Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
You are too hung up on payload delivery, it's not needed anymore. What are you using this device for? What is the device it communicates with? Where does that traffic end up? What other devices are associated with that device? One device gets compromised on the network, the entire network is compromised. I don't need a RAT (or other remote) on the target anymore, I am searching for data, silently. If I get some credentials, that's great, but that's not all there is to "hacking". Again, I don't need a payload on a device to make use of it, nore do I need remote access, even though eventually that's what will end up happening. As long as there is unencrypted data, or common encrypted data (VPN) coming from that node, it will fall eventually.
This is why B00nie is getting frustrated.

You cannot send data over a port if there is nothing listening for data on the other side of the port, and even then we're talking fairly specific data. You cannot just force data through an open port.

Browsers can be hacked as they are listening via an open port for specific traffic. If anything is going to be compromised via an open port, that's the most logical target.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
^^ Correct. Example

Firewall ---> NAT Rule to send port 4567 TCP traffic to desktop 1 - Desktop 1 has no service running on port 4567 to respond with - Thus no connections will be made nor could you "ride" that NAT rule to magically "get inside" Desktop 1 through port 4567 and exploit say NTP or RDP listening on their default ports of 123 UDP or 3389.

This is why UPnP is so dangerous and should be turned off by default because it is a massive security risk for outbound apps to just open ports they need to communicate.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Are you using the device on the network, as in networking? As I said, if no data is coming or going, the device is not networking, it's a moot point. If data is coming and going, the device is vulnerable. How do you not get that? Forget ports, forget remote access, forget payloads. If the device is just sitting there with no output, of course it's not vulnerable, but it's also not networking, might as well not even be connected. Even a packet injector is vulnerable.
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
Are you using the device on the network, as in networking? As I said, if no data is coming or going, the device is not networking, it's a moot point. If data is coming and going, the device is vulnerable. How do you not get that? Forget ports, forget remote access, forget payloads. If the device is just sitting there with no output, of course it's not vulnerable, but it's also not networking, might as well not even be connected. Even a packet injector is vulnerable.
You're still missing the point regarding the implementation of NAT. If you have the port forwarded for Samba, but don't have a Samba server running on the destination address, data cannot be forced through that open port whether it conforms to the Samba protocol or not.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
You're still missing the point regarding the implementation of NAT. If you have the port forwarded for Samba, but don't have a Samba server running on the destination address, data cannot be forced through that open port whether it conforms to the Samba protocol or not.
You don't have to "force" anything anywhere. You guys are totally off base. You still won't address mt question to you. Is the device networking? As in sending and receiving data? Then there are several options to vector an attack to it. You really think firewalls are a problem anymore? I am are not talking some random attack from a port script written by a 4channer. Do you update software on this device? Do you use apps on this device? Is it connected wirelessly? Vector, vector, vector. (not Airplane joke)
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
You don't have to "force" anything anywhere. You guys are totally off base. You still won't address mt question to you. Is the device networking? As in sending and receiving data? Then there are several options to vector an attack to it. You really think firewalls are a problem anymore? I am are not talking some random attack from a port script written by a 4channer. Do you update software on this device? Do you use apps on this device? Is it connected wirelessly? Vector, vector, vector. (not Airplane joke)
I'm not off base at all, you're all over the place.

Of course the device is networked, why would you open ports if the device wasn't networked? What I'm saying, and I believe what B00nie is saying, is that ports can be open to WAN and if there's no active listening server on the other side you won't even be able to see the open port in a port scan and you definitely won't be able to force data through that open port via the WAN even if you could.

In terms of the internal network, I don't see anyone arguing that a Windows 7 machine infected via social engineering tricking the user into opening a file and installing an exploit via a vulnerability isn't a very real possibility - You'd be stupid to argue otherwise. Bearing in mind that firewalls can also be configured on internal networks.

TLDR; If you're arguing that Windows 7 is a huge security risk due to unpatched vulnrabilities, I totally agree.
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
4,342
I'm not off base at all, you're all over the place.

Of course the device is networked, why would you open ports if the device wasn't networked? What I'm saying, and I believe what B00nie is saying, is that ports can be open to WAN and if there's no active listening server on the other side you won't even be able to see the open port in a port scan and you definitely won't be able to force data through that open port via the WAN even if you could.

In terms of the internal network, I don't see anyone arguing that a Windows 7 machine infected via social engineering tricking the user into opening a file and installing an exploit via a vulnerability isn't a very real possibility - You'd be stupid to argue otherwise. Bearing in mind that firewalls can also be configured on internal networks.

TLDR; If you're arguing that Windows 7 is a huge security risk due to unpatched vulnrabilities, I totally agree.
I'll just point out that people have way to much trust/faith in their SOHO routers. You can setup a great security scheme on them, but ultimately they are fairly vulnerable devices themselves. Sure, it'll stop nmap's and other average bad folks on the internet, but they can be broken into. People also screw up and put other devices on the network that end up making their great security policies on the firewall/router useless. Finally, you can't stop idiots from clicking things they shouldn't, and a windows 7 box makes it even easier.

Only way i'd be running something like Windows 7 at this point is if it were on a closed network/stand-alone with zero access to the internet.
 

Shikami

Gawd
Joined
Apr 5, 2010
Messages
792
As for networking, putting your faith into any packet that traverses is THE issue. The astute mind of administrating is very-very-very taxing. But what can be more taxing are the concepts, these paradigms, that are so full of shit that I just cannot wait for the paradigm shit bubble to explode in peoples faces when they find out how compromised or how programmed they were after the paradigm shift occurs. For instance, I always laugh when someone will say Linux is safer or non-hackable, when it is the most hacked. What'cha think about that root privilege bug that has been around for 15 years https://www.bleepingcomputer.com/ne...nel-bugs-let-attackers-gain-root-privileges/? How about the damn Mac'diot? That shit has been compromised for years and years, and so many were in denial. Always loved the illogical arguments about Mac "it's" whatever from someone that had nothing but commercial propaganda bullshit marketing spewing from their mouth. I do like to see the Windows 7 < or > Windows 10 security bullshit from time to time. They are ALL compromised in some way or form, and the astute will treat everything as such and mutating as such, especially in the days of now. Guys, you even have the Fed's telling you to VLAN everything! But costs, knowledge, complexity....sigh.....I do miss the simple Vic 20 and the interesting phreaking days of old.

Love the UPnP argument, when most do not know about NAT and how you open a flood gate after that egressed packet(s). Most utilized firewalls by users are nothing much and full of holes, and usually are nothing but simple SPI and ingress basics. How about the recent NAT Slipstream 2.0 attack? Yes there was v1.: https://www.armis.com/resources/iot...all-internal-network-devices-to-the-internet/.

This is such a complicated subject matter. But know this, if you think one thing is secure, or is better at X-you do not know shit. And those that do, or even do not are working everyday to find a way to know how to compromise you. Even the act of trying not to be on some database or networking telemetry is impossible now, and even avoiding such can still create data about you through others. OH! Just wait for 802.11bf! https://www.theregister.com/2021/03/31/wifi_devices_monitoring/. Man, Dick was right.

Basically when it comes to security, a lot of people need to empty their cup....and really start to re-think everything. Mostly though, the propaganda and stupid shit you have been instructed by some professor in some class that was regurgitating the same propaganda shit from a book of some unknowledgeable "whomever" needs to go. Include the business security propaganda too.

Even AMD is making headlines of the recent speculative attacks: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSF-Security-Analysis. All the while, a new Intel vector is incoming: https://www.phoronix.com/scan.php?page=news_item&px=Intel-Interconnects-Side-Chan. I wonder how much more performance loss on an Intel architecture will occur with the mitigation there?

This is one of the major super volcanic eruptions [security] that will occur, and very soon IMO. If anyone has been keeping tabs on the infrastructure attacks, and just how much we rely on them. I am not just talking about power grids and such. I mean even distribution of foods and goods. How about the most recent Facebook compromise?

The internet is going to split (https://en.wikipedia.org/wiki/Splinternet). The real security paradigm is about to POP, and shit is about to really get real on how much everything is driven via "modern" means and just how affected we will all be. But you know what I laugh about more, is how the concept of the Internet was via the DoD model and it was meant to sustain particular physical attacks for communication to still take place. But yet, we get one fucker with a garden hoe that can take out almost the whole East Coast of America......and people are freaking out that they cannot watch Netflix........can you not get the point yet?
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
As for networking, putting your faith into any packet that traverses is THE issue. The astute mind of administrating is very-very-very taxing. But what can be more taxing are the concepts, these paradigms, that are so full of shit that I just cannot wait for the paradigm shit bubble to explode in peoples faces when they find out how compromised or how programmed they were after the paradigm shift occurs. For instance, I always laugh when someone will say Linux is safer or non-hackable, when it is the most hacked. What'cha think about that root privilege bug that has been around for 15 years https://www.bleepingcomputer.com/ne...nel-bugs-let-attackers-gain-root-privileges/? How about the damn Mac'diot? That shit has been compromised for years and years, and so many were in denial. Always loved the illogical arguments about Mac "it's" whatever from someone that had nothing but commercial propaganda bullshit marketing spewing from their mouth. I do like to see the Windows 7 < or > Windows 10 security bullshit from time to time. They are ALL compromised in some way or form, and the astute will treat everything as such and mutating as such, especially in the days of now. Guys, you even have the Fed's telling you to VLAN everything! But costs, knowledge, complexity....sigh.....I do miss the simple Vic 20 and the interesting phreaking days of old.

Love the UPnP argument, when most do not know about NAT and how you open a flood gate after that egressed packet(s). Most utilized firewalls by users are nothing much and full of holes, and usually are nothing but simple SPI and ingress basics. How about the recent NAT Slipstream 2.0 attack? Yes there was v1.: https://www.armis.com/resources/iot...all-internal-network-devices-to-the-internet/.

This is such a complicated subject matter. But know this, if you think one thing is secure, or is better at X-you do not know shit. And those that do, or even do not are working everyday to find a way to know how to compromise you. Even the act of trying not to be on some database or networking telemetry is impossible now, and even avoiding such can still create data about you through others. OH! Just wait for 802.11bf! https://www.theregister.com/2021/03/31/wifi_devices_monitoring/. Man, Dick was right.

Basically when it comes to security, a lot of people need to empty their cup....and really start to re-think everything. Mostly though, the propaganda and stupid shit you have been instructed by some professor in some class that was regurgitating the same propaganda shit from a book of some unknowledgeable "whomever" needs to go. Include the business security propaganda too.

Even AMD is making headlines of the recent speculative attacks: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSF-Security-Analysis. All the while, a new Intel vector is incoming: https://www.phoronix.com/scan.php?page=news_item&px=Intel-Interconnects-Side-Chan. I wonder how much more performance loss on an Intel architecture will occur with the mitigation there?

This is one of the major super volcanic eruptions [security] that will occur, and very soon IMO. If anyone has been keeping tabs on the infrastructure attacks, and just how much we rely on them. I am not just talking about power grids and such. I mean even distribution of foods and goods. How about the most recent Facebook compromise?

The internet is going to split (https://en.wikipedia.org/wiki/Splinternet). The real security paradigm is about to POP, and shit is about to really get real on how much everything is driven via "modern" means and just how affected we will all be. But you know what I laugh about more, is how the concept of the Internet was via the DoD model and it was meant to sustain particular physical attacks for communication to still take place. But yet, we get one fucker with a garden hoe that can take out almost the whole East Coast of America......and people are freaking out that they cannot watch Netflix........can you not get the point yet?
You have a really hard time understanding the difference between a LOCAL attack versus a remote one. If someone has a local access to your linux server you're already failed in a big time. Windows is having hundreds of open REMOTELY exploitable exploits, often unpatched as in the case of Windows 7. Calling linux "the most hacked" just made you lose all your credibility in once sentence. Linux runs the root servers of internet. It is _not_ the most hacked. Windows is.

Your NAT attack exploit requires someone to click on a malicious link. Gee whiz, really? Paint me shocked if doing such a thing opens a remote attack to the network. Of course when using linux, clicking a malicious link tailored for Windows does nothing to your system.
 
Last edited:

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
As for networking, putting your faith into any packet that traverses is THE issue. The astute mind of administrating is very-very-very taxing. But what can be more taxing are the concepts, these paradigms, that are so full of shit that I just cannot wait for the paradigm shit bubble to explode in peoples faces when they find out how compromised or how programmed they were after the paradigm shift occurs. For instance, I always laugh when someone will say Linux is safer or non-hackable, when it is the most hacked. What'cha think about that root privilege bug that has been around for 15 years https://www.bleepingcomputer.com/ne...nel-bugs-let-attackers-gain-root-privileges/? How about the damn Mac'diot? That shit has been compromised for years and years, and so many were in denial. Always loved the illogical arguments about Mac "it's" whatever from someone that had nothing but commercial propaganda bullshit marketing spewing from their mouth. I do like to see the Windows 7 < or > Windows 10 security bullshit from time to time. They are ALL compromised in some way or form, and the astute will treat everything as such and mutating as such, especially in the days of now. Guys, you even have the Fed's telling you to VLAN everything! But costs, knowledge, complexity....sigh.....I do miss the simple Vic 20 and the interesting phreaking days of old.

Love the UPnP argument, when most do not know about NAT and how you open a flood gate after that egressed packet(s). Most utilized firewalls by users are nothing much and full of holes, and usually are nothing but simple SPI and ingress basics. How about the recent NAT Slipstream 2.0 attack? Yes there was v1.: https://www.armis.com/resources/iot...all-internal-network-devices-to-the-internet/.

This is such a complicated subject matter. But know this, if you think one thing is secure, or is better at X-you do not know shit. And those that do, or even do not are working everyday to find a way to know how to compromise you. Even the act of trying not to be on some database or networking telemetry is impossible now, and even avoiding such can still create data about you through others. OH! Just wait for 802.11bf! https://www.theregister.com/2021/03/31/wifi_devices_monitoring/. Man, Dick was right.

Basically when it comes to security, a lot of people need to empty their cup....and really start to re-think everything. Mostly though, the propaganda and stupid shit you have been instructed by some professor in some class that was regurgitating the same propaganda shit from a book of some unknowledgeable "whomever" needs to go. Include the business security propaganda too.

Even AMD is making headlines of the recent speculative attacks: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSF-Security-Analysis. All the while, a new Intel vector is incoming: https://www.phoronix.com/scan.php?page=news_item&px=Intel-Interconnects-Side-Chan. I wonder how much more performance loss on an Intel architecture will occur with the mitigation there?

This is one of the major super volcanic eruptions [security] that will occur, and very soon IMO. If anyone has been keeping tabs on the infrastructure attacks, and just how much we rely on them. I am not just talking about power grids and such. I mean even distribution of foods and goods. How about the most recent Facebook compromise?

The internet is going to split (https://en.wikipedia.org/wiki/Splinternet). The real security paradigm is about to POP, and shit is about to really get real on how much everything is driven via "modern" means and just how affected we will all be. But you know what I laugh about more, is how the concept of the Internet was via the DoD model and it was meant to sustain particular physical attacks for communication to still take place. But yet, we get one fucker with a garden hoe that can take out almost the whole East Coast of America......and people are freaking out that they cannot watch Netflix........can you not get the point yet?


Not a matter of "if" but "when" if not already right.. What is the average they say now - someone is likely in your network for 1-3 years before you may ever find out about it....

A client of ours got ransom'd - everything encrypted and I had a quick chat with a much older man in the lunch room (who turned out to be an owner I later found out) while pulling off 20 hour shifts trying to get them back up and secured with a team, "Why did we get hacked, we are too small to be a target for anyone" - How did they get in? Some tool set up a new Azure VM with RDP wide open...we know how well RDP does exposed to the internet...and they had just extended their main office network to Azure over an express route with no ACL's, nadda limiting access back.

I had to explain to them this was not a actual person sitting there behind a screen trying to get into every IP with ever port open but it is 99.999% all automated to the point the other side needs to step in to really get a foothold. it is often not until someone gets in do they realize what company they may have compromised and then they work from there.

Heck, Modern day AV I think is still only like 20-30% successful, and that is being generous, so many ways to get around AV and other protection tools now..
 
Last edited:

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
A client of hours got ransom'd - everything encrypted and I had a quick chat with a much older man in the lunch room (who turned out to be an owner I later found out) while pulling off 20 hour shifts trying to get them back up and secured with a team, "Why did we get hacked, we are too small to be a target for anyone" - How did they get in? Some tool set up a new Azure VM with RDP wide open...we know how well RDP does exposed to the internet...and they had just extended their main office network to Azure over an express route with no ACL's, nadda limiting access back.
I've already mentioned the RDP port, and basically, having the port open to thee internet with a listening server at the other end protected by no more than a password is obviously bad practice resulting in a potential major security issue.

The point people are trying to make, as far as I see it as the goal posts keep shifting, is that if you had the RDP port open and there was no Windows server on the other side of NAT listening on that port for an RDP connection, the port wouldn't even appear in a port scan and you wouldn't be able to force an attack via that port even if you could see it unless some exploit was created via the internal network and the exploit became a listening server using the RDP port.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
I agree with that, was just talking about an experience from a client on other ways they can get hit. I agreed above with my post that a NAT rule with no listening device on the other side = no access.
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
I agree with that, was just talking about an experience from a client on other ways they can get hit. I agreed above with my post that a NAT rule with no listening device on the other side = no access.
I know.

Likewise, I agree that this is the inherent issue regarding UPnP. Malware can not only be installed and create its own port to the outside world, but the user can quickly loose control of just what 'active' ports are being opened straight to the internet.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I'm not off base at all, you're all over the place.

Of course the device is networked, why would you open ports if the device wasn't networked? What I'm saying, and I believe what B00nie is saying, is that ports can be open to WAN and if there's no active listening server on the other side you won't even be able to see the open port in a port scan and you definitely won't be able to force data through that open port via the WAN even if you could.

In terms of the internal network, I don't see anyone arguing that a Windows 7 machine infected via social engineering tricking the user into opening a file and installing an exploit via a vulnerability isn't a very real possibility - You'd be stupid to argue otherwise. Bearing in mind that firewalls can also be configured on internal networks.

TLDR; If you're arguing that Windows 7 is a huge security risk due to unpatched vulnrabilities, I totally agree.
Exactly, now that w have established that the device in question, IS in fact networking, it is therefore vulnerable. Don't care about ports, behind ANY type firewall, don't care about server request. You are off base because you think I need a port open at some particular moment to compromise the DATA on that machine, or the DATA cming from that machine. Way off base if the device is wi-fi. That's not to mention some other device on the network that is ALREADY compromised. And disregarding any unkown atrtack vector, simply only existing fringe vecrtors. Never said anything specific about Win 7, other than to say it does not matter what OS or browser you use, it's vunerable. That's what led to a certain user claiming it was 100% not true, which is 100% BS.

I'll wil concede devices can be secure when networked in only one way, and that is wired LAN, with no connection to another network that has WAN, and/ or all data is encrypted by no common key (VPN service), from each point with no decrypt enroute, and all non-encrypted data is rejected. That does not protect against social of course, nore any files aquired that are already compromised and introduced into the network. Which let's face it, that's what we use computers for, it's going to happen, unless said network desires no software updates, and has no need to access the web. So maybe a network of research devices or compilers? IDK, but pretty useless for anything else but gaming. What else do we use computers for? We get and give data to them, that's the purpose of computing.
 
Last edited:

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
Exactly, now that w have established that the device in question, IS in fact networking, it is therefore vulnerable. Don't care about ports, behind ANY type firewall, don't care about server request. You are off base because you think I need a port open at some particular moment to compromise the DATA on that machine, or the DATA cming from that machine. Way off base if the device is wi-fi. That's not to mention some other device on the network that is ALREADY compromised. And disregarding any unkown atrtack vector, simply only existing fringe vecrtors. Never said anything specific about Win 7, other than to say it does not matter what OS or browser you use, it's vunerable. That's what led to a certain user claiming it was 100% not true, which is 100% BS.

I'll wil concede devices can be secure when networked in only one way, and that is wired LAN, with no connection to another network that has WAN, and/ or all data is encrypted by no common key (VPN service), from each point with no decrypt enroute. That does not protect against social of course, nore any files aquired that are already compromised and introduced into the network. Which let's face it, that's what we use computers for, it's going to happen, unless said network desires no software updates, and has no need to access the web. So maybe a network of research devices or compilers? IDK, but pretty useless for anything else.
I'm over this discussion, it's all over the place. Go yell at the wall or something.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I'll just point out that people have way to much trust/faith in their SOHO routers. You can setup a great security scheme on them, but ultimately they are fairly vulnerable devices themselves. Sure, it'll stop nmap's and other average bad folks on the internet, but they can be broken into. People also screw up and put other devices on the network that end up making their great security policies on the firewall/router useless. Finally, you can't stop idiots from clicking things they shouldn't, and a windows 7 box makes it even easier.

Only way i'd be running something like Windows 7 at this point is if it were on a closed network/stand-alone with zero access to the internet.
Or if you just don't use the Win 7 device for anything critical to your privacy, and share any data from it with any other device (isolated WAN). Then it's just a gaming box, or web box, or whatever, and if it sh*s the bed, you reimage and carry on. But you must be vigilent as all hell, no Steam or other GUI layer sh*t from sh*t developers, and no accurate personal data on the web, and some IP detection mitigation of course.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I'm over this discussion, it's all over the place. Go yell at the wall or something.
How would you like to focus it? All I have heard from you and the other guy, concerns open ports. I was never focused on that, I made a broad general statment when he started on about ports and sniffers, which are old hat. You got a port behind a firewall,G4U. I did make it clear I would not proliferate any info about the other means, and I hold to that. These people are criminals, and the equivalent to cyber Peeping Toms or worse, mostly worse (most are artistic intellectuals though). I will not provide more text to the algorythms, for any interested parties to discover. Suffice it to say, you can spend some time scouring the "underbelly", and discover your ignorance, as I once did (and still do on occasion), or simply enjoy your false sense of security. Which is probably just fine for 99% of users, since they don't have anything of interest on their devices, to those capable of defeating a firewall. Which I basically stated previously.
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
I don't want to focus it, it's common sense.

Is Windows 7 secure? No it's not. It's that simple.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I don't want to focus it, it's common sense.

Is Windows 7 secure? No it's not. It's that simple.
To which I replied, no OS is secure. Do you disagree? More secure? Of course there are. But it's only a matter of desire and commitment of an attacker.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I'll just point out that people have way to much trust/faith in their SOHO routers. You can setup a great security scheme on them, but ultimately they are fairly vulnerable devices themselves. Sure, it'll stop nmap's and other average bad folks on the internet, but they can be broken into. People also screw up and put other devices on the network that end up making their great security policies on the firewall/router useless. Finally, you can't stop idiots from clicking things they shouldn't, and a windows 7 box makes it even easier.

Only way i'd be running something like Windows 7 at this point is if it were on a closed network/stand-alone with zero access to the internet.
Maybe thay should put their NAT.....behind a NAT.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Exactly, now that w have established that the device in question, IS in fact networking, it is therefore vulnerable. Don't care about ports, behind ANY type firewall, don't care about server request. You are off base because you think I need a port open at some particular moment to compromise the DATA on that machine, or the DATA cming from that machine. Way off base if the device is wi-fi. That's not to mention some other device on the network that is ALREADY compromised. And disregarding any unkown atrtack vector, simply only existing fringe vecrtors. Never said anything specific about Win 7, other than to say it does not matter what OS or browser you use, it's vunerable. That's what led to a certain user claiming it was 100% not true, which is 100% BS.

I'll wil concede devices can be secure when networked in only one way, and that is wired LAN, with no connection to another network that has WAN, and/ or all data is encrypted by no common key (VPN service), from each point with no decrypt enroute, and all non-encrypted data is rejected. That does not protect against social of course, nore any files aquired that are already compromised and introduced into the network. Which let's face it, that's what we use computers for, it's going to happen, unless said network desires no software updates, and has no need to access the web. So maybe a network of research devices or compilers? IDK, but pretty useless for anything else but gaming. What else do we use computers for? We get and give data to them, that's the purpose of computing.
If you don't understand that wifi uses the TCP/UDP protocols and network ports just as regular ethernet does, you should stop writing now and go to learn basics. You're shaming yourself dude.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
Maybe thay should put their NAT.....behind a NAT.
Double NAT does not solve security issues. Because the chances are that same person is using the same brand or model for the 2nd device, which likely also has the same potential exploits someone used to get into the first device anyways, if they came in from the WAN side. Assuming they did not get in due to poorly written exploitable code / application that was on the other end of that NAT rule
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Double NAT does not solve security issues. Because the chances are that same person is using the same brand or model for the 2nd device, which likely also has the same potential exploits someone used to get into the first device anyways, if they came in from the WAN side. Assuming they did not get in due to poorly written exploitable code / application that was on the other end of that NAT rule
I was joking.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
Yes but Windows 10 is still being actively patched, Windows 7 is not as it is out of support. I think MS has only released 2 very very critical patches for Windows 7 in the last year or so. Otherwise things like browsers wont even run on them past certain versions.
 

Master_shake_

Fully [H]
Joined
Apr 9, 2012
Messages
17,287
Yes but Windows 10 is still being actively patched, Windows 7 is not as it is out of support. I think MS has only released 2 very very critical patches for Windows 7 in the last year or so. Otherwise things like browsers wont even run on them past certain versions.
HAHAHAHA no...

The top ten list you linked were from 2010-2015.

And were never patched.

You have way to much faith in microshit.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
19,997
Who said I have faith in them? Way to make assumptions. The fact is Windows 10 is still actively patched - Windows 7 is not.
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
4,342
It's more than just being actively patched. Windows 7 also has some gaping default policies that make it easier to crack as well, if you can step around inside the network. Windows in general has some massive potential vulnerabilities out of the box, that Microsoft really didn't actually address until Windows 10. The standard build Windows 10 Home that almost everyone is running is fairly locked down & secure, without having to mess around with changing registry keys & group policies.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
It's more than just being actively patched. Windows 7 also has some gaping default policies that make it easier to crack as well, if you can step around inside the network. Windows in general has some massive potential vulnerabilities out of the box, that Microsoft really didn't actually address until Windows 10. The standard build Windows 10 Home that almost everyone is running is fairly locked down & secure, without having to mess around with changing registry keys & group policies.
As long as you consider sending your meta data to MS, "locked down & secure".
 

Eulogy

2[H]4U
Joined
Nov 9, 2005
Messages
2,279
As long as you consider sending your meta data to MS, "locked down & secure".
I'm curious, because I see a lot of people say things like this.
Can you tell me, without googling, what "meta data" even is? And further, can you tell me, very specifically, all of the data that MS receives from W10?
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
4,342
As long as you consider sending your meta data to MS, "locked down & secure".
Yes, actually. You do realize that Microsoft Azure does hosting for the CIA, among other organizations, correct?
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Yes, actually. You do realize that Microsoft Azure does hosting for the CIA, among other organizations, correct?
That's very comforting, now if I could just have control over my data on MS systems, that would be great. I don't care that a division of the sh*ttiest tech company on earth, hosts data for the sh*ttiest deep state orginization on the planet. What's your point? That they collect your data, but it's OK, because it's supposedly secure? You must have rug burns on your knees, and no gag reflex, with logic like that. Research Thinthread and try to imagine what algorythms used in conjuction with meta data can acheuive. Predication and manipulation of your behaviour is their ultimate goal, and to some extent, they have acheived this.
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I'm curious, because I see a lot of people say things like this.
Can you tell me, without googling, what "meta data" even is? And further, can you tell me, very specifically, all of the data that MS receives from W10?
I don't need to "google" anything, I wouldn't use google anyway.

Meta data is undestood to be easily collected data, not content per say. Such as dates and times, locations and durations of comms, IP addresses, etc...which can be stored without needing Petabytes of space, even though petabytes are being used. Because actual content is being collected and stores as well, to be used at will to investigate behaviours of specific targets. Used in conjuction with A.I., meta data can track and monitor a group of targets in present or the past, and look for specific behaviours to flag individuals for whatever parameters the user desires. If the A.I. were to have enough time and adaptability, it could essentially predict behaviour of a given target it has aquired the proper meta data for. And once prediction is accurately acheived, manipulation is then possible with enough control over the sensory input of the target.
 
Last edited:

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
4,342
Trust me, they're glad you're still using Windows 7. They don't need Windows 10 telemetry data to already know everything about you.
 

Eulogy

2[H]4U
Joined
Nov 9, 2005
Messages
2,279
I don't need to "google" anything, I wouldn't use google anyway.

Meta data is undestood to be easily collected data, not content per say. Such as dates and times, locations and durations of comms, IP addresses, etc...which can be stored without needing Petabytes of space, even though petabytes are being used. Because actual content is being collected and stores as well, to be used at will to investigate behaviours of specific targets. Used in conjuction with A.I., meta data can track and monitor a group of targets in present or the past, and look for specific behaviours to flag individuals for whatever parameters the user desires. If the A.I. were to have enough time and adaptability, it could essentially predict behaviour of a given target it has aquired the proper meta data for. And once prediction is accurately acheived, manipulation is then possible with enough control over the sensory input of the target.
Ok, thanks. You have no idea, basically :)
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Ok, thanks. You have no idea, basically :)
I better idea than you it would seem. Meta data is simply non-content data, meaning evrything that's not in the contents of the communication. That's what it's always been to people that collect it and use it. From the prefix "meta", non-associative, the stuff you don't pay attention to in your comms, that's a part of the data associated with your comms but not associated with the content. As in dates and times the comm took place, the GPS location of a photo, the IP address where you send data, who received it, etc...

Oh, and we don't know all the data MS collects, they claim it's only non-personal identifiying, but I know at one time Win 10 had a key logger phoning home to MS servers.
 
Last edited:
Top