VOGONS


First post, by keenmaster486

User metadata
Rank l33t
Rank
l33t

No, your Windows 95 computer is not going to instantly get a virus as soon as you plug in your network cable. That's the gist of this post.

Basically, I see so much superstition around connecting old machines to the internet. People go to great lengths to reassure vintage computer communities that "no, I'm not connecting this old computer to the network! Please don't kill me!"

There are a few reasons why this is bunk:

  • The older the OS, the less likely it is that modern viruses can run on it. The vast majority probably cannot run on anything older than Windows 7. If you're on Win9x, probably 99.99% are dead in the water. Windows 3.1 and DOS are even better.
  • Windows computers get so many viruses mostly because people are stupid. They click on things they shouldn't click on online (fake buttons, email attachments, etc), download the viruses themselves, and install them themselves, thinking that they are legitimate software that they "need" because that's what it claimed, after all, and they are ignorant enough not to know better.
  • Many security vulnerabilities affect server OS's. A consumer OS doesn't have services running and listening on ports, let alone ported through on your home router. If you are exposing old Windows services to the open internet, then you know the risks you take on! The casual retro PC collector probably won't be doing this.
  • Old security vulnerabilities have been patched in modern OS's, so virus writers have naturally given up on them. Why should they bother trying to take advantage of a vulnerability from Windows 95, that 99.9999% of Internet-connected computers in 2020 don't have?

I use many old computers on the open internet with no repercussions. DOS, Windows 3.1, Windows 95, Windows 98, Windows NT 4.0, Windows 2000, Windows XP. No antivirus. Openly connected to the Internet. No issues. I just know how to avoid the malicious software. If I downloaded and installed a virus I'd be screwed, but I'd also be stupid.

I ran an exposed service, ported through on my home router, and (stupidly) with no password on my modern, up-to-date Linux computer, and within the day it was compromised and I almost lost my personal information before I noticed and killed it. That taught me a lesson about security: play with fire and you'll get burned.

Run exposed services without good security practices on your modern, "secure" computer, and you'll probably be compromised. Connect your Windows 95 computer to the internet and go to google.com in Netscape Navigator, and you'll be fine every time. It's a matter of what you're doing with the computer and what's listening to traffic on it, not whether it's connected or not.

There's no fire to get burned by in Windows 95. Perhaps if you run NT 4.0 Server Edition and you're exposing vulnerable services, then yes. But if you're doing that then you're much more than just a casual user, and you ought to know better, and put the whole thing behind some kind of locked-down gateway or firewall.

I even run a Windows 7 VM connected to the open internet with no antivirus and no issues. I'm less certain about that, though, since modern viruses can definitely run on it. But so far it is fine.

I flermmed the plootash just like you asked.

Reply 2 of 36, by DoZator

User metadata
Rank Newbie
Rank
Newbie

Somehow, purely out of sporting interest, I launched one popular virus on my home machine running Windows 98 [4.10.1998] and here is what came of it:

e3a331a6198e.png

For comparison, this is what happened when the same virus was launched, but under different systems:

4c92be5f7c5a.gif

Reply 3 of 36, by looking4awayout

User metadata
Rank Member
Rank
Member

The RDD, my main computer, uses Windows XP. I have been using it since 2017 (three years) connected to the internet regularly, no antivirus. I never, ever got infected. It's also true that my web browsing is limited to a few sites, and it only has like five services running, but for general use, it has never let me down. I periodically scan the system to check if there are potential threats, but nothing is reported. The only reason behind why I had to format and start with a new installation of XP was due to the death of the old motherboard (the chipset burned out), which required me to reinstall everything since XP would not boot on the replacement one, an Asus TUV4X, and even if it would, a clean installation is always better.

The machine is running perfectly fine. And not only, I'm setting up XP on a laptop with an Athlon XP-M 2500+ as a mobile version of the RDD, connected to the internet as well. No virus, no infection, just like its desktop counterpart.

My Retro Daily Driver: Pentium !!!-S 1.7GHz | 2GB PC166 ECC SDRAM | Gecube Radeon X1950 Pro 256MB OC | 128GB Lite-On SSD + 500GB WD Blue SSD | Creative Sound Blaster Live! CT4620 | Windows XP Professional SP3

Reply 4 of 36, by DosFreak

User metadata
Rank l33t++
Rank
l33t++

I would go through each point and describe how wrong it is but there wouldn't be a point if no one listens since you just want to use your machine and not think about it.

I will say this is 2020, everything is automated and there are packages you can aquire of exploits so it is quite simple to have multiple versions and/or code your explot o use the APIs that exist in all versions of windows which is how they should be written anyway to target the most machines. The mindset of you need to browse to "safe" sites and don't click on the wrong thing is just wrong. It was never good advice and never will be.

DOSBox Compilation Guides
DosBox Feature Request Thread
PC Game Compatibility List
How To Ask Questions The Smart Way
Running DRM games offline

Reply 6 of 36, by BinaryDemon

User metadata
Rank Oldbie
Rank
Oldbie

IMO, it's an issue of how valuable your data is. Are you doing your taxes, checking email, or doing online banking on your retro computer? Probably not.

So install your OS, install your favorite games, create an offline backup (pretty quick and easy if you have moved to ide-CF or similar storage solution).

At this point I have no fear of putting the computer online. If something corrupts restore it.

If you don't have any valuable data on your retro computer, there's no point in jumping thru hoops to protect it.

Check out DOSBox Distro:

https://sites.google.com/site/dosboxdistro/ [*]

a lightweight Linux distro (tinycore) which boots off a usb flash drive and goes straight to DOSBox.

Make your dos retrogaming experience portable!

Reply 7 of 36, by keenmaster486

User metadata
Rank l33t
Rank
l33t
BinaryDemon wrote on 2020-01-22, 19:21:

If you don't have any valuable data on your retro computer, there's no point in jumping thru hoops to protect it.

This is true, but you also have to remember that viruses can jump over your home network once they infect one machine.

My original post still applies though, I don't think your retro machine would get the virus to begin with.

DosFreak wrote on 2020-01-22, 18:45:

The mindset of you need to browse to "safe" sites and don't click on the wrong thing is just wrong. It was never good advice and never will be.

I wouldn't give this advice to anyone who I don't trust to not click on the wrong things.
Someone like me, though... I've never had issues. Over years of usage with no antivirus.

Heck, I doubt you could infect a Windows 95 computer if you tried. You'd have to go to archive.org and get copies of old viruses, but that's cheating since it's not the "wild" web.

I flermmed the plootash just like you asked.

Reply 9 of 36, by dr_st

User metadata
Rank l33t
Rank
l33t
keenmaster486 wrote on 2020-01-21, 18:14:

Basically, I see so much superstition around connecting old machines to the internet. People go to great lengths to reassure vintage computer communities that "no, I'm not connecting this old computer to the network! Please don't kill me!"

Everything you say is obvious to anyone who is not addicted to cybersecurity FUD.

But the good thing is that this FUD does not really have any ability to affect anyone who is not willing to simply swallow it. You can still run WIndows 7 and Windows XP and even Windows 9x connected to the internet despite anything they tell you.

Kinda like drinking. Drinking irresponsibly/excessively is bad and dangerous. Drinking reasonably is generally safe and fun. If someone tells you that you shouldn't drink because of all the terrible things that can happen (they really can), you can still ignore them.

https://cloakedthargoid.wordpress.com/ - Random content on hardware, software, games and toys

Reply 10 of 36, by beastlike

User metadata
Rank Member
Rank
Member

I understand and can empathize with some of OP's gripes with some of the fud you hear about this stuff. But I have a few points that I hope OP and others will consider before connecting unpatched computers of any kind to the internet.

Spectre was actually proven through a JavaScript vulnerability.

One way this could happen, would be that someone could slip some nasty JavaScript onto a website or even through the comments of an older forum that has open XSS vulnerabilities, and execute code on your machine.

I think JavaScript is somewhat in people's blind spot when it comes to ways of running code on your machine. I kinda figured in the late 90s that we'd see these types of "buffer overrun" style attacks sort of taper out and they'd be fully patched eventually; but every once in a while stuff like that does still come out.

There are also people all over the world running IP and port sweeps to try to find unpatched machines. If you ever check your router logs, (last time I did was on a checkpoint router a few years back), you can see that people are actually constantly attempting to hit your IP on all sorts of ports from all over the globe.

While you're probably right that most attacks these days are focused on newer operating systems, you really never know. While every year the military, government, electrical grid infrastructure, etc are updating their systems, I think it is generally known that there are still a few older PCs out in the wild. If there's stuff a the end of some script that's been added to and added to over the years which looks for vulnerabilities on one of these IP sweeps, and it happens to poke through your firewall (not saying this is likely), you really never know what you could end up with.

One final point, is if you remember how nasty some of these bear share / limewire / p2p era things were, they were just awful. I was fixing someone's computer back in 2006 or so, and all of a sudden, an IE window popped up, that popped up a command prompt, that ran notepad, and wrote *you have been p0wned" 🤣

I would hate to see good people who enjoy this hobby unwittingly be a party to the seedy intentions of those who would look to exploit your PC as a proxy to download and share who knows what. I'm not trying to put FUD out there or scare anyone, but please just think about it.

Reply 11 of 36, by dr_st

User metadata
Rank l33t
Rank
l33t
beastlike wrote on 2020-01-22, 22:09:

I would hate to see good people who enjoy this hobby unwittingly be a party to the seedy intentions of those who would look to exploit your PC as a proxy to download and share who knows what. I'm not trying to put FUD out there or scare anyone, but please just think about it.

In other words - I'm not trying to put FUD out there, but I am.

https://cloakedthargoid.wordpress.com/ - Random content on hardware, software, games and toys

Reply 12 of 36, by Warlord

User metadata
Rank Oldbie
Rank
Oldbie

I mostly agree with his points, however you need to be fire walled. Cyber criminals, spy agencies of other countries, go after banks, government institutions, corporations, famous people, political campaigns etc. We are literally no one, as long as you use some common sense you have nothing to worry about. Common sense also involves having backups of your data so if somthing catastrophic were to happen that you can't fix you can image it back.

I always think it is strange to lecture a computer expert about viruses and security, as if they don't know what they are doing and can't fix their own rigs. It's kinda like someone lecturing a dentist about cavities..

Reply 13 of 36, by boomlinde

User metadata
Rank Newbie
Rank
Newbie
beastlike wrote on 2020-01-22, 22:09:

Spectre was actually proven through a JavaScript vulnerability.

A P4 or older won't be affected due to lacking the feature that Spectre exploits. Still relevant for the time scale in which newer CPUs than P4 can be considered "old". It is also rather dependent on modern JavaScript APIs or JIT-based JS runtimes due to timing requirements.

I'd be more wary as you say of using older browsers for anything involving personally identifying information because of old buffer overflow exploits possibly laying around abandoned wordpress or whatever sites since back when they were relevant.

beastlike wrote on 2020-01-22, 22:09:

I think JavaScript is somewhat in people's blind spot when it comes to ways of running code on your machine.

Yes, the sad state of affairs is that adblockers and NoScript are basically anti-malware packages that everyone should install in their modern JS-enabled browsers at this point.

Some food for thought: this is a relatively recent case of a Windows 95 based IT system being rendered unusable because of malware: https://www.tagesspiegel.de/berlin/experten-w … e/25163810.html

That may have been a targeted attack, though, rather than something likely to affect a casual user. Also, the network may not have been the initial attack vector.

Reply 14 of 36, by maxtherabbit

User metadata
Rank Oldbie
Rank
Oldbie
boomlinde wrote on 2020-01-23, 10:52:

That may have been a targeted attack, though, rather than something likely to affect a casual user. Also, the network may not have been the initial attack vector.

That's the thing - edge cases where OS exploits could be used to compromise a vintage PC on the internet (especially one behind any run of the mill NAT) would essentially require a targeted attack. The odds of a random attack affecting a Windows 95 PC on the internet behind a router WITHOUT USER ERROR are so infinitesimal as to be non-existent

Reply 15 of 36, by Bruninho

User metadata
Rank Oldbie
Rank
Oldbie

All my computers run behind a router, but these are modern OS. Older OS like Win 3.x or Win 9x I run only on virtual machines.

While I agree with the OP... but there is one way to get infected: How about the updates and other older software/games we download for our retro machines from sites that are not the ones who actually produced the software (which may be or not be actually abandonware, for example). These ones might have a virus.

I can't remember the year, somewhere between 2014 and 2017, I had a hackintosh with Win 10 installed and it got infected with a ransomware. Some of my files were encrypted and it was demanding a bitcoin payment to get them back. Dude, I have like, three backups of my files (OneDrive, external HDD, my network's Time Capsule) so I had to laugh at this and I just formatted, cleaned it up and reinstalled the system.

"Design isn't just what it looks like and feels like. Design is how it works."
JOBS, Steve.

Reply 16 of 36, by dr_st

User metadata
Rank l33t
Rank
l33t

That's exactly the thing. In the private sector, nobody, and I mean nobody, has systems connected directly to the internet without at least a NAT router. And if you are the one in a hundred (or in a thousand) that has only one machine, no LAN, no router - then that machine, being your primary machine, better run a modern OS for reasons that have more to do with usability than security.

https://cloakedthargoid.wordpress.com/ - Random content on hardware, software, games and toys

Reply 17 of 36, by gdjacobs

User metadata
Rank l33t++
Rank
l33t++
dr_st wrote on 2020-01-23, 17:21:

In the private sector, nobody, and I mean nobody, has systems connected directly to the internet without at least a NAT router.

That's a gross exaggeration. I have servers directly connected to the core. They have a reduced attack surface and proactive measures in place to help prevent exploitation.

All hail the Great Capacitor Brand Finder