XP still won't die . . . .

[sm625]

If it runs fine, there is no reason to change it.

 

[Insert_Nickname]

I agree, in addition to the point that newest versions seems "more bloated :sneaky:" compared to XP, especially from business side.

Honestly and with due respect to others opinions, I can't imagine our work place PCs running Win8, the interface isn't that serious!

"Bloated" as in install size or performance? I find that 8(.1) actually runs way better then XP ever did with similar hardware. One thing is that 8(.1) has proper Direct2D acceleration for the GUI (no fall-back to GDI mode). The x86 version also runs just fine with just a single GB of RAM. CPU requirement? Even first generation Atoms and P4s run it fine. So you have something to look forward to with 10, if you haven't tried it already...

 

[Spjut]

"Bloated" as in install size or performance? I find that 8(.1) actually runs way better then XP ever did with similar hardware. One thing is that 8(.1) has proper Direct2D acceleration for the GUI (no fall-back to GDI mode). The x86 version also runs just fine with just a single GB of RAM. CPU requirement? Even first generation Atoms and P4s run it fine. So you have something to look forward to with 10, if you haven't tried it already...

How is it working with really old GPUs though? Many normal users still rocking XP, or having recently moved to Win7, may still have DX9 GPUs.

I've seen multiple AMD users with HD 2000-4000 cards having problems getting the drivers working for Windows 8.1. They never got an official driver for 8.1.

 

[escrow4]

Another thing is that XP has had around 13 years to work out the bugs, whereas Windows 8/10 is always changing and still in a "we don't really know exactly what we're doing" phase introducing new things all the time which could lead to exposing new problems and holes. This is why I'm ok with using the Linux version of Flash (when I actually need to) because the only thing it updates is security and not changing things all the time like 12-16 which introduced new vulnerabilities.

13yrs and it STILL has bugs. 13yrs and it still swiss cheese. And Flash just needs to die permanently.

 

[StinkyPinky]

At work we still probably have 5% of the pc's running XP, simply because they use rare legacy apps or rare old equipment that doesn't have modern 64 bit drivers. They are usually taken offline however (there's only a few online that I know of, and they are in their own network)

It will be interesting to see if we move from Windows 7 to Windows 10 or skip 10 entirely (we skipped vista and 8.1). My gut says we will move to 10 after it has had a few major updates.

 

[MagnusTheBrewer]

My workplace still uses XP. I did an end run and got them to purchase some software I needed that doesn't run on XP so, I get a new computer.

 

[Red Squirrel]

We're slowly upgrading to 7... with the same PCs. It's going to be bloody slow. Most of the machines are core 2 duos and max out at 4GB of ram. You need AT LEAST 4GB for 7, if you want to do real work you want 8GB. I don't care what people say "but it runs fine on 1GB" Yeah, if all you do is play solitaire.

 

[TheRyuu]

Going to suck losing tabbed browsing. We already have about 40 open windows, it's going to be even worse now being stuck using IE.

In Windows 7? You get IE11 which has that stuff.

Funny thing is they probably do that for security... Chrome and Firefox are much more secure than IE6.

I'm not sure it's fair to compare (presumably) modern browsers with IE6. As I mentioned above you get IE11 in Windows 7 so I'm not sure where the IE6 reference is coming from.

So long as Enhanced Protected Mode (w/64-bit) is enabled IE11 is most certainly more secure than Firefox. I'm not saying it doesn't have its own issues (e.g. extensions) but it's still comparable to Chrome/Firefox.

 

[mikeymikec]

@ mikeymikec

http://www.extremetech.com/computin...y-desktop-users-should-upgrade-from-windows-7

Look at the security table what 8 offers baked in compared to 7 . . . . and you skipped over offline XP.

I a point regarding the number of security updates for 8x versus 7 that you still haven't countered, because at the end of the day, if new security features aren't affecting the bottom line (vulnerabilities needing patching), then how much good are they doing?

I didn't skip over offline XP, I covered it in the second paragraph of my response to you.

We're slowly upgrading to 7... with the same PCs. It's going to be bloody slow. Most of the machines are core 2 duos and max out at 4GB of ram. You need AT LEAST 4GB for 7, if you want to do real work you want 8GB. I don't care what people say "but it runs fine on 1GB" Yeah, if all you do is play solitaire.

Cobblers. Unless you only define "real work" as "processes that use a more than two gigs on their own", and if so, nothing that I counts as work. My home/work Win7 system has 4GB RAM and I've never challenged that memory to ~75% capacity during work.

If a machine is otherwise suitable for an OS upgrade but only can handle up to 4GB, I put the 32-bit version on to keep the memory usage down. Having said that, I'm noticing more and more these days that Windows Update memory usage is going through the roof, even on 32-bit systems, it must absolutely kill the typical Win7 Starter 1GB netbook range.

I agree with you about 1GB RAM not "being fine" though, I can usually spot a Win7 system with only 1GB RAM within about ten minutes, especially during the startup routine, because it takes longer to settle than the same machine with at least 2GB RAM and is generally more sluggish.

The only exception I can think of are the 1GB netbooks though, but I suspect that the processor is so sucky that even giving it more RAM immediately presents the processor speed as the next performance barrier.

 

[TheRyuu]

Furthermore, when you talk about "huge strides forward in terms of security", it's odd how the same Windows security updates are available for Win81 as Win7, and sometimes even a few Win81 specific, and that the general number of monthly updates have not decreased since the days of XP being supported.

I'm not sure it's fair to use the number of updates as a guide to the relative security of these operating systems. Are these bugs exploitable in both cases? Does Windows 8.1 contain mitigation that prevent exploitation where 7 does not (even if they may not be enabled by default)? What about kernel exploits and information disclosure? What about bugs in non-Microsoft software? Is it harder to do something useful with them in 8.1 compared to 7?

Are you trying to prove that Windows 7 and 8 share a common base (we already know they do, vista -> 7 -> 8 -> 8.1)?

You always want to raise the bar for attackers. You're never going to completely eliminate software bugs so if you can eliminate the exploitability of them through various operating system protections (which can turn them into DoS bugs, but can't be exploited) then that's certainly a good thing.

However, the reason why "XP won't die" as you put it is because of the following:
...

I agree that the situation can be different in a workplace/enterprise environment. That still doesn't stop us from wishing it would die because lets be honest, it would be nice to move on.

I know XP-using customers who haven't picked up any malware over the years I've known them. I also know Windows 7/8x-using customers whom I see pretty much every year because their habits are like a malware magnet.

I'm sure the opposite is also true. I know people who don't lock their doors when they go out and have never been robbed, that still doesn't mean we shouldn't lock our doors when we go out.

...that's why there's an ongoing process of security updates, and that the most common and easiest way in is to dupe the user into doing something stupid.

While this is true, security also requires you to be proactive. This includes but is by no means limited to SRP policies, running as a standard user, EMET, forcing DEP/ASLR on system wide (provided no compatibility issues), UEFI secure boot and running lsass as a protected process. All of these things can also help protect a user from themselves.

Another thing is that XP has had around 13 years to work out the bugs

That still doesn't take away from the fact that it's still easier to write exploits for XP. There are inherent design decisions in the operating system itself which allows for this.

 

[mikeymikec]

I'm not sure it's fair to use the number of updates as a guide to the relative security of these operating systems. Are these bugs exploitable in both cases? Does Windows 8.1 contain mitigation that prevent exploitation where 7 does not (even if they may not be enabled by default)? What about kernel exploits and information disclosure? What about bugs in non-Microsoft software? Is it harder to do something useful with them in 8.1 compared to 7?

I checked MS's January update list, 8x was just as exploitable and to the same degree as 7 was for all the vulnerabilities addressed by the updates, except two that were 8x specific.

One thing I'll admit is that the security changes that are included in 8x may play a role in making it a tougher nut to crack in the future as the bar is raised through better programming practices that effectively immunises an OS from older exploit tactics, but that theory doesn't really have a current place in the "x is more secure than y" discussion.

You always want to raise the bar for attackers.

Of course you do, I would never suggest otherwise. It just gets my goat when people say "ooh, 8x is so much more secure than 7", but fail to back up their point with arguments of substance, such as, eg. "thanks to this feature, 8x isn't vulnerable to this type of attack which was common on 7".

I'm sure the opposite is also true. I know people who don't lock their doors when they go out and have never been robbed, that still doesn't mean we shouldn't lock our doors when we go out.

I agree completely, my original point there was that the biggest threat to computer security is not the software, it's the user. If we all ran our computers on public IP addresses with no sort of firewalling/filtering (software or hardware), then this "XP must die" argument would have a lot more merit IMO.

While this is true, security also requires you to be proactive. This includes but is by no means limited to SRP policies, running as a standard user, EMET, forcing DEP/ASLR on system wide (provided no compatibility issues), UEFI secure boot and running lsass as a protected process. All of these things can also help protect a user from themselves.

Please note that I have not at any point said that designing new security features is a bad idea.

That still doesn't take away from the fact that it's still easier to write exploits for XP. There are inherent design decisions in the operating system itself which allows for this.

The biggest change that I'm aware of in Windows security was the introduction of UAC. I noticed that it made a huge difference to the type of malware designed from that point on (that the vast majority of malware these days attempts to do what it can with user privs), whereas in XP's day most malware aimed for and succeeded in earning admin privs.

Please note that I really didn't subscribe to what ninaholic was saying there, just that it was a bit early in the morning for me to feel like putting into words my problems with that post. In an attempt to now, I think it's acceptable for there to be some sort of "teething period" when a new piece of software begins its use in public circles, but hopefully the new features of that OS offset the vulnerabilities introduced by "teething". Does 8x do that though? Not sure.

 

[Lorne]

I have 2 machines running NT4, Just found out I can upgrade them to 2K but will wait till they go down first, Its not that I don't want to upgrade to newer its that the software needed to run on them wont run on newer then 2K.
I have 2 others running 2K I want to upgrade to XP after they crash and cant go newer then XP because the software needed wont run.

We upgraded to 7 on several machines and I have to change one from 7 to ether 2K3 or 2K8 because the production software forces us to have a domain or clients cannot connect.

Sometimes its not that you don't want to upgrade, Its that you cannot or spending a hefty sum of money for upgrades which are beyond the scope of the business.

 

[mikeymikec]

@ Lorne

Not even with the application compatiblity settings in XP and later?

 

[Omar F1]

"Bloated" as in install size or performance? I find that 8(.1) actually runs way better then XP ever did with similar hardware. One thing is that 8(.1) has proper Direct2D acceleration for the GUI (no fall-back to GDI mode). The x86 version also runs just fine with just a single GB of RAM. CPU requirement? Even first generation Atoms and P4s run it fine. So you have something to look forward to with 10, if you haven't tried it already...

In overall appearance and theme colors, and I'm talking about work environment not home.


Interesting claim about it's performance on old spec, definitely would try it myself on a single core/512MB ram PC.

 

[Lorne]

@ Mike.
Does not matter what setting, Ether it just wont run or driver incompatability.
I have even had problems with some of the machines and various SP updates of XP, It would work with WinXP SP1 but not SP2, But SP3 would work again.

 

[FrankRamiro]

@ Mike.
Does not matter what setting, Ether it just wont run or driver incompatability.
I have even had problems with some of the machines and various SP updates of XP, It would work with WinXP SP1 but not SP2, But SP3 would work again.

I still have my Xp SP3 running great but updates disconnected,and by choosing my web site links carefully.

and when i run into problems re-install from recovery disc ,internet disconnect,i have a cd with sp2,sp3 and most of the drivers ready on cd.

I forgot for Web browser i don't use Internet Ie,exept to go to ESPN3 and they redirect me to Flash Player that also downloads Google chrome at same time.
Well i gain much experience re-installing XP these days,after the shut down on MS part,
in the beginning after the MS shut down on xp i couldn't get it running at all,had all kind errors,

 

[nemesismk2]

i think that Windows XP users will reduce on July 14 2015 when the Microsoft Malicious Software Removal Tool will stop being supplied by Microsoft. In all honesty your average anti virus will remove anthing that Microsoft Malicious Software Removal Tool does.

 

[Red Squirrel]

In Windows 7? You get IE11 which has that stuff.



I'm not sure it's fair to compare (presumably) modern browsers with IE6. As I mentioned above you get IE11 in Windows 7 so I'm not sure where the IE6 reference is coming from.

So long as Enhanced Protected Mode (w/64-bit) is enabled IE11 is most certainly more secure than Firefox. I'm not saying it doesn't have its own issues (e.g. extensions) but it's still comparable to Chrome/Firefox.

Hmm that's good to know, though it would not surprise me if they find a way to keep us on IE6. Probably have to use Citrix. Most apps are designed specifically for that browser, and a version of Java that was out around that era. CGI, the company that screwed up the US healthcare website is the company that codes all our stuff, so you can imagine how big of a mess everything is. :awe:

 

[TheRyuu]

Hmm that's good to know, though it would not surprise me if they find a way to keep us on IE6. Probably have to use Citrix. Most apps are designed specifically for that browser, and a version of Java that was out around that era. CGI, the company that screwed up the US healthcare website is the company that codes all our stuff, so you can imagine how big of a mess everything is. :awe:

I'm pretty sure it has some kind of compatibility mode for situations like that, not 100% sure though as I haven't really looked into it but I seem to remember reading something like that.

 

[nemesismk2]

I'm pretty sure it has some kind of compatibility mode for situations like that, not 100% sure though as I haven't really looked into it but I seem to remember reading something like that.

i have used the compatibility mode for microsoft internet explorer especially with windows 7 explorer 11 because sometimes the websites don't look very good without.

 

[Ichinisan]

Going to suck losing tabbed browsing. We already have about 40 open windows, it's going to be even worse now being stuck using IE.

In Windows 7? You get IE11 which has that stuff.

Yeah. XP supports IE8. Even IE7 had tabbed browsing.

Is there a situation where IE6 works and IE7 + Compatibility Mode does not?

 

[squirrel dog]

anyone ever run xp 64 bit ? It supports 16 gigs of ram . There is a fellow that has made a sp4 for xp . His site show the 64 bit iso .

 

[ViRGE]

anyone ever run xp 64 bit ? It supports 16 gigs of ram . There is a fellow that has made a sp4 for xp . His site show the 64 bit iso .

XP64 is based on Windows Server 2003. It has minimal driver compatibility and few of the software compatibility fixes that Vista and later versions of Windows have. Outside of a handful of situations it should not be used, especially as it's going to be unsupported in a few months.

 

[TheSlamma]

If it runs fine, there is no reason to change it.

then it needs to be changed cause it doesn't run fine.

It's getting more and more limited by the day on what is compatible with it and it's security is frighteningly bad.

To call it Swiss cheese isn't even enough, screen doors hold out water better than XP holds up in security.

 

[Matt1970]

anyone ever run xp 64 bit ? It supports 16 gigs of ram . There is a fellow that has made a sp4 for xp . His site show the 64 bit iso .

XP64 is based on Windows Server 2003. It has minimal driver compatibility and few of the software compatibility fixes that Vista and later versions of Windows have. Outside of a handful of situations it should not be used, especially as it's going to be unsupported in a few months.

64 Bit XP was such a small share of the software market it pretty much pretty much all but forgotten for driver and software engineers. If it did and ran everything you wanted it to you were in the minority. Almost everyone I installed it for went back to 32 Bit or went with Vista.