For example a product like windows xp, it has been tested and secured by professionals throughout the years and on top of that patched against all kinds of security holes that might have appeared during that period.
Hasn’t the number of people that try to find security holes in windows xp decreased over the years when it wasn’t the main operating system from Microsoft anymore and they still manage to find security holes that a bigger group couldn’t find and hence making the operating system not secure?
In: Technology
Security doesn’t work that way.
Today we have phones with more computing power than almost anyone had access to when XP was released. That computing power can be pointed down analysis paths that were considered too complex and time consuming to be viable back then.
Also, new attack surfaces can be created against older software; when XP was released, most people used dial up networks and turned their computer off when not in use. This meant that RDP was by default pretty secure.
Nowadays a simple internet-wide scan will reveal which XP systems are currently connected that are vulnerable to common multi stage chained attacks that leverage combinations of flaws in different components.
Essentially we find new flaws in old systems by having newer and more powerful systems to use to test and exploit the old systems.
Latest Answers