Topic Tuesday #90 2014/04/08 - "XP's last update"

On October 25, 2001, Windows XP was released. It was based on the very stable core kernel of it's enterprise predecessor, Windows 2000. Now, a little over 12 years later, the most successful product Microsoft has ever released is at it's end of life. For real this time. They tried to kill it off several times, but the business community grew very reliant on the beloved operating system. Today it lives inside ATMs, nuclear power stations, enriching uranium, running mass spectrometers, air traffic control, voice dictation system, automated response gear, assembly lines, security system, lighted signs, and so much more. It is an interesting lesson in success, and how too much can be a bad thing.

You see, XP is not broken. There is nothing wrong with it. It runs great on older hardware and even better on new hardware. There was even a 64 bit version that could take advantage of lots of processors and RAM, though it was not popular and drivers were lacking, making it very niche. No... the reason to move on is not because it is even outdated. Security patches, right up to today and beyond for enterprise customers (at $1 Million a piece), keep it safe and even add new features. Surly the only real reason to move on and end the support drip is to force people to upgrade, and pay for the new operating system. This is very reminiscent of the Y2K incident we had in 1999. Almost noting was going to break then, and really, it wouldn't break now. 

OK, let's look at it without the hype. What will happen when the updates and security patches stop coming? If you run as a limited user, or are not on the internet at all with the machine (like it runs an ATM <they have dedicated connections to do their business, not the internet at large> or any task that does not require the internet, nothing will happen. Genuinely, nothing. They will keep on running as normal. What about grandma and grandpa? Yes, they are vulnerable, but they will likely always be vulnerable. If you click on that chain mail that was wanting you to do something and share this or that, they are taking an interactive action on that and giving access and explicit permission to do something, good or bad. If they are running as a User, and they always call you to install software or add a new bit of kit, like a scanner or printer, then it maybe the case they can't install it with their account and 95% of the infections that require administrative rights will fail to infect the machine. That is very good, as the remaining 5% may have been unavoidable. 

But we all want something new eventually, and now with Windows 7 and Windows 8.1, we have some great options. These options cost money, but many of the machines out there may need to be replaced. Enterprises do equipment refreshes on an annual basis, with hardware retirement falling off either at the end of the manufactures warranty period or a year or 2 after. This makes the typical refresh time about 4 years. For home users, this number is very different. Most folks let the machines run until they fail, and then they will make the mad dash to get a new machine and get up and running again. If this is your scenario, I recommend going back to one of our earlier posts on backing up your PC.

Don't get me wrong, I like the new operating systems. I am a power user and outgrew Windows XP a long time ago due to the memory restrictions. The point here is to not panic. 

If you feel no urgency in upgrading your machine or the software, get yourself off of the administrator account. There are lots of YouTube videos out there to help with setting up a limited user in Windows XP. Next, stop using INternet explorer, since it will not be updated anymore. Google's Chrome browser is feature rich and automatically updates. It is a very secure browser platform. Chrome can be a little resource intensive, so if your old machine is a little light on resources, try Mozilla Firefox. It too is feature rich and updates automatically. What ever browser you choose, just stop using IE. Be careful of everything you click on the web. The best way attackers have to get in is fooling you into clicking a link and letting them in. As a limited user you limit the ability of this attack. If you can uninstall Adobe Flash, Oracle's Java, and Adobe Acrobat platforms, you should. These are consistently rated the number one attack vectors for malicious software. 

Microsoft is extending support of their Security Essentials for XP product for another year. Come 2015, I hope you either are on a new machine or have installed a third party antivirus like AVG or Kapersky.

Play it safe out there, and if you need help, I know a guy.