Microsoft's Ticking Time Bomb Is Windows XP 829
Hugh Pickens DOT Com writes "Shona Ghosh writes at PC Pro that the final deadline for Windows XP support in April 2014 will act as the starting pistol for developing new exploits as hackers reverse-engineer patches issued for Windows 7 or Windows 8 to scout for XP vulnerabilities. "The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse-engineer those updates, find the vulnerabilities and test Windows XP to see if it shares [them]," says Tim Rains, the director of Microsoft's Trustworthy Computing group. Microsoft says that XP shared 30 security holes with Windows 7 and Windows 8 between July 2012 and July 2013. Gregg Keizer says that if a major chunk of the world's PCs remains tied to XP, as seems certain, Microsoft will face an unenviable choice: Stick to plan and put millions of customers at risk from malware infection, or backtrack from long-standing policies and proclamations." (Read on for more.)
"In either case, it will face a public relations backlash, whether from customers who complain they've been forsaken or those angry at Microsoft for pushing them to upgrade when, in the end, they didn't need to." Microsoft makes little or no revenue from customers with old PCs, and desperately wants them to buy a new Windows system of some sort. "It's very easy to say 'just upgrade,' but not all business can do so," says Lawrence Pingree, citing money, resources and mission-critical software. "One of the main reasons why people cannot leave XP is compatibility with other software." Nor is Microsoft blameless. XP has hung around because of the mistakes Microsoft made with Windows Vista, the OS flop that outgoing CEO Steve Ballmer copped to as his biggest regret. If Vista had been more like Windows 7, or had shipped at its original "Longhorn" timetable of 2004, then been followed three years later by Windows 7, XP would not have had the opportunity to lock up the ecosystem for a decade. Pingree has a suggestion for Microsoft. ""If it's such a big problem, maybe they should offer an 'Extended Life' [support] subscription and charge for it.""
The Solution is Obvious (Score:5, Insightful)
Microsoft should extend support for XP...but only on a cash-for-patch basis. Sell patches at $5 a pop for XP user's, or a one Year Security Update Subscription for $20.
It's a win-win situation....
So upgrade already (Score:4, Insightful)
You can run XP in a virtual machine if you have software you must absolutely run that cannot run under Windows 7 or 8.
If your business cannot support the cost of an upgrade, you really aren't doing it right and probably aren't making much money anyway.
Windows 7 has been out for over FOUR freaking years. Quite the whiny bitching already.
Can't complain (Score:5, Insightful)
Re:The funny thing is... (Score:5, Insightful)
This is absurd. Yes, Vista was a disaster, but Windows 7 was a huge upgrade from XP.
And? (Score:2, Insightful)
Stick to plan and put millions of customers at risk from malware infection
Not trolling, but sticking with XP - even with continued support - is still putting millions of customers at risk from malware infection. Win 7 is much more secure (I assume 8 is too but I won't touch Win 8).
One of my clients is going to stick with XP (it's on about 1/2 their systems) and only upgrade to 7 if the workstation needs to be replaced. Some of their workstations have been running for 8 - 10 years and still meet the needs of their users. If it ain't broke why replace it?
Microsoft isn't Putting Customers at Risk (Score:5, Insightful)
Microsoft isn't putting customers at risk by not patching what will then be a 13-year old operating system. They had a full life cycle plan in place and customers have had many years advance notice to plan their transition. The lack of resources placed on transitioning legacy software to something other than an end-of-life OS is squarely the fault of the customers. The people in charge obviously don't place a great deal of importance on security or support. They have made their decision, let them suffer the consequences.
Re:patches ? (Score:2, Insightful)
I working in health care, our PRIMARY robotic pharmacy dispenser runs DOS 6.x ... ?
It works, vendor has not mentioned any intent to replace the code so why should we.
I drive to work in a 14 year old - it works, so
If you think I am joking ask your hospital about ( McK..... )
Re:If your statement is correct... (Score:5, Insightful)
They can't afford the capitol to upgrade their systems, but they can afford to stockpile machines in closets.
Re:Mac has superior model (Score:4, Insightful)
Re:If your statement is correct... (Score:0, Insightful)
windows 7:
networking under xp was much easier. The home group is a total disaster, 9/10 times there are problems with pc's connecting. It used to be so easy..
control panel is a total disaster, nothing looks alike.
copy dialog was bad, now it is a total disaster, 2 different large dialogs, why don't do it like every other program. Overwrite Yes/No/All/Skip
UI: Microsoft seems to only makes stuff that you need to get used to, why not just make something that looks great from the start?
Stability of windows 7 is ofcourse mostly better than xp. Explorer crashes less than under xp, 64bits is better...
And then microsoft started to push the ribbons through everyones throat... Like that wasn't enough, they did it again with filled rectangles (metro).
Re:The Solution is Obvious (Score:2, Insightful)
There really are only a tiny number of people for whom such a subscription would make sense. Everyone else would be better off just replacing their PC with a newer one running Win7/8. Windows 7 has XP Mode which works pretty well, and people who absolutely need XP for that one bit of ancient hardware that doesn't even work in the VM would be better off retiring their current machines from day-to-day use and saving them just for that single purpose.
People who are still using XP day-to-day are idiots and Microsoft shouldn't encourage them. There is almost no scenario where continuing to use XP as your main desktop makes sense, although I'm sure there will be plenty of replied from people who claim that they absolutely have to.
XP is a vulnerability itself. (Score:1, Insightful)
Seriously, it's 12 years old. If you're using 12-years-old Linux kernel today, nobody would give a fuck about your problems. Because you using 12-years-old shit is the biggest problem itself.
Re:If your statement is correct... (Score:5, Insightful)
You're conflating compatibility and technology upgrades. In general, considering the usability, user interface, and functionality of 7, it is an upgrade from XP. Compatibility with applications written for previous OSs is a totally different item. If you really want to support an application that works with only one end-of-lifed OS until the end of time, then you're going to have issues to deal with. It's either update the application or embalm the OS environment you're bent on sticking with. Run XP in a VM on new machines with a modern host OS.
There are plenty of reasons to criticize Microsoft, but I don't think OS application compatibility is one of them. You can run DOS apps from the 1990s on Windows 7. If your business can't afford to update that XP-dependant app, you probably shouldn't have written such a specialized app to begin with or used the development environment and libraries you chose.
Re:The funny thing is... (Score:2, Insightful)
For varying definitions of "upgrade".
So far, I have not identified any benefits for me from using 7 compared to using XP. But I have trouble with a few pieces of software that refuse to run. Now, please explain to me again why I would possibly WANT Windows7?
Re:Microsoft isn't Putting Customers at Risk (Score:4, Insightful)
On the one hand, quite true, fuck ’em. They brought their problems upon themselves. But on the other, their problem becomes everyone else’s when several million corporate PCs are added to the world’s botnet population.
An easy choice... (Score:5, Insightful)
The key to this dilemma comes down to one word:
"Microsoft will face an unenviable choice: Stick to plan and put millions of customers at risk from malware infection,"
I don't think that Microsoft actually considers these people "customers." I think MS very distinctly considers them non-customers of their flagship product, since they have not purchased any of the four latest versions (Vista, 7, 8, 8.1). All of Microsoft's customers should have followed its exhortations over the last five years to spend a few bucks and upgrade dump their now-13-year-old OS.
It's indisputable that across the computing industry, the perceived mandate of legacy support for next-gen OSes is increasingly feeble. In non-desktop markets - e.g., consoles and phones - the presumption was never there to begin with (starting with the Super Nintendo!) Web programming exhibits similar tendencies - how many Java applications from back in the day won't run on modern browsers? And won't that include the entire Silverlight platform in a few years? The tendency is that the river of upgrades will carry all projects of significance along in its current, and the projects that gather on the banks (i.e., don't receive newest-OS upgrades) are... detritus. For right or wrong, that's the view.
Re:The funny thing is... (Score:3, Insightful)
Yes, Vista was a public relations disaster
Fixed that for you. I ran Vista for years.
99.9999% of the bullshit surrounding Vista was just that. Pure, fucking, unadulterated bullshit, spewed by the same mewling retards who still don't understand why their shitty operating system from well over a decade ago needs to die.
XP is over. Fucking deal with it.
wga will lose ms 'customers' (Score:4, Insightful)
More of linux shop here but the one remaining ms os pc which had updates until november has just been deemed illegal by somebody last month.
I briefly tried to deal with the issue - the supplier hp told me to get lost, and once through to the right region (hp's website royally sucks) the human blamed ms and gave me a wrong phone number for buck passing.
I have put the machine on a list for debian upgrades for next year.
The craptastic Windows 8 is Microsoft's time bomb (Score:3, Insightful)
What I would do if MS (Score:5, Insightful)
Re:The Solution is Obvious (Score:4, Insightful)
Microsoft doesn't have to do anything. (Score:1, Insightful)
Re:Really (Score:5, Insightful)
Re:XP is a vulnerability itself. (Score:3, Insightful)
And don't even get me started with the piece of shit that is windows 8, linux users are not forced to use a half-tablet OS
Gnome 3 and Unity would like a word with you.
KDE, Afterstep, Enlightenment, Windows Maker and XFCE would like a word with you.
No such options on Windows Tablet 8/8.1 I'm afraid.
Re:The Solution is Obvious (Score:4, Insightful)
The unfortunate fact is, the majority of these people are home users on DSL. They aren't going to pay, we're lucky if they even update, and once they're infected their machines are used in botnets to attack the rest of us. Microsoft should continue to publish security updates for XP for free to protect THE REST of its users.
Re: So upgrade already (Score:3, Insightful)
You remove the gateway ip address in the TCP/IP settings. A single entry. Duh.
Re:If your statement is correct... (Score:4, Insightful)
then why won't all XP software run on Windows 7, and why hasn't everyone seen the error of their ways, and upgraded their XP systems?
Two questions asked, two answers given --
1st -- Some XP software won't run on Windows 7 because the software was not written to be compliant with Microsoft's published security standards. Stuff that's compliant with the standards runs, stuff that isn't compliant, and which relies on some undocumented feature/bug, may or may not run. Or did you mean ActiveX controls? That's a completely different animal, and can still be made to run on a Windows 7 system with the help of XP Mode. You may also want to ask your web designer why they haven't updated the design/layout in 10 years.
2nd -- People haven't upgraded their XP systems because of opportunity cost. Either you need to worry about updating your ActiveX-based corporate intranet to work on a modern browser, or you have to worry about the cost of purchasing a new set of licenses for a more recent version of Windows. While I could forgive a large corporation which may have to pay tens of millions of dollars to upgrade (though my own company has already upgraded its 85,000 employees' systems to Win7), I have a harder time forgiving a home user whose cost would be effectively nil if they were to purchase a new(er) computer. You don't even have to buy a *new* computer any more to get Windows 7 -- it's been out for long enough that I've seen computers in used computer store or on kijiji for the $50 range which would be an upgrade to anything that was sold with XP, and which come with Windows 7 as well. The savings in electricity alone from such an upgrade would probably pay for that within a year -- remember that while the P4 did boast speeds at 3.4GHz, they did it by using several times the electricity that a modern i3 or i5 uses for the same clock speed.
And the re-buy existing software argument doesn't wash. At the absolute worst case scenario, they can run it in XP Mode, which is a full fledged virtual machine which can run anything that ran on XP.
Xubuntu (Score:5, Insightful)
Re:XP is a vulnerability itself. (Score:5, Insightful)
Yes, you can upgrade for free, or damn near free. Simply upgrade to Linux or a BSD. Seriously. I here all sorts of nonsense about how hard it is to switch to Linux, and to Gnu. Screw all of that. Have you noticed that our economy sucks? A common refrain heard by the working class, is that we are now competing with labor markets from around the world. We have to adapt, or go out of business. Do more with less, retrain to do new tasks, yada yada yada.
My answer goes right along with all that other nonsense. If you can't be retrained to run Linux, then you're out of the workforce. And, no, I don't really give a damn that you might lose your home as a result. No one gave a small damn when coal miners were foreclosed on. Or auto workers. Or construction workers.
The "ticking time bomb" isn't Windows XP. The time bomb is America's inability to adapt to a changing reality. Windows is so 1990's. This is the 2010's now.
Peripheral compatibility (Score:5, Insightful)
Windows Vista SP1 was fine (Score:3, Insightful)
Re:The Solution is Obvious (Score:2, Insightful)
I moved my Dad to Linux Mint because it was easier than teaching him how to use Windows 8. I've gotten basically no complaints from him and he was up and running within a few minutes of getting his new machine.
I was really not looking forward to having to teach him how to use Win 8 only to have to teach him Win 9 when MS completely changed the UI again.
Re:The funny thing is... (Score:4, Insightful)
"Except ability to run about 20 years' worth of software and on far older and newer hardware, since it has had such a long service life and represented the pinnacle of backward compatibility before MS decided DOS-based software (Win98) has surely all been retired."
PLEASE! Just give up on all that 20 year old software! All that backward compatibility, and legacy support, is exactly what crippled XP more than anything else! Without all that legacy support, XP would have started out more secure than it did. JUST GIVE IT UP!! I don't want or need 20 year old software running on my system. If you really, truly believe that you need software that old, then rebuild it!!
It's not like software development is a forgotten art from 5000 years ago. Hire someone, or hire a team, to rebuild the functionality that you need. Or, do it yourself.
Stop expecting the world to operate in some twisted time warp that suits your own particular needs.
Re:The craptastic Windows 8 is Microsoft's time bo (Score:2, Insightful)
Comment removed (Score:5, Insightful)
Needless expense (Score:5, Insightful)
People who are still using XP day-to-day are idiots and Microsoft shouldn't encourage them.
Really? People are idiots for not spending money on new equipment that adds precisely zero additional feature that they need? We should be forced to upgrade to Microsoft's latest software because not upgrading doesn't add to Microsoft's profits? My company uses XP on the majority of our computers and there is nothing whatsoever in Vista, Windows 7 or Windows 8 that is necessary for us. So we're idiots for not spending money needlessly? Thank $diety we don't let you make our purchasing decisions.
There is almost no scenario where continuing to use XP as your main desktop makes sense
Except for the millions of people whose actual computing needs are perfectly adequately filled by XP.
Re:First... (Score:5, Insightful)
So it's somehow Linux' fault that your IT department wasn't competent enough to at least do some research and testing with the users first?
You do realize that a complete OS and app suite change is not as easy as just downloading a distro and installing it everywhere, right?
Re:First... (Score:5, Insightful)
Really? I've been using Linux on my desktop for years with no complaints. So has my barely computer literate father (and incidentally I get far fewer tech support calls now). No, it's not "just like Windows", but if you really love everything about Windows then you should stick with that, obviously you're not Linux's target audience. Of course if what you really mean is that it's not supported by 100% of the software you need/want to use, and you can't find suitable alternatives... well that's not really anything to do with Linux's readiness is it? Ask the people making your software when they are going to release a Linux version, because that's the only way that *they* will know that anyone in their customer base cares.
Re:XP is a vulnerability itself. (Score:2, Insightful)
Yes, you can upgrade for free, or damn near free. Simply upgrade to Linux or a BSD. Seriously. I here all sorts of nonsense about how hard it is to switch to Linux, and to Gnu. Screw all of that. Have you noticed that our economy sucks? A common refrain heard by the working class, is that we are now competing with labor markets from around the world. We have to adapt, or go out of business. Do more with less, retrain to do new tasks, yada yada yada.
My answer goes right along with all that other nonsense. If you can't be retrained to run Linux, then you're out of the workforce. And, no, I don't really give a damn that you might lose your home as a result. No one gave a small damn when coal miners were foreclosed on. Or auto workers. Or construction workers.
The "ticking time bomb" isn't Windows XP. The time bomb is America's inability to adapt to a changing reality. Windows is so 1990's. This is the 2010's now.
Yes, you can upgrade for free, or damn near free. Simply upgrade to Linux or a BSD. Seriously. I here all sorts of nonsense about how hard it is to switch to Linux, and to Gnu. Screw all of that. Have you noticed that our economy sucks? A common refrain heard by the working class, is that we are now competing with labor markets from around the world. We have to adapt, or go out of business. Do more with less, retrain to do new tasks, yada yada yada.
My answer goes right along with all that other nonsense. If you can't be retrained to run Linux, then you're out of the workforce. And, no, I don't really give a damn that you might lose your home as a result. No one gave a small damn when coal miners were foreclosed on. Or auto workers. Or construction workers.
The "ticking time bomb" isn't Windows XP. The time bomb is America's inability to adapt to a changing reality. Windows is so 1990's. This is the 2010's now.
This 'solution' you so adamantly declare is short-sited, moronic, and, IMO betrays a marked lack of industry knowledge on your part. When you have a company like Boeing, or Raytheon, or well, pick ANY company within the DoD space, or a very large educational system (Stanford, Yale, Harvard) a huge part of their internal structure is based on old systems. Many reasons, some of which are well-known technical scope, compatibility with IE6 (yes this still matters and don't spout any bulls**t about "well upgrade" or "use Chrome Frame" or anything else. That's not an option.), and a defined usage structure, along with simple inertia, are what cause companies to stay on old systems.
And I can assure you; these companies, even though they are not always constantly updating, are very high on MS' priority list of "let's not let them fall".
Re:First... (Score:5, Insightful)
I see what you did there. "I don't understand the hate" has risen to meme status. I don't waste time hating vista, anymore than I would waste time hating broccoli. Vista and win8 share the traits that they were unusable on first release, vista eventually became tolerable but wasn't truly fixed until win7, and win8 is following a similar path. We have some machines still running xp, but the driving force to upgrade is not some artificial Microsoft deadline, but when there will be something reasonable to upgrade to.