Slashdot Mirror
Why Microsoft Shouldn't Patch the XP Internet Explorer Flaw
Hugh Pickens DOT Com writes: "Sebastian Anthony argues that Microsoft is setting an awful precedent by caving and issuing a fix for Windows XP. 'Yes, tardy governments and IT administrators can breathe a little easier for a little bit longer,' writes Anthony, 'and yes, your mom and dad are yet again safe to use their old Windows XP beige box. But to what end? It's just delaying the inevitable.' Lance Ulanoff argues that Microsoft can't turn a blind eye the security of XP users, even though the company ended support for the 12-year-old operating system on April 8, a fact that Microsoft has been warning about for, literally, years. But this won't be the only vulnerability found in XP, says Dwight Silverman. 'If Microsoft makes an exception now, what about the flaw found after this one? And the next? And the one after that, ad infinitum?' Even though Microsoft has released a patch for the IE flaw, and Windows XP is included, it's time to move on – really. 'I don't want to hear that tired "if it ain't broke, don't fix it" line. Hey, XP IS broke, and it will just get more so over time. Upgrade to a newer version of Windows, or switch to another modern operating system, such as OS X or Linux.'"
Microsoft is already contractually obligated to program these patches for its thousands of paid XP support customers. It has the right to decide whether the bug is critical enough that the situation warrants releasing the patch to the general XP userbase for free.
Rest assured that Microsoft is not doing an iota of extra work on this front. It already has the patch. It will also have patches for every XP bug discovered for the next few years. It's just a question of how widely it wants to distribute each one.
Does this idiot also let play kids with loaded guns because "that will teach them"?
I mean, sure don't fix minor flaws, we discontinued support, tough bananas if you keep on using it. But a major security flaw for which you already have the solution for? Anyone but a douchebag would release the patch.
Agreed. Patching a major security hole isn't the same thing as continuing to provide regular support.
My company does something similar. We offer an option at purchase where you can choose to forego any direct support and save a few dollars. We've still contacted those customers in the rare case of a significant security update.
Please keep us updated on all conversations you have with your mother. Thanks.
There are a few people out there using XP because they think it's a cool, lightweight OS (mostly for gaming). That's a very geeky crowd who can likely manage on their own, until the "open source XP project" matures the was DOSbox did.
Pretty much everyone else left on XP is a company install needed because some important, expensive, hard to replace thing happens to need XP. If you've got some $50k equipment that's halfway through its 20 year useful life that needs XP, you have a PC somewhere running the XP you need. Microsoft's patching policies won't likely change that, one way or another.
Socialism: a lie told by totalitarians and believed by fools.
There's something about this that I'm having trouble wrapping my brain around. We (the collective "we" of businesses and individuals still using XP) are stupid for not giving wads of cash to Microsoft when Microsoft says to do so? And Microsoft is stupid for choosing to patch a vulnerability in a half billion PCs?
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
It never ceases to amaze me how out-of-touch with the "real world" so many /. commenters are. Or, more precisely, how out-of-touch they come across as, because I don't think half of the folks who post some of this stuff actually believe what they say, they know better - the other half I do believe actually think what they are saying is accurate, because they don't associate with anyone who doesn't know the difference between SRAM and DRAM.
"Switch to another modern operating system, such as OS X and Linux" - yeah, that's gonna happen. To run OS X one needs to buy a new, overpriced machine that isn't going to be compatible with a lot of existing stuff and is way overkill for the needs of most average folks. And Linux? Seriously? Linux is so out of reach of most folks it's not even funny. I'm sure someone will come along and say "well X distro is easy to install!" and they miss the entire freaking point. Linux is not for "average" users, or even for well-versed computer users, it's for tinkerers and folks who want to spend as much time working on their OS as they do using the computer. It's a ridiculous notion.
The truth is, XP is not going away. Folks are saying "but they've been announcing this forever!" - not to middle America, they haven't. Those folks don't keep up on tech sites, and it's not like MS is sending them pop-ups to let them know. They just want to get on their computer and use Facebook and check their email, maybe play a few games. They also don't often have computers that even could run Windows 7 or better. Gone are the days when everyone had to replace their PC every 2-3 years, max - I know tons of folks who have PC's that are nearing a decade old and still in use and work just fine for them. Asking folks who have computers that to them seem working perfectly fine, and that meet their needs, to go out and buy a new one just to continue to do what they are already doing is never going to fly.
MS is going to relent and continue to release security patches - I have no doubt. They already are making them for the large companies/governments that are paying for them, and there are going to be some major battles which will probably end up in the legal system over what really is MS hanging a large portion of users out to dry. As someone else said, these security flaws are already there, they are just fixing what they didn't do correctly in the first place - we all know the limited understanding of the court system of computer technology, that's what it's going to look like to lawyers and judges. We might finally see some real legal tests of EULA's in general, as well - if I put a bumper sticker on my car that says "I am not liable for any accidents I may cause" that doesn't absolve me of liability, and I have a feeling that just may be how some judges will interpret this (correctly or not).
I know all of this is going to seem like bullshit to a lot of /.ers, but it's reality - XP was good enough that it will remain "good enough" for a lot of folks, and not issuing security patches isn't going to stop them from using it, because they never are going to know. It's in MS best interests to continue issuing these patches until these PC's finally die off and folks need to buy a new one, which is still going to be a few more years.
Rant all you wish about how stupid they are, or how they just should stop using MS to begin with and use Linux (the most absurd notion - because even if they did, if Linux actually had more than the less than 2% install base it has, they'd just start trying to exploit that - and with all the different distros, etc. - what a clusterfuck that would be - Linux users just fly under the radar, for now). It's not going to change the reality that these folks aren't going to upgrade their OS until they buy a new PC - and if MS doesn't issue these patches, then once the news finally filters down to these folks (via local newsbroadcasts, etc.) the suggestion will just be to use a different browser, since most security issues are IE related - which is the LAST thing MS wants to happen.
Does it say on the package that the product becomes unfit for use at time X?
Like just about everything else sold these days, it comes with the classic "we don't guarantee shit" clause:
DISCLAIMER OF WARRANTIES. The Limited Warranty that appears above is the only express warranty made
to you and is provided in lieu of any other express warranties (if any) created by any documentation, packaging,
or other communications. Except for the Limited Warranty and to the maximum extent permitted by applicable
law, Microsoft and its suppliers provide the Product and support services (if any) AS IS AND WITH ALL
FAULTS, and hereby disclaim all other warranties and conditions, either express, implied or statutory,
including, but not limited to, any (if any) implied warranties, duties or conditions of merchantability, of
fitness for a particular purpose, of reliability or availability, of accuracy or completeness of responses, of
results, of workmanlike effort, of lack of viruses, and of lack of negligence, all with regard to the Product, and
the provision of or failure to provide support or other services, information, software, and related content
through the Product or otherwise arising out of the use of the Product. ALSO, THERE IS NO WARRANTY
OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO
DESCRIPTION OR NON-INFRINGEMENT WITH REGARD TO THE PRODUCT.
'I don't want to hear that tired "if it ain't broke, don't fix it" ... "Upgrade to a newer version of Windows, or switch to another modern operating system, such as OS X or Linux."
You are obviously very out of touch with the WHO & WHY of why people continue to use XP.
1) Not everyone can AFFORD to update their computer, buy a new computer or buy a new copy of windows. Let alone get a Mac...
2) Most of the world is not tech savvy. The idea that you would get them to install Linux is really not practical. People are creatures of habit & that will never change. Look at how many people freaked out when W8 removed the start button.
3) A large % of users are in 2nd & 3rd world countries. The fact they even HAVE a computer & electricity to power it is a BIG deal. You're being very dismissive of how the majority of the world lives. You should travel more.
XP is like an old car... sure it eats 5x the amount of gas, but it gets you from point a to b.
Windowx XP is not a "12 year old operating system"
It's 4 years old, 6 years at best. It was still being sold by Microsoft up until June 30 2008. It was still being sold preinstalled on machines up until October 2010.
What of those people who have 3 1/2 year old PC's? You can't tell them its a 12 year old operating system. It was still brand new in 2010.
True. but most people with older Macs don't have to spend 100+ dollars just to upgrade their system to the most recent build of Mac OS. You can run Mavericks on 7 year old iMacs and MacBooks with few issues, while trying to run Win7/8 on a 7 year or older machine is nothing but issues.
The Amarri pray for god, the Caldari pray for profit. the Gallente pray for peace, but the Minmatar pray their ships hol
I was reading a finance forum earlier today, and came across a post from a guy talking about his frugal habits, which included still using Windows 98. That's not frugal, that's insane!
(On the bright side, he also still uses dial-up, so at least the rate at which his zombied PC can spew shit is somewhat limited...)
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
"MS did everyone a service supporting XP as long as they did"
So MS did a service to anyone exactly how? By delivering such a faulty OS that after 15 years providing monthly patches still has critical security flaws that need to be patched?