As support comes to an end for Windows 7, many people are concerned about the security ramifications of continuing to browse the internet with it.
As Windows XP users discovered, many browsers continued to support XP long after its end-of-support date.
Were they secure?
To answer that, we need to dispel a common myth.
Become a Patron of Ask Leo! and go ad-free!
The myth of perfect security
There is no such thing as “secure”.
It’s not an absolute state; it’s a range, a spectrum.
You can be more secure. You can be less secure. But there’s no such thing as completely secure.
Believing there is could lead you to let down your guard.
An up-to-date web browser
An up-to-date web browser is certainly more secure than one which is out-of-date, regardless of what operating system you run.
That up-to-date browser will have the latest fixes for security issues and vulnerabilities. It may also have additional improvements, including, but certainly not limited to, security-related issues.
So if you have the opportunity to update your browser, do so. And if your favorite browser happens to stop being updated for whatever operating system you run, you probably want to find a new favorite — if you can.
An out-of-date operating system
An out-of-date operating system is less secure than one that is current and up-to-date, regardless of which browser you happen to run.
That’s why folks in my position always advise that you keep it as up-to-date as possible — even to the point of upgrading to the latest version of Windows when your favorite version is no longer receiving updates. Windows XP falls into that category, and Windows 7 will next year.
But what If you can’t — or just really, really don’t want to?
The real question is, can you be secure enough with whatever combination of browser and/or operating system you happen to be running?
The answer depends on you.
There are people who continue to run Windows XP, which is years out of date, and seem to do so with enough security for their purposes.
Presumably, they have an up-to-date browser, but even if not, their ultimate security is determined by their actions. If they regularly do things that are risky, they have (much) less protection from the consequences of those actions if their software is out of date.
If, on the other hand, they know how to proceed with care, the combination may be secure “enough” for their needs.
To know if you’re secure enough, you need to understand your own ability to handle the risks of your actions.
Many people fall into either of two extremes:
- Overconfidence: an overinflated sense of “I know what I’m doing”, when in fact they’re not quite as secure and knowing as they think they are. These folks often end up in trouble.
- Under-confidence: a level of fear and/or paranoia that prevents them from doing just about anything.
In reality, most people are somewhere in between. Being honest about your own abilities — and educating yourself so as to fill in the gaps — is your best strategy.
When in doubt? Keep everything as up-to-date as possible.
It’s not perfect, because perfect doesn’t exist — but it’s “more secure” than the alternative.