Here is a scary thought... I learned about a month ago... that many medical offices, that use the same patient tracking system, are still using Windows 7 since the system of note is only sold on pre-installed Windows 7. So world wide any office using the given application, is at risk. That is really nuts.
Which country? That certainly isnāt the case in the UK. I think I even have the numbers somewhere.
In the US... of all places. I could not believe it... but I assure you, it is true... There is Windows 7 as part of many many health systems applications/solutions. Even was at a local hospital recently to visit someone, and the in room staff computer terminal... was running Windows 7. Scared me to be sure. Apparently the vendor that sold the integrated system to the hospital assured the hospital management that they had the issue in hand. Right... sure.
You can't get good computing/IT laws out of US congress when no one in congress can effectively use Zoom. What makes anyone thing the board of directors or management of a hospital really understands IT threats effectively?
< OFF >
I totally understand, why a company is using an older, but reliable OS, instead of an unstable, non-stop changing one, that gets worth and worth by each month. (I could list countless examples.)
But the problem is NOT the clients OS.
The risk comes from people / wrong setup, and how well the SERVER is protected.
Even if you have the latest Win10 > but :
- forgot to deny Admin rights, or
- disabling to accept pen drives / foreign USB devices, or
- no Bios password has been set,
you have lost all security.
Not to mention cases, where you have forgotten changing everyone's passwords after an employee was fired.
A good program is independent from OS!
- using encrypted databases
- putting files only on encrypted drives
- making regular backups to remote "Append-only" FTP servers
prevents all possible problems. An Exe + ini can be easily restored to a fresh installed Windows in no time.
On a well planned system there is nothing on those Win7 front-desk
The problem I see today is:
- The politicians weakening the education system year by year to produce easily manipulatable people world wide. This is a fact.
- In 1990 we had to learn high level mathematics (integration) at age 16. Learned 2-3 foreign languages, etc. Today's kids at that age usually can not even properly read or write.
- If I ask a 18 year old waiter how much is 120-79 ... he can not answer without reaching for his phone.
- That is affecting programmers too of course.
Sorry but that is well off-topic and doesn't really help the question.
It doesn't matter how good your configuration if the OS itself is vulnerable. It is not for nothing that you cannot get or maintain a security accreditation of your systems if you are running outdated, unsupported software. Please don't suggest otherwise.
With 30 years IT experience, most of it security focused, I must disagree with @PizzaProgram. Stability is meaningless if any aspect of the environment is at risk. Secure computing systems are more important than ever. Even when the industry is in love with speedy delivery to market
There are two key aspects to vulnerabilities... code design and protocol design. They overlap and intermingle of course.
An example of code design, C and C++ which left many opportunities to be abused because even the best code practices would allow for buffer sizing issues that could be leveraged to inject and execute unauthorized code, gave way to managed frameworks, like .NET and others, that tried to avoid basic memory control and management issues, but issues still resulted, so now we have 'rust' which is a language that explicitly designed to try to avoid the classic memory allocation issues of the past.
An example of protocol design, is Ethernet its-self. It was never designed with security as a design goal. Every attempt to improve Ethernet security is really band-aiding the situation. In fact, there have been other, now little used or dead protocols that were more secure than Ethernet TCP/IP, such as IPX and even transport media that resisted intrusion such as Token-Ring.
Hackers, regardless of origin, use zero day exploits as the core of the focus against the available attack surface. These are effectively unknown or little known vulnerabilities, that are missed during the initial development and limited testing done before code release. The entire software industry as been focused on avoiding these and the opportunities for these to exist. Whereas, a modern OS leverages such methods versus an older OS which never had such as a design goal.
However, the time and effort that is allocated to code development and testing has had the opposite trend, faster, faster, not better, better. So as long as we demand faster, faster and not better, better solutions, risk will continue to be a major factor, and we will continue to give hackers a target rich environment again and again.
There are still zero day exploits being discovered for DOS, yes DOS of all things. Why is this the case, because modern protection systems often test against older OSes to attempt ensure that the newer protection systems don't have blind spots, hence we still hear about DOS vulnerabilities of all things. If you want to see just how bad a given OS is you can always query the 'CVE' database to see what, how many, etc. vulnerabilities exists for various environments, be they applications, services, OSes, etc. But note... CVEs are known exploits... not unknown exploits.
Hello, I'm newbie and want to try node red for the first time using Windows 7 64bits.
I succeed installing node.js v13.6.0 but I can't install node red and got these errors instead. Could anyone suggest me how to fix this problem? Thank you in advance.
They are only warnings.
Did you wait for it to complete?
yes I did. I didnt capture the rest of it but it showed error after that
we cant help if you dont tell
these are the errors
What error do you get when you try to start node-red?
i got this error
I'd probably start again with node v12 LTS.
- Install node-v12.22.1-x64.msi
- install node-red
PS: Windows 7 is EOL since January 14, 2020 - you should probably look at upgrading your OS (or move to linux)
It works on v12.22.1. Thank you so much, Steve and everyone!
As a matter of interest why were you using nodejs 13? You should use 12 or 14.
[Edited as nodejs 14 is not supported on Windows 7 (which is dead anyway)]
For future readers: nodejs V14 does not work with/not supported on Windows 7 (and windows 7 is dead)
Do you mean that node-red does not work with nodejs 14 even on Windows 10?
There is an installer for 14 at Download | Node.js and no suggestion that node-red will not work with it at Supported Node versions : Node-RED
I missed out one number DOH!
(I corrected my post - but will retype below to make it clear) ...
For future readers: nodejs V14 does not work with/not supported on Windows 7 (and windows 7 is dead)
OK, I will edit my post too, for those who come hereafter.