 Smokey Bearveritas odium parit
Premium Member
join:2008-03-15
Annie's Pub
kudos:4 |
Windows XP: Remove the Cable, Tape Up the Ethernet PortRocketNews24 | 5-3-2013 quote:
With No Cash for Upgrades, Local Government to Disconnect Some PCs from Net and Tape up Ethernet Ports:
On April 8, 2014, Microsoft will end support for its XP operating system which is still installed on one-third of PCs in Japan. After that date, the company will no longer provide corrective updates should any security flaws be discovered, meaning users will be more susceptible to risks such as information theft and leakage. Though local governments are moving ahead with replacement plans, “cost concerns” and “worries about human error” are weighing heavily on some municipalities as talk of strategies including simply unplugging vulnerable machines and duct taping their ethernet ports becomes worryingly common.
Source/full article: » en.rocketnews24.com/2013 ··· t-ports/ |
|
 beck
MVM
join:2002-01-29
On The Road
kudos:1 ·Stablehost.com
|
beck
MVM
2013-May-5 8:57 am
I can understand they don't have the money to buy all new machines. But if they just disconnect the machines from the net, how are they going to exchange files or get updates for the antivirus? USB flash drives? Unless they don't ever update or exchange data, they should be fine. But how long will that be?
Not like the marching of time has come as a surprise, huh? |
|
 sivranVive Vivaldi
Premium Member
join:2003-09-15
Irving, TX
kudos:2 |
to Smokey Bear
Gee, it's like they're worried about internal threats, only unplugging the ethernet port won't do much good against such a threat. |
|
 StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
StuartMW
Premium Member
2013-May-5 10:21 am
Yeah well many seem to believe the day XP support ends all software on those boxes will die and the machines will burst into flames.
Support ended for Win2K a long time ago and my Win2K SP4 box continues to work. Granted it won't run a lot of newer software but that's not a security issue. |
|
|
 ·WOW Internet and..
|
said by StuartMW:Yeah well many seem to believe the day XP support ends all software on those boxes will die and the machines will burst into flames.
+1 It's the great "newer is always more secure" mantra pushed by so many, including people who really ought to know better. Not necessarily true, and it shows a remarkably poor understanding of what security is. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
to StuartMW
Indeed. Whereas my guess is the reverse: the longer the software has been around and has been subject to security fixes, the fewer in number the glaring holes that remain, and the harder they are to exploit.
So, a well-seasoned XP (with appropriately well-seasoned apps) is likely to be more secure than Windows 9 with IE 15 and the latest Flash plugins.
Anyone know of any studies here? |
|
StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
StuartMW
Premium Member
2013-May-5 11:40 am
said by dave:Anyone know of any studies here? The only thing I've seen and read is Microsoft Security Intelligence Report Volume 14 (July - December 2012)(Look at P7 on. "Operating system statistics") |
|
 Dustyn
Premium Member
join:2003-02-26
Ontario, CAN
kudos:13
·Rogers Hi-Speed
|
to Smokey Bear
The worst part is having no upgrade path when it comes to IE8 on Windows XP. You're stuck with it if you choose to stick with XP. I'd love to get IE9 or IE10 on XP... just can't happen. At least there is Opera and Firefox.  |
|
StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
StuartMW
Premium Member
2013-May-5 12:43 pm
Well Microsoft makes $$$ (or did) getting people to upgrade their OS. That's how they survive for the most part. It's therefore in their interest to EOL stuff.
Of course it not just Microsoft a great many software publishers have the same business model.
Personally I think its almost useless to generalize about whether using EOL'ed software is a security issue. There are too many factors to consider. In some cases it may not be an issue while in others it might be a really bad idea.
In theory IT professionals are paid to make good decisions about this kind of stuff. Unfortunately, in my experience, that is not the norm. Political and/or financial considerations typically rule. |
|
| |
to Smokey Bear
There's these Operating Systems things called Linux and BSD and I hear they're giving them away for free... And word is they run great on old machines!
Who woulda thunkit? |
|
OZO
Premium Member
join:2003-01-17
kudos:2 |
to Smokey Bear
EoL scare is all about getting more money from artificially stimulated upgrades. Think for yourself, why an OS, after they proclaim its EoL, is going to be less secure, than it was a day before? Why one suddenly has to duct tape Ethernet ports? It's pure marketing... And BTW, I agree with dave - software, that has been through many, many years of running and fixing all its major vulnerabilities, could be a way more secure, than a newly developed one, that yet has to go through similar scrutiny path from the scratch for years to come.... |
|
 NetFixerSnarl For The Camera Please
Premium Member
join:2004-06-24
The Boro ·Cingular Wireless
·Comcast Business..
 ·Vonage
ARRIS SB6121
Switches Trash Bin
D-Link DIR-655 Rev. B
|
to Smokey Bear
Thanks for the humorous article (I assume that humor was the reason you started this thread).
FWIW, the only reason that Windows 2000 Pro and Server are no longer the Windows platform used on my network, is because several applications that I use suddenly (after the official EOL announcement for Windows 2000) required Windows XP/2003 for their next upgrades. The additional features in those applications is the only reason that I "upgraded" to the Windows XP/2003 platform.
The Windows 2000 platform was just as secure on my network as is the current Windows XP/2003 platform (I have never had any infections on any system on my network...except for a few tightly controlled deliberately induced infections done for research/testing). And since I am quite satisfied with the releases of the aforementioned applications that I currently use, I have no plans to spend any more money, or disrupt operations with OS (and hardware) upgrades on April 8, 2014. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
to StuartMW
said by StuartMW:Well Microsoft makes $$$ (or did) getting people to upgrade their OS. That's how they survive for the most part. It's therefore in their interest to EOL stuff. In the interest of fair representation, that's not the only reason to EOL stuff. Software evolves. For every version N, there will eventually be a version N+1 (or else the software is dead). Beyond the fact that you make money selling version N+1, it costs you money to continue to support version N. (Every bug fix in N+1 must be examined to see if it applies to N, N-1, N-2, ..., and if programmers are back-porting fixes to version N-99, they're not doing useful work on version N+2. And no you can't indefinitely add more programmers; it doesn't scale.) |
|
StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
StuartMW
Premium Member
2013-May-5 3:23 pm
said by dave:...that's not the only reason to EOL stuff. True. Another big reason is that the software development tools (compilers/linkers) often drop support for older OS'es (usually as a result of Microsoft doing so), Since most developers insist on using the latest and greatest tools the result is that newer software versions don't run on older OS'es. I've seen this happen time and again on Win2K. It's just the way the industry works. As Trihexagonal noted above many OS'es will run just fine on older hardware. That said there's a whole industry built on continual hardware/software updates. At some point that whole cycle will become unjustifiable IMO. For me personally I've already reached that point. |
|
BlitzenZeusBurnt Out Cynic
Premium Member
join:2000-01-13
kudos:6 |
to Smokey Bear
They were given three additional years to get their crap together, and move on from xp. Now this? All I hear is crying from people who were given a break who already had a well known EOL, and then ignored the new EOL. Crybabies, all of them. Three additional years to test, and put in place a proper plan.
Microsoft needs to make money to survive, if the customer has a problem with their latest offerings that's one thing, but to cling to decade old hardware also with a decade old operating system isn't helping anyone when they are usually supposed to handle sensitive information. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
to Smokey Bear
Back to the article. This seems to be not-quite-true:
“Why should we have to replace our computers at the convenience of the software manufacturer?”
Everything they have bought will continue to work as well tomorrow as it did yesterday. No-one is forcing them to replace anything.
On the other hand, if customers have been trained to believe that computers are only safe as long as they are actively getting software updates, then the software industry itself is the one to blame for that training. |
|
| |
when they say that support for win xp is ending, what that means is that any newly discovered vulnerabilities will not be patched.. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
dave
MVM
2013-May-5 3:48 pm
Yes, of course. But they weren't patched yesterday (for that vulnerability) either. The software is exactly as secure as it was before. |
|
| |
to BlitzenZeus
said by BlitzenZeus:They were given three additional years to get their crap together, and move on from xp. Now this? All I hear is crying from people who were given a break who already had a well known EOL, and then ignored the new EOL. Crybabies, all of them. Three additional years to test, and put in place a proper plan.
Not everyone wants to do a forklift refresh every 3 (or 5, or even 8) years. My current box came with XP, couldn't run Vista (drivers), barely runs Win 7 (with XP-legacy graphics), and runs Win 8 ok (but I'm not metrosexual). I can understand why people don't want to give up on hardware that just won't die, and don't want to risk OS-upgrading themselves into new hardware. |
|
BlitzenZeusBurnt Out Cynic
Premium Member
join:2000-01-13
kudos:6 |
Microsoft operating systems have been supported for a decade historically, if that's not long enough to provide support for something you only paid once for then I suggest you write your own damn operating system, or learn to use one of the free nix/bsd distros. |
|
 RebriderBeen There Done That
Premium Member
join:2000-11-23 |
to StuartMW
said by StuartMW:Yeah well many seem to believe the day XP support ends all software on those boxes will die and the machines will burst into flames.
Support ended for Win2K a long time ago and my Win2K SP4 box continues to work. Granted it won't run a lot of newer software but that's not a security issue.
I still a run a 98SE machine. Works great for what I use it for. |
|
StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
StuartMW
Premium Member
2013-May-5 4:37 pm
said by Rebrider:I still a run a 98SE machine. Until a few years ago I did too It was on an old (10 years) Toshiba laptop with 96MB of RAM. I gave it away in still working condition to someone that didn't have a PC. |
|
| |
to dave
said by dave:Yes, of course. But they weren't patched yesterday (for that vulnerability) either. The software is exactly as secure as it was before.
Well, the new vulnerabilities were not exploited yesterday. Now they are. If your system is vulnerable to a new threat and there is not a patch available to you I would say that is that much more insecure per se. But, with a competent operator it can be just as safe as it ever was. How rare are competent operator? YMMV. Dave |
|
| |
to Smokey Bear
They can easily end this problem forever » www.linuxmint.com/ |
|
BlitzenZeusBurnt Out Cynic
Premium Member
join:2000-01-13
kudos:6 |
Even distros have their EOL, some are long term support like around ten years or less, and others might only get support for a few years which you have to upgrade afterwards for updates. So it's not a forever solution, and current software even ran on nix/bsd will tend to use more resources if hardware is already the limitation. Besides most mainstream commercal programs are not available for these operating systems, and hardware support is quite hit and miss, otherwise many are missing advanced driver support unless you can somehow compile it on your own.
For businesses they need more of a professional solution, but for the everyday person they would likely be ok with Ubuntu, or Mint which is variation of Ubuntu for basic needs. |
|
 dib22
join:2002-01-27
Kansas City, MO |
to Smokey Bear
Epoxy in the port is more effective. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
dave
MVM
2013-May-5 6:14 pm
said by dib22:Epoxy in the port is more effective.
A time-proven technique in the minicomputer world. |
|
sivranVive Vivaldi
Premium Member
join:2003-09-15
Irving, TX
kudos:2 |
to StuartMW
I have a Win98SE machine that I took to work because it had something no other machine had: a serial port. We needed it to console into some of our "extra lab" devices... Despite that we got USB Serial adapters now, we still use my old museum piece because no one wants to bother taking their laptop in there.  |
|
| |
to Smokey Bear
Is there some reason that they cannot upgrade to Windows 7, on the same hardware? Or is the issue that they have "corporate apps" that were written for XP, and would have to be tested, patched, and rolled out for a newer OS?
I would say, that this issue would be a strong one in support for open-source OSes, in terms of support. You don't have to worry about support being EOL, when you have the source code to your OS and can patch it yourself, rather than relying upon your OS vendor. |
|
StuartMWWho Is John Galt?
Premium Member
join:2000-08-06
Galt's Gulch
kudos:3 |
to sivran
I have two boxes that have real serial and parallel ports. In the consumer world no-one uses those anymore. That said they're still useful in some scenario's (e.g. embedded systems). |
|
·
·
·
·
