XP's Retirement Will Be Hacker Heaven

seedy21 · August 14, 2013

Hackers will bank bugs until after Microsoft retires Windows XP in April 2014; expect attacks, say security experts.

More information can be found HERE

ukbobboy · August 15, 2013

XP's Retirement Will Be Hacker Heaven or just self-serving speculation?

seedy21

Good article but just wild speculation, you see hackers that are willing to pay between $50,000 to $150,000 for an XP exploit are likely to go after high value targets, e.g. banks, multi-national companies, etc. These companies have the necessary finance to buy in security IT consultants and software technicians to protect their systems while migrating to MS's new O/S (or maybe moving over to open source).

While the rest of us, the small companies, one man and his dog, hobbiest, etc, will look to protect our systems the best way we can.

UK Bob

KenB · August 15, 2013

but just wild speculation, you see hackers that are willing to pay between $50,000 to $150,000 for an XP exploit are likely to go after high value targets, e.g. banks, multi-national companies,

It is more likely to be the likes of you and me that get hit .......... if Fossen is right. As you say - it is just speculation.

How many people keep important details ( bank details for instance ) on their computers?

Millions upon millions I suspect - worldwide.

$50,000 is not a lot if you are guaranteed access to these sensitive details.

Do phishing emails get sent to banks and multi-nationals?

It is joe public they target because they know we are basically stupid ( generalisation :) )

Also - I doubt that banks and multi-nationals would still be using XP. They would have upgraded years ago.

And if they are still with XP then I suspect that they would upgrade before MS support is totally withdrawn.

No, if there is going to be anybody targeted it is going to be the general public.

There is another angle to this too.

Micro$oft would be only too happy to see a "zero day" exploited. They would come back with an offer to XP users to upgrade. :)

Not so stupid are they ?

Watch this space.

Starbuck · August 15, 2013

you see hackers that are willing to pay between $50,000 to $150,000 for an XP exploit are likely to go after high value targets, e.g. banks, multi-national companies, etc.

I personally doubt that very much.

The 'big boys' have too much security to make it worth their while.

Consider this.......

http://img.photobucket.com/albums/v708/starbuck50/os_zpsc50a7ffc.png

Source:

http://www.techradar.com/news/software/operating-systems/windows-8-outpaces-vista-takes-third-on-os-popularity-podium-1162980

XP is still the second biggest used Operating system.

So that's a lot of gullible people that they can target.

Once M$ stop plugging any security holes in the system it'll be like feeding time at the zoo for the bad guys.

ukbobboy · August 16, 2013

XP's Retirement, Hackers Heaven or Wild Speculation?

Hi Guys

First of all, I don't necessarily disagree with both your summaries but I do find the whole IT industry's attitude in trying to get people to move away from WinXP Pro and upgrade to Win7 without any regards to users individual needs somewhat self serving and disingenuous.

Grandadfatboy said it best in his post:

http://extremetechsupport.com/threads/15168-End-of-XP-support?p=100308&viewfull=1#post100308

However, I will try to explain my position a little bit more;

KenB, you said

How many people keep important details (bank details for instance) on their computers? Millions upon millions I suspect - worldwide. And, $50,000 is not a lot if you are guaranteed access to these sensitive details.

Well, I would agree that millions of us keep important details on our PCs but, as far as I am aware, there is nothing out there can guarantee access all PCs running XP.

I think the "guarantee" thing is another wild exaggeration.

As for the the big boys, I am quite sure you have heard, like I have, how some of them have been very lax when it comes to keeping their systems secure and holding on to their customers data, SONY immediately comes to mind. So I don't expect them to all have completed their upgrades and ironed out all the bugs they find, after all that's the stuff that keeps the IT industry churning.

As for targeting ordinary people, yes I agree, the hackers and phisers tend to go after gullible people (remember the old saying:theirs one born every minute) because there is nothing on earth that can protect someone that does not exercise a good amount of common sense. Therefore, it is far easier and cheaper for criminals to target people with social exploits rather than paying $50,000 for something, which is at best, sketchy.

Starbuck, you said:

The 'big boys' have too much security to make it worth their (the criminals') while.

You know, this is an illusion that all the big companies would like to foster, until they get caught out and are forced to publicly admit that they have not been as diligent as they should have been.

Simply put, there are still rich pickings out there for the bigger criminals to go after while the gullible will always fall prey to the clever con artists.

UK Bob

KenB · August 16, 2013

Hi Bob

You seem to speak with conviction on a specialised topic.

Do you have any background in IT ?

Simply put, there are still rich pickings out there for the bigger criminals to go after while the gullible will always fall prey to the clever con artists.

I cant disagree - but "the bigger criminals" are also prepared to spread their net wider .......... a few dollars from hundreds of thousands of people by definition makes them "big time" and the "con artist" as you put it is probably not a guy sat in his back room but an organised syndicate.

Either way ...... When MS remove support those of us with XP machines ( and I am one ) are going to have to be a little extra vigilant :)

ukbobboy · August 18, 2013

XP's Retirement, Hackers Heaven or Wild Speculation?

Hi KenB

Something went wrong with the forum yesterday and I could not post my reply. Never mind, here we go..........

You asked:

You seem to speak with conviction on a specialised topic, do you have any background in IT?

Yes, I have worked in IT for a number of years before my retirement two years ago and during the course of my using, working with (both home and at work) and constantly learning about IT I have made PC security my own pet project.

You see, the main thing I noticed when I first started in IT was the complete misunderstanding about computer security and how an unprotected system could succumb to a viral/worm attack. This lack of awareness was pervasive throughout the IT sections I have worked in and personally heard about, i.e. a government department's IT system was compromised by a worm that did it's rounds 12 months previously.

And of course, over the years there have been reports in the press about how data, both computer and paper based, have been carelessly disposed of, e.g. a government minister throwing official papers in a street bin, a bank selling it's old computer storage disks on ebay without first wiping off its data, on-line companies through insecure procedures allowing their customers data to be readily accessed.

Here's something about how some of those who should know better are still getting caught out:

http://www.theregister.co.uk/2012/08/02/struggling_us_banks_warned_over_419_scams/

So you see, I try to keep myself informed about the things happening on the IT security front.

You also said:

.....and the "con artist" as you put it is probably not a guy sat in his back room but an organised syndicate.

Fraudsters come in all shapes and sizes, they can be the guy (and his dog) sitting in his back room to a whole organisation but It doesn't really matter because these 419 type scammers will always go after the gullible.

http://www.theregister.co.uk/2012/06/21/nigerian_scams_msft_research/

Finally, you said:

Either way ...... When MS remove support those of us with XP machines (and I am one) are going to have to be a little extra vigilant

Amen to that fellow XP user.

UK Bob

Plastic Nev · August 18, 2013

The only good news is that although Microsoft are pulling out, the antivirus and antimalware companies will not be doing so, and will continue to keep their software compatible with older operating systems.

Of course that in itself may not be enough protection against the so called zero day exploits, however those companies may still catch up on them pretty quickly.

If you are still running XP as a full time operating system, make sure you are well protected with a good antivirus, a good antimalware, and most essentially a good firewall. If possible use a modern router with a built in hardware firewall as well. Couple all of that with sound common sense and you should be reasonably OK.

After all, there are still a number of people still running Windows 98, or even 95 with little trouble from the bad guys, so Windows XP should still be OK if used with care.

At the moment a lot of speculation, and of course scare mongering by those who will benefit from folk upgrading to W7 or W8, so I am taking it all with the old pinch of salt.

Nev.

ukbobboy · August 23, 2013

Example of a "Big Boy" caught with his trousers down

Hi Guys (especially Starbuck)

I came across this article today, please note that it was written this year and is a prime example of lax security in a big company:

http://www.broadbandgenie.co.uk/blog/20130218-tesco-been-hacked-shoppers-complain-vouchers-stolen-clubcard-fraud

UK Bob

PS. This is the second time to my knowledge that this company has been hacked and their customers have lost money (aka Rich Pickings).

Edited August 23, 2013 by ukbobboy

KenB · August 23, 2013

Hi Guys (especially Starbuck)

Your point is ???

If you are here to score points than I suggest that you take your talents and opinions elsewhere.

We are not interested.

ukbobboy · August 24, 2013

Scoring Points

HI KenB

After I finished making my point I realised that it might cause offence but that was not my intent.

What I am pointing out is that the IT world is filled with misinformation, propaganda and always trying to frighten and deceive inexperience users.

Now take the company I pointed out in my previous post, normally you would not believe a multi-million pound company would be hacked and, by the way they attacked their customers that complained, they would not want you to believe anything else.

By the way, the first time I heard about this company being hacked a customer got his credit card number stolen. The thief, who lived on the other side of the world, went on to use the stolen number to make some illegal purchases.

Meanwhile the FBI raided some servers selling illegal stuff and passed on the stolen CC number to Scotland Yard.

The owner of the CC number got arrested, lost his job, his family stopped talking to him. It took him several years to prove that he was not behind those illegal purchases, in the meantime the life that he had was gone.

So you see, I am not attacking Starbuck, I just saying don't believe the propaganda and always be on your guard because the guy that lost everything, believing his financial details were safe with a big company, could have been me.

UK Bob

Sign In

XP's Retirement Will Be Hacker Heaven

Recommended Posts

seedy21

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

ukbobboy

KenB

Starbuck

ukbobboy

KenB

ukbobboy

Plastic Nev

ukbobboy

KenB

ukbobboy

Join the conversation

Browse

Activity

Site Info