Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Long is Too Long to Update?

Posted by Cliff on from the tick-tock-tick-tick dept.

StWaldo asks: "I'm sure everyone knows the story about the life expectancy of an fresh, un-updated PC, once it's connected to the internet. What about a PC which just hasn't been updated in a while? I've been deployed in Iraq for the last 9 months, and haven't been able to hook up my laptop to the internet to get updates (I do HAVE access, just can't hook up a personal laptop, gov't only). Before I deployed, I would update my software (system, anti-virus, firewall, anti-spyware, etc) regularly, but as I get closer to coming back to the States and my broadband connection, I'm beginning to wonder what the life expectancy of my PC will be. What's the lifecycle of a security exploit, hack, virus, etc - between discovery/release, propagation, and extinction (or a state approaching extinction)?"

8 of 415 comments (clear)

  1. Options by phalanx · · Score: 3, Interesting

    1) Get all the updates from a friend and burn them to a CD. Install updates before connecting to the internet.
    2) Connect to the internet behind a hardware firewall/NAT device. Then update everything.
    I would recommend doing both.

    1. Re:Options by waferhead · · Score: 2, Interesting

      Or contact your local Geeks/LUG and borrow a Knoppix CD to DL updates with.

      A firewall (or at least a router) is a good thing tho, and recommended.

  2. Asinine by Anonymous Coward · · Score: 1, Interesting
    You know your attitude is one of the reasons why I left IT. That typical arrogant attitude. And you know what's funny, later on, people like you come over and ask some stupid question yourself.
    I had to borrow a tile saw a couple of weeks ago. The guy, your "blue collar" type, asked if I knew how to use one. Me, the (ex)IT guy, couldn't say "Yes". I just said I've seen them used - which is true - until he got it out of me that I didn't. He said "It's OK to say you don't know.

    Ya see, that's the thing in IT: if you admit not knowing you're called an idiot behind your back or sometimes, to your face and you begin to keep your mouth shut: to the detriment of anything and anyone you're working for.

    So, think about that you arrogant prick or cunt.

  3. How does this look? by atari2600 · · Score: 3, Interesting

    OS Name: Microsoft Windows XP Professional
    OS Version: 5.1.2600 Service Pack 2 Build 2600
    OS Manufacturer: Microsoft Corporation
    OS Configuration: Standalone Workstation
    OS Build Type: Multiprocessor Free
    Original Install Date: 9/27/2004, 12:49:15 PM
    System Up Time: 184 Days, 4 Hours, 3 Minutes, 16 Seconds


    The only time i had to bring it down was to replace hardware (i am behind a corporate firewall, the XP firewall is active) and i don't care about patches. No, i am not trolling - windows machines enjoy decent uptimes too. Let me know if anyone wants too look at a screenshot.

  4. Re:Paranoia? by sedman · · Score: 2, Interesting

    I'm guessing you have not put an unpatched windows box on the net lately. Last person I talked to who got infected with an unpatched PC only did the windows update and was using a modem (not sure why he thought the download would finish this decade, but that's another issue).

  5. Re:Paranoia? by djmurdoch · · Score: 4, Interesting

    My wireless router logged connection attempts at a rate of around one every 10 seconds when I was on a DSL line. I'm on cable now, and get fewer attempts - just every couple of minutes.

    Not all of those attempts are trying to break in to Windows vulnerabilities, a lot were looking for other kinds of holes, or were looking for already-infected machines. But the attempt I see logged from one minute ago was attempting to get into the Windows RPC service, which an unpatched machine might have left open.

    So I don't really think it's paranoia, and I do like being the only machine behind my router.

  6. Re:Lifetimes... by voxel · · Score: 3, Interesting

    My brother was a marine, he disagreed with the war, so what did he do? He left.

    --
    Modesty is one of life's greatest attributes
  7. Re:How long could it survive... by kcbrown · · Score: 2, Interesting
    Simply using a NAT router DOES NOT protect your machine from e-mail worms (like Sober, for example).

    Right. But running a properly-engineered browser (like Firefox) and a properly-engineered email client (like Thunderbird) and not being a complete moron who opens up executable attachments that haven't been virus scanned yet will accomplish that far more effectively than merely updating your system, since the latter is only temporary (until the next exploit is inevitably found).

    Step two is to immediately update your system.

    No, step two is to enable the firewall on the OS.

    Step three is to run as a restricted user and to never run with administrative privileges except to install software. Being forced to explicitly log in as administrator forces you to think about what you're doing. That alone is worth the price of admission.

    Virus scanning everything you download from the internet prior to executing it, combined with running a firewall both on the machine and right in front of the internet connection, will eliminate most of the risk. Running as a restricted user on top of that will eliminate almost all of it.

    Remember: the reason all of this is an issue to begin with is that Microsoft is a piece of shit software company that doesn't give a flying fuck about real security, and only cares in passing about even the appearance of security. The threat level would be order of magnitude less if it weren't for their idiocy. They are, after all, the morons who decided that users should get administrative privileges by default, and that ACLs are for "professionals", not home users.

    --
    Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.