End of Windows XP support era signals beginning of security nightmare

[Nothinman]

My point is we should look at Operating Systems differently and where they begin and end. For example Apple only updates Mail.app with the OS, but iTunes updates independently, whos to say Mail.app is an OS level component? For your first point, there's really no reason Windows XP TECHNICALLY can't be made 'more' secure with a Service Pack beyond marketing upgrade pricing. The fundamentals are all there. Now that Windows 7 works well, and is pretty darn secure, what do I need Windows 8 for? Windows 8 has a fancy GUI, but again, you could technically implement it on Windows 7. How many times are we going to change the GUI though? I can understand a new GUI as we change input models (from a mouse to touch), but how many times can you change the task bar and start menu? And do I really need to pay $130 for a new taskbar?

To me spending $130 every 3 years just to update something that technically works fine will wear out eventually. It worked well initially as we tried to figure out effective ways of using computers since it was so new to society.

As the OS developer they get to choose what is part of it and what isn't, it's as simple as that. Should Mail.App be considered part of the OS? I don't think so, but apparently they do. Operating system is a pretty loose term and your definition of core functionality differs from a lot of people's it would seem.

XP couldn't have some of the changes applied with a SP without a major rework, e.g. Vista. Moving driver to user space, adding UAC and filesystem and registry virtualization, etc are all major overhauls of certain areas that should only be applied to a new, major release. You get a lot more than a new task bar for $130 and for something that you use every day for several years I think the price is reasonable, especially OEM pricing which is what most people end up paying.

Most people pay more than $130/mo for cable, doing it every 3 years for something that is infinitely more useful seems like a no-brainer to me. Or if you hate spending that little bit of money so much then stop. Install Linux and never pay for another update.

 

[Remobz]

Companies have two years to upgrade from software that is more than ten years old or install a firewall on systems in industrial networks.

Many still have not.

 

[nemesismk2]

Many still have not.

The smaller the company the more likely they will be left behind but I do know that even the British NHS need to start replacing their use of Windows XP sooner rather than later. lol

 

[Nothinman]

The smaller the company the more likely they will be left behind but I do know that even the British NHS need to start replacing their use of Windows XP sooner rather than later. lol

I would say the opposite is true. It's easier to replace 7 PCs than it is 700 and smaller companies are less likely to be locked into "Enterprise" software that doesn't work on Win7 yet.

 

[imagoon]

For your first point, there's really no reason Windows XP TECHNICALLY can't be made 'more' secure with a Service Pack beyond marketing upgrade pricing. The fundamentals are all there.

I personally always get a kick out of these type of comments because it really is absurd when you think about it.

Technically... Windows XP could be:
Rewritten to send rockets in to orbit.
Modified to run a car entertainment system.
Rewritten to run on VAX.
Recompiled to run on an Android phone.
Recompiled to run on an iPhone.
etc... etc...

Technically Windows XP can do anything. Microsoft has decided to drop the code base. That is the real thing here. They also no longer want to support the code base. FYI if you are willing to drop the money, they will go back and do modifications on NT4. They are dropping "doing it for free." It is silly to expect your $199 license to entitle you to a lifetime of updates.

 

[C1]

It is silly to expect your $199 license to entitle you to a lifetime of updates.

Actually you get this (ie, lifetime free updates) with purchase of various flavors of Linux and for a lot lot less.

I never worry about needing to upgrade just for the sake of change. (It is almost as if people treat OSes as a fashion.)

The change is driven by cost and effort to get jobs completed. When an OS becomes more trouble than its worth in terms of completing a development or delivery, then it's time to change.

In general, upgrading is PITA as it involves also having to transition to newer versions or even different applications as well as even new hardware. The bow wave can be terrific from both time and cost.

In addition, upgrades are not necessarily problem free and often result in establishing different issues/challenges.

 

[imagoon]

Actually you get this (ie, lifetime free updates) with purchase of various flavors of Linux and for a lot lot less.

Not really. You get the effort of people who if they feel like it, continue to update the stuff you use. I can look up on kernel.org the list of hardware that was dropped from support kernel to kernel. The number of dead projects out there is practically uncountable.

Ask the people of Kernel 2.2 which was released around the time 2000 was released and about 1 year prior to XP.

For the $199, you got a company that was committed to maintain the security patches for an OS for at least ten years.

All the rest of your post can be repeated verbatim from going to kernel 2.2 -> 2.4 -> 2.6 -> 3.0 and 3.2.

These exact same issues occur to me daily when you find people with RHEL 5.0 and the like because "they can't upgrade" because some moldy version of Oracle they have won't work on 5.8 or 6.x.

 

[Nothinman]

Not really. You get the effort of people who if they feel like it, continue to update the stuff you use. I can look up on kernel.org the list of hardware that was dropped from support kernel to kernel. The number of dead projects out there is practically uncountable.

Ask the people of Kernel 2.2 which was released around the time 2000 was released and about 1 year prior to XP.

For the $199, you got a company that was committed to maintain the security patches for an OS for at least ten years.

All the rest of your post can be repeated verbatim from going to kernel 2.2 -> 2.4 -> 2.6 -> 3.0 and 3.2.

These exact same issues occur to me daily when you find people with RHEL 5.0 and the like because "they can't upgrade" because some moldy version of Oracle they have won't work on 5.8 or 6.x.

But with Linux you can still upgrade the kernel and other software piecemeal for free if you really want, with Windows you have no choice.

And being tied to ancient versions of software because "Enterprise" software hasn't progressed is anything new and is no fault of Linux, that's the fault of Oracle, SAP, etc's or whoever developed the softgware.

 

[imagoon]

But with Linux you can still upgrade the kernel and other software piecemeal for free if you really want, with Windows you have no choice.

And being tied to ancient versions of software because "Enterprise" software hasn't progressed is anything new and is no fault of Linux, that's the fault of Oracle, SAP, etc's or whoever developed the softgware.

I will give you that but it really isn't my point. I think it is absurd that people give a company $199 and expect a lifetime of support. Also what happens when a kernel upgrade breaks a driver and the open source community hasn't updated theirs in 6 years. It is all the same thing.

Also they do have a choice, they can pay programmers at MS to make updates to dead code. Redhat will do the same if you really want that 2.0 kernel for some reason.

 

[Muse]

To me spending $130 every 3 years just to update something that technically works fine will wear out eventually. It worked well initially as we tried to figure out effective ways of using computers since it was so new to society.

Yeah, reasons to upgrade have been waining. Windows 3.1 was a huge quantum leap from DOS 6 (although apps that ran under it were still essentially 16 bit DOS apps, boy were things unstable!) and Windows 95 another huge upgrade from Windows 3.11 for Workgroups (which was just Windows 3.1 on steroids). ME was meh, Windows 2000 wasn't that big a deal at all except that it added the stability of the NT core. XP ironed out the kinks. From there, it seems to me that Vista and Windows 7 have been mainly to keep up with hardware development, oh the security stuff, right. (Did I leave any upgrades out? Um, yeah, Windows 98 and it's successor upgrade, Special Edition?) Well, as noted here, MS could have dealt with the security issues of XP better (and maybe still could, if they wanted) but preferred to keep people on the upgrade train.

 

[Nothinman]

I will give you that but it really isn't my point. I think it is absurd that people give a company $199 and expect a lifetime of support. Also what happens when a kernel upgrade breaks a driver and the open source community hasn't updated theirs in 6 years. It is all the same thing.

Also they do have a choice, they can pay programmers at MS to make updates to dead code. Redhat will do the same if you really want that 2.0 kernel for some reason.

I agree that people need to realize that software eventually dies and that they should be transition to something newer and supported, but with Linux you have the source code so you or anyone can take a crack and updating it if you really desire.

I wasn't aware that MS would take a contract to update something older like Win95 or WinXP, where do you get that?

XP ironed out the kinks. From there, it seems to me that Vista and Windows 7 have been mainly to keep up with hardware development, oh the security stuff, right. (Did I leave any upgrades out? Um, yeah, Windows 98 and it's successor upgrade, Special Edition?) Well, as noted here, MS could have dealt with the security issues of XP better (and maybe still could, if they wanted) but preferred to keep people on the upgrade train.

MS did deal with the security issues of XP, it's called Vista and Win7. Whether you like that they made them full releases instead of service packs is irrelevant and is totally their call as it's their product. The security and driver changes were so huge that I agree that the resulting OS shouldn't be called XP.

 

[gmaster456]

Yeah, reasons to upgrade have been waining. Windows 3.1 was a huge quantum leap from DOS 6 (although apps that ran under it were still essentially 16 bit DOS apps, boy were things unstable!) and Windows 95 another huge upgrade from Windows 3.11 for Workgroups (which was just Windows 3.1 on steroids). ME was meh, Windows 2000 wasn't that big a deal at all except that it added the stability of the NT core. XP ironed out the kinks. From there, it seems to me that Vista and Windows 7 have been mainly to keep up with hardware development, oh the security stuff, right. (Did I leave any upgrades out? Um, yeah, Windows 98 and it's successor upgrade, Special Edition?) Well, as noted here, MS could have dealt with the security issues of XP better (and maybe still could, if they wanted) but preferred to keep people on the upgrade train.

Shame on microsoft for trying to make money .

 

[nemesismk2]

Shame on microsoft for trying to make money .

Yes shame on Microsoft when you consider that Bill Gates gives away his money. Come on Mr Gates can't you spare a few $$$ to keep Windows XP going for longer? It would be a good cause to support Windows XP lol

 

[imagoon]

I wasn't aware that MS would take a contract to update something older like Win95 or WinXP, where do you get that?

You contact their coding services and they will give you a quote. No home use ever would do it because the prices typically start in the 5 digits, and have no "support" after the job is signed off on. If you walked up with a rather large 7-9 digit number to update NT4 they would do it.

They do limit scope however. They will not do something useless like update paint in to photoshop but adding hooks for special hardware isn't impossible. Most commonly they would do this in embedded editions.

 

[nemesismk2]

I have a few million burning a hole in my pocket to get Windows XP supported wink wink

 

[natto fire]

If the DB's at MS are so stupid why don't you put out something better?

I like how you try to counterpoint that other post like it wasn't typed by a raving lunatic.

I held on to Windows 2000 back in the day because I didn't like change. Once I figured out you could change the window theme to Windows Classic, I was sold. Got Windows 7 over a year ago (skipped Vista) and have not missed XP one bit.

 

[wirednuts]

win7 is so damn good i dont think win8 has much chance at all to be honest.... i mean for tablets, YES im sure win8 will dominate. but for everything else... yeesh... are they even going to have a new media center in win8?

 

[Nothinman]

You contact their coding services and they will give you a quote. No home use ever would do it because the prices typically start in the 5 digits, and have no "support" after the job is signed off on. If you walked up with a rather large 7-9 digit number to update NT4 they would do it.

They do limit scope however. They will not do something useless like update paint in to photoshop but adding hooks for special hardware isn't impossible. Most commonly they would do this in embedded editions.

So it's effectively only useful to the government and fortune 10 companies. That's not very useful and IMO isn't even worth posting. You could hire a team of developers to update whatever driver or app in Linux that you want at normal rates. And if it's done well enough the changes may get incorporated back into the upstream of whatever software it is and then you wouldn't have to worry about paying someone to update it again for a while. There is 0 chance of that happening with Windows.

 

[ALLCAPS]

I work for a major public electrical utility that uses XP for everything. Bleeding edge tech in nuclear and solar and still a reliance on XP. When my hdd failed on my 12 year old desktop the IT department gave me a brand new I7 based Dell. Which of course.....runs windows XP.

 

[Jodell88]

I work for a major public electrical utility that uses XP for everything. Bleeding edge tech in nuclear and solar and still a reliance on XP. When my hdd failed on my 12 year old desktop the IT department gave me a brand new I7 based Dell. Which of course.....runs windows XP.

They better get started on the updates.

 

[xSauronx]

I work for a major public electrical utility that uses XP for everything. Bleeding edge tech in nuclear and solar and still a reliance on XP. When my hdd failed on my 12 year old desktop the IT department gave me a brand new I7 based Dell. Which of course.....runs windows XP.

this goes back to the previous comment that updating a boatload of PCs is a lot harder than a few.

i worked for a healthy system until last year and theyve got over 7500 PCs spread out over several hospitals and dozens of clinics. they finished their upgrades to XP in early 2011

they know they need to get to 7, but some of the hardware still wont support it (though they are making a lot of progress there) but the testing will take a solid year to get ready, then god only knows how long to roll out.

 

[nk215]

Does anyone know what would happen to the virtual xp mode in windows 7? Would future SP for win7 continue to support XP mode?

 

[Nothinman]

Does anyone know what would happen to the virtual xp mode in windows 7? Would future SP for win7 continue to support XP mode?

Good question. They've always touted it as a sort of last resort, duct tape solution for apps that can't work with the normal Windows compatibility layers so I think they'll just let it run without updating just like regular XP installs.

 

[Munky]

What security nightmare? I've only gotten a virus twice on XP, and both times were due to my own fault, not the OS. I'd say WinXP is secure enough for people who know what they're doing. For those who don't - well, no OS is secure enough.

 

[imagoon]

What security nightmare? I've only gotten a virus twice on XP, and both times were due to my own fault, not the OS. I'd say WinXP is secure enough for people who know what they're doing. For those who don't - well, no OS is secure enough.

The one that appears when a 0-day shows up on the net for XP and Microsoft says "Sucks to be you." Bonus points if it then uses another 0-day remote exploit to hit all the other Windows XP machines on the network.

Good random hypothetical: Post security cut off for XP, Some GDI / graphics exploit is found. Just viewing a website (ad site? {pretty common} gives you mr.trojan. Mr Trojan then uses another 0 day to infect any XP machine it finds on the network.

It might be hypothetical but I am also the same person that had to deal with: "The copy machine in accounting is attacking the network because it has XP [vanilla] embedded inside and someones home laptop made it lose it's mind."