What OS for Core2Duo

[Stefan43]

Hello,

 

My computer has an Intel Core 2 Duo 2 GHz processor, an Nvidia Geforce GT 520 graphics card and 4 GB RAM. Which OS can I install the best on this computer? Windows XP Professional SP3 (x86, I know I can't use all my RAM) or Windows Vista Business (x64)? I like Windows XP very much, so if I want to install Windows XP, can I use it safe on the internet with the POSReady updates?

 

I hope someone can help me, thanks.

[Guest]

I saw your post asking the same basic question in the POSReady thread but I will answer it here.

Nothing is 100% safe. Suppose Facebook gets hacked and some 0-day vulnerability is inserted into the site so that visitors get infected. In that scenario you wouldn't be safe but neither would any OS or browser if it targeted them. You can decrease your risk by switching to a more secure OS and browser. Additionally, you should run EMET to further reduce your risk.

 

Take a look at the Pwn2Own results. If I remember correctly, IE11 on Windows 8 running EMET was the only browser that was not hacked in the 2014 competition.

 

I personally use Google Chrome on XP running EMET. Chrome appears to be the safest browser for XP as it uses sandboxing technology and the way they handle extensions is very restrictive.

 

EDIT: Sorry. I was wrong. IE11 on Windows 8 fell on day two. Everything got hacked.

 

EDIT 2: Correction. I was right to begin with IE11 on Windows 8 running EMET was not hacked.

 

EDIT 3: Final thought that just occurred to me. IE11 was the only browser that was allowed to run EMET in the Exploit Unicorn challenge. If Google Chrome were allowed to do the same, it also probably wouldn't have been hacked.

Edited August 8, 2014 by -X-

[Stefan43]

I saw your post asking the same basic question in the POSReady thread but I will answer it here.

Nothing is 100% safe. Suppose Facebook gets hacked and some 0-day vulnerability is inserted into the site so that visitors get infected. In that scenario you wouldn't be safe but neither would any OS or browser if it targeted them. You can decrease your risk by switching to a more secure OS and browser. Additionally, you should run EMET to further reduce your risk.

 

Take a look at the Pwn2Own results. If I remember correctly, IE11 on Windows 8 running EMET was the only browser that was not hacked in the 2014 competition.

 

I personally use Google Chrome on XP running EMET. Chrome appears to be the safest browser for XP as it uses sandboxing technology and the way they handle extensions is very restrictive.

 

Ok, do you use XP as your primary OS? And how did you set up EMET? Do you use the default settings? And uses the latest version of Opera (Chromium based) also sandboxing technology?

Edited August 8, 2014 by Stefan43

[Guest]

Yes. I use XP as my primary OS.

Emet comes preconfigured for some programs but not Chrome or it's derivatives. You need to add them by adding it. Done use SEHOP or EAF or Chrome will hang.

All Chromium based browsers use sandboxing.

 

I edited my original answer while you were posting your reply. Take a look at it again.

 

See images for EMET...

 

 

[Stefan43]

Ok, thanks for the answers. Do you also install the POSReady updates on Windows XP? If I am going to install the POSReady updates, will Windows XP then be more safe? And what security programs do you use? Standard Windows Firewall, or a 3th party firewall?

[Guest]

Yes, I use the POSReady updates and recommend that you do the same. 

 

Besides EMET, the only security software I use is Kerio Personal Firewall v2.15. It needs this registry entry so that you don't get buffer errors. I don't recommend only running what I run for your average user.

 

You should probably run some type of antivirus and Malwarebytes Anti-Malware with real-time protection.  Note that Malwarebytes Anti-Malware will really slow things down in some cases. For instance, I use comparison software for my backups and when it starts scanning for changes and moving files, it seems to scan every file and brings the backups to a virtual halt.

 

Also, definitely use Adblock Plus or Adblock as there have been numerous instances of malware being distributed via ads and use Sandboxie for high risk stuff.

Note that if you use Sandboxie above version 3.5.0 and Kerio 2.15 you cant use the latest version of the Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege patch. The author changes some things that cause Kerio to throw up errors when running something sandboxed that makes internet connections.

Since it's an elevation of privilege and not a remote code execution vulnerability, it's not an issue unless your are in a network and you don't want a limited user to gain admin privileges. Basically it only affects businesses or people that have children that are networked, using limited accounts and have hacking abilities. 

Edited August 8, 2014 by -X-

[Stefan43]

Ok, as antivirus I am going to install NOD32 Antivirus, and as firewall I think Comodo Firewall. I am also going to install Malwarebytes Free, and I am going to do a scan every week. As browser, I am going to install Google Chrome with Adblock Plus. And I will also install EMET. And I am going to install the POSReady updates. Do you think that is good protection?

Edited August 8, 2014 by Stefan43