Windows XP Security Issues: Fact Vs. Fiction
http://www.informationweek.com/software/operating-systems/windows-xp-security-issues-fact-vs-fiction/d/d-id/1127643Miller agreed. "Antivirus simply cannot protect you from every kind of attack," he said in a January blog post, comparing XP to a "rotting wooden boat."
XP poses a threat, not only to conventional PC users, but also to a variety of industrial systems, ATMs, and healthcare products. A February report by the SAN Institute identified Windows XP's prominence as a potential liability in the healthcare industry, for example. The OS also reportedly supports the majority of the world's ATMs, and Michael Assante, former VP and security chief for the North American Electric Reliability Corporation, told The Wall Street Journal that XP workstations are used in virtually all electric and gas utilities in the United States.
With such systems, "the issue is really: How connected are they to the public Internet, and how locked down are they?" Silver noted. He said single-application machines should be locked down to begin with, which will "hopefully make them less vulnerable."
Here is the official blog post for the curious:
http://blogs.technet.com/b/mmpc/archive/2014/01/15/microsoft-antimalware-support-for-windows-xp.aspx
hlthe2b
(102,360 posts)But, I need XP for some very very expensive statistical software I can not afford to upgrade to a WIN 7 or 8 version.
Microsoft is really going to lose corporate clients the next few years, I think. If I were in charge of a small company that had gotten by just fine with WINXP, I can't really see me going to WIN 8 over Linux, especially if that meant replacing every single computer (as it likely will).
hobbit709
(41,694 posts)The main problem is the ID ten T error.
On my personal XP machine, I use 10 of the 200+ patches and don't have any problem. Of course I don't use Internet ExploDer, Outhouse Distress and other M$ applications. I go to a lot of what could be considered dangerous sites just to keep up with they are doing and have no problem. But I don't click on just anything either.
jtuck004
(15,882 posts)One other thing you might think about. There is software such as VirtualBox which you can run on top of your OS (Linux or Win 7 or 8, though I would stay with Win 7 unless I had another reason to run 8) because it lets you run other operating systems concurrently on the same box, on a different network. There are other choices but this is without further out of pocket cost, and it works pretty well. I have Win 7 and 8 and XP and another Linux on this box, all able to spin up simultaneously, so it is kind of handy. There are other options but this one works, it's relatively easy to use, and there are a lot of users and an IRC channel if you need to figure something out.
https://www.virtualbox.org/
https://www.virtualbox.org/wiki/Downloads
Find an empty machine, install Linux or Win 7, do your updates, then install VirtualBox. You then create one or more "virtual machines", and into one of those a new install of XP. While still in it's default mode you install all the updates, and Security Essentials (which they are going to continue to update for a year or so, if Security Essentials is installed by 4/8/14). Then your stat package, and any updates it needs.
Then you create a new "virtual switch" inside VirtualBox (sounds harder than it is, trivial after the first time or two) and connect the new virtual OS to that. Then it can run on that box, communicate with that box, but not communicate with the outside.
So you can run your stat package, on XP, on a more secure machine. XP will still be a problem if you connect it to the network, but if keep it on a private address (192.n.n.n or something that is not routed onto the Internet), and don't browse to anyplace except MSfor the updates, you will be reasonably secure.
Periodically you can restart, swap your "virtual switches" and download any new updates, then switch it back.
The other nice thing is that it creates its own "vdi" file, an image which you can backup after you get it set up how you want. Anytime you need a fresh install, just copy that vdi file back onto the machine, and tell VirtualBox to spin it up. Poof, just like day 1 again, then you just install any new updates there are for Security Essentials.
Anyway, it's another option for you.
hlthe2b
(102,360 posts)jtuck004
(15,882 posts)just a little fyi.
Virtual machines don't work on all machines, and the older the less likely.
What they specifically need is a processor that has virtual capability.
If available, you want to enable, or make sure they are enabled, Intel VT-x or AMD-V virtualization hardware extensions in the BIOS.
There is plenty of web reference material on this, but depending on your processor it may look like:
Intel VT-d
AMD IOMMU
Easy to find help googling "virtual server intel bios" or something, and VirtualBox has docs.
Linux QEMU will do this, and with an extension will do it without those settings, but slower, and, frankly, a bit more of a pain to set up.
QEMU runs a bit faster in many cases, but in my experience most users don't see the difference, and there is less pain with VirtualBox.
You said you had several machines which may be handy. I wouldn't recommend trying this on older machines without that capability in the processor, unless the crawl doesn't bother you. I run multiple servers and machines on $200 Lenovo T400 laptops from ebay (plus 8gb memory and another drive for an added $150 or so), and they run well for desktops or handling server tasks. And I would rather pay $350 than suffer like that
hlthe2b
(102,360 posts)is actually new enough that the MS 8 upgrade (per the MS upgrade analysis app I downloaded) would likely work with most of the extensions and applications--even though I have no intention of doing so.
A question though. I invested in a stand alone copy of Win XP a while back, thinking I might do this kind of thing with a MAC one day... Should I go out there and try to download all the updates or will those likely be available for the indefinite future (specifically SP3)?
jtuck004
(15,882 posts)That said, they "probably" won't disable that capability for awhile, but they could. Bill has "spells", from what I understand...
There is a download for later install, or for technicians or some such option on their page, as I recall. You could choose that and download it all, write it to DVDs, then another set as a backup. Becomes a chore, keeping it alive.
If that becomes too tedious...
I would work on getting a copy of Win 7 or Linux installed on a blank box. Then VirtualBox. Install XP into that (they have directions, and there are others out there with good screenshots for all of this) .
Then you create the image, update it, and save it somewhere. When you run VirtualBox, create a 50 or 100 GB virtual drive, and choose Dynamic. (You will see when you run it, pretty easy, really). That way it will only use the amount it needs, but will grow to that size. 50 will do for most, depends on your software.
If you have the space, you can load your application and any updates before you back it up. Then when you restore it will be exactly where you stopped installing. But it will be bigger - don't know how much space you have to store something, but usually less than 25 GB for Windows, much smaller for Linux.
Then save those files it creates somewhere. To a server with 25GB of space, to a portable drive, to a slave drive.
Then blow away what you have and figure out how to copy it back and bring it up with VirtualBox.
If it was successful, safeguard the others, or, if you put it on a drive save it on a shelf with an anti-static bag.
If not, repeat until you are successful.
You have until April 8
truedelphi
(32,324 posts)In any event, thank you for the excellent information you are posting on this discussion.
jtuck004
(15,882 posts)anti-malware program, they say it will continue to update until July of 1015.
And thank you.
frylock
(34,825 posts)hlthe2b
(102,360 posts)if one installs on a partitioned drive under win7-- that is frequently online-- if one can toggle it off so that it is not at risk for infection?
ucrdem
(15,512 posts)If you mean can you switch off XP Mode's modem/network connection, with or without switching off the VM, you can. If you mean can you switch the VM to a machine-only network as was described above, no, XP mode doesn't have the same level of network interoperability as an Oracle Virtualbox. However, you can access files on your other drives a little more easily in XP Mode, as the Oracle VM requires you to go through its network connection to access "shared" folders (or drives). That's my experience anyway.
frylock
(34,825 posts)no need to set up a partition as it creates a virtual hard disk that utilizes space on your current partition. the vhd will increase with size as you add more data. you also have the option of saving files to directories on your physical computer. you can power down the virtual system like you would a physical computer.
ChromeFoundry
(3,270 posts)...or everyone still using it should support the ReactOS project. You'd be amazed how quick M$ would start supporting WinXP again.
steve2470
(37,457 posts)hobbit709
(41,694 posts)They need to get beyond the limitations of FAT, make a SATA drive work with it, and various other problems in even getting it to load.
Paper Roses
(7,475 posts)As I read the OP, I note that support for XP will go on through July 14, 2015. This is the first I heard about this extension. As I turned on my computer a few minutes ago, I got the message that support will end April 8th as I had heard.
I don't have lots of fancy stuff on the computer, I am a simple user. I don't even know what the other things are. I do have Microsoft Security Essentials.
Can I assume that support is now through most of 2015 or am I going to be more vulnerable as of the 8th.
I do not have money to buy a new computer, neither do I have knowledge to do much on my own other than updates and scans. (Spybot and Malwarebytes plus MSE).
Please help this old timer figure it out.
Thanks
PR
steve2470
(37,457 posts)if you have MSE, they will update it until the 2015 date. You just won't get any other updates, security or otherwise. So, if you're going to keep using XP on the internet, you need to be extra careful. People here can guide you on what to do better than me.
steve2470
(37,457 posts)Your post might get lost here.
hobbit709
(41,694 posts)You won't be any more vulnerable. If you stay away from Internet Exploder and Outlook, turn off remote Access you have eliminated most of the security issues.
90+% of the infected computers I work on had ALL the updates and it didn't help. The main problem is the ID ten T error.
don't sweat it, as long as you use careful browsing habits and don't open email attachments from people you don't know you'll be fine. Xp will still work 10 years from now if you don't need anything newer in the way of software-which 99% of what people use a computer for they don't.
XP will not magically stop working just because they don't support it, it may work better since there won't be any new updates to screw up.
I have a client that has an ancient Compaq laptop with Win 95 on it. She uses it for word processing and it does that just fine. And it works just fine for her purposes.
steve2470
(37,457 posts)I would use Firefox or Opera or Chrome for a internet browser.
Paper Roses
(7,475 posts)Use Hotmail and Comcast.net for email.
Hotmail gets all the garbage, I have managed to keep my Comcast email free of just about everything junk. Only my family has that address. Since Hotmail is now Outlook--at least I think so, should I find another email for all the stuff I receiver via that Hotmail account?
PS, you are all great. My thanks
steve2470
(37,457 posts)Just make sure not to open any strange emails or attachments.
Mondavi
(176 posts)of every kind:
One is b.s. about e-mail or websites which suggests that there is something wrong with either and do you want to see all the info, or just that "securely" delivered? This happens if I go to google where they aren't supplying photos and everytime there's a new news report they do it all over again.
Another is about 20-30 "risk" warnings I was getting from MSE stating that as we all know Microsoft no longer supports apps I'm trying to use, but if I click below I can restart it.
?????????? What? So many of these msgs that (when I replied to them) they were paralyzing my computer.
Finally, I've just uninstalled Microsoft Security Essentials.
Denzil_DC
(7,257 posts)attributable to the lack of patches since Windows XP support was discontinued, or know of anyone who has?
truedelphi
(32,324 posts)And I can't really verify it was related to my refusal to switch from Xp to Crappola # 8, or not.
Here is an interesting article on how their insistence on Windows 8 has led to profit loss on that version:
http://betanews.com/2014/07/01/windows-8-x-goes-into-reverse-gear-loses-market-share-as-both-windows-7-and-xp-show-growth/
A person would think since this switch to OS 8 would affect ATM's and hospitals etc, that maybe they would have held off on it? After all, many such systems rely on Governmental Funding, and most governmental entities such as state and county orgs are trying to keep themselves afloat, and not hire on specialists just to avoid big problems.
But M$ sees the world as one of noblesse oblige to keep acting in a dictatorial manner. They exist to regulate us consumers into obtaining an upgrade we didn't desire, and they also feel as long as we are alive and have a penny in our pockets, that we exist to help M$ obtain more profits.
As a small business owner, I hate M$. And it is not just about the cost of getting an "upgrade" and purchasing something I didn't ask for. Small business owners don't have the time to keep upgrading/upgrading/upgrading.