Slashdot Mirror
London's Metropolitan Police Still Running 27,000 Windows XP Desktops (thestack.com)
An anonymous reader writes: London's Met Police has missed its deadline for abandoning the out-of-date operating system Windows XP, as findings reveal 27,000 computers still run on the software two years after official support ended. Microsoft stopped issuing updates and patches for Windows XP in Spring 2014, meaning that any new bugs and flaws in the operating system are left open to attack. A particularly risky status for the UK capital's police force – itself running operations against hacking and other cybercrime activity. The figures were disclosed by Conservative politician Andrew Boff. The Greater London Assembly member said: 'The Met should have stopped using Windows XP in 2014 when extended support ended, and to hear that 27,000 computers are still using it is worrying.' As in similar cases across civil departments, the core problem is bespoke system development, and the costs and time associated with integrating a new OS with customized systems.
As someone who is on the tail end of a 700 computer migration from WinXP to Win7, I feel their pain. A single critical program that won't run on Win7 can be a showstopper. Not to mention special hardware for which no Win7 drivers are available - all of a sudden that $120 upgrade cost for a Win7 license became $25,120 when you include the cost of a new laser engraver.
Support microSD: in a post 9/11 world, it is unwise to carry your data on media that you cannot comfortably swallow.
I wonder how many systems around the world are still running Windows 95? DOS? Older versions of Linux, Unix, or Apple's operating systems?
Didnt the UK pay M$ a staggering sum for "extended support"?
Is submit that bespoke system development is not the core problem. The core problem is using a closed system for your bespoke system developments.
If this were done on Linux chances are it would not be a problem at all.
As long as firewall is on and you run a fixed set of apps from trusted sources, you are perfectly safe. So is IE if you only visit internal sites. And for external browsing, browser security is more important than OS security. There will be forked versions of recent Firefox and Chromium builds forever.
The whole upgrade hype is largely financially motivated on part of Microsoft and consulting agencies.
Bespoke software development isn't the problem, software not developed to sensible cross platform standards is the problem.
I regularly use a piece of bespoke software that was developed many years ago as a standards compliant webapp, it still works today in all the major browsers on any platform - including on mobile phones, which didn't even have browsers when this software was written.
If you plan appropriately when acquiring new software, these problems wouldn't occur.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
M$ doesn't sell or support XP anymore, release the source code and let the market create it's own security patches.
Win10 is a combination of Spyware and Adware masquerading as an Operating System...
1. There is CentOS, with 10 year LTS releases.
2. Google is a super complex business, they almost exclusively use in house linux distros.
3. If you want/need to run custom built apps, make sure you have ownership rights on the source code. Then you can port it yourself in the worst case. Of course, you need (either to employ or to contract) people who can do this. But usually with source code and working documentation, its easier to port to the new system than without.
4. With COTS products, take the most popular version as possible, preferring open source products. Open source products are not guaranteed to be continued in development (and being ported to newer platforms), but its more likely to happen for them as for commercial products. Their source code might land in a drawer because its not profitable for the company to maintain the software, or it got aquired or whatever, and you can't get it out of there.
Microsoft stopped issuing updates and patches for Windows XP in Spring 2014
That's absolutely not true. I still have a few XP desktops and they are still receiving critical updates from Microsoft Update. This is contrast to e.g. Windows Server 2003 - those servers not getting updates anymore.
So you are on Windows now. That is all good and fine. However the majority of your Applications should be Web Standards Based developed in a easy OS portable language. With a database system available in multiple OS.
Because time and time again, The next generation of Computer/OS breaks a lot of compatibility and moving over to a new platform is a big headache.
Vs that web application developed in PHP back in 2003 while may not be pretty will still work on Windows 10 or the Bosses new iPad. Without having to rework the entire thing.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
'The Met should have stopped using Windows XP in 2014
The Met should have begun the switch to Linux (or at least open source technologies) in 2001.
"First they came for the slanderers and i said nothing."
Trying to run a government or even a moderately complex business with Linux machines would be the mother of all clusterfucks.
You're obviously not familiar with the patching process for Microsoft Windows. I give my thanks to Microsoft everyday for the job security it provides me.
Particularly when mobility apps require mainly going out of Windows, given the pathetic acceptance of the Windows Phone platform. Having something cross-platform would then work on Android, iOS as well as most flavors of Windows
>> Trying to run a government or even a moderately complex business with Linux machines would be the mother of all clusterfucks.
Nope.
It just works.
Some administrations switched a long time ago.... Example : Munich City services, French Police (Gendarmerie)....
aaaaaaa
JUL
Linux Rocks
aaaaaaa
If the government would have forced Microsoft to open the platform or continue support indefinitely there is no technical reason not to continue using XP. The only barrier right now is the lack of support, which means no security updates.
But as an operating system it still does the job of launching your applications and getting shit done.
“Common sense is not so common.” — Voltaire
Well, all those people who didn't upgrade from DOS are still laughing./
As are those running Java applications, where all you have to do is copy the class files to your new machine and if you didn't use native functions or other non-portable code, or a custom java (such as on cell phones back in the day) you're still sitting pretty. (No, I'm not talking about "browser apps", which are rather limited to begin with.)
On today's computers, the problems with Java's speed are pretty much gone for most use cases.
Code targeted for java 1.5 (aka Java 5.0) released in 2004 runs just fine under 8.0 (the current release) released in 2014.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
It's safe from invasive Microsoft "patches". Definitely safer than windows 10 for handling sensitive information.
I'm not sure what you mean by "standards compliant". The standards are only suggestions, and not all browsers followed them, or interpret them differently, and CHANGE how they interpret them over time.
I've seen web apps "break" and/or degenerate due to browser implementation changes that one could not foresee.
One really annoying problem is that if Page X opens Page Y in a new browser window via a form (Http POST), and if one put a JavaScript "Close" button on the Page Y ("window.close();"), Internet Explorer added a very annoying and confusing warning prompt I think around version 7. (The Windows "X" close button is too small to be practical.)
Granted, it wasn't an outright show-stopper, but created bunches of phone calls from confused users. I've had to go back and re-code bunches of web apps.
The less you rely on JavaScript the better. JavaScript DOM manipulation often breaks or acts flaky over time, often due to alleged "security patches". But JS gets you the interaction users and managers expect from an app such that it's hard to avoid it. Many managers don't care about 7 years down the road, they want it pretty now.
And odd rendering differences seem to pop-up over time. I tested the hell out of one app in 3 diff versions of IE and in FireFox around 2009 because I knew it had to last many years. Last year when I happened to check it, stuff was shifted all funny in FireFox and Chrome. (Oddly, IE did it right, which is unexpected.)
Granted, web apps are probably more likely to wilt rather than outright die such that they still may be use-able, just grow distorted or clunky over time, like a Salvador Dali painting.
(Notice: Rant Ahead)
I really miss WYSIWYG layouts from the desktop days: no funny shifty shit (except for Windows fonts, but it could have been prevented if MS wasn't dicky). They traded DLL-Hell for Render-Version-Hell. Auto-flow layouts suck maggots, they are job security for testers and UI fiddlers, but a Yuuuuuge waste of resources. I want to focus on domain (business) logic and solve real problems, not on shifty fiddly UI's.
Bring back vector-based plotted coordinates to bring back productivity. Auto-flow can flow into my damned toilet. Tim Berners-Lee probably cost the world economy around 5 to 20 $Trillion. I'll punch him in the afterlife along with the guy who invented neckties, since all 3 of us will wind up in Hell for the suffering and ranting we, I mean they caused the entire Planet.
A new CRUD-Friendly network UI standard is needed.
Table-ized A.I.
I still use it in my virtual machines. When we land humans on Mars there will be a XP machine with us.
All they need to do is to firewall them with Linux boxes containing two Ethernet cards. Just like everybody else does.
Some of us ARE stuck on XP. For example, a piece of multi-$M scientific equipment might only have drivers that were issued for XP, back when it was purchased. We don't fix what isn't broken; we firewall or ghostwall it.
"Web standards" aren't. They are like post-a-bomb cockroaches - they keep proliferating and mutating. Same with browsers.
As a long-time opponent of Java, I have to say that with the advances made, it's more than good enough, and code written a decade ago for 5.0 that doesn't run in a browser runs just fine in 8.0. Just need the current runtime for your particular host (the class files can just be copied from one OS to the other and run). Just don't use either native methods, and use the provided abstractions for things like directory separators in file names.
And if you didn't, the only class files you'll have to decompile and fix are the ones affected - the code in the other class files will still run fine.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
I believe contract-based enterprise support is still available. My retail-licensed XP vm's still get occasional security update pushes, too.
Any guest worker system is indistinguishable from indentured servitude.
Why do police need laser engravers?
/sarcasm
Will it be disturbing that people will keep using Windows 7 beyond the supported lifetime, or will it be disturbing that privacy sensitive applications will be migrated to Windows 10?
Windows XP Unofficial SP4 puts it on the POS track
But you don't have to hack it to get critical updates.
How can you type "web" and "standards" in the same sentence and pretend not to be joking? This whole web mess is a bad joke. I can understand that toy companies like Facebook and Google like it, but please keep it out of the real world.
I have one Windows XP machine and all the rest are a flavor of Linux.
I have Windows 7 but have not installed it.
I will NOT get Windows 8.x nor Windows 10 as they are pure spyware. I will install Windows 7, under my tight controls and maintain my own image, but that will be the last version of Windows I ever use.
My article about Windows XP: Microsoft Windows XP "end of life": Conflict of interest.
I am typing from a 11+ year-old XP work machine, which is still suitable to write programs with, and which doesn't have (since I took it over) any dubious anti-virus software on it. It does have ad-blockers in each browser, and sits behind a company firewall. I see, and have had, no issue with this. Heck, it boots faster than the new quad-core Dell they're trying to make me upgrade to! It seems most upgrading today is done solely due to FUD.
They're used to old technology. They still use billy clubs instead of guns.
You can only mention Windows on a tech site maybe once a week and not have people recognize what you are doing Slashdot.
Windows is FBI. Slashdot is FBI. Windows is Spyware. Slashdot is Spyware advertising sprinkled with Pokemon GO stories.
There is a good portion of the W3C that is well supported by the major browsers and if if you follow those your app tends to function correctly in all of them.
I tend to stick to xhtml standard while the most picky, tends to render rather identically across all modern browsers.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
They are only allowed to use an OS with shit encryption.
1. There is CentOS, with 10 year LTS releases.
And Windows XP was supported for 13 years. So in 10+ years time we'd have the same story, but with an outdated version of CentOS rather than Windows.
The problem isn't Windows vs Linux or Proprietary vs Open, it's entities being too cheap/lazy to update their software when something it relies on goes unsupported.
I think patching security holes be forced on Microsoft. Any new security hole should be a matter of national/World security and if Microsoft refused to path them, then they should be forced to open the source so it can be patched. That is IMO windows is bigger them MS.
Jack of all trades,master of none
I had to read "post-a-bomb cockroaches" a couple of times. I thought it was some new weird terrorist device which not only explodes but showers you in cockroaches.
Post-A-bomb cockroaches.
> the cost of retraining people to use a Linux system instead of the familiar Windows environment.
You obviously think that there would be no retraining required to go from XP to 10, Office 2006 to 2016. You'd be wrong. Windows 10 is _not_ "the familiar Windows environment", just as XP was not "the familiar 3.1 Windows environment".
People never seem to figure out that software isn't write-once/run-forever. Over time, software rots from the outside in. Sure, the bits are all there, but the hardware and external services that they are designed to talk to eventually change so much that having the original bits is useless.
Budgeting software as a one-time expense is like buying a Mercedes and never doing an oil change.
There is a problem with Proprietary versus Open, though. I still have the source-code disks for Red Hat 7. Not the RHEL one with systemd, the original Red Hat version 7.2, circa Y2K. If my organization was tied tightly to it, having the source code means that if a problem arises relative to the OS, I could pay someone a no-doubt exorbitant amount of money to dig into that code and do something about it. You can't do that with Windows NT. Even if you had the deep pockets that allowed you source code access to NT, Microsoft probably repealed that by now. Essentially, if you need source code changes for Windows NT, the cost wouldn't be merely exorbitant, they'd probably be ruinous. And, of course, they could simply refuse to help you at all. Because as far as I am aware, Microsoft never licensed Windows unconditionally and in perpetuity to anyone, and if certainly wouldn't have been cheap if they did.
And cheap is a lot of why you end up with thousands of dead copies of XP running on critical systems daily.
Yes, but that's because code targeted for Java 1.5 on Windows would run equally well under Linux. Because Java was designed from Day 1 to be future-proof and portable. Lotsa luck with those Visual J++ apps, though.
Now excuse me while I go trying to find what they've renamed Network Neighborhood to for this Windows release.
It may well be incompatibility issues on the programs.
But, what if it wasn't Java, but proprity software? Based on say up to you core systems, without a currant updater company? Many companies would have written in future proof software. Maybe this one? But we are not there, therefore all wishful thinking?
Incorrect. Microsoft has sold source code access to several companies.
Peter predicted that you would "deliberately forget" creation 2000 years ago...
hack-hack-hack
hack-hack-hack
hack the bobbies
hack the bobbies... ahhh
if this is supposed to be a new economy, how come they still want my old fashioned money?
No - what they did was sell READ permission to source code.
The code could not be compiled...
How do you arrange that Windows XP connects only to your file server?
Maybe the underlying libraries now catch these things, but back in the day it didn't. Even with Java, writing platform independent code does require some care.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Ironically enough hardcoding "/" as path separator would most likely have worked... (which doesn't make it a good idea, of course)
Actually, as I understand it, Windows itself will honor a "/" as a path separator in some cases. Probably the biggest reason that DOS/Windows ended up using a backslash as a path separator was what a lot of the CP/M and MS-DOS paradigm came from the DEC OS world, where "/" was used as a switch prefix instead of the dash character used by the Unix OS. Making a "/" in a filepath potentially ambigous.
Java, on the other hand, will cheerfully honor a "real" (forward slash) as an abstract pathname separator on all OS's and convert as needed when using file path (java.io.File) references. It's a smart thing to do. Not only is the code more portable, but backslashes are used as escape characters when compiling Java strings, and you can cause yourself all sorts of grief by forgetting to double-up on them when coding DOS-style paths.
Slash and backslash aren't the only path separators I've seen in a long and evil career, I've also seen angle-brackets (<disk>directory>file) and colons (:disk:directory:file). But the OS's in question are more or less extinct now.
Then I guess they'd have to get together with everyone else in the same boat and pay someone to reverse-engineer the thing. It's not like it's impossible, and probably cheaper in the long run since they'd then get the source as well as someone able to maintain and modify it.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
So you are on Windows now. That is all good and fine. However the majority of your Applications should be Web Standards Based developed in a easy OS portable language. With a database system available in multiple OS.
Not all business needs can be satisfied with web applications.
- You can't upload GCode to a machine using a web browser
- You can't capture specialty device input using a browser
- You can't do anything that requires access to system protected resources due to the high level of security implemented in browsers
- You can't effectively do CAD on a web browser (although that is becoming a dead argument with OnShape).
Fact is that you have plenty of situations where web applications just don't cut it either because of security limitations or simply because the browsers don't do certain things well yet.
At the end of the day there is a large portion of the needs of businesses that can be satisfied but there is still plenty that cannot.