
> vulnerable to
> | attack or that it can't be compromised, it states that it can be locked
> down tighter
> | when properly configured. The "glamour, fame, recognition, ID theft,"
> etc. is a Cat
> | and Mouse game that will never end and it most certainly isn't only
> utilized with
> | PC's.
>
> Spout was used to instill a conversation... I realize you're not really a
> Microsoft clone ...
>
> True,,, in part. XP and VISTA can be locked down *tighter*, however, they
> [the newer OSs] also contain far more aspects [vulnerabilities if you will]
> that can be hacked. From ingrained AutoUpdating, to pre-configured
> Firewalls, to the basic networking aspects broadcast to the world, to UPnP,
> to .... The fact that these are OSs designed FOR networking brings with them
> unprecedented potential vulnerabilities.
> Hackers no longer need to LOOK for the code [determine which third party
> program was used], it came with their own systems. They no longer need to
> OBSERVE the packet signatures, just for the OS indicators [and they know
> them well]. Each time Microsoft patches anything, they get those same
> updates, and adjust accordingly ...
>
> We could even go the route of *root kits*, though there we would need to
> again address the old style [for example] 9X/DOS *cult of the mad cow* hacks
> now generally considered as virus, whereas, these newer systems, by their
> very design, are inherently more vulnerable and thereby, difficulties
> expanded in preventing such attacks. PGP, in its day, was 4096 and above
> cipher... yet this same style of *trust* and *keys* is employed as the MAJOR
> security aspect in XP and VISTA but at a significantly lesser strength, and
> following standards of the government, designed by the government, and
> suggested by the government. That is something that everyone should at least
> question ...
> I mean [for example], Verisign? Who determined that was a trusted source?
> Its a business, and EBERY business is out for profit,,, and ALWAYS
> potentially for sale ...
>
> The point is, these OSs are designed around pre-determined trust ...
>
> |
> | >
> | > To say the XP is more secure is like putting your head in a paper bag
> and
> | > claiming no one can see you...
> |
> | That's ridiculous, your arms and legs still show, you need a full body
> bag.
>
> Yes, that is a little ridiculous isn't it... of course you could wear one
> of those whole body Halloween condom costumes <G>...


Can't, the neighbor already has it.



--

Brian A. Sesko { MS MVP_Shell/User }
Conflicts start where information lacks.
http://basconotw.mvps.org/

Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
How to ask a question: http://support.microsoft.com/kb/555375
 
Re: Securing Windows 98(SE) in the Modern Age

"Brian A." wrote:

> > That's like saying 4 is larger than 2, but 2 isin't necessarily
> > smaller than 4.

>
> Nowhere near what's implied.


Just saying so doesn't make it so.

You're pretty thin on explanations around here.

> > Win-98 has far fewer vulnerabilities than XP


Do you challenge that? Do you deny that?

Have you seen the Secunia reports for 98 and XP? Or are they fiction?

> You'll have to better define statements such as the above since
> they leave a broad opening for interpretation.


Why?

You don't put forward any details or explanations. I have. Why do I
need to post more?

> > What aspect can be made "tighter" when compared to win-98?


Why did you let that question skate by without answering it?
 
Re: Securing Windows 98(SE) in the Modern Age



"Brian A." <gonefish'n@afarawaylake> wrote in message
news:eG0HDqFHIHA.3768@TK2MSFTNGP06.phx.gbl...
| "MEB" <meb@not here@hotmail.com> wrote in message
| news:eVWKT3AHIHA.4592@TK2MSFTNGP02.phx.gbl...
| >
| >
| > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > news:O9IlJf5GIHA.3600@TK2MSFTNGP06.phx.gbl...
| > | "MEB" <meb@not here@hotmail.com> wrote in message
| > | news:%238DnevoGIHA.4712@TK2MSFTNGP04.phx.gbl...
| > | >
| > | >
| > | > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > | > news:%23rT65QmGIHA.4808@TK2MSFTNGP05.phx.gbl...
| > | > | "Dan" <Dan@discussions.microsoft.com> wrote in message
| > | > | news:6ADCFC6A-B689-4DF8-ADC8-3527FB29FE0A@microsoft.com...
| > | > | >I will focus on your last question and I think Chris Quirke, MVP
| > would
| > | > agree
| > | > | > with me that Windows 98 Second Edition is safer than XP
| > Professional.
| > | > Here
| > | > | > are my web-links to prove my case:
| > | > | >
| > | > | > http://secunia.com/product/22/
| > | > | >
| > | > | > Vendor Microsoft
| > | > | >
| > | > | >
| > | > | > Product Link N/A
| > | > | >
| > | > | >
| > | > | > Affected By 192 Secunia advisories
| > | > | >
| > | > | >
| > | > | > Unpatched 16% (30 of 192 Secunia advisories)
| > | > | >
| > | > | >
| > | > | > Most Critical Unpatched
| > | > | > The most severe unpatched Secunia advisory affecting Microsoft
| > Windows
| > | > XP
| > | > | > Professional, with all vendor patches applied, is rated Highly
| > critical
| > | > | >
| > | > | > http://secunia.com/product/13/
| > | > | >
| > | > | > Vendor Microsoft
| > | > | >
| > | > | >
| > | > | > Product Link N/A
| > | > | >
| > | > | >
| > | > | > Affected By 32 Secunia advisories
| > | > | >
| > | > | >
| > | > | > Unpatched 9% (3 of 32 Secunia advisories)
| > | > | >
| > | > | >
| > | > | > Most Critical Unpatched
| > | > | > The most severe unpatched Secunia advisory affecting Microsoft
| > Windows
| > | > 98
| > | > | > Second Edition, with all vendor patches applied, is rated Less
| > critical
| > | > | >
| > | > | >
| > | > | > That is my case.
| > | > |
| > | > | I responded without question. The only way 98 is safer than XP
Pro
| > is
| > | > because it's
| > | > | not targeted, that's all and no more. When XP Pro is configured
| > properly
| > | > it is by
| > | > | far more secure than 98. Soon enough XP will be forgotten
altogether
| > as
| > | > the full
| > | > | attack goes Vista, and so on.
| > | > |
| > | > | --
| > | > |
| > | > | Brian A. Sesko { MS MVP_Shell/User }
| > | > |
| > | >
| > | > I disagree. As XP is based upon the same base code as VISTA it will
| > always
| > | > be attacked, and vigorously.
| > |
| > | As long as it has the name of Microsoft attached to it, it will be
| > targeted.
| >
| > Not necessarily true. Should Microsoft lose its market mastery, then
| > whatever takes its place would become the target.
|
| It would only be not necessarily true if the MS name was retained, A
Rose Is A
| Rose......

Hmm, that's a difficult one to respond to... let's think along these lines:
suppose with the new Intel processor [the super chip supposedly due in five
or so years] that SUN produces the OS that really makes the chip *spark* and
Microsoft is [some might say "as usual"] incapable of producing a quality
product to support the chip to its full advantage [regardless of Intel's
attempts to help]{we need look no further that the VISTA problems and
Microsoft's inability to adequately address the issues, to date}. Microsoft
loses its market dominance as the business/commercial world converts to
SUN's product. Or let's say that [since Unix is quite capable of being
scaled to the processor] a Linux variant is deemed the most viable OS.

Is it your contention that because of some *love affair* by the consumer
and investor for Microsoft, it will remain the market leader?

Or is it your contention that Microsoft can never lose its market
dominance?

|
| >
| > |
| > | > The coding differentials are so minuscule, that even if specific to
| > VISTA,
| > | > the attack will work upon XP with equal if not more effectiveness,
and
| > even
| > | > less difficulty as there will be less to work-around. What hacks
VISTA
| > | > *WILL* hack XP.
| > |
| > | In many of those aspects, true, but not in every one. As code
changes
| > so do the
| > | targeted systems, that's not saying Vista will pull away from XP, yet
it
| > can and will
| > | change in ways.
| >
| > Well, of course I would by necessity agree in part. There will be VISTA
| > *only* hacks created sometime in the future, but for the present time,
as
| > the coding is shared [XP now in the position that 9X was during the
XP><9X
| > support days, e.g., receiving patches more designed for VISTA than XP]
these
| > shared aspects will continue to supply the necessary entry points.
| > Regretfully, it appears Microsoft shows even less interest in patching
all
| > the holes in XP than it did with 9X or even NT.
| >
| > |
| > | > 9X on the other hand, will receive less and less attention. One need
| > look
| > | > no further than this group. There aren't many people who can even
write
| > a
| > | > simple batch file for 9X/DOS anymore.
| > | > Not saying there will be no attacks, as there is still sufficient
viri,
|
| Although a late response, more of an understanding, I'm sure you meant
"can't".
| The people are out there yet they move on with the code.

Okay, I'll qualify; I find myself needing to pull out the old DOS books if
the batch gets too involved, and VB, I wouldn't even attempt it anymore.
Moreover, the tools I now use to pick-apart files include the nifty Internet
Search functions, which I find I now use more often [okay I admit it, I'm
getting old].
So how many would you think aren't in that same position?
How many young programmers [that you would trust to produce good code] do
you personally know?

|
| > |
| > | Watch yourself and gear up for battle using the word viri, there are
| > those out here
| > | that will chastise you for it, been there already.
| >
| > Yeah, I remember those... strange that semantics such as that tend to
bring
| > lengthy discussions, as if those are world shaking/changing.
| >
| > |
| > | > hacks, and Spyware available [and targeted at installable 9X files].
But
| > it
| > | > brings no recognition, and the OS is not being used now [very much
| > anyway]
| > | > within supposedly secured areas and businesses as XP and VISTA
are...
| > |
| > | That doesn't make 98 any more secure, only less vulnerable.
| >
| > Hmm, that seems to create a contrast. If less vulnerable [be it because
of
| > lack of interest or otherwise], then by mere extension, it becomes more
| > secure. Less interest attended towards attacking, less chances of being
| > attacked = by omission > more secure.
|
| It's not more secure simply because it isn't a major player anymore,
although
| unlikely the game can turn 180 at any time.

Well, I certainly didn't mean to imply that the hacks for 9X/DOS aren't
still out there. I still get files for testing off the net with some of the
old Virus, Spyware, and Trojans ... even the occasional new variant .
Of course, I still see some of the old generic probing in my firewall and
ah,*filter* logs, searching for the unprotected system, so the base hacker
is still out there ... though cursory back probing/tracing seems to turn up
more indications these are likely some kid [or some adult with arrested
mentality perhaps] on an XBox or PlayStation, or poorly protected XP box
[some nitwit wannabe hacker], though I also find the occasional VISTA box.

|
| >
| > |
| > | >
| > | > You can ignore these rather obvious aspects and continue to spout
how
| > | > supposedly secure the newer operating systems are, but that smacks
in
| > the
| > | > face of the purpose of the attacks... glamour, fame, recognition, ID
| > theft,
| > | > and all the other things now found with those NEW OSs... and the
systems
| > | > which use them..
| > |
| > | I don't continue to spout about anything, I'm certainly not on any
| > crusade to push
| > | a product (not stating you implied that). I stated that a "Properly
| > Configured" XP
| > | Pro machine is by far more secure than 98. That's not saying it's
less
| > vulnerable to
| > | attack or that it can't be compromised, it states that it can be
locked
| > down tighter
| > | when properly configured. The "glamour, fame, recognition, ID theft,"
| > etc. is a Cat
| > | and Mouse game that will never end and it most certainly isn't only
| > utilized with
| > | PC's.
| >
| > Spout was used to instill a conversation... I realize you're not really
a
| > Microsoft clone ...
| >
| > True,,, in part. XP and VISTA can be locked down *tighter*, however,
they
| > [the newer OSs] also contain far more aspects [vulnerabilities if you
will]
| > that can be hacked. From ingrained AutoUpdating, to pre-configured
| > Firewalls, to the basic networking aspects broadcast to the world, to
UPnP,
| > to .... The fact that these are OSs designed FOR networking brings with
them
| > unprecedented potential vulnerabilities.
| > Hackers no longer need to LOOK for the code [determine which third party
| > program was used], it came with their own systems. They no longer need
to
| > OBSERVE the packet signatures, just for the OS indicators [and they know
| > them well]. Each time Microsoft patches anything, they get those same
| > updates, and adjust accordingly ...
| >
| > We could even go the route of *root kits*, though there we would need to
| > again address the old style [for example] 9X/DOS *cult of the mad cow*
hacks
| > now generally considered as virus, whereas, these newer systems, by
their
| > very design, are inherently more vulnerable and thereby, difficulties
| > expanded in preventing such attacks. PGP, in its day, was 4096 and above
| > cipher... yet this same style of *trust* and *keys* is employed as the
MAJOR
| > security aspect in XP and VISTA but at a significantly lesser strength,
and
| > following standards of the government, designed by the government, and
| > suggested by the government. That is something that everyone should at
least
| > question ...
| > I mean [for example], Verisign? Who determined that was a trusted
source?
| > Its a business, and EBERY business is out for profit,,, and ALWAYS
| > potentially for sale ...

haahaa, ebery, now how did that get by, oh well {should have run the spell
checker}.. obviously that should have been every..

| >
| > The point is, these OSs are designed around pre-determined trust ...
| >
| > |
| > | >
| > | > To say the XP is more secure is like putting your head in a paper
bag
| > and
| > | > claiming no one can see you...
| > |
| > | That's ridiculous, your arms and legs still show, you need a full
body
| > bag.
| >
| > Yes, that is a little ridiculous isn't it... of course you could wear
one
| > of those whole body Halloween condom costumes <G>...
|
| Can't, the neighbor already has it.

Oh well, late for the party, late for lunch ...

|
|
|
| --
|
| Brian A. Sesko { MS MVP_Shell/User }
| Conflicts start where information lacks.
|
|

--
MEB
http://peoplescounsel.orgfree.com
________
 
Re: Securing Windows 98(SE) in the Modern Age

"MEB" <meb@not here@hotmail.com> wrote in message
news:u7UhLCMHIHA.1316@TK2MSFTNGP02.phx.gbl...
>
>
> "Brian A." <gonefish'n@afarawaylake> wrote in message
> news:eG0HDqFHIHA.3768@TK2MSFTNGP06.phx.gbl...
> | "MEB" <meb@not here@hotmail.com> wrote in message
> | news:eVWKT3AHIHA.4592@TK2MSFTNGP02.phx.gbl...
> | >
> | >
> | > "Brian A." <gonefish'n@afarawaylake> wrote in message
> | > news:O9IlJf5GIHA.3600@TK2MSFTNGP06.phx.gbl...
> | > | "MEB" <meb@not here@hotmail.com> wrote in message
> | > | news:%238DnevoGIHA.4712@TK2MSFTNGP04.phx.gbl...
> | > | >
> | > | >
> | > | > "Brian A." <gonefish'n@afarawaylake> wrote in message
> | > | > news:%23rT65QmGIHA.4808@TK2MSFTNGP05.phx.gbl...
> | > | > | "Dan" <Dan@discussions.microsoft.com> wrote in message
> | > | > | news:6ADCFC6A-B689-4DF8-ADC8-3527FB29FE0A@microsoft.com...
> | > | > | >I will focus on your last question and I think Chris Quirke, MVP
> | > would
> | > | > agree
> | > | > | > with me that Windows 98 Second Edition is safer than XP
> | > Professional.
> | > | > Here
> | > | > | > are my web-links to prove my case:
> | > | > | >
> | > | > | > http://secunia.com/product/22/
> | > | > | >
> | > | > | > Vendor Microsoft
> | > | > | >
> | > | > | >
> | > | > | > Product Link N/A
> | > | > | >
> | > | > | >
> | > | > | > Affected By 192 Secunia advisories
> | > | > | >
> | > | > | >
> | > | > | > Unpatched 16% (30 of 192 Secunia advisories)
> | > | > | >
> | > | > | >
> | > | > | > Most Critical Unpatched
> | > | > | > The most severe unpatched Secunia advisory affecting Microsoft
> | > Windows
> | > | > XP
> | > | > | > Professional, with all vendor patches applied, is rated Highly
> | > critical
> | > | > | >
> | > | > | > http://secunia.com/product/13/
> | > | > | >
> | > | > | > Vendor Microsoft
> | > | > | >
> | > | > | >
> | > | > | > Product Link N/A
> | > | > | >
> | > | > | >
> | > | > | > Affected By 32 Secunia advisories
> | > | > | >
> | > | > | >
> | > | > | > Unpatched 9% (3 of 32 Secunia advisories)
> | > | > | >
> | > | > | >
> | > | > | > Most Critical Unpatched
> | > | > | > The most severe unpatched Secunia advisory affecting Microsoft
> | > Windows
> | > | > 98
> | > | > | > Second Edition, with all vendor patches applied, is rated Less
> | > critical
> | > | > | >
> | > | > | >
> | > | > | > That is my case.
> | > | > |
> | > | > | I responded without question. The only way 98 is safer than XP
> Pro
> | > is
> | > | > because it's
> | > | > | not targeted, that's all and no more. When XP Pro is configured
> | > properly
> | > | > it is by
> | > | > | far more secure than 98. Soon enough XP will be forgotten
> altogether
> | > as
> | > | > the full
> | > | > | attack goes Vista, and so on.
> | > | > |
> | > | > | --
> | > | > |
> | > | > | Brian A. Sesko { MS MVP_Shell/User }
> | > | > |
> | > | >
> | > | > I disagree. As XP is based upon the same base code as VISTA it will
> | > always
> | > | > be attacked, and vigorously.
> | > |
> | > | As long as it has the name of Microsoft attached to it, it will be
> | > targeted.
> | >
> | > Not necessarily true. Should Microsoft lose its market mastery, then
> | > whatever takes its place would become the target.
> |
> | It would only be not necessarily true if the MS name was retained, A
> Rose Is A
> | Rose......
>
> Hmm, that's a difficult one to respond to... let's think along these lines:
> suppose with the new Intel processor [the super chip supposedly due in five
> or so years] that SUN produces the OS that really makes the chip *spark* and
> Microsoft is [some might say "as usual"] incapable of producing a quality
> product to support the chip to its full advantage [regardless of Intel's
> attempts to help]{we need look no further that the VISTA problems and
> Microsoft's inability to adequately address the issues, to date}. Microsoft
> loses its market dominance as the business/commercial world converts to
> SUN's product. Or let's say that [since Unix is quite capable of being
> scaled to the processor] a Linux variant is deemed the most viable OS.
>
> Is it your contention that because of some *love affair* by the consumer
> and investor for Microsoft, it will remain the market leader?
>
> Or is it your contention that Microsoft can never lose its market
> dominance?


Neither of the above, I read into the statement a bit different. If MS lost it's
dominance in the market with no foreseeable future comeback, MS would no longer exist
unless some type of conditional merge/buyout was executed which retained the name in
some way or another. If the name is still attached the name is still attacked.

<snipped>


--

Brian A. Sesko { MS MVP_Shell/User }
Conflicts start where information lacks.
http://basconotw.mvps.org/

Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
How to ask a question: http://support.microsoft.com/kb/555375
 
Re: Securing Windows 98(SE) in the Modern Age



"Brian A." <gonefish'n@afarawaylake> wrote in message
news:Olkk2SMHIHA.4808@TK2MSFTNGP05.phx.gbl...
| "MEB" <meb@not here@hotmail.com> wrote in message
| news:u7UhLCMHIHA.1316@TK2MSFTNGP02.phx.gbl...
| >
| >
| > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > news:eG0HDqFHIHA.3768@TK2MSFTNGP06.phx.gbl...
| > | "MEB" <meb@not here@hotmail.com> wrote in message
| > | news:eVWKT3AHIHA.4592@TK2MSFTNGP02.phx.gbl...
| > | >
| > | >
| > | > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > | > news:O9IlJf5GIHA.3600@TK2MSFTNGP06.phx.gbl...
| > | > | "MEB" <meb@not here@hotmail.com> wrote in message
| > | > | news:%238DnevoGIHA.4712@TK2MSFTNGP04.phx.gbl...
| > | > | >
| > | > | >
| > | > | > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > | > | > news:%23rT65QmGIHA.4808@TK2MSFTNGP05.phx.gbl...
| > | > | > | "Dan" <Dan@discussions.microsoft.com> wrote in message
| > | > | > | news:6ADCFC6A-B689-4DF8-ADC8-3527FB29FE0A@microsoft.com...
| > | > | > | >I will focus on your last question and I think Chris Quirke,
MVP
| > | > would
| > | > | > agree
| > | > | > | > with me that Windows 98 Second Edition is safer than XP
| > | > Professional.
| > | > | > Here
| > | > | > | > are my web-links to prove my case:
| > | > | > | >
| > | > | > | > http://secunia.com/product/22/
| > | > | > | >
| > | > | > | > Vendor Microsoft
| > | > | > | >
| > | > | > | >
| > | > | > | > Product Link N/A
| > | > | > | >
| > | > | > | >
| > | > | > | > Affected By 192 Secunia advisories
| > | > | > | >
| > | > | > | >
| > | > | > | > Unpatched 16% (30 of 192 Secunia advisories)
| > | > | > | >
| > | > | > | >
| > | > | > | > Most Critical Unpatched
| > | > | > | > The most severe unpatched Secunia advisory affecting
Microsoft
| > | > Windows
| > | > | > XP
| > | > | > | > Professional, with all vendor patches applied, is rated
Highly
| > | > critical
| > | > | > | >
| > | > | > | > http://secunia.com/product/13/
| > | > | > | >
| > | > | > | > Vendor Microsoft
| > | > | > | >
| > | > | > | >
| > | > | > | > Product Link N/A
| > | > | > | >
| > | > | > | >
| > | > | > | > Affected By 32 Secunia advisories
| > | > | > | >
| > | > | > | >
| > | > | > | > Unpatched 9% (3 of 32 Secunia advisories)
| > | > | > | >
| > | > | > | >
| > | > | > | > Most Critical Unpatched
| > | > | > | > The most severe unpatched Secunia advisory affecting
Microsoft
| > | > Windows
| > | > | > 98
| > | > | > | > Second Edition, with all vendor patches applied, is rated
Less
| > | > critical
| > | > | > | >
| > | > | > | >
| > | > | > | > That is my case.
| > | > | > |
| > | > | > | I responded without question. The only way 98 is safer than
XP
| > Pro
| > | > is
| > | > | > because it's
| > | > | > | not targeted, that's all and no more. When XP Pro is
configured
| > | > properly
| > | > | > it is by
| > | > | > | far more secure than 98. Soon enough XP will be forgotten
| > altogether
| > | > as
| > | > | > the full
| > | > | > | attack goes Vista, and so on.
| > | > | > |
| > | > | > | --
| > | > | > |
| > | > | > | Brian A. Sesko { MS MVP_Shell/User }
| > | > | > |
| > | > | >
| > | > | > I disagree. As XP is based upon the same base code as VISTA it
will
| > | > always
| > | > | > be attacked, and vigorously.
| > | > |
| > | > | As long as it has the name of Microsoft attached to it, it will
be
| > | > targeted.
| > | >
| > | > Not necessarily true. Should Microsoft lose its market mastery, then
| > | > whatever takes its place would become the target.
| > |
| > | It would only be not necessarily true if the MS name was retained, A
| > Rose Is A
| > | Rose......
| >
| > Hmm, that's a difficult one to respond to... let's think along these
lines:
| > suppose with the new Intel processor [the super chip supposedly due in
five
| > or so years] that SUN produces the OS that really makes the chip *spark*
and
| > Microsoft is [some might say "as usual"] incapable of producing a
quality
| > product to support the chip to its full advantage [regardless of Intel's
| > attempts to help]{we need look no further that the VISTA problems and
| > Microsoft's inability to adequately address the issues, to date}.
Microsoft
| > loses its market dominance as the business/commercial world converts to
| > SUN's product. Or let's say that [since Unix is quite capable of being
| > scaled to the processor] a Linux variant is deemed the most viable OS.
| >
| > Is it your contention that because of some *love affair* by the consumer
| > and investor for Microsoft, it will remain the market leader?
| >
| > Or is it your contention that Microsoft can never lose its market
| > dominance?
|
| Neither of the above, I read into the statement a bit different. If MS
lost it's
| dominance in the market with no foreseeable future comeback, MS would no
longer exist
| unless some type of conditional merge/buyout was executed which retained
the name in
| some way or another. If the name is still attached the name is still
attacked.
|
| <snipped>

{Another slap up side da head} Of course, I now follow your point.. perhaps
it was the "rose is a rose" ... maybe "a horse by any other name is still a
horse"

Of course I doubt Microsoft would ever fade in such fashion,, it is rather
diverse now, and has definitely a deep impact in the "gaming" market
{perhaps to the detriment of its OS activities}...

|
|
| --
|
| Brian A. Sesko { MS MVP_Shell/User }
| Conflicts start where information lacks.
| http://basconotw.mvps.org/
|

--
MEB
http://peoplescounsel.orgfree.com
________


| Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
| How to ask a question: http://support.microsoft.com/kb/555375
|
|
 
Re: Securing Windows 98(SE) in the Modern Age

Brian,
You gave yourself away!! <rvvf>



--
HTH,
Curt

Windows Support Center
www.aumha.org
Practically Nerded,...
http://dundats.mvps.org/Index.htm

"Brian A." <gonefish'n@afarawaylake> wrote in message
news:eG0HDqFHIHA.3768@TK2MSFTNGP06.phx.gbl...
| "MEB" <meb@not here@hotmail.com> wrote in message
| news:eVWKT3AHIHA.4592@TK2MSFTNGP02.phx.gbl...
| >
| >
| > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > news:O9IlJf5GIHA.3600@TK2MSFTNGP06.phx.gbl...
| > | "MEB" <meb@not here@hotmail.com> wrote in message
| > | news:%238DnevoGIHA.4712@TK2MSFTNGP04.phx.gbl...
| > | >
| > | >
| > | > "Brian A." <gonefish'n@afarawaylake> wrote in message
| > | > news:%23rT65QmGIHA.4808@TK2MSFTNGP05.phx.gbl...
| > | > | "Dan" <Dan@discussions.microsoft.com> wrote in message
| > | > | news:6ADCFC6A-B689-4DF8-ADC8-3527FB29FE0A@microsoft.com...
| > | > | >I will focus on your last question and I think Chris Quirke, MVP
| > would
| > | > agree
| > | > | > with me that Windows 98 Second Edition is safer than XP
| > Professional.
| > | > Here
| > | > | > are my web-links to prove my case:
| > | > | >
| > | > | > http://secunia.com/product/22/
| > | > | >
| > | > | > Vendor Microsoft
| > | > | >
| > | > | >
| > | > | > Product Link N/A
| > | > | >
| > | > | >
| > | > | > Affected By 192 Secunia advisories
| > | > | >
| > | > | >
| > | > | > Unpatched 16% (30 of 192 Secunia advisories)
| > | > | >
| > | > | >
| > | > | > Most Critical Unpatched
| > | > | > The most severe unpatched Secunia advisory affecting Microsoft
| > Windows
| > | > XP
| > | > | > Professional, with all vendor patches applied, is rated Highly
| > critical
| > | > | >
| > | > | > http://secunia.com/product/13/
| > | > | >
| > | > | > Vendor Microsoft
| > | > | >
| > | > | >
| > | > | > Product Link N/A
| > | > | >
| > | > | >
| > | > | > Affected By 32 Secunia advisories
| > | > | >
| > | > | >
| > | > | > Unpatched 9% (3 of 32 Secunia advisories)
| > | > | >
| > | > | >
| > | > | > Most Critical Unpatched
| > | > | > The most severe unpatched Secunia advisory affecting Microsoft
| > Windows
| > | > 98
| > | > | > Second Edition, with all vendor patches applied, is rated Less
| > critical
| > | > | >
| > | > | >
| > | > | > That is my case.
| > | > |
| > | > | I responded without question. The only way 98 is safer than XP
Pro
| > is
| > | > because it's
| > | > | not targeted, that's all and no more. When XP Pro is configured
| > properly
| > | > it is by
| > | > | far more secure than 98. Soon enough XP will be forgotten
altogether
| > as
| > | > the full
| > | > | attack goes Vista, and so on.
| > | > |
| > | > | --
| > | > |
| > | > | Brian A. Sesko { MS MVP_Shell/User }
| > | > |
| > | >
| > | > I disagree. As XP is based upon the same base code as VISTA it will
| > always
| > | > be attacked, and vigorously.
| > |
| > | As long as it has the name of Microsoft attached to it, it will be
| > targeted.
| >
| > Not necessarily true. Should Microsoft lose its market mastery, then
| > whatever takes its place would become the target.
|
| It would only be not necessarily true if the MS name was retained, A Rose
Is A
| Rose......
|
| >
| > |
| > | > The coding differentials are so minuscule, that even if specific to
| > VISTA,
| > | > the attack will work upon XP with equal if not more effectiveness,
and
| > even
| > | > less difficulty as there will be less to work-around. What hacks
VISTA
| > | > *WILL* hack XP.
| > |
| > | In many of those aspects, true, but not in every one. As code
changes
| > so do the
| > | targeted systems, that's not saying Vista will pull away from XP, yet
it
| > can and will
| > | change in ways.
| >
| > Well, of course I would by necessity agree in part. There will be VISTA
| > *only* hacks created sometime in the future, but for the present time,
as
| > the coding is shared [XP now in the position that 9X was during the
XP><9X
| > support days, e.g., receiving patches more designed for VISTA than XP]
these
| > shared aspects will continue to supply the necessary entry points.
| > Regretfully, it appears Microsoft shows even less interest in patching
all
| > the holes in XP than it did with 9X or even NT.
| >
| > |
| > | > 9X on the other hand, will receive less and less attention. One need
| > look
| > | > no further than this group. There aren't many people who can even
write
| > a
| > | > simple batch file for 9X/DOS anymore.
| > | > Not saying there will be no attacks, as there is still sufficient
viri,
|
| Although a late response, more of an understanding, I'm sure you meant
"can't".
| The people are out there yet they move on with the code.
|
| > |
| > | Watch yourself and gear up for battle using the word viri, there are
| > those out here
| > | that will chastise you for it, been there already.
| >
| > Yeah, I remember those... strange that semantics such as that tend to
bring
| > lengthy discussions, as if those are world shaking/changing.
| >
| > |
| > | > hacks, and Spyware available [and targeted at installable 9X files].
But
| > it
| > | > brings no recognition, and the OS is not being used now [very much
| > anyway]
| > | > within supposedly secured areas and businesses as XP and VISTA
are...
| > |
| > | That doesn't make 98 any more secure, only less vulnerable.
| >
| > Hmm, that seems to create a contrast. If less vulnerable [be it because
of
| > lack of interest or otherwise], then by mere extension, it becomes more
| > secure. Less interest attended towards attacking, less chances of being
| > attacked = by omission > more secure.
|
| It's not more secure simply because it isn't a major player anymore,
although
| unlikely the game can turn 180 at any time.
|
| >
| > |
| > | >
| > | > You can ignore these rather obvious aspects and continue to spout
how
| > | > supposedly secure the newer operating systems are, but that smacks
in
| > the
| > | > face of the purpose of the attacks... glamour, fame, recognition, ID
| > theft,
| > | > and all the other things now found with those NEW OSs... and the
systems
| > | > which use them..
| > |
| > | I don't continue to spout about anything, I'm certainly not on any
| > crusade to push
| > | a product (not stating you implied that). I stated that a "Properly
| > Configured" XP
| > | Pro machine is by far more secure than 98. That's not saying it's
less
| > vulnerable to
| > | attack or that it can't be compromised, it states that it can be
locked
| > down tighter
| > | when properly configured. The "glamour, fame, recognition, ID theft,"
| > etc. is a Cat
| > | and Mouse game that will never end and it most certainly isn't only
| > utilized with
| > | PC's.
| >
| > Spout was used to instill a conversation... I realize you're not really
a
| > Microsoft clone ...
| >
| > True,,, in part. XP and VISTA can be locked down *tighter*, however,
they
| > [the newer OSs] also contain far more aspects [vulnerabilities if you
will]
| > that can be hacked. From ingrained AutoUpdating, to pre-configured
| > Firewalls, to the basic networking aspects broadcast to the world, to
UPnP,
| > to .... The fact that these are OSs designed FOR networking brings with
them
| > unprecedented potential vulnerabilities.
| > Hackers no longer need to LOOK for the code [determine which third party
| > program was used], it came with their own systems. They no longer need
to
| > OBSERVE the packet signatures, just for the OS indicators [and they know
| > them well]. Each time Microsoft patches anything, they get those same
| > updates, and adjust accordingly ...
| >
| > We could even go the route of *root kits*, though there we would need to
| > again address the old style [for example] 9X/DOS *cult of the mad cow*
hacks
| > now generally considered as virus, whereas, these newer systems, by
their
| > very design, are inherently more vulnerable and thereby, difficulties
| > expanded in preventing such attacks. PGP, in its day, was 4096 and above
| > cipher... yet this same style of *trust* and *keys* is employed as the
MAJOR
| > security aspect in XP and VISTA but at a significantly lesser strength,
and
| > following standards of the government, designed by the government, and
| > suggested by the government. That is something that everyone should at
least
| > question ...
| > I mean [for example], Verisign? Who determined that was a trusted
source?
| > Its a business, and EBERY business is out for profit,,, and ALWAYS
| > potentially for sale ...
| >
| > The point is, these OSs are designed around pre-determined trust ...
| >
| > |
| > | >
| > | > To say the XP is more secure is like putting your head in a paper
bag
| > and
| > | > claiming no one can see you...
| > |
| > | That's ridiculous, your arms and legs still show, you need a full
body
| > bag.
| >
| > Yes, that is a little ridiculous isn't it... of course you could wear
one
| > of those whole body Halloween condom costumes <G>...
|
| |
|
| --
|
| Brian A. Sesko { MS MVP_Shell/User }
| Conflicts start where information lacks.
| http://basconotw.mvps.org/
|
| Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
| How to ask a question: http://support.microsoft.com/kb/555375
|
|
 
Back
Top