Saturday, May 31, 2008

The paradoxical security of Windows 2000

I've been using Windows 2000 SP4 in my Parallels and (now) Fusion VMs:
Gordon's Tech: Parallels to VMware - my experience

As part of my move from 10.4.11 to 10.5.3 I switched from Parallels (Windows 2000 VM running Office 2003 and MindManager to VMWare Fusion (updated 5/30 for 10.5.3). Here's how it went...
Windows 2000 SP4 runs Office 2003 and most business apps without any problems -- that's all I need. I have two unused Win2K licenses, so it costs me nothing. It's much more compact than XP, it demands fewer CPU resources, and it runs happily in only 256MB of memory.

It's a perfect match to my needs.

There's only one catch. Microsoft isn't updating Windows 2000 security any more, and I don't use antiviral software on any platform* (except at work, where it's mandated). Well, I don't expose the Windows VM to the net, so that's probably not an issue.

But is Windows 2000 really all that insecure nowadays? It must be an exotic environment on the modern net, I can't believe it would be a profitable target. I suspect it's actually becoming more secure with every passing day.

I wouldn't bet on that of course. I really don't have a need to take the Win2K environment for a walk in the wild side. Still, I suspect it's true ...

* Modern antiviral software behaves like a virus infestation (performance and reliability suffer greatly), antiviral vendors blew it by choosing not to block SONY's spyware 1-2 years ago, it often fails against modern attacks, and it's been years since I've received email with an attached virus (Gmail filters them).

No comments: