J
John John
Guest
Re: Securing Windows 98(SE) in the Modern Age
98 Guy wrote:
> There is a very important distinction between a vunerability that only
> requires internet connectivity (and no user involvement) vs running a
> vulnerable application on an otherwise secure system.
I knew you were going to say exactly that, I said so in my post. Your
claim is that If you connect Windows 98 to the internet and do
absolutely nothing, you don't surf, don't send email, or don't connect
to another network and share information that Windows 98 is safe. To
which I say, well duh...! If you connect and do nothing then why the
heck bother connecting? Why do you even need the internet if you won't
use it? That is like starting your car engine but never taking it out
of park and never ever even moving it then claiming that you have never
had a traffic ticket or an accident!
> All you've shown is a series of IE vulnerabilities. Your examples
> break down if I use a non-MS browser and e-mail client.
>
> But that's irrelavent.
Oh is it? Then tell us which Windows 98 version shipped with a non-MS
browser and e-mail client? On a fresh install of Windows 98, and
without another "safe" computer to rely on how will you download those
non-MS applications? And what about the masses out there who know
nothing about these things, the ones who think that Internet Explorer is
the only browser available, how safe are their Windows 98 installations
fresh "out of the box"?
> Many Win-2k and XP systems were victimized by the welchia, sasser, SQL
> Slammer and Opanki network worms, for example.
>
> Doesn't matter if you practice "safe hex". Doesn't matter if you ran
> Mozilla or netscape or firefox or opera and you didn't touch IE with a
> 10 foot pole. If you ran 2K or XP you were screwed. Those systems
> went on to take their place in botnet land. You most likely received
> spam from them.
>
> Power users who quickly migrated to 2K and early adopters of XP were
> screwed over by all manner of worms while win-98 users stood by and
> watched those clowns fight off their infections.
Well, shows how much you know about NT systems. It is true that these
systems had (unacceptable) security holes the size of Texas in them, but
then almost all who used them knew that from day one. I have been using
NT systems since 1996 or 1997 and guess what? We knew what firewalls
were long before you did and none of the worms and pests that you
mentioned have ever affected any of my machines, none not a single one
of my machines were ever infected! And if we are to use the example
that you mentioned earlier, "Windows 98 is safe when connected as long
as you don't actually 'use' the internet", well that is no more
different than having an NT box that isn't connected at all to the net,
as I said, what is the sense of connecting to the internet if you don't
use it?
Another thing that you conveniently omit or that you simply don't
realize is that because of it's commercial or corporate nature, (as
opposed to W9x's home & consumer nature), NT systems have networking
components that are not available on W9x, so it is easy to say that W9x
doesn't suffer the same vulnerabilities. Install Windows 98 fresh, then
enable File and Printer Sharing and go on the internet, or connect to a
remote network then tell us how safe Windows 98 really is. Use an
unpatched IE, leave TCP port 139 open and tell us once again that
Windows 98 is perfectly safe "out of the box"!
The only claim that we see in your posts is that Windows 98 is
completely safe because as shipped Windows NT/2000/XP was more
vulnerable than the aforementioned, of course that is completely
irrelevant, what may or may not ail NT systems does not make an
unpatched Windows 98 a secure operating system.
John
98 Guy wrote:
> There is a very important distinction between a vunerability that only
> requires internet connectivity (and no user involvement) vs running a
> vulnerable application on an otherwise secure system.
I knew you were going to say exactly that, I said so in my post. Your
claim is that If you connect Windows 98 to the internet and do
absolutely nothing, you don't surf, don't send email, or don't connect
to another network and share information that Windows 98 is safe. To
which I say, well duh...! If you connect and do nothing then why the
heck bother connecting? Why do you even need the internet if you won't
use it? That is like starting your car engine but never taking it out
of park and never ever even moving it then claiming that you have never
had a traffic ticket or an accident!
> All you've shown is a series of IE vulnerabilities. Your examples
> break down if I use a non-MS browser and e-mail client.
>
> But that's irrelavent.
Oh is it? Then tell us which Windows 98 version shipped with a non-MS
browser and e-mail client? On a fresh install of Windows 98, and
without another "safe" computer to rely on how will you download those
non-MS applications? And what about the masses out there who know
nothing about these things, the ones who think that Internet Explorer is
the only browser available, how safe are their Windows 98 installations
fresh "out of the box"?
> Many Win-2k and XP systems were victimized by the welchia, sasser, SQL
> Slammer and Opanki network worms, for example.
>
> Doesn't matter if you practice "safe hex". Doesn't matter if you ran
> Mozilla or netscape or firefox or opera and you didn't touch IE with a
> 10 foot pole. If you ran 2K or XP you were screwed. Those systems
> went on to take their place in botnet land. You most likely received
> spam from them.
>
> Power users who quickly migrated to 2K and early adopters of XP were
> screwed over by all manner of worms while win-98 users stood by and
> watched those clowns fight off their infections.
Well, shows how much you know about NT systems. It is true that these
systems had (unacceptable) security holes the size of Texas in them, but
then almost all who used them knew that from day one. I have been using
NT systems since 1996 or 1997 and guess what? We knew what firewalls
were long before you did and none of the worms and pests that you
mentioned have ever affected any of my machines, none not a single one
of my machines were ever infected! And if we are to use the example
that you mentioned earlier, "Windows 98 is safe when connected as long
as you don't actually 'use' the internet", well that is no more
different than having an NT box that isn't connected at all to the net,
as I said, what is the sense of connecting to the internet if you don't
use it?
Another thing that you conveniently omit or that you simply don't
realize is that because of it's commercial or corporate nature, (as
opposed to W9x's home & consumer nature), NT systems have networking
components that are not available on W9x, so it is easy to say that W9x
doesn't suffer the same vulnerabilities. Install Windows 98 fresh, then
enable File and Printer Sharing and go on the internet, or connect to a
remote network then tell us how safe Windows 98 really is. Use an
unpatched IE, leave TCP port 139 open and tell us once again that
Windows 98 is perfectly safe "out of the box"!
The only claim that we see in your posts is that Windows 98 is
completely safe because as shipped Windows NT/2000/XP was more
vulnerable than the aforementioned, of course that is completely
irrelevant, what may or may not ail NT systems does not make an
unpatched Windows 98 a secure operating system.
John