He says
I don't want to update something that works, updates may break
something. Look at our old computer that runs Windows 98, I've been
using it every day for everything for 15 years now and it works
without any problem, even though there's absolutely no antivirus or
anything.
Clearly it works for him. His argument is good.
If somebody is not going to dodgy websites, not installing software, let's say they just use Word, and Outlook Express and they don't open attachments.
I have seen middle aged non-computer users in the family that use a computer minimally, and some elderly in the family, just don't get malware on their computer. I suppose they could misspell a URL but they manage with the one or two URLs they visit, or the URLs come up in the address bar. Or they have a button on the bookmark bar that sends them to the URL.
If somebody can survive in this day and age with Windows 98 and not get anything in 15 years, they are doing better than others with lots of "protection".
I may be flamed or downvoted for saying this but i'm inclined to agree with him. Not that it works for anybody but that it works for him, with his style of computer use.
One way you could show a flaw in his argument, is by taking down his computer yourself, remotely, without installing any special software or malware on there (and without social engineering that abuses his trust in you), and it should be realistic i.e. something that really could happen that you see happening. Good luck trying to do that!
You should also educate him as to the risks of our times, like he may get email purporting to be from people he knows, telling him they've lost all their money. And he shouldn't fall for that.
I'm sure many people know some cautious computer users in their 60s and even those in their 80s/90s who do not "browse" the web, and are just not getting malware on their computer! Like somebody that only uses the television to watch the BBC News, somebody might only use their web browser to go to the BBC News website. There are people like that believe it or not, and it'd take a miracle for them to get malware on their computer!
Added-
David has mentioned there were days when IE and OE ran Active X without asking(though it could be configured to disable active X). And one could use Chrome and web mail. The former being a fast browser anyway, and the latter being very portable.
1Your deliberate phrasing is a success. – Tomáš Zato - Reinstate Monica – 2014-04-09T20:08:56.493
3Why convince him? Put a firewall and antivirus software on the XP machine. They will continue to be updated even though XP itself won't. – EBGreen – 2014-04-09T20:09:23.463
5
@EBGreen Yep but it is said to be still unsafe.
– marczellm – 2014-04-09T20:11:34.720I don't necessarily agree with that list, but you have that list to use so why are you asking a question that essentially already has an answer on superuser? – EBGreen – 2014-04-09T20:13:02.900
4
possible duplicate of What are the potential security issues when I keep using Windows XP?
– EBGreen – 2014-04-09T20:13:24.7375Who cares? Tell them what you think, let them decide, and when they need help cleaning up, that's not your problem, and if it is, then say "See!? I told you so! Now about my bill for cleaning up your mess...". VTC as off-topic (not a computer problem). – Ƭᴇcʜιᴇ007 – 2014-04-09T20:13:30.730
2@EBGreen the list explains how XP is vulnerable to malware, but as long as they go unnoticed, he doesn't care. – marczellm – 2014-04-09T20:15:00.007
should I post this at security.SE? – marczellm – 2014-04-09T20:16:07.777
2IMO, No you shouldn't, since it's a question about convincing a person to do something they've stated they don't want to do. That's a personal/social/humanity issue, not a computer or security issue. The question EBGreen points to (and many other places on the Internet) explain WHY it's bad, you just need to figure out how to convey that information to the user in an effective way (or just chalk it up "done all I can, not my problem anymore"). :) – Ƭᴇcʜιᴇ007 – 2014-04-09T20:19:54.650
@techie007 I still need objective reasons to explain why malware is harmful, even though the computer is working. – marczellm – 2014-04-09T20:25:01.233
14Go paint "I'm a Nazi Child Molester!" on the side of his car, and then ask him to drive it around town and to work. "Who cares, the car still works, right?" ;) – Ƭᴇcʜιᴇ007 – 2014-04-09T20:35:41.393
2
A question about computer hardware and software would be asking what the hardware and software problems are. This in contrast is a question about people, and is another "How do I convince Dave?" question. If you want explanations of the ways that malwares running on one's own computer can be a problem to the rest of the world, then ask a question that says that. This question does not. At the very least you could be adding "What are the potential security issues when I keep using Windows 98?" to our Q&A database. (-:
– JdeBP – 2014-04-09T20:51:20.21713What's his IP? >:) – Blackhawk – 2014-04-09T21:52:23.010
10You won't convince them with facts. They're clearly immune. You will convince them by an absolute uncompromising refusal to have anything to do with those computers in the state they're in. – Michael Hampton – 2014-04-10T03:25:52.680
3Sounds a bit like the anti-vaccination people. – liftarn – 2014-04-10T08:50:08.333
3The best way to explain to non-technical people is analogy, and this is analogous to keeping information in a shoebox on your open windowsill. It depends on your behavior whether or not the information in the shoebox is worth taking, or whether anyone will end up taking it, but the fact remains that anyone that has a half a mind to do so easily can. – Mejwell – 2014-04-10T12:57:07.713
@techie007: It depends. Does he store sensible data about me on his box? Like photographs of how I enjoyed pot-smoking sessions in my sinful youth and when he caught us in the act, or letters from school which say I have unconstructed my teacher's car? The tentacles of data are huge. Basically, this is the exact same reasoning about why you should care when Sony or some other big player is cracked once again. – phresnel – 2014-04-10T14:33:03.860
2Is it bad for me to have cancer, if I don't have symptoms? – Matthew – 2014-04-10T18:04:28.960
ignorance is bliss – kaptan – 2014-04-10T18:19:49.697
2Why is bad for you, personally, to be infected with herpes if you don't notice? Same answer for your computers. You also don't want them infected with herpes, even if you don't notice it right away. – HopelessN00b – 2014-04-10T20:08:56.370