Do we really need software updates?

[j77ason]

Hi,
I got fed up downloading and updating my Operating System - Windows ME, whenever I crashed it which I was doing frequently to begin with.
In the end I stopped putting any updates on my computer and in fact I run it now with the original program without any updates whatsoever.
As at April 2004, I gather Microsoft stopped supporting 9x programs -
Win 95,98 - & ME which I have and use, anyway.
I recently purchased Windows Longhorn through eBay - from a Bloke in Canada. Anyone tried it yet?
I use Zone Alarm (free edition) as my firewall and my computer runs fine with the options I have provided in many of my other posts this forum.

One point that does amuse me is that when I connect between my computer and another site, that site has as much access to my computer as I do to that computer. A bit like a phone call between yourself and the number you dialled.
The idea of the firewall is to stop incoming calls, other than the computer I have connected to, having access to my computer, that is calls other than the one I've made getting on my line between my call to that other location - like Ghosting.
Thus if the site I am connected to says my computer is vulnerable, or I need some sort of software to "protect me" - it is the computer at the site I am connected to, trying to scare me into buying their product and of course, with the proper software, they can read some of My OS details - Big Deal!!

At days end, my computer runs as quickly as it is able - I don't have any updates, or whatever purpose they serve and I am not vulnerable to extra access because of the protections I have installed myself.
Worth thinking about?
j77ason

[satyr]

Hey j77ason, agree, exactly as you already gave the cue !!



Some of updates are just slowing system (true, not all of them those that only patch few things i.e. registry settings are not but ...), and my firewall Zone Alarm 4.0.146.029 Pro on Windows XP + X default firewall (I hate newer, "resource hog" versions, crammed with additional, and actually quite useless functions) and Zone Alarm FREE on my Windows 98 setup protects me more than enough (hehe, even too much maybe, I miss some "action", port scans, etc. to see in my TCP/UDP monitoring programs, firewall logs, etc.)


Please, see also my replies here, my nick on Wilders is stalker:
The best firewall (reliable, powerful, etc.) EVER in my opinion - Zone Alarm

Hacking experience


Yeah, if you will read the second one, you will see, I am running - stable, error-free, and as most important - fast OSs (I mean fast as possible), hacked with many advanced registry modifications, btw., I got used to use *.reg files I made, instead of installing this so-called "tweaking" software like I did in past)



Best regards

[tinfoil]

Whoah here, you purchased Longhorn off of eBay?

Nice. And by nice, I mean, that's wares. Keep it off these boards. Beta or not, the EULA is pretty specific. Might I recomend you read it?

Running windows without updating is like driving a car when the manufacturer has issued recalls. It's just stupid.

ZA... I gave that up for something worthwhile: a netgear FR114 router with statefull packet inspection and basic IDS. It's just one step below running a dedicated FreeBSD box.

[drdaco]

Longhorn runs on a PII 400?

[LM]

There was ONE update from Microsoft which slowed *some* PCs running XP, it was removed and fixed.
The updates are there for your benefit, MS doesn't just make them for the hell of it. It costs them money to write and test them. Which is at a loss to them.
Running an unpathed ALPHA OS as your main OS is stupid (and your procurement method is HIGHLY ILLEGAL). Especially seeing as those alphas are slow, buggy and unfinished.

Yes, there are lots of ads on the internet that say your PC is vulnerable, but, the SAME ads appear if you are using OS X, Linux, Unix, BeOS, etc etc.

And running pirated software probably makes your system more vulnerable. Who's to know what extra code they have added?

[satyr]

Quote:

Originally Posted by LM

There was ONE update from Microsoft which slowed *some* PCs running XP, it was removed and fixed.
The updates are there for your benefit, MS doesn't just make them for the hell of it. It costs them money to write and test them. Which is at a loss to them. ?

1. Yes, you are probably right. But talking about "privacy/security" related patches. I agree with those, who say:

"Which potential hacker, or any malicious web site, or something (exept automated scripts, and other similar) would have interest to attack or nag and advertise to some 56 K adapter user, being on internet 3-5 hours per day.

(uh, connection established even slower 28.8-31.2, cause of phone cables in my country)


And again, I think my FW (ok, and AV, but I think FWs are MUCH more important for any user to have than AV) both, together with various "monitoring utilites" (mostly from www.sysinternals.com protects me enough.



2. Yeah, I haven't got any virus in my whole "computing-era", of course exept those I wanted to have, for archive in encrypter folder (I use licensed Cryptainer PE http://www.cypherix.com , got that license from aouthor personally, cause of few bug reports and future requests, though at that time for Cryptainer LE - free version), additionally corrupted file (some File Lock application which intentionall corrupt file and then un-corrupt, nice app, no need for encryption, I like it mostly couse it is small no-setup program)

In this Windows XP installation (on Windows 98SE I am on internet for average only hour per month) I actually haven't even installed Ad-aware, SpyBot or and other anty-spyware applications (well exept SpywareBlaster which is really "something"). Why ??

Cause at the end then didn't find enything at all. Well, few so-called adware cookies. But I can, and I do delete (actually wipe, with cmd-line app SDelete, again from www.sysnternals.com) Cookies, Cache, and History from inside my browser.



3. I have the best view as possible about all I thing. Most informaton I get with TaskInfo2003 application http://www.iarsn.com CPU (for each process separately, so I know exactly which is badly behaving), RAM, system cache, User/GDI objects, windows opened, handles, threads, all in graph, all for each process also.


And about knowin which Processes are running, it can't happen to me, like it did to my friend, who has bloated PC with:

- 3, 350 MB (yeah, almoust as movie) instances (filees) of virus, in root, Windows, and System32 folders. Its name was Dust.exe, which integrated in shell, meaning vurus put parameter in HCLM\...\Run key like this: Explorer.exe /dust.exe),

- 1 ugly worm bot.exe, which used so many TCP endpoints, I couldn't even see PC to which he was connecting, uh, forgot to log to file at that time) it restarted itself if you terminated it - at that time I forgot to use Suspend mentod), and file also cannot be deleted if its executable from some created process), and bunch of dialers, hijackers, etc., etc.

Quote:

Originally Posted by LM

And running pirated software probably makes your system more vulnerable. Who's to know what extra code they have added?

Totally agree with that, LM. I had bad experience with Norton, at that time, I actually didn't know cracked programs are illegal, hehe how stupid, I thought crack file is some kind of registration, and especially for Norton which was already patched somehow, Ididn't know.


That's why I prefer to use FREEWARE somftware, and fot those few shareware that I am using (Total Commander, Zone Alarm Pro, and few others), usually my favorite apps, I am gladly to pay, cause they are crucial in my opinion, and for my particular needs, and experience level.



That's all, nice thread.

[tinfoil]

Quote:

Originally Posted by satyr

1. Yes, you are probably right. But talking about "privacy/security" related patches. I agree with those, who say:

"Which potential hacker, or any malicious web site, or something (exept automated scripts, and other similar) would have interest to attack or nag and advertise to some 56 K adapter user, being on internet 3-5 hours per day.

(uh, connection established even slower 28.8-31.2, cause of phone cables in my country)

Worms and viruses are indiscriminate. They don't test the bandwidth.

Quote:

2. Yeah, I haven't got any virus in my whole "computing-era", of course exept those I wanted to have, for archive in encrypter folder (I use licensed Cryptainer PE http://www.cypherix.com , got that license from aouthor personally, cause of few bug reports and future requests, though at that time for Cryptainer LE - free version), additionally corrupted file (some File Lock application which intentionall corrupt file and then un-corrupt, nice app, no need for encryption, I like it mostly couse it is small no-setup program)

In this Windows XP installation (on Windows 98SE I am on internet for average only hour per month) I actually haven't even installed Ad-aware, SpyBot or and other anty-spyware applications (well exept SpywareBlaster which is really "something"). Why ??

Cause at the end then didn't find enything at all. Well, few so-called adware cookies. But I can, and I do delete (actually wipe, with cmd-line app SDelete, again from www.sysnternals.com) Cookies, Cache, and History from inside my browser.

Congratulations! In the 20+ years I've been using computers, I've easily gotten half a dozen viruses. It can happen to even the most careful person. Two of my machines at work were infected with Scob. Why? Because our AV wall didn't have a signature yet. It can happen even if you take all precautions and that includes applying critical operating system and program updates.

[j77ason]

Hi,
Nice to see you guys out there are responding to me.
I must disagree with you with not using updates is like running a new car without servicing - we are not talking about a mechanical vehicle but a box of electronics, which are a bit beyond my comprehension, but work just fine.
The problem I have with updates, is that you, who instal them, have to take on trust, that whatever they do is for the best interest of your computer and for you - however, if you download Cyberscrub (free 30 day trial) and use it AFTER each 3 or 4 hour spell, you will be amazed at how much information "of your activities" gets recorded on your hard drive for later access and not by you - even if your download nothing.
As has been pointed out, I am running a P2 400mhz for my Internet surfing and correctly XP & Longhorn won't run on it because the CPU and Bus are not powerful enough - I have another P4 1.5ghz with XP Professional which I hope to use as an Independent Entertainment Centre and will use appropriate programs on that.
Warez - not Wares. When I bid for and won the eBay auction for the Longhorn, I did so in the belief that I was purchasing a genuine product. When I bid for and won the eBay auction for my P4 1.5Ghz, I did so believing that I was purchasing a genuine product. When I run my Windows ME OS - which is from an original CD which I own, I do so believing that the purpose of Firewalls, Anti Virus Programs, Spybot S&D and the like, are there to protect my computer from the nasties on Internet and installing updates from Microsft is just overkill and expressing a personal fear of what might happen if I don't. I call upon my experiences to date, that not everything is there for my needs so much as a "fear package" that if I don't, something awful is going to happen to me and thus I must have that protection - a protection which comes out of my pocket. A bit like "car insurance" if you like.
I don't have anything on my computer worth hacking into it for, and by the same token, it is the P2 - 400mhz computer I use for Internet - not my P4 which is stand alone and in no way connected to any phone line - in additon to which I am on dial up, 4 hour periods and as soon as I cop a dialler, which happens from time to time, I get cut off from Internet...& I burn to CD's anything which I want to keep - I don't leave it on my hard drive - and removed it from my hard drive with Cyberscrub set at Department of Defence level - software & Hardware recovery impossible - because I enjoy my privacy.
If I were to "fear", then my fear would be the Police having access to everyone who accesses Internet and them keeping a secret record of what and where we all go, for some point in time in the future, when the laws can be changed to persecute for anything considered unseemly or unacceptable or ? Thus danger, if danger were to exist, would be at the ISP, in your State.
I frequently cop viruses - surfing today, I have "refused" access to 4 viruses - via Antivir, my Antivirus program - but of course, it depends where you surf ,when you surf, as to whether you cop anything - and how open your computer is to anything incoming, bearing in mind that usually - like a telephone call between 2 people, whatever the other person says to you gets recorded on your computer and whatever you (or your computer) says to "him", gets recorded on his. The line is open for him to bung down nasties and it is up to you to repel them. Firewalls should stop everyone else, external to that call, unless they can dial up your computer direct, without you knowing about it.
I have read the Forum conditions to which one of you refer and taken that information on board, thus if you want to purchase from eBay, I cannot offer you advice on what or how you should do that, however in matters of Servicing & Maintenance of your computers I stand firm on the products I use - you can use whatever you like - Results is what motivates me.
Now on a happy note - I hope you all have had a great day & week and a long & happy life, as enjoyable for each of you - as it is for me.
j77ason

[tinfoil]

Quote:

Originally Posted by j77ason

I must disagree with you with not using updates is like running a new car without servicing - we are not talking about a mechanical vehicle but a box of electronics, which are a bit beyond my comprehension, but work just fine.

I disagree. Blaster is a perfect example. Here is a worm that crippled many a government and commercial network and caused untold headaches for any number of people. Yes, if all these computers were firewalled properly, the trouble wouldn't have been nearly pronounced. However, if the people in charge of these computers would have simply updated windows, the firewall wouldn't have been necessary.

Not bringing your car in for a factory recall can result in you driving an unsafe vehicle and putting the lives of others in danger.

Same thing with an unpatched Windows. Code Red and Blaster crippled many vital networks, including a number of 911 call centers.

Quote:

The problem I have with updates, is that you, who instal them, have to take on trust, that whatever they do is for the best interest of your computer and for you - however, if you download Cyberscrub (free 30 day trial) and use it AFTER each 3 or 4 hour spell, you will be amazed at how much information "of your activities" gets recorded on your hard drive for later access and not by you - even if your download nothing.

Well, I suppose you have a glimmer of a point there, but let's look at it another way. For every Blaster outbreak, Microsoft takes a huge amount of crap from the media, and I'm betting they don't like getting beat up on TV. No company likes to look bad. MS puts out critical patches to make themselves look good. Besides, they were attacked by some of these worms as well, it's certainly in their best interests to make sure they have proper updates out.

I am unaware of any critical update that addresses 'how much information "of your activities" gets recorded on your hard drive'. I'll assume you mean cookies, URL completion history, history and browser cache here. No, there is no critical update that addresses those. Most people find those features handy.

Quote:

Warez - not Wares. When I bid for and won the eBay auction for the Longhorn, I did so in the belief that I was purchasing a genuine product.

You're being naive. Unless you're on the beta program, which I suspect you are not, it's warez. You strike me as knowledgable enough to know that Longhorn is not a shipping product so your explenation is mere semantics.

----

I do hope you don't recomend to others your opinion on critical updates. Not to mince words, but your opinion is irresponsible. Critical updates fix critical problems, problems that can seriously affect both that persons machine and others around them. Not everyone has your level of caution nor does everyone wish to isolate themselves in ways such as you do. Consider, for a moment, that some people don't want to run a plethora of other programs just to 'clean up their tracks'. Some people, myself included, just want it to work. Yes, everyone should run AV software and should have a firewall (though I normally recomend a hardware device rather than software). Still, Windows updates offer another level of security, and people should take advantage of any and all measures afforded them.

[vern]

Microsoft aside, I run Mandrake 9.1 on one of my primary workstations.

Yes there are security vulnerabilities in Linux operating systems as well. Just read the CERT Bulletins that are posted here as they are released.

With or without the bulletins I still check Mandrake weekly for updates and patches. It is wise to do this, it is foolish not to. Like the Microsoft Updates I can pick and choose which updates I wish to install.

I am a big believer in minimalism, I find most of the problems I run into throughout the day are people who install unauthorized software, many of which are utilities they were led to believe would "fix" or "prevent" problems.