DasFox
Diamond Member
- Sep 4, 2003
- 4,668
- 46
- 91
Originally posted by: mechBgon
Originally posted by: DasFox
Originally posted by: Nothinman
Wow, DasFox, you are really confused.
No I'm not, since Windows has been out I've only used service packs and nothing else.
90% of Windows updates for users are not needed. Let me stress this again, the key here is a user who does not have mission critical information on their system, and if they do, and it's that critical, those boxes shouldn't even be online in the first place.
Corporate, or business systems are another situation, but again they can limit the systems that are online, and what information is on these boxes that are online to limit any threats. Updates are not the real issue for security, it's how you manage your system that is the real issue to security.
You guys act like the real source of security is in the updates. Security starts with how you manage your systems, are they online, or only on an internal network? If they are then online what access is there to them, with what information, etc.?
Smart users, or Admins can pick and choose their updates to suit their needs if there are any. The biggest concerns for updates are when software won't work, and needs an update to fix a problem. If you are relying on updates for better system security, then you need to rethink about what security is in the first place, because it doesn't always begin with updates.
Another concern over updates is if you've been around Windows long enough then you'll also know MS has had a long history of updates breaking things and updates needing updates... Updating software doesn't always mean you are going to get the benefits you should. There are many times when updates create problems and also introduce another set of bugs that need dealing with. Updates in a business environment always have to consider this. Are the updates going to really help, or is there the possibility of introducing more problems, etc., when doing the updates?
Since MS first introduced Windows I've been using it without ever the need for any updates, other then something that was critically needed because software would not work without it, other then that there has never been a need for a user to update anything.
Like they say if it isn't broke you don't need to fix it, and that holds true for the software world unless software will no longer work, or it's going to pose a grave security risk, then there is no need to update, and even if it's going to pose a security risk, the FIRST line of defense in security is a firewall, not software updates.
If your system is going to become compromised because you didn't do some Windows updates, then there is something terribly wrong with your system security, and all the updates in the world aren't going to help if you don't even understand where security starts in the first place.
If you think keeping your software secure over a firewall is a safer approach to computing, then you need to rethink again.
Let me stress this in another way. The user only needs service pack updates, unless something won't work. And again, don't think that security updates to your software are going to make your box more secure if you don't even know how to use a proper firewall.
Proper security starts at the firewall first, it is the FIRST line of defense not the updates. If you don't think so, then tell that to the Admin of a company. Tell them to only update their software for security updates, and that they don't need a firewall anymore, they are now safe and secure.
Did you know you can have the crappiest bug ridden software with holes out the butt in it, and run the safest box in the world, if you know how to run a good/proper firewall, because it doesn't matter how insecure your software is, as long as your firewall is good. Then you can have a crappy firewall, with a terrible security policy/rules and great updated secure software, and guess what someone will get into that system, and eventually crack that software, why because there is no such thing as perfect software, anything is crackable.
Now does this mean this is how you should run a box with crappy bug ridden software full of holes? Of course not, but don't think that the service packs for users are that big of problems because they are not.
Again, the only people that need to concern themselves with updates is if there is anything mission critical on the system that needs the utmost protection, and GUESS WHAT? If it's that critical then those boxes shouldn't even be on the NET in the first place. They should be off line ONLY on an internal network with no access to the NET for greater security.
Let's wake up here, real critical systems shouldn't even be online if they are that important in the first place, and most of MS's updates are dealing with online security threats. Did you ever think about that?
Summary:
1. If it's not going to work, update it.
2. If security was that big of a problem, then maybe that box should not be online, but only on an internal network.
3. No computer should ever have anything on it so important that it needs Windows updates to protect it. That data should be on other forms of media, storage devices, etc... off the NET.
4. Real security is in proper management, how you run your systems, not updates!
Fascinating. By this logic, you would play World of Warcraft offline, since the bad guys (1) target WoW players to steal their logins and auction away their stuff, and (2) use Windows security vulnerabilities (which you don't want to patch) to install keystroke loggers specifically aimed at stealing your WoW login. I assume you don't want to lose your Level-whatever character and your other resources, and would consider them "mission-critical" due to the time and effort put into developing them.
Ditto for having malware delete all your MP3s and movies after exploiting a Windows vulnerabiltiy that you could've patched, or encrypting your homework files and demanding ransom... I could just keep on going. Steam logins, game CD keys, eBay or PayPal credentials, there's a lot of stuff people consider important, the bad guys want to get it, and no, we're not going to hide offline, and we're not all going to abandon Windows.
I just finished parceling out today's harvest of about 80 fresh malware samples from the wild. This little avalanche of disaster was touched off by exploits. Patch your Windows et al and patch or remove your other software too (Secunia online checkup). Use low-rights user accounts when possible. The bad guys mean business and your firewall is no guarantee of safety.
I might add that the average detection rate of these malware samples at VirusTotal, spanning 32 security software packages, is below 50%, and none of them nailed everything. Not even close. One sample :camera: could not even be detected on the infected system with antivirus products which actually have signatures for the sample in question (and also was missed by four rootkit detectors). Prevention is the name of the game, and this would've been prevented if the test computer had been patched properly (using a low-rights account would've stopped it too, in this instance). For want of a nail... yeah.
Hey nothing in the computing world is a guarantee, just remember that! Not even doing all those updates can save your ass. What will really save your ass is getting experienced, understanding how all these things work, and I know most of them. That is the difference here, knowing your enemy, and I know it, and I don't need updates to keep me safe.
I've done everything you've mentioned here, played games, use MP3's done file sharing, torrents, Newsgroups, Ebay, PayPal, online banking, I have important files on my computer, and I can share a list a mile long, and YET NOT one thing has ever effected me online ever.
And I use the HELL out of my computer with tons of software, doing tons of things online at least 60 hours a week, and in 20 years no problems, zip, nada, zilch...
Now don't take me the wrong way I'm not trying to sound like I'm bragging or better, that is not the POINT here, I'm just trying to make you realize this all comes down to user level experience, how skilled you are, and with little to no experience you better do everything by the book, but when you've been doing it over 20 years, and I mean really doing this, then there is a big world of difference.
Again does this mean this is what everyone does? NO, it means you do what you know, and if you don't know jack then you better being doing it all.
I know more then Jack, and I don't have to do Jack to my box other then install service packs, so please don't come in here calling names, because unless you've been down this road for 20 years then you don't have the experience to talk.
Don't say it can't be done, because it can!
PEACE
Das