Comments
Windows XP Security Issues: Fact Vs. Fiction
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 4   >   >>
anon9798589529
50%
50%
anon9798589529,
User Rank: Apprentice
3/13/2014 | 3:17:56 PM
Re: The issue is no one trusts Microsoft
Michael,

Thank you VERY MUCH for your prompt reply & reconmmendation
Michael Endler
50%
50%
Michael Endler,
User Rank: Author
3/13/2014 | 3:00:03 PM
Re: The issue is no one trusts Microsoft
It's a calculated risk, but if it were me, I'd probably upgrade; that's what I've been recommending to friends and family.

AV software will help, but it is gonna be more reactive than proactive, so there are no guarantees. Depending on your computer, you might be able to upgrade OSes, rather than purchasing a new machine. As many in this thread have pointed out, your online habits and software needs will dictate what kind of replacement OS (if any) would be most ideal. For web browsing and email, a tablet or Chromebook might be just as good (and likely faster) than an old PC. If you ever do heavier content creation, such as running Photoshop, then it's a different story (though if you're running something like Photoshop, I'd wonder why you haven't embraced a more modern OS already).
TerryB
50%
50%
TerryB,
User Rank: Ninja
3/13/2014 | 1:12:47 PM
Re: Healthcare scare?
Exactly. Except for a few isolated PC issues, Y2K was about the transition from days where storage (and memory) was so expensive you saved space by storing dates in Julian and two digit year formats. Compounding that, us programmers who thought we were clever learned stupid math tricks in code to do date arithmetic on these dates with 2 digit years. None of that would work after going from 19 to 20 in century. That's why ERP work was at an all time high during late 90's.

This XP thing is all about security, period. Commenters in this forum have done an excellent job discussing the issues. The most at risk XP user will be the non IT savvy home user who mostly browsing internet and get emails. There will definitely be exploits looking for these people.
AlR157
50%
50%
AlR157,
User Rank: Apprentice
3/13/2014 | 1:04:50 PM
Re: The issue is no one trusts Microsoft
Not well disclosed (since there's no attached revenue stream except for virus folk):

~90% of malware is hosted on XP

~90% of XP machines are in China

~90% of Chineese software, including OSs like XP, is pirated (not patchable under MS policy hence first bullet)

No one is screaming about Apple dropping support for Lion after four years with no notice. Why all the teeth knashing over XP? Anyone with any security chops has been saying XP is overdue for replacement for years.

Nothing to see here; move on.
jdempsey972
100%
0%
jdempsey972,
User Rank: Apprentice
3/13/2014 | 12:55:57 PM
Re: Healthcare scare?
Support for embedded XP ends on 1/12/2016.

http://support.microsoft.com/lifecycle/search/default.aspx?sort=PN&qid=&alpha=Windows+XP+Embedded&Filter=FilterNO
chasster123
50%
50%
chasster123,
User Rank: Apprentice
3/13/2014 | 11:52:01 AM
Re: Healthcare scare?
Comparing Y2K to this is Apples and Watermelons.

Much of the Y2K fear was identified by a simple test on PCs by changing the system clock to see how applications would function when dated in the future. Though this was not a 100% test it did wead out some motherboards and indicate that others would work well for years - as they did.

This being the first time of the industry reaching such a Timestamp was  heavily publisised.

I am aware of assorted consultants / comapnies that simply took advantage of the Media Fear that computer life was to end that day.

In fact very few items failed (that moment) and those that did (of all that I've heard) were items like the fuel distribution pump in a transportation yard. There were other issues but the World Did Not End and it will not in April.
chasster123
50%
50%
chasster123,
User Rank: Apprentice
3/13/2014 | 11:44:44 AM
XP - where it can continue in use
Not every application requires Internet access.

Not every user needs or is allowed access to the Internet or online email.

Some of where I know this is the case include the following.

Acounting firms, Doctors office, assorted SMBs, schools, children of assorted families, etc.

For these systems the exposure / risk is minimal.

If data files are not moved to these systems, or at minimum receive very high AV attention, the risk is low to their becoming infected.

It is the SAFE thing to say - replace and pay more money and seek the mythical guarantee of being secure (era, Phishing email, Trojans, etc.)

Shoud it be openly scrubed from the planet - NO.

Should the user have a good understanding of their environment and use before continuing to use XP - YES.
anon9798589529
50%
50%
anon9798589529,
User Rank: Apprentice
3/13/2014 | 9:18:27 AM
Re: The issue is no one trusts Microsoft
Michael,

I am a desktop home PC user, with XP. Do I need to buy a new Win 7 computer, or just insure that my anti-virus/malware softwate pruduct is up to date?

 
jagibbons
50%
50%
jagibbons,
User Rank: Ninja
3/13/2014 | 8:05:15 AM
Re: Probably not as serious as is made out.
Excellent suggestions. I would add a disclaimer on Java though. Many educational LMS and e-learning sites still rely heavily on Java to deliver content to students. That may be a limited-case reason to use it, but make sure it's updating regularly on its own.
ianmacdonald
0%
100%
ianmacdonald,
User Rank: Apprentice
3/13/2014 | 5:59:54 AM
Probably not as serious as is made out.
The main security concerns on all Windows versions are those of users being duped into installing rogue software such as fake patches, browser plugins or antivirus programs, and of browser plugins such as Flash or Acrobat which have security holes.

To mitigate the former, bar ordinary users from installing software by making them limited users, or by way of a software restriction policy. 

http://sourceforge.net/projects/softwarepolicy/ may be of help here.

As for browser plugins, remove those which are not actually needed to minimise the attack surface. In reality, only the Flash Player plugin is needed on most computers, the rest can be disabled or removed (including Acrobat/Adobe, surprisingly)  If Sun/Oracle Java is installed, remove that too since it is often used as a secondary attack vector for browser plugin vulns. And no, virtually no webpages use Java these days. Java and Javascript are entirely different.

If remaining on XP you should strongly discourage the use of Internet Explorer, as that will no longer be patched. Install Firefox or an alternative, which is supported by its vendor. 
<<   <   Page 2 / 4   >   >>


Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.