vutt wrote on 2023-09-05, 18:26:
@CharlieFoxtrot
Well with mTCP client tools like telnet,ftp,irc network stack is up only when I'm using client. So potential exposure is for limited time. mTCP is also open source so no sneaky backdoors...
That's why I'm keeping my Win98 box with enabled LAN out of internet.
Yes, everything behind NAT is that common sense. My main point is that your premise to security is wrong, if you think that regularly updated mTCP or it being open source provides security. This is something I wanted to highlight so there is a real basis on the apparent sense of security. Or lack thereof.
In fact, mTCP has very little to do with the security here because there is zero security in DOS and there is zero consideration for it in the design. Only security it has is through obscurity and you might argue that it being a single user OS also provides some security compared to more modern OSs, but that is certainly not a security feature in itself. And again, Telnet is a pure clear text protocol without any security and mTCP doesn’t change that. But then again, you most likely don’t use telnet for online banking…
This doesn’t mean that these old systems and OSs are a huge security risk. Nowadays people have fridges, home automation systems, weather sations, countless of mobile and smart devices and whatnot and which have 24/7 connectivity and they are all complete black boxes, that is people don’t know what is inside of them, where they connect, what data they send or receive and what program they execute. So some obsolete shitbox PC that is networked for file tranfers in your network and occasional Telnet to BBSs is hardly the actual problem in these days.