Sunday, April 6, 2014

The Great WindowsXP Cataclysm - Part 1

This post is cross-posted to my HP Corp blog as well at http://hp.gom/go/white-rabbit
The end is nigh!

Let me start off this two-part series by saying that I survived the first time this happened. If you've been around a long time in IT you may remember this operating system called WindowsNT 4.0 - and I was there when it finally, for real this time, truly and for sure went end-of-life. I think there is much parallel between what happened then, and where we are today.

Sadly, I believe that we are here because we're terrible at learning from the past - or worse - we somehow have fooled ourselves into believing this time it'll be different. Harsh reality - it won't be any different and less painful this time around.

If you're reading this and wondering why Microsoft would suddenly stop supporting WindowsXP - read this first.

So on April 8th, 2014 WindowsXP will become a part of history, and Microsoft has already (as of this writing) sent out the last in-cycle patch Tuesday batch of updates for it. So unless something seriously intense happens you're on your own if you're still running XP.

WindowsXP is still prevalent, highly in fact, out there in the real world. I know every time I see it I snicker a little bit and sometimes when it's on a major news network I'm compelled to post it to Twitter to laugh a little - but it's there staring back at us. Think about all of the places you've seen that now infamous   in the last month. I bet there are at least  few places. Airports, retail terminals, banks, and at your doctor's office ... it's out there. In fact, that WindowsXP logo may be more prevalent in your daily life than any other operating system! I've run into it recently at the DMV, at my Church, at the checkout counter at my local retail shop, on my TV as you can see by the screen capture I posted to Twitter, above.

So why haven't we gotten over XP and moved on? It's not like we haven't had ample warning...Microsoft makes their product lifecycle crystal clear'ish. Let me break down the top 5 reasons/excuses I've heard:

  1. What's this about WindowsXP going out of support? - It's really depressing how many people don't read even the most basic policies and then are shocked when they're put in a bad situation. I know this may sound harsh, but honestly, if you didn't bother to at least look up how long that operating system you installed almost a decade ago was going to be supported, this is your own darn fault. Even if you installed it a year ago, no excuse. Small business, large enterprise, or government - it is your job to maintain the things you are responsible for - and the operating system that runs your computers should be atop that list. Microsoft shouldn't have to run the story for 12 months on the ten o'clock news just to make sure you remember, take out ads in the national papers or do sky-writing ... this is your responsibility system owners and operators.
  2. It's not a big deal, we're fine on XP for another little while - It actually is a big deal. Ordinarily I'm not one for making a big deal out of things, but this situation actually is a big deal for a number of reasons. The main one is this, when Microsoft stops shipping patches for security bugs in the operating system of your computers, every bug will be a "forever-day" vulnerability. This means that you will be vulnerable to that bug and subsequent exploit until you retire that OS. Good luck mitigating that. Oh, what's that you say? Your computers aren't "on the Internet" ... wrong. If there is an Internet connection within earshot of that WinXP system it's "on the Internet", trust me. Even if this honestly and truly is not a big deal for you because your WinXP systems just display ads on big-screens at the movie theater, or something else that has zero potential to cause any havor - these boxes become my problem and the problem of all the other citizens of the Internet when they're compromised and used to attack others. So let me summarize - it is a big deal because you're either going to end up being a liability to yourself, to others, or most likely both. That's irresponsible.
  3. We don't have the capital to migrate off of WinXP - There's something to be said for that crazy saying we attribute to aggressive sales people trying to sell us new licenses - "the longer you wait, the more expensive it gets". Think about it, the longer you wait to migrate the more you have to likely work to actively keep software that you depend on working on this out-of-support system. Backwards compatibility is hard when the software you're about to install was never tested on WinXP, and it won't be. There are also the costs of licenses, which I imagine aren't cheap. If you had phased out WinXP over the last few years with something more modern the cost gets spread out over a period of time and not all in one lump-sum. There is truth to the fact that you may not necessarily be sitting on that kind of capital right now, but the reality is too bad, you're going to have to find it.
  4. We don't have the resources to migrate off of WinXP - Same reasoning as #3 above. The longer you wait the more people and other resources you'll need. Think about all that out-of-date software that now needs to be migrated to a more modern and supported operating system. All those databases, all those applications, all those ... just wow. My head starts to explode just thinking about it. The effort is quite possibly monumental, and given that you're now under the gun and the clock's ticking ... the "we don't have the resources" excuse dog won't hunt.
  5. Proprietary software/hardware from my vendor doesn't work with a more modern operating system - Fire your vendor. I don't know what else to say. I've heard this so, so many times. I realize there are lots of specialized pieces of hardware that were simply built around the WinXP platform, and some of it requires highly customized verions of the operating system - but seriously, we've had ample warning that the end was coming. This isn't a surprise. So why does this happen? It's the very same reason we have ICS and SCADA systems which are exposed and vulnerable with little chance of fixing - very rarely do we think about maintenance and upgrades on these types of purpose-built platforms. And what if you're in a position where some piece of software (say, a banking app which lives on FoxPro, h/t to Jason) isn't compatible with a more modern operating system? Then you have some choices to make... but in the end you have to deal with the problem - and let's be clear, this is a problem.

I guess when I put it this way, the whole end of WinXP starts to sound a bit ... Doomsday'ish doen't it? I take solace in the notion that if you're feeling squeezed, caught off-guard, and are starting to panic it's similar to being struck by a car going 1mph from a distance of a mile away while crossing the street.

WinXP end of life is something everyone should have seen coming from miles away, and been prepared for by now. If you're on WinXP and in a panic ... well ...

No comments: