Sebastian Anthony writes that Microsoft is setting an awful precedent by caving and issuing a fix for Windows XP. "Yes, tardy governments and IT administrators can breathe a little easier for a little bit longer," writes Anthony, "and yes, your mom and dad are yet again safe to use their old Windows XP beige box. But to what end? It's just delaying the inevitable." This won't be the only vulnerability found in XP adds Dwight Silverman. "If Microsoft makes an exception now, what about the flaw found after this one? And the next? And the one after that, ad infinitum?" Even though Microsoft has released a patch for the IE flaw, and Windows XP is included, it's time to move on really. "I don't want to hear that tired "if it ain't broke, don't fix it" line. Hey, XP IS broke, and it will just get more so over time. Upgrade to a newer version of Windows, or switch to another modern operating system, such as OS X or Linux."
(Score: 1) by Solaarius on Sunday May 04 2014, @12:00AM
I agree with TFS. Security is a process, not a state. If Microsoft won't be continually upkeeping XP, then they should just let it die and force people to move on to the next thing. I mean XP was launched 13 years ago FFS.
(Score: 4, Interesting) by jackb_guppy on Sunday May 04 2014, @12:30AM
Last saw about 50% machines are still running XP. Microsoft copyright runs out in another 82 years!
1) Krrp fixing the bugs until the % drops below say 10%.
2) Release the source for others to take over.
3) Force upgrade on the users to modern stable linux for that run on their processor grade. Remember Pentium II?
4) Buy the machines back and replace - without cost to user.
Yes, those are hard choices.
Your choice is is like saying my 20yr old car is junk and we all must replace them!
I been playing with a 14 year old computer that still is running WinME on 1.5GB drive 128MB and is Pentium II 200Mhz with single USB1.1 for CDrom and Netowrking. Upgrading to 20GB drive and been trying to find a linux that will run on it. Puppy and DSL both cannot be used because the are not compiled for that old of a CPU.
(Score: 2, Informative) by jackb_guppy on Sunday May 04 2014, @02:15AM
http://ubuntuforums.org/showthread.php?t=1655783 [ubuntuforums.org]
http://ubuntuforums.org/showthread.php?t=2215824 [ubuntuforums.org]
Issue with PAE and new kernals needing "cx8 cmov" - Linux kernals after 2.6.35 required "cx8 cmov"
(Score: 1, Informative) by Anonymous Coward on Sunday May 04 2014, @04:01AM
Last saw
That must have been a REALLY long time ago.
about 50% machines are still running XP
Windoze (ALL versions) currently make up less than 45 percent of user machines. [wikimedia.org]
Windows NT 5.1 and Windows NT 5.2 combined make up less than 8 percent of user machines.
(That's one of the most-visited sites on the web.
If you want to offer alternate figures, try to find a site with an equal or larger sample rate.
If the site that you cite doesn't cook its numbers, that would be good too.)
14 year old computer[...]128MB[...]Pentium II 200Mhz[...]Puppy and DSL both cannot be used because the are not compiled for that old of a CPU
Complete nonsense. [goodbyemicrosoft.net]
I have a Pentium 2 with 128MB that has run Puppy and DSL.
DSL will run on a 486.
The requirement that typically limits a very very old box is lack of CMOV; neither of those distros requires that.
...and the line of demarcation for CMOV is between P1 and Pentium Pro (or between old Pentium M and new Pentium M; Banias/Dothan).
Your box will even run a more complete / more modern distro. [google.com]
I've seen an account of a guy installing antiX in 48MB and running it in 30MB. [googleusercontent.com] (orig) [freeforums.org]
The smart thing to do is to quit using Internet Exploder.
Even better: Find your local Linux Users Group and have them install a distro for you.
-- gewg_
(Score: 3, Insightful) by FatPhil on Sunday May 04 2014, @10:39AM
Those stats are page requests, which is an *almost totally bogus* measurement.
Any browser sitting behind a caching proxy will deflate statistics for its OS (such as pee-cees in a corporate environment).
Any browser which doesn't have a big enough cache (such as a small mobile device like ipads and iphones) will inflate statistics for its OS.
Any browser which does pre-fetching will inflate statistics for its OS.
Any broswer in the hands of someone who's curious and who keeps clicking around will inflate statistics for its OS.
That stat is as absurd as estimate a country's gun ownership by bullet sales.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 3, Insightful) by mcgrew on Sunday May 04 2014, @02:15PM
Windoze (ALL versions) currently make up less than 45 percent of user machines.
XP makes up a quarter of desktops and laptops on the internet. [wikipedia.org] That's a huge potential botnet that Microsoft is creating by dropping support for their buggy OS.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @01:12AM
When XP enters the public domain is when it will be fair for Microsoft to stop supporting it. Or at least when Microsoft releases it to the public under a creative commons license or something.
(Score: 3, Insightful) by githaron on Sunday May 04 2014, @05:45PM
It would be nice if all abandoned software had their source released.
(Score: 2) by marcello_dl on Sunday May 04 2014, @12:28PM
Car analogy ahead.
If I bought a car, worked for 13 years and then died I would say, indeed, time for a new one.
Since the XP car started by being too heavy at the beginning, went on to always require external people to maintain the shortcomings (while the seller assured me it would behave better than the model before) and had never a period longer than a few months while you could drive it without risk, I would say, indeed, never again, and use something else even if it's netbsd on the command line.
(Score: 3, Funny) by Angry Jesus on Sunday May 04 2014, @01:07PM
> If I bought a car, worked for 13 years and then died I would say, indeed, time for a new one.
Why would you need a new a car after you are dead?
BTW, unlike a car, software does not wear out through use.
(Score: 3, Funny) by marcello_dl on Sunday May 04 2014, @03:23PM
> Why would you need a new a car after you are dead?
Given your nickname, I would likely need one that can work in a very hot environment.
(Score: 3, Insightful) by mcgrew on Sunday May 04 2014, @02:20PM
If I bought a car, worked for 13 years and then died I would say, indeed, time for a new one.
New computers came with XP preinstalled seven years ago. I'm driving a twelve year old car and when it breaks, I pay to have it fixed. However, if a dangerous factory defect is found in it, Chrysler will recall it and fix the defect at no cost to me.
Software bugs are factory defects, and security flaws are safety defects that threaten the internet.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 4, Interesting) by Hairyfeet on Sunday May 04 2014, @01:13PM
Sigh, folks that don't remember their history are doomed to read bad articles.
MSFT did THE EXACT SAME THING way back in 06 with WinNT when a bug showed up less than 3 months after WinNT when EOL so this isn't surprising. MSFT knows there are script kiddies that have been rubbing their Cheetos stained fingers together just counting down the days to the EOL of XP so by having a 90 day or so "grace period" it lets MSFT kill those hoarded bugs, which considering the XP holdouts have had 5 years and 3 OSes to choose from? Is damned nice of them and shows they know how malware works IMHO.
As for those that have been sitting on XP because their machine they think is too old to run a newer OS? I have run Win 7 on a 2003 Sempron with 1.2Gb of RAM and it ran fine, and anything made in the last 8 years (which would late Pentium D/Early C2D on the Intel side and Athlon64 X2/Athlon X2 for the AMD side) will run Win 7 very well. in fact I recently had a late 2006 first gen C2D system come through the shop and the only thing it required to run Win 7 was an $8 HD2400 I picked up off of Amazon. I ended up selling it to my landlord who is surfing and running his stock software on it 6 days a week, it just purrs and he keeps talking about how snappy it is.
But here is the cheapest way to upgrade that old power hog P4 into something that wil run Win 7 VERY well, will save you some $$ when it comes to both cost of buying and when it comes to power under full load running 1080P video will lose less than your P4 does when idling. Simply toss the old P4 board for an AMD E350 [amazon.com] and if you have IDE drives simply grab the E350 with a PCI instead of PCIe slot and use a PCI to IDE adapter, this will let you turn pretty much any P4 box, even the ancient 478 power suckers, into a power sipping dual core with hardware acceleration. If you want a quad you can always upgrade to the new Athlon Jaguar [newegg.com] which with a good board will set you back right at $100.
So there really is no reason to stay on XP, you can always run your old XP install in a VM if there is some really old software that you need and if you don't feel you have the "skills" to spend 20 minutes swapping out your board you can easily find a system that will run Win 7 great on CL for around $60, hell you can probably find a Win 7 system on there for less than $100.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by mcgrew on Sunday May 04 2014, @02:24PM
That much memory was only found in a high end machine back then. I have two old towers from that vintage and the most memory either will hold is a gigabyte. Most of those old machines had half a gig or even less.
However, Linux runs fine on them. But most people running XP have never heard of Linux or have any idea what an "operating system" is or does.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Hairyfeet on Monday May 05 2014, @02:00AM
Win 7 will run just fine on 1GB and don't even get me started on Linux, look up "The Hairyfeet Challenge" (which just FYI has been issued for over 5 years and not a single person stepping up to take the challenge) to see why Linux is completely unsuitable for anybody but the 1% that have the skill to debug bash scripts...which is why MSFT could put out a version that is as hated as WinME and Linux gains not a single point.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by mcgrew on Monday May 05 2014, @12:16PM
Win 7 will run just fine on 1GB
Sure, with a brand-new Windows install. This 5 year old Acer notebook runs W7 just fine with only one or two applications running, but if I go to Google News and open all the stories I want to read in tabs this thing comes to a screeching halt with Flash crashing from all the god damned flash advertising. It often takes minutes for it to recover.
Meanwhile, I have a ten year o;d Dell tower still running XP. It had no trouble no matter how many tabs I had open. There's no way it would run W7 without being a total pain in the ass, even with a full 1 meg. Meanwhile, I have a similarly aged and speced HP tower running the latest kubuntu and the thing just flies.
Give me a link to your challenge. I don't expect any non-nerd to be installing any OS whether Windows, Linux, BSD, whatever. But I've installed Linux on normals' computers after they repeatedly get infected and not one had any problem using it.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 0) by Anonymous Coward on Monday May 05 2014, @01:59PM
The best you'll get out of that faggot is hysterical rambling rather than a simple statement of what the challenge is or why it matters. From [0], the challenge is to remove the command line and use a Linux based system for a year. The rationale is that modern, desktop systems do not use the command line. Because the majority of Linux based systems do use the command line, hairyfeet's logic goes, no Linux based system is a desktop OS and is instead a server OS.
[0] https://knowtheworldfacts.wordpress.com/2012/11/29 /is-it-time-for-the-linux-command-line-to-sunset/ [wordpress.com]
(Score: 1) by jackb_guppy on Monday May 05 2014, @04:53PM
My daughters (now 15 and 13) have been using Linux for over 2 years, without the command line. Yes, it is still available, but they do not use it let alone know it there. They use Ubuntu 12.04 LTS. I installed it on their netbooks with single core Atom, 1/2GB of memory and 8G of SSD. I wiped XP after the 4th virus mess. Showed them how to pick their own software. Even helped one, who had a Windows Game that must have -- to install wine...
Since then they: started to use GIMP, figured out to get flash support, Download and installed ray tracing, and generally been have a good time. They are now showing their friends and helping them to cross-over...
(Score: 2) by urza9814 on Monday May 05 2014, @05:30PM
Wait, this is supposed to be comparing Windows to Linux? Shouldn't the challenge then be something that is possible to do in Windows? Going all the way back to Windows 3.1, there was definitely never a stretch as long as a full year in which I didn't use the command-line on a Windows system. Maybe a couple months here and there as the longest stretch. Today I haven't touched Windows at home in years, but I still need to use the command line on my XP laptop at work nearly every day! Even if you're not an advanced user, the first thing the help desk always tells you to do when you call is to open the command-line, so I don't see how there could be anyone in this entire office building who doesn't use the Windows command-line at least once a year, I've even seen people in the freakin' marketing department sitting there with command prompt open...
(Score: 2) by Hairyfeet on Tuesday May 06 2014, @03:02PM
That is NOT the complete hairyfeet challenge, that is a teeny tiny piece that frankly should be the most simple and even then? Good luck getting Linux to pass. See above you for the complete challenge, should take about an hour and a half to two hours using ubuntu, but feel free to use the system of your choice. at the end of the day the Linux drivers WILL be shit upon, with just a 5 years lifecycle the system WILL become completely unusable without having to pay someone like me several times what a Windows license is worth.
Every time you have to go to CLI to fix an issue during the challenge? That is $75 to me, because the typical user doesn't understand bash scripting (which one HAS to understand because 9 times out of 10 the "open up bash and type" shit you are given on your typical forum WILL NOT WORK because it was written for hardware F,rev H and you have hardware F, rev j and Linus made Linux a picky bitch). Every time you boot up from the upgrade and you have no sound, wireless, or video? that will be $75 to me, because the typical user has NO idea how to debug driver issues. Every time you have to Google for fixes? $75...seeing a pattern here?
Saying "Linux is ready for the masses" is like saying "everyone should make their own silverware" because there are people out there with the ability to make their own silverware. the particular skills required to 1.- debug scripts, 2.- troubleshoot failed drivers, 3.- use search engines to identify and track down the source of driver failures, and 4.- apply the information while being able to tweak on the fly any issues that arise is a set of skills 99.995% of the population does not have and the Linux numbers reflect that. Look at netbooks, they were practically designed around Linux hardware requirements yet what happened when MSFT lowered the price of XP, which just FYI was already a version behind and SEVEN YEARS behind the Linux offering? LINUX DIED, nobody took it, the sales dried up and blew away like a fart in the breeze, even though the Linux system were often cheaper and in some cases had better hardware...but why? the answer is simple and its the same reason why Linux netbooks had four times the returns (link available upon request) and that is because its buggy, its hardware support is terrible, and most folks would rather have plug and pray than plug and Google for fixes.
So if you have the skills to admin Linux on the desktop? Good for you, so can I (although I have better things to do with my time) but we are in the less than 1% that have enough IT experience to do so, THIS IS NOT THE NORM and never will be, which is why Linux will never ever, not in a million fricking years EVAR go anywhere on the desktop.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by urza9814 on Tuesday May 06 2014, @06:00PM
Sounds like you haven't used Linux since around 2005...
My mother ran Linux for three years on a Dell netbook. She doesn't know what the command-line is. She doesn't even know what Linux is. I did have to help her set it up by configuring Thunderbird -- the same way I had to configure Outlook on her desktop and the mail app on her iPad -- but otherwise I never touched the thing a single time. I was off at college. I didn't remote in, I didn't support her on the phone, I never heard a single complaint in three years. Pay up.
(Score: 2) by Hairyfeet on Tuesday May 06 2014, @10:32PM
Are we REALLY gonna play the TM game? I guess so so here enjoy your TMs, you used living in the past TM [tmrepository.com] along with Linux for grandmas [tmrepository.com] and you have just a hint of works for me TM [tmrepository.com] and you know WHY I can recreate your ENTIRE ANSWER in NOTHING but TMs? because it is all anecdotal bullshit and if you want to play that game my systems are all windows and I have never had a virus therefor Windows never have viruses...pay up bitch.
So instead of wasting my time with more anecdotal bullshit you nut up or shut up and show us your work. the challenge is right there, is 100% free, easy to reproduce, and there are several 100% free places that will host your video. Be sure to show us your device manager and network manager showing you have it working and hooked via WPA V2 at the start (If you are using ubuntu that would be 7.10) and then upgrade using JUST the GUI (as your grandma would have had to do if you wouldn't have disabled updates, which since you claim you didn't admin her box that is EXACTLY what you did) and at each stage of the upgrade process..remember to keep the video rolling so we can see you don't drop into CLI or Google for fixes on another box!
But you won't do it, instead you'll either throw insults or slink away because YOU KNOW WHAT WILL HAPPEN, we all know what will happen, Linux WILL shit all over its own drivers and it WILL end up a nasty stinking pile of fecal matter...you know this, I know this, hell the FOSSie faction knows this which is why a challenge that takes less than 3 hours, is 100% free, and takes nothing but a bit of a lazy afternoon has stood for FIVE YEARS without a single taker...not one, is the whole community chicken? Nope they aren't comp-letely pants on head retarded and know as well as i do what happens when you try to get Linux to run without all the Googling and open up bash and type [tmrepository.com] Linux falls down and goes BOOM! Not surprising really considering the maladjusted self centered devs that run the show. How many MAJOR pieces have been tossed out in the 6 years you will be simulating? lets see, ALSA for Pulse, Gnome 2 for GnomeSuck and KDE 3 for KDE "ZOMFG look we got pretty like Vista yo!" and that doesn't even consider all the stupid "hey lets change a pointer because it looks better that way" crap going on in the low level guts.
so lets see your video or please don't waste our time with any more worthless anecdotes, okay?
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by Hairyfeet on Tuesday May 06 2014, @03:08PM
That is NOT the challenge, please quit posting that old Link from the Linux loony club, okay FOSSIe? That was from an article on CLI and I challenged them to try living without Bash. THAT IS NOT THE HAIRYFEET CHALLENGE but its sad that you should keep bringing that up since NO LINUX WILL PASS THAT as Linux is such a CLI heavy mess that doing a chmod to the shell so it can't run? will leave pretty much every Linux distro unbootable.
Kinda sad really, like Windows 98 you are completely dependent on some ancient POS underpinning for the entire OS and without it? It all falls down. But why should this be surprising, Linux still uses .INI files and frankly .VXD drivers would be considered high tech to the 1970s UNIX shit that passes for drivers. honestly Linux isn't even up to WinXP level yet, you MIGHT be up to WinNT 4 but no further, after all Win2K could be taken from RTM to final patch without a single driver failure, something Linux can't do in half the time, hence the challenge.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by Hairyfeet on Tuesday May 06 2014, @08:52AM
No problem, Here ya go! [slashdot.org] Sorry I had to use a link to Slash but I REALLY didn't feel the need to type the whole thing out again. The challenge simulates the "typical" (which is frankly giving a BIG advantage to Linux because when I came up with the challenge the typical lifecycle was 5 years, now its closer to 8) lifecycle of your average PC. To reflect the current landscape there are two changes from the original challenge, I'm sure you'll find both logical and fair...
1.- No using LTM because Canonical has posted several times that LTM is NOT for home users, its for businesses, and this is to simulate what a HOME user will go through NOT a business, since businesses have IT people so the challenge would make no sense to test business users (not to mention if we were doing a business test I'd have to cook up some complex Excel and Word files,, come up with some tests for SAMBA VS AD, too much work) and 2.- You HAVE to have a wireless installed, be in PCI or USB or in the case of a laptop built in is fine, and have it connect to the system with WPA V2. I have added this because in the past 5 years I don't think I've run 3 lines in a home, they have ALL gone wireless. As to why WPA V2 that should be obvious, with so many living in apts and tract houses not only can not having security get you pwned by if one of your neighbors is a pedo it might even get you the cops on your door, so running without security in this day and age is unacceptable.
Now there is two ways to do the challenge, if you wanted to take the original challenge (which frankly would better simulate the average lifecycle today) you would take the distro of your choice that was released when Windows Vista [wikipedia.org] was released, which if you were using say Ubuntu (since its supposed to be "user friendly") that would be either 7.04 or 7.10 [wikipedia.org] just depending on whether you'd like to go with the RTM or the public release date for Vista, or if you'd like an easier test you could choose Windows 7 [wikipedia.org] which would make Ubuntu at 9.10 [wikipedia.org].
After that the test is CRAZY simple. When you first install you are the SYSTEM BUILDER, therefor you can use CLI, Google for fixes, whatever you need to do to get (again if you are using Ubuntu) 7.04 or 9.10 running WITH all the hardware up and running including wireless. Once you have it up and running start the camera roling, show in device manager and network manager you are fully functional with a wireless net connection...and this is key, because if it can't do this then frankly any and ALL arguments about Linux being a Windows replacement are moot...upgrade it using ONLY the GUI tools provided by the OS. Be sure to keep the camera rolling the entire process (so everyone can see you didn't bust out the CLI) and then upload the clip of the first install along with every subsequent reboot, making sure to show us the hardware still works and it still surfs, to Youtube. You can always slap the complete video on dropbox if anybody on youtube has any doubts you were able to pull it off.
Good luck friend but I can tell you EXACTLY what will happen, Linux will take a big giant shit all over its own drivers and be an nonfunctional mess by the end. Oh and before a Linux fanboy says "That's not fair, you don't upgrade Windows!" show me a SINGLE distro aimed at consumers that gets 10 years of support WITHOUT having to jump on the clusterfuck that is the Linux upgrade deathmarch? then I'll agree 100%, until then the ONLY way a consumer can get the same amount of support is to deal with the upgrade mess. I have tried this challenge with every major consumer Linux, Ubuntu, PCLOS, Mandriva, hell I even did Fedora one year because a FOSSie swore up and down Fedora would pass...it didn't.
I used to do the challenge every year and post what happened but I got tired of shelling out for all the extra bandwidth only to get told use Distro X [tmrepository.com] which I found the FOSie faction at /. used like a magical "get out of jail free" card. "You tested 7 different distros? Well if you would have used Distro X it would have worked like magic!". Considering that at any one time there are a couple hundred distros on distrowatch? I wasn't gonna play crazy whack a mole.
So good luck, I'll be interested to see if you pull it off.
(Score: 2) by mcgrew on Sunday May 11 2014, @04:56PM
I've been installing various distros with KDE for over ten years; Suse, Mandrake, Mandriva, kubuntu, and the only time I see the CLI is if I forget my password. I install it in non-nerds' computers and they no longer need my support unless they have a hardware problem. Upgrading KDE requires one click of the mouse and a sudo password. Unless the kernel is being updated there are not even any reboots needed.
As to drivers, Linux and Windows are opposite in that respect. With Linux, new equipment will often have driver problems, but if your computer is a few years old it won't have those issues. OTOH I had to upgrade to XP when I lost my driver CDs for my video card and sound chip, and they simply weren't available on the internet; I could only find drivers for XP, but you can be almost certain that a new computer will have Windows drivers for any peripheral you throw in it.
That said, I've run into few driver issues in Linux. Ten years or so ago I bought a fancy Logitech wireless mouse/keyboard combo, and in Linux none of the extra controls worked; they were like stock keyboards. Someone must have ritten drivers because they work fine in kubuntu now. Also, I bought a video card with S-Video out and the S-Video didn't work in Linux. It does now, too.
Maybe I just got lucky.
You're right that many and perhaps most distros aren't suited for the home user, Red Hat for example. If I were running a server I'd probably use it, but not as a desktop or on a laptop.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Hairyfeet on Sunday May 11 2014, @07:55PM
What you wrote? Nothing but anecdotes and while your anecdotes may or may not be true that doesn't change the fact that anecdotes and data are two different things.
The challenge is simple, easy to replicate, and won't cost anything but a few hours of your time on a lazy Sunday. But considering that during the period in question we had both the sound and wireless, as well as the two major DEs be totally gutted? I seriously doubt you'll pull it off. The test has been issued since Windows Vista came out, how many years ago was that? Yet we still have yet to see a single person complete the challenge, not one.
If you want to spend the afternoon writing Linux anecdotes? go right ahead, I can do the same with Windows but it won't actually prove anything, other than we both have anecdotes. I'll be happy to take the next box that walks through the shop, slap Vista or Win 7 RTM and update to current and post the video of it all working although frankly I shouldn't have to as the odds of driver failure are pretty much nil, that is not and as long as Torvalds is in charge never will be the case for Linux. If you are so sure you can do it I will be happy to view the video.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by mcgrew on Sunday May 04 2014, @02:08PM
I don't. Brand new computers were sold with XP preinstalled just seven years ago. Chevy is recalling ten year old and older cars for safety defects. Bugs in code are defects and security flaws that arise from XP's buggy code endangers the internet.
The hardware should NEVER outlast the operating system. When only a small number of computers on the internet are running XP, then they can drop support, but a minute earlier is incredibly irresponsible, as irresponsible as Ford was to not fix Pinto gas tanks and Chevy not fixing the ignition switch.
I can no more expect an auto mechanic to be able to secure a computer than I can expect you to be able to change a crankshaft. It's the software developer's responsibility to ensure that his code is safe.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 5, Interesting) by Angry Jesus on Sunday May 04 2014, @12:19AM
The article acknowledges that Microsoft actually patched Internet Explorer, not XP, but doesn't recognize the significance of that fact.
Fixing security flaws in IE regardless of platform is the smart, self-interested, move for Microsoft because it is much easier to switch to a new, free and supported browser like Firefox or Chrome than it is to pay for and then switch to a new version of Windows. If they didn't patch IE on XP, the result would be a mass migration away from IE. XP still has about 30% of the installed base [zdnet.com] if roughly half of them are still using IE (educated guess), that's a lot of IE users that they could lose over this incident. For that reason, I predict that MS will continue to issue patches for major security flaws in IE on XP for the foreseeable future, but not for XP itself.
(Score: 3, Interesting) by joekiser on Sunday May 04 2014, @12:29AM
Agreed. Every local news station I've heard describe the flaw has told people explicitly not to use Internet Explorer, but to use Chrome or Firefox instead. These aren't tech sites, (one news station referred to Firefox and Chrome as ISPs), these are the same people that report celebrity gossip as news along with the weather and current events. This flaw (and the solution to not use Internet Explorer) has permeated the daily conversation of the technical illiterate, to a larger degree than the Heartbleed thing. No idea why. One friend who works with the IRS told me that they were advised to use Firefox. Microsoft is in damage control mode.
Debt is the currency of slaves.
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @01:50AM
It is jaw dropping to see how this whole game is playing out.
Like watching Superman break his back and Louis Lane dumpster diving at airports.
(Score: 4, Informative) by tomp on Sunday May 04 2014, @01:30AM
Wait a sec. I swear I recall a senior MS exec telling a U.S. court that IE was not a separate product from XP. Didn't Microsoft event present a video in court, clearly showing that XP wouldn't work right if IE was removed?
Patching XP is exactly what they did. MS blinked and everyone noticed.
(Score: 4, Interesting) by tibman on Sunday May 04 2014, @02:34AM
Just today i had to restart my Windows 7 box because IE 11 had a security update. Yes, that's right. A full OS reboot because the browser updated : /
SN won't survive on lurkers alone. Write comments.
(Score: 1, Informative) by Anonymous Coward on Sunday May 04 2014, @03:29AM
Just today i had to restart my Windows 7 box because IE 11 had a security update. Yes, that's right. A full OS reboot because the browser updated : /
-------------
Windows has always had that problem, it isn't just the browser, lots of software wants a reboot after an install or update.
(Score: 3, Informative) by CastIronStove on Sunday May 04 2014, @02:37PM
Having to reboot Windows after an IE update is an unfortunate byproduct of new(er) development practices clashing with historical compatibility. Microsoft implemented Trident, the layout engine backing Internet Explorer, as a COM interface exposing software component. This facilitates opaque reuse, allowing third party developers to embed a web browser in their applications and allowing Microsoft to use the browser component in non-IE contexts. Consequently, the files backing the Trident component are often in use, even if IE itself is not open.
Windows' approach to file-locking, which ultimately descends from the MS-DOS approach, prevents applications from overwriting open files. If a patch determines that a file it is updating is in use, it registers that file with a process that performs file replacement during boot.
(Score: 3, Informative) by Tork on Sunday May 04 2014, @07:24AM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 1) by iwoloschin on Sunday May 04 2014, @11:24AM
Easy to switch from IE? In what world?
I've got a rMBP at work, which is great for almost all things. Except for the handful of internal corporate websites that require IE. Which requires me to run a VM just to use IE. It's pretty spectacular in terms of "how can we be the most wasteful ever?" To be fair, for everything else I can use almost whatever I want...though I can't say I've tried Lynx in a while.
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @12:19AM
No, the concept of humans doing whatever they can to fuck each other
over is broke.
Why can't we have nice things?
(Score: 2) by c0lo on Sunday May 04 2014, @06:16AM
Unicorns, rainbows and fluffy kittens/puppies become boring after a while.
Interest in monster trucks may last longer (and the interest one pays for a mortgage is absolutely killing, a thing worth to live for! -grin-)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @07:11PM
when it comes to operatingsystems I must say I prefer boring ones.
the less "sexy" the better.
While I still like unicorns, rainbows and fluffy kittens/puppies, and never liked trucks I don't think I want mix in either of them into the operating system I use. :-)
And I would certainly prefer to swap planet more often than operatingsystem
The same thing goes for my hammer.
(Score: 1) by Mesa Mike on Sunday May 04 2014, @12:35AM
... at least not until the network Nazis where I work insisted on installing all the institutional spyware and whatnot.
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @12:38AM
OS: Closed
Updated Blobs: Closed
Who really knows wtf is going on when you're using their OS.
It's One Microsoft Way, Baby.
(Score: 3, Interesting) by Lagg on Sunday May 04 2014, @12:40AM
These recent articles about exceptions Microsoft makes in their stuff isn't new. They've been doing this for years and years. You know how horrible, bloated and crufty the windows API is? It wasn't like that before and the bloat NT itself has wasn't like that before either. From what I've seen it used to be reasonable. Or at least as reasonable as Windows can go. Then much like X11 they introduce this policy to only add things and never remove them because of backwards compatibility and predictably things built up and got nastier and nastier. They've been caving to this sort of thing since before XP even existed. It's just that people are now noticing it and saying "Wait. Cut it out.".
and that's good.
http://lagg.me [lagg.me] 🗿
(Score: 3, Interesting) by jim302 on Sunday May 04 2014, @12:40AM
My somewhat selfish reason for agreeing with the article is that I told everyone on XP that they should upgrade since these vulnerabilities won't be patched going forward. When Microsoft patches them anyways, it makes people feel like they wasted their money, and as a result they are less likely to take my advice going forward. It also makes it hard to convince people who still have XP systems that they still need to upgrade.
Love them or hate them, Microsoft has done a very good job of supporting XP for way longer than they had to. Support has to end at some point... they can't be expected to keep supporting it forever.
On the other hand, unpatched PCs just become part of the zombie army, spreading even more malware, spam, DDoS attacks, and other unpleasant things across the Internet. Therefore, patching vulnerabilities that are easy to exploit will make things better for everyone whether they use Windows XP or not. They already have the patches for paying customers, so it isn't like they are going through any special effort.
(Score: 1) by hendrikboom on Sunday May 04 2014, @01:00PM
It's not about protecting the people running XP.
It's about protecting the others who are attacked by zombie XP machines.
And I suppose IE is one of the attack targets for zombie masters.
This is why I approve the update.
But what Microsoft's reasons for offering the upgrade are I don't know.
(Score: 2) by mcgrew on Sunday May 04 2014, @04:15PM
But what Microsoft's reasons for offering the upgrade are I don't know.
It's simple; governments around the world were telling everyone not to use IE. Not patching it would have been devastating to their IE wing.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by mcgrew on Sunday May 04 2014, @04:12PM
Love them or hate them, Microsoft has done a very good job of supporting XP for way longer than they had to. Support has to end at some point
I don't agree with "way longer than they had to". New computers were being shipped with it just seven years ago, and a quarter of all desktops and laptops on the internet run it. Yes, support has to end at some point but we're nowhere near that point yet. When the numbers are under 5% it will be safe to end support, but 26% of desktops and laptops is a pretty damned big botnet.
IMO Microsoft is acting almost as irresponsibly as Ford with the Pinto gas tanks and Chevy with the ignition switches.
I've been helping friends with XP out by installing kubuntu dual-boot and removing the network components from Windows. Kind of hard to get a virus or trojan if you're not on the network. But most non-nerds have no clue what to do about the situation except landfill perfectly working machinery and waste money replacing it -- if they have the money. Many of those XP computers were given to the poor.
Microsoft is as sociopathic as any corporation; that's the nature of corporations. The love of money is the root of all evil. We nerds need to stop apologizing for their sociopathic behavior and hold their feet to the fire. Don't let these billionaires get away with their psychopathology.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 1) by meisterister on Monday May 05 2014, @12:06AM
It wasn't even seven. There were still a few new netbooks running XP as recently as 2008 and 2009. Not only that, but Microsoft was still selling volume licenses as recently as 2010 (My school bought at least twenty copies for Parallels).
(May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
(Score: 2, Interesting) by Anonymous Coward on Sunday May 04 2014, @03:32AM
Easy. Everyone already knew about this vulnerability. If only the NSA knew, they wouldn't have cared in the slightest - and they probably do know full well about other XP vulnerabilities that the NSA would not be able to exploit if everyone was forced to immediately move away or disconnect XP boxes due to the massive exposure of this hole.
No, they don't mind people continuing to use XP and thinking "there's no major exploits yet, I'm safe for now". I wonder how much the US government secretly paid MS to patch this.
(Score: 3, Informative) by krishnoid on Sunday May 04 2014, @04:57AM
After all, XP is now at least two operating system revisions old. People have had a chance to migrate and firmly plant their feet on Vista, and then eventually move on to (the very reliable, IME) Windows 7 after that, and then repeat the process with Windows 8.
Or perhaps I'm being disingenuous about why people have not already moved away from XP?
(Score: 1, Interesting) by Anonymous Coward on Sunday May 04 2014, @05:07AM
I did step away after w2k ... all the way to Linux ... and lately it has been Linux and OS X
(Score: 1) by Magic Oddball on Sunday May 04 2014, @09:54AM
The main reason I'm aware of is the same one that made me move to Linux: a lot of computers sold for well over $1k only a year or two before Vista's release turned out to have integrated hardware MS had blacklisted. My own two 1.5-year-old laptops' integrated graphics was on the list, and yet they're perfectly capable of displaying all of Vista's effects plus quite a few in KDE 4.
The main reasons people don't upgrade the hardware in that case:
1) They can't afford to spend any money unless it's a necessity.
2) Their current system can do what they want it to at a comfortable speed, and they dislike the idea of throwing a fully-functional computer that meets their needs.
3) They're barely computer-literate, so they find new OS environments totally confusing and have no idea what to buy or how much to pay for it.
The first two groups can switch to Linux if they have enough technical ability to figure it all out on their own, since chances are they don't have someone else to help out. (The problem is that mainstream reviews are rarely unbiased, so those people are likely to assume Linux couldn't possibly be a viable option.) So there's a very good chance that most of them will stick with their now-unpatched XP boxes right alongside the third group, and will invariably infect them at some point even if being careful.
From what I've been seeing, Microsoft is already going to be producing WinXP patches/updates for its governmental clients. It seems like releasing that work as officially unsupported could be a very smart PR move in their fight against Google for dominance. All they'd have to do is say they had decided to share their efforts in order to protect the Internet as well as the people/schools unable to replace their computers, and then draw a parallel with Google allowing carriers/manufacturers to leave countless Android devices vulnerable due to lack of updates.
(Score: 2) by mcgrew on Sunday May 04 2014, @04:23PM
They're barely computer-literate, so they find new OS environments totally confusing and have no idea what to buy or how much to pay for it.
I've not found that to be the case. Switching from XP to KDE is far less an environmental change than any version of Windows to any other version. The reason they're not installing Linux is because first, few have even heard of it and second, those who have have been scared off by the lie that Linux is hard to install and use. The truth is, every Linux distro I've tried was easier to install than any version of Windows I've installed, and Linux is far more useable and has far more features than Windows. Normals I've installed it for had no problem using it. I've had Linux notebooks in the bar and people would see it and ask what version of Windows it was.
I completely agree with the rest of your comment.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 1, Interesting) by Anonymous Coward on Sunday May 04 2014, @06:07AM
If, like me, you find the Windows NT6 GUI designs to be unbearable garbage and you prefer to stay on Windows XP for quite a while longer,
...add every hard drive letter on your computer as a folder item.
' and copy the list into your HOSTS file.
...stop/disable all unnecessary items---(refer to some online guides).
...ie, avoid setupEXE installers as much as possible; question everything which wants to touch the registry.
...discipline yourself to do this !!!
/S /Q C:' from command propmt !!!!! heh heh my Desktop was persisting only in Memory; navigating to C:\WINDOWS and having a look at what filesystem objects were remaining was interesting. My next shutdown was going to be THE END ...heh heh.
here are some personal tips:
Install 3rd-party-soft 'Process Hacker' and allow it to install its kernel driver and to replace 'Windows Task Manager' as system default.
Install 3rd-party-soft 'Sygate Personal Firewall Pro 5.6.3408' and replace 'Windows Firewall' as system default---(easily found via Torrents).
Install 3rd-party-soft 'Sandboxie 3.58', last version working 100% perfect on XP systems---(easily found via Torrents).
Create a new sandbox for Sandboxie and name it something like 'SystemUntrusted'.
At settings for this sandbox: 'Applications->Web Browser->Internet Explorer' check the item 'Force Internet Explorer to run in this sandbox'.
At settings for this sandbox: 'Recovery->Quick Recovery'
Go to web address 'www.angelfire.com/comics2/fatboy9175/MShosts.txt
Go to 'Start->Run->services.msc' and configure all services
Try to run as many programs in 'portable mode' as you can
Frequently open 'Process Hacker' window and observe the real-time process and network activity on your system
---
BTW, the author of the article discussed here can go fuck himself; he's just another scaremongering populist cunt who has no interest in passing on technical enlightenment and teaching you how to be a fisherman; him and his buddy's are the only fishermen allowed in this pond; you and me are just little fishies expected to bite on anything presented in front of our faces.
In my opinion, learning to fuck up your operating sytem and recover your data is an interesting technical exercise; there is no need for panic.
As an exercise, I once ran the command 'RD
If some malware decided to fuck with my system, I would view it as an interesting experience. The first thing I would do is boot into a Live WinPE BootCD and run a filesystem search tool such as 'Everything.exe' and filter all on C: drive by Date Modified. I would then inspect interesting targets inside diagnostic tools like 'OllyDbg disassembler', 'BinText', 'HxD hex editor', 'Dependency Walker', etc.
If removal steps were not straightforward, I would just go out and buy another hard drive, reinstall a fresh Windows XP onto it and then reapply all my tweaks. I would then mount the old hard drive via USB as a data drive and copy out any shit I wanted to keep. I would then run the tool 'Parted Magic' on the old drive and completely format the drive back to emptiness.
My advice if you choose to stay on the Windows platform; just treat it as one big technical joke and kick it in the fucking head however you like; otherwise start a Linux migration plan and donate money/finance projects which you want to see happen and show respect to all which came before you and learn to give with the same amount of energy as you take.
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @01:00PM
"My advice if you choose to stay on the Windows platform; just treat it as one big technical joke and kick it in the fucking head however you like;"
THAT was awesome sir! have you considered a job as a shrink for "IT professionals"? I totally think you could "shrink" some worries and egos : )
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @07:36AM
Free Yourself from Microsoft and the NSA - Learn Linux and Libre Office - step-by-step guide [freeyourse...thensa.org]
(Score: 1, Insightful) by Anonymous Coward on Sunday May 04 2014, @12:54PM
and what makes you so sure said companies are not somehow exploiting said software?
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @06:49PM
why are some so bent on forcing other people to get new version all the time?
While you can argue that WinXP should have been this bugfree at the beginning the first day it was first sold and microsoft should continue to fix their bugs without the heavy price they started with now, I feel it strange where the hate of all non-new comes from... "Lets kill all things that is more than 10 year old!" your computer is old get a new one! you house is old get a new one! you are old get a... are you enough "modern" my friend?
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @06:52PM
I understand why people don't use linux.. where 3 years can be called "long time support" and you must use programs compiled for just your year model