Getting back to running a weather station

I have decided to stick with W7 because it works and I probably will after end of life as well as I never allow it to update. My WD PC runs only weather stuff 99% of the time and the other 1% it’s only me so I’m careful about what I do with it. Everything else I run PC wise is Linux and my weather PC would be the same but for the problem of getting WD to do what I need under Linux, each time I test the Linux version it seems problematic, plus running WXSim would have to be under Wine which again is problematic. This stuff is the only thing which stops me ditching Windows completely. I can understand in a business environment Linux can be problematic but mainly because so much software is Windows only but in a home environment I struggle to find anything I cannot do under Linux. My wife’s laptop runs a stable Linux and she does not notice I moved her off Windows some years ago #-o

Stuart

There is a problem with running obsolete versions of any software, even in a home environment. Even if you’re careful you can still get compromised and if your system is obsolete you’ll probably never know. If you are compromised then you may become part of a botnet which could cause you problems more generally with your ISP blocking your connection. The compromised system might also be used to act as a Trojan horse within your home network and might lead to other systems becoming compromised, or your internal network traffic being monitored, potentially with man-in-the-middle monitoring to see encrypted traffic.

Sent from my SM-T715 using Tapatalk

Whilst I agree with that for any PC being used generally I also think the chances of that happening on a PC with AV and two firewalls (one on the PC and one on the router and behind a NAT) is unlikely running just what I do on it. I would ideally like to move it to Linux which can be updated more easily and with far less interruptions. I might have been lucky but in donkeys years of using PCs since the very first IBM PC through all sorts I have only ever once got a virus and that was because I trusted someone I knew and accepted a file they sent me, not something I have ever repeated, also that was years ago before I moved everything else to Linux. Had I been on Linux the virus, even assuming the file was executable, could not have spread like it did or done the damage it did because the security provisions on Linux would have stopped it. For me the lesser of two evils is not to allow Windows 7 to update at all.

Stuart

I have had one or 2 viruses over the years, but thats due to stuff i download :roll: nothing i have not been able to fix though :smiley:

Viruses from downloaded files are old hat now. Drive by infections through a rogue advert on a website that you think is safe is more likely these days.

Sent from my SM-T715 using Tapatalk

On my 3 main computers (all W10), I do a ~weekly system backup onto ad hoc HDDs (and have start-up CDs). The HDDs are unplugged when not actually doing backups. This is my security against even ransomware which is rife here even attacking small shops and individuals. At the worst, I boot up with the CD and re-install from the HDD. In addition, I have Webroot Secure Anywhere, which is arguably the best and fastest cloud security system. However, on my weather computer (Win7), I’m less secure with Windows systems for backup and protection.

Hopefully, I’ll never need to use backup or security! (Waste of money until you need them!)

I have a backup of my backup and same with my server in the US, that backs up to my lappy and on my backup drive so have 2 most stuff
Important documents are backup up on google drive, if it happens, it happens, just a pain restoring everything but its can be done, thats the
main thing. Also. if WD could only run on say Win 95 (just an example lol) then thats what my weather PC would run, it wouldnt bother me none :slight_smile:

I do no surfing on the weather computer. If there is any software I need to install on it, I download it on another computer and move over on pen drive. I do run Malwarebytes on it once a month and keep it updated had never had a virus on it. I do run regular backups on it to an external drive. My set up is a bit different. The O/S is on the C:\ drive but all the weather software is installed on a second internal drive.

But surely that would be an issue of having up to date malware protection, not fundamental OS function? Not that I suggest doing any kind of web surfing on a WX PC.

It could be, assuming it’s not a zero day/APT that malware protection doesn’t see but might be blocked by an (eventual) OS patch for supported OSes. You’ll also find that the malware protection suppliers tend to drop support for obsolete OS versions eventually. Maybe not immediately after support ends, but I know that at least one AV vendor dropped support for W2K3 some time ago and that’s only been obsolete for 18 months.

Moving off that topic, but trying to put this in context, I took part in a significant red/blue team exercise last year (enterprise/industrial cyber-war games). So I’ve used some of the tools the hackers have available and seen just how incredibly easy it is to compromise un-patched systems. I also saw how much more difficult it was to compromise systems when the target system was fully patched up. Other learning points were that it doesn’t matter if 99% of the devices on your network are secure. If there’s one old one that’s un-patched/missing protection that’s the one the hackers will hit and they can then easily use that one as a Trojan horse to attack/monitor the rest of your network. Finally, firewalls can help, but do you really know how your firewall is configured? I suspect most people use whatever is in place on the PC/router and then just open up holes without much thought when something doesn’t work. Have you ever reviewed the rules on your firewall to check what’s allowed in and out (or checked the logs to see what’s actually going in/out)?

Yes…I’m paranoid about cyber-security because it’s a large part of my job…but if you’d seen/heard half of what I’ve seen/heard you’d be paranoid about it too!

That part, its back to the old chestnut, what you dont know dont hurt you, but in this case it actually could…
To be honest with you, having my system hacked is the least of my worries, i am concerned about my server
though, i do not want any issues with that, anything else, it can be rectified, thats the way i look at it, whats
the worst that could happen, no seriously, that is a question,not rhetorical… i think for me it would be access
my bank, although i aint got diddly to lose and if there was, the bank would return it. Anything else is backed up…

The only safest way is to not use t’interweb and shut down any connections, wifi/bluetooth/NFC etc

Your bank details could be grabbed. Can you be sure that your bank would refund if you were proved to be hacked because you had an unprotected device on your network.

There’s no guarantee that you won’t be hacked if you protect your systems (patching, anti-malware and a firewall are minimum) but you reduce the risk dramatically by doing those things (as well as being careful about where you go on the web).

Sent from my SM-T715 using Tapatalk

PS. Why worry more about your server? Do you have your bank and other valuable details stored there?

Sent from my SM-T715 using Tapatalk

There are never guarantees, yes, i am quite sure the bank would refund as its classed as fraud

No, server has 3 customers and i wouldnt want o let them down, thats very important to me but
they are backed up to here regular Home i men not on here lol)

In order for them to hack your system (assuming you don’t surf from it) the chances are they need to find it. My firewall is set up so my external IP does not respond at all on any port at all to being probed.

I too have had experience of security when I was working including working on a few systems which were classified by the US Dept Of Defense as secure, they had no external connections at all but never the less required security software to prevent unauthorised access from within! Yes security is a nightmare and the net makes things far worse. However the main problems with that are people #-o how many still have their password as ‘password’ or some other easily guessed word or leave their routers open to the world rather than turning off TR-069, TR-064 and remote assistance/maintenance access, plus old or not updated anti-virus etc, not using SSL/TLS for email… the list is endless.

Stuart

password as password, never, thats crazy talk, :roll: BRB… :lol:

Yes I agree but a recent survey said that was one of the most popular passwords #-o

Stuart

Here ya go, it’s #8 on the list :roll:

Who can tell me the secret of #15 “18atcskd2w” :?

Checking today I was surprised to see that ESET is still providing new versions for W2K onwards.

Yes...I'm paranoid about cyber-security because it's a large part of my job...but if you'd seen/heard half of what I've seen/heard you'd be paranoid about it too!

I understand that you have whole different concerns from the owner of a wx server that’s double NAT’d and never used to surf, but can I ask if you are not at all concerned about Win 10’s spying telemetry and propensity for considering your PC to be an extension of Microsoft’s network/cloud? Or maybe they give you corporate types more control than us regular folks?

Not to mention the access you “can” give to cortana for full usability, its quite shocking, many will not even think to look at the smaller print
phone messages is one of those :o