Slashdot Mirror
Exponential Algorithm In Windows Update Slowing XP Machines
jones_supa writes "An interesting bug regarding update dependency calculation has been found in Windows XP. By design, machines using Windows Update retrieve patch information from Microsoft's update servers (or possibly WSUS in a company setting). That patch information contains information about each patch: what software it applies to and, critically, what historic patch or patches the current patch supersedes. Unfortunately, the Windows Update client components used an algorithm with exponential scaling when processing these lists. Each additional superseded patch would double the time taken to process the list. With the operating system now very old, those lists have grown long, sometimes to 40 or more items. On a new machine, that processing appeared to be almost instantaneous. It is now very slow. After starting the system, svchost.exe is chewing up the entire processor, sometimes for an hour or more at a time. Wait long enough after booting and the machine will eventually return to normalcy. Microsoft thought that it had this problem fixed in November's Patch Tuesday update after it culled the supersedence lists. That update didn't appear to fix the problem. The company thought that its December update would also provide a solution, with even more aggressive culling. That didn't seem to help either. For one reason or another, Microsoft's test scenarios for the patches didn't reflect the experience of real Windows XP machines."
This is clearly the right time for Microsoft to completely rewamp the update system in XP; and what could possibly be better than to just remove the whole thing and import an already working package system from Debian?
That's the best way to force users to upgrade that I can think of. They're already planning to end-of-life it. After EOL, they can simply start adding empty patches to the update system until it drives left-over XP users to upgrade. ;-)
They should have been off Windows XP long ago.
Indeed. But it will stay for very very long I'm afraid. Lot's of systems still runs on XP with no available migration path. They just recently upgraded the security system where I work to XP. I don't want to think about what it ran before that.
I saw this during video playback, checked to see why the video was barfing and saw the svchost.exe chewing up 100% just like they say. It didn't happen on boot. I think it can happen whenever Windows Update scans for updates.
However, when I killed the svchost just to watch my video, I lost sound which made me think it had to be Media Player.
Well, maybe it was; but eventually I found out about this bug and realized I had to just sit through it.
The questions for me are "WTF does it do?", "Why does it have to walk this tree, and what is so bloody CPU intensive about it?" followed by, "Why does an update have to care what patches are superseded? As long as you're up to the latest patch level, it should be all good".
I think the whole thing is fundamentally broken. You have your current version of $Thing, it depends on N other things which must be of a given version. When you upgrade $Thing you just check to make sure the things it depends on are there and if they aren't, then you get them. The old stuff? You just check to see what depends on it, and if there is no longer anything depending on it you can quarantine it. If anything tries to access a quarantined dependancy, then your dependencies are broken and you need to patch the app that tried to do that.
I know I'm glossing over some things, and package management is not trivial; but there's no excuse I can see for exponentially growing scan algorithms.
I've noticed that this is an issue on Windows Server 2003 (I believe R2 included). I have noticed that this is less of an issue once IE8 is installed (this should have already been done by this point), but this is still definitely an issue. I will be glad when I am rid of this OS (soon!).
I'm really not sure if I would put it past MS or not to do this intentionally and leave it unfixed while reporting (lying) about trying to fix it in order to force the death of XP on schedule. It seems too obvious.
Brought to you by Carl's Junior.
Yeah, let's throw away that perfectly good piece of kit because you don't like it.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
So someone thought it was a good idea to upgrade a security system with software that will have no security support in 4 months time?
And how exactly does Slashdot not have full Unicode support?
They don't seem so bad when the first 10 iterations take a few ms.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
How exactly does someone think a O(2â) algorithm is OK to check in?
It's magic. Repeat these magic words after me:
"It's just a temporary fix. We will replace it with something better after we meet the next deadline."
Keep saying that until you are reassigned to a different team or "decide to pursue interests outside of the company", and then it changes from a temporary fix to a permanent and immutable bit of legacy code.
As mentioned above win XP is nearing its end of life where it will not get anymore security updates. Software updates can be done without throwing away hardware. That's a good reason to change the software on the machine to something else: win 7, RHEL, SUSE, something.
Well.. maybe. Or Maybe not. But Definitely not sort of.
I just put XP on an old laptop to run some specialized automotive software. This svchost bug has been bothering me ever since. If you kill the process it also takes out other services (like wifi).
Only the State obtains its revenue by coercion. - Murray Rothbard
Yeah, let's throw away that perfectly good piece of kit because you don't like it.
If it were perfectly good, there wouldn't need to be any updates.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Here's a radical idea: why don't they fix the stupid exponential algorithm rather than papering it over by trimming the lists?
There's no point in questioning authority if you aren't going to listen to the answers.
How many Microsoft Engineers does it take to change a lightbulb? None. They just redefine darkness as the new standard.
There may be no "I" in team, but there's also no "F" in way.
These are the clowns who use some kind of insertion sort to sort the files in a folder window, so when you chamge the sort on a window with thousands of files, god help you. Hell, insertion sort would be faster. It's as if their algorithm is "add the next file name, then bubble sort the whole damned thing. Repeat with next name."
This is built into their display list widget. How shameful past the early 1980s.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Wow, so I'm not crazy. I have to keep some old XP machines around for certain build tools. When I turned on my XP PC's recently for a sustaining engineering activity, the Windows update had them bogged down all night and all day. Was assuming a machine-specific problem, but this confirms it's a general problem. Thanks Slashdot for pointing this out, and thanks Microsoft for keeping IT interesting.
Not trying to be patronizing or sarcastic here, but have you thought about Linux? Throw Lubuntu on it and it'll run at least twice as fast. For the small amount of things you say they do on it, there really shouldn't be many migration pains.
I would suspect this is not limited solely to XP because I've experienced horrible delays with recent updates on a Win7 machine, which is only 6-7 months old. It's a new laptop I got from my company to replace an older XP machine and I recall updates were very snappy at first, now getting progressively more greedy for processing time.
Have a Day!
Just shoot the control panel. Door will just open
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
Of course Windows performance degrades over time.
How else would they ever get anyone to upgrade? Remove the Start button?
Ubuntu gave me a boatload of dependency questions the last time I upgraded the OS version of my kids computer. Paraphrased: "The following gajillion packages or services with funny names may not be compatible with your new upgrade request. Please checkmark those you wish to keep."
Yeah, I know, I was probably "doing something wrong" or didn't bother to RTFM for upgrades, but from a "consumer" standpoint, it was not "user friendly" and time-consuming. (True, it's only once every couple of years one has to do such. MS sends upgrades far more often, but at least it's the machine slaving away instead of the human.)
Table-ized A.I.
I miss Windiz Update....
It's not just a (physical, building) security system, it's ANY system. Why on earth would you choose to base your product (something that presumably companies will use for many, many years) on something that will have no security support in just 4 months? It's really quite idiotic; there's lots of freely-available OSes (including an RTOS) out there that you can use instead which don't have this problem.
Upgrading to Windows 7 or Windows 8 certainly fixes one issue, but it creates a whole new set of problems.
1.) There is guarantee that this won't be a problem in Win7 or Win8. This only showed up when there were *Lots* of updates to IE. In three or four years, Win7 could have a similar problem, or at least a problem with similar symptoms.
2.) Win7 did redesign the update process. (Actually Vista first showed up with it, but many people are skipping Vista altogether.) But in their great (for very, very small values of great) wisdom, they removed the ability to delete old, unneeded patches. In XP and 2003, you simply went to the Windows folder and deleted any of the old patches. You could no longer un-install the patch, but who needs to un-install a 7year-old patch? With Win 7, you cannot delete old patches. The winsxs folder grows exponentially, and since everything depends on everything else, deleting from that folder causes all kinds of problems. This leaves you with a winsxs folder that can be 20G or 30G with no way to trim it down. This is fine for a single system with a 500G hard drive, but is a BIG pain when dealing with VM's.
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.
Microsoft Update Catalog is probably closest to what you need.
And how exactly does Slashdot not have full Unicode support?
Slashdot used to have at least some level of Unicode support. Then vandals discovered directionality override characters and used them to break the layout and spoof moderation. The admins responded by instituting a strict code point whitelist to prevent the use of directionality overrides and the use of characters that are more useful for Unicode art (the successor to ASCII art) than for English text.
I'd noticed this on one of two lingering Windows XP machines last month. Good to know I'm not nuts.
Gamingmuseum.com: Give your 3D accelerator a rest.
It's OK to check in as long as you meet your deadline and it seems to work. Performance (esp. years down the road) isn't important. Do you think people buying computers at Best Buy are going to avoid your product because it's going to become ridiculously slow many years later? Of course not. So just throw in a crappy algorithm, it doesn't matter. It's not like this is a free/open-source OS where someone will fix it just out of academic interest. With commercial code, if there isn't a compelling business reason to produce and ship quality code, they won't.
Because there aren't enough months of Windows XP's extended support left for it to be worth fixing. Microsoft refused to fix a few bugs near the end of Windows 98's service life as well; see this story from June 2006.
Where can I find a complete set of all the updates they have [...] without having to connect to microsofts update servers?
If you don't want to connect to Microsoft servers, why did you choose to use a Microsoft operating system? But if you insist, start your research with the words slipstreamed updates.
I run a small computer store and this issue has been driving me crazy the last few weeks, we have had a few XP machines come back because customers are complaining they are so slow! When we refurbished them before these patches they were fine! I have had to disable Windows update to fix the issue, not the best solution at all. 100% CPU from svchost.exe for hours, how can Microsoft mess up so bad..!
Why the F*** wasn't IE8 considered a critical update for XP?
Because too many organizations had web sites and ActiveX controls that depended on Internet Explorer 6 "features" removed in Internet Explorer 8.
Many reasons.
1. It's light enough.
2. It's air gapped.
3. It's secured via elimination of infection vectors.
4. It's needed for legacy reasons.
5. Etc.
wsusofflineupdate ( www.wsusoffline.net )works well; use one machine to download everything, generate an ISO or USB key with the updates, and update offline.
I'll upgrade XP to a different MS-OS the day MS can deliver something as small and efficient as XP. If they can't I have to look elsewhere
Is everybody stupid. XP is fast. Faster than all the current consumer grade PC OSes
I think that is what this patch... Sorry... BUG is supposed to fix.
No. In my case, it's trying to apply the .NET updates that completely murders my system. Apparently MS wants a gigabyte or so of free disk space on C:\ (and nowhere else) or the update will fail miserably. As it happens, my system partition has about 200MB free space, so the update disappears down a rabbit hole and never completes.
I used to think it was because it needed a bunch of temporary disk space, so last night I changed the TMP and TEMP environment variables to point to a volume with tons of free space, rebooted (because, you know, it's Windows), set just one of the several .NET updates running, then went off to see The Hobbit. When I returned some three hours later, the update had hung, the disk was idle, C:\ had zero bytes free, and the system log was corrupted.
Honestly, I don't know why anyone continues to be surprised by Redmond's rank incompetence...
Schwab
Editor, A1-AAA AmeriCaptions
That's what you get for buying Intel.... :P
"City hall" in German is "Rathaus" Kinda explains a few things......
They actually just fixed the SxS bloat with a patch a month or two ago. Link : here.
Big! Strong! Wow! Tada-O!
Much hardware that runs XP cannot run win 7. Moving such a box to Linux involves trashing perhaps 100 items of software not available for Linux, and which run perfectly well on the XP box. I know this because I have 2 XP boxes in this situation. Of course, many of those 100 items have similar progs for Linux, each of which have to be installed, each of which has a different UI, for a total time investment of probably 100 hours by the time all the lossages get fixed.
1. It's light enough.
There are lots options here any current *BSD or Linux Kernel with basic gnu tools and a purpose built interface would still be lighter than XP. No X and Gnome 3 or KDE 5 won't be but there are plenty of things that would. That's before you even look into the other choices like QNX and friends out there as well.
2. It's air gapped.
That's bullshit son and you know it. Nothing air-gapped ever stays air-gapped. Anyone who has worked in a manufacturing environment and delt with plant engineers knows "it won't be on the network, honest" really means "I'll have a vulnerable version of VNC on this thing next week for bonus points I'll set the net mask wrong so I'll have problems that seem strange to me; ask you to help out and forget all about the conversation we had about not putting it on the network."
3. It's secured via elimination of infection vectors.
Right because vendors never update their own software and have to issue fixes and stuff that should not be there never finds its way onto that USB stick they bring into the building. Sorry seen that too way to many times.
4. It's needed for legacy reasons.
Right -- This unfortunitly is true and I really wish I could find a solution.
5. Etc.
Excuses, excuse, number 4 is really the only quasi legitimate reason and when its $100,000+ machine it controls 4 is good enough. Don't waste our time with etc etc... What reasons you imagine its okay are crap.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Actually, I installed windows 7 on a lenovo laptop that shipped with XP. While it didn't look as fancy as it could have (I blame the intel graphics card) it was very effective. It even booted faster and ran smoother than a fresh XP installation. Also all the hardware was recognized and worked with the Win 7 drivers.
Whenever a player quits EVE to go play WoW, the Average IQ of both games increase.
Any car built in the last 50 years is capable of highway speeds. I assume that you are still driving the first car that you ever bought?
The real "Libtards" are the Libertarians!
This has been happening on and off for more than a year. I found the last couple of times that it was helped if I manually fetched and installed the latest "Cumulative Security Update for Internet Explorer" for version 8 (http://technet.microsoft.com/en-us/security/bulletin/ms13-088 at time of writing). Never understood why; perhaps it allows a serious chunk of the search tree to be pruned quickly avoiding the exponential stupidity.
If you need to stop the 100% CPU while you fetch this then Start -> Run, "Services.msc", locate and stop "Automatic Updates".
Patent litigation: A doctrine of Mutually Assured Destruction... in which everyone seems willing to push the button
The fact that you think that #2 and #3 are the same thing shows a massive level of ignorance of IT, to the point where I have a hard time seeing how we could have any kind of argument on topic of IT security without you taking at least a few basic courses on IT security.
According to the article the problem only happens at start-up for about an hour and then stops. So, if you never restart, only shutting down the PC via hibernation you will never see the problem.
Well, then good news! Windows XP is just four months away from being perfect.
To fix this problem just run the latest Cumulative Security Update for Internet Explorer - for December this is KB2898785. Once you've run the update, reboot and then the updates will work.
I've had to do this for October, November and December.
This article has some more info about it - read the comments.
http://www.infoworld.com/t/microsoft-windows/windows-xp-update-locks-machines-svchost-redlined-100-fix-it-kb-2879017-230733#disqus_thread/
We are talking about XP. Not other OSs. It's exceptionally obvious that it's light enough stands for "it's light enough to run wintel software on older machines".
I genuinely don't understand why there are so many people here on slashdot talking about windows security and not understanding it. It's entirely possible to secure a completely vanilla XP machine (zero updates, just basic boxed copy from release) to use on a fixed, open to internet static IP. I have done so myself, after my first XP machine borked itself badly trying to run SP1, completely killing the updating system. I didn't even bother fixing it and ran vanilla XP for years on that machine. This in spite of it running on university network which was teeming with aggressive nerdy wannabe hackers who made a shitload of attempts to exploit machines on the network, as I found out when I became network's admin a few years later.
Funnily enough when I eventually got my hands on slipstreamed XP SP2 disk and decided to make a clean install, that machine got owned in about 30 seconds after hitting the log in menu for the first time after installation. Because I forgot to unplug the ethernet cable during installation and machine was obviously not secure out of the box - it just had the up to date patches, but several infection vectors were left exposed. So the vanilla, complete unupdated but secured XP machine ran fine for years, and fully updated machine got owned in 30 seconds flat on the same network socket.
That is the reality of IT. First thing in securing machines is not patches, but elimination of vectors. Patches are just a jury rigged solution for the time when an exploit vector was left open. There are always vulnerabilities. That is the first rule of IT security. Eliminate or contain vectors of infection, then start thinking about what to do if something does get through.
And if you secure it tightly enough, even vanilla XP is secure.
In any case, something needs to be done to the boxes. If the software cannot be updated for what ever reason, they should be replaced. Leaving unpatchable xp boxes is not a good solution. I don't think you can call such boxes "perfectly fine" if they can't be updated to a secure solution. Unless, you have a strange set up with an unbreachable air gap that doesn't allow any networked connections, or physical media. If that were the case, they wouldn't care how long windows updates take as it would be impossible to apply them. I knew some windows 3.1 boxes that were like this, so I guess its possible.
Well.. maybe. Or Maybe not. But Definitely not sort of.
None of those reasons explain why the product can't run on Windows 7.
This patch was premature. It wasn't supposed to be released until the last patch batch before XP goes out of support. Fortunately they have more like these to share with us between now and March, so the motivation to get off XP by April should be quite strong.
Help stamp out iliturcy.
Any car built in the last 50 years is capable of highway speeds. I assume that you are still driving the first car that you ever bought?
Most people replace their cars every 5 years, the average life expectancy of a car especially in places where salt is an issue is 10-15 years. In places with high grades, which can put a heavy toll on the engine and drivetrain it's 8-12 years.
Om, nomnomnom...
I buy used Dell's from Weird Stuff Warehouse in Sunnyvale.
http://www.weirdstuff.com/
I have a few projects that require a windows OS and can't run under wine. By buying a Dell from weird stuff, the OS is licensed to the machine. So it's little more than a convenience thing for me.
Be sure to use bullets. Using a laser will just make the blast doors close.
They explain why it doesn't have to.
The drive to update for sake of updating is an expensive one.
So, out of interest, how are you securing this unpatched XP machine? I can understand that if it's firewalled, with no open ports, it may be resistant to direct connections from outside but that's not enough for a typical machine doing useful work. If the machine makes network requests, or works on data from removable media, it is way more than likely to be vulnerable to some buffer overflow type response that can be fed to it. You know, the type of vulnerabilities that turn up every few weeks or so and (hopefully) get patched.
Um, why?
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Lots of process control and data acquisition systems have proprietary hardware whose drivers haven't been or can't be migrated. A security system has many candidates for such a dependency.
Brackets contain world's first nanosig, highly magnified:[.]
Come on Microsoft, Release XP SP4 and solve it.
Come on, folks. Are we certain this wasn't done by design?
Have gnu, will travel.
Probably didn't work as expected because virtually every XP machine has malware on it.
"If any question why we died, Tell them because our fathers lied."
It's NT all the way down
You're right, but I can't understand why the contract for a six or seven-figure {insert specialised hardware here} doesn't carry clauses for updating the software that communicates with its generic WinTel controller. I mean it's obvious that a (for example) car factory robot is expected to last for more than the turnaround cycle of a Wintel box, why isn't the supplier of said robot obligated in the support contract to provide updated drivers for Windows for the expected life of the robot?
I've got customers (mostly farmers) who have trouble understanding that generic computer hardware used in their office isn't expected to last nearly as long as the farming equipment in the shed outside. I still see Pentium 4-vintage boxes occasionally, and I immediately make sure the data are being backed up.
They sentenced me to twenty years of boredom
lucky?
And that's Microsoft's problem, why? If you're dumb enough to have a core part of your business based on a product that you didn't either:
A. get guaranteed updates to new OS versions for your life of the product or
B. a promise of source code access should the vendor either go under or no longer wish to provide you binary updates
your business deserves to fail.
If it's air gapped you won't be updating through windows update anyway, so this particular problem doesn't apply to you.
Seven puppies were harmed during the making of this post.
This brings back memories of an old version of MS Flight Simulator (2000?). Whenever you would choose an item from a main list (maybe it was US state), the secondary drop-down list of airports within that category was oddly slow, and exponentially related to the number of items in the list. I just chalked it up to a programming WTF, and something Microsoft never noticed during QA because they were testing on high end machines.
Download yourself a real database.
Help stamp out iliturcy.
i still run XP and Windows 2000. This past update to XP took forever. I saw srvchost running at 100% and thought I had a virus/trojan that pretended to be srvchost. i killed it a couple times not realizing it was doing a windows update for December 2013, until I forgot to kill it while watching TV and then I saw that updates were waiting to be installed.
Solution to problem. Create an SP4 service pack for windows XP and another Service Pack for windows 2000. Even though windows 2K updates have stopped and XP will soon, i think the last thing MSoft should do is to put out an SP as the last release before shutting down the OS. Make my job easier since in would create an updated install disc with the SP's slip streamed in.
It's not really needed anymore. Just make sure you run MSE or something similar.
Why?
So what was the point of upgrading then?
how can Microsoft mess up so bad..!
Often when Microsoft support sites fail to address my problem with a useful suggestion, I leave a comment about their proficiency. "Try herding goats, programming is not your thing."
They can have my command prompt when they pry it from my cold dead fingers.
That was my go to program for seeing what is wrong. It won't show what is running inside that svchost instance.
Only the State obtains its revenue by coercion. - Murray Rothbard
The problem is that the windows update service expects to find a patch that isn't there on a standard XP installation.
If you have installed from a vanilla XP SP3 CD you have IE6, if you have embedded patches you may have IE7 or IE8. Verify your IE version and download the appropriate patch. Install it immediately after completing the XP Setup and you are set.
IE6: WindowsXP-KB2879017-x86-ENU.exe
http://www.microsoft.com/en-us/download/details.aspx?id=40612
IE7: IE7-WindowsXP-KB2879017-x86-ENU.exe
http://www.microsoft.com/en-us/download/details.aspx?id=40519
IE8: IE8-WindowsXP-KB2879017-x86-ENU.exe
http://www.microsoft.com/en-us/download/details.aspx?id=40390
Because there's still 4 months of support left? Or do you think Microsoft should employ a delaying tactic because customers don't matter?
Remember, end of active support does not mean end of XP. The machines do not self destruct the day after the last update.
This whole article is interesting, but so not news.
I'm surprised that Microsoft is spending *any* time trying to fix this issue, given that the whole windows update process will be replaced in 4 months with the following:
if( operatingSystemVersion 6)
return(-1);
else
return(do_updates());
Thank you for a reasonable sentiment. slashdot is driving me crazy.
The real world is messy. You can't always update everything. You understand this, but other do not.
I have to maintain a Frankenstein PC that interfaces to a multi-million dollar piece of manufacturing equipment. So backups of the hard drives, spare motherboards, CPUs, memory, IDE Hard drives, and other things. This computer is 8 years old, with an expected life of another 7. Yuck!
Thankfully its network connection goes to 1 thing and 1 thing only! The PLC. Am I worried about a virus? No. My concern is hardware failing. If someone plugged a malicious USB drive in, then the machine will just be restored to a known good point.
If a process is allowed to grab 100 percent of CPU time then the operating system itself is fundamentally broken and no amount of fixing the app that grabs that amount of CPU is going to fix the problem. That being said....
Turn off automatic updates. If you can.
You can kill the offending svchost that is running wuauctl that is bogging your system down (sometimes this can take as much as 10 minutes or more on a slower machine) but it will just rerun at some later time putting you right back where you started. Sometimes the task manager will allow you to set the priority of the offending svchost to a lower amount most times it won't it's a crap shoot.
Rebooting will not help you because as soon as you reboot windows will run wuauctl under an svchost and your right back to square one.
or if your paranoid and want those updates
Since the task manager won't even list wuauctl as the culprit as that runs under svchost. Trust me wuauctl is the culprit here.
Get Process Explorer it will show all the running sub process's of a running svchost and will allow you to reset the priority to a lower amount. So....
Get process explorer if you can and set the offending wuauctl process priority to as low as you can set it.
That should net you about 15 to 20 percent of the CPU for the desktop and other apps. About enough
to surf the web but not enough to play a game or do anything else requiring all that much cpu.
Then sit back and enjoy your outdated buggy OS as it updates slowly.
"Tried" several times to patch an error but "couldn't". "Coincidence" that it is planning to retire the platform. Smells a lot like planned obsolescence. Helps sell more junk products that become useless faster. Buy a new one!
Build your own energy sources from scratch. http://otherpower.com/
Or the obvious solution to both your replies...
On demand bug fixes paid as needed. That satisfies it for both MS and the customer. But MS is unwilling to do even that.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
The winsxs folder grows exponentially, and since everything depends on everything else, deleting from that folder causes all kinds of problems.
Sort of no longer true (as of SP1): http://support.microsoft.com/kb/2795190
On my primary Windows 7 computer, it is down to 10.5GB.
#4 does... Namely legacy reasons.
I have a perfectly fine multipage scanner here that doesn't have drivers for Windows 7 and the manufacturer is out of business. You do know that Windows 7 implemented driver signing right? So even if you do find a legacy driver it probably won't start because it won't be signed. And don't give me this "Linux is your route" because no driver exists for it there either. So my choices are toss a perfectly working, expensive at the time and in demand scanner just to update from a working OS to one that doesn't or stick with what is working.... Hmmmm Hard choice that one.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
How about that update that never happened?
Some of you have probably had this happen. You run "Check for Updates" inside the security center. IE opens up to http://windowsupdate.microsoft.com./ It check to see if you have the latest version of Windows Update. Awesome! You have it! Now are are presented with a choice, you can roll the dice and click "Express" and let Microsoft install everything Bing on your computer. Or, you can go pro and click "Custom" where you can select to install everything but the Bing crap. Ha! Jokes on you, no matter which one you click it will just sit on "Checking for updates" indefinitely. You search Google, you find the Mr. Fixit on the Microsoft Knowledge base and run it. It finds everything wrong, it fixes it, you are the champion, you reboot, you try again and the same thing. The green bar mocking you as it checks and checks and checks. You restart the Automatic Update Server, it doesn't help. You go pro again and hit Start -> Run and type "notepad.exe %windir%\WindowsUpdate.log" You are mocked! There are no errors, no warnings, nothing of value! You grab the tower, you give it a DDT, then you expel the foul beast from the office window into the parking lot 5 stories below. You return to your desk the victor, problem solved, life is good.
This is really unrealistic. What if the original hardware supplier is out of business or has discontinued the product line? The supply chain for many industrial systems of this type can be 10 levels deep, and it's simply impossible (unless you make the kind of hyper-expensive arrangements the military does so that they can keep 50's era computers running today) for contractors in that chain to do as you suggest. Commodity computers are so powerful and cheap with such ubiquitous development tools and talent that it's hard for suppliers to ignore what's available just because traditional ideas of longevity can't be trusted.
Brackets contain world's first nanosig, highly magnified:[.]
I suggest you ally yourself with an actual business and try to apply these lofty principles. I'll know your education is complete by the peals of laughter and sound of doors slamming behind you.
Brackets contain world's first nanosig, highly magnified:[.]
The article is pretty light on details, but what dependency resolution algorithm has exponential scaling? Topological sorts are usually O(V + E).
Most human behaviour can be explained in terms of identity.
I don't really care if you use a scanner with windows XP, just don't fucking complain about problems with a decade old OS and expect the mfg to give you free support/code fixes as the OP apparently thinks should happen.
Many of XP users are people in 3rd world countries who knowingly or unknowingly have a pirated OS, but they would pay for each fix, right?
This space for rent.
How exactly does someone on Slashdot think dependencies are trivial to calculate and resolve?
http://algebraicthunk.net/~dburrows/blog/entry/package-management-sudoku/
http://algebraicthunk.net/~dburrows/blog/entry/package-management-sudoku-2/
Oh, I know the answer, it's all about the MS bashing.
This space for rent.
http://algebraicthunk.net/~dburrows/blog/entry/package-management-sudoku/
http://algebraicthunk.net/~dburrows/blog/entry/package-management-sudoku-2/
This space for rent.
Well, if you want to sell me something for upwards of six figures, you'd better be prepared to sign a contract for support that includes drivers for updated interfaces (USB vs. Serial) and updated operating systems (Windows 7 vs. XP or even 98). I wouldn't expect an open-ended arrangement, just enough to cover the lifespan of the machine (the robot, not the PC controlling it).
Suppliers going out of business is a common threat but it hasn't got anything to do with being prepared to guarantee support for your product. If the supplier of my industrial robot goes out of business and no-one else is willing to take up the support, then I'll be replacing my robot as soon as I can afford it. I won't risk running them for as long as possible knowing that the beige box in the corner might give up the ghost any day now and I can't buy a mainboard with EISA slots anymore.
As for discontinuing product lines, IBM continues to support (albeit for a lot of $$$) many of its discontinued lines and many people are prepared to pay for that. In my experience with AS400s, it would have been cheaper to upgrade than to continue maintenance on our ten-year-old E35, but management decided to switch to Windows servers instead (I left not long afterwards).
They sentenced me to twenty years of boredom
So they're trying to fix the problem of the processing time doubling with each patch, by trying out solutions in separately installed patches. You have to appreciate the irony of that!
Scopes and logic analyzers running Windows??????
Surely you jest.
Windows is not known for its real time response. What would be the scopes timebase marked in? - days, hours and minutes.
Nos Morituri te salutamus
I can attest to that this also is a problem in academic (biomedical) research. We have two fairly expensive machines that originally were attached to a win 95 or 98. The controller software is 16-bit and I experience a lot of instability now that the computers gave up and got replaced by XP machines. Sadly the products are discontinued and the company merged/bought. As a Linux nerd I would have loved to have OSS drivers for these machines, but that will most likely never happen (too niche products for anyone with skills to care)
No, but you can bet there are people sitting on exploits waiting for the security updates to stop.
Once that happens, their exploits will never be fixed and they've got free reign.
windows embedded system that are based on XP have a few years left before updates end.
Yes, they do. They use hardware acquisition modules (A/D) then use windows apps and touchscreens for the UI so response time is not important. These things cost $20,000.00 or so, give or take $10K.
-- You are in a maze of little, twisty passages, all different... --
- Make XP slow
- blame it on a "bug".
- Drop hints to the user. Windows 8 doesn't have this issue, because, its newer!
- Maybe fix it before April 8, 2014, maybe not.
They have been trying to kill XP for years. Force the user to upgrade.
Intentional or not, Microsoft are loving this. We all know it.
Microsoft could fix this by releasing one last roll-up service pack, XP SP4. That would set a new baseline with all known patches applied. Since they are not going to release any new patches after April 14th, they'll never hit this issue anymore.
I'm pretty certain that MS will never do this because XP SP4 would make a huge negative dent on their Win8.x forecast.
To Terminate, or not to Terminate, that's the question - SCSIROB
#4 does... Namely legacy reasons.
I have a perfectly fine multipage scanner here that doesn't have drivers for Windows 7 and the manufacturer is out of business. You do know that Windows 7 implemented driver signing right? So even if you do find a legacy driver it probably won't start because it won't be signed. And don't give me this "Linux is your route" because no driver exists for it there either. So my choices are toss a perfectly working, expensive at the time and in demand scanner just to update from a working OS to one that doesn't or stick with what is working.... Hmmmm Hard choice that one.
It would have helped if you mentioned brand and model. Perhaps people could have helped you out...
If you want to buy something for upwards of six figures, be prepared to pay another six or seven figures for the kind of support you request. I'm assuming that if you bought in 2000 such a device with Windows XP drivers, you would have paid 13 years of support in order to be entitled to request drivers for windows 8.1. Considering the approximate price for 15 years of "Gold" or "Platinum" support, you'd be ahead if you bought a system new.
Or, as it was mentioned previously, companies go out of business, business gets unloaded (Kodak no longer makes hardware, IBM no longer makes desktops and laptops, soon Nokia won't sell mobile phones, and so on.
[...]#4 are not sufficient for picking an OS that gets no security updates, especially when there's readily-available alternatives that don't have this problem, and have free licensing to boot.
Is there alternatives out there that can run every XP program? Especially considering that legacy software is bound to be error-ridden and badly coded.
If there isn't, couldn't you easily be in the position that running XP is the least unreasonable possibility? Though I suppose a virtual machine running XP is marginally better from a security perspective.
It's not just a (physical, building) security system, it's ANY system. Why on earth would you choose to base your product (something that presumably companies will use for many, many years) on something that will have no security support in just 4 months?
a) It's not connected to the Internet.
b) There's no idiot users surfing the web with it.
No sig today...
You wouldn't. You based it on something that would be supported for several years when you made the decision back in 2006. It's just that schedules being as they are, it has taken that long to develop the product and get it to market.
In the land of dinosaurs, where Big Companies do Stupid Things, it is fairly common for new products to be launched and then the whole platform end-of-lifed soon after. It's nobody's fault in particular, just how decisions get made.
-- Ed Avis ed@membled.com
This is intentional because they don't want people to keep on using Windows XP, therefore they add crippling code, and just throw up their hands and say it is a bug they can't fix.
I have been to some medical labs, large ones, owned by hospitals and pharma corps.
Many of their lab machines are still running Win XP, all updated to SP3.
I did ask (several times, in fact) why they didn't "upgrade" their software to Win 7 or later.
Answer ... there's no upgrade path.
Mind you, those medical test equipment are very costly, 6 to 7 figures a piece is not that uncommon. To tell them to "chuck off" all the equipment that are still running XP is impractical.
But if you are so desperate, you can try emptying your cartridge into those medical equipment that are still running WinXP
Or the obvious solution to both your replies...
On demand bug fixes paid as needed. That satisfies it for both MS and the customer. But MS is unwilling to do even that.
And how much would you pay for a bug fix as an individual? Development, QA, testing, build, certification, delivery all at a (low-end) burdened rate of $150 an hour would add up pretty damn fast.
You're special forces then? That's great! I just love your olympics!
Thats no different to saying Gnome is too old, kill it. Nothing bad with XP, it still works, can be patched, i mean whats really different at the OS level (not shell, not fancy apps) compared to win8. Its still the same, or better because it hasnt removed old deprecated libs like win8, which is stupid, because HD space is so cheap, old libs should live forever.
Hey, at least its possible to boot winXP in less ram than even android 1.6. I can get a full XP desktop working in under 48meg ram. Add a fancy gui that looks like Win8 Tiles, which is no more than a user land app, and you could port/run WinXP in a atom based mobile probably with less overhead, and faster than win8 running on a atom.
If XP is that bad and should be killed , then hell, MS, release the source code, let it free, or will people patch it to make it better than win8?
Liberty freedom are no1, not dicks in suits.
What kind of "security system" are they running that they just now updated to an OS about to be abandoned? I have a feeling this system is about as useful as a 30 day trial of Norton from 2002.
As for TFA? look folks, its a dozen year old OS...what do you expect? Its patches has patches and unlike Vista and those that came after XP allowed programs to just run amok in its registry and system files. Frankly there ain't no telling which piece is causing the bug and how long it would take to fix. You've got third party AVs and DRM that dig into the kernel, you've got the bandaids bolted on to try to deal with the fact XP was designed to run as admin...its just a mess folks, it really is. So just let the thing die already, I mean if MSFT was still offering patches to Win98, would anybody here REALLY argue it was a good thing to run it, really? Well then why would you champion WinXP, an OS whose system requirements are a 300Mhz P3 with 128Mb of RAM. Yes its THAT fricking old. Let the old gal die already, like Win2K it had a good run but that time is past.
For those running hardware so damned old it won't take anything newer I suggest you look at an AMD Bobcat Board which will frankly pay for itself in a few months thanks to lower cooling and the fact that at load the whole thing uses less than those power hog P4s did idling while running rings around all those old POS chips. Hell you can get one with a PCI slot and use a PCI to IDE/SATA adapter and keep your old drives and STILL be faster than those old Pentiums. You can even dual boot with XP if you need some time to switch over your programs but with only 4 months left better get on the ball. Use Win 7, use Linux, use something but get of XP already!
ACs don't waste your time replying, your posts are never seen by me.
There will be support.
It will cost though...
Thanks Jack Bauer.
Probably higher up in the list: because you've already paid for it and have no need to replace everyone's computers. Sorry secretary/order entry clerk etc, but your P4 with 512MB RAM is good enough.
Yep. For example I worked at a cancer centre (radiation therapy). We had a $30k device whos drivers were written for Win 3.1. It is a niche product made by a research hospital. It was made years ago probably by doctoral student. They no longer work there and there isn't enough revenue to justify full time positions (only sell a few a year). So: Win 7 in XP compatiblity mode, didn't work, Win 7 running Virtual PC didn't work. Had to install real XP as a secondary boot and then run that in compatibility mode (16 bit driver). This is in an industry that hadn't even been into scale till ~late 80's. So how old do you think the drivers are going to be for a dentist's X-ray machine?
To be fair, most P4s are pretty much dead nowadays. Rambus RAM sticks were extremely fragile. P3/First gen Athlon may still be running though!
"Win XP, all updated to SP3"
That new?
I work for a chemistry department at a major state university. We still are using a fair number of analytical machines with controllers running DOS on 486s, let alone the large numbers running XP.
The only upgrade path is whichever company bought out the original manufacturer telling you they'd be happy to sell you a new one. But the machine would be half a million to replace (X-ray diffraction system).
Not everybody has uber grants from Howard Hughes Medical, or the like to pay that. So, you keep on working with what you've got.
I chuckle when these "It's XP. Running a system that old is immoral" posts come up on Slashdot. The choice is often running the old system, or not being able to do your job.
Oh, and if you choose not doing your job, the state's in a budget crisis and they've been eliminating positions.
That's a pretty big game of roulette to play with being able to support your family just because the OS is too old to suit you. ;)
About a year I was part of a team of contractors that rolled out new hardware at an aviation/pilot training school. The new boxes were top of the line Xeons with 16GB of RAM and W7/64 preinstalled. Part of our job was to *install 32-bit XP on the machines* because the old training software hadn't been sufficiently tested to the satisfaction of the company on W7, even though the head IT manager had tested it and it worked fine. Since then I've wondered what they'll do come April.
Other options listed, such as deleting from the Software Distribution/Downloads folder or the disk cleanup tool, reclaim between 8K and 50M from a 12G winsxs folder.
Thank you for the link, but it doesn't fix the problem. At best it only delays it. And if they never release a SP2, that folder can only grow.
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.
Thank you for the link. It is good to know that there is some work being done with it. We have applied that patch but did not know that it fixed the issue. Now if they would only allow that patch to work with Win2008R2 ...
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.
This is WAD. Microsoft wants you to upgrade so - like their registry garbage - they purposefully design things to degrade performance over time.
I would never toss a car that still worked. I get rid of cars when they are no longer economical to repair, and then I let the leasers subsidize the purchase of my next used car. The lone exception might be that we trade in one of our current cars for one with all-wheel-drive.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
By that logic, no OS is perfectly good. Fair enough, but not really related to the point I was trying to make. If XP works and the computer works for the task at hand, why upgrade?
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
OK, but until XP is EOL, you can save your money. Upgrading now would be like tossing out your perfectly good brake pads, just because they only have a couple hundred more miles on them.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Just cut the power. The magnetic locks that I have seen open with no power. Found this out when the building lost power from a storm and the door was open.
It's a real thing. We have a couple of I think either Techtronix or Agilent scopes that run Windows 2000 or XP. A few years back someone plugged one of the 2k scopes into our network, at which point it became a movie server, hosting "Mr. Deeds". It is no longer allowed to be plugged into the network.
One group just updated a crazy analyzer to a Pentium M with 1 GB of RAM. Cost: $40k. It's obscene.
I didn't realise that arguments could be invalidated by mere unpopularity.
You do know that's confgurable right? I mean, yeah it comes that way out of the box and that's kind of annoying, but you can set the shutdown behavior of your laptop any which way you want. Don't want to install updates? Disable the install updates on shutdown feature. Here first Google result for "disable update on shutdown windows 7" (minus quotes).
XP works, sort of. Given the follow on disasters from Redmond, the average user probably sees no reason to upgrade. If this is indeed a 'conspiracy' to get people to upgrade, then it will backfire. Google or Apple is not the best choice. MSFT is dead money in the dead world of desktops.
While they are at it, release a SP2 for Windows 7, because its going to be around for a while.
If XP works and the computer works for the task at hand, why upgrade?
What is 'working for the task' in this case? Is 'safe to use on the Internet' part of the criteria?
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Not sure I understand this, but my XP machine works well, no reboots required, runs fast. Until I get a notice that updates are available. Then it slows down, and starts giving me errors. I have to stop what I am working on, do a reboot, which installs the updates, takes a long time. After the reboot, the machine works fine. I have suspected MS sets a switch in XP forcing my machine to misbehave, so I will be forced to install the updates. I understand the need for updates, but I want to do them at a time convenient for me, say at the end of the day.
1. Turn automatic updates off.
2. http://technet.microsoft.com/en-US/security/dn481339, download as needed
No, but you can bet there are people sitting on exploits waiting for the security updates to stop. Once that happens, their exploits will never be fixed and they've got free reign.
Yeah.. so for all intents and purposes it means they *do* self destruct
XP will be around for a very long time, just as NT 4.x was. Hell I still have a client running DOS apps. Oh he has a Windows replacement but he much prefers the older apps. XP hasn't been phased out in a lot of small business environments because because the perceived cost/benefit isn't advantageous enough, even though the reality is a bit different (how much does DDR and DDR2 RAM cost now? Hard drive failures require format/install/hours of installing updates/reinstall apps all to end up with the same slow system). NT4 still exists in some embedded systems (heidelberg printing presses for example; why replace a $2.5million printing press that still works, except for the embedded PC that died? One of my friends stockpiled DEC alpha motherboards (AT form factor!) for his ripping workstation and the embedded controller because Heidelberg's fix is either a new-old-stock motherboard for $15K or a whole new press for $2.5m to $2.8m). Same for OS/2 - OS/2 Warp was what, a 1995 release, and it was dominant in banking workstations, ATM and other kiosk solutions until very recently.
I do not see XP dying for a long time to come.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
I don't doubt you *can* harden and XP machine so it will be pretty resilient to most exploit attempts even without it being on a recent patch level. But in practice this isnt possible. As I pointed out things don't stay air-gaped. You can shutdown all those services and "unneeded" processes if all you want to do is read txt files with notepad but in the real world stuff depends on those services. You'd be amazed at how much software that does not *need* the network just won't run if the server or workstation services are stopped. Yes it half backed PLC vendor kludgeware but that stuff is why its being run on XP in the first place.
My comments on its light enough were directed at people developing control software. There is NO good reason to write it for windows. Its usually got its own interface anyway and it would be much easier to maintain on the other platforms.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Unprotected Windows is never safe to use on the internet. At the very least it is sensible to be behind NAT. But to address your point specifically, is Windows XP less secure on the internet than Windows 7?
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
There is a VERY good reason to write it for windows - that's what everyone uses.
Car analogy: you are arguing that all cars should have a tracked version, because you can't expect everyone to use roads.
As for your other claim, keep reading this thread. I secured a vanilla no updates XP machine for years while it was connected to the internet via an open static IP. Infection requires three things: vulnerability, vector and source. Securing potential vectors and sources is, in my experience, far more effective than securing vulnerabilities.
On the other hand, I've also been using 3.6.28 FF ever since it came out. It's supposed to be supervulnerable and massively exploited. Infections so far: zero.
Think on why.
In MySql, they are called "features".
Table-ized A.I.
I assume Windows 7 and 8 use a different algorithm in the update mechanism? Otherwise they will be affected just as well.
The painters algorithm is alive and well at Microsoft.
Upgrading software to a new OS can cost $30k/seat and up as any changes require re certifying the software. Even AMD vs Intel cpu requires certification.
Getting some software re certified to run in a new environment can cost $10m +.
I know at least one company that is running 60's era emulators just due to the expense of getting their software re certified. All test cases MUST match previous results. rewriting the software might cost $10m, getting the certification might cost over $100m. The software is used to certify aircraft components design and testing.
Great thanks!
The only problem I have with people like you (and not you specifically) is you think your measures are very smart, until you have a targeted attack occur and all your measures fall apart quickly.
All 3 need dealt with. A chain is only as strong as it's weakest link.
> So how old do you think the drivers are going to be for a dentist's X-ray machine?
That depends on who made it. I recently was able to get a firmware update for a digital x-ray scanner that only ran on XP, it now runs fine on 7. At the time the machine was seven years old.
Chances are you could hire someone to write a new serial driver interface for the device pretty affordably, I guess it depends on how badly the driver was originally written.
I disagree for a simple reason. If I fall a victim to a targeted attack, security updates will be meaningless. They will use zero day and that's it.
The first thing they taught me in university on IT security course was that security is not a product, but a process. If I were important enough to be a target of targeted attacks, I'd take much more brutal lockdown measures. I would for example sandbox everything, run a hardware firewall in addition to NAT, use a transparent proxy that would monitor traffic for potential infections and so on.
But these measures are costly, and a massive overkill for my threat level. It would be like securing a single apartment with tanks, attack helicopters and AAA fully staffed with soldiers instead of just having a lock on the door.
Security is a process, and as such should be appropriately tailored to counter threats that will be faced - not threats that won't. Which is why I can do what I did and go without infections essentially forever. While a big fortune500 company would have to secure its hardware in much, much more brutal fashion. But that's because their threat level is much higher than mine.
The thing is each hospital likely only has one of these and they are "only" worth $20,000. It doesn't take long before any custom development effort becomes a significant cost. Easier to just attach a dedicated workstation on a cart and block that computer from ever accessing the internet.
Drivers sometimes determine the OS. I worked at a place that got a new SL3000 tape library ~2007. StorageTek which was bought by Sun a couple years before I think. Anyways a ~$200k tape library and it was running Win2k. Just seems funny to drive a $40k file server with a 32 core Sparc/Solaris system and have the hardware running Win2k.
The rental car companies follow service schedules far more reliably than the average Joe. Negotiate the warranty extension for about $500 or so and you are golden.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
And another thing... the fleet cars tend to be more bare-bones than the regular models. Less stuff to go wrong.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.