Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

End of Windows XP Support Era Signals Beginning of Security Nightmare

samzenpus posted more than 2 years ago | from the no-more-patches dept.

Microsoft 646

colinneagle writes "Microsoft's recent announcement that it will end support for the Windows XP operating system in two years signals the end of an era for the company, and potentially the beginning of a nightmare for everyone else. When Microsoft cuts the cord on XP in two years it will effectively leave millions of existing Windows-based computers vulnerable to continued and undeterred cyberattacks, many of which hold the potential to find their way into consumer, enterprise and even industrial systems running the latest software. Although most of the subsequent security issues appear to be at the consumer level, it may not be long until they find a way into corporate networks or industrial systems, says VMWare's Jason Miller. Even scarier, Qualsys's Amol Sarwate says many SCADA systems for industrial networks still run a modified version of XP, and are not in a position to upgrade. Because much of the software running on SCADA systems is not compatible with traditional Microsoft OS capabilities, an OS upgrade would entail much more work than it would for a home or corporate system."

cancel ×

646 comments

Sorry! There are no comments related to the filter you selected.

what's the difference (4, Funny)

ahotiK (2426590) | more than 2 years ago | (#39654453)

"When Microsoft cuts the chord on XP in two years it will effectively leave millions of existing Windows-based computers vulnerable to continued and undeterred cyberattacks" So what's the difference between now and when this will happen?

Re:what's the difference (5, Funny)

ThePromenader (878501) | more than 2 years ago | (#39654593)

Microsoft already cut the chord a decade ago - with their sh*tty Windows XP boot chime.

release the source? (1, Interesting)

Anonymous Coward | more than 2 years ago | (#39654455)

Why not liberate the source and let other companies continue bugfixing?

Oh... doesn't fit the business model?

open source ftw and for long term maintenance.

Re:release the source? (5, Insightful)

feedayeen (1322473) | more than 2 years ago | (#39654513)

Why not liberate the source and let other companies continue bugfixing?

Oh... doesn't fit the business model?

open source ftw and for long term maintenance.

An, operating system contains something on the order of tens of millions of lines of code. No company is going to handle a maintenance project like that for free and there is no incentive for Microsoft to pay them for it. As for releasing it in the wild, those tens of millions of lines are not the exclusive product of Microsoft, they almost certainty incorporated code that still belongs to other companies into the final package and this code can not be released even if Microsoft wanted to.

Re:release the source? (-1, Troll)

erroneus (253617) | more than 2 years ago | (#39654531)

No, but a community will. That has been demonstrated and proven. Thanks, come again.

Re:release the source? (5, Insightful)

Richard_at_work (517087) | more than 2 years ago | (#39654591)

Try reporting a bug with the Linux 2.0 kernel or glibc 2.0, you will be told to upgrade to the latest version. And while the upgrade may be free, the time and effort associated with moving an entire codebase to a modern version isn't.

Which is why you need to heed warnings about deadlines well in advance - these SCADA issues wouldn't have been a problem if planning had started two years ago rather than now.

Re:release the source? (5, Interesting)

tao (10867) | more than 2 years ago | (#39654713)

If you bother to report a bug against the 2.0 kernel, and it's about functionality actually present in the 2.0-kernel rather than something along the lines of "the 2.0 kernel doesn't support USB3", then I can promise you that the maintainer would at least take a look at it.

Re:release the source? (4, Informative)

Richard_at_work (517087) | more than 2 years ago | (#39654735)

My comment is based on experience, not supposition.

Re:release the source? (5, Funny)

Anonymous Coward | more than 2 years ago | (#39654857)

Sorry Richard, he has a lower uid, therefore only he may claim authority without proof.

Re:release the source? (1)

epyT-R (613989) | more than 2 years ago | (#39654903)

it is possible that his comment is supposition based on experience.

Re:release the source? (1, Interesting)

Anonymous Coward | more than 2 years ago | (#39654739)

If you bother to report a bug against the 2.0 kernel, and it's about functionality actually present in the 2.0-kernel rather than something along the lines of "the 2.0 kernel doesn't support USB3", then I can promise you that the maintainer would at least take a look at it.

Sorry, we're running life critical systems here. We can't rely on "taking a look at it". We need a guarantee which is just a teeny bit stronger than that. Many of our systems do run Linux, but only because a consulting company is willing to fill that gap and assume the role of supplying custom fixes/patches while we wait for "official" ones to make it into the kernal. It's not that we have anything against the community, but frankly we need someone to take responsibility and to be held accountable for all aspects of our system.

As for this news? Shrug. Anybody who doesn't already have a plan still has two years to figure it out and get one in place. I can't find any sympathy in me for someone who hasn't come up with a solution by then.

Re:release the source? (1)

Anonymous Coward | more than 2 years ago | (#39654893)

There are support contracts. Pay for a 2.0 support contract with a big player like Red Hat or SuSE, or one of the zillion smaller players, and the bug *will* get fixed.

Heck, if you are using 2.0 for such a life critical system, how about hiring a kernel developer yourself? Small price to pay for saving lives, I'd say.

You can *not* expect other people to do your "life critical" work for free.

Re:release the source? (4, Insightful)

Pieroxy (222434) | more than 2 years ago | (#39654907)

Sorry, we're running life critical systems here. We can't rely on "taking a look at it". We need a guarantee which is just a teeny bit stronger than that. Many of our systems do run Linux, but only because a consulting company is willing to fill that gap and assume the role of supplying custom fixes/patches while we wait for "official" ones to make it into the kernal. It's not that we have anything against the community, but frankly we need someone to take responsibility and to be held accountable for all aspects of our system.

As for this news? Shrug. Anybody who doesn't already have a plan still has two years to figure it out and get one in place. I can't find any sympathy in me for someone who hasn't come up with a solution by then.

Emphasis mine. This is possible only because Linux is open source. Thanks for making exactly the point that needed to be made in favor of an open source OS.

Re:release the source? (2)

epyT-R (613989) | more than 2 years ago | (#39654551)

sounds like a nice list of reasons to avoid proprietary software for mission critical applications like SCADA...or anything really.

Re:release the source? (3, Informative)

bwcbwc (601780) | more than 2 years ago | (#39654565)

"Why not liberate the source?"

Maybe because there is XP code still in Vista and later versions?
Maybe because it would just encourage the people who are still using XP to continue using the "Open Source" version?

Re:release the source? (1)

Hamsterdan (815291) | more than 2 years ago | (#39654665)

Could also be used to create new malware targeted at people who can't update...

Re:release the source? (1)

TapeCutter (624760) | more than 2 years ago | (#39654667)

Why not liberate the source and let other companies continue bugfixing?

Oh... doesn't fit the business model?

Of course, if someone in the future is wandering around with a hypothetical bucket of cash trying to spend it on fixing a hypothetical bug in XP then I'm sure MS would happily resurect XP from it's grave and stick a band-aid on it's forehead.

First? (-1)

Anonymous Coward | more than 2 years ago | (#39654457)

An anonymous poster posts first? Is this a sign nobody cares?

Re:First? (4, Funny)

Black Parrot (19622) | more than 2 years ago | (#39654851)

Slashdot needs a button that says "Submit, if this is going to be the FP; otherwise cancel".

Support? (5, Funny)

arisvega (1414195) | more than 2 years ago | (#39654461)

When Microsoft cuts the chord on XP in two years it will effectively leave millions of existing Windows-based computers vulnerable to continued and undeterred cyberattacks

I can't say I'm going to miss Microsoft XP support.

I can't say I 've ever had Microsoft XP support, either-

Re:Support? (0)

Anonymous Coward | more than 2 years ago | (#39654519)

So you are still running Windows XP RTM with no security upgrades? Good luck with that.

Re:Support? (5, Funny)

mug funky (910186) | more than 2 years ago | (#39654627)

maybe you should have paid for your copy?

Re:Support? (-1)

Anonymous Coward | more than 2 years ago | (#39654719)

Paying was never the issue. The software wasn't free. Yea- go read up on freedom.

Re:Support? (5, Funny)

Anonymous Coward | more than 2 years ago | (#39654757)

>>maybe you should have paid for your copy?

Oh I tried. Microsoft, however, would not sell me a copy. They only sell licenses.

Support, or broken crutch? (5, Interesting)

AliasMarlowe (1042386) | more than 2 years ago | (#39654781)

I can't say I 've ever had Microsoft XP support, either-

I did, back in the days when XP SP1 was promulgated, but it was not one of Microsoft's prouder moments. The SP1 package downloaded, but would not install. Several attempts yielded the same result, and various help articles on the MS web site were consulted fruitlessly. So I duly filed a report on the MS web site, not expecting much to happen. Somewhat to my surprise, I got a phone call a couple of days later (must have been international, I'm in Finland, and the support person spoke English with an Indian accent). She talked me through what I had already tried, and it failed yet again. So then she told me to disable all firewalls, both in the PC and in the router, and try again. I suggested that would be unwise, since my router logs indicated several nasty packets (fake routing, port probes, etc.) per second were being blocked, and none appeared to be from Microsoft. Her response was that the only way for me to install SP1 was to disable all firewalls. In other words, connect with pants down and legs open to a stream of questionable health. Yeah, right.

I paid attention to her advice, but did not follow it. Instead, I installed Warty Warthog, which seemed to work quite nicely (but had issues with wireless which meant wired connections only). A beta version of Breezy Badger followed, and it autodetected and supported almost everything on the laptop, including the wireless. XP was thrown away shortly thereafter, and the 8-year-old laptop today runs Xubuntu (10.04 LTS, soon upgrading to 12.04 LTS).

Non issue (1)

Anonymous Coward | more than 2 years ago | (#39654463)

in 2014, anyone will have had a decade for the switch to Vista, and 5 years for win7. If I was concerned about security support form MS, I wouldn't complain about being able to use a decade+ old OS (let alone 13 years old when support ends) in the modern wild.

TL;DR: Need better stories /.

Re:Non issue (1)

Anonymous Coward | more than 2 years ago | (#39654633)

My Netbook came with XP installed in 2009. I believe new computers were still being sold with XP for a year or more after that?

Cutting the chord (4, Funny)

Anonymous Coward | more than 2 years ago | (#39654465)

About time. XP default sounds suck.

Re:Cutting the chord (0)

Anonymous Coward | more than 2 years ago | (#39654823)

Not always. Sometimes, DJ's can work magic: the Windows song [youtube.com] .

Alternative title? (5, Insightful)

EnempE (709151) | more than 2 years ago | (#39654473)

Nothing to worry about, yet...

Companies have two years to upgrade from software that is more than ten years old or install a firewall on systems in industrial networks.

Re:Alternative title? (4, Insightful)

AmiMoJo (196126) | more than 2 years ago | (#39654701)

To Slashdot editors: please, FFS, can we just have some news without the heavy bias and inflammatory commentary? That's what comments are for. We can't mod stories as "flamebait".

Re:Alternative title? (0)

Anonymous Coward | more than 2 years ago | (#39654919)

Guess what has even longer support... http://en.wikipedia.org/wiki/Windows_XP_Embedded#Windows_XP_Embedded

Does it really make a difference? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39654475)

Almost nobody ever runs Windows Update on those old SCADA machines anyway, I don't really think this is such a big deal.

Re:Does it really make a difference? (5, Insightful)

1u3hr (530656) | more than 2 years ago | (#39654873)

I've been running several XP laptops for years without any upgrades. Just use a third party firewall, and never use IE or Outlook.When I set up for relatives, I added Avast free antivirus.No problems. Anyone corporate will just throw away an old PC. If it's something embedded, they'll have it behind layers of security. MS patches are reactive anyway, if you depended on them you'd have been fucked long ago.

And they do it 100 yrs after Titanic sinks, hmmm.. (0)

Anonymous Coward | more than 2 years ago | (#39654477)

You just have to wonder if its more than coincidence that this gets announced on the 100th anniversary of the sinking of the Titanic. Coincidence??? Hmmm...

Re:And they do it 100 yrs after Titanic sinks, hmm (1)

Black Parrot (19622) | more than 2 years ago | (#39654875)

You just have to wonder if its more than coincidence that this gets announced on the 100th anniversary of the sinking of the Titanic. Coincidence??? Hmmm...

And 2012, no less!

Oh, wait... two more years. We'll have to find something else to blame for the end of the world.

Well... (5, Insightful)

Aphrika (756248) | more than 2 years ago | (#39654481)

...that's two years to do something about it. What does everyone expect; Microsoft to support it forever?

14 years of support seems pretty generous - I mean how many versions of OS do Apple currently support? Certainly not all the way back to OS X 10.0. I'm also sure that a lot of those embedded and industrial systems will be updated before then. That's more the job of the manufacturers than Microsoft.

Re:Well... (0, Troll)

Darinbob (1142669) | more than 2 years ago | (#39654499)

Computers last longer than 2 years. And Windows 7 does not run on older computers very well, it's a memory hog. Plus if you bought your computer with XP you will need to pay a hefty fee to buy Windows 7.

Re:Well... (5, Interesting)

Anonymous Coward | more than 2 years ago | (#39654557)

Computers last longer than 2 years.

And so did XP: it has been around since 2001. That means when the deadline hits it'll have been around for 13 years.

At the end of the day, if you don't want to be forced into upgrading your systems someday then don't base critical hardware around something which someone else controls and is known to make redundant now and again. "But it's cheaper to buy someone else's solution than develop your own!". Yeah, it is, but the tradeoff is that you're at the mercy of their update and redundancy schedule. Businesses should have taken the longevity of the systems into account before they bought it and planned accordingly: it's no secret at all that this sort of thing happens.

Re:Well... (0)

Anonymous Coward | more than 2 years ago | (#39654613)

Plus, I've used it at one of our office buildings and it was definitely a big step back from Windows XP in terms of usability. And Windows 8 doesn't look very promising either. If they can make Windows 9 less resource intensive and a return to Windows XP in terms of interface then I'll switch. If not, I'll stick to Windows XP until the first major worm makes it impossible to have it connected to the internet. I don't know what I'll do then, but unless Microsoft changes direction radically even Linux might be a better solution than upgrading to a newer version of Windows.

Re:Well... (0)

Anonymous Coward | more than 2 years ago | (#39654755)

"even"? While I agree with you that every version of Microsoft's OS gets a bit worse you just sound resistant to change. GNU/Linux is a hell of a lot better.

Re:Well... (1)

mug funky (910186) | more than 2 years ago | (#39654655)

though i agree, there's programs i use which still do not work properly on anything else, or if they do, features (like playback through an archaic MPEG-2 decoder card) certainly do not.

i can _almost_ get some of these things to work in wine, but not enough to be able to use them for work.

maybe it means running a sandboxed machine and a connected machine in tandem? still more pain in the arse than just continuing with XP.

or MS could iron out some kinks, but where's the motivation for them to wrestle their code to run with obsolete software/abandonware when nobody's going to pay them for it?

Re:Well... (0)

Anonymous Coward | more than 2 years ago | (#39654855)

My iPhone 3G was less than 3 years old before apple stopped support. Can no longer update the os so am stuck on an unsupported os.

Re:Well... (0)

Anonymous Coward | more than 2 years ago | (#39654923)

I can answer that for you. All the way back to Snow Leopard. I am still running Leopard on my first gen. MBP and it did not get the Java update that plugs the hole which Flashback is exploiting. Apple is really doing itself a disservice here, having more infected systems in the wild and losing it's reputation of offering a more secure computing experience for the end-user. Which has been really only been dumb luck for them, seeing how the respond to published vulnerabilities in their systems.

No sympathy (5, Insightful)

Richard_at_work (517087) | more than 2 years ago | (#39654483)

This deadline has been known about for the past five years - if you can't resolve upgrade issues in seven years, then you are the problem, not the maker of the software being EOLed.

This isn't happening overnight, you had your chance to do something about it. You might not agree with the EOL, but that's beside the point.

Re:No sympathy (4, Insightful)

gl4ss (559668) | more than 2 years ago | (#39654563)

it's not like you received too much support from ms by default for running 3rd party scada sw anyways..

those scada systems should not be directly connected to internet anyways though.

however, doesn't ms still kinda receive the right to ship security patches/fixes? I bet they do. you never knew if stuff was going to be fixed before this and you'll never know after this. support just kinda meant that you could phone them up(oh and responsibility for defects doesn't stop just because you eol a product line, no matter what the eula says..).

Re:No sympathy (1)

RulerOf (975607) | more than 2 years ago | (#39654869)

those scada systems should not be directly connected to internet anyways though.

Tell that to Iran.

Bottom line: "Cutting the cord" for potentially vulnerable systems is a good philosophy in theory, but it simply doesn't work in practice.

Re:No sympathy (3, Interesting)

Waccoon (1186667) | more than 2 years ago | (#39654581)

Reminds me of how long it took for peripheral manufacturers to write drivers for Vista, despite how long they had developer previews available.

Hey, just another example besides good ol' IE6.

Re:No sympathy (1)

rrohbeck (944847) | more than 2 years ago | (#39654807)

Re:No sympathy (2)

Richard_at_work (517087) | more than 2 years ago | (#39654845)

And they will have had four years of support, so what's the problem?

Pretty long EOL too (4, Insightful)

Sycraft-fu (314770) | more than 2 years ago | (#39654829)

All Windows versions come with 10 years of guaranteed support. 5 years of primary support, where they get new features and service packs, 5 years of extended support, where they get bug and security fixes. MS is known to increase that, but never decrease. In the case of XP, they did extend support. XP is getting 14 years total of support.

I have zero sympathy. You have to cut support for old versions at some point. Even if you are doing everything for free, it just gets infeasible to maintain old code all the time. Ubutnu only does 5 years on LTS releases. In MS's case, it is also because bills need to be paid. They don't charge yearly for maintenance or patches or anything, the cost of that is included in the purchase price. Well, that means that price has to be paid every once and awhile, and once per 10+ years isn't unreasonable.

As you say this isn't happening overnight, nor is it a situation of MS suddenly reducing support life. This has been known for a long, long time. Any company that is sticking their head in the sand about it is bringing about their own problems and on their own heads be it, they can't blame MS at all.

Look people, XP goes out of support in 2014. STFU and deal with it. You've 3 choices:

1) Upgrade. Really, this is not hard. 7 Is an extremely good OS, I've been very pleased with it. It will be supported until January 14, 2020 at a minimum, unless MS chooses to extend it so you've at least 8 years before you need to upgrade again. Once a decade-ish isn't too often to upgrade.

2) Isolate. You can just take the damn thing off the Internet if it is really a problem. We've done that at work with a few old Windows 98 systems. We are a university and so don't always have money for new toys. We get some old piece of equipment that is controlled by software that only runs in 98 or earlier. Fine, it just doesn't get on the net. Yes it is a bit inconvenient. Deal with it. The air gap works.

3) Protect. If it really is an issue, you can lock down and protect the systems. Put them all on a private network that can only be accessed via a controller system that is bitchy about what is and is not allowed in and out. Then internally have each system run a locked down firewall and set of services. Disallow any web access, only access to internal systems. Lock everything down tight, with multiple levels of security, and even lacking patches you can likely keep it secure.

This is nothing more than companies whining because they want to be lazy. They don't want to take the effort to upgrade to a new version of Windows, don't want to take the effort to increase security, and just think that MS should patch shit forever to support their laziness.

No sympathy here.

Re:Pretty long EOL too (0)

Anonymous Coward | more than 2 years ago | (#39654847)

You missed 4. Wipe XP and install Linux. That's what we did with our netbook.

the CHORD, eh? (0)

Anonymous Coward | more than 2 years ago | (#39654489)

So we'll only have two notes of support, instead of at least three?

Proofread the summaries! (please) (4, Insightful)

Mitreya (579078) | more than 2 years ago | (#39654511)

When Microsoft cuts the chord on XP

Cuts the cord?
Or is this some sort of operation that will prevent XP from playing guitar?

Re:Proofread the summaries! (please) (2)

Mitreya (579078) | more than 2 years ago | (#39654525)

When Microsoft cuts the chord on XP

Oh, what do you know, TFA says "chord" too
Ok, in that case someone should write summaries, instead of always lifting 2 paragraphs from TFA verbatim.

And I've never seen heyday spelled as "hey-day". Just doesn't look right.

oh my god! (0)

Anonymous Coward | more than 2 years ago | (#39654517)

It's Y2K all over again!! We're doomed!

Does anyone *really* think XP is going anywhere? (-1)

Anonymous Coward | more than 2 years ago | (#39654527)

You go Microsoft, you show everyone just how much they need open source to keep their shit running wit yo bad self. Everyone commenting in this story should feel pumped! Fuck, that's some exciting news from Redmond!

Re:Does anyone *really* think XP is going anywhere (1)

mug funky (910186) | more than 2 years ago | (#39654669)

best post in this story :)

Well... Look on the bright side. (0)

Anonymous Coward | more than 2 years ago | (#39654539)

This 'nightmare' assumes the human race will still exist in two years. Or that we will still have a level of technology that needs computers.

Given some of the insane things we are doing to our earth, water, air, food, people, countries and societies...

I have serious doubts if that assumption is correct.

Re:Well... Look on the bright side. (1)

CSMoran (1577071) | more than 2 years ago | (#39654821)

This 'nightmare' assumes [...] we will still have a level of technology that needs computers. [...] I have serious doubts if that assumption is correct.

I suggest you try placing a wager on it then. I'm sure there'll be plenty of people willing to bet, say, $100 on "we will still need computers in two years". If your doubts are THAT serious, why not capitalize on them?

Re:Well... Look on the bright side. (2)

Black Parrot (19622) | more than 2 years ago | (#39654891)

I'll bet vast sums of money that the world won't end within the next two years.

If it doesn't, I win big; if it does, I won't have to pay.

"Beginning" of security nightmare? (0)

bwcbwc (601780) | more than 2 years ago | (#39654543)

Anyone still running XP at this point probably hasn't been patching the OS anyway. Not to mention using an admin account as their primary login ID. Not to mention the parts of the XP architecture that make it more vulnerable even if it IS fully patched.

The XP security nightmare began in 2002. A few remaining machines left in 2 years won't make the problem any worse.

Re:"Beginning" of security nightmare? (5, Insightful)

Calydor (739835) | more than 2 years ago | (#39654641)

That's a bit of a generalization.

Is it so hard to believe there are people with up-to-date XP systems who simply don't feel like forking out a couple hundred dollars to fix something that isn't broken?

Re:"Beginning" of security nightmare? (2)

Richard_at_work (517087) | more than 2 years ago | (#39654853)

No, it isn't hard to believe, but should MS be required to continually support them on a platform that is currently two major versions out of date, soon to be three?

Yes it really is (2)

Sycraft-fu (314770) | more than 2 years ago | (#39654879)

Microsoft has a very well known, documented, life cycle for their software. Go look it up on their site. When you buy Windows part of that price is service and support. You get patches at no additional charge for the life of the software. However at the end of the life, that stops, you have to buy it again. The life of the software is 10 years from release minimum. That's longer than I see elsewhere, even Ubutnu is only 5 for their LTS. Redhat may be willing to go longer, I don't know, but of course you pay yearly, quite a lot in fact, for a service contract.

It isn't unreasonable for them to want some money once a decade to have patches developed. It also is plenty of time to plan for upgrades. It isn't as though they jump out of the closet and announce an EOL at random times, it is known years (actually a decade) in advance. Like Windows 7, it ends support January 14, 2020. They may extend that date, if there's a reason, but they won't shorten it. So upgrade, and you don't have to worry for 8 years.

Re:"Beginning" of security nightmare? (0)

Anonymous Coward | more than 2 years ago | (#39654763)

I installed my XP 64 a bit over 4 years ago and I haven't had a reason to reinstall it yet. I'm sure I will have win 7 on my next rig and that that will be within 2 years, but still it's cutting it close. I still don't belive that I am the biggest threat for becoming a zombie.

Re:"Beginning" of security nightmare? (1)

MiG82au (2594721) | more than 2 years ago | (#39654777)

Eh? What uninformed crap.
I work in an aeronautical engineering company as a stress analyst. 3 out of 7 people in my office (including me) are using up to date XP. The newer people have Win 7 on newer computers, so it's not even a matter of seniority.
A core 2 duo with 2 GB of ram and XP works just fine.

Re:"Beginning" of security nightmare? (1)

mikael_j (106439) | more than 2 years ago | (#39654901)

There are still plenty of companies running Windows XP.

Hell, I know one company with 100+ employees in the telecommunications industry that didn't replace Windows 2000 on desktops until 2010, and only because some software they were using was no longer supported on win2k (this "no longer supported" being the kind where it simply won't run right anymore). And yes, they upgraded to XP. AFAIK they're not planning on moving to 7 or 8 for until they absolutely have to...

What about XP mode in Windows 7 (5, Interesting)

Anonymous Coward | more than 2 years ago | (#39654547)

Every time I read about the ending support, I wonder what happens to the so called XP mode in Windows 7. It's an installation of Virtual PC with a XP image ( http://www.microsoft.com/windows/virtual-pc/download.aspx ). Since Windows 7 is supported by MS, how can they leave those users alone?

Re:What about XP mode in Windows 7 (5, Informative)

memzer (2033838) | more than 2 years ago | (#39654787)

http://www.microsoft.com/windows/virtual-pc/support/faq.aspx [microsoft.com]

Is Windows XP Mode supported throughout the lifecycle of Windows 7?
No. Windows XP Mode is a full virtual version of Windows XP and follows the same support lifecycle as Windows XP. Windows XP extended support phase ends in 2014.

Unfortunately IE6/7/8 will live on and I have nightmares that we will be supporting them until 2038...

When they cut the "chord" ... (0)

dbIII (701233) | more than 2 years ago | (#39654559)

When they cut the "chord" does that mean they'll get air on their g string?
Typos aside, a lot of places are going to get caught with their pants down due to some software, even current software, not running properly in Vista or Windows 7 yet. The worst I've seen is a 2011 release of geophysics software that will not run due to the licencing software that comes with it using one of those evil USB dongles and doing a licence check in 16bit MSDOS mode. That sort of bullshit is deliberate insanity since everything in the MS evironment was 32 bit before USB even came out.

Still running it (0)

Anonymous Coward | more than 2 years ago | (#39654561)

I am still running Windows XP myself, I personally don't see much benefit in upgrading with my current hardware. My plan is to go from Windows XP to Windows 8..

...running the latest software... (4, Insightful)

djsmiley (752149) | more than 2 years ago | (#39654569)

I'm all for bashing Microsoft but how can you say

"When Microsoft cuts the chord on XP in two years it will effectively leave millions of existing Windows-based computers vulnerable to continued and undeterred cyberattacks, many of which hold the potential to find their way into consumer, enterprise and even industrial systems running the latest software"

while talking about XP? Its over 10 years old. Microsoft have been trying to push people away for two versions of windows. While their upgrade cycle might be very clunky, I don't think the blame can fall fully on them for people who run software which is 10 years out of date, and now out of support.

Beginning? (0)

gmuslera (3436) | more than 2 years ago | (#39654575)

Is like watching the exorcist and in the last minute realizing that you were watching an horror movie. If in the 1st 5 minutes you didnt realized that you were having a really bad nightmare and kept sleeping even being aware that you could wake up at will, you probably enjoy it.

Same as it has always been (5, Insightful)

Gadget_Guy (627405) | more than 2 years ago | (#39654587)

This is no different from when Windows 2000 reached its end of life, or 98, or NT4. The life cycles of Microsoft products tend to be consistent and well known.

Anyone using Windows on a SCADA system should not just rely on Microsoft's updates for security. Lock them down, limit Internet access to a minimum, don't use Administrator accounts, don't install any Adobe products, don't use the systems for general purpose web browsing and don't feed them after midnight. Most security holes require some active interaction to work.

I still have a bunch of Win2000 systems in use and they chug along fine.

ReactOS might be ready for us to switch to by then (1)

Anonymous Coward | more than 2 years ago | (#39654601)

I'm still waiting for them to reach 0.5 beta. If they do by April 2014, I'll definitely switch to ReactOS.

incompetent morons (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39654603)

Sooooo let me get this straight, There are industrial networks that still rely on XP for SCADA AND they are not protecting them with other security mechanisms AND they are connected to the internet. And the security nightmare here is somehow Microsoft's fault and not the incompetent morons running these unprotected systems?

Special treatment again? (1)

Waccoon (1186667) | more than 2 years ago | (#39654609)

How many Linux and OSX releases are supported for 12 years?

It's not like old drivers will easily work on the new OSes, kernel upgrades are a sure thing, or your old hardware will be supported by the new OS (such as the move from 32-bit to 64-bit Macs).

Personally, I'm far more interested in how MS is going to handle product activation... or more likely, they just won't. Call me lazy, but I haven't bothered to get myself a corporate edition of XP Pro to replace my regular retail version. What will happen if I swap motherboards?

BTW, I have Win7 on my laptop, but my workstation is still XP, because I just can't stand the new taskbar, among other things. I have reasons for not upgrading that go beyond, "I don't need to."

Re:Special treatment again? (3, Insightful)

wvmarle (1070040) | more than 2 years ago | (#39654743)

How many Linux and OSX releases are supported for 12 years?

How many Linux distributions (where maintainers stayed in business) have not seen a major upgrade for the better part of a decade? That's the time it took from XP to Vista. And then the upgrade wasn't even considered an upgrade by many - so maybe you should look at the time it took from XP to Win7 even?

Re:Special treatment again? (0)

Anonymous Coward | more than 2 years ago | (#39654767)

The issue isn't discontinuation of XP. The issue is that of freedom. You can't fix XP yourself. You can fix GNU/Linux yourself. You can rely on others to fix GNU/Linux. If you bought the right hardware (free software- none of these non-free drivers/firmware crap) you wouldn't have this problem.

And it is even easy to do now with http://www.thinkpenguin.com/ as they only ship such hardware.

Re:Special treatment again? (0)

Anonymous Coward | more than 2 years ago | (#39654779)

This should help you out:
http://www.howtogeek.com/howto/windows-7/make-the-windows-7-taskbar-work-more-like-windows-xp-or-vista/

Re:Special treatment again? (1)

JasterBobaMereel (1102861) | more than 2 years ago | (#39654791)

1) XP SP3 is only 6 years old...anyone on older version stopped doing automatic updates

2) I can still get older versions on Linux, and more older hardware is still supported by Linux than windows ever supported

3) Win 7 supports far less hardware than any version of Linux, and does not support most "legacy" hardware and a lot of software....

XP may be old but if it is what people still want it does not reflect very well on newer offerings ...

Re:Special treatment again? (0)

Anonymous Coward | more than 2 years ago | (#39654877)

How many Linux and OSX releases are supported for 12 years?

I can upgrade my Linux systems (a) for free, and (b) without the OS now feeding everything through its DRM system, or whatever it was Vista did which everyone was up in arms about at the time, but nobody seems to remember now. I'm still fundamentally opposed to something I'm supposed to be owning doing such things.

(And I don't expect ethical behaviour from Apple.)

Re:Special treatment again? (1)

scsirob (246572) | more than 2 years ago | (#39654915)

Linux kernel 2.4.0 was released in 2001. Until very recently there was still active development on it.

Hey look! Bias! (0)

Anonymous Coward | more than 2 years ago | (#39654621)

"Microsoft's RECENT announcement..."

Fuck this outright lie and loaded statement. The support cycle for XP is as old as the OS itself. The end of extended support date was set over a freaking decade ago. It's not like they suddenly just said that everyone has 2 years to upgrade.

If Slashdot is still around in 8 years I fully expect a "MS ENDS WINDOWS 7 SUPPORT - FORCES UNNEEDED UPGRADE!!!1" posting.

Anti virus vendors do this for years now! (0)

Anonymous Coward | more than 2 years ago | (#39654645)

I don't get articles like these; it looks to me as if people are now somewhat blaming MS for stopping support (after 13 years for crying out loud!) due to possible unsecured boxes?

First; this is not the responsibility of Microsoft but the owners of said PC's. If they're smart they'll upgrade to Windows 7 while they still can (so before Win8 comes out).

Second; If this is such a big issue then I'd put more blame on anti virus companies. You know; the ones which provide a virus scanner "free of charge" with a new PC. Of course; its only free for 3 months or so and I'm more worried about the thousands (if not more people) who think they're protected ("I got a free scanner, I have nothing to worry about") while in fact their subscription has ran out a long time ago.

Re:Anti virus vendors do this for years now! (0)

Anonymous Coward | more than 2 years ago | (#39654769)

It's much more than that. it's a matter of timing also. It doesn't matter that they set the EOL a fucking decade ago, they set it, they can change it.
Currently, it's perfectly timed to coincide with the collapse of the monetary system and government.

Clearly you were not listening at all when the article said upgrading is NOT AN OPTION.

virus scanner "free of charge" with a new PC, is not the same as XP powering a fucking SCADA system.
This is why you don't get it, cause you don't know what the fuck your talking about. Remember that when someone hacks your sewage and your home fills with shit.

Having an Anti-Virus and actually understanding how virus's work are two different things. If your an idiot your anti-virus won't matter. And alternatively if you know your system well enough, you don't need anti-virus at all. Anti virus isn't the core operating system.

Sorry about my attitude, it's nothing personal, I'm just sick and tired of all this fucking fascist with idiot remarks agreeing with said fascist bullshit. It's a good thing your name isn't attached, or you would never get a job in IT.

It's not just SCADA... (0)

Anonymous Coward | more than 2 years ago | (#39654679)

It's not just SCADA equipment where the OS can't be replaced due to the manufacturer failing to support anything newer than XP.

I work in a University science department and there are many pieces of scientific equipment which is run by machines running XP, such as mass spectrometers and electron microprobes. In addition to this there are expensive pieces if equipment for which drivers are not available for Windows 7, either 32 or 64 bit and very many where the software won't work correctly if it doesn't run as administrator.

This doesn't even include things such as display screens which have embedded computers running Windows XP Embedded, such as those made by Samsung, which are still being sold with XP installed.

Re:It's not just SCADA... (1)

Black Parrot (19622) | more than 2 years ago | (#39654897)

It's not just SCADA equipment where the OS can't be replaced due to the manufacturer failing to support anything newer than XP.

Plus, if you use SCADA you're probably fuxored already.

Lobby to pass a law to FORCE them to keep updating (0)

Anonymous Coward | more than 2 years ago | (#39654695)

That is all.

Re:Lobby to pass a law to FORCE them to keep updat (0)

Anonymous Coward | more than 2 years ago | (#39654785)

That would only work if the same laws applied to everyone. That would be an unmitigated disaster for the open source community which for most part shelves older versions far sooner.

General Purpose OSes have no place in PLCs (0)

Anonymous Coward | more than 2 years ago | (#39654697)

Seems foolish in hindsight for PLC makers to adopt any General Purpose OS for dedicated, safety-critical, hard-realtime applications. Write or license an embedded controller OS with only the software support needed for the hardware used, and stop there, says the Armchair Engineer (who hasn't picked up a scope probe in decades).

Just wondering about activation (5, Interesting)

scsirob (246572) | more than 2 years ago | (#39654723)

Set aside for a moment that XP is pretty old. I bought a legal copy of it. It does not have an expiration date on it, I am entitled to run it as long as I wish. My license appears to allow me to replace my hardware if it fails. But at some point XP may find that the changes are 'suspect' and require me to re-activate my legally bought copy. Will Microsoft continue to run their activation servers?

If not, will Microsoft provide a 'Golden Key' to activate without their Genuine Advantage Farm??

Re:Just wondering about activation (1)

Anonymous Coward | more than 2 years ago | (#39654827)

I've already reached that point with two Windows XP installs; they will not activate anymore despite being legally purchased. I've not even been able to get them restored over the phone.

This was an issue I _knew_ was coming when I first heard of Activation, but everyone was saying it was not going to be a big deal.

I guess they're right, those two computers now run OSS systems =/

Re:Just wondering about activation (1)

Anonymous Coward | more than 2 years ago | (#39654921)

Maybe, for security sake, Microsoft should make it clear that after EOL it disables the OS' network stack.

Omg its the end of the world! (3, Interesting)

wye43 (769759) | more than 2 years ago | (#39654751)

Someone, please, just think of the poor children running SCADA systems!
Oh wait, its only Windows XP
Oh wait, its actually in 2 years
Oh wait, its just support

Seriously, do we need a "Windows XP is gone and the world is already burning" scare-article posted every month on Slashdot? For the entire period of 7 years of pre-announced end of support for an ancient OS? This shouldn't even be on idle. Is this a tech site or little Suzie's shopping ground for pink dresses?

Scaremongering as usual (1)

DNX Blandy (666359) | more than 2 years ago | (#39654801)

It wont make any difference, the 2 main ways viruses etc get into a machine is: 1). Browser 2). Email. The router acts as a natural firewall so it's all down to the browser, anti-virus and the user being a bit savv and looking out for anything that's not right. Security nightmare my arse! We already have a security nightmare and it's the users fault mainly for not watching out.

Windows 95? (3, Interesting)

Black Parrot (19622) | more than 2 years ago | (#39654833)

Does anyone know what *actually* happened when everybody was saying the same thing about the end of support for Windows 95 a few years back?

Big problem, little problem, no problem?

Why are SCADA systems not offline? (1)

Aereus (1042228) | more than 2 years ago | (#39654881)

Am I the only one who has to ask why these critical SCADA systems are set up in such a way that they would be vulnerable to networked viruses? Shouldn't they be isolated and theoretically only updated by USB or something where you could insure the source media was clean before use? (And yes I know even that is a rather naive belief)

When (0)

EvanGG (2557438) | more than 2 years ago | (#39654911)

When did /. become nonsensical fear mongering? So over this website. But... I loved you. :(
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>