What happens if you connect Windows XP to the Internet in 2024?
Vložit
- čas přidán 10. 05. 2024
- Have you ever wondered if it's true you can instantly get malware? In this video we discover how dangerous XP really is.
Follow me on Twitter - / atericparker
Disclaimer: The content in this video is for education and entertainment purposes to showcase the dangers of malware & malicious software. I do not encourage any form of illegal hacking, nor do I encourage the usage of game cheats, cracks or hacks.
Cracks are sometimes shown to highlight the dangers of software piracy, my content is not intended to teach anybody how to pirate, or maliciously hack.
More Malware Investigation Videos:
→ Cyberpunk 2077 Highly Compressed: • Video
→ The latest "NORD" Malware - Nordsecured: • The latest 'NORD' Malw...
→🧧VIRUS WARNING🧧 NEW Optifine for Minecraft 1.16 SCAM: • 🧧VIRUS WARNING🧧 NEW Op...
→ The wilkreate CZcams stealer virus that started this whole trend: • Fake sponsor DESTROYS ...
Much of the music in my videos comes from the CZcams audio library, especially this amazing music creator: / @patrickpatrikios2050 .
Outro Music
Track: Lost Sky - Where We Started (feat. Jex) [NCS Release]
Music provided by NoCopyrightSounds.
Watch: • Lost Sky - Where We St...
Free Download / Stream: ncs.io/WhereWeStarted
(C) Eric Parker 2024 - Věda a technologie
Windows XP: Spyware comes from the internet
Windows 11: Spyware comes pre-installed
windows 11 should be: i am spyware
@@sauliusvitkauskas8741
Windows 10: Spyware comes pre-installed
Windows 11: I am the spyware.
@@sauliusvitkauskas8741 That’s what he said, you just didn't get it.
fr?
Since W10 already pre-installed
Gonna be honest.. I thought you had to at least browse around and what not. Not expecting them to be able to infect you just by being online
That's the danger with old out of support OSes. On newer OSes (in my other videos) I do have to, in this one I didn't run anything manually.
it's crazy how much vulerabilities get discovered in Windows over time. There are certainly still undiscovered ones in 10 and 11
@@EricParker would I be fine on 7 with a anti virus?
@@1shadzno
@@1shadzno
this wouldn't have happened if you used Windows XP Gangster Edition
Common rookie mistake that one
The what edition
@@AI_PaulGangster edition
Windows XP Gangster Edition was discontinued in 2014. he should’ve upgraded to Windows 7 Ghetto Edition.
I run win XP sp3 on internet daily.
it runs fast as hell on 512mb ram and 1 .5 gig hd.
it NEVER spies on me or does sneaky windows crap in the back ground.
i actually have 32 gigs ram and 1.5 terabytes of ssd HD.
i use a firewall called "tiny firewall" that i've used since 2001 and i dug thru the OS years ago to shut off many services.
i know each and every folder , file and dll in win32, it would be impossible for one person to know all the os files and folders and dll's and what they do and dependencies in win 10 or 11.
it does exactly what i tell it to and NOTHING i don't ask it to- THAT my friends in never going to be the case with any windows operating system since xp and never will be in the future.
its small clean fast and MINE!
i double boot it with mint virgina and am getting used to linux now slowly but i will always love my XP!!
Lol! The way the malware instantly crashed your browser when you searched for it is hilarious.
Reminds me of league of legends old anticheat (although it would close the game if you had executables with certain names open). I'm not sure what the intention is, if I read about the malware I'm gonna think it's not malware?
Now that’s firewall
I have a malware on my pc that when i search something like "Avast Antivirus Download for Windows 11" or search for any antivirus it instantly crashes my browser.
10:47 btw
@@EricParkerprobably to block users from searching how to remove it. Maybe the malware has a vulnerability?
It makes sense. Back in the Vista days, you couldn't just use your phone to look up the malware. Single pc family? Now you can't look up how to fix it.
Things to consider:
- Windows XP is used by:
- some military operations
- as backend for machines for medical purposes (e.g. X-Ray, MRT, ...)
- as backend for CNC-machines
- as terminal backend for pos-Systems (Point Of Sale)
- as terminal backend for ATMs
- SysOps are reluctant for changes, if systems are running
- If you would change the software on some machines, they would loose their certificates allowing them to be run.
- Networking a Windows XP machine is that much more comfortable than sneaker-netting it.
If you think about it, the scan for Windows XP machines connected to the internet starts to make an awful lot of sense!
what if those get hacked
my pos system runs windows 10, can't say the same for other stores and those other devices
and on top of that, our pos's are only connected to the network for software updates, and even then still have 0 internet access
Wager treatments and water supplies too, and many many many industrial machines
@@theRealTolentino If they aren't already hit, they're all on internal closed off systems or cut off from any external devices at all. The military doesn't operate on the open web.
Microsoft extended support solely because so many machines still used XP, think the last was some commercial/developer subscription, I was surprised when I had a scan and the system was running XP I expect they could have fixed the holes in the operating system, as they still have issues now, people will always look for the backdoor no matter what.
This video is great example why router's all have a firewall built-in.
Artifact of how IPv4 does things ( NAT ). IPv6 has an actual firewall.
@@brodriguez11000 You have to have an actual firewall in IPv6 because the router issues globally routable IPs to every IPv6 enabled device. That said I do also have static private IPs on my devices too, which I use for the same reason I have static IPv4 allocations on my router.
@@DonaldDucksRevenge Why
@@alpharudiger1193 Every address unique. Every address identfiable. A chicken in every port. Two apps in every layer. Stop all the downloading
@@DonaldDucksRevenge I dont understand what you mean XD
Good thing those days are gone, now we willingly let corporations install built-in spyware in our OS’s
It's more like you pay them money for them to tell you that you don't actually control the system and by using it you're already being exposed to risk (in addition to your data exposed to breaches in their data centers)
Every time I buy a new phone or set up a new laptop or other system I diligently configure all of the privacy and security settings to make the device more secure and to protect my privacy.
Every time they update or upgrade my devices, they methodically go in and undo all of those changes.
It's like being stripped naked and shoved outdoors to expose you to the elements. They want you to be as vulnerable as possible because your data is a commodity and profit overrides every other concern.
Laughs in AME 10 / 11
Windows 10 ameliorated is the real windows. Don’t let micronuts fool you with their bad apple impersonation.
Install GNU/Linux if you don't want to
Next Vid: I travel back in time to 2009 and then I click on every ad.
Would love to do one on spy sherrif but AFAIK it's lost media.
Kinda cool how these worms just keep spreading themselves.
@@EricParker As in, make a normal clicking on only sketchy ads vid, but style it like if it's from 2009. (also, FIND DA MALWARE!!!)
@@EricParker I recall SpySheriff being part of a huge Malware collection somewhere, although I do not know if that collection still exists today
Do this!
@@Kizoky. I had spysheriff installed on a vm once, it shouldn't really be hard to find
Fun Fact: There's machines online that sniff for older windows connecting to the internet that are vulnerable and auto infect them
Oh i learned that the hard way, followed by hacking attempts on the RDP port, instantly banning the main "Administrator" account. And that's why the built-in account should be passworded, even if it's disabled by default.
@@Sypaka Hahaha yup but not many know that. There's other gnarly stuff to by-pass the password and give yourself admin over the admin :)
How do they do that? Are they periodically pinging every possible IP address just to see if there's anything new connected or something?
@@amitakartokdude just said how like 2min into the video
Pov you feed a victorian child a gas station burito
Firewalls becoming commonplace is probably among the TOP reasons computer viruses have declined so much since the 2000s. Yes, there is still tons of malware, but the days of computer worms infecting millions of PCs via the internet are (hopefully) over.
Yes that and obviously a big reason is because NAT is commonplace now.
@@papajohnscookie NAT is only commonplace on IPV4, IPV6 has no concept of NAT. All IPV6 addresses are globally routable, the only thing standing between you and the world is a firewall in IPV6.
There is an unofficial NAT for IPV6, but its use is heavily discouraged by some IPV6 purists.
Why would anyone want that to stop? I feel like we need more of that so people don't get too cocky.
- searches for a worm (2:50)
- disables the firewall
- says its unsafe
True bro
You're not supposed to notice that you jerk.
It's a shame that so many people are falling for this video. I believed it at first until the tab was pointed out to me. Bullshit
When Conhoz.exe started up MalwareBytes just said "You know what fuck this I'm going to burger king"
going for the new whopper 🔥
Conhoz - A non-malicious process (C) 2024 Microsoft Compilation
@@thatoneglitchpokemon Microsoft compilation🤪🤪🤪
@@windws7137 yes ikr lol
"Screw you guys, i'm going home" - MalwareBytes, probably
This is fake, he manually disabled all of XPs security features and then manually installed a worm 2:50 bottom right of taskbar.
Once went to a new client who said their Win 2000 server was running slow. Turns out their onsite 'expert' had put it in the router's dmz cause they didn't know about port forwards. It was running slow because everyone else in the world was running their own software on it.
on 2:50 you can see xp sp 3 worm on taskbar bruuuuuhhhh
@@pippinproductions definitely.
More people need to like so everyone will see
Windows XP is still extensively targeted, as it is still used heavily in embedded and point of sale applications, as well as systems set up once and never modified because they never stopped working.
Windows 95 would see much less malware on the internet, it's used in far fewer places as XP. There's also not as much to gain from running a bot net of Windows 95 boxes, or ransoming their disks.
What would be spicy would be an early version of Windows NT, such as 3.X or 4.0 on the open net. Those are similar to modern windows under the hood, and are susceptible to pretty much every exploit in the book for the Windows operating system, winnuker and ping of death, for instance.
my thoughts exactly. Plenty of ATMs as well, IIRC
It's also a more work to make something run on both NT and Win9x/DOS systems as it's a completely different kernel. Way more NT around, and always (since its introduction, pretty much) has been in more professional environments. And if you're trying to exploit specific vulnerabilities, it'll just be a headache.
Look at any old-timey SCO when a company's IT is messing with it, and you'll see they're running Windows XP or PE with poorly secured BIOS usually.
A fun thing to do is turn on logging on the firewall and watch the huge number of scans and probes that continuously happen. Thankfully, we have firewalls that work.
You should add a click sound - sounding like a Geiger counter.
@@mikkelbreiler8916that's a fun idea
2:50 nice browser window down there on the task bar, surely you werent doing anything with it?
worm installation
😞
the frame showing he manually installed the spyware: im about to ruin this man's whole career
God, I can hear the old-school techno beats just by seeing that Windows XP interface.
Omnibus 😅
Dreamscape!
to be honest - this was a trance music, not a techno
....but it was the best windows OS lol. Windows 3.5 for the win! XP was great but nothing fancy. It was a nice change from the garbage 7/8/whatever those funny flow bubble menu ones were.
@@nikostalk5730 🤓
I had no idea that just connecting machines with obsolete operating systems to the internet could get you malware.
It can't. He's specifically operating in a way that circumvents modern protections that are built into our routers.
@@blakecarson6555It’s funny how he specifically mentions that in the beginning of the video, but so many people in the comments still don’t get it. I guess it goes to show how little most people know about networking.
@@thecooldude9999 true. I think the only reason I know some of this stuff is because of an old Cisco networking cert. And I'm CERTAIN that I'm way behind the times nowadays, because I took that course when xp was brand new.
That's why the firewall was the single most useful thing to get turned on by default and implemented in all of our modem router combination.
thats why routers have firewalls, unlike before where all the ports on your ip address were open to the outside world
combine this with windows xp being full of security vulnerabilities, and its no surprise this can happen.
Can you explain the IE tab open at 2:53?
Why that is a forceful malware install
Can't wait 20yrs from now to see "What happens if you connect Windows 11 to the Internet in 2044?"
I'm getting a quantum computer soon in my house. So I can hack everything and ransomware everyone on earth.
Needs a unregistered hypercam watermark and some 009 Soundsystem
From what I understand the machine is in some sort of DMZ (demilitarized zone) where all of its ports and activity is exposed to the internet which is not a realistic scenario with routers unless you specifically do it.
You can use XP with internet connection perfectly fine under normal circumstances as your router doesn't expose any ports to the outside.
Even Windows 10/11 in DMZ could get infected, so this video doesn't make much sense on blaming outdated systems for that.
I was thinking the same as I use XP for streaming movies across my LAN, I imagine you can get this result on any system if you proactively open it up, i can see Eric is confused by the processes in the task manager, not knowing if they are supposed to be there or not. Would be interesting to see Dave's garage do this same test.
I most think this is not to blame old systems, but to have fun.
Also what you explained about routers is already explained in the beginning of the video.
Well, Windows 8 onwards has antivirus natively.
Even if they are connected to a DMZ, as soon as the infection attempt begins, Defender should try to act, assuming the user does not disable it, of course.
Maybe the result wouldn't be the same, just speculating...
Yes exactly. This is showing what would happen if you connected windows xp directly to the internet TODAY, as would have been the case with anyone using a dialup modem back in the day.
Today, not really an issue
It was mentioned in the video but in XP's time people were usually directly connected to the Internet. When using dial-up Internet you get assigned a public IP address directly, no router no NAT no nothing. Same was true for a long time with cable and DSL Internet. Pretty much until people started having more than one device that can connect to the Internet and the need for a router. Then came WiFi and and soon enough ISPs were just shipping modem+router+WiFi combo boxes and now everyone has an implied "firewall" in the form of NAT. That's also where DMZ became a thing, now that you have a NAT box, you need to give users a way to replicate the functionality.
And actually no a properly configured Windows 10 isn't automatically vulnerable if put directly on the Internet, or even a Windows XP machine back then. XP is so vulnerable because it's unpatched to all the new exploits that came out. These things exploit bugs in servers that Windows runs in the background for file sharing and remote desktop. A fully patched Windows 10 should have all of the known ones fixed, so it's mostly safe to expose RDP and SMB directly on the Internet, because it'll work as intended and deny access correctly. I'm not saying it's a good idea, but it shouldn't get instantly infected like XP would with its hundreds of known vulnerabilities. People do that all the time to set up game servers and stuff and remotely manage them with RDP. Just, you block off those ports from the Internet and set up a VPN server instead so you can remote in from that.
Windows 10 will be XP levels of vulnerable once it's as old as XP is today and new exploits are found. I actually ran XP directly on the Internet back then, had the firewall on as you'd expect and an antivirus. Never caught anything. The main attack vector back then was Java/Flash on websites and malicious ActiveX applets in IE, or just snuck into file downloads on sketchier sites and crap you downloaded on Kazaa/eMule/LimeWire.
The funny thing is, malware in this environment is so competitive with other malware that there are actually good reasons for the malware itself to enable and install security features and software to try to mitigate the threat to its operation posed by other malware.
A malware enabling its own anti-other viruses just to keep minding its job is the most wtf funny and worrying thing I ever heard about computers
This one was too funny with all the random obviously safe processes with totally inconspicuous names such as "ftp" and "conhoz" (published by Microsoft compilation Inc. Ltd. Corp. TM)
Yes, FTP is safe, it is a client, conhoz is oubious that it is fake, the real program is "conhost" the parent of cmd it is NOT stored in TEMP and has not this 2024 looking icon
@@MickmickWashesThings_Official it was a joke dude
@@MickmickWashesThings_Official r/woosh
@@adds-kz3oc what did he say he deleted his comment
Being a bit of a minimalist single minded freak, only doing a few things at a time, shutting excess processes down, you get the hang of who/which processes looks legit even without any programming/system admin knowledge. Buuut, the bloated operating systems coming out of Redmond nowdays makes it harder and harder to see the sus programs.
21 processes. Back when MS had lean operating systems. This was why XP was great.
Computer with no firewall gets hacked... I don't think it would matter what system you had.
LOL
I run win XP sp3 on internet daily.
it runs fast as hell on 512mb ram and 1 .5 gig hd.
it NEVER spies on me or does sneaky windows crap in the back ground.
i actually have 32 gigs ram and 1.5 terabytes of ssd HD.
i use a firewall called "tiny firewall" that i've used since 2001 and i dug thru the OS years ago to shut off many services.
i know each and every folder , file and dll in win32, it would be impossible for one person to know all the os files and folders and dll's and what they do and dependencies in win 10 or 11.
it does exactly what i tell it to and NOTHING i don't ask it to- THAT my friends is never going to be the case with any windows operating system since xp and never will be in the future.
its small clean fast and MINE!
i double boot it with mint virgina and am getting used to linux now slowly but i will always love my XP!
@@justaguy-69 damn that's cool ngl
While a Linux server with firewall disabled: No problem in 9 years
@@justaguy-69 You sound like someone who would like Arch Linux.
That's why this video has a clickbait title.
The real question is, why did you disable the firewall? and why did you search up 'xp sp3 worm'?
I guess he has no answer for that. This video is not good and spreads misimformation on the use of older versions of windows connected online in 2024
@@kevinsahm5577 Exactly!
IT professionals in the chat.
@@jamesrustle7536 Im no IT professional
Many people in the comments seem to have missed, that Eric disabled the firewall completely, no AV of any kind etc. An XP machine will be just fine, if it's firewalled, updated as far as it can be and you only open the exact port(s) that you need and only forward those on the router. I've been running a SOAP/REST web application (written in Delphi XE) on a XP SP3 VM for a little more than a decade. Why XP and not Win 7, 8 or 10? 120MB RAM used vs 800 MB RAM used, plus double CPU usage and a 6-fold increase in taken HDD space. I scan its VHD montly, with various AV scanners - nothing ever touches it. But it's protected by a Linux-driven firewall distro, behind NAT, the router exposes just 1 single port and I only allow connection to that port from specific subnets on the internet. No hacking into that, almost no way.. What Eric did, is like leaving an old luxury car, completely unlocked, all windows down, key in the ignition, on a dark city center street. It would get stolen in no-time. But once you enable the built-in security as you should (no key, lock all doors and windows etc) and add a few modern features (immobilizer, security guard etc), your car most likely won't get touched at all. So keep that in mind when watching this.
Thank you for your reply! I have always heard that the hard truth with these outdated OS's is that you won't get instantly infected from being on the internet UNLESS you have p clue what your doing, in which popular opinion suggests otherwise (though, it keeps clueless people from experimenting on these systems with no experience, so not all bad)
I wish he would have made it more clear that he made himself more vulnerable and that there were still ways to keep these systems somewhat safe-ish, rather then stroking this popular opinion, which isn't as one sided as people think it is. I hope these comments like yours get more likes!
Your comment is GOLD.
thank you. i knew i was smelling some serious bullshit.
On top of that
It's stated in the intro that the system is directly connected to open internet, not like a typical modern home setup that uses a router and nat your connection to isp wan then nat again to the internet
So it essentially has a public IP right at that computer which is a really bad idea
TBH, I don't think even windows 10/11 will survive with the same setup
It's never ok to run eol os my dude(unless it has not access to the internet at all )
Since home routers usually have tight firewalls by default, the average person is unlikely to get hit this hard. But hackers are after valuable business, not us. Businesses and governments typically have their ports open to serve legitimate users.
Unless you deliberately remove your firewall, Windows XP is not nearly this unsafe. It's still not a good idea to use it for anything you care about, but this is not a realistic representation of what the average person would experience.
what does "having port open" mean
@@shivanshshivi811 A firewall creates rules for a network and blocks communication that looks suspicious, usually if it's unsolicited. Part of this process is closing ports. You have to manually whitelist ports to open (this is called Port Forwarding) in order to allow other people to connect at any time.
If you have any other questions, Google them, I'm not your encyclopedia
@@shivanshshivi811 it means you tell your computer to listen for incoming messages but only messages that say they want to enter with a certain ’key’ number, this is the port (it’s just a number). if you have a server application, it will listen for messages on some port number. usually, in your router’s settings, you will have to set it to send messages with that port number to specifically to your computer
one thing you dont make clear is that you are connecting to internet without firewall and you have all the ports open. if you did this with a new computer and turned off the firewall you would be in danger of malwares too, since people can connect to your computer using port scanners. if you have a windows xp computer and connect to internet using your router there shouldnt be any danger
You'd only be in danger if you are running vulnerable or improperly configured software on your system
Most of ISPs give same IP Address to multiple people making exposing services impossible without tunneling unless customer asks isp to give them a dedicated IP while isn't any best practice such machine should be pretty much safe from network vectors and the only danger would be user's actions and for the browsers nobody gotta find a zero day on mypal just to get in your computer because your average folk are likely not a targeted person they would instead target more high profile people.
@@iner1_ true
Windows is so insecure it’s crazy. Like Linux is completely fine without a firewall as well you need to configure it to be insecure
@@iner1_ That's not entirely accurate. If cgnat didn't allow port forwarding at all you wouldn't have functional internet. You just can't assign your own port forwards with cgnat.
Try it on Windows 95. I wonder if there is any active malware still compatible.
Probably not, I doubt most of the Internet functions on Windows 95
I was running WinXP x64 for a couple years. I got infected by something so stupid, which actually refused to run after deploy.
@@MarioKartSuperCircuit The Ping of Death, now I remember,
@@MarioKartSuperCircuit TO be honest, I was kinda surprised to learn XP malware is still actively out there.
Why Most of them are forever in internet , they are out of controle , and no human Not using them
2:50
"xp sp3 wor ..." For what? Worm? As in forcibly installing one?
"Don't recommend channel".
You have just bought an old house. The doors are old as well, and the deadbolts are a little rusty. You think that rusty deadbolts cannot secure your house and thus you decide to remove it. Now you cannot lock a door, but still you are convinced this way you are much more safe than you were, for some reason.
The sun sets. Now it is a perfect time for thieves to rob houses, since most people are sleeping at that time, including you. Suddenly, some thieves attempt to break in your house, but then, as soon as they witness deadbolts scattered across the floor instead of being in the door, they realize the house is unlocked. Fascinated by the treasures in the house, more specifically your important stuff, they start grabbing them all and destroying your house, because why not. Then, they peacefully leave your house.
Sun rises, and you wake up. But something seems weird. Your house looks like a bomb has exploded inside. Everything feels so empty. Everything you left on the table, is gone. You get convinced it is the house's fault for letting the stuff disappear, without rethinking about your past actions, which actually costed you all your important belongings
To be clear though, you deliberately set it up to be as vulnerable as possible. I have a laptop running Windows XP with all updates and patches installed (most critically the patch against EternalBlue) and it's been a seamless experience. Surprisingly capable machine - by which, I mean, it can do 1080p video streaming!
Anyhow, even though I think it's basically safe to use, I'd still never log into anything important on it :P but it's definitely not a "connect and get pwned" situation.
Hi! No hate, loved this video, I wanted to ask about your search at 2:53 where it said "xp sp3 worm"? Are you sure you didn't just... install the malware your self and claim that you got it remotely?
manually disabling router firewalls and purposely opening all ports will do this - however, literally just having the default firewall on your router on blocks almost all attacks like this. my XP computer that i’ve had running since 2017 hasn’t been infected once just from leaving the firewall up.
thats exactly what he did
oh I am sure he did.
Yeah, this video is fake
😞
What he doesn’t tell you is that he purposefully took down his firewall
Yes that is the point of this video. To see how quickly just being connected with no protections gets you infected.
@@crescious3231 No, not at all. He was spreading misinformation about Windows XP security while disabling his firewall and manually installing a worm (2:50).
"Windows XP wor..." On taskbar... No, you definitely didn't search for Windows XP worms
I used Windows 7 as my main OS until 2022, I used WinXP on virtual machine, both were connected to the internet. I was sometimes running antivirus scans as you did tn the end of your video. But get no malwares
As an experienced IT and cybersecurity professional, I need to address several critical issues and inaccuracies in your video, highlighting why your approach is not only misguided but potentially harmful.
Recklessness:
Connecting Windows XP to the internet without any security measures is irresponsible and dangerous. No one in their right mind would do this-they'd at least have the firewall on. By performing this stunt and declaring XP dangerous online, you ignore fundamental cybersecurity practices essential for protecting systems. XP is no more dangerous than Windows 11 with all firewalls and security turned off.
Misleading Assertions:
Your claims about Windows XP's firewall and antivirus inadequacy oversimplify the issue. XP's security was appropriate for its time, and modern operating systems have evolved to counter contemporary threats. With necessary POSReady updates and other security fixes, XP can be much more secure than you show in your video, especially if additional security measures are implemented.
Technical Inaccuracies:
Your superficial malware analysis lacked depth and the necessary tools for thorough examination. This could mislead viewers about the nature and handling of malware. You failed to mention that modern viruses often can't run properly on XP, that much ransomware is incompatible, and that XP isn't filled with bloatware or default spyware like Windows 11.
Presentation Flaws:
You did not discuss the importance of legacy system management, patch management, and the role of virtual machines in safely running outdated software.
Instead of merely showing vulnerabilities, you should have highlighted best practices for securing systems, the importance of regular updates, and modern cybersecurity tools.
Additional Points:
Conducting such an experiment without proper safeguards is foolish. Contrary to your approach, I have used Windows XP securely online for years with all necessary protections in place and no infections. There are security solutions that can make XP more secure than a stock Windows 11 installation, despite its inherent vulnerabilities.
You also failed to show what happens if you do this on a newer OS. Turning off the firewall and security on any computer will cause issues, regardless of OS, especially if your router is old and many ports are open. Under the right circumstances, a Windows 11 PC could be just as vulnerable as the XP install in your video. If your experiment was conducted on a VM, it further diminishes the relevance of your findings.
In the retro community, videos like this scare potential retro gamers away with misinformation. It would be more beneficial if you clarified the misinformation and provided relevant info on how to secure an XP install rather than promoting fearmongering.
Your video could have been a valuable educational resource, but it falls short of being useful.
I love your counter argument: I always love to hear other opinions, especially if criticisms, so I can get a more full picture instead of assuming stuff and get in trouble.
If only people like you could make a video explaining the stuff with a visal guide, it would be amazing for anyone else but making videos is not that easy and this comment does a lot on its own.
Thank you, thakst peple like you who exists and choose to give their opinion instead of saying "nah, who cares, I don't want to waste time typing something nobody is gonna read". I would also have read without replying but I felt the need to let you know how grateful I was to you for sharing this pearl of IT knowledge.
(excuse me for mistakes I made, I'm not an English speaker and it's 4 AM with no sleep due to test anxiety, too lazy to check back what I wrote and use GPT to correct my stuff)
@@dubbyplaysthank you for this, I’ve personally built a lot of retro rigs so seeing the positive reaction to my rebuke is encouraging; I will eventually do a video response to further insinuate my experience.
check the taskbar at 2:50 this video is bullshit
he literally failed to download a worm directly from the vm (2:50 last taskbar tab) then moves his mouse away to download it from his real pc
@@Chromeno yeah that's similar to what happens if I try to download a worm into my real XP rig, it just doesn't work.
they're cooking you on twitter for very good reasons this is stupid
For what??
yeah it’s kind of dumb but who cares about what nerds on twitter say loooool
2:55 You have a search result open in IE here. You didn't just "leave it to cook". What sites did you visit after opening IE for the first time?
look at the taskbar, bottom right. hes manually infecting the system with a worm.
"Have you ever wondered if it's true you can instantly get malware? In this video we discover how dangerous XP really is."
I can see why many are displeased with the video... since even the description doesn't really tell you what is up. The title as well completely leaves out the "worst case, intended risk scenario".
I know it was mentioned in the video... but it's easy to miss. Kinda proven in my eyes because many seem to explain it in the comments as well.
what's funny, he most certainly installed worms manually by himself. Look at 2:50 at the taskbar....
@@bernds6587 that's a really big ratio
I remember running Windows 2000 around year 2000 and even then, I did configure it to close *every TCP port* it listens by default. Then you don't need firewall because you have zero ports open. Would work perfectly well for Windows XP, too. And yes, getting all the default ports closed is pretty hard because Microsoft practically backdoored Windows by default to make it easier to connect to LAN.
If you run WinXP today, I wouldn't be overly surprised if it gets infected with all the TCP ports closed.
and remember windows also gets backdoors for authorities, not like it matters in 99% of the cases. Can be a pain once they are public ofc but then they often are just patched out anyways.
@@Ramog1000 No backdoor has ever been demonstrated. If you think about the special government registry values in Windows registry, those are used by administrators of government office computer networks to avoid trusting Microsoft certificates and only trust their own certificates.
i really like the video is really, really interesting, i never thought about what happend if you connect XP to the internet, the malware in those days is crazy, that's why i love watching this type of videos, keep it up!
i just realized this was uploaded on my birthday lmfao, good video, i actually always wondered what happened what would happen if you were to do something like this
What is this nonsense? You've got rid of all the built-in protection mechanisms (however weak), fired up the beyond old IE and went on to browse malicious websites. I bet you can do the same with windows 11. Go on, disable the defender and the firewall (and UAC for good measure) and do the same. I'd never watch your content, but it was shoved through xda-developer news. I guess, it's time to ban them from my feed.
For the record, I have a couple of vintage XP PCs, which are perfectly fine for more than 10 years. There are proper techniques to isolate and protect them (including a couple of AV solutions that support xp to this day). And of course you would limit your browsing substantially with only known good sources.
It's just another pointless clickbait video. I wish CZcams wouldn't recommend this garbage.
Good video, I just discovered this channel. Something about it makes me think it will take off if you keep uploading consistently. Stay on the grind
My first o/s (back in the early 2000's) was XP; even running it through a DSL modem with firewall turned on, it was still a security cesspool. You didn't have to visit shady sites, viruses came wrapped in so many different ways
dunno what are you talking about, used XP since 2006 (not sure), got my own pc at around 2008, XP SP1, then SP2, then 2000 SP4, SP3, got about everything possible could be, even got "winlocker" for searching a nice p....n vid (lol), but reblocked my machine straight from it (lol) and deleted (woaahh) with no issues.
XP SP3 was not so bad at security, and Outpost Security did a powerful job to stop 85-90 troubles from being on your pc (never used since 2013-2014)
Dunno how do you get malware, i've periodically checked my non-protected XP SP3 machine with newest signature bases - and no trojans or malwares got into it, lol
Remember those days even the venerable Internet Explorer 6 used to acquire toolbars like turds on your shoe just from accessing the 'net
@@soupdragon151 Yeah, internet explorer was terrible
Why is this surprising at all? Probably the same thing would happen with any modern OS without firewall, and connected directly to the internet without router/gateway.
I'm running Windows 10 Pro 22H2 with all updates, Windows Defender completely disabled (MsMpEng.exe), firewall on, PC running 24/7 for years, no issues. Have no antivirus running.
@@doicenti9033 you are likely behind a router.
No? Like a Linux Server is completely fine being directly attached to the internet. Windows XP has RCE as a feature so what can you expect.
@@doicenti9033 You have the firewall running and most likely behind a router, what doesn't translate most ports to your PC. So in this case your computer's setup is way different than the XP shown in the video.
@@lucsoft Sure is fine, because most ports and services are closed in the WAN direction. Hopefully the SSH moved from the default port too! :D
0:39 People like me used a router before it was a "requirement". Nowadays ISPs give a modem/router combo with a built-in firewall. Setting up DMZs to stream movies with people or play LAN games online with Hamachi, Tunngle, etc was a lot of fun. 10-20 years ago people thought you were magic for being able to watch a movie stored on one PC from another
>turns off firewall
>exposes computer to the entire internet
>gets virus
>WHAAAAAAAAAAAT
Who would ever have thunk it I KNOW lol this video is click bait
It's a stupid clickbait video with a stupid title.
I think nowadays, much more danger ,than EOL is EOB(end of brain) syndrome,
But better don’t trust me, I’m just a little, alone hater. ;-P
A better question is - why would you need a firewall to begin with? Why does XP come with software that listens for incoming traffic by default? Also, the video is entertainment.
@@DanielBeecham I'm not sure what you mean... are you saying windows should disable P2P connections entirely? that is kind of the foundation of the entire internet.
well, the title is a bit missleading: you are not just connecting it to the internet but rather exposing it to the internet. if you would do this without a public ip (wich is normally the case btw.) nothing really would happen. there would only be a risk if a pc on the same network would have it's own public ip.
look at 2:50 on the task bar he downloaded a worm and infected the system manually
how do you use the internet without a public ip
Wild that I find this video while setting up my childhood VM with XP, lol. I'm not too worried, but I'll be sure to keep it as secure as possible. Malware is a part of my childhood that I DON'T wanna re-experience.
Came here from PCGamer and SomeOrdinaryGamers, btw.
I love this sort of thing! Can you run some other outdated systems, what happens if you connect MS-DOS to the open web? Are there any linux distros that are known for vulnerabilities that get attacked when they connect online too? Really enjoy your voice too, it's soothing!
I know for Malwarebytes has scan rootkits disabled by default in their settings. So it seems as why Malwarebytes is not detecting the actual problems causing all of that to run at startup. I guess for the rootkit case it doesn't want to uninstall a "rootkit" that isn't one or some crazy bizarre anti-cheat that accesses Dom 0.
I noticed this recently, why isn't it on my default.
Whos here bc of mutahar?
No i just like eric, didnt know muta made a video on him
@@Creeperfun12k
@@Creeperfun12yapper
ur yapping@@xslite300
windows 95 sounds like fun
And Windows98SE would also be interesting. :)
What is a real trip is starting with MS DOS, then Windows 3.1, Win 95, Win98, Win98SE, XP, Win7, and so on. Install sequentially on the same box and watch the evolution of the screens and options.
Remember the whole world came up the mountain through this path.
Win3.11 (networking) was my first encounter with Windows being used commercially. It crashed every now and then but could be rebooted very quickly. You can still find this old stuff around.
DOS installed from three diskettes.
Windows 95 installed from 11 diskettes.
Then the growing software came out on CD.
Wow. This is so cool! I love how you investigated what was happening and tried to get the information about these obscure pieces of malware. You should try to reverse engineer these and make some write ups!
Amazing video, was thinking of doing this at some point, looks like it's not too different from connecting windows XP to the internet in its hayday without an antivirus. In an ever changing world Windows XP provides a feeling of home for those of us who grew up with the internet before everyone was on it. :D
Do it with Windows 11. I always install it with internet connection but now I´m paranoid
@@yeltsinreyesblandon7362 I had to redo a few systems that were Windows 11… You cannot set them up without Internet connection unless you get the fancy command prompt incantation and boot sequence.
@@yeltsinreyesblandon7362 its because in this video he opened every single port, completely disabling the firewall, similar to connecting your computer directly into the modem. on modern windows versions there is actual security in place to prevent that, but of course not on windows xp with its default settings
Hello Leo! 😄
@@yeltsinreyesblandon7362 As long as you:
Don't disable your router's firewall
Don't disable your PCs firewall
Don't disable microsoft defender
Don't run an incredibly outdated version of w11
then you're still not safe from malware because Windows 11 itself is malware. Switch to linux if you care about avoiding malware
When I got back into computer a little over 15 years ago. Another tech was loading a fresh install of Windows 2000 server and it started crashing. So he asked me to come upstairs and see what it was crashing. Upon watching it load up. I noticed it did something that told me it was being infected asap. He was plugged into a network provider that was a wisp and there security they had was garbage. I put a router between the two and problem solved. Great video and I forgot about some of those tricks. The malware closing the anti-virus and other clean up tools. Machines was getting infected so fast. The place I worked at was accused more than once of doing it just to get more money. At bad caps to that. Nobody wanted a PC anymore.
Wow I check your channel after a few days and your up 3k subs? Well deserved!
This is amazing how do you not have more subs please keep up thr amazing work!
Pay attention people. He says he Purposely set up the network to bypass safety features, These same bypasses will allow your windows 11 pc to blow up in the same/similar fashion. I still have an XP computer I use daily. Totally safe and fine and been up and running stabile for years. What I personally would find amusing is if this Streamer didn't run this VM sanboxed and it actually has access to his network. oooops.
Now I want to see what would happen if you connected Windows millennium edition to the internet.
God I'm old.
It would probably crash before you even got started good 😅
Super interesting video! I've fiddled around with legacy OS's such as XP in virtual machines for many many years. But, with the way that network security and virtual machines have evolved, I've never thought about how interesting it'd be to see what happens when you truly let the juice get loose. Is this SP3 you're running?
ah the joys of updating your os with a cd rather than a huuuge dl because the dl would have taken an age on a 56 kbps modem.
I still have some memories regarding connecting unprotected XP to the internet. I think I was about 12-13 years old at the time, and I was trying to get my cousin's computer fixed. So I decided to do what I knew best, which is reinstall Windows - but the only disc I had on hand was a SP-less Windows XP, so I used that. It took *seconds* after connecting to the internet, the desktop was already filled with all sorts of shortcuts and the entire computer froze like a minute later. Pretty sure some of these icons lead straight to prn, or they pretended to (now that I think about it, some of these shortcut icons might have been my first exposure to this kind of content...).
I panicked and told my cousin to call a proper IT guy to get it done 😶
As you've got Security Center I'm guessing this is the Service Pack 2 edition of XP. Curious to know what'd happen if you ran the OG/unpatched release back from 2001 ? I imagine it'd just like my first week at uni when we all plugged our laptops into our room network ports: Within an hour we all got hit with Sasser and our systems would randomly restart all throughout the day 😆
Congrats on 7k subs :D
A very good video. There is only one thing that was slightly confusing, unless I simply took what you said the wrong way somehow. It seemed like you were claiming that back in the Windows XP days, that there was no way to put a computer behind a hardware firewall, and that the only way to run Windows XP was to directly connect the modem to the computer that Windows XP was running on. If I am understanding that right, all I have to say is that is incorrect. I've been online since 1994, and right when I switched to a broadband connection, I was running a hardware router with configurable firewall (port forwarding, blocking, etc, etc, etc). I've run a variety of BBS Servers (Renegade BBS, Telegard BBS, Mystic BBS and Synchronet BBS) as well as web servers (Apache, and some others) as well as FTP servers, and -- you get the idea. I used a Dynamic DNS service in order to keep track of my ip address so that my domain name was kept current and pointed to my hardware router. While it is true that MOST PEOPLE were indeed plugging the broadband modem directly into one computer, the more tech savvy of us were using hardware routers and running servers from home. That is a different idea than the claim that it wasn't possible to run a hardware router back then, and that plugging the modem directly into the machine was allegedly the only option.
The difference between now and "back in the day" is that now we have apps that can scan the entire public IPv4 address space in less than 15 minutes (see apps like masscan) so it's trivial to find systems that have vulnerable services exposed publicly.
For the IPs at 12:31, instead of just hitting the IP in the browser, you need to look at the end of the command to get the full URL. It's downloading an MSI installer disguised as a PNG file.
I have some old PCs that I mess around with, and I don't connect them to the internet for this exact reason. I would hate to have the system become a target, and potentially have malware spread to other systems on the network.
if you are worried about it spreading to other systems on the network, put a firewall behind the device in the routers settings
if youre using a firewall the chance of getting a virus like this without going on weird websites is still very low
so you worry for having a way beyond standard way to connect to the internet and disabling firewall on purpose?
This is more like a whatif scenario than anythign else.
You must be young. The router wasn't popularized post-XP. Everyone I knew, throughout the entire lifespan of XP had a router between their home PCs and the Internet. Even when doing repairs and upgrades for non-technical friends/family members, every time I found a PC connected directly to a modern and thought it would be right on internet, it turned out the provider's box was functioning as a modem+router, not just a simple modem. I've never once seen a computer connected directly to the net, exposing all ports. I personally would assume a modern PC with a modern version of Windows would be infected just as easily if connected directly. Albeit probably not quite so quickly perhaps.
Bingo. The only thing he's demonstrating with this video is excellent clickbait skills for something that doesn't happen in the real world: not being behind *any* sort of router acting as a firewall
a modern OS Firewall is way more efficient than old windows xp.
The direct to modem era was more so if you had dial-up internet which was still popular when XP came out. I cannot recall for sure if my ADSL modem around 2001 had a router, it was different than the ones of today I know that. It also had a pause button that would disconnect you from the internet as a protection mechanism (or at least a peace of mind mechanism for those who were worried about it).
In either case, you would still be running a Windows or Mac software-based firewall and antivirus (which he turned off). Even if you did not run an antivirus on the Mac (as too many people did not), there was still a built in firewall in Mac OS X.
You are mostly correct but there was a period of time when ISPs were just introducing their new cable services or DSL services it was just technically a modem and nothing more. My first DSL modem was just a modem that only allowed one computer to be on the internet and the same for Cox it's first cable modem was the size of a very large cement block - it was silver made out of a giant heatsink. It too was just a cable modem only that allowed only one computer on the internet.
I remember using special purchased software to link up additional machines to get the internet as well. This was a short period by about two or three years before aftermarket cable routers you could purchase at the store like Linksys being one the first ones that sold a router with a firewall so you could hardwire multiple computers to the internet. At first, you had to keep this on the downlow with Cox as they would not support you if you told them you had one of these. Good times.
I'm curious also what Windows XP he used - SP1, SP2, or SP3. It makes a difference.
I was the second person in my neighborhood to have cable internet back in 1998. The technician didn't even know how to do the installation & had to return the next day to finally get it working. As an engineer working in telecommunications (ATM backbone switches & the associated Unix network configuration software) at the time, I guarantee you that their modem was exactly that... a modem & nothing more. If you didn't know enough to get your own firewall / router, your PC absolutely WAS connected DIRECTLY to the Internet. It took about 4 years before they wanted to upsell me to their own router, but I'd already had one since day one, and I certainly wasn't going to pay their extortionist monthly upsell fee for an objectively bad router.
Simply unchecking autoruns does not disable those programs without a reboot, which was not done until after Malwarebytes had been run eliminating the files beforehand.
8:08 what program you running on the macbook to look stuff up and what program is it you use ?
Could you do a video with all what you did on windows Xp on a MAC running Ventura !
He just used a standard terminal to check.
this is sooo ironic. i just installed a XP ISO file lollll
if you install it get avast for it cause its free and using it a have my xp PC on the internet and haven't got a virus using it yet
@@fox.9879 I like the "yet" at the end
@@ElvenMans There's no such thing as 100% security.
you don't know what ironic means
@@fox.9879 yea i already got avast
Open all ports, turn off the firewall, use no router and browser around on suspicion websites. What normal user does that? Try Win 11 and you will have the same result.
Don't forget injecting the VM with malware around 2:50
Best demonstration of why they’re called “viruses”
This should be mandatory viewing in security/networking classes.
Apart from what was said in the other comment, there are also many industrial automation equipment that still run on windows xp. I work in a company that provides image processing solutions to the industry and there are projects we developed 15-20 years ago still out there running on production lines who would be perfect targets for ransomware if connected to the internet (which is quite likely since most people operating these lines have no idea about IT security). As you can imagine, companies would be more than willing to pay good bucks in order to get their lines back working as fast as possible.
Always love the malware videos
Absolutely any OS would get instantly infected without fire-wall. Still using XP and w7 as personal preference at home to this day and never had a single issue for the past 15+ years.
he manually infected it, look at 2:50 in the task bar lol
I know a person using the same combination.
Linux by default has it's built-in firewall disabled.
Haven’t seen a case of Mac, iOS or Linux infection in my life.
Nice video.. goes to show you how important local firewalls are.. what services on windows are listening to begin with?
Very interesting experiment. Well done! New subscriber. I had to unplug my modem a few times circa 2004 watching infections move in via ftp on my box then. lol
Why do you download something from Uptodown in the first place? This place is riddled with infected software. My bare metal XP machine is on the internet today and fine by knowing what I do and how I browse and only download from genuine sources.
uptodown is not so danger, just be careful about download links, mate!
bruh
What is the best browser for Windows XP these days?
@@davidvanderklauw this is not about "best" this is only about "it will work, for most times".
Google Chrome 49.0
Firefox 52
Maybe yandex.browser (Russian fork of Chrome) will work
Opera 12.18 will work but for very basic things, and it works FAST. And supports FTP (wow)
Some users used Brave or Dolphin or even UC but i can't trust these chinese things
@@davidvanderklauw Supermium (based on Chrome) and Mypal 68 (based on Firefox) are pretty good and well known for use on XP.
You should do a video about how safe XP is on the internet... with the damn firewall turned on.
I have recently gotten interested in the security and vulnerability aspect of computers.. This was outright mind bending. Can you do a video with the firewall left on...
This video is the equivalent to the one "Checking the BMW X5 security level against thieves" in which the first instruction is, "Park it at night in dangerous área with the Windows opened"
tbh, even windows10/11 wont last as long without firewalls too
Windows xp survived a lot longer than any pc made before 2020
2:23 XP's firewall is what prevents the machine from accepting random connections ,yet you get out of your way to disable it ...Why ? If you do the same on newer windows it will get attacked too.
don't forget that a standard router nowerdays doesn't let most things through except you tell it to.
But why even make a comment out of it, its clear from the start that this is only a what if scenario.
The title of the video should've been "what happens if you disable your firewall on the Internet in 2024?", and the answer is "same thing that would've happened any year: bad stuff"
Tech tip: To help with the mouse issues, you'll want to switch to Tablet mode or go into Mouse settings and turn "Enhance precision" off
2:50 "xp sp3 worm"
This absolutely contrived and runs XP in a way that makes it worse than it is even on its own. Yea if you remove all safetiess from any version of windows and expose it to the internet without and standard safeties you'll cause yourself trouble. Hate to inform you but people ran routers and firewalls back in the XP days as well.
True, but but it was also very common Standard Operating Procedure to disable the host firewall because it got in the way of doing certain activities, and windows firewall was so much easier to disable than to reconfigure (still is).
It also was fairly common to have a broadband router/firewall as far back as early 2000s, but again, it was common to enable "DMZ mode" (which was a misnomer) which caused all incoming packets to be forwarded to one host on your network.
So this scenario was not ubiquitous but is still a valid representative of a commonly seen subset of configurations, one that was typically implemented by people who were smart enough to be dangerous. The same kind of people would go onto websites similar to this one and leave negative comments on technical topics about which they didn't actually know as much as they thought they did.
@@Nono-hk3is well, as a young user during XP era, i can surely say, we done a disabled firewall use, but it was like 1 to 1000
and only to do some stupid things like to play online or share files between PCs. Then - we enable it again
Second thing - WE USED ROUTERS. *WE USED ROUTERS!!* Even in 2004.
the point of this isn't to show how insecure it is, just how insecure it can be
Lol I thought the same. It's funny how he cuts out infecting the shit out of his VM and makes it seem like just being connected to the net. Clickbate
Thanks dude, you made a thing I was too scared to do. Very interesting. Good work !
Very interesting, and very entertaining!! 🙂 Would definitely be down to see more stuff like this! As for you trying this on Windows 7 for ~10 hours and apparently nothing happening... maybe you could do something like create an SMB/NetBIOS folder share, and observe how much crap gets dropped into it from the public internet. That also means another port that's actively being used by the OS. So all the more chance for some decade old RCE to be exploited and watch the chaos unfold. 🍿
2:50 "xp sp3 wor..."
Disabled automatic updates on purpose (yes XP is EOL but who knows, if there are some updates available). Also a running FTP.exe does not imply complete control over all files. And most people in fact were behind routers when XP was introduced. This showcase is pure academic.
what tool are you using to check the established connections?
I remember back in the day Windows XP RTM, the original release without any updates whatsoever, would get owned in seconds. The most humorous part was all the ways competing scams were presented: via Internet Explorer, Win32 applications, and the old Windows Messenger service for example.
Also, Windows 3 with Trumpet Winsock is pretty much the first way to get on the internet with Windows unless we're considering gateway services offered by Compuserve. There is a case for Windows 95 being the first version with native TCP/IP but it wasn't preinstalled on the earliest versions and required the CD to put it on, so it's basically still an add-on.