Maybe don’t pay a company to install a rootkit on your critical infrastructure?
Technology
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
Just open up your critical infrastructure to the public Internet and you’ll get rootkits for free.
This is the "can't get a Word Document macro virus because I use the Corel WordPerfect Document type" kind of energy.
No, it doesn't, because Corel didn't buy WordPerfect until 1996.
Ah, nothing's wrong with WordPerfect, honestly. Still better than Word.
Windows 3.1? You fancy kids, and your modern operating systems! What's wrong with Windows 1.0???
Why not Quick and Dirty Operating System?
One X user suggested that the company switch to Windows XP—it’s also no longer updated, and it can run Windows 3.1 applications via compatibility mode.
Maybe that was a joke, but if anything that would reduce their security. Windows 3.1 and 95 are old enough that they can't even run most stuff from the last two and a half decades, which probably protects them. XP is just new enough, and plenty old enough, to be very risky.
They're also so old they were compiled without any modern instrumentation, e.g. stack canaries.
Reminds me of an episode of Ghost in the Shell where a hacker in a hyper-advanced cyberised society was using floppy disks as a storage medium because they were so slow.
One of the background details I liked in Ghost in the Shell was how the high-end data analysts and programmers employed by the government did their work using cybernetic hands whose fingers could separate into dozens of smaller fingers to let them operate keyboards extremely quickly. They didn't use direct cybernetic links because that was a security vulnerability for their brains.
This is both awesome and frightening for many reasons
The fact that they’re running 3.1 is not something to be proud of. They’re probably extremely vulnerable to any other attack.
Quite the opposite.
Please explain. I'll make 🍿
Microsoft's Wolverine for the TCP stack was not available until Windows 3.11. An argument could be made that these systems are defacto air-gapped as they cannot communicate with modern networking.
Youre assuming the article is using "windows 3.1" to mean the exact version of the OS, instead of just the proper name of the OS overall. That probally unlikley.
Since lacking a network stack tends to limit usability, unless the systems are intentionally air gapped they likely are on windows 3.1.1 or later. Based on Southwest extensively documented and decades long IT neglect that landed its current COO in front of Congress for a previous days long outage, i doubt the systems are intentionally airgapped, as that implies a working and well funded IT department.
Holy crap, they are serious. I though I was on !programmer_humor@programming.dev for a minute. I sure hope none of those computers are connected to the internet. There's a massive number of vulnerabilities in windows 3.1 and windows 95.
Windows 3.1 doesn't even come with a TCP/IP stack. It's actually pretty safe.
As long as that's the exact version they're using. Windows for workgroups 3.11 has networking.
Yep. I remember - despite the fact it was old even then - building and connecting a Win 3.11 machine to a TCP/IP office network as a proof of concept back in 2000 or so. I might have even installed Netscape on it. I don't remember clearly now, but I assume the parts for the computer came out of the spares pile, and were soon recycled back into other machines.
But how many people are looking for Windows 3.1 anything today?
Well I suppose now there might be more
Best feature windows 3.1 has:
... it doesn't pop up message telling you to upgrade to windows 11.
or add shitty AI tools without asking.
or constntly nag you to use their cloud storage
Plus all them decks for solitaire!!!
My windows 10 PC is telling me I don't qualify for a free Windows 11 update, so I've got that going for me.
Haha. I’ve got one of those too.
Shhh don't give microsoft any ideas
Or, for your consideration, could it perhaps be because they don't use crowdstrike?
Yeah, what? 3.1 not getting updates has nothing to do with this. Software developed for 3.1 can still be updated. This article is just silly.
The interesting thing here is wondering why they never upgraded. Perhaps managing flights digitally just hasn't changed much since the early nineties and they never needed anything else?
Likely the same reason why banks and other financial institutions still use COBOL and Fortran code written in the 1970s or earlier on archaic mainframes: Top management decided at some point it was too expensive to rewrite everything from scratch in some modern language for modern hardware, so they just limp along with what they have.
A 16-bit app written for Windows 3.x would almost certainly have to be rewritten for modern, 64-bit Windows.
While i figured the cost would be a factor, i just figured they were sticking with a system that works. If it serves their needs effectively and reliably, why change it?
Edit: answered my own question--it doesn't work anymore, and that's why it needs to be changed
It isn't even a Windows update, but a software update.
My Linux servers weren't affected either. I think it's because of Windows 3.1
My wife shared this with me yesterday, but I didn’t see it:
Somebunny is gonna learn those things aren’t windows-based today!
Windows 3.1 didn’t have the BSOD. It just froze. I remember with Windows NT 4, when we first got the BSOD, being so grateful that Microsoft decided to actually tell us that our computer wasn’t going to recover from the error. Otherwise, we’d just be sitting there, waiting, hoping it would unfreeze itself.
It never did
Are you sure? I remember a long time ago being able to trigger a BSOD by opening Windows Calculator and dividing any number by 0. And I'm pretty sure that was 3.1 or 3.11.
In fact, I remember being able to change the color of the BSOD.
As another user mentioned, the BSOD first came in Windows NT 3.51.
But it definitely wasn’t in Windows 3.1 or Windows 3.11
Windows 3.1 did have a BSOD. It wasn't always fatal, you could try to hit enter to go back to Windows, but most of the time it wasn't really recoverable, Windows often wouldn't work right afterwards.
I ran into them all the time in 3.11 on our 486 which had some faulty RAM (the BSOD would even be scrambled). If we could get back to Windows after that, it'd just be in a zombie state where moving the mouse around would paint stuff over whatever was left on screen, and wouldn't respond to clicks or keypresses.
Fun times.
🤯
This software is shit Bob! What should we do Bob?
Well Bob, we should find something compatible with shit!
Bob, I think I got it! I got this other shit software!
Genius Bob! Just Genius! 😎
Is this actually confirmed anywhere though? I keep seeing it repeated and the only 'source' is a ?xeet? .
Same, I'm pretty sure it's not true.