Do you use Windows 98/ME anymore?

[garretthylltun]

Don't count out Windows 95 through ME just yet. There are a lot of people
and businesses out there that have never had the need to upgrade to XP
or anything else and continue to run one of the old Windows versions.

There are even still many users out there running Windows 3.1, or even
just plain old DOS.

I personally have 3 PC's at home that still run Windows ME, and the reason
is, because there's just no need or reason to upgrade them. There are
no benefits of features or security to gain on these PC's by trying to stuff
XP on them. They're about as secure as any other PC out there, and
they all run just fine as is and are still just as capable as any other
computer out there. If it's not broken, don't fix it.

The adoption rate of Vista is not going to be as great as being touted in
the media either. Many just do not see any benefit of upgrading to Vista
and refuse to pay so much money in order to upgrade their computers to
be able to handle Vista, so they'll stick with what they've already spent
enough money on, and have setup the way they already like.

[Baldrick]

I am still running an old Toshiba 300Mhz notebook with W98.
This is not really by choice. It is more a case of I need the DOS mode to support several different hardware systems in which the manufacturers have no intention of updating.
Offhand I can only think of 1 system I am keeping maintained which runs under W98. It runs using Rs485 communications protocols & was discontinued a few years back in favour of a system running TCP/IP. But due to the large size of this system & an upgrade cost in excess of $100K for the company using it, I will be supporting this 1 for a couple of years yet. { They are currently budgeting to upgrade to the newer system within the next 2 years }

[Tipperton]

I haven't used any of the Windows 9x/ME series since I upgraded to Windows 2000 when it was released in March or April of 2000 except in Virtual PC for testing purposes.

About a year ago I decided that if I could get back into writing and selling my own software I wasn't going to support any version of Windows below 2000 so I deleted my 95, 98, ME, and NT4 virual machines and their files.

The way I look at it, the number of people still running those versions of Windows make up such a small part of the market that what few extra sales I might make to them wasn't worth the cost of supporting those old versions of Windows.

I still have the CDs for all those versions of Windows but I seriously doubt they will ever be used again. At least not by me anyway....

[Mike Stefanik]

I personally have 3 PC's at home that still run Windows ME, and the reason is, because there's just no need or reason to upgrade them. There are no benefits of features or security to gain on these PC's by trying to stuff XP on them. They're about as secure as any other PC out there, and they all run just fine as is and are still just as capable as any other computer out there. If it's not broken, don't fix it.

I really have to take issue with that. Windows 95/98/Me is not as secure and people who continue to use those old versions of Windows and are connected to the Internet are prime targets for attack. Those operating systems are broken. The fundamental architecture of those systems is the same as Windows 3.1 was, with idea that they would primarily be used on stand-alone systems, and not connected to a global network. Security is absolutely laughable on those platforms, and I don't care how many anti-virus products you install. Lipstick on a pig doesn't make it any prettier.

If you've worked extensively with Vista, you'd also understand why it is a significant step forward for security. Most people associate it with the UAC dialogs, but it's actually a lot deeper than that. It's more difficult to get rootkits installed on the 32-bit version, and virtually impossible on the 64-bit version with PatchGuard. No longer can processes do things to try and "hijack" other processes like injecting code into another process, installing system-wide message filters or using journal hooks. All of that, out the window.

Frankly, I would no sooner go back to Windows XP than I would go back to Windows 3.1.

[Nik]

I must admit that I also think using Windows < 2000 today is prity risky. I had to use an installation some days ago and got to see my first Bluescreen in the last 7 years... Since I'm a Linux/Mac user I don't care for Vista though.

[PB]

> people who continue to use those old versions of Windows and are
> connected to the Internet are prime targets for attack

Depends. If a two-way firewall is installed, and the user is selective about
what they download, and which browser they use, then an attack is highly
unlikely to occur. An attack always needs an entrance point, and there are
effective ways to block those points on 98/ME.

> Lipstick on a pig doesn't make it any prettier

I don't agree with that analogy. It's not a case of making 98/ME prettier;
it's a case of shutting the door instead of leaving it open, and not letting
strangers in when they knock.

> No longer can processes do things to try and "hijack" other processes
> like injecting code into another process

So things like game trainers can no longer be used with Vista? Bah!

> installing system-wide message filters or using journal hooks.
> All of that, out the window.

Vista will probably stop applications from opening invisible windows next,
to prevent apps from secretly running in the background. Sounds like
Vista is locked down so tight that a lot of useful apps will no longer be
compatible with it, which is a shame. Microsoft has become so paranoid
about security that they're going to end up wrecking everything.

[Mike Stefanik]

If there is a lesson to be learned from the past 15 years or so, there is no such thing as being "too paranoid about security" because everyone is out to get you. To think otherwise is to live in a dreamworld that is not only dangerous to you, but to others.

It's not that Microsoft has gone too far. They haven't gone far enough, and they've been too slow about getting to where they are now. What they've just done in Vista they should have done years ago with Windows NT. And the abominations known as the Win9x hybrids should have never seen the light of day. What was Windows 95 really should have been Windows NT 4.0. If the kids want to play games, well, that's what Playstations and XBoxes are for. In my opinion, of course.

[Nik]

The thing about security from my perspective is, that you have to be selective. For every computer the highest rule shoulkd always be to obey it's master That doesn't mean users in general but the admin and everone the admin likes to trust. And that's what I like about Unices like Linux, if you are root tthe system will do what ever you tell it to, it won't annoy you with some random message but follow your orders. On the other hand the system will tell you not to run as root if you don't have to and warn you when entering root mode that it will from then on let YOU care about sense. That is what makes Vista inferior, it puts it's master into chains forbidding him to copy files because of copyright, restricting you from memory access and so on. I mean that's like a kitchen knife which becomes a tomato when you want to kill someone, not that you should do that, but it's the human who should decide what is right and what isn't it's non of the weapons business. A computer has to stay a tool like a knife, it may warn you or remind you when you try to do something it doesn't believe to be right, but nothing more.
In Vista things are simply taken to far, in that the master of the computer on your desk is no longer you (the owner) but the people at Microsoft. Did you know they can now deactivate drivers remotely, that means if you are running a driver for some hardware, and this driver isn't signed correctly they can and probably will shut it down from Redmond, and you won't be able to do anything against that, since if you coulld a driver in kernel space could easily copy a file without touching it's DRM.

btw: This doesn't seem to help people do serious work, does it?

[Mike Stefanik]

An unsigned driver wouldn't get installed in the first place under normal conditions, so yes, if there is one the operating system should disabled it. And if there's found to be a driver out there that is hostile or meant to defeat aspects of the security system, then they should be able to revoke the certificate if necessary and disable it.

Earlier versions of Windows aren't like a knife. They're like a bazooka, with a hair-trigger. You're just as liable to blow off your own legs than use it correctly -- or perhaps more importantly, blow up your neighbor's houses. The reality is, most typical end-users are so incredibly clueless about security that they need to be protected from themselves -- and we need to be protected from them too. Their right to use an insecure, unprotected system with security features that are easily subverted or disabled stops at the router that connects them to the rest of the Internet.

If you want to run around with your "knife" in your own kitchen, that's your business. But when you're out in the street and run into me, that damned well better be a "tomato" in your hands, or you and I are going to have a problem.

[GeoTrail]

I voted rarely.

I think Win9x users have gotten used to new software and hardware no longer being compatible with their OS. Personally I don't think about Win9x when I code something. But it's nice to get feedback from the Win9x users when my code also works on their machine even though it is mainly written for NT based OS.

[Nik]

^^
That's why I use Linux, it's like a sniper rifle, hard to handle, but it's deadly as hell and precise like a swiss army knife.

And as you said, there are consoles for playing games, that's also why I absolutely don't care wether Linux does support games (though due to it's realtime capability and fast sheduling it maybe technically superior with the right hardware support), however better driver support would be great, since I want to be able to watch HD movies and have a nice hardware rendered dectop (Windows Users might think this is simply a toy, but since I use a Mac on a daily bases I know it really helps to do work faster).

[PB]

> What they've just done in Vista they should have done years ago

Back then most of today's vulnerabilities didn't exist... you can't protect
against what you don't know is coming or possible. Hindsight is 20/20.

[Mike Stefanik]

Back then most of today's vulnerabilities didn't exist... you can't protect against what you don't know is coming or possible. Hindsight is 20/20.

But you can forsee where something can cause problems. Allowing processes to inject code into another process? Allowing a process to install a system-wide message filter and take control of any program's user interface? The ability to specify that a DLL should be automatically loaded into the address space of every process? Things like that just scream security hole. Heck, not a hole... a gaping chasm that you could drive a truck through and anyone who spent 10 seconds thinking about it would have to acknowledge they're just incredibly bad ideas.

And of course, the folks at Microsoft aren't stupid. They knew it was an issue, but they made the choice not to do anything about it in the name of backwards compatibility. But sacrificing security on the altar of backwards compatibility is a mistake, and one that they've finally acknowledged with Vista.

When there is a conflict between security and backwards compatibility, security must win, each and every time. It's that simple. To do otherwise is both dangerous and irresponsible.

[PB]

> But you can forsee where something can cause problems

I still disagree, and here's why: Back then, nobody thought that a PLAIN TEXT
FILE could delete your hard drive. Or that an IMAGE could take over your PC.
See what I mean? Even the most plain, innocent things can turn to evil, given
enough time. The best prediction of the future is the past: so name something
"innocent" on a PC now and it could well become a security exploit in 10 years.

[Mike Stefanik]

However, because you can't forsee every risk doesn't mean that you don't take reasonable precautions against any risks. And that's what the Windows 9x hybrids were; completely open and unprotected in virtually every sense of the word.

I may not know that a 747 is going to crash into my house a week from tomorrow; but that doesn't mean that it's okay to drive a car that has no brakes and a broken clutch.