1. The 30th edition of the Modeling Contest is finally up! The Portable Buildings need your attention, so come along and have a blast!
    Dismiss Notice
  2. The Aftermath has been revealed for the 19th Terraining Contest! Be sure to check out the Results and see what came out of it.
    Dismiss Notice
  3. Melee Mapping Contest #3 - Results are out! Congratulate the winners and check plenty of new 4v4 melee maps designed for this competition!
    Dismiss Notice
  4. The winners of our cinematic soundtrack competition have been decided! Step by the Music Contest #11 - Results to check the entries and congratulate the winners!
    Dismiss Notice

Seven: your days are numbered

Discussion in 'Computer Tech' started by pyf, Jan 11, 2019.

  1. pyf

    pyf

    Joined:
    Mar 21, 2016
    Messages:
    2,277
    Resources:
    2
    Tutorials:
    2
    Resources:
    2
    As a friendly reminder:

    Microsoft will discontinue Windows 7 SP1 extended support next year, on January 14, 2020. After that, technical assistance and automatic updates will no longer be made available for the product.

    For Windows 7 SP1, the end of mainstream support had already been reached on January 13, 2015.


    After January 14, 2020, if your PC is running Windows 7 SP1, it will no longer receive software updates, including security updates, from Microsoft. In addition, Microsoft customer service will no longer be available to provide Windows 7 technical support.

    After support has ended, Windows will continue to start and run. Also, Windows 7 can still be installed and activated after end of support, Microsoft says.


    Microsoft will offer paid Windows 7 Extended Security Updates (ESU) through January 2023. The Windows 7 ESU will be sold on a per-device basis and the price will increase each year. Windows 7 ESUs will be available to all Windows 7 Professional and Windows 7 Enterprise customers in Volume Licensing, with a discount to customers with Windows software assurance, Windows 10 Enterprise or Windows 10 Education subscriptions. In addition, Office 365 ProPlus will be supported on devices with active Windows 7 Extended Security Updates (ESU) through January 2023. This means that customers who purchase the Windows 7 ESU will be able to continue to run Office 365 ProPlus.


    Windows for embedded devices (such as ATMs or gas pumps) have lifecycle dates that sometimes differ from versions of Windows that are used on PC devices. *cough!*
    :grin:


    Sources:

    - Windows 7 support will end on January 14, 2020 - Windows Support
    - Helping customers shift to a modern desktop - Microsoft 365 Blog
    - Windows lifecycle fact sheet - Windows Support
     
    Last edited: Jan 11, 2019
  2. Sieben

    Sieben

    Joined:
    Nov 23, 2013
    Messages:
    577
    Resources:
    0
    Resources:
    0
    Dammit! I like my Windows 7 :(
     
  3. pyf

    pyf

    Joined:
    Mar 21, 2016
    Messages:
    2,277
    Resources:
    2
    Tutorials:
    2
    Resources:
    2
    Nothing prevents you from still liking (and using) it, even after 7's End of Service. Except a critical hardware failure, of course.
     
  4. Sieben

    Sieben

    Joined:
    Nov 23, 2013
    Messages:
    577
    Resources:
    0
    Resources:
    0
    Yes, I might do that for a while, but eventually I'll have to switch to a more reliable version of Windows, with fewer security issues. :)
     
  5. WhiteFang

    WhiteFang

    Joined:
    Jul 6, 2014
    Messages:
    3,252
    Resources:
    0
    Resources:
    0
    more reliable? such as?
     
  6. pyf

    pyf

    Joined:
    Mar 21, 2016
    Messages:
    2,277
    Resources:
    2
    Tutorials:
    2
    Resources:
    2
    @Sieben: I trust there will be no 7pocalypse in 2020, just like there has not been any XPocalypse in 2014 (and counting!), nor any "whatever"pocalypse to begin with (remember the Y2K bug that supposedly would have sent us back in time? Or the Cobol bug?).

    Windows 7 is as reliable as any other OS, and maybe a bit more.


    Regarding security issues, please have a look at this first, and then despair:
    Bulletins | US-CERT
    :mwahaha:
    (courtesy of US-CERT)

    Therefore, maybe you are counting too much on the security updates provided by Microsoft alone, to "protect" your PC. As for me who is using Windows XP, I am surfing as admin, my OS is patched up to April 2014, and I am facing no such issues. Where is the XPocalypse I was promised by web journalists, dammit?


    To better secure his/her PC, what one needs to do is imho to install a few no-nonsense third-party programs, configure a few settings here and there, and not do any stupid stuff. Period.

    Maybe it is worth pointing out here that despite the end of extended support for Windows XP on April 2014, its POSReady 2009 variant (which is the one embedded into devices) is still updated up to this day in January 2019. For reference and documentation purposes, I am providing below a list of recent patches (all of them being served through Windows Update on a regular monthly basis) for these embedded versions of the OS:

    June 2018 - July 2018 - August 2018 - September 2018 - October 2018 - November 2018 - December 2018 - January 2019


    Of course these updates include security ones, but also at least one major *feature* update. Feature updates are theoretically dropped after the end of mainstream support (which for the record was in... 2009 for Windows XP iirc).

    As you can also see, EoL software (like Office 2003 / 2007) is still alive and well, and the news of its death have been greatly exaggerated.

    Of course, the main variants of officially unsupported OSes might also still get security updates one day or another regardless (here as downloadable hotfixes only).


    Also, keep in mind that development plans for Microsoft software may change without notice (nor an official explanation afaik). As an example, who remembers that Microsoft was supposed to stop releasing virus protection for Windows XP through its Security Essentials application since... July 14, 2015?

    Latest definition updates for Windows Defender Antivirus and other Microsoft antimalware - Windows Defender Security Intelligence

    With the Malware Definition updates (as well as with Microsoft Update), one will eventually notice that owners of a Retail licence are not served equally when compared to owners of an OEM licence, or to owners of a Volume one.


    ... but anyway, back to Windows 7:

    It is therefore unlikely that Microsoft will end the development / support of Windows 7 SP1 even after January 2023.
     
    Last edited: Jan 14, 2019
  7. Sieben

    Sieben

    Joined:
    Nov 23, 2013
    Messages:
    577
    Resources:
    0
    Resources:
    0
    I'm not foreseeing an apocalypse, but as an average user of Windows, I am not aware of all the subtleties of computer security.

    I don't :) But I assumed updating Windows was part of the protection, at least.

    I try to do that. I mainly use CCleaner, uBlock, Malwarebytes, and I don't visit fishy websites. I've never had any issue so far. I don't know if it's enough though, any suggestion?

    ...which gives me time. I'll have changed my computer by then :p

    Any recent up-to-date Windows without security issues. I don't know what Windows will be available in 2020-2023!
     
  8. pyf

    pyf

    Joined:
    Mar 21, 2016
    Messages:
    2,277
    Resources:
    2
    Tutorials:
    2
    Resources:
    2
    (note: this post is unfinished and must be posted as-is for now)

    'XPocalypse' was a portmanteau word widely used around 2014. It was devised to scare non tech savvy Windows XP users. Typing it in 2019 in your favorite search engine brings so many fun links (for me, that is).
    :wink:

    Yes and no. Because no code can be bullet-proof.

    Again:
    Bulletins | US-CERT

    Computer security is an illusion.
    CCleaner will not harden Windows, but its Registry scan can be effective for troubleshooting. It is also a good way to find out quickly if your Restore points are still there. Never let CCleaner do *any* automatic scan/cleaning/fixing of whatever.


    For a bit more OS hardening, I suggest using:

    - SpywareBlaster (+ the file 'SB customblocking.txt' from pattaya1.mbnet.fi for extra IE protection against ActiveX-based adwares)

    - the most current version of an anti-exploit software. I myself use Malwarebytes Anti-Exploit as a standalone download, because contrary to you I never installed Malwarebytes 3. If the telemetry in the recent versions of MBAE is an issue, then stick to v1.12.1.90. Should MBAE fail someday, I would then decide to give HitmanPro Alert a try.

    - install a good Hosts Manager, to create your own concatenated blocking host list. I personally use HostsMan v4.7.105 (link to archive.org) for that. Very important: if you decide to use a blocking host list, then you first absolutely must disable the DNS Client service built in Windows.

    - install Ad Muncher v4.94 (last advert list update: 03/12/2018, does not filter HTTPS traffic, one can create his own rules) - changelog here

    - if Ad Muncher does not do the trick, then maybe give AdFender a try? (its rules should still be customizable - may also help with some instant messengers and also some P2P software iirc) - changelog here

    A blocking Hosts List + Ad Muncher / AdFender combo make filtering browser extensions like uBlock Origin more or less redundant. That, plus these browser extensions do *not* block connections at OS level.

    - For hopefully safer P2P, I suggest giving PeerBlock a try (download v1.2 (r693) here on Google Code). Some paid (and outdated?) lists can be found at i-Blocklist.com. There was the Omegle filter list (note: project officially shut down on February 20, 2017,... or maybe not). There are other lists at peerblocklist.com. Of course, the reliability of such blocking lists can not be guaranteed. I am pointing out here that PeerBlock is about safety, and *not* about anonymity.



    In Windows,

    - please create additional User Account. You may use the controversial Comodo Leaktests software from November 2008, to find out how User Account settings may add more security to your OS.

    - disable the services Remote Registry and Telnet (you may use the portable version of Microsoft Fixit Utilities for that)
    - enable DEP for IE if it is not already activated (you may use the portable version of Microsoft Fixit Utilities for that)

    - disable the service Avertissement


    Geeky stuff:

    - install DNSSEC Trigger, which is the easiest way to use DNSSEC. Caveat: be sure you know how to change back manually your DNS settings, because DNSSEC Trigger will change them to 127.0.0.1. Note: DNSSEC Trigger does not do any DNS encryption out of the box.

    - change your DNS settings to another DNS provider. ChrisPC DNS Switch can do that in an easy way (tip: note all its DNS serve parameters based on all the presets on a piece of paper, and then you may uninstall this software and configure your DNS settings manually)

    - scan your root certificates with RCC (discussion thread here)


    Security also means backups:

    - make several external backups of your Registry. You can use Windows Repair AiO for that. You can also use RegBak.

    Note: ERUNT is better left for Windows XP users (even though it could work on Vista and 7 thanks to a few tricks). For doing a backup of the Registry, using the Volume Shadow Copy is always the best method and ERUNT does not use it.







    Some browser-related stuff:

    - In your web browser, set at least Adobe Flash to run only on demand.

    - The Java plugin should not be an issue anymore, unless you are using an early version of Java 7 (or below) with an outdated web browser.

    - Install the browser extension HTTPS Everywhere, because it fixes some semi-broken HTTPS sites which may still deliver mixed content. Pale Moon or Seamonkey users can use HTTPS Always instead.

    - Install the CAcert root certificates? (note: but who still uses them in 2019?)

    - SUPERAntispyware can be used as a tracking cookie cleaner. The number of cookies on your PC depends on how you have configured your Web browser. Tracking cookies are not a security risk (and neither are so-called "supercookies" imho).

    - The browser vaccination of Spybot S&D v1.6 is imho obsolete and gives the user a false feeling of security. Never run the Teatimer, it will confuse you. Maybe SDHelper is still useful for IE8?



    About the Windows Updates:

    To check that you are not missing any security update, or that your Windows 7 updates are not corrupt, you can run SFC / verifyonly at a command prompt.

    I suggest installing Microsoft Baseline Security Analyzer v2.3 (note: *not* designed for Windows 10), even though it has now been superseded and retired. Its current database (wsusscn2.cab) is a *huge* download (more than 500 MB, and counting!) and you only need a subset of it. But at least it will allow you to check your PC (and the one of other people) offline for any missing or corrupt updates.


    Maybe I will do a few uploads, for preservation purposes.

    Windows 10, build whatever.
     
  9. Sieben

    Sieben

    Joined:
    Nov 23, 2013
    Messages:
    577
    Resources:
    0
    Resources:
    0
    Thanks Pyf! There are a couple of things I've already been doing, but I'll take a look at the rest :)
     
  10. chobibo

    chobibo

    Joined:
    Sep 24, 2005
    Messages:
    2,692
    Resources:
    0
    Resources:
    0
    Man, my windows XP machine was still working 2 years ago, too bad her PSU died and thus ended my Windows XP-ing days. Anyway, @Sieben, don't worry, I'll stand (I'll sit after a few minutes :D My arthritis hurts my bro) with you if ever a 7pocalypse happens.
     
  11. BloodDrunk

    BloodDrunk

    Joined:
    May 11, 2012
    Messages:
    1,966
    Resources:
    1
    Maps:
    1
    Resources:
    1
    Not even using windows updates or security bullshit, so far so good
     
  12. Daffa the Mage

    Daffa the Mage

    Map Moderator

    Joined:
    Jan 30, 2013
    Messages:
    7,431
    Resources:
    25
    Packs:
    1
    Maps:
    8
    Spells:
    15
    Tutorials:
    1
    Resources:
    25
    Most of the time, security issues come from the user being dumb enough :D