Hacker News new | ask | show | jobs
by josephcsible 969 days ago
To me, "personal daily driver" sounds like where you'd do online banking. A MacBook from 2015 can't run any OS newer than Big Sur, which is EOL right about now. And it sounds really imprudent to do online banking from an insecure device.
7 comments
ac29 969 days ago
It should still be able to run an up to date web browser though, right?

If one is that concerned about someone exploiting an OS level security flaw to exfiltrate their online banking credentials (wildly unlikely), they should just be doing that stuff in a VM or similarly isolated environment anyways.

link
josephcsible 969 days ago
> It should still be able to run an up to date web browser though, right?

For a while, yes, but the browser being up-to-date doesn't make an EOL OS safe to expose to the Internet.

> If one is that concerned about someone exploiting an OS level security flaw to exfiltrate their online banking credentials (wildly unlikely), they should just be doing that stuff in a VM or similarly isolated environment anyways.

Just doing sensitive stuff in a VM isn't good protection at all, since a malicious host can trivially compromise the guest.

link
type0 969 days ago
> A MacBook from 2015 can't run any OS newer than Big Sur

It can, Ubuntu runs just fine on it

link
josephcsible 969 days ago
You're right, I should have been more precise. But you still won't get security updates to firmware anymore that way.
link
rokkitmensch 969 days ago
If this is your personal threat model, I commend you on an exciting life well-lived that appears to entail sophisticated personal protection of the GPG keys and Bitcoin you need to run your business empire securely.
link
eviks 969 days ago
It can run the latest OS with the open core project
link
tom_ 969 days ago
My 2015 MBP is supported in macOS Monterey.
link
josephcsible 969 days ago
The "Pro" makes a difference there. The Air and Pro from 2015 both got Monterey, but the regular MacBook from the same year didn't.
link
astrange 969 days ago
Many US bank websites have so few features I'm not even sure what hacking mine could get someone. They can transfer from my checking to my savings account?
link
andrewprock 969 days ago
I assure you, I take security quite seriously. The version of MacOS I'm using is nowhere near the top security risk.
link
rokkitmensch 969 days ago
The problem from another angle: I wouldn't trust anything made in the last decade for my airgap box.
link