Jump to content

Redundant MS Notification about XP EOS?


JorgeA

Recommended Posts

This is how I'm bringing this back on-topic, more or less: smile.png

Thanks for the info. I note the age of your version of Ubuntu. People can complain about XP going EOS, but one thing that gives me pause about making the switch to Linux in the wake of the Windows 8 fiasco, is that the support cycle for Linux is even shorter (way shorter) than for almost any version of Windows. What the Linux folks call "long term" support is what, like three years? Compared to that, Microsoft does a vastly better job of continuing to support previous versions of its operating systems.

Talk about the upgrade treadmill... The first direct experience I had with this was last year when one day (on Patch Tuesday, as it happened) I went to get updates for Zorin OS 5.2 and the server seemed to have been shut down. That's when I first thought, "Uh-oh, if I change over to Linux but want to receive the latest security and functionality fixes, am I really going to have to re-do my PC from scratch every couple of years?? Gimme a break!" Heck, my Vista system has been supported for five years now (ever since I bought the computer, a couple of years into Vista's life) and even after all these moons the time remaining on its support is about the same as that of a Linux "L"TS.

I just did a Web search for Zorin OS and I see that they're already up to version 8. Sheesh.

--JorgeA

Valid point on the upgrade cycle. I think Ubuntu goes 5 yrs on the LTS version for security updates. I also have problems with upgrading every time I turn around, which I guess is somewhat obvious with versions being used. Personally, I have thought that all the upgrades and security patches on any OS have been more trouble than they are worth, but I had far less issues with Linux security patches than with Windows. But, I don't run all over the internet on a click fest either.

I am also always behind a router, too. So, I would guess that my exposure front is limited compared to someone that connects directly.

I have not done it, but will when I do upgrade, but if you create a separate partition for your home directory, you supposedly have a much easier time upgrading as all your settings are saved in your home directory. We have all done the somewhat the same thing with Windows, by installing the OS in a partition and then putting all the data on different partition.

I agree, updating every three years is far to quick, I like ten to twenty year cycle myself. :whistle:

bpalone

Link to comment
Share on other sites


Windows updates will be one thing I won't be missing, because they've indeed brought more trouble than they are worth. My main Windows XP SP1 system installed in 2008 is still working well. It was originally installed on an USB drive with some modifications, and then transferred. After I upgraded my processor, I never re-installed, but merely changed the HAL.

Updates needlessly interfere with a working system. Occasionally they need research and advanced knowledge (more than I have). Some things that come to mind: tcpip.sys with the imposed half-open limit (before you think P2P, it's enough to transfer "small" files over FTP to set it off), unstable network adapter drivers pulled from Windows Update, installation of unneeded IPv6 which interferes with local DNS resolution, the Event Log filled with messages from HHCTRL every time a CHM file is browsed (by the time I trust a CHM file, I've trusted the exe it came with already).

I just faced all these isues when dealing with this SP3 PC here.

I'm sometimes in an online chat and the other party is telling me that they'll go for a reboot, because a batch of Windows Updates are demanding so. That's completely unacceptable to have my PC hostage, and rebooting at somebodys else's request. (I think there is probably a choice to postpone it, but even so.)

I see these very chatty updates a method to pre-condition users into thinking they can't survive without them.

My PC is also behind a router, and has always been.

I have not done it, but will when I do upgrade, but if you create a separate partition for your home directory, you supposedly have a much easier time upgrading as all your settings are saved in your home directory. We have all done the somewhat the same thing with Windows, by installing the OS in a partition and then putting all the data on different partition.

I agree that this is the right setup, and I implement it on all my PC installations. It helps if the OS is reinstalled. But it hardly helps in updating, because every new Windows version is taking up more or much more space. The bigger is better. If the System partition would fit a new OS, the hard drive wasn't used efficiently before. My Win98 partition: 1 GB (Win2k would fit there), WinXP - between 3 GB and 8 GB. No way to put Vista on there.

When talking about "upgrading" instead of reinstalling, apparently NT 6.3 upgrade installer doesn't "support" such a customized system at all.

Link to comment
Share on other sites

Valid point on the upgrade cycle. I think Ubuntu goes 5 yrs on the LTS version for security updates. I also have problems with upgrading every time I turn around, which I guess is somewhat obvious with versions being used. Personally, I have thought that all the upgrades and security patches on any OS have been more trouble than they are worth, but I had far less issues with Linux security patches than with Windows. But, I don't run all over the internet on a click fest either.

That's intriguing. I guess that the risk-reward ratio would depend on one's assessment of the chances of getting stung by unpatched vulnerabilities? Dang, I wish there were hard numbers on how many PCs are actually harmed by some of these esoteric-sounding vulns.

I agree, updating every three years is far to quick, I like ten to twenty year cycle myself. :whistle:

:lol:

--JorgeA

Link to comment
Share on other sites

The folks at Windows Weekly point out that the impending XP EOS creates a new opportunity for scams (this excerpt takes off from a discussion of XP-based medical devices at 1:18:38, but you might want to start a couple of minutes earlier for context):

LL: ...It's fine, don't plug it into the Internet, it's gonna continue to work just fine. The minute you plug it into the Internet, you will be hacked on April 9 going forward. You will be hacked.

PT: You think it's that serious?

LL: Paul, how many Windows XP machines are out there -- what is it, you said --

PT: 400 million-something.

LL: 400 million. <using fake Slavic accent> Hallo, my name is Boris the Hacker. I have in my pocket right now --

PT: Actually, that could be the new e-mail scam. It's like, you know, "Windows XP is no longer supported but if you install our security suite" --

LL: <laughing> There's a good one! Hey, nice thinking, I like that.

PT: "You activate against our servers in Romania and you'll be up and running" --

LL: "You'll be running. We activate all Windows XP versions."

--JorgeA

Link to comment
Share on other sites

The folks at Windows Weekly point out that the impending XP EOS creates a new opportunity for scams (this excerpt takes off from a discussion of XP-based medical devices at 1:18:38, but you might want to start a couple of minutes earlier for context):

LL: ...It's fine, don't plug it into the Internet, it's gonna continue to work just fine. The minute you plug it into the Internet, you will be hacked on April 9 going forward. You will be hacked.

PT: You think it's that serious?

LL: Paul, how many Windows XP machines are out there -- what is it, you said --

PT: 400 million-something.

LL: 400 million. <using fake Slavic accent> Hallo, my name is Boris the Hacker. I have in my pocket right now --

PT: Actually, that could be the new e-mail scam. It's like, you know, "Windows XP is no longer supported but if you install our security suite" --

LL: <laughing> There's a good one! Hey, nice thinking, I like that.

PT: "You activate against our servers in Romania and you'll be up and running" --

LL: "You'll be running. We activate all Windows XP versions."

--JorgeA

What all these folks miss, is that the nefarious hackers operate just like a business. An unmarketed or unsold/unused exploit is money setting wasting away. They must generate revenue in order to continue to function, just like a legitimate business. So, they are not going to sit on a bunch of exploits waiting for the number of potential victims to decrease. They will be getting their nickels worth while the getting is still as good as it gets.

Also, any R&D will be being spent on the newer versions of Windows, as that holds the most potential down the road. Now, they may test something from there against an older OS just to see if it works there too. But, their main target will be the newer versions. It's an effort versus reward type of thing.

So... for all those FUD slingers saying that the hackers are just waiting and are going to have a hey day, I say HOG WASH. Now, I will concede that maybe someone has just within the last 30 days or so, has come across the KILLER NT exploit. Then, maybe they might wait, as it would possibly make the opportunity window a bit sweeter. But, I highly doubt it.

I really can't believe that the so called experts are actually helping spread this FUD. But, then again, MS might be buttering one side of their toast.

bpalone

edit typo

Edited by bpalone
Link to comment
Share on other sites

I really can't believe that the so called experts are actually helping spread this FUD.

Well, I can :yes::

http://www.dedoimedo.com/computers/experts.html

:lol:

But, then again, MS might be buttering one side of their toast.

... and that's EXACTLY the side on which it will fall ;), and now, for NO apparent reason, antigravitory cats:

http://uncyclopedia.wikia.com/wiki/Murphy's_law_application_for_antigravitatory_cats

jaclaz

Link to comment
Share on other sites

Of course we are using the way-ahead-machine again, since the article is dated August 18, 2017, 13:33!! :w00t:

Sure :), and using the actual wayback machine, we have proof that it has been published before May 1, 2007 (with an initial "set" date of August 18, 2009):

https://web.archive.org/web/20070501183102/http://www.dedoimedo.com/computers/experts.html

but it is still actual, particularly in the part ;):

Windows users are also advised to update from their stable version of XP to the latest Windows Vista, which offers as much as 50% reduction in performance.

jaclaz

Link to comment
Share on other sites

buttering one side of their toast.

Off topic but the buttered side of toast doesn't fall that side down, but up instead http://www.discovery.com/tv-shows/mythbusters/videos/buttered-toast-minimyth.htm .

Sure :), that's what happens when a home made robot arm lets them fall vertically from the roof of a one-storey building. :yes:

JFYI:

http://www.schoolfreeware.com/Why_Does_Bread_Land_Butter_Side_Down_Page_1.html

Among the references, a more common scenario makes it a 6 out of 6:

http://www.thenakedscientists.com/HTML/content/kitchenscience/exp/butter-side-down/

Robert Matthews won an Ig Noble Prize in 1996 for his research:

https://web.archive.org/web/19990117001743/http://ourworld.compuserve.com/homepages/rajm/toast.htm

And there are several follow-ups and experiments in the same direction, a few examples:

http://kdf.mff.cuni.cz/~janek/pocitace/falling_bread.pdf

http://www.improbable.com/2012/12/24/tumbling-toast-the-maths/

https://docs.google.com/viewer?a=v&q=cache:lRgkC4FahuYJ:physik.uni-graz.at/~cad/Lehre/presentation_05/Krenn_Drucklayout.pdf+%22tumbling+toast+problem%22&hl=en&gl=sh&pid=bl&srcid=ADGEESioINknBvcrA2VJXWHgzSifdlsST7CyOgtuIJ3bSLOOTyIaHs_NPRdFgOui5XbYz6VuaeqEB99jjsfES3FVd2yf79eJpcMuPj2V4Ye5GFPDAKYOZvEgao7SoMkFGWW8fOMKIQne&sig=AHIEtbRdffCKk6zCWTqDDeD_xJ_KbAroig

jaclaz

Why yes, but I didnt clarify my self enough. I was trying to say it was not the butter that made it fall butter down, but physics.

Edit removed Video in quote cause it made post overly large. Also sorry if I wasn't clear in what I meant. I'm still working on my writing issues.

The toast then rotates. Given that tables are usually between two to six feet (0.7 to 2 meters), there is enough time for the toast to rotate about one-half of a turn, and thus lands upside down relative to its original position. Since the original position is usually butter-side up, the toast lands butter-side down. However, if the table is over 10 feet (3 meters) tall, the toast will rotate a full 360 degrees, and thus land butter-side up. Also, if the toast travels horizontally at over 3.6 miles per hour (1.6 m/s), the toast will not rotate enough to land butter-side down. In fact, the phenomenon is caused by fundamental physical constants. ---- http://goo.gl/oslGZV

Edited by Flasche
Link to comment
Share on other sites

Yep, as Roland Krenn perfectly put in his conclusions :yes::

Because of the values of the fundamental constants in our universe, all human like organisms are destined to experience the ‚tumbling toast‘ manifestation of Murphy‘s law.

jaclaz

Link to comment
Share on other sites

What all these folks miss, is that the nefarious hackers operate just like a business. An unmarketed or unsold/unused exploit is money setting wasting away. They must generate revenue in order to continue to function, just like a legitimate business. So, they are not going to sit on a bunch of exploits waiting for the number of potential victims to decrease. They will be getting their nickels worth while the getting is still as good as it gets.

Also, any R&D will be being spent on the newer versions of Windows, as that holds the most potential down the road. Now, they may test something from there against an older OS just to see if it works there too. But, their main target will be the newer versions. It's an effort versus reward type of thing.

So... for all those FUD slingers saying that the hackers are just waiting and are going to have a hey day, I say HOG WASH. Now, I will concede that maybe someone has just within the last 30 days or so, has come across the KILLER NT exploit. Then, maybe they might wait, as it would possibly make the opportunity window a bit sweeter. But, I highly doubt it.

I really can't believe that the so called experts are actually helping spread this FUD. But, then again, MS might be buttering one side of their toast.

That's a way to look at it that I (and probably a lot of other people) hadn't considered. Instead of waiting until XP patches stop coming out, you're saying that it's still worth it for malware writers to release their exploits before April 8. There is sense in this, because the way Microsoft's cycle works the bad guys would still get several weeks' head start on the exploit.

That said, I'd like to suggest that MSFT could win a lot of postiive publicity by continuing to issue sporadic patches for XP at random times for an indeterminate period. Any hackers who think it's clear sailing from here on out as of 4/8 could be presented with a disappointing surprise. That could discourage the production of new XP exploits and help keep the OS safer on top of the factor of diminishing expected returns as people move off XP (although paradoxically it would serve to mitigate those diminishing returns if it encouraged users to stay on XP). But the main purpose would be to counter some of the negativity they've been getting as a result of abandoning an otherwise fine and working OS.

--JorgeA

Edited by JorgeA
Link to comment
Share on other sites

That's a way to look at it that I (and probably a lot of other people) hadn't considered. Instead of waiting until XP patches stop coming out, you're saying that it's still worth it for malware writers to release their exploits before April 8. There is sense in this, because the way Microsoft's cycle works the bad guys would still get several weeks' head start on the exploit.

Well, basically any new exploit being brought forth is probably a result of effort being spent looking for ways into Vista, Windows 7 or Windows 8, not being specifically targeted at XP. They just get lucky, in the fact that some common code base goes back to earlier versions. Think of it as if you yourself were fixing to bring forth a product, would you want to be spending your time and money developing for a SHRINKING market? Would you really want to spend several hundred thousand dollars developing a a better buggy whip today? Last time, I checked there is a VERY LIMITED market for buggy whips.

The days of people getting into a system to just have bragging rights are pretty much over. These days it is done to generate revenue, even though illegally, still to generate a revenue stream. From what I have read, and connecting the dots, most of the malware is developed and then sold to someone that wants to use the exploit. The authors are only selling software for illicit purposes, of course, but just selling software. So, if the potential targets of that software is decreasing, why would they want to spend time finding new ways into a shrinking pool of victims?

bpalone

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...