Driver to drive?

[Don Y]

On 8/29/2016 3:28 PM, Robert Baer wrote:

Michael A. Terrell wrote:
Robert Baer wrote:
John Larkin wrote:
On Tue, 23 Aug 2016 13:10:31 -0800, Robert Baer
robertbaer@localnet.com> wrote:

Don't update!


Absolutely. BUT make damn sure that all update options are "set" to
"NO WAY IN HELL".


And then constantly complain that nothing works right.

REALLY? I use Win2K and locked out updates day one at installation day one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.

There are (were) 100+ security related updates to XP/sp3. And, even
one released *after* MS absolutely, positively, never-again STOPPED
supporting it.

As for what "doesn't work", have you ever hammered on an SMB share
using XP? Notice anything??

Also use Win7 and Win7 SP1 (which required about 22 updates to get the SP1
to work after its second install). Have both of them locked down.
Tell me what is not working..

 

[Robert Baer]

Michael A. Terrell wrote:

Robert Baer wrote:
John Larkin wrote:
On Tue, 23 Aug 2016 13:10:31 -0800, Robert Baer
robertbaer@localnet.com> wrote:

Don't update!


Absolutely. BUT make damn sure that all update options are "set" to
"NO WAY IN HELL".


And then constantly complain that nothing works right.

REALLY? I use Win2K and locked out updates day one at installation
day one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.
Also use Win7 and Win7 SP1 (which required about 22 updates to get
the SP1 to work after its second install). Have both of them locked down.
Tell me what is not working..

 

[Jeff Liebermann]

On Mon, 29 Aug 2016 14:28:29 -0800, Robert Baer
<robertbaer@localnet.com> wrote:

REALLY? I use Win2K and locked out updates day one at installation
day one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.
Also use Win7 and Win7 SP1 (which required about 22 updates to get
the SP1 to work after its second install). Have both of them locked down.
Tell me what is not working..

In my non-existent spare time, I help maintain a network of weather
stations. When I inherited the system about 10 years ago, everything
was running on Windoze 2000. Over the years, various libraries used
to run Windoze programs were updated by Microsoft. Eventually,
support for Windoze 2000 went away, and we were forced to update to XP
and later to Win 7 in order stay in sync with these libraries.
Specifically, Windoze 2000 does not support .NET 4 and 4.5.
<https://msdn.microsoft.com/en-us/library/8z6watww.aspx>
Oops. Win2K isn't even listed. As I recall, the last version that
worked on Win2K desktop was .NET 3.0 and on server was .NET 2.0.

If you live in a closed environment, write your own software, have
simple computing requirements, use old printers, and don't use
anything from developers that keep up to date with the latest
libraries, you're probably ok. If you're going to run an OS with
known vulnerabilities, a good firewall is also handy.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

 

[Don Y]

On 8/29/2016 10:33 PM, Jeff Liebermann wrote:

Nice ting about Win2K, is that it is so old that it is below contempt
and malware..

Yep. Security by obscurity is such a wonder method.

Yeah, makes you wonder why all these places that get hacked (Sony, DNC,
election boards, etc.) don't just fire their IT departments and
reinstall W95 -- or, W3.1 for even MORE "security"!

"I drive a Model T -- no door locks, windows, etc. And, as I'm the
ONLY ONE who drives one, it is theft-proof! (no key fobs to hack,
no door locks to spring with slim jims, etc.)"

Here's your things to do list for W2K:
https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-107/cvssscoremin-5/cvssscoremax-5.99/Microsoft-Windows-2000.html
That's 91 vulnerabilities left unpatched even with the latest patches.

 

[rickman]

On 8/29/2016 6:28 PM, Robert Baer wrote:

Michael A. Terrell wrote:
Robert Baer wrote:
John Larkin wrote:
On Tue, 23 Aug 2016 13:10:31 -0800, Robert Baer
robertbaer@localnet.com> wrote:

Don't update!


Absolutely. BUT make damn sure that all update options are "set" to
"NO WAY IN HELL".


And then constantly complain that nothing works right.


REALLY? I use Win2K and locked out updates day one at installation day
one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.
Also use Win7 and Win7 SP1 (which required about 22 updates to get the
SP1 to work after its second install). Have both of them locked down.
Tell me what is not working..

When I had Win2K there was a virus going around that would infect your
machine without it doing anything other than being connected to the
Internet. The virus running on other machines would sniff around until
it found another vulnerable PC and infect it. The fix was to install
the Windows update. I had to reformat the hard drive of my friend's
machine three times because the work would take some 30-40 minutes and
then I would space out and forget to install the update before going
online, lol.

I'm pretty sure this virus would get in past a virus checker, not sure
if a firewall would stop it or not. But it was always there to infect
you because there were so many machines already infected. It's probably
not around so much anymore.

--

Rick C

 

[Don Y]

On 8/29/2016 10:40 PM, Jeff Liebermann wrote:

On Mon, 29 Aug 2016 21:34:01 -0700, Don Y
blockedofcourse@foo.invalid> wrote:

No, it means the script kiddies have already cataloged all of the
exploits they can use against you and are just waiting to stumble
across you!

A few might, but finding a W2K machine on the internet is going to be
difficult. Looks like it has already fallen off the charts:
https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomd=0

There's no cost to leaving the attack vectors *in* your system.

I periodically point nessus, snort, satan, etc. at my networks/hosts to
see what they "complain about".

You *do* know that every time you go to a web site, send mail, etc.
your computer tells the world what version of which program you
are using along with the OS that is hosting it? So, they can
tailor their response (attack) to that, exactly.

Yep. Just one click away (top of the page):
http://whatsmyos.com
More detail:
http://mybrowserinfo.com/detail.asp?bhcp=1

Even more amusing are the tools that profile your browser/connection
and tell you how "unique" it is. I.e., how hard.easy it is to
identify your "connections" without YOU voluntarily disclosing
anything!

"Ah, it's that W2K guy running Mozilla 1.0, again..."

 

[Jeff Liebermann]

On Mon, 29 Aug 2016 21:34:01 -0700, Don Y
<blockedofcourse@foo.invalid> wrote:

No, it means the script kiddies have already cataloged all of the
exploits they can use against you and are just waiting to stumble
across you!

A few might, but finding a W2K machine on the internet is going to be
difficult. Looks like it has already fallen off the charts:
<https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomd=0>

You *do* know that every time you go to a web site, send mail, etc.
your computer tells the world what version of which program you
are using along with the OS that is hosting it? So, they can
tailor their response (attack) to that, exactly.

Yep. Just one click away (top of the page):
<http://whatsmyos.com>
More detail:
<http://mybrowserinfo.com/detail.asp?bhcp=1>


--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

 

[Robert Baer]

Don Y wrote:

On 8/29/2016 3:28 PM, Robert Baer wrote:
Michael A. Terrell wrote:
Robert Baer wrote:
John Larkin wrote:
On Tue, 23 Aug 2016 13:10:31 -0800, Robert Baer
robertbaer@localnet.com> wrote:

Don't update!


Absolutely. BUT make damn sure that all update options are "set" to
"NO WAY IN HELL".


And then constantly complain that nothing works right.

REALLY? I use Win2K and locked out updates day one at installation day
one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.

There are (were) 100+ security related updates to XP/sp3. And, even
one released *after* MS absolutely, positively, never-again STOPPED
supporting it.

As for what "doesn't work", have you ever hammered on an SMB share
using XP? Notice anything??
* Nope! Nothing is shared..

Also use Win7 and Win7 SP1 (which required about 22 updates to get the
SP1
to work after its second install). Have both of them locked down.
Tell me what is not working..

 

[Robert Baer]

Jeff Liebermann wrote:

On Mon, 29 Aug 2016 14:28:29 -0800, Robert Baer
robertbaer@localnet.com> wrote:

REALLY? I use Win2K and locked out updates day one at installation
day one.
First i have heard (or seen) that "nothing works right".
Use XP SP3 on occasion as well; ditto.
Also use Win7 and Win7 SP1 (which required about 22 updates to get
the SP1 to work after its second install). Have both of them locked down.
Tell me what is not working..

In my non-existent spare time, I help maintain a network of weather
stations. When I inherited the system about 10 years ago, everything
was running on Windoze 2000. Over the years, various libraries used
to run Windoze programs were updated by Microsoft. Eventually,
support for Windoze 2000 went away, and we were forced to update to XP
and later to Win 7 in order stay in sync with these libraries.
Specifically, Windoze 2000 does not support .NET 4 and 4.5.
https://msdn.microsoft.com/en-us/library/8z6watww.aspx
Oops. Win2K isn't even listed. As I recall, the last version that
worked on Win2K desktop was .NET 3.0 and on server was .NET 2.0.

* The problem was that you allowed bastard updates from Micro$uck.
If you had left those libraries, etc alone, you would not need the
..NET bloat and so an OS change.
I know some businesses that exclusively use DOS and have never had to
look back on the decision.
In fact, those businesses have run since the mid-80s with zero down
time (not counting power shortages), and "competing" businesses (ie: in
same field of business) continually have problems and "need" to
"upgrade" and $pend thousands of dollars running up their part of
Alice's hill.
Doing almost exactly the same thing with the data.

If you live in a closed environment, write your own software, have
simple computing requirements, use old printers, and don't use
anything from developers that keep up to date with the latest
libraries, you're probably ok. If you're going to run an OS with
known vulnerabilities, a good firewall is also handy.

Nice ting about Win2K, is that it is so old that it is below contempt
and malware..

 

[Don Y]

On 8/29/2016 10:29 PM, Robert Baer wrote:

If you live in a closed environment, write your own software, have
simple computing requirements, use old printers, and don't use
anything from developers that keep up to date with the latest
libraries, you're probably ok. If you're going to run an OS with
known vulnerabilities, a good firewall is also handy.

Nice ting about Win2K, is that it is so old that it is below contempt and
malware..

No, it means the script kiddies have already cataloged all of the
exploits they can use against you and are just waiting to stumble
across you!

You *do* know that every time you go to a web site, send mail, etc.
your computer tells the world what version of which program you
are using along with the OS that is hosting it? So, they can
tailor their response (attack) to that, exactly.

 

[Jeff Liebermann]

On Mon, 29 Aug 2016 21:29:11 -0800, Robert Baer
<robertbaer@localnet.com> wrote:

* The problem was that you allowed bastard updates from Micro$uck.
If you had left those libraries, etc alone, you would not need the
.NET bloat and so an OS change.

Nope. That's not the way it works. The applications programs
purchased by my customer require some version of .NET. If the
required version is later than what W2K will support, then the program
will not run. The choice is then to run on old version of the
applications program with an old version of .NET, or upgrade to a
later version of Windoze.

I know some businesses that exclusively use DOS and have never had to
look back on the decision.

Is this somehow related to you running Windoze 2000 or have we
diverted to a different topic?

In fact, those businesses have run since the mid-80s with zero down
time (not counting power shortages), and "competing" businesses (ie: in
same field of business) continually have problems and "need" to
"upgrade" and $pend thousands of dollars running up their part of
Alice's hill.

I know of one like that. I was keeping their DOS based cash registers
running well past when their software vendor proclaimed that it was
"unsupported". The company grew and hired a manager that demanded the
latest version of Windoze on everything (apparently so she could run
Facebook all day). Also, all new machines. The DOS program no longer
worked well under Windoze, so they upgrade to the latest version
offered, which turned out to be highly buggy and slow. After about 9
months of swearing at the system, they finally got it working
correctly. When I told them that they would have been better off
running the old DOS system, the new manager effectively fired me.
Hopefully, your businesses that exclusively use DOS are doing better.

> Doing almost exactly the same thing with the data.

Not exactly. There were some problems converting the payroll reports
to the latest forms required by the government. Getting the tax
accountant to punch in the numbers instead of importing them from a
file was difficult. There were also a few Y2K bugs left in the mix.
DOS worked, but not smoothly.

Nice ting about Win2K, is that it is so old that it is below contempt
and malware..

Yep. Security by obscurity is such a wonder method.

Here's your things to do list for W2K:
<https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-107/cvssscoremin-5/cvssscoremax-5.99/Microsoft-Windows-2000.html>
That's 91 vulnerabilities left unpatched even with the latest patches.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

 

[JW]

On Mon, 29 Aug 2016 22:40:38 -0700 Jeff Liebermann <jeffl@cruzio.com>
wrote in Message id: <io6asb5bpt2lk3m7b8dee0h2gfdeg9mt01@4ax.com>:

A few might, but finding a W2K machine on the internet is going to be
difficult. Looks like it has already fallen off the charts:
https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomd=0

Even Windows 3.1 has more market share than 2K. Funny!

 

[George Herold]

On Tuesday, September 6, 2016 at 2:39:13 PM UTC-4, JW wrote:

http://www.ebay.com/itm/Bulk-Lot-180-pallets-mixed-Server-Pc-Printers-Phone-Home-Electronics-E-Waste-/112122190565?hash=item1a1b00dae5:g:84YAAOSwFe5Xx66f

Think again.
This guy better re-think his pricing strategy...

That's a riot... so if I put all my E-waste on a pallet I can sell it?
He wants $2.5 Million! ~$10k/pallet

George H.

 

On Tuesday, 6 September 2016 19:39:13 UTC+1, JW wrote:

http://www.ebay.com/itm/Bulk-Lot-180-pallets-mixed-Server-Pc-Printers-Phone-Home-Electronics-E-Waste-/112122190565?hash=item1a1b00dae5:g:84YAAOSwFe5Xx66f

Think again.
This guy better re-think his pricing strategy...

delusional


NT

 

[Cursitor Doom]

On Tue, 06 Sep 2016 12:16:23 -0700, tabbypurr wrote:

> delusional

Yeah. it's probably Bill Sloman. ;->

 

[Clifford Heath]

On 07/09/16 07:23, Cursitor Doom wrote:

On Tue, 06 Sep 2016 12:16:23 -0700, tabbypurr wrote:
delusional
Yeah. it's probably Bill Sloman. ;-

Bill lives in an upstairs inner-city apartment. He's quite easy to find,
which is odd, given his occasionally extremely offensive mouth.

 

[Andy K]

On Tuesday, September 6, 2016 at 1:39:13 PM UTC-5, JW wrote:

http://www.ebay.com/itm/Bulk-Lot-180-pallets-mixed-Server-Pc-Printers-Phone-Home-Electronics-E-Waste-/112122190565?hash=item1a1b00dae5:g:84YAAOSwFe5Xx66f

Think again.
This guy better re-think his pricing strategy...

The guy is a pack rat and doesn't take care of his stuff.

He's dreamin if he thinks he can get even close to that price.

He have to pay someone to haul it off.

 

[Don Y]

On 9/6/2016 5:25 PM, Andy K wrote:

On Tuesday, September 6, 2016 at 1:39:13 PM UTC-5, JW wrote:
http://www.ebay.com/itm/Bulk-Lot-180-pallets-mixed-Server-Pc-Printers-Phone-Home-Electronics-E-Waste-/112122190565?hash=item1a1b00dae5:g:84YAAOSwFe5Xx66f

Think again.
This guy better re-think his pricing strategy...

The guy is a pack rat and doesn't take care of his stuff.

He's dreamin if he thinks he can get even close to that price.

There are a surprising number of people who engage in this sort of
(ahem) "business". I've never seen any of them driving fancy cars
or wearing Rolex's! :>

Some will stumble across some ancient/antique lot (of kit)
and HOPE they can find a desperate customer "looking for a
spare part" to keep their antiquated <whatever> system
running.

I've a colleague, here, who regularly rescues old Sun servers
as his employer's IT infrastructure is largely Sun-based.
Simple math, to them: pay an inflated price for an obsolete
piece of kit (that may or may not actually WORK!) *or*
spend megabucks (literally) redoing the software that drives
your business -- without adversely impacting that business
in the process.

Which do *you* think is the safer, "path of least resistance"?

> He have to pay someone to haul it off.

Some types of kit aren't easily disposable. I.e., *you*
inherit the (legal) responsibility of disposing of it
(ahem) "legally" once you accept ownership.

I was at a local auction many years ago and was interested in
one particular "lot". But, buried in that lot was a ~20 lb
container of mercury: "Where the hell am I going to dispose
of *that*?" (tossing the occasional CFL into the trash is
probably not going to raise eyebrows given the minute amounts
of Hg it contains)

Here, for example, you have to *pay* people to accept your old CRT
monitors/TV's "for disposal". Fees can range from $10 - $50.
(sure makes you think about just dropping small sets in your household
trash!)

 

On Wednesday, September 7, 2016 at 8:52:46 AM UTC+10, Clifford Heath wrote:

On 07/09/16 07:23, Cursitor Doom wrote:
On Tue, 06 Sep 2016 12:16:23 -0700, tabbypurr wrote:
delusional
Yeah. it's probably Bill Sloman. ;-

Bill lives in an upstairs inner-city apartment. He's quite easy to find,
which is odd, given his occasionally extremely offensive mouth.

I'm sure I offend the occasional right-wing nitwit, but they are quite as offensive in response. I had thought that "extremely offensive" took rather more effort than I bother putting in.

There are some extremely thin-skinned people around, but they wouldn't post here.

--
Bill Sloman, Sydney

 

On Wednesday, 7 September 2016 02:10:30 UTC+1, Don Y wrote:

I was at a local auction many years ago and was interested in
one particular "lot". But, buried in that lot was a ~20 lb
container of mercury: "Where the hell am I going to dispose
of *that*?"

Saleable surely, to a vetted buyer.


NT