IRS Misses XP Deadline, Pays Microsoft Millions For Patches

An anonymous reader writes "When Microsoft terminated official support for Windows XP on April 8th, many organizations had taken the six years of warnings to heart and migrated to another operating system. But not the U.S. Internal Revenue Service. Only 52,000 of their 110,000 Windows-powered computers have been upgraded to Windows 7. They'll now be forced to pay Microsoft for Custom Support. How much? Using Microsoft's standard rate of $200 per PC, it'll be $11.6 million for one year. That leaves $18.4 million of their $30 million budget to finish the upgrades themselves, which works out to $317 per computer."

see where your taxes go

right into the pocket of microsoft thanks to mismanagement

Re:see where your taxes go

[Joce640k]

Yep. It's a total waste of money.

Those machines aren't going to implode because they don't get updates.

Keep running them, keep on replacing them. Block all external web sites to employees (which they should be anyway).

Re:see where your taxes go

Block all external web sites to employees (which they should be anyway).

Yeah, because it's totally inconceivable that an employee might need access to information that's not stored on the internal network.

Re:see where your taxes go

[K.+S.+Kyosuke]

Their custom distro will be called Red Ink Linux and its mascot will be Tux's evil twin, Tax.

Re:see where your taxes go

[BoRegardless]

But the IRS doesn't care. It just asks for more money from Congress to go after more citizens for more money. The IRS doesn't care about how inefficient it is. That is inherently what is wrong with a massively complex government system which is specifically designed to be complex.

There are solutions for this, but it means dismantling the IRS and firing a lot of people, so how do you think we are going to do this. Similar to the quasi-governmental Post Office.

Re:see where your taxes go

[Nephandus]

Good luck with that. Aside from the being caught cheating even by their own rules, which is impressive given how circular they are, that guy who actually managed to get them in court for their policy being unconstitutional was explicitly rejected on the basis of IRS policy itself, as in the Constitution only matters if IRS policy says so. Not being a lawyer, I'm still not sure why the judge said he raised good points, while the case was found against him by some IRS guy and not the judge. Apparently by some special rules, they're functionally their own judge too. They'd have to agree to dismantle themselves now.

Re:see where your taxes go

[allaunjsilverfox2]

'cause it's not Year of the LIRSux Desktop

You got me there, I spent 5 minutes trying to research the word LIRSUX. Then it hit me! You must be referring to LIR6. Which is a fairly confusing, yet true statement. A leukocyte immunoglobulin-like receptor 6 desktop doesn't exist yet. I'm not sure why anyone would want to base a interface on a chemical, but I'm sure with enough work and determination, you will achieve this goal.

Re:see where your taxes go

[Opportunist]

Sure it's not going to be called Red Tape Linux?

Re:see where your taxes go

[Billly+Gates]

Yep. It's a total waste of money.

Those machines aren't going to implode because they don't get updates.

Keep running them, keep on replacing them. Block all external web sites to employees (which they should be anyway).

Do you really want your personal information on a vulnerable system where a Russian hacker can make a killing selling your identity? Do you still back that up in such a case?

Re:see where your taxes go

[Darinbob]

So disconnect those XP boxes from any external access. Any information they need for their job can come from internal sites only, or they have special computers they can visit for the strange reason of needing to check the internet (this should be extremely rare). If they need to access the internet too much, then they put in a request for a better computer (this should be a tiny fraction of the staff). Remember, we've gone millenia without the internet.

Re:see where your taxes go

[ttucker]

If a business tried to handle the information that the IRS handles with Windows XP, someone would end up in jail.

Re:see where your taxes go

[lucm]

Yeah confidential data is never compromised in the private sector because companies are careful not to use XP, except Target. That includes Experian. Or Adobe. Or Sony. Or Apple. (etc.)

Re:see where your taxes go

[gtall]

Nice fairy tale. The IRS had their budget cut and the chances of being audited is the lowest it has been in years, http://www.huffingtonpost.com/....

Now, you probably think this is a good thing, except that the sainted American people will do anything to cheat on their taxes. Whether you like it or not, much of higher and lower education rely on taxes, as does most fundamental research. But Congress has been cutting that as well because research grows on trees, right.

And the problem isn't with the IRS, it is with the tax code. Congresses and Presidents have written that. The last simplification happened because Tip O'Neill and Ronald Reagan agreed to simplify it and rammed it through Congress, although it took them several years. The current crop of congresscritters cannot agree on where the sun rises, good luck in simplification.

Re:see where your taxes go

[toddestan]

Vista is still supported by security and bug fix patches until sometime in 2017, so to say it was not supported as long as XP is simply false.

Paid for with the public's money

[grasshoppa]

Shouldn't that result in the patches being released for anyone to use?

AHAHAHAHA, sorry. Had to make the joke.

Audit time

So the IRS missed a deadline they knew was coming... I wonder what they would do to any of us in a similar but different situation?

Windows XP did not instantly become unsafe April 8

[Futurepower(R)]

Windows XP did not instantly become unsafe on April 8, 2014, the date Microsoft calls the "end of life" for Windows XP.

Governments and big corporations are often influenced by people with no technical knowledge. Because of their ignorance, governments have already paid Microsoft probably more than it costs to fix the few security defects found each year. However, the taxpayers of those governments will not be allowed to have the fixes. "End of life" is a way for Microsoft to make more money.

It's like Toyota told all owners of older Toyota vehicles that the vehicles are unsafe now and owners must buy new vehicles or pay millions of dollars to keep them. Except its worse: Software doesn't have mechanical wear.

This article contains tips about how to use any version of Microsoft Windows safely that can be shared with people you want to help. Unnecessary computer maintenance is an ugly way to make money.

The goal is providing service

I work at a large public organization that runs multiple large hospitals and a throng of clinics. We have not completed the XP -> 7 transition in time and are paying Microsoft for this extended support. Upgrading tens of thousands of systems with a myriad of specialized software isn't as easy as upgrading your home computer.

We must wait for vendors to upgrade their applications, ensure the updates work, and train users; this delayed us deploying new systems. Since medical applications aren't sexy nor cheap to make (HIPPA compliance being one of the reasons) Linux isn't an option.

Our goal is healthcare, this is the price for ensuring you have the best. Likewise the I.R.S' goal is collecting taxes, this is the price for them to implement that in the best manner they can.

Sounds like Microsoft is making a pretty penny.

[wisnoskij]

Every corporation and agency is independently paying millions and millions to have them continue to patch their computers. I would not wager a guess at how much it costs to continue producing patches, but I cannot imagine it is more than a handful of full time devs.

Re:Avoided, Not Missed

[Roadstar]

XP Works. Vista, 7, and 8 really don't

Wow, this has got to be one of the most opinionated and/or misinformed things I've read in quite a while. XP was the last consumer Windows that was more or less designed for the "isn't everybody an admin?" mindset. Part of Vista's bad reputation was due to it being the messenger that got shot while delivering the "hey guys, the party's over. We really need to stop assuming every user can write to system locations. This time for real." message to developers and users. Naturally the ultra-paranoid UAC settings didn't help with that. In 7 and 8 the new security model was fine-tuned to actually work instead of bombarding users with multiple confirmations for the same operation and as a result the modern versions of Windows are reasonably secure, especially when compared to the security nightmare that XP was prior to SP2.

Re:Windows XP did not instantly become unsafe Apri

[L4m3rthanyou]

It's like Toyota told all owners of older Toyota vehicles that the vehicles are unsafe now and owners must buy new vehicles or pay millions of dollars to keep them. Except its worse: Software doesn't have mechanical wear.

A better analogy would be for Toyota to stop manufacturing parts for very old cars, and most car manufacturers do just that. Aftermarket is more able to fill the void in that case, but it's the same concept. And let's be real, $200 scaled up to a car would be thousands, not millions. Software doesn't have "mechanical" wear, but it has ongoing discovery of security vulnerabilities that require maintenance from the vendor. Delivering that maintenance costs money.

Even the newest systems that shipped with XP are really old now. Hell, I still use one at work (not by choice), and it's a slow piece of shit by today's standards. It's nice that so many have been able to sit on similar rigs for this long, but it's time to move on. That kind of service life in commodity-level PCs was almost unheard of a decade ago. Upgrades are a part of life in the tech business, and I don't think it's fair to bitch this time just because you got a little extra mileage out of the last round.

The masses of now-unsupported XP users reflects badly on the users, not Microsoft. If you missed the boat on a Windows 7 upgrade, it's your own damn fault. On the upside, the ensuing clusterfucks at various large enterprises should teach yet another hard lesson about the perils of under-funding your IT department.

Nice plug, by the way, though it's amusing that "Futurepower" is so willing to cling to the past.

About XP . . .

[mmell]

I have many non-technically gifted friends. I've heard at least two of them state "XP is great - I can make it do whatever I want, better than any other version of Windows." Even among my (non-techie) friends, the prevalent attitude is "Why should I upgrade?" - several have made it clear to me that they don't care if their machines are botted, as long as their games run okay. As non-techies, they insist that they're not at risk for identity theft, often saying "I don't do banking/online shopping/anything involving money or credit", and in general refuse to change their minds (and yes - when I failed, I've tried bringing in other technically aware people to try their hand at convincing them. I only convinced my wife by force, not a very good way to go).

What makes XP so great to them? The ease with which software may be installed and configured. The stability of the platform to play Grand Theft Auto, et. al. What makes XP so terrible to technically knowledgeable people? The ease with which software may be installed and configured. The stability of the platform to provide elevated privileges and get an open connection on port 113 and run Sasser, et. al.

Re:About XP . . .

[Billly+Gates]

Windows XP is the best Win OS ever made.

It works. It has the best gui. Windows explorer isn't crippled. Apps just work. Websites render just right. Updates do not break it unlike 7 or 8. It works well with 512 megs of ram.

If it aint broke DON"T FIX IT!

The reason they like XP is they had win98 and WinME and remember the crapola experiences, crashes, re-installing the OS, etc. XP was the first OS which just worked. Why change?

People become conservative as a result. Our grandparents who grew up during World War II and the Great depression became conservative and AMERICA IS GREAT during the 1950's when good times hit. Same is true with XP. It came from an era of bad apples preceeding it. Now look at Windows 8 and Vista which came later?

Can you blame them of being afraid of change?

XP works just fine and they do not want a cell phone os and risk nightmares of getting things to work and performance problems. It finally works so leave it and they need a reason to change. There is no reason to change what works right?

Re:Yes, but don't you agree there is abuse?

[MightyMartian]

If you buy a product, find out the EOL date. If it is too soon for your liking, don't buy it.

Oh boy, a deluge of misrepresentation

[iamacat]

From the assumption that IRS will pay standard joe off the street rate to Microsoft, to impossibility of running XP without support, not much in this article passes the muster of common sense. Chrome and Thunderbird are still well supported and secure, and that's all IRS employees should need in terms of accessing Internet. Everything else would be in-house applications which can be secured on server side, so it should be Ok even if they still have run IE6.

As for employees that don't follow instructions, there is nothing to keep them from installing freepr0n.exe on Win7.

Funding

[Jodka]

So how could the IRS fund their Microsoft Custom Support? By seizing tax refunds.

Re:Fixing defects in sloppy coding is NOT "support

[LordLimecat]

Do you have any idea how many security patches have been issued since the release of Linux Kernel 2.4? Because 2.4 came out right about when XP did.

Bad math and assumptions

[gnasher719]

The amount mentioned is not what the IRS pays. It is what the article assumes, based on number of PCs running XP and an estimatd average price of $200 per PC. But contracts are negotiated individually. The British government pays less than $10 million for all their computers, which includes about 650,000 PCs running XP in the health service, more than 10 times as many as in the US IRS.

Fantasyland

[jonnythan]

If the IRS does decide to pay Microsoft for continued support of XP, the chances of it paying the standard $200 per PC rate is effectively zero.

The numbers in the summary are total fantasy.

Re:Yes, but don't you agree there is abuse?

[LordLimecat]

Thats how RHEL does it-- RHEL 5 (released in 2007) goes out of support in 2020. Apple doesnt provide support nearly that long for OSX-- they EOL'd Snow Leopard (2009) in 2013, so they have approximately 1/3 the product lifespan that MS or RH does.

Based on your other comments, though, you really just have a personal axe to grind against anything Microsoft for no real (that I can discern) reason.

Re:Windows XP did not instantly become unsafe Apri

[L4m3rthanyou]

All software has defects, it's the nature of the beast. If vendors were liable for every last bug in their software, the commercial software industry would not exist. (I'm sure there are freetards who feel that would be a good thing, but let's not go there.)

It's not like Microsoft deliberately released XP with 2,722 flaws with the intent to fix them gradually over the next ~12.5 years. That's the problem with security vulnerabilities- they need to be discovered. Odds are, there are plenty more in Windows XP that have yet to be found. XP EOL isn't going to make your XP machine explode and kill your family. Before long, though, unpatched XP systems will be rife with exposed vulerabilities. Browser updates will drop support for XP. It will become unsafe to use any XP machine in any capacity that involves internet connectivity. Advising your clients to continue using XP is irresponsible at best.

Really, since you're so convinced that MS is outright evil, I'm surprised you're not trying to push some linux-based XP replacement. Though, for what it's worth, even free operating systems often have an end of support life, absent any profit motive.

It makes perfect sense

[plopez]

Hypothetical situation. I am an IT director. I track trillions in revenues and hundreds of billions in taxes. Do I 1)
switch to a new system with unknown security risks and associated costs in upgrading in house systems and applications?
or
2) Do I stick with a true and tried system for a few tens of millions more?

No brainer. Stick with the devil you know. This is not some happy little mobile app like the "Annoyed Nematode" you are dealing with the financial futures of both the US government and each and every person who must file taxes.

Re:It makes perfect sense

[broken_chaos]

The problem there is that it's not actually a solution. All it does is delays the need to find a real solution, which will cost roughly as much then as it does now.

Re:It makes perfect sense

[Wulfrunner]

"...switch to a new system with unknown security risks..."

Yeah, that Windows 7 has only been out since 2009 and practically nobody uses it.

Re:Wow! If this is the way things work

[mpe]

Or they could do the sane thing and move their employees off of decade-old hardware.

Presumably you won't be boarding a bus, train or commercial flight then :)

Re:Discrimination

[turp182]

Get an account, takes about a minute. Use a fake name if you would like.

Taxpayers pay. They should get the fixes.

[Futurepower(R)]

That misses the point. Taxpayers are paying for the fixes. Everyone should be allowed to have them.

XP as bad IT test

[EmperorOfCanada]

I think that any organization still using XP has failed an IT test. This does not mean that the IT people suck but that some aspect of IT sucks. It could be that the IT people can't proactively spend money to avoid expenses such as this and can only spend money when they have to. This is broken. I wouldn't be surprised if some dolts in these organizations are now saying that the budget to upgrade from XP has been eaten by these licensing costs.

What I have seen before is that some minor OS upgrade comes along and the various parties say, "Hey we need a minor upgrade to our software to keep up." this is then refused so after the next OS update they say, "He we pretty desperately need a medium sized upgrade to catch up." this is refused. This goes on and on until basically they are screaming, "We MUST upgrade now and the upgrade is a major overhaul of how everything works." then the worst thing in the world happens, they agree. The problem being that some sleazy mega-sized consulting company comes in and starts throwing around "best-practices" and $50 million later a completely useless system that is actually far worse than the 12 year old pile of crap they have is born. Then another $50 million is spent getting it to barely work.

The probable cost to have had a continuous stream of upgrades in the first place? Maybe $500,000 per year.

Cavity searches for the IRS

[Anomalyst]

Seems only fair given how they treat the average citizen (i,e. non-politicians, non-moguls)