The time is rapidly approaching when Microsoft will permanently suspend all support for the Windows XP operating system.
Are we sad to see it go? Yes, in many cases, I’m sure that there will be a ground swell of angst and sadness that XP is going the way of the dodo. Unfortunately, life is all about change. We need to learn to embrace it. AHEM! Yeah… I sound like an Anthony Robbins commercial here. The facts of the matter are that many individuals and businesses around the world are still using that insecure Swiss cheese OS called Windows XP. Don’t get me wrong. I used to like XP a lot. I have a lot to be thankful to XP for, actually. It’s the NUMBER 1 MAIN REASON I started using the GNU/Linux operating system as my primary OS on ALL of my production machines.
I often wonder why MS had such a difficult time keeping ahead of the hackers, spammers, and malware merchants for much of XP’s lifetime. Being the numero uno operating system in the world definitely painted a rather large target on XP’s back, I would think. Why would a pimple faced miscreant sitting in front of his Mac on the island of Zoobie-doobie target GNU/Linux’s 1% when it could hit ‘em big by hacking MS Windows XP’s 95% or so worldwide users? Makes sense, right? So, poor MS had to fight a losing rear guard action as it retreated into its hardened (by 3rd party mercenaries) Norton and McAfee bunkers. It was what it was.
MS learned a few things from that experience, though. They implemented many innovations into their new Win 7 and Win 8 operating systems to lessen the need for the hired guns required by XP to guard the gates. Sorry about all the military analogies today. I seem to be stuck in that mode at the moment. But I digress… Er, where was I? Ah. Yes… I was saying that nothing lasts forever. I think that’s the point of this exercise, anyway.
Back in the day, when I was much enamored by the Win 98SE operating system, I dreaded the time when MS would stop supporting it. I swore to never go over to the dark side by submitting to the charms and siren songs of that new OS, Win XP. Myeh… I eventually broke my vow. Sure, XP was an improvement over 98SE, but it was also a seemingly unprepared plunge into the future by Microsoft. I’m not sure anyone could have predicted the explosion of naughty, nasty, downright malicious behavior that would soon raise it’s pimply faced, greasy haired head on the Internet.
The pizza and Jolt soda driven hordes descended on the cyber world like never before. Few operating systems or their overseers were prepared for the onslaught. There are exceptions to this… AHEM. Linux. ;) Anyway, don’t let me gloat too long on that. Moving on… So what now, security wise? Are we any better off in the world now that Win 7 and 8 are in dominance and XP is falling by the wayside? Hmm… I’m not so sure. I understand that MS can’t continue to waste time and resources at their 100% for-profit capitalist corporation to continue to pour hot oil and push back the scaling ladders of the invaders forever. Yet, there are millions of XP users worldwide who are going to become a giant botnet once open season is declared by MS in just a few weeks. Can you even imagine what fun those acne suffering residents of Zoobie-doobie and elsewhere are going to have spreading their mayhem?
If you’re running an XP system that has access to the Internet, I would strongly recommend pulling the plug on it. I’m being serious now, folks. Once Microsoft stops patching newly discovered vulnerabilities in the XP operating system, your ass will be swinging in the breeze out there. The 3rd party anti-virus and anti-malware companies will not be focusing on XP nor will they be able to keep up with the hordes that will be descending upon that OS after April of 2014. Do yourselves a favor. Move on to Win 7 or even 8. I can’t honestly recommend 8 to you at this time because I’ve read too much bad press about it and because I’ve never experienced it myself personally. I can, however, say that Win 7 is a very solid OS. If you can still find yourself a copy of it, that would be a wonderful alternative.
And I know many of you out there expect me to make the GNU/Linux suggestion. Well, that’s really the optimal alternative, as far as I’m concerned. However, it wouldn’t necessarily be that optimal for many Win XP users. Folks are often reluctant to change and unwilling to invest time into learning something new. They would have to do both to use GNU/Linux. Yes, there are relatively gentle transition distributions out there… Ubuntu, Linux Mint, Vector Linux, Zorin, Ultimate Edition, Mepis, etc., but there is still a pretty good learning curve for folks coming from XP. It is what it is. I’m not one to bullshit, so take that for what it’s worth.
End your XP dependence. You’ll be better for it.
Image credits: all clipart images in this article courtesy of http://www.clker.com/
I expect more from c|net than this type of FUDD article.
Secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form.
Sounds really intriguing, huh? Gets your attention? Maybe even pisses you off a bit? That’s what that headline does for me. Well, headlines do sell, or so they say. Unfortunately, if you actually read the entire article, as I did, you’ll find that there’s not much carne in the stew here, folks. :( What there is in that article is a lot of spokesperson would not say, declined to disclose, would not say, did not respond to queries, and my favorite, doesn’t recall. Now, does that sound to you like an article with some verified sources?
The article does have a lot of interesting technical baloney thrown in as padding, but the main gist, of the article based on what the headline says, kinda’ misses the mark. You know, if you’re some cheesy part-time blogger, like this Nocturnal Slacker fellow, you can get away with posting tripe like this. Your readers (all 19 of them) will love you for you who are, regardless. However, if you’re a big Internet site with a reputation to uphold, you shouldn’t be posting shit like this on your site. That’s just how I feel about it.
And if you don’t think this article was posted primarily to just stir shit, read the comments posted by the assorted whack-jobs, Obama-haters, tea-baggers, and other miscellaneous Michelle Bachman/Sarah Palin loving wing nuts.
Don’t be thinking that the ol’ Nocturnal Slacker is naive enough to think that BIG Gov is innocent of all charges here. The fact is that I’m very pissed off about the ever deepening intrusions perpetrated by this big, ugly, multi-limbed surveillance state monster. My point in writing this particular article is that if you’re going to be a real media outlet and not just play at being one online, then post articles with some real meat!
Hey, looky… at least one sane individual posted a salient comment to that article:
It’s always “The Feds”, or “The Government”, or The NSA”, but never a name. Who is the PERSON behind these privacy crushing moves? We should have names…and we should have a press that wants to know. Instead we are shown only what ‘they’ want us to see and we have no real investigative reporters anymore. We need names….
Well, that’s all for now.
Yes, actually. There are ways to harden your ssh implementations that aren’t that difficult.
An example of a simple way to increase your security when using ssh is to utilize the public/private key security rather than using your remote system’s user passwords to access the device. By using RSA key pairs, you can initialize your remote connection without ever having to expose your remote login’s password to the transfer at all.
I recently reinstalled my Slackware on my main machine (It’s a long story for another time, maybe). One of the things I needed to do was to reestablish my ssh connections between the machines on my local network. I settled in this evening to do just that. I ended up having some laughable issues while attempting to get all my machines talking again. We won’t go there, though.
In the process of troubleshooting my issues with ssh, I ran across Noryungi‘s excellent how-to at the Slackware Documentation Project. This place is really shaping up, no thanks to me. I haven’t been too active there because of my other pursuits lately. However, the dedicated folks who contribute there on a regular basis are kicking ass!
Anyway, using this tutorial, I easily set all three of my machines to use RSA public/private key exchange to initiate my ssh connections. I don’t have to sling my user’s passwords around the Ether anymore. Now anyone sniffing packets will only see the public RSA key bouncing around.
Ain’t technology wonderful? :)
Well, back to studying tomorrow. My Cisco ICND2/CCNA examination is rapidly approaching. Gotta’ go study up on those pesky routing protocols before bedtime.
Maybe you should read this article from PhysOrg:
Researcher Jeremi Gosney, the founder and CEO of Stricture Consulting Group, was the thinker behind the hardware and software setup that could make 350 billion guesses per second. The result was that eight-character passwords could fall in hours; some passwords could be had in minutes.