[TeeMassive]

And yet AFAIK he seems to be doing fine. If you run the same stuff, only allow and visit the same addresses, and disable ECMAScript and in addition to other mitigation measures such as 2FA then I don't really see the problem.

> That is not the behavior of a security expert.

Your image of "security experts" must come from movies. I know security experts IRL. Their security at home amounts to not use their work computer for personal stuff and 2FA.

[naikrovek]

You’ve never had an ad on a webpage serve you malware via a browser exploit that does not require JavaScript, I see. Nor ever used a compromised supply chain. You think that luck will hold out forever? It won’t.

Turing off JavaScript and using 2FA everywhere are good steps, but like using a firewall and saying “I have a firewall, I’m completely safe” is myopic, saying “disabling JavaScript and using 2FA make me secure” is just as myopic.

You must apply security fixes. Sticking to Windows XP because you prefer it over newer operating systems is absolutely foolish if you connect it to the Internet in any way.

If Steve Gibson were a security expert, Windows XP would simply not have been an option the instant it went out of support.

[TeeMassive]

Expertise simply means having a deep understanding in a field of knowledge. Running Windows XP is irrelevant.