581
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Jul 2024
581 points (93.0% liked)
Technology
59174 readers
2383 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
The fact that they’re running 3.1 is not something to be proud of. They’re probably extremely vulnerable to any other attack.
Quite the opposite.
Please explain. I'll make 🍿
Microsoft's Wolverine for the TCP stack was not available until Windows 3.11. An argument could be made that these systems are defacto air-gapped as they cannot communicate with modern networking.
Youre assuming the article is using "windows 3.1" to mean the exact version of the OS, instead of just the proper name of the OS overall. That probally unlikley.
Since lacking a network stack tends to limit usability, unless the systems are intentionally air gapped they likely are on windows 3.1.1 or later. Based on Southwest extensively documented and decades long IT neglect that landed its current COO in front of Congress for a previous days long outage, i doubt the systems are intentionally airgapped, as that implies a working and well funded IT department.
Just because it doesn't have TCP/IP doesn't mean there isn't networking. Networks existed before the Internet and its Internet Protocol after all. It wouldn't be so much air gapped as so archaic that only the most targeted attacks would work, and only if there is an infected PC acting as an intermediate between the Internet and ye olde network. Chances are it was never connected to the modern Internet as the technologies just aren't compatible.
Old doesn't mean secure. Those old systems have had decades since the last security patch. Even then computer security was barely a consideration for the developers.
I am not saying it is, normally old systems are the least secure. The bit you're not getting is that this system is almost certainly air gapped, just not by choice. It can't work with modern networks. It can't work with modern viruses. Any exploit a modern hacker would think to use probably doesn't exist yet. It's a bit like trying to break someone's car by putting sugar in the fuel, except they ride a horse. Do you get it yet?