Registry Hack Enables Continued Updates For Windows XP

DroidJason1 (3589319) writes "A registry workaround, which tricks Windows Update into thinking you are running Windows Embedded POSReady 2009, allows you to get free security updates until 2019. All you need is a simple 32bit or 64bit registry entry in order to make this work. POSReady 2009 is slated to receive security updates for another five years. Microsoft ended support for Windows XP on April 8th of 2014."

Re:This act is highly illegal

[TWX]

What's illegal about it? Is it illegal to use Microsoft's provided tools to edit my registry, browing to HKEY_LOCAL_MACHINE\SYSTEM\WPA, then creating a new key called PosReady, then creating a new dword in PosReady called "Installed" with a value of 00000001?

Digital:Convergence had much more claim to the cuecat scanner's security than this could ever command.

Security risk?

[erice]

Point of Sale systems usually operate under more controlled conditions than end user machines. Would these updates keep your XP machine plausibly secure or highly vulnerable to threats not considered serious to point of sale systems? What about vulnerabilities in components not present in POSReady 2009 but used in XP?

Re:are the people still running XP

[Anonymous Coward]

Yes.

Because driver support for things like musical equipment and old SCSI devices often didn't get updated or supported after XP.

I have a fairly expensive SCSI scanner that can handle poster sized sheets but the only software I can find for it runs in XP. I have 3 Windows 7 boxes and one XP, and I'll keep running XP until I can get all my devices off it (MIDI controllers, instrument packages, old scanner, etc)

It's not my fault these old components have no driver upgrade path, so I'm stuck with one XP box probably until I upgrade about $5k worth of stuff that just works

Re:Are you kidding me?

[The Snowman]

Considering how full of holes Linux based home routers turn out to be, do you think Linux based cash registers would be any better than XP cash registers? I am just flabbergasted that cash registers are on networks with internet access.

Up until a few months ago I worked for a Retail Point of Sale company for more than seven years as a developer. The typical topology goes something like this. Each store has a cable or DSL modem to get to the internet. They have it locked down so the only way in or out is through a VPN to the home office. This essentially gives them LAN access to shared resources such as centralized databases (this is why you can return at a store other than the one where you bought something, or check another store's inventory), payment system gateways, etc. This is a heavily secured and audited network segment due to the sensitive nature of the data. Any "regular" internet access from a register goes through that VPN and a firewall at the home office. Browsers are locked down on each register and regularly patched and updated remotely. They will sometimes use a whitelist of sites, sometimes not: JavaScript and other "features" are typically restricted as much as feasible.

This system works really well, despite having a lot of pieces geographically scattered. The VPN makes it easy to connect to any register in a retail chain since it is essentially a LAN. With the VPN and firewalls, you have a distributed yet secured network. The only times I have ever seen a network intrusion at any customer of my former employer was due to human error: a network technician forgetting to set something up right despite numerous checklists and test environments. Pretty rare in my experience working with 30+ retail customers.

Re:Are you kidding me?

[cusco]

I always like RKeeper's (large Moscow-based POS system) quick-and-dirty solution: make all the POS machines use NetBEUI. Can't route, the only way to get to the machines from outside is through remote controlling the server.