Please, let Windows XP die with dignity

Early next year, when Microsoft finally, officially, and unreservedly drops support for Windows XP, it won't mark the beginning of a new XPocalypse. XP is a relic of a bygone era. It's time to let it go.

Yesterday my colleague David Gewirtz delivered a fire-and-brimstone sermon on the coming XPocalypse, the date early next year when Microsoft stops supporting Windows XP.

Here’s Pastor Gewirtz, in a passage replete with Biblical references:

If you don't think that cybercriminals have marked April 8, 2014 on their calendars with a big star, you're crazy. If you don't think they're holding back on launching some of their bigger exploits until after the patching ends, you're naive. For cybercriminals intent on skinning our 500 million sheep, April 8, 2014 is D-Day.

By abandoning XP on April 8, 2014, Microsoft will cease being a good shepherd of its most loyal customers. Microsoft is just leaving them out there, exposed, and unprotected. On April 8, 2014, those millions of remaining XP users will be like lambs being led to the slaughter. To paraphrase Jeremiah 11:19, they do not know that plots have been devised against them.

Can I get a “Hallelujah!” I said, Can I get a “Hallelujah!”

OK, my turn at the pulpit. Spoiler alert: I don't plan to cite chapter and verse.

First of all, this should not be a surprise to anyone. If you use Windows XP, you are not sheep, you are a paying customer. You got one of the best deals ever, because Microsoft has been running this route, the XP local, for more than a decade. No one is being left at the station. This train has had a “going out of service” sign on it for two years.

The support lifecycle is a contract between Microsoft and its customers, one that’s been clearly described for many years. It is ridiculous to think that a software company should support a product indefinitely. That’s economically silly and technically unsustainable. In early 2014, Microsoft will be delivering security patches for five—count ‘em, five—major releases of its operating system that are still in mainstream or extended support.

Perhaps that is why Microsoft’s reliability record with patches has been getting a bit dicey lately.

If you thought you were getting a lifetime guarantee, you weren’t paying attention. XP’s end-of-support date was actually already extended once.

Read more at: Please, let Windows XP die with dignity | ZDNet

 

[jimbo45]

There's only one question that bothers me for XP users, and for users of Windows versions that follow, that might need to reactivate their installations after the end of support, will that still be available, or will people be stuffed?

Hi there

What happened with with W98 and some other manufacturers such as ADOBE CS2 release - they will set the products as "Abandonware" and supply a generic number that doesn't require activation or will "Self activate".

Ms doesn't actually have to do it but considering the numbers of XP users involved it *might* go down that route.

If I were on XP now I'd take a decent BACKUP or create a "generic" activated VM XP installation.

Cheers
jimbo

 

[mikeytg]

Microsoft (and the world!) has a vested interest in getting XP off of the net as soon as possible. Without security updates XP will quickly become an easy target for botnets and the like. There is probably a bank of known vulnerabilities just waiting for support to end, plus there will be new "universal" problems discovered which will be patched for newer versions. These patches will point the way to new, unstoppable exploits on XP.

These problems will make connected XP computers as hazardous to us all as the zombies are in Walking Dead. A quick shot to the head is in order to improve internet hygiene.

 

[HippsieGypsie]

^ Good point, mikeytj. :thumbup:

I was surprised to read in recent article that people are so lax with antivirus. A lot of them don't even have it installed!

 

[Ex_Brit]

Those people deserve what they get I'm sorry to say. I remember one supposed authority on computers told me once that he didn't keep an anti-virus on his machine as he "didn't need it". I wonder what happened to him?

 

[jimbo45]

Hi there
A/V stuff is a bit passe now anyway -- the REAL money is made NOT by infecting Mom and POP type computers but by simply exploiting stuff that can't be handled by ANY type of security system. People give out so much rubbish on Facebook / twitter etc and reply to obvious email phishing scams that ANY A/V wouldn't help them in the slightest.

I'll bet any serious Hacker out there could probably just by gleaning data of Twitter and facebook could get hold of quite a few Bank account numbers and valid pin numbers if they wanted to.

If you've got an old XP computer say running a legacy Machine tool - who cares if someone can get every last piece of info out of that machine.

Sometimes this stuff is done to death -- My Dad (over 80) is STILL running an XP machine - he's never had any AV stuff on his computer and never been infected in his life - and guess what - he couldn't give fig even if his computer were to become riddled with viruses . He'll get round to buying a new one when he wants to or the old one breaks - but currently like a whole slew of people he just can't be bothered.

Hackers these days are much more into trying to bring down corporate networks, get into the CIA's data bases or generally cause havoc and mayhem to big business / or govts. They aren't interested in filching 5 USD from some OAP's account. The other group who are interested in cyber crime in a big way also have much bigger fish to fry.

The heyday of AV and computer protection was around 2 or 3 years ago -- now it's not a serious issue any more for people -- in any case modern Windows has a perfectly good built in AV system.

I'd be a lot more anxious if I lost a phone --there's often a HUGE amount of personal data stored on smart phones these days.

Cheers
jimbo

 

[popeye]

Bring back DOS,Windows 3.1, 95!!! Oh, that's right, there is DosBox and VMWare Player. Never mind.

 

[fafhrd]

Funnily enough I have just seen a machine with XP Home that had started running slowly, so that the owner did a Malwarebytes scan - and filled up the partition of 16GB with 1.3 GB quarantined files to make it unusable, so the scan had to be stopped - there were over 18000 objects reported as infected, and 14,000 quarantine files! It was running Microsoft Security Essentials - with no indication of any infection.

The agent responsible was identified by MalwareBytes as Spyware.OnlineGames.

Using Avast on a Windows to Go stick found nothing, and a Malwarebytes scan on the same stick is finding nothing so far, as it ploughs through the quarantine folder contents. Perhaps the original scan caught everything.
The machine, an old Acer Travelmate, bought in 2006, was given a factory recovery reinstall in 2010, and has never had a major malware incident before.

 

[CountMike]

Hi there
A/V stuff is a bit passe now anyway -- the REAL money is made NOT by infecting Mom and POP type computers but by simply exploiting stuff that can't be handled by ANY type of security system. People give out so much rubbish on Facebook / twitter etc and reply to obvious email phishing scams that ANY A/V wouldn't help them in the slightest.

I'll bet any serious Hacker out there could probably just by gleaning data of Twitter and facebook could get hold of quite a few Bank account numbers and valid pin numbers if they wanted to.

If you've got an old XP computer say running a legacy Machine tool - who cares if someone can get every last piece of info out of that machine.

Sometimes this stuff is done to death -- My Dad (over 80) is STILL running an XP machine - he's never had any AV stuff on his computer and never been infected in his life - and guess what - he couldn't give fig even if his computer were to become riddled with viruses . He'll get round to buying a new one when he wants to or the old one breaks - but currently like a whole slew of people he just can't be bothered.

Hackers these days are much more into trying to bring down corporate networks, get into the CIA's data bases or generally cause havoc and mayhem to big business / or govts. They aren't interested in filching 5 USD from some OAP's account. The other group who are interested in cyber crime in a big way also have much bigger fish to fry.

The heyday of AV and computer protection was around 2 or 3 years ago -- now it's not a serious issue any more for people -- in any case modern Windows has a perfectly good built in AV system.

I'd be a lot more anxious if I lost a phone --there's often a HUGE amount of personal data stored on smart phones these days.

Cheers
jimbo

Well, all of it depends a lot of way somebody uses computer and internet. I do get around on internet and have all kinds of USB memory sticks, CDs, DVDs and such go thru my system daily and not a day passes that my AVs do not react. If it's not for that protection it would be dead in couple of days for sure. I also have much more to loose if I lost stuff from my PC than for instance the phone. I know better than to leave anything sensitive on the phone because I know it can be lost but I nave to keep all that stuff somewhere so it has to be protected to maximum, double backups and all.

 

[jimbo45]

Hi there
A/V stuff is a bit passe now anyway -- the REAL money is made NOT by infecting Mom and POP type computers but by simply exploiting stuff that can't be handled by ANY type of security system. People give out so much rubbish on Facebook / twitter etc and reply to obvious email phishing scams that ANY A/V wouldn't help them in the slightest.

I'll bet any serious Hacker out there could probably just by gleaning data of Twitter and facebook could get hold of quite a few Bank account numbers and valid pin numbers if they wanted to.

If you've got an old XP computer say running a legacy Machine tool - who cares if someone can get every last piece of info out of that machine.

Sometimes this stuff is done to death -- My Dad (over 80) is STILL running an XP machine - he's never had any AV stuff on his computer and never been infected in his life - and guess what - he couldn't give fig even if his computer were to become riddled with viruses . He'll get round to buying a new one when he wants to or the old one breaks - but currently like a whole slew of people he just can't be bothered.

Hackers these days are much more into trying to bring down corporate networks, get into the CIA's data bases or generally cause havoc and mayhem to big business / or govts. They aren't interested in filching 5 USD from some OAP's account. The other group who are interested in cyber crime in a big way also have much bigger fish to fry.

The heyday of AV and computer protection was around 2 or 3 years ago -- now it's not a serious issue any more for people -- in any case modern Windows has a perfectly good built in AV system.

I'd be a lot more anxious if I lost a phone --there's often a HUGE amount of personal data stored on smart phones these days.

Cheers
jimbo

Well, all of it depends a lot of way somebody uses computer and internet. I do get around on internet and have all kinds of USB memory sticks, CDs, DVDs and such go thru my system daily and not a day passes that my AVs do not react. If it's not for that protection it would be dead in couple of days for sure. I also have much more to loose if I lost stuff from my PC than for instance the phone. I know better than to leave anything sensitive on the phone because I know it can be lost but I nave to keep all that stuff somewhere so it has to be protected to maximum, double backups and all.

Hi there
What on EARTH are you doing on your machine(s) - if you are getting infected so often you must be doing something wrong IMO.

I've downloaded a few US TV episodes from shows like COVERT AFFAIRS etc from places like TBP and Fenopy and never had a smidgen of a virus. All I've got installed on windows 8.1 is the standard Ms Windows defender AV system (it's NOT the same as Windows defender on W7 as it's a full AV system and works pretty reliably-- I've never had issues with it).

Cheers
jimbo

 

[CountMike]

Well, that's just it, I do NOT get infected, because of AV (in this case Avast), McShield (for protection of USB memories) etc. I do get on internet a lot, downloading and testing programs and games and a lot of stuff from USB mems, coming from a lot of people and schools and they are usually chock full of nasty stuff because people do not know how to protect their systems. To somebody computers might be toys but I work with them much more than just play games and watch occasional show. I also repair and troubleshoot computers so my test and repair CDs and USB memories have to be totally clean with no hint of malware. All that requires much more serious protection than just Defender.

 

[Lazure]

Allowing random people to stick their dongles into a public usb port like that is just dangerous territory in general. Best defense in Windows against that of course is to disable any form of autorun to prevent software from automatically installing from the device upon connection. Windows XP is the worst possible OS when it comes to this, so Windows 7 on a limited rights user account at the very least is strongly recommended. Some places run software to wipe and re-image the OS every midnight, to undo any possible damage anyone could do that day.

Honestly, the absolute best protection though would be to have the machine for this purpose running linux with a web browser, libreoffice, and other basic tools people would need to do basic online browsing, research, word processing, whatever. Linux is more than enough for these needs. Linux cannot be easily infected with a virus, and even then, not many linux viruses even exist for the attempt.