What's new

Windows XP is a HUGE security risk

Is there ANYTHING we can do that will make people listen and change this approach?
Replace Pakistanis with another nationality???

What you state needs the removal of the retired myopic afsar from the leadership of all these organizations and confine them to security only.
Then maybe in ten years the culture will develop that will help create competitive wonders.

India is admittedly about to leap ahead by 20-30 years to our R&D as their private sector had the forward thinkinh mentality now set in and they will mop the floor with our faces in any conflict in that timeframe.. and at that time .. mard-e-momin will be stupid to think they can play catch up in conflict.

As an endnote, what I refer to as lack of diversity; the Pakistan Navy actually has made rather interesting strides in R&D and utilization of resources considering how much effort both the Army and Airforce put into cannibalizing resources set forth for it.. why? Because its current cadre of senior officers is from more of a mix of educated and integrated backgrounds, and because of the paucity of resources have forced them to innovate much much more.

If your intake of people is from cadet colleges and people from only one background or similar life stories; you will always be confined to that limited knowledge pool.

The same goes for our R&D, samosa chai variety in general- and anyone who isnt a yessir fauji type is quick to leave.
 
Replace Pakistanis with another nationality???

What you state needs the removal of the retired myopic afsar from the leadership of all these organizations and confine them to security only.
Then maybe in ten years the culture will develop that will help create competitive wonders.

India is admittedly about to leap ahead by 20-30 years to our R&D as their private sector had the forward thinkinh mentality now set in and they will mop the floor with our faces in any conflict in that timeframe.. and at that time .. mard-e-momin will be stupid to think they can play catch up in conflict.

I refuse to believe things are so bleak. I wish to pass these concerns to appropriate people in the hopes that action will be taken.
 
I refuse to believe things are so bleak. I wish to pass these concerns to appropriate people in the hopes that action will be taken.
Samose pepsi ki shart hai ke either they’ll ridicule you or tell you that “India ne nahin kiya hai, iss liye ham ne nahin kiya”
 
Except if they are using a custom build created after a thorough review of source code provided by Microsoft, I cannot believe Pakistan's main defence system has this junk operating system as even a tiny component:

View attachment 454596

Our armed forces should invest in creating a custom Linux distribution, where every line of source code in the kernel is thoroughly reviewed and use that as the base for all critical systems, AT LEAST.

@Horus @WebMaster @The Eagle

every OS has flaws, but Windows XP is still considered as most secure and being used. are PAF Air Defence systems connected with public Internet?
What security measures you can put in Place? firewalls, hardware/software? from where you getting them.
Network equipment used for Networking, best is what CISCO? who and where is manufacturer?

only way to be 100% secure is to have private network and not be on Public Internet. I assume (because i am ut of touch) all these systems are on private network, same way Pak Military still uses older analog secure comm lines.

otherwise with usual measure and continues monitoring is the only way. still no surety.

Pentagon, and CIA got hacked, do you think they did not do their best?

Just my POV, could be wrong, but i trust and want to believe that, people in charge have taken everything under consideration.
 
every OS has flaws, but Windows XP is still considered as most secure and being used. are PAF Air Defence systems connected with public Internet?
What security measures you can put in Place? firewalls, hardware/software? from where you getting them.
Network equipment used for Networking, best is what CISCO? who and where is manufacturer?

only way to be 100% secure is to have private network and not be on Public Internet. I assume (because i am ut of touch) all these systems are on private network, same way Pak Military still uses older analog secure comm lines.

otherwise with usual measure and continues monitoring is the only way. still no surety.

Pentagon, and CIA got hacked, do you think they did not do their best?

Just my POV, could be wrong, but i trust and want to believe that, people in charge have taken everything under consideration.

Here's the facts. Our relations with America are not great. An American software that is known to have architectural flaws in it simply cannot be trusted. Agencies like NSA will not need physical access. They have many other options. A mole with access. A miniature drone that taps into the network. Or, depending on the components within the system, they can compromise just by high frequency sounds. There are questions such as the presence of Wifi hardware and drivers that enable it by default. And how was the OS obtained? If directly from MS then how do we know backdoors werent added?
 
if your intel agencies need to learn about Deficiencies in Pakistan defence system from online forums then this tells us how incompetent they are

80% of all intelligence gathered is open source, from threads like these. Do not overestimate intellgence agencies, they use very basic methods effectively too.
 
Here's the facts. Our relations with America are not great. An American software that is known to have architectural flaws in it simply cannot be trusted. Agencies like NSA will not need physical access. They have many other options. A mole with access. A miniature drone that taps into the network. Or, depending on the components within the system, they can compromise just by high frequency sounds. There are questions such as the presence of Wifi hardware and drivers that enable it by default. And how was the OS obtained? If directly from MS then how do we know backdoors werent added?
What are you suggesting? What type of Software and Hardware we should use?
 
Except if they are using a custom build created after a thorough review of source code provided by Microsoft, I cannot believe Pakistan's main defence system has this junk operating system as even a tiny component:
View attachment 454596

Our armed forces should invest in creating a custom Linux distribution, where every line of source code in the kernel is thoroughly reviewed and use that as the base for all critical systems, AT LEAST.

@Horus @WebMaster @The Eagle

MS doesnt provide source code, that's proprietary and theres no custom windows XP.
Every armed force implements its system based on STIGs (Security Technical Implementation Guide) and there by harden the implementation.

Custom Linux Distribution is not used in many cases as most of the system softwares where developed on windows and they wont run on Linux.


Hey kid.

Floppy system is used by Intelligence for secure transfer of data without malware attacks. Yes! Floppy is still used for clandestine purposes.

Do you know how many floppies it would take to just store the path details for a given strike.
Not sure if you have ever used floppy, but they are notorious for data corruption and I/O errors.


Asalamu Alaikum

He's right, floppy disks are a good format as they are more secure.

Explain why they are good format and more secure vis-a-vis, pen drive, cd, dvd, zip drives, ssds, hdds ?

I saw the system developed in front of me and considering the mentality of Pakistani R&D folks we should be glad it uses windows XP and not 98.

Also, the reason why it is on windows XP is probably because India also uses windows XP. The day India uses the upgrade they will too, or if they decide to use iOS 11 they will too, or an abacus, they will too.

When your R&D is controlled by myopic and retirement fund gathering sidelined or retired military officers; you get a doomed mindset.

Indian systems has moved on to custom hardened Linux and BSD, migration started early 2000 and now its implementation is standardized, some old windows software are either ported or wined, still there are areas where windows system has to be used due to unavailability of alternate softwares.
Non core activities and clerical functionalities are served from windows based machine or from Linux destop with windows shell environment for easier adaptation.


every OS has flaws, but Windows XP is still considered as most secure and being used. are PAF Air Defence systems connected with public Internet?
What security measures you can put in Place? firewalls, hardware/software? from where you getting them.
Network equipment used for Networking, best is what CISCO? who and where is manufacturer?

only way to be 100% secure is to have private network and not be on Public Internet. I assume (because i am ut of touch) all these systems are on private network, same way Pak Military still uses older analog secure comm lines.

otherwise with usual measure and continues monitoring is the only way. still no surety.

Pentagon, and CIA got hacked, do you think they did not do their best?

Just my POV, could be wrong, but i trust and want to believe that, people in charge have taken everything under consideration.

Come to 2018, you are talking things of 2000 when XP was launched. Gone are the days when you need to think about private and public networks. Current generations smarties use wide range tools including EMFs to penetrate in.
 
they should upgrade to windows 7. nobody in the world uses that anymore, everyone hates it, nobody will program viruses for it...lol
 
Explain why they are good format and more secure vis-a-vis, pen drive, cd, dvd, zip drives, ssds, hdds ?

Just as good as those, so the US see's no need to upgrade. It would be quite expensive (and completely pointless) to upgrade to newer tech, when the old gets the job done just as good.
 
Come to 2018, you are talking things of 2000 when XP was launched. Gone are the days when you need to think about private and public networks. Current generations smarties use wide range tools including EMFs to penetrate in.

EMF, RF receivers needs to be within range, GSM device needs local link. there are counter measures for EMF threats s well.

BSD is considered the most secured OS, but again not 100%.

Private Network is much more secured then public.

Again choice of OS could depend on applications being used.

besides software, hardware being used to host apps, and net equip is security risk as well.
 
Last edited:
Just as good as those, so the US see's no need to upgrade. It would be quite expensive (and completely pointless) to upgrade to newer tech, when the old gets the job done just as good.

You probably dont know what kind of budget US has.
The only systems that have not went for eCycle are those techs which are obsolote and US have either abondended them or have a replace in place.
Maintaining age old system is much more costlier then upgrading to new system. Just go out and ask for a 2/4 MB ram that 486 or pentium based machine used and figure out how much it costs to get something like that.
 
MS doesnt provide source code, that's proprietary and theres no custom windows XP.
Every armed force implements its system based on STIGs (Security Technical Implementation Guide) and there by harden the implementation.

Custom Linux Distribution is not used in many cases as most of the system softwares where developed on windows and they wont run on Linux.

Wrong. MS DOES provide source code under NDA if you are a large enough customer. It was actually provided to China and it got leaked on the internet. Also the detailed PDBs used in kernel driver development contain a lot of information as well.

Custom Linux distro IS THE way to go. Any software that can't be ported should be rewritten.
 
Back
Top Bottom