For example a product like windows xp, it has been tested and secured by professionals throughout the years and on top of that patched against all kinds of security holes that might have appeared during that period.
Hasn’t the number of people that try to find security holes in windows xp decreased over the years when it wasn’t the main operating system from Microsoft anymore and they still manage to find security holes that a bigger group couldn’t find and hence making the operating system not secure?
In: Technology
Security doesn’t work that way.
Today we have phones with more computing power than almost anyone had access to when XP was released. That computing power can be pointed down analysis paths that were considered too complex and time consuming to be viable back then.
Also, new attack surfaces can be created against older software; when XP was released, most people used dial up networks and turned their computer off when not in use. This meant that RDP was by default pretty secure.
Nowadays a simple internet-wide scan will reveal which XP systems are currently connected that are vulnerable to common multi stage chained attacks that leverage combinations of flaws in different components.
Essentially we find new flaws in old systems by having newer and more powerful systems to use to test and exploit the old systems.
Generally speaking yes. Fewer people are targeting attacks at old systems. However, new bugs or exploits can be found in new systems and someone can say “hmmm, no one did this back then, I wonder if this would also work on that” and if that thing works in the older system then there you have a security issue.
Also, because many industrial facilities run on older systems there will be both hackers and security professionals who will try to break the older systems. Most of the time for opposite reasons, one to gain something from the system and the other to make sure their system can’t be messed with, but people still work with those systems.
Large software and operating systems will always have vulnerabilities, they are just so complex. Yes, with current software more people will be looking for bugs to exploit but there will also be more programmers working on patching those issues. As soon as Microsoft hears about a vulnerability with Windows 10 they can immediately fix and and release the patch over the internet. Windows XP isn’t being worked on so the discovery of a new security hole could leave current computers running it at risk.
Because new viruses still work off of the old code. The main ones are python, c, & java. The coding languages don’t change a whole lot, but the complexity of the attacks do. The older systems don’t have the support to handle these more complex attacks and thus fall prey more easily.
All of the OS makers constantly write updates because there are people with vested interest in finding exploits. New exploits are always found because “users” are always more imaginative than software engineers.
Imagine it like a guy who lived healthily in the 16th century. He wasn‘t ill and his immune system was strong enough to protect him agains almost all viruses he‘d encounter in his lifetime.
Now put him in a time machine, take him to our time and expose him to our common cold. The virus is so different that this poor mans immune system has just no idea what to do, and he dies.
Take what happened to the Native Americans when the Europeans came: The Europeans had viruses in them that they didn‘t even know about. But once they spread to people with immune systems unfit for that sort of thing, you get genocide.
Windows XP is the great wall of China and todays viruses are jets. Nice wall, aint no protection.
Latest Answers