Author |
Message |
Just_ziptab
| Posted on Monday, April 07, 2014 - 08:59 pm: |
|
.....and there are tons of people that think they have to get a new computer now... since there will be no more support for XP. Sheeple!! |
Cataract2
| Posted on Monday, April 07, 2014 - 09:09 pm: |
|
One. http://www.linuxmint.com/ Two. http://www.ubuntu.com/ Or your choose. http://distrowatch.com/ |
Court
| Posted on Monday, April 07, 2014 - 09:51 pm: |
|
Mac |
Blake
| Posted on Monday, April 07, 2014 - 10:12 pm: |
|
Can't they just upgrade to Win7 OS? |
Ltbuell
| Posted on Monday, April 07, 2014 - 10:56 pm: |
|
...provided that their computer is fast enough and has the capacity.......some can .....some can't....... |
Froggy
| Posted on Monday, April 07, 2014 - 11:11 pm: |
|
quote:Can't they just upgrade to Win7 OS?
While it depends on the situation, most people still running XP will find it easier to buy a new computer than worry about dealing with upgrading to a different OS. This is especially true if they are running older hardware that might not have support in newer versions of Windows or Linux/Mac. Installing newer versions of Windows or Linux is very easy these days, but still isn't something I would just want anyone that doesn't know what their doing to do. Running XP while connected to the internet is just asking for trouble now.
quote:Mac
Given Apple's history of intentionally not supporting things that are not the latest and greatest I can't recommend this. You are lucky to get a few years support out of their products before they shut you out, and 12 years like XP is out of the question entirely. http://techaeris.com/2014/02/28/apple-drops-suppor t-updates-snow-leopard/ http://www.maclife.com/article/news/apple_drops_su pport_windows_7_boot_camp_new_mac_pro |
Fahren
| Posted on Monday, April 07, 2014 - 11:15 pm: |
|
I heard a lot of bank machine networks are still running on xp. Anyone know if this is true? Not so reassuring, if true. |
Froggy
| Posted on Monday, April 07, 2014 - 11:24 pm: |
|
Many bank ATMs use an embedded version of XP, which is quite a bit different than the consumer version but still XP at its core. It is not something I would worry about, as there (usually) is multiple layers of security on the machines, and most flaws would not normally be exploitable (like nobody on the ATM to open a virus infected email) |
Airbozo
| Posted on Tuesday, April 08, 2014 - 02:27 am: |
|
XP is still viable for those people that know better than to open the latest attachment from their new friend in Zimbabwe trying to transfer millions to their bank account. Probable less than 20% of the population. Most security products will still provide support for several years and possibly longer. To be honest I don't blame M$ for ending support. The OS is 12+ years old and is way past it's prime. I still have a couple of systems running XP (or sever 2003 which is the same base kernel) and will most likely keep them running for another year or so. Everything is behind a pretty good firewall so I am not worried. Mostly monitoring and data storage systems which don't need upgrading yet. At work I have about 200 copies of XP stashed, just for one customer. They are working now to move to linux, but have a year or two for acceptance testing before they switch. They are in no hurry either since their product is not connected to any external networks (medical device). They are not running embedded XP, which does have support through 2015 or 2016 (despite my insistence), so now I charge what I want for the license. At one time, something like 90% of ATM's were running XP or embedded XP. Like Froggy said, Embedded XP is the same base kernel, but the OS is custom tailored for the application and only has support for what the developers wanted. Many of the viruses around would not even affect the Embedded XP OS since the services required by those infections are not even installed on the systems. |
Reepicheep
| Posted on Tuesday, April 08, 2014 - 09:29 am: |
|
Supporting ATM's and medical equipment running XP is going to be a fairly major headache for a lot of organizations. There will be "breaking changes" around these devices, and no way to easily fix them. Layers of security help, except when they don't, so having XP around is like leaving a loaded gun on the kitchen table. Can it be done safely? Sure. Should it be done? Nope. Will it go wrong for some large number of people over time if a lot of people do it? Yup. |
Blake
| Posted on Tuesday, April 08, 2014 - 09:49 am: |
|
Can you explain the risk? After 12 years, there remain unresolved exploits for attacking an XP machine? Frank, the apple products just don't garner near the same attention by the malevolent hacking types as do the MS based systems. But you know this. The risk is virtually nil, no? |
Froggy
| Posted on Tuesday, April 08, 2014 - 10:34 am: |
|
quote:After 12 years, there remain unresolved exploits for attacking an XP machine?
Yes, and as the OS constantly evolved over the last decade, some changes and security fixes caused other issues to form. At a security convention I recently attended, one of the subjects discussed was how some were actually hoarding newly discovered exploits, and are waiting till after the support deadline passes. Then they can sell the information on the vulnerability or exploit it themselves, with the possibility it will never be patched from Microsoft.
quote:Frank, the apple products just don't garner near the same attention by the malevolent hacking types as do the MS based systems. But you know this. The risk is virtually nil, no?
The world is changing, and this is no longer entirely true. Given that XP has been dying off and the significant improvements in security in its successors, and the increasing market share of OSX and IOS devices, there are many exploits for those devices now. Malware itself is not as prevalent on OSX as Windows, but with both OSes shifting to a tightly regulated app store environments the risk of malware on them is significantly reduced. |
Jaimec
| Posted on Tuesday, April 08, 2014 - 10:53 am: |
|
TECHNICALLY, you're good with XP until May 13th. That's when Microsoft rolls out the next set of patches for Windows 7, 8 and 8.1. At that point, the blackhats can analyze the patched vulnerabilities and determine whether or not they are also in XP. If so, then they are free to exploit them since they'll never be patched. In other words, you still have time. The world did NOT end today. You have another month. I jumped off of Windows XP when I first saw that horror show Microsoft foisted on people as "Windows 8." I figured if I HAVE to learn an entirely new interface anyway, now is as good a time as any to switch to Linux. I went with Ubuntu since it is the easiest to install for someone who's never installed Linux successfully before (I tried multiple times in the past with various flavors of Red Hat and just gave up). The much-maligned Unity desktop really isn't all that hard to figure out. I found it very easy, actually. I do occasionally bring up both Win7 and WinXP inside VirtualBox VMs for those programs I need that absolutely/positively won't run under WINE. I also have DOSBOX running and was able to successfully resurrect a lot of my old DOS-based games, too. Looking forward to upgrading from "Precise" to "Trusty" later this month. Just installed the last Trusty beta under VirtualBox and I'm going to start playing with it tonight. |
Teeps
| Posted on Tuesday, April 08, 2014 - 11:52 am: |
|
Blake Posted on Monday, April 07, 2014 - Can't they just upgrade to Win7 OS? "UPGRADE" no. I tried about a year ago and could not find a path to upgrade to Win7 from XP. You have to do a clean install of Win7, 8 or 8.1 on the XP machine, if said machine's hardware can support the new OS . |
Airbozo
| Posted on Tuesday, April 08, 2014 - 01:04 pm: |
|
"Supporting ATM's and medical equipment running XP is going to be a fairly major headache for a lot of organizations. There will be "breaking changes" around these devices, and no way to easily fix them. Layers of security help, except when they don't, so having XP around is like leaving a loaded gun on the kitchen table. Can it be done safely? Sure. Should it be done? Nope. Will it go wrong for some large number of people over time if a lot of people do it? Yup." Not as big an issue as a lot of people think, since most of the systems are running Embedded XP and it still has patches supplied through the end of 2015. http://support.microsoft.com/lifecycle/search/defa ult.aspx?alpha=Windows+XP+embedded Besides most of those systems are not connected to a public network any way. For medical devices, they have few issues since the hardware is not changing and the software applications are getting minor tweaks (FDA regulations force the medical device communities to support hardware and software for 7 years). The ATM companies have been working on a solution for over a year now and will most likely roll out the new OS's slowly over the next few years. Probably with new hardware as well. |
Reepicheep
| Posted on Tuesday, April 08, 2014 - 02:28 pm: |
|
You are kidding yourself if you think using an apple makes you safe. It's a better managed ecosystem, but it is at risk like any other ecosystem, and the protections for all are similar (patch frequently, use good judgement, run less stuff, avoid untrusted stuff wherever possible). Like Frank said, there is a steady trickle of vulnerabilities for any OS that will constantly appear. XP will get extra attention now that attackers know there won't be any patches available for people to install to break their attacks. You have lost your first and best defense (patching). You can try alternate controls, which will have some effectiveness, but they get increasingly difficult. A minimum would be keeping that XP machine the hell away from the internet (even as a client). If it is embedded (like in an ATM or piece of medical equipment) that could keep it going for a while, but it is hard to make sure the network never even indirectly touches those machines while keeping those machines useful. Stuxnet was smart about infecting USB drives, which would then wait until they were connected to a system that was not Internet facing, and then spread. After 5 successful infection spreads, the USB drive involved would clean itself up to make it harder to trace and less likely to be discovered later (with updated AV signatures). So even the Iranian centrifuges that were protected by an "air gap" were infected anyway... it is incredibly hard to use something in any meaningful way and not have it directly or indirectly exposed to attack vectors. |
Airbozo
| Posted on Tuesday, April 08, 2014 - 04:18 pm: |
|
"If it is embedded (like in an ATM or piece of medical equipment) that could keep it going for a while, but it is hard to make sure the network never even indirectly touches those machines while keeping those machines useful. " Lacking a physical connection is the best way and a requirement for most devices in a hospital. None of the medical devices we make are ever connected to anything but an isolated network (internal to the rack or device). Even in my labs, the machines used to image and burn in those devices are required to be isolated. While it is possible to infect the systems via USB drives, even that is disabled and requires a reboot with the administration password to unlock the ports. Limiting access to those devices is the best way to prevent USB infection and so far has worked (12+ years and counting). What's funny, is that my XP machines have never had any sort of virus or malware since I set them up over a decade ago. 2 of them are explainable since few people have ever logged into them, but my main rig is connected to the internet and had been used as a primary system up until last year. All it takes is understanding what not to do and a good router/firewall. I miss SGI's TRIX (Trusted IRIX). Most secure OS I have ever used. We put it outside SGI's firewalls and offered a $100,000 bounty to the first person that could retrieve a simple text file from it. They shut it down 5 years later without having to pay. The US military was pissed when SGI announced an end to IRIX (and TRIX). I think the source code was handed over to them (cannot confirm this). |
Fdl3
| Posted on Wednesday, April 09, 2014 - 11:42 am: |
|
Count me as one of those who have replaced Windows XP with Linux (specifically Ubuntu 14.04 and Lubuntu 14.04). Honestly, I would prefer to "upgrade" to Windows 7 or 8, preferably Windows 8. However, I am unwilling to pay $100 (or more). If the cost were $20 (or less), I would buy multiple copies and go through the hassle of having to perform a fresh install (and re-install of applications). While Ubuntu/Lubuntu may not be for everyone, I have been extremely impressed with these free operating systems. I am especially impressed how most Linux distros offer a "Live CD" option. This option lets you burn an ISO image of the distro to a CD/DVD and try it on your computer without having to actually install it. This lets you evaluate how well the distro detects hardware, how well it might run, and how well you might adapt to it. I have installed Ubuntu 14.04 on a Toshiba laptop. The laptop originally came with Vista. The poor performance of Vista on this machine is what drove me to install Ubuntu. Now the performance is much snappier! For me, Ubuntu and it's Unity interface provides a much-needed respite from the same-old-same-old Windows 95/98/ME/XP/Vista/7 style interface. The new interface in Windows 8 is actually enticing to me, but then again, I also enjoy having a Windows 8 phone. Since Ubuntu is a bit more process-intensive (mainly due to the Unity interface), I have replaced XP with Lubuntu on a home Dell Vostro 200. Lubuntu is especially "lean" in order to work better on computers with lower specifications (CPU, RAM, etc.). Lubuntu even has a "Microsoft XP" theme should you really prefer that look. But honestly, the default Lubuntu interface looks and feels so much like the XP interface, a theme is really not needed. Lubuntu is what I would install on computers for family members. I keep thinking Microsoft is missing a potential revenue stream. It astounds me that MS does not offer a lower price of Windows 7/8 for XP users. Isn't a low price better than nothing?! I also keep thinking the XP EOL (end-of-life) may be the best thing for Linux. For years, Linux supporters have been waiting on "the year for Linux on the desktop". To me, the ending of XP support has the potential to make 2014 that year. Linux is certainly not all roses. So far, I have found equivalent (and sometimes better) applications. But I loathe the day when that might not be the case. At least the means of obtaining new Linux applications is much easier. Installing WINE may mitigate this issue for most things, but not all. WINE is a Linux application layer that allows for the installation and use of Windows applications in Linux. In fact, I have already used WINE to install a Windows game, albeit an older game. At this point in time, I am pleased with the free alternatives Linux has to offer over Windows XP/Vista. (Message edited by fdl3 on April 10, 2014) |
Hootowl
| Posted on Wednesday, April 09, 2014 - 02:29 pm: |
|
Apple released more security patches than MS did in, I think, 2006. In 2012, they patched over 80 Safari flaws. Apple does not mean safe, and hackers, as more and more people use apple products, are focusing on that platform. Remember, one of the IOS jailbreaks exploited a flaw in the browser (ok, the Acrobat plugin) to break out of the jail, and gain root access the OS. Any site you visited could have done the same thing to your oh-so-secure iPhone, but with malicious intent. In another jailbreak exploit, the jailbreak team actually patched the flaw they exploited as part of the process. For a while, your jailbroken phone was more secure than a non jailbroken phone. |
Crackhead
| Posted on Thursday, April 10, 2014 - 04:14 pm: |
|
Unless I want to build a gaming rig, I don't need a new desk / laptop. I can do 99% of what I use to do (except gaming) from my tablet. I have a feeling there will be a lot of people that will not get a new system. |
Aesquire
| Posted on Thursday, April 10, 2014 - 06:42 pm: |
|
I'm running XP on my machine in the man cave. Had to get Chrome to go to more & more sites...... but it's still running. When they get to the next sweet spot in processor cost/power I'm going to build a new upstairs box & pass the current one down. It's running 7. Kinda waiting for 9. I'm not really worried about security on the cave box. I run eset suite and it works. |
Cataract2
| Posted on Thursday, April 10, 2014 - 08:39 pm: |
|
|
|