I don't know. Is it? This is a legit question, even though the tone might come across as sarcastic. But what exactly is the concern?
I guess I don't buy the "outdated operating system will be hijacked" argument, for not having received its security updates and simply being plugged in.
Let's say you have a decent NAT router that doesn't allow inbound traffic. And let's say that you run a reasonably secure web browser and that's pretty much the sum total of your internet traffic. And let's say you're smart and don't download shareware, screensavers, and the like, only trusted applications from reputable vendors. And let's also suggest that you're not using things like Outlook or other vectors for undesirable inbound junk.
What exactly is the threat model here? An operating system isn't going to get hacked over thin air. I don't see the concern, particularly if you are a savvy computer user. I wouldn't want to run grandma on this setup, but still, I feel reasonably safe with this model.
It's the same reason why I don't advocate or believe in running antivirus software. It's just bloatware and introduces an array of vulnerabilities to my computer (c.f. CrowdStrike or any AV vendor hacks).
I think most vulnerabilities you'll see now are not port attacks but browser ones. For example, there was a jpg one a ways back that has probably been in there forever. So any app you run that links with libjpg and opens that image will be vulnerable. If the OS vendor isn't patching those (win7) any more, down you go.
I guess I don't buy the "outdated operating system will be hijacked" argument, for not having received its security updates and simply being plugged in.
Let's say you have a decent NAT router that doesn't allow inbound traffic. And let's say that you run a reasonably secure web browser and that's pretty much the sum total of your internet traffic. And let's say you're smart and don't download shareware, screensavers, and the like, only trusted applications from reputable vendors. And let's also suggest that you're not using things like Outlook or other vectors for undesirable inbound junk.
What exactly is the threat model here? An operating system isn't going to get hacked over thin air. I don't see the concern, particularly if you are a savvy computer user. I wouldn't want to run grandma on this setup, but still, I feel reasonably safe with this model.
It's the same reason why I don't advocate or believe in running antivirus software. It's just bloatware and introduces an array of vulnerabilities to my computer (c.f. CrowdStrike or any AV vendor hacks).