(infosec.exchange)

268 points tech234a | 2 comments | 29 Mar 25 04:13 UTC | HN request time: 0.414s | source

Show context

bsdetector ◴[29 Mar 25 05:44 UTC] No.43513075[source]▶

In October when Windows 10 support ends it'll finally be the year of desktop linux.

replies(4): >>43513114 #>>43513178 #>>43514248 #>>43530040 #

grishka ◴[29 Mar 25 10:12 UTC] No.43514248[source]▶

I'd like to remind you that there are still millions of people around the world using Windows 7 daily. The fact that some software is no longer supported by its developer doesn't mean it stops working somehow, or becomes radioactive.

replies(2): >>43514577 #>>43515758 #

MYEUHD ◴[29 Mar 25 11:22 UTC] No.43514577[source]▶

>>43514248 #

It becomes easier to exploit, as it no longer gets security updates; and vulnerabilities are publicly disclosed.

replies(1): >>43515020 #

grishka ◴[29 Mar 25 12:31 UTC] No.43515020[source]▶

>>43514577 #

You can't really exploit something when its attack surface is nearly nonexistent, which is the case for most people who use an outdated OS on their personal device, for example.

replies(1): >>43516859 #

1. baby_souffle ◴[29 Mar 25 16:56 UTC] No.43516859[source]▶

>>43515020 #

What is it about unmaintained software on a personal device that somehow makes the attack service non-existent?

replies(1): >>43517378 #

2. grishka ◴[29 Mar 25 18:12 UTC] No.43517378[source]▶

>>43516859 (TP) #

Even if there's an exploitable vulnerability, the exploit has to be delivered to the target system somehow. You don't have much of an opportunity to do that with a device that doesn't have a public IP address. Most likely the user themselves will have to do something that would compromise their system, like visiting a website that would serve them an exploit for their particular combination of browser and OS.

↑

Upcoming Windows 11 builds cannot install without internet and Microsoft Account