Skip to main content

@Rich Melvin posted:

...

I have one laptop PC that runs Windows 10, and it is a royal PITA. I can only imagine how much "better" Windows 11 will be.

You got that right. I have a Windows 7 laptop that I had upgraded to 10 (free upgrade and I took the bait). It ran fine...for a while. My current one came with Windows 10 and is a better, but has issues. I have seriously considered taking my old laptop and converting it to LINUX.

As for the subject of this thread, I was surprised to read this, but would have expected it to hit me as penance for all those years I abused would-be power users and middle managers when I was a malevolent systems administrator. Glitches happen.

@Rich Melvin posted:

I could care less if Microsoft no longer supports Windows 7. I didn't use their "support" when they offered it.

When I built the two PCs that I have, the current version of Windows 7 Professional at the time (early 2010, as I recall) included Service Pack 1. That's exactly what's on these two machines today - Windows 7 Professional, Service Pack 1. They have never been updated beyond that...



Yikes!  Brings new meaning to the phrase "working without a net".

In my opinion, all the security fear mongering from Microsoft and others is vastly overblown.

Ha.  Tell that to the folks at the Colonial pipeline or that hospital that got hacked with ransomware.

@rplst8 posted:

Ha.  Tell that to the folks at the Colonial pipeline or that hospital that got hacked with ransomware.

Apples and oranges.

Those entities got hacked because there is money to made by hacking them. And I'll guarantee that none of those systems were running windows. You're talking main frames, machine language, and big servers here, not individual work stations.

There's no money to be made by hacking individual computers. And even if I do get hacked or become a victim of ransomware, I've got everything on my machines (including the boot drives) backed up off-site. I just reformat the hard drives and run a big restore.

And I also tell the ransomware people where they can put their ransomware demand.

Last edited by Rich Melvin

I have a fairly extensive backup routine as well.  I have a daily data back up that goes to a separate physical drive on my computer.  I also have a backup to a mirrored NAS on the network.  The NAS does a backup to a USB drive once a week.  Finally, once a week I get a prompt to do my off-line backup.  I power up the 2TB USB drive, run all the backup scripts, and then power down the drive.  Finally, I also have everything important backed up to a cloud account that has 30 day retention of any deleted or modified files.

I'm sure it's possible for me to lose important data, but it sure ain't very likely!

Also, I'm not stupid about what links I click or websites I visit.

Last edited by gunrunnerjohn

I can't stress too much the need for backups, backups, and more backups.

Both of my 11-year old Windows 7 machines have suffered hard drive failures. When the mechanical hard drives failed, I replaced them with Solid State Drives (SSDs.) And then I restored the drive from my backup. Took a couple of hours each time.

However, if you don't have BACKUPS, you are totally out of luck. One hard drive failure (it's not a matter of "if" but "when") or (God forbid) a house fire, and you could lose years worth of work, pictures, videos,  family memories, etc.

Get set up with I-drive, Carbonite or some other online backup service that backs up your data OFF-SITE. If it saves you just one time, it's all worth every dime of the cost.

@Rich Melvin posted:

Apples and oranges.

Those entities got hacked because there is money to made by hacking them. And I'll guarantee that none of those systems were running windows. You're talking main frames, machine language, and big servers here, not individual work stations.  There's no money to be made by hacking individual computers.

No operating system is immune from an attack.  Windows Server edition runs a lot more infrastructure than you’d think, and the internals are nearly identical to desktop versions.  Money often has nothing to do with it.  Just like a burglar that breaks into the average Joe’s house, cyber criminals are often practicing on unsuspecting individuals, and often alter the ransom amounts based on the target.

And even if I do get hacked or become a victim of ransomware, I've got everything on my machines (including the boot drives) backed up off-site. I just reformat the hard drives and run a big restore.

What makes you think the hacked files aren’t already in your backups?

Backups are essential, but they’re for protection against storage failures and self inflicted oopses.  They won’t necessarily help you if a hacker compromises your workstation.

@rplst8 posted:

No operating system is immune from an attack.  Windows Server edition runs a lot more infrastructure than you’d think, and the internals are nearly identical to desktop versions.  Money often has nothing to do with it.  Just like a burglar that breaks into the average Joe’s house, cyber criminals are often practicing on unsuspecting individuals, and often alter the ransom amounts based on the target.

What makes you think the hacked files aren’t already in your backups?

Backups are essential, but they’re for protection against storage failures and self inflicted oopses.  They won’t necessarily help you if a hacker compromises your workstation.

The goal or target attack for most individual / personal computers is information gathering and identity theft. The thief is looking for credit card numbers, passwords, bank accounts. This is usually attained by giving the thief / hacker access to their PC by remote control or other means. (Email phishing is a huge industry right now). @Rich Melvin is correct though, ransomware on personal PC's is pretty useless. Most people will not pay it or not even care.

Maybe I'm in the minority, but I actually like Windows 10. 

Windows 10 could be my last version of Windows for a while as my new Macbook Air (my first Apple computer) arrives on Wednesday.  The computer I am currently using is a Microsoft Surface Pro (my second and last one!) that will be delegated to running the App for my new digital 1:32 slot car set. My work computer also runs Windows 10, but hopefully I'll retire before it is replace.

Jim

@rplst8 posted:

Yikes!  Brings new meaning to the phrase "working without a net".

Ha.  Tell that to the folks at the Colonial pipeline or that hospital that got hacked with ransomware.

Don't get me started. Never mind, here goes.

I used to work for the LA County Office of Emergency Management. My notorious background included building data acquisition and control systems for TRW Defense and Space Systems Group and a couple of other employers along the way.

20 years ago, I did some [off the record] consulting for the Terrorism Early Warning Group of the Sheriff's department told them that a cyber attack could cause as much damage as a mad bomber. After 9/11 the focus was on physical buildings, etc. plus disasters, but cyber attacks were never rehearsed in exercises (still hadn't at the time I retired). Up until the day I retired in February, I said that a cyber attack would not be the basic data breach and theft of credit and banking info, but would be a series of industrial accidents caused by computer "failures". Since many (thank goodness not all) decision makers don't fully understand computer control systems, they don't focus on them. Instead, the control systems were tied into company networks for convenience, but that introduced a vulnerability from hacks or ransomware since the control systems go down with the rest of the network. While I can't say for sure that the Colonial and Hospital situations were tied into the main networks (and the Internet), it certainly looks that way.

I've been a proponent of isolation of critical control systems, but that means numerous site visits to maintain the systems. It makes maintaining these systems much less convenient, trickier to keep consistent (you have to maintain a tight maintenance schedule) and more costly, but it keeps them away from anything but the idiot who picks up a USB stick in the parking lot and puts it in one of the control computers.

They sent us to a Cybersecurity Training and during introductions I literally dictated the scenario of the training they were about to give. Sometimes, being the OLD GUY pays off.

Bottom line -- isolate your control systems from the Internet and the company's main network. There are ways.

Last edited by AGHRMatt
@AGHRMatt posted:

Bottom line -- isolate your control systems from the Internet and the company's main network. There are ways.

Agree.  Or at least put extra controls around critical infrastructure.  Like a bastion, or data diodes to prevent exfil of sensitive info.

I read that Windows 11 is going to require a TPM 2.0 module for ALL computers, not just business class workstations because Microsoft believes that BIOS/EFI hacks are the next big risk for consumers.  I think they're correct.

Post
×
×
×
×
Link copied to your clipboard.
×
×