Feeds

back to article Life support's ABOUT to be switched off, but XP's suddenly COOL again

Windows XP has enjoyed a second resurgence in popularity, despite its looming end-of-support date. Net Applications' data for desktop operating systems in January showed Windows XP had increased its market share by a fraction. It marked the Windows Vista predecessor's second bounce in its slowly declining market share, which …

COMMENTS

This topic is closed for new posts.

Page:

Bronze badge

I'll say it again

..as the hype machine tries to pick up speed.

Most of the large sites I've worked on recently are running XP with security patches which are several years old. Instead they rely on security software to do the job for them. Now, some people may not think this is a good solution but on the other hand none of them have had any security problems.

So, for companies like this, there's no hurry to upgrade which is probably why lots of them aren't doing it.

24
4
Silver badge

Re: "none of them have had any security problems"

You mean to say "none of them have been targeted yet", don't you ?

6
4

Re: "none of them have had any security problems"

Or possibly "none of them have noticed their security problems yet"?

13
3
Silver badge

Re: "none of them have had any security problems"

@Pascal. No, what it means is that the XP machines have not been placed into a situation where they are exploitable.

If you're on a decently secured network behind well maintained firewalls and you leverage good proxies and good security controls then you minimise the risk of being attacked.

"not having security problems" is about having multiple layers of security in place - lots of thinner layers are much more secure than one big thick layer, so using a partially protected XP behind well maintained firewalls is safer than a fully patched Linux desktop directly connected to the Internet.

33
2
Silver badge

Re: "none of them have had any security problems"

the other answer could be you are riddled with issues, but you are blissfully unaware. Like the people that say, "I've never installed AV and not ever had a virus", well how do you know?

5
12
Anonymous Coward

Re: "none of them have had any security problems"

tell that to Iranian Nuclear scientists.

8
0
LDS
Silver badge

"none of them have had any security problems"

... they are aware of... <G>

The more holes you have, the easier for an attacker to hide on your systems. You can't rely on a single layer of protection - running unpatched systems thinking your firewall, IDS or AV will protect you is simply silly.

4
2
Silver badge

Re: "none of them have had any security problems"

tell that to Iranian Nuclear scientists.

Just the point I was making to someone who thought a PC not connected to a network was secure "by definition".

I offered to make it secure by removing its CD drive and filling its USB slots and Ethernet jacks with epoxy glue (as used to be done at certain MoD sites) but he declined. He needed to get data in and out of it, and wouldn't see that it would soon become a "Typhoid Mary" spreading USB-based malware.

2
1

Re: "none of them have had any security problems"

The single best way to keep a network secure is to keep EVERTHING up to date, if you cannot update the OS then you will very quickly have a site full of security holes, it will just be a matter of time till you are compromised (if you aren't already)

Security threats nowadays don't scream out, they hide and do not want to be found. AV alone will not keep your machines safe

0
0

RE: I'll say it again

on the other hand none of them have had any security problems.

I bet that's what Barclays thought too

0
0
Gold badge

A possible explanation

Loads of companies that had previously been running XP, but behind a firewall and not browsing the web, have off-loaded their hardware recently. The companies are now running Win7, but the off-loaded machines have found their way onto the "previously loved" market and are now running in homes with no firewalling and a userbase who do almost nothing *except* surf dodgy websites.

2
2
Facepalm

Re: A possible explanation

I dunno. my employer physically scraps surplus machines, its too expensive to wipe them securely for resale or donation. the disk drives go into a metal shreader

9
0
Bronze badge

Re: A possible explanation

We donate the ones we decommission, it does take some time to reformat the drives and reinstall from scratch but not that long, I even put some free software and games into them.

10
0
Silver badge

Re: A possible explanation

Or lots of people (like me) who've seen the hype have dusted off their old XP laptops to do "one last" round of updates, and while they're downloading they've been surfing, updating social media pages, etc. hence inflating the numbers of apparently active XP systems.

As for the _two_ schools of thought, there is a thrid one. Script Kiddies will get far more kudos for their latest Android or Windows 8 hack, and so very few of them will give a damn about writing new malware for an obsolete OS. How many new viruses for 95 or 98 have appeared recently?

10
0
Silver badge

A simpler explanation

Net Applications numbers are based on browsers so pretty suspect in any case. However, you always see a surge in IE in January as people return to corporate environments after the holidays. I'd hazard a guess that the majority of household computers have already moved to Windows 7 not least because they don't have access to enterprise install disks.

1
2
Silver badge

Re: writing new malware for an obsolete OS

An obsolete OS that still holds 29% of the market.

Win98/95 are part of the block labelled "Other", representing 0,10% of the market.

So Win98/95 are definitely not worth working on. WinXP, on the other hand, encloses almost one third of all computer users, who are more and more clueless home owners, ie ideal pickings for scammers and criminals.

This is very much an opportunity for the crims, since XP users may only be a third of the market, but probably represent a better return on investment since anything that works is something the crims can soon consider stable.

3
0
Silver badge

Re: A possible explanation

"Or lots of people (like me) who've seen the hype have dusted off their old XP laptops to do "one last" round of updates, "

I've just pulled the HD and will put the ancient lappy on Freecycle.

The Hd will do for back-up storqge.

The lappy as a doorstop somewhere

0
0
CLD

Re: A possible explanation

We wipe our machines with DBAN and then give them to a eWaste recycler; the eWaste recycler chooses what to dispose of and what to resell. We do allow staff to take some of the machines home once they've been wiped - espically the IT folks; anything they learn at home from tinkering can potentially be applied in the work space, which is a win-win situation. Always good to know your eWaste is not going to landfill.

1
0
CLD

Re: A possible explanation

I suppose adding to this, a number of our staff are grabbing some of the old machines with Vista Business licenses and buying SSD's and a Windows 8 upgrade license and building media centre's out of them... I've seen one and it works great.

0
0
Bronze badge

What moron browses the internet while logged on as Admin?

1
24
Bronze badge

Not morons

Just ordinary folk, not techie, doing ordinary jobs, who see a computer as a commodity item. And they just want it to work. Which is also one reason why they sell their souls to Amazon and/or Google.Those ithingys and Android data slurpers just work.

No constant updates. No screens suddenly appearing or vanishing when you move a mouse incautiously. No files buried deep down in obscure folders that aren't really where they seem to be,

XP shares some of that simple, basic functionality. WIn 7 at least gives an appearance of it. Win 8 is a dog's breakfast.

22
0
Silver badge

"What moron browses the internet while logged on as Admin?"

1. Anyone using Windows, which makes it extremely awkward to work with separate root and user accounts.

2. Anyone using Linux who has to do system admin work that involves (as it all too often does nowadays) network access as an integral part of processes such as installations and upgrades.

7
14
Bronze badge

What morons browses the internet while logged on as Admin?

easy answer for you: windows users.

11
11

"What moron browses the internet while logged on as Admin?"

These "morons" you speak of - most of them will be completely unaware of even the concept of Admin. These "morons" will most likely believe that all users of a PC have the same amount of access and won't know that it's possible to have different levels of authority. The thought will not even have occurred to them.

These "morons" will include people like your kids, your parents, your siblings, your neighbours, the butcher down the road and the newsagent beside that.

These "morons" are normal intelligent people, who I'm pretty sure make up the vast, vast majority of the population.

You should've asked what geek or nerd does it - and even then I'm certain there'd be way more positives than negatives.

32
1
Silver badge

"Anyone using Linux who has to do system admin work that involves (as it all too often does nowadays) network access"

Network access != "browsing internet" For installations and upgrades I'm running the process (Yast in my case) as root but I'm browsing any necessary extra info as a normal user Yast is going to predefined repositories, IF these have been tampered with well that's a very different matter

5
0
Anonymous Coward

This will probably be unpopular even with some of your down-voters, but I'd classify as a sub-set of the 'Moron' group being those who think, if you're sensible, it matters.

To believe that (unless you frequent the darker side of the internet and/or you're extremely unlucky) you need _not_ to be in an admin account while surfing, is paranoia on a par with wearing a safety helmet for walking.

Or are you just loudly re-tweeting the peer group's received wisdom, like any other mark social acceptance addict?

6
6
Silver badge

"What moron browses the internet while logged on as Admin?"

The same Morons that don't do monthly tyre, oil and water checks on their cars;

The same Morons that don't have an annual service on their boilers

The same Morons that don't carbon monoxide detectors near fossil fuel burning appliances.

The same Morons that don't check their smoke alarms once a month

The same Morons that cross near, but not on a pedestrian crossings

The same Morons that don't turn off devices at the mains (ask your local fire brigade about this one)

i.e. normal people, of course if you don't do any of those, ever, well done, but I could go on and sure I find something you SHOULD be doing, but don't.

13
4
Silver badge

@Chemist

'Network access != "browsing internet"'

Isn't that a pedantic distinction? "Browsing" is a popular term that has come to mean any network activity - although technically, of course, it should be restricted to reading Web pages.

But then there are plenty of safe Web pages, and plenty of unsafe non-Web Internet addresses.

0
4
Silver badge

Re: @Chemist

"unsafe non-Web Internet addresses."

Whilst I agree that you do still need a mechanism. Normal updating of a Linux distro would seem to me to be one of the less risky behaviours

I think it unlikely that just running an update mechanism as root and everything else as a user will result in harm. The real no-no would be running a desktop session as root and behaving like a user

3
0

"Anyone using Linux who has to do system admin work"

Suggest trying

man sudo

and Googling basic good tactics guides.

4
0
Bronze badge

Re: @Chemist

Depends on where you are. I spend a lot of time at work on the network as it's a part of what I do but I don't necessarily venture outside the safety of the intranet and out onto the Internet which, of course, means navigating through the firewalls.

If you are talking of a small installation or a home setup, then yes, I'd agree that the distinction is probably pointless.

0
0
Bronze badge

I've tried sudo on a few occasions but not only does it not work in all situations but it can be as big a security bug as having a system with a default root password if you know how to manipulate its configuration.

1
1
Silver badge

During the meanwhile ...

I'll continue running Slackware. slackware.com

Works for me. Try it. You might like it.

3
4

I still love XP..

For watching Netflix under a virtual machine. Haven't used windows for anything else in the last month.

My main activities I can do under Linux or using my Android tablet or mobile.

Since my recovery partition borked and the recovery disks I'd previously used started to fail on the last set of 5 at 96% I gave up trying to re-install. I did try from another install for Win7 but my "genuine" sticker with the Key is faded and unreadable so Microsoft won't help when I ring them up.

So screw Microsoft, I'm not paying a second time for an OS that I had installed already and I'll run XP virtually when I need to.

8
0
Bronze badge

Re: I still love XP..

http://how-to.wikia.com/wiki/How_to_watch_Netflix_%28Watch_Instantly%29_in_Linux

It's possible to use Netflix in Linux, I find that it's slightly laggier and sometimes there's a touch of artefacting, but it's definitely watchable.

2
0

Re: I still love XP..

You run XP under a VM to just watch netflix??

Yet you use linux and android for the rest. Why not use the android netflix app? As for the VM, whats wrong with wine? Not that I am a *ux lover but seriously... I call you on that one mate.

2
0

Re: I still love XP..

Yet you use linux and android for the rest. Why not use the android netflix app? As for the VM, whats wrong with wine? Not that I am a *ux lover but seriously... I call you on that one mate.

Because Netflix on my Nexus 7 isn't as enjoyable as as on 17'' laptop screen or as watching it on my HD telly via HDMI!

As for Netflix under Wine it works using a specially hacked wine and reposotories under 12.04 and later but I'm using 11.10 because that's the last version that fully supported my Ati graphics and I don't have the finances to upgrade at the moment. On my system all the howto's didn't work and I got fed up faffing around when I had an alternative

Seriously. Most of my time under Win 7 was normal browsing email and watching video via HDMI.

(and under Virtualbox it's not laggy except for the first couple of minutes at full screen. Perhaps because absolutely nothing else has been installed)

1
0
Silver badge

Re: I still love XP..

Get a Chromecast. Problem solved.

0
0
Windows

So will MS give me a free upgrade to Win7 Home Premium?

3
8
Bronze badge

Will Ford replace my other half's 1999 Fiesta with a 2012 model?

Thought not.

12
5

Why would they Julian? Serious answer only. And if we must compare cars why not go all the way back to when drum brakes and no airbags were standard. Should a car manufacturer replace them for free too? Take your brain out of first gear mate.

7
3
Silver badge

Yes, manufacturers should replace unsafe cars

Your car analogy isn't entirely convincing. See, for example, http://www.huppi.com/kangaroo/Pinto.htm.

0
0
Bronze badge

Re: Yes, manufacturers should replace unsafe cars

You can still get parts and servicing for a '99 Fiesta. Ford haven't cut you off.

9
1
Bronze badge

re tabman

Err, It was irony. And not sublte irony at that..

0
1

You can get a free upgrade from Xubuntu 13.04 to 13.10 for a limited time, if you act NOW. It looks and acts a lot like XP, except for the malware download client.

0
0
Bronze badge

Too right. They're too busy trying to flog the ludicrous "B-Max".

0
0
Bronze badge

Only machine I can think of, my old Netbook runs Linux, XP and OSX.

Plenty of alternative there.

0
0
Anonymous Coward

Am I imagining things?

ISTR there is an EU-wide mandatory 6 year warranty against design faults. Since it's a statutory right it can't be over-ridden by licensing agreements. XP was on sale via OEMs until just over five years ago. Any security flaw would count under that provision.

Surely that means that means anyone with a five-year-old XP laptop can take it back to the seller and demand a fix or refund the instant a "we can't be bothered to patch it" vuln is found? If you get a full refund on whatever they were offering five years ago that sounds like a good deal, even if it kills the resellers.

Nope, I'm not after a free laptop - I've never run XP. If it kills MS that can't be bad though.

6
3
Bronze badge

Re: Am I imagining things?

"ISTR there is an EU-wide mandatory 6 year warranty against design faults."

That would be pretty hard to apply to someone hacking your computer. It would be similar to claiming that because your car was stolen there must have been a design fault and thus the manufacturer should give you another for free.

A vulnerability isn't a fault, in the same way that a car having windows made of glass isn't a fault. The obvious solution for MS if a court tried that approach would simply be to release one last update that disabled all networking capability, rendering the OS completely secure.

4
0
Anonymous Coward

Re: Am I imagining things?

I'd add disabling all usb and external storage media as well.

The OS is ancient, if you want to keep using it vaguely safely you'll have to pony up or rely on "community support" or its obsolescence making it unattractive (which certainly wont be the case with it having over 30% of the market), like anyone using an obsolete OS/Product.

0
0

Page:

This topic is closed for new posts.