Slashdot Mirror
How Long is Too Long to Update?
StWaldo asks: "I'm sure everyone knows the story about the life expectancy of an fresh, un-updated PC, once it's connected to the internet. What about a PC which just hasn't been updated in a while? I've been deployed in Iraq for the last 9 months, and haven't been able to hook up my laptop to the internet to get updates (I do HAVE access, just can't hook up a personal laptop, gov't only). Before I deployed, I would update my software (system, anti-virus, firewall, anti-spyware, etc) regularly, but as I get closer to coming back to the States and my broadband connection, I'm beginning to wonder what the life expectancy of my PC will be. What's the lifecycle of a security exploit, hack, virus, etc - between discovery/release, propagation, and extinction (or a state approaching extinction)?"
...with an unprotected connection? Who cares?
1. Put your computer behind literally any personal firewall/router (Linksys, DLink, etc.) that can be had - wireless and wired or both - for under $50.
2. If you have Windows XP Service Pack 2 (SP2), just make sure the firewall for your network connection is still enabled; it is by default on SP2, and Security Center will warn you if it isn't. Unless you explicitly disabled it, it will still be enabled.
If you don't yet have Service Pack 2, simply enable the Windows firewall (Internet Connection Firewall) for any network interface(s) you have. This can be done on the Advanced tab of each connection's Properties.
3. There is no step 3.
There's nothing you have to do other than ensure you have a software firewall enabled, and optionally have your machine behind a nice little personal firewall/router. Then it doesn't matter how long it's been or what exploits are out there[1].
That's it. Even the built-in Windows software firewall on a machine with no patches or service packs installed will protect a Windows XP system. Seem simple? It is. One wonders why it took Microsoft *so long* to make it the default.
[1] Sure, there may be exploits that affect browsers or other aspects of the system that could be exploited by *visiting malicious sites*, but the machine, just sitting there, won't be vulnerable. If all you're going to do is immediately update everything anyway, you have nothing to worry about.
Make sure you are behind a nat router or decent firewall and do not have any redirected ports (or DMZ) to the private ip address you machine should be using... and you will be pretty safe... not entirely, but your chances of getting infected are relatively low provided you do not stray too far from the path while updating.
Help Brendan pay off his student loans
Turn on your windows firewall. Then start windows *BEFORE* connecting to the internet. Once you're finished starting windows, connect and download your patches, etc.
;-)
Repeat as necessary.
P.S. don't forget to download Firefox for a safer browsing
Don't do it. For the love of bob, don't do it. Make sure your computer is behind a firewall and only then should you connect. The first thing you should do is get all the latest security updates for Windows. NOTHING ELSE. NO WEB BROWSING at this point.
Once that install/reboot cycle is complete, grab the latest updates for your antivirus and antispyware system. For extra security, make sure you perform a complete scan for viruses and spyware after all the updates are complete.
Once that install/reboot cycle is complete, update the rest of your applications.
Under no circumstances should you attempt this without being behind a secure firewall. Even if you are, you still have to be very very careful (hence, no web browsing until your computer is up to date on Windows and antivirus updates).
Oceania has always been at war with Eastasia.
I think the doom and gloom may be overstating the dangers here.
My wife hadn't touched her laptop computer in 6 months. She fired it up, it was updated in 5 minutes and she was fine.
Two things helped:
a hardware firewall
It already had XP SP2
If that's your situation, just fire it up and go.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
Obligatory reference to Average PC survival time
http://www.transparency.org
Your life expectancy, depending on what sites you go to, is about 4 minutes before you have 60 pieces of spyware, which then turn into 200 in about a half-hour. At least, that's my test on my Dual Xeon, with Windows XP SP2.
Where all think alike, no one thinks very much.
Behind a firewall: Until you do something stupid.
On the net raw running windows: 30m.
On the net raw running linux: depends on the daemons.
Shadus
AutopatcherXP is released pretty much monthly an is a conglomeration of all security updates, patches, etc.. any time i've had to install/reinstall XP onto someone's machine, i've grabbed the latest autopatcher and slapped it on my thumbdrive, and took it with me. requires no getting online on the new system until you're all done. safer that way, and i've had no issues doing it that way.
You are trying to update an existing system, not build a fresh one. Using a cheap hardware firewall (like a linksys router) will keep most evil at bay while you do the update. Better to download the big security rollups and service packs from a current machine, burn to cd or thumbdrive, and install those on your box before you connect to the net.
8 6 for a nice pointer to all the patches you should snag. Get the major ones and you should be OK to just do an update.
Check out http://www.msfn.org/board/index.php?showtopic=318
+++ UGUCAUCGUAUUUCU
If your PC was clean when you leaved the Net and you didn't installed any software etc. while disconnected from the Net, a firewall well configured, stopping everything except outgoing connections, will give you plenty of time to upgrade your software, without any danger. Just do the upgrades as your first move when you're back on the Net. Regards
This isn't QUITE true; there are one or two older personal NAT routers where the initial factory firmware has had exploits published (especially with certain dumb default settings), and there are a few software packages with versions that both poked holes in the XP firewall and were exploitable. As far as I know, nothing in the wild specifically targets both, so unless you have reason to be worried about highly personalized targetting of your computer, it should be just fine. (If you do have reason, buy a newer router first.)
//Information does not want to be free; it wants to breed.
I have a CD handy with XP service pack 2, as well as antivirus, antispyware, firewall, FireFox, etc. That way, I can get a computer up to speed before even reconnecting it to the internet. After the basics are covered, it's much safer to connect and do the fine-tuning. The same would apply to other versions of windows.
If you can't burn a CD from another computer, and you're pre-XP SP2, you might be better off operating behind a hardware firewall until the updates are completed.
Also remember that if you have a minor bug before completing updates, you can usually clean the system after you're up to speed (antivirus, antispyware, etc). The main issue with the auto-infect feature of new systems is that most users won't take the time to clean the system or even investigate if it's infected.
Very poor advice. It should be 1) disconnect from the network 2) turn on the computer 3) enable the firewall 4) hook up to the internet 5) download all updates.
Its not like someone is waiting for you to get home and get ya as soon as you connect.
Uh, yes they are. What do you think all those people scanning ports are doing? All the viris that spread automatically are looking for unprotected systems all the time which is exactly what this fellow would have using your directions.
according to SANS.
Buy a broadband router.
Since it naturally acts as a NAT gateway it will prevent 98% of exploits that can be initiated remotely.
hook up the computer and go through the update process for windows, and your antivirus software. (I would do windows updates first as it is entirely possible the anti-virus updates may require some of the patches too. especially if they are a few months old.)
Then after you've installed all your updates and you can safely leave the computer up and browse the Internet head on over to Red Hat, or some other Linux.... kidding... somewhat.
Buy a mac. Easier, and they have very nice laptops.
Why waste all that brainpower typing in the same command twice. Or pressing the up arrow key? emerge -uvDa world Plus it saves you all that time that it would take to recalculate dependencies!
For fuck's sake. What a dumbass you are, all of you numb-nuts who've responded to this guy in this way.
For those of you who haven't been brought around by that verbal assault, here comes enlightenment: you are swearing at him and insulting him for a viewpoint which he opposes in common with you, and you are just too desperate to grind the axe of "oppose the war but support the troops" to even fucking notice.
In fact, I've just realised I think you're all just trolling to annoy people like me, but I've put a lot of swearing into this post and it's not going to waste. SUBMIT.
And wishing that *China* were in charge, as it were, of world affairs isn't reflective of anything but the wholesale ignorance of the person or entity that wishes it.
There's a term used to describe people who believe "if anyone disagrees with me, even the majority of people in the world, then they're automatically wrong." It's 'hubris'. Did you even stop and consider that perhaps they might have valid views backing that up, or did you just instinctively assume "they must all be ignorant"?
decade
An arbitrary time point just to demonstrate the degree of change. The most extreme example's required time period depends on the specific issue - for example, top tax brackets would be compared to the period from World War II to the late 1960s, when they were almost 90% (they fell to under 30% by the end of Reagan's term, rose somewhat under clinton, then fell back down under Bush).
no different than any shifts that have occurred
Exactly. The US *Has* shifted radically over its history, in case you forgot. Remember slavery? Remember when our government's income was due to tarriffs and land sales? Remember when witchcraft was illegal in much of the US? Need I keep going?
not sure what you're getting at
Do you not know what bracketted taxation is? Then what are you doing in this debate? Lets back up to income taxes 101.
For most of the US's history, there were no income taxes. However, a growing movement in the late 1800s as backlash against "robber barons" (the same movement that eventually led to antitrust laws), and the decrease in traditional income sources for the US government, led to the first income taxes. Income taxes initially only affected the rich; eventually more and more of the population was included, but the rich kept getting higher percentile rates.
The purpose of income taxes, and specificially *bracketted* income taxes (where people fall into a given tax bracket based on their total income) is as an equalizer without destroying the motive to work - and by all standards, it's been an astounding success. Income taxes for the top bracket peaked during World War II, but only fell slightly after that, to just under 90%. They remained this way until the late 1960s - our nation's greatest boom time. The poor barely payed any income tax. During the 1970s, the top bracket fell, but remained above 70%. Under reagan, it plummetted to under 30%, only to raise under Clinton and fall under Bush II.
The flatter the tax, the less of an equalizer it is. The more bracketted, the more of an equalizer it is. This is known as a "flat tax structure" and a "progressive tax structure" respectively. Bracketted taxes can be better thought of in terms of a tax on luxury. Picture the following scenario: there is no income tax. Instead, all taxes are on purchase. The highest tax rates are on items of luxury, while the lowest rates are on items of necessity. The poor, simply not being able to afford much if any luxury, end up averaging a very low tax rate. The wealthy, simply not able to spend even a sizable fraction of their money on necessity, end up paying a very high tax rate. Now picture this shifted back to the income side: you have the bracketted tax structure.
You really ought to already know all of this if you're going to talk about economics...
How has global warming stance changed?
Clinton: Signed the Kyoto protocol; spoke regularly about the need to stop global warming
Bush: Unsigned the Kyoto protocol. First denied any global warming, then admitted it but downplayed human effect on it.
Summary: Complete Opposites.
Just because a jurist believes...
Hold! We're talking about the poltical stances and political momentum at the highest levels of the country. Clinton fought *for* abortion rights, and worked to stack the supreme court with pro-choice judges. Bush has fought *against* abortion rights, and worked to stack the court with pro-life judge
They are turkeys, and in election after election after election they vote for Thanksgiving.