It's 2019, and One Third of Businesses Still Have Active Windows XP Deployments

As end of support for the still-popular Windows 7 draws near, risks of unpatched operating systems are likely to be a significant security concern in the near future. intensivevocoder writes: There is a relatively old -- though still fundamentally true -- adage about Windows: Microsoft's biggest competition is Microsoft, as a specific subset of users (and businesses) only upgrade to the latest version of Windows kicking and screaming. According to SpiceWorks' Future of Network and Endpoint Security report, published Tuesday, 32% of organizations still have at least one Windows XP device connected to their network, despite extended support for XP ending in 2014. (Notably, the last variant of XP, Windows POSReady 2009, reached end of life in April 2019 .)

With the looming end of free support for Windows 7, this reticence of users and enterprises to upgrade to newer versions of Windows is likely to create significant security issues. Presently, 79% of organizations still have at least one Windows 7 system on their network, according to SpiceWorks, which also found that two thirds of businesses plan to migrate all of their machines off Windows 7 prior to the end of support on January 14, 2020, while a quarter will only migrate after that deadline. Separately, a Gartner market forecast from April forecasted that only 75% of professional PCs will be on Windows 10 by 2021.

Apps

[Anonymous Coward]

Many companies have apps that are not possible to port to 7+ or too expensive

Thats why.

Re:Apps

[Anonymous Coward]

I agree with the philosophy of only upgrading kicking and screaming. I hate "upgrading", since most of the "upgrade" consists of adding bells and whistles and "features" I don't want.

The rest of the "upgrade" consists of fixing stuff that was broken. I contend that the company should fix stuff they sold you that was broken for free instead of using that as a lever to get you to pay for a new version.

Re:Apps

[Anonymous Coward]

Uh, no. Windows 10 is crippleware that comes bundled with spyware and adware. It is a downgrade from all previous versions of Windows. In fact, Windows 10 is the worst operating system ever made.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[swillden]

Just make sure you don't connect your LAN to the Internet, because between all of the security problems with Homegroup file sharing (which is why they dumped it) and having a bunch of unpatched vulnerabilities, you're just begging to join a botnet.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Apps

[Anonymous Coward]

No, in fact.

We can list all of the problems and you can go and verify them for yourself.

https://itvision.altervista.org/why-windows-10-sucks.html

https://www.zdnet.com/article/worst-windows-10-version-ever-microsofts-terrible-horrible-no-good-very-bad-october/

https://www.cnet.com/forums/discussions/why-is-windows-10-such-a-piece-of-crap/

There you go, that's just for starters.

Re:Apps

[Anonymous Coward]

A few more to add to your list:

https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive [eff.org]
https://www.networkworld.com/article/2956574/windows-10-privacy-spyware-settings-user-agreement.html [networkworld.com]
https://www.gnu.org/proprietary/malware-microsoft.en.html [gnu.org]

Windows 10 is so bad that even though RMS despises Windows in general, he almost sounds fond of Windows 7 & 8 when he contrasts them against Windows 10. And Bruce Schneier is so disgusted by Windows 10 that he could only refer people to the EFF article. That's how utterly crap Windows 10 is.

Re: Apps

[Monster_user]

It is important to note: Upgrading from Windows 8 to Windows 10 does not "fix" anything not directly related to the OS or the hardware/drivers.

The cost of ugrading from Windows 7 or XP to Windows 10 is the cost of upgrading print servers, active directory, replacing legacy servers, legacy business critical applications, group policy configurations, and migrating user data. Once all that is done, there is also the cost of retraining users on the new operating system and its quirks, and quirks between it and user applications. Years in cost and years in labor for some organizations.

Re:

[FaxeTheCat]

The thread specifically addressed Windows 7/XP. I take it for granted that any responsible company keep their infrastructure updated.

Re:

[phantomfive]

You are right, but I want to point out those are poorly written apps.

Re: Apps

[Monster_user]

Microsoft's bread and butter though. Lazy developers.

Re:

[0100010001010011]

I was on a US Coast Guard ship for "Coast Guard Week" in Grand Haven, MI. Every single powered on PC I could see had a "Activate Windows Now!". One of them had up the "You may be using a pirated copy".

WTF.

Re:

[jythie]

Yeah, in my lab we have given up activating our windows installs. Microsoft site licenses seem to have issues after a certain age.

Flawed Stats

[Anonymous Coward]

In my previous job, they had ONE and only ONE WinXP machine (an isolated VM) still in use. That makes them part of the statistic. What was that one and only one VM used for? It ran Internet Explorer 6 with Java 6 installed so it could access legacy "web" (java) based administration interfaces for some legacy hardware still in use (mostly HP printers). Everything else in the company is Win10, Linux, FreeBSD, VMWare, etc, but all modern.

Re:Flawed Stats

[Anonymous Coward]

There are a lot of *very* expensive Windows XP-based measurement systems that still work perfectly and that it's not possible to upgrade but ponying up +20k a piece for a new model,... plus migration trouble. For small companies, that's not gonna happen any time soon.

Re:Flawed Stats

[TWX]

I have an OTDR for fiber optic testing that still runs Windows 2000. It's a dedicated-purpose device. There's no way in hell that I'm letting it get updated.

Re:Flawed Stats

[Anonymous Coward]

I have a client who makes custom carpet using $200,000 machines. The drivers are only available for XP, and you only get drivers for a newer OS if you buy the newer machines. When they discovered this the hard way, it suddenly becomes ridiculously cheaper to salvage/buy enough used XP machines that they can run for the next 100 years or so.

Another client has a $5 million dollar lumber mill that is run using a 486 on DOS as a machine controller. The fun bit is that while it is easy enough to change it to a different machine, all the timing code is dependent on the 33MHz clock, so moving to a different CPU is out of the question. The wires that run over a square mile of floor space are buried in concrete. His mill grosses a million a year; it would cost at least double that to remap everything into a proper PLC. He ended up buying hundreds of 486 PCs on eBay for $5 here or there - more than enough to keep the mill running well after he is dead. Last I heard he would spin up a few a month, keep the hard drives running nicely, replace CMOS batteries as needed, etc. - just another routine task like mowing the grass.

Re:

[Graymalkin]

There's some very expensive Windows 3.11 measurement/diagnostic systems that are still in use today.

Re: Flawed Stats

[Monster_user]

Windows 3.11 exploits are rare, and network connectivity is so poor for 3.11 machines that one would be lucky to even connect to one in three years hence, if it is even possible now. The target base for 3.11 is so small it isn't worth it to learn how to write software that will even execute as a 16-bit process (or was it 8-bit?). And given 16-bit processes won't even execute on a modern platform,...

Windows 3.11 is probably the most secure networked computer at the moment.

Re: Flawed Stats

[tepples]

The other AC's point is that it's not so unreasonable for a third of businesses to have a legitimate use for isolated Windows XP and therefore be included in the stats.

Re:

[Ryzilynt]

The other AC's point is that it's not so unreasonable for a third of businesses to have a legitimate use for isolated Windows XP and therefore be included in the stats.

"According to SpiceWorks' Future of Network and Endpoint Security report, published Tuesday, 32% of organizations still have at least one Windows XP device connected to their network..."

"...Windows XP device connected to their network..."

Its that "Connected to their network" part that keeps haunting me though.

Is an isolated machine connected to the network?

Re: Flawed Stats

[Monster_user]

Isolated can mean in a quarantined zone like a DMZ where it can have little affect on the primary network if any. Minimal would be a separate subnet as most malware does not propagate across subnets, presumably to avoid infecting the author's nation state.

Isolated in this context typically means a one-off PC sitting under a desk somewhere.

Microsoft sells insecurity; that's profitable.

[Futurepower(R)]

Some of our customers are still using Windows XP with no problems. [slashdot.org]

Steaming Pile of Bullshit!

[SirAstral]

Security has never been a concern. Your shit is getting hacked no matter what. The only question is when. Just look at the recent Capitalone compromise, it came from inside, how do you defend from that?

Operating Systems are just Operating Systems, the only reason to upgrade them is to get new features and functionality, security being the least of them as a value. Perimeter defense is still a #1 objective and that has jack and filthy shit to do with your OS.

I would be nice to get rid of Tech Debt but no matter how you slice the pie getting rid of it is not that easy to do sometimes.

Re:Steaming Pile of Bullshit!

[jythie]

While nothing will deter a dedicated hacker with inside knowledge, a fully patched OS and applications will do wonders for stopping opportunistic ones that just troll for known vulnerabilities. Perimeter defense is important, but not the end all of security since it neither defends machines connected to the outside nor does it protect machines on the inside when an a compromised machine like someone's laptop connects internally.

Re:

[slack_justyb]

You must be one of the morons that think that the perimeter stops at the front door

Goes to read the definition of perimeter from Wikipeida [wikipedia.org], Cisco [cisco.com], HP [hp.com], and well this is silly but multiple other sources but I think we all get the point I'm trying to make anyway...

Sips coffee

I think we get what you are saying but I don't think people tend to associate that with the word perimeter security so much so as in something like data security of which perimeter security is a pillar of such. But ya know, a rose by any other name really. I just went read a bunch of sources on the topic, and I'm by

Re:

[jythie]

Ahm, because you just went on a rant about how OS security is irrelevant because perimeter defense is what matters?

You really sound like one of those IT people who have hyper focused on one part of the system and prioritizes it above everything else regardless of how the weights actually fall. I guess to your credit you didn't say 'webscale' even once.

Re:

[guruevi]

Apparently the CapitalOne person no longer worked there yet they had full access to some things. It's basic security lapses that generally leads to major hacks.

Re:

[SirAstral]

"It's basic security lapses that generally leads to major hacks."

That is part of the internal threat. Everyone letting shit in the front door. They do not have to be malicious actors to qualify as an internal threat. Everyone just not getting their jobs done because they lack sufficient knowledge to implement security protocols properly. Management putting so much load on staff that there is no fucking hope of a fucking thing getting done right the first time, second time, or third time around.

From bott

Re:

[thegarbz]

Security has never been a concern. Your shit is getting hacked no matter what. The only question is when. Just look at the recent Capitalone compromise, it came from inside, how do you defend from that?

Hiring practices, employee satisfaction, credential segregation, internal training. There's many ways you can protect yourself from inside threats, and they should be part of your overall security process as well.

Security is always a concern. Just not for the worthless shits at CapitalOne.

Re:Steaming Pile of Bullshit!

[SirAstral]

It's not just CapitalOne.

I have worked enough places to understand that while everyone says they treat security with a concern, they just don't. The #1. Objective is always revenue. And if that new security implementation is going to cost 1$ extra fuck it, they are going to do without.

They will not pay employees enough to be trustworthy or loyal. They will not treat employees with enough respect for either as well. They will not do anything but follow the regulatory and audit requirements they "think" they need to follow. Executives expect to be able to log in with weak security processes because for them... keeping the business and the information they have access to secure is not really all that important after all.

I have been around the block a time or two. Corporate Espionage, pen tests, to pure dumb phishing... very little of it is done right. Security, because of how poorly we conceptualize it, is just not a concern... no matter how much people preach about it. They only require that they "feel" secure. Perception is reality... even when it's provably wrong.

You can say you care, but you cannot be believed until you show it!

Re:Steaming Pile of Bullshit!

[TWX]

Perimeter defense has given-way to layered defenses.

Defenses exist on the periphery of the organization, internally in routing between subnets, within subnets using technology like VACLs and private ports to block direct communications between devices that don't need to directly communicate, and on the devices themselves, so attempt to prevent initial infection.

The problem is that layered defenses are expensive. You need to build it to begin with, and even if your hardware already supports it, you have to spend money to implement it. You then have to spend money to maintain it, because if you take the step of blocking say, PC to PC communications on a subnet, and then some department buys software that requires that communications, now you have to go through and refine your security to allow that which there's a business-case for.

Microsoft's problem these days is they're taking away functionality when creating new versions of the OS. Taking away functionality makes the new versions less desirable so if there's a way to keep the old one around, they will do so.

Re:Steaming Pile of Bullshit!

[Sarten-X]

Just look at the recent Capitalone compromise, it came from inside, how do you defend from that?

Mostly, by refusing to be defeated. You start with small improvements:

• Throw out those old printers and appliances that haven't seen an update since their Y2K patches, and replace them with something new. Put those new devices on their own VLAN, with ACLs to block traffic not related to required functions.
• Enable firewalls on all systems. Open just the handful of ports you actually need.
• Make sure your core systems (domain controllers, file servers, terminal servers) are getting automatic updates as frequently as possible.
• Make lots of little groups for each management unit in your organization. Make the managers audit their membership, then start limiting resource access based on role.
• Never log on to a machine using a domain admin account. Use an unprivileged account, then elevate when needed using a dedicated domain admin account.
• Audit domain admin membership. Any regular users whose primary account is a domain admin should be added to the administrator group on their machine, and removed from domain admin.
• Conduct a full inventory of the enterprise, and account for every physical device and virtual machine. Remove any devices that are unused or without identifiable owners.
• Deploy antivirus across the enterprise, and ensure it's getting updates at least daily. If it can update automatically more frequently, it should do so.

After that, move on to more aggressive defense:

• Empower users by deploying common software (notably VLC and Notepad++) so users don't try to download random software.
• Migrate data storage to cloud (or on-premise hosted) services with offline backups.
• Implement event logging and an analysis system.
• Use SCCM, MDT, Ansible, Puppet, or any other automation tool to deploy systems, so your systems are essentially disposable.
• Move services to a separate VLAN and add strict firewall and ACL rules allowing only those services to communicate.
• Move all management to a separate VLAN with dedicated management endpoints.
• Remove all obsolete devices, and upgrade everything to fully-supported versions. Isolate everything that can't be updated, and start saving money to replace them when they're damaged.

It's a long list, but nothing's too big a task in itself. These all fall into a larger goal of making your network difficult for an attacker to navigate, and resilient against malware attacks. Even an insider who knows the network layout will have a hard time getting access to services they aren't directly authorized for, and by putting control of membership in their managers' hands, their access is much more likely to be cut off quickly.

Re:

[johnsie]

My shit is a lot less likely to get hacked if I patch my shit and don't keep known vulnerabilities open. While I can never 100% percent prevent my shit from being hacked, I can minimise the risk. Running unpatched software is about as secure as a chocolate fire guard.

Re:

[bill_mcgonigle]

Your shit is getting hacked no matter what. The only question is when.

This kind of binary thinking is the enemy of sound security practices.

Your odds of "getting hacked" depend on the systems and processes you have in place. The goal of good security practice is to increases the costs and decrease the odds. There are formal methods for mapping these out, and the goal of a sound practice is to decrease the odds as much as possible for the amount of resources you are able to expend on the effort (time and m

MS hasn't dropped the ball yet

[DogDude]

MS always threatens to stop security updates, but they've been really good about sending out patches even for really old systems if something sufficiently ugly crops up. We're sticking with Windows 7 for the foreseeable future. We have one Windows 2003 Server that we might update soon, but even that still gets MS security updates.

Re:

[bobby]

MS always threatens to stop security updates, but they've been really good about sending out patches even for really old systems if something sufficiently ugly crops up. We're sticking with Windows 7 for the foreseeable future. We have one Windows 2003 Server that we might update soon, but even that still gets MS security updates.

Agreed, but how are you getting updates for the 2003 machine?

In my experience

[thereddaikon]

Many of these systems are still around because they are used to interface with extremely expensive equipment that must have a PC to control them but doesn't support anything newer. I've seen EKGs only work with XP, CNCs only work with DOS and everything in between. We are talking 5 and 6 figure equipment where the manufacturer refuses to update drivers or supporting anything newer. Sometimes its because they have a product that supersedes it and sometimes its because they are stuck in the stone age for no known reason.

Re:

[Chromal]

This is surely a leading cause: legacy equipment. If these operators are expected to upgrade to the most modern acceptable Windows version, then somehow needs to release Windows 7 drivers for the hardware.

Re:In my experience

[tepples]

The problem is that manufacturers use driver binary interface transitions as a chance to turn old peripherals into e-waste: "We'll sell you a license for Windows 7 or 10 drivers for the existing peripheral for $100,000, or we'll sell you a brand new one for $100,000."

Re:In my experience

[Rockoon]

CNC's only driven by DOS is a good thing.

The routine interaction between operator and CNC in the most high end and critical deployment is the operator making small corrections, adding 1/10000th of an inch at a time to how far one of the arms will go grinding the part being built. The operator spends most of their time measuring the parts after they come out of the machine, and the corrections are to keep the part within tight specs often as low as of +/- 2/10000ths of an inch.

This doesnt need windows. This doesnt need internet access. This doesnt need a multi-user OS. This needs a small screen and a keyboard.

Re:

[nnull]

Good luck trying to find someone to make you something embedded. Then when that needs to get replaced, it costs thousands of dollars. Developing for a multi-user OS is just easier to deal with and easy to replace. And if you don't believe me, just find precision guillotine cutters, since it has exactly what you want and see the cost of the stupid screen and keyboard is, when I can build the same damn thing with a stupid raspberry pi for $100 and maybe the added touchscreen for another $100.

Microcut and Baum

Re:In my experience

[nnull]

It's one of the reasons I make clear to the manufacturers I buy equipment from that I don't want Windows and I want it to run linux. I specify in my contract I want full access to the PLC's, the system and everything in between, none of this proprietary BS. And you want to know what? They bend over backwards for me to do it. They don't sell these pieces of equipment on a daily basis and they will do anything to get a sale when it's stuff that costs over a hundred thousand dollars. Don't get screwed over like many people I know, start negotiating and stop being a pansy.

And if the interface gets too old, I can always run it virtualized easily until I replace the hardware and everything else.

And at least with CNC machines, Fanuc is undermining all the manufacturers and helping people rebuild old CNC's with their system.

Would have been nice...

[kenh]

Would have been nice if this story included an indication of how many of those environments:

Have WinXP connected to Internet?
Have WinXP running on user desktops?
Have WinXP running to support legacy hardware (ATM, MRI, POS, CNC, etc)?

I think only a few run WinXP on a user desktop, a similar small number have it connected to the internet - the vast majority likely run it in association with old hardware unsupported by later releases of Windows.

But, But, But, Microsoft Says

[mykepredko]

Windows 10 is the bestest, most securiest, most user friendliest OS on the face of the planet and will be until the year 3,000.

Could it be that these businesses actually understand their technology needs and are able to properly implement them so don't feel dependent on Microsoft as Microsoft would like them to be?

Re:

[mykepredko]

I *love* getting a rise out of MS employees that always hide behind AC.

Re:

[luther349]

its a none issue as these machine are often not even networked.

What am I supposed to do?

[methano]

So I have this instrument sitting beside my desk. It's an High Performance Liquid Chromatography instrument or HPLC. It's 19 years old and still works fine. It's controlled by a computer running Win2000. The software only runs on Win2000, in fact, a particular version of Win2000. The manufacturer would love to sell me a new machine for 75K that does the same thing except that it uses Windows 10. Screw that.

Re:

[geek]

Unplug it from the internet. It has no need to be connected. Now you're safe. If it has USB then super glue the ports.

Then pray to whatever god you pray to the hardware doesn't die because chances are you'll never be able to replace that shit.

At some point you will upgrade. In the meantime be smart. Don't connect shit to the network that doesn't absolutely need to be. That goes for the new stuff too.

Re:

[blind biker]

This sort of stuff is not usually connected to a network.

I have been working in a masspec and liquid chromatography lab for years, and some of the machines there cost as much as $400.000. Not one of the computers was networked.

Same goes for other experimental equipment I have dealt with earlier in my life, like electron microscopes, profilometers, etc.

Re:

[blind biker]

Then pray to whatever god you pray to the hardware doesn't die because chances are you'll never be able to replace that shit.

Interestingly, we've never had any issue with that. We always had a great supply of components and machines, and I feel confident that the labs I've worked in will be fine for at least 15-20 years from now. Old hardware is not expensive and it is plentiful.

Not Worth Upgrading

[tbq]

We have one XP workstation left at work that I use daily. It runs a $20,000 piece of software that controls an even more expensive piece of equipment. The software version is not compatible with a newer OS, and the newer version of the software is not compatible with the equipment. It would cost tens of thousands of dollars to replace a truckload of hardware to upgrade to Windows 7 (no clue about Win10), with no measurable productivity gains.

We recently retired a dual Pentium 3 machine running Windows 2000 that controlled a high wattage laser assembly. It was replaced with a Windows 2003 server running a Core2Duo processor.

We also have both a G4 and G5 Mac that each run a specific application that we use. Upgrading to newer versions of the software to run on newer computers would cost thousands of dollars without providing any new functionality or benefit.

Re:

[luther349]

i dont think any of those machines even see the internet.

Re:

[nnull]

The problem with being in this situation, you run the risk of the equipment going down and struggling to find someone to fix it. And I guarantee you it will happen in the worst time in production. I run my own manufacturing business and I always rebuild my equipment if I find anything discontinued that is critical for the equipment. It's not worth it to me if I can't get things overnight to repair.

What's funny is I have desperate people calling me for help because I'm the only one in the area that knows how

Re:

[johnsie]

Sounds like you fcked up big time when you made your software/hardware purchases. No thought went into future proofing and/or standards?

Re:

[TheReaperD]

When you have a use specific device that only one vendor sells at any price, you're fucked. (Yes, we can actually type fuck on this site.) And for people that would argue and get together with other companies to create competition, you have to realize there are some specialized pieces of equipment that less than 5 of them will be sold per year. No manufacturer wants to split a market that small.

Re:

[theurge14]

Indeed, 32-bit systems can only read up to 2GB of address space. Also, FAT16 filesystem can only support up to 2GB.

https://en.wikipedia.org/wiki/... [wikipedia.org]

My comapny has one

[Revek]

Its a virtual, hooked to private network used to manage legacy networking and video gear. Typical sad story of good company gets bought out by competitor and all updates on equipment stops. Thus you are stuck with half a million dollars worth of equipment that can only be managed with ie8.

Embedded devices are mainly what I see...

[ctilsie242]

If I see Windows XP, it usually is part of some embedded device, like a CNC mill, a vend-a-goat machine, or some hideously expensive piece of machinery that does a very precise job. There is no way that it will ever be upgraded. Instead, it goes behind a firewall, or even better an air gap.

I wish people who made CNC mills and such would actually use an embedded OS that does not really need to be upgraded like a general purpose desktop OS has to be. For example, for some large, expensive contraption, it should be using INTEGRITY OS, QNX, KasperskyOS, or Green Hills Linux. Something that is designed from the kernel up to work, day in and day out, minimize being in an unknown state, and running so few services that it has a small attack surface.

At the worst, use an embedded version of Windows. Windows 10, and Windows Server 2019 both come in IoT versions.

Re:

[Slayer]

You put a lot of undeserved trust into embedded operating systems, these are at least as buggy as their desktop counterparts. Millions of hacked web cameras now part of DDoS networks prove this assertion. The fairly recent TCP SACK attack vector affects pretty much every embedded linux device out there, and it's hot enough that people did not even dare publish an exploit for it. Add to this, that companies are not exactly forthcoming with firmware updates as fundamental as an OS update.

The funny thing about

FUD

[kackle]

There's no proof that Windows 10 is more secure than Windows XP; there can't be because 10 is presently constantly changing. The unknown is unknown. Wake me when using XP allows for instant, indefensible infection by just visiting a web page.

Re:

[StormReaver]

Wake me when using XP allows for instant, indefensible infection by just visiting a web page.

That's been the entire history of all versions of Windows, and always will be.

Re:

[iggymanz]

it's worse with Windows 10, where automatically hitting Microsoft for updates can bring your machine down

XP is my only choice

[daveywest]

I work with two XP systems; one is a VM and the other a stand-alone box. Both run very outdated software that interface with industry-specific hardware that has been end-of-life for over a decade. The strange thing is just because no one manufactures these particular systems doesn't mean they are obsolete. Both work well and have proved the test of time for robustness.

Some old legacy hardware

[havana9]

If someone has to use old legacy hardware sometimes has to use an old operating system. Windows, with Vista has dropped by itself some legacy drivers, like the MPU401 and analogue joystick drivers. I have an old EPROM programmer that uses the parallel port and runs only on DOS, I have a computer that has a Freedos partition for control the programmer. There are newer PROM programmers nowadays but for my need it will suffice.
For the business it could be that an old equipment is hooked to a specific comput

I gotcher "upgrade" right here...

[hyades1]

We've got two Win 7 machines and an XP machine. The rest are Win 8.1. When an upgrade becomes utterly inescapable, it will be to Linux, not Win 10 or whatever comes next.

First, we have no intention of renting an operating system and, increasingly, the business software we need. Second, no matter how well you manage to tie down an operating system designed to function essentially as spyware, sooner or later, it's going to do what it was always intended to do and compromise the privacy of your clients.

Re:

[johnsie]

I'm sure it will really dent Microsoft's profits if you personally carry out that threat. I'd better sell my shares.

Windows XP was the last to support

[3seas]

...game/midi ports.

Though I found a hack online that applied to a given PCI slot that allows my soundblaster card with a game/midi port to work with Windows 7 pro.
Unfortunately, I haven't been able to locate the hack downloaded file or find it online anymore.

Sound Blaster gameport

[DrYak]

...game/midi ports.

Though I found a hack online that applied to a given PCI slot that allows my soundblaster card with a game/midi port to work with Windows 7 pro.
Unfortunately, I haven't been able to locate the hack downloaded file or find it online anymore.

kx-project [kxproject.com], maybe ?

It's comunity-made drivers for the EMU 10k1 and 10k2 chips found on (most of) the Sound Blaster Live!, 5.1 and Audigy line of sound cards.
They do support MIDI and Gameport.

On the forums some people have even managed to find drivers for Win10 64bits [hardwareheaven.com].

Also, in my own experience, Linux also still supports it.

lol xp

[luther349]

i seen machines as old as commodore 64s still doing there job. yes the c64 where recently retired but still lots of dos machines out there working. when a computer is being used for one defecated task there is no need to upgrade it. in fact there often embbed as part of the machine its running.

Idiotic, seriously

[pz]

We have multiple Windows XP machines running in my lab.

Why?

Because when we start up our mission-critical software, more-or-less nothing else runs. We've figured out how to achieve that to a level that is acceptable (it isn't always true, but the intrusions are sufficiently infrequent that they are acceptable).

Under Windows 10, you have no control over your hardware. We can no longer achieve acceptable levels of intrusions of arbitrary nature. It is just that simple.

Now we're not stupid. These machines ar

WHY NOT?

[bussdriver]

IF IT WORKS DON'T FUCK WITH IT!
There is no reason to not run DOS software in your business! Or C64 either! Eventually you get an emulator which has decades of testing behind it and is free and open source.

If the system is publicly accessible or on the internet then you have real risks that require actions to be taken; otherwise, there is no reason to change it. Putting Win XP on any network is crazy unless you can block almost every port at the router so much it's virtually unplugged.

We have tons of legac

Re:

[johnsie]

"Now we're not stupid" And yet you run an unpatched operating system for mission critical software. Hmmm.....

What do they expect?

[darth_borehd]

They dropped backward compatibility and became increasingly hostile over the years to even the idea that somebody might run older programs on their new OS.

The reality for many businesses is that they wind up keeping old machines running printing presses, air conditioning units, tape robots, inventory control, and a myriad other things because there either is no viable alternative that runs on the new version of Windows.

Ubuntu

[slazzy]

Hope they Switch to Ubuntu/mint good for the environment to keep using old hardware that works.

Re:

[johnsie]

Ubuntu wouldn't be my first choice for old hardware. It's kind of bloated. Lubuntu maybe or some other distro that is more aimed at older hardware.

Custom hardware

[DrYak]

Most of such old machine are used to control extremely expensive and very custom hardware.
(thinks 15-20 years old lab equipment, that cost 200k $ to acquire and still works).

They aren't used for office work.

You can't trivially replace them with linux. Yes, the PC itself could run Ubuntu without problems.
The problem is not the PC itself. The problem is the 200k $ machine it's attached to.

Usually, it's not attached with something standard (like a network cable).
If you're lucky, it's an USB-cable with some wei

Nobody likes change

[trolman]

It works, use it. The quickest way to make a Windows XP machine almost completely secure is to prevent it from accessing the internet. Firewall the things off inside and outside of your network and only allow the connections that are needed.

Re:

[account_deleted]

Comment removed based on user account deletion

software is broken

[sad_]

most of the stories here are about some software that only works on an old OS with no new version available, sometimes it is needed to control a superexpensive piece of hardware.
software is just broken, or at least this model of selling locked software, what is the point if you are not interested in maintaining it?
another case where the software source should be available with the purchase, so if anything, you can make sure yourself that there at least is a possibility to modify it to work on modern systems

POS ?

[nukenerd]

the last variant of XP, Windows POSReady 2009

Piece of shit? I thought that was still going as Windows 10.

Built-in XP Controllers....

[weiserfireman]

I worked in a CNC Machine Shop for over 15 years.

Many of our CNC Machines came with XP embedded into the machines controllers. We also had Win2k integrated machines.

Problem is that with these embedded systems, it is prohibitively expensive to upgrade them. $25,000 for the parts, and 2 days on-site for a technician, about $4,000 with expenses, to upgrade 1 machine to a new OS.

My solution was to keep the CNC machines on a seperate VLAN and block them from internet access. Company stored CNC files on a fi

Re:

[Chromal]

Obviously the progression here is: MS-DOS -> Windows 3.11 > Windows NT 4.0 - > Windows XP -> Windows 7 -> Linux

Re:

[Stormwatch]

It's called "macOS" these days. And consider this: when a friend says goddamn Windows is acting up again, which of these lines is more likely to convince him to try an alternative?

Option 1: Dude, buy this $1000+ computer, it's better than Windows.
Option 2: Dude, download this free system, it's better than Windows.

Re:

[FaxeTheCat]

How is telemetry an issue on an offline computer...?

Re:

[bobby]

How is telemetry an issue on an offline computer...?

Good point for any OS.

I used to take Windows 3.1 online all the time. NCSA Mosaic for sure, and I forget what other browser I ran. Maybe early Netscrape?

But Win98SE for sure; used it a lot until 2005-ish. Of course used Linux generally much more than Windows.

Re:

[guruevi]

More like 32% of organizations give absolutely zero fucks about the 15 year old computers their personnel has to work with as long as it doesn't cost them money in this quarter.

Re:

[johnsie]

IT safety is not something you demonstrate. Hackers don't always wave around screaming that they have compromised your systems. The good ones steal data or use your resources undetected. Chances are that if you are too lazy to patch your software then you are also do lazy to check logs for suspicious activity. Also, firewalls protect against different attack vectors that than software patching.

Re:

[Cid Highwind]

Windows 7 was the high water mark.

That's what they said about XP, and 2K, and 98, and DOS 6.

Re:

[Pentium100]

Well, maybe Windows 11 will be better - no telemetry, no spyware, no forced reboots, no forced "feature upgrades", you know, a stable OS, kinda like 7 or XP.

Oh, but Microsoft said that 10 will be the last Windows version ever, so that's not happening.

I am staying with 7. It takes too long to cut everything unwanted from Windows 10 anyway and after I do it, I cannot update it since updates turn everything back on.

Re:

[trolman]

If you can afford to run LTSB/LTSC and spend the weeks of work that it takes to make your stuff work then by all means move to Windows 10.

Re: You have been told.

[zkiwi34]

Win 1.x through 10.x have all sucked, as will future versions.
Why?
Because they were all built with goal #1 being maximising revenue for Microsoft.

Re:Good thing that FOSS has much longer support cy

[StormReaver]

Imagine somebody installing a Linux distro from 2001 (when XP was released) today and asking for help (or even getting it to boot at all)...

If there were sufficient motivation, anyone with the appropriate skills could do it. It's one of the features of Open Source and Free Software.

That being said, all of my Open Source and Free Software from 2001 still works on my fully modern Linux systems. It's only the short-sighted people who hitched their horses to proprietary systems that have a problem.

Re:

[luther349]

back-doors spy-where even key-logging built into the os as a feature. dont forget forced updates that often just brake the os due to some awesome quality control from Microsoft.

Re:

[johnsie]

I guess you forgot to take the meds for your paranoia today. Every OS has security vulnerabilities, which is why it's important to patch. Microsoft has been pretty good at patching Windows 10 frequently. Windows XP doesn't get patched, so good luck with that.

Re:

[speedlaw]

sure, once they scammed my Windows 7 away

Re:

[johnsie]

Good luck with that. I tested it in 2012. Seven years later it's still not stable.

Re:

[johnsie]

Hi, my dog is running a child porn server off your xp machine.

Re:

[TheReaperD]

Yes, probably 50+ percent of the 5 digit or less ID users on the site has and 10-20% of the 6 digit ID users. (Whether they know it or not.)