Yes.. Windows XP had an unending list of vulnerabilities, software patch policies were often horrible, hardware with outdated software was everywhere. Back then if you would call yourself a hacker or a hack group it would mean you had multiple 0day exploits under your sleeve for operating systems, browsers and web apps.

Even if you were just a lowly scriptkiddie, because of the bad update policies you could just go to an exploit website, like metasploit is now, and try out the list of old exploits on any target you were interested in. A friend of mine had 40.000 routers in some Scandinavian country because their ISP shipped them to customers with a 4 year old BSD release that had known vulnerabilities in it.

And thanks to that Microsoft has put in place several security development based procedures that still aren't fully followed on the FOSS world.

https://www.microsoft.com/en-us/securityengineering/sdl

https://blogs.msdn.microsoft.com/michael_howard/2006/05/19/a...

https://docs.microsoft.com/en-us/visualstudio/debugger/how-t...

https://techcommunity.microsoft.com/t5/Windows-Kernel-Intern...

Maybe I am just pedantic but "many things" != "anything" and the existence of vulnerable systems does not invalidate the existence of secure systems.

Gotta admit, it was fun "hacking" all the WPS-enabled access points around me.

Pretty much. Security wasn't really seen as something developers worried about back then. Maybe it was because there were less bad actors due to it being much harder to make a buck through hacking. I remember setting up a server with an extremely weak SSH password around 2003 and it went for months without receiving any sort of traffic at all, much less login attempts. Nowadays if you set up a server with port 22 open you'll get dozens of hits per day from various bots scanning the entire IPV4 range and trying dictionary attacks to get in. Going through Fail2ban logs can be pretty entertaining.

I was thinking that might have been true back in the 80s. Hell, I still feel that way about anything analog. It's just nothing is really analog any more. Once things went digital and encryption was implemented, things just became more of a social engineering type of hack to get people to give you the information to walk in the front door. It's not that you hacked the Gibson or anything. Also, modern systems just don't have the cool 3D interfaces that all of the systems from the 80s/90s had ;-)

It wasn't really until Windows 7 that Windows was to some degree secure as an internet-capable platform. XP was just terrible from a security standpoint until SP2 (2 years after launch), which at least added a decent firewall that was enabled by default.