Why is End of Life of an OS bad for an average user?

Hucklebee@lemmy.world to No Stupid Questions@lemmy.world – 102 points –

I get that there won't be any security updates. So any problem found can be exploited. But how high is the chance for problems for an average user if you say, only browse some safe websites? If you have a pc you don't really care much about, without any personal information? It feels like the danger is more theoretical than what will actually happen.

Or... are there any examples of people (not corpos) getting wrecked in the past by an eol OS?

58

You are viewing a single comment
View all commentsShow the parent comment

This is kinda a bad argument as a regular user will not connect to the internet like this. You have a router or a carrier will have a CGN in front of your PC.

You have a router or a carrier will have a CGN in front of your PC.

Many are using ipv6 these days, so no CGNAT used. Potentially with some level of protection (particularly in the mobile case), but there isn't a 100% guarantee.

But you are still going to have some form of statefull firewall, where this video the firewall was deliberately disabled.

This is like saying I can leave my front door unlocked because we have a neighborhood watch...

The number of users connecting their PC forfeit directly to the modem or purposefully disabling all protections because they're too lazy is higher than you think.

I would suspect, hardly anyone who knows how to do that is stupid enough to do it.

Most modems/ISP routers are relatively secure by default.

Carrier operated modems are run in NAT mode so a home PC will get a RFC1918 IP address not public routable ones

I think the common use case is telephones. Attaching your old cell phone to a random open Wi-Fi network is pretty common

But this is just a demonstration, it's still applies to using the internet, interacting with the network is the danger. Not how you interact with it. Browsing websites can send exploit payloads to your outdated software.

How is CGN going to stop you from downloading some exploit? CGN as well as NAT might have some level of security but it’s by no means a firewall or anti-exploit framework.

You didn't watch the video. Give it a watch then you will understand why I said that.

Not ipv6. Sometimes it’s just routed to you depending on your router.

3 more...