• M0oP0o
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    1 month ago

    And yet it is just fine for your banking institutions, and a surprising amount of government machines.

    I think it is just lovely on my media PC in my living room.

      • M0oP0o
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        1 month ago

        Oh, you sweet summer child.

        • superkret@feddit.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 month ago

          Not sure what you mean, but I’ve never seen a banking or government machine that was raw-dogging the internet.
          They’re behind a firewall, a web filter, a content deconstructor, a hyperlink sandbox and an endpoint protection where processes need to be white-listed to run.

          In such a setting, it may be safe to still run Windows 7 for some tasks, but it won’t be for browsing and email.

          • M0oP0o
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            1 month ago

            Not sure how its done in your country, but there are very much windows 7 machines here “raw dogging” the internet. Its more about risk management then anything.

            I mean we are in a world where right now the security solutions are worse then the risk of attack. Right now attacks are done mainly with social engineering and the new systems make bonzi buddy look tame.

            There is little point punishing my self by changing my windows 7 machine that I like just so that I can change out old vulnerabilities with new ones. I swear software fear mongering runs half the industry right now on nothing other then inertia.

    • Scary le Poo@beehaw.org
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 month ago

      That’s because those banking institutions have enterprise level support that they pay for yearly from Microsoft.

      You do not.

      • M0oP0o
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 month ago

        Funny enough, no they don’t all have enterprise level support from Microsoft. Hell the ones that do don’t use it, at the scale you are talking about you likely have the same or better support internally.

        I don’t understand why you think that you can even get Microsoft support for 7 at this point?

        • Scary le Poo@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          30 days ago

          Businesses, especially banks, have different rules. Banks are still getting security updates for their systems running Windows XP (generally ATMs).

          A bank isn’t some run of the mill business and banks always have special relationships with Microsoft.

          • M0oP0o
            link
            fedilink
            English
            arrow-up
            1
            ·
            30 days ago

            I was the guy fixing those, no they don’t.

            • Scary le Poo@beehaw.org
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              29 days ago

              Yes, they do. Ffs, your claims are ridiculous.

              Read and learn something for a change:

              Banks and other institutions that use Windows XP often do so under specialized agreements with Microsoft, called Custom Support Agreements (CSAs) or Custom Extended Support Agreements (CESAs). These agreements allow organizations to continue receiving critical security updates for their legacy systems even after official support has ended. Here’s how these agreements work:

              1. Custom Support Agreements (CSAs)

              After Windows XP’s official support ended in April 2014, Microsoft offered CSAs to organizations that could not immediately migrate to newer operating systems due to compatibility, cost, or operational constraints.

              Under a CSA, Microsoft continues to provide critical security updates specifically tailored to the organization’s systems.

              These agreements are typically very expensive and are meant as a temporary measure while the organization transitions to a supported platform.

              1. Why Banks Use CSAs

              Legacy Systems: Many ATMs and banking software were originally built to run on Windows XP, and updating to newer systems can be complex and costly due to hardware and software dependencies.

              Security Needs: Despite using outdated systems, banks must maintain a high level of security. The CSA ensures critical vulnerabilities are patched.

              Regulatory Compliance: Financial institutions are heavily regulated and need to meet strict security standards. Extended support agreements help them avoid compliance violations.

              1. Custom Patching and Support

              Microsoft provides patches only for the most critical vulnerabilities that could severely impact the organization.

              These updates are not made available to the general public, ensuring that only organizations with a CSA receive them.

              1. Cost

              The cost of a CSA is high and increases annually to encourage organizations to migrate to supported platforms.

              Some estimates suggest costs in the range of $1,000 to $5,000 per device per year, depending on the scale and specifics of the agreement.

              1. Alternatives Banks Might Use

              Some banks have begun moving away from Windows XP entirely, often transitioning to supported operating systems like Windows 10 or Windows Embedded systems.

              They may also use virtualized environments to maintain compatibility with older applications without relying on outdated OS versions directly.

              These agreements allow banks and other critical industries to maintain operations securely while planning their eventual migration to modern systems. However, this is a stopgap solution and not a permanent fix, as the long-term risks and costs of relying on unsupported software grow over time.

              • M0oP0o
                link
                fedilink
                English
                arrow-up
                1
                ·
                29 days ago

                often do so under specialized agreements with Microsoft

                You use chat GPT for this one? Because this does not say what you think it does.

                • Scary le Poo@beehaw.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  29 days ago

                  Yes, it says what I have been saying all along. Banks and financial institutions have special service contracts with Microsoft.

                  You, do not. Don’t run old ass windows versions that are not actively supported. This is not a controversial statement.

                  Your attempt to compare your usage vs the usage of a financial institution is not only a false equivocation, it’s particularly stupid in light of the fact specialized contracts exist.

                  • M0oP0o
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    29 days ago

                    You, do not. Don’t run old ass windows versions that are not actively supported. This is not a controversial statement.

                    Do run them, go ahead. Not supported does not mean non functional.

                    Your attempt to compare your usage vs the usage of a financial institution is not only a false equivocation, it’s particularly stupid in light of the fact specialized contracts exist.

                    I worked for 15 years in the industry (7 years in the banking division) I am very explicitly comparing nothing as both myself and most banks I worked with are using legacy software in the same way. Its about risk management and understanding what can be done to your system, running an old OS is not on the top of my risk list.

                    Just backup your data, manage your accounts and passwords with the idea they may be compromised. This is how people not trying to sell you something operate.