Windows 10 Compatibility Issues Forcing US Air Force To Scrap a Significant Number of Computers

The US Department of Defense has decreed that the Air Force must complete its migration to Windows 10 by March 31 2018. From a report: Failure to do so will result in any systems not running Microsoft's latest operating system being denied access to the Air Force Network. However, because Windows 10 is not compatible with many of the Air Force's existing systems, a significant number of computers will need to be replaced in order to hit the deadline.

Really Sppoky to think

[oldgraybeard]

the DoD use Windows 10 Pro! Just my 2 cents ;)

Re:Really Sppoky to think

Windows 10 Enterprise, but thanks for playing. "Secure Hardware Baseline" using TPM 2.0 is what is the big driver. Even systems only a couple of years old are having to be replaced because mfg's not offering updates from TPM 1.2

Re:Really Sppoky to think

[Bite+The+Pillow]

I was really confused because how does a computer replacement fix compatibility "with many of the Air Forceâ(TM)s existing systems"? In context systems didn't seem to mean end user computers. Or servers.

About time, overdue replacements

[ArtemaOne]

Many of the systems I see around are identical to the models I was putting in place in 2009. They need to upgrade, and anything to pressure them to do so is a good idea IMO.

Re:About time, overdue replacements

[bondsbw]

Though typically deadline pressure only gets enough people added to the project when it's already too late.

A better strategy would be to re-evaluate systems that are likely to miss the deadline, put exceptions in for those, and get the staffing needed to meet new deadlines that are realistic.

Re:About time, overdue replacements

[ArtemaOne]

As an Air Force member this sounds absolutely preposterous.

Mass Chaos

[amiga3D]

I worked for the USAF for 8 years as an Airman and 30 as a civilian. I went from an HP85 for line monitoring at a comm site in 1983 to workstations in an aircraft hangar in 2017. I remember going from win95 to win98 and it was good. We went to win2000 and it was good. XP Pro upgrade was good. Then Vista came.....over 50% of our workstations were down at any one time for over a year. After a few years we got Win7 and it was so wonderful. I use Linux at home but Win7 was as stable as I could wish and a million times better than Vista. They avoided 8 and when I retired last year the big dread was Win10. Nobody likes it at home, I know a bunch of people that bought Macs just because of Win10. I'm glad I'm going to miss that adventure.

Re:Mass Chaos

[bhcompy]

Win10 is not much different than Win7 in most respects. You can completely ignore the Metro interface for the most part, unlike in Win8. Win10, at this point, is equal to or superior to Win7 in many respects.

Re:Mass Chaos

[Mister+Liberty]

You failed to explain the amiga3D.

Re:Mass Chaos

[Wootery]

Windows 10 also has spam in the start menu ('Suggested Apps'), mysterious phoning-home ('telemetry'), on-by-default web-search in the start-bar search, it deliberately makes it difficult to disable Cortana, and they're pushing UWP, the whole point of which appears to be lock people in to Microsoft's app-store that nobody asked for.

But there's Direct3D 12, which seems neat... if you can't use Vulkan.

Re: Mass Chaos

[cyber-vandal]

Neither does Win10 Enterprise.

Re:Mass Chaos

[BBF_BBF]

Windows 10 also has spam in the start menu ('Suggested Apps'), mysterious phoning-home ('telemetry'), on-by-default web-search in the start-bar search, it deliberately makes it difficult to disable Cortana, and they're pushing UWP, the whole point of which appears to be lock people in to Microsoft's app-store that nobody asked for.

But there's Direct3D 12, which seems neat... if you can't use Vulkan.

These "features" are irrelevant to an Enterprise installation of Windows 10 since they can and should be disabled for all Enterprise installations by competent system administrators.

Re:Mass Chaos

When you install Windows 10 in an enterprise, all of the setup adjustments necessary to limit applications, games, Cortana, telemetry, etc. are taken care of by your IT department at the server level unless they are completely clueless.

Re:Mass Chaos

[mikael]

Suggested Apps can be deleted, Cortana can be disabled through the registry. Telemetry can be disabled/blocked. Some other web browsers are just as bad. I've seen telemetry streams go to Kaspersky Labs in Virginina. You can't blame Microsoft for wanting UWP. That was the pain with the old non-networked PDA's like the Palm Pilot in that you needed to keep them sync'ed manually between every machine you docked them with. Without anything like svn or git, a single text file could end up with three or more versions. I can see why they would want to do that. Their solution of course is a cloud password account rather than virtualizing one device into a private cloud server, the OS and other devices.

The other pains are that it's hard to virtualize Windows 10 into a virtual machine because of all the hardware licensing/security checks.

Re:Mass Chaos

[modmans2ndcoming]

you turn those off dipshit.....and it isn't even on for enterprise.

UWP is dead. Microsoft accepted that already. PWA is coming in the spring update and UWP will be tossed in the trash.

Re:Mass Chaos

[modmans2ndcoming]

Our VMWare farm does it just fine.

Re:Mass Chaos

[modmans2ndcoming]

Microsoft is getting rid of Cortana as you know her and she is becoming a machine learning service. Your search will not need to involve her....and she is way better than clippy reborn...but you probably hate Google Assistant too.

Re:Mass Chaos

[l0n3s0m3phr34k]

Or use the "Long Term Service Branch" Enterprise edition, that doesn't get "feature updates" (AppX packages in layman's terms). However, it's not "so easy" to disable everything. You have to rip out all the AppX installs, then the AppXPackages, and then go into several "System folders", change permissions, and start deleting them. Be careful though, things like Calculator are now "Store apps" so just ripping out every Store app will remove half the normal features users are used to.

If you don't do all the above, then the next new user that logs in will probably have a bunch of new apps show up. Another step is to clean up a profile, remove all the tiles, then export the startlayout into the Default user Shell profile directory.

Re: Mass Chaos

[l0n3s0m3phr34k]

It does push DuoLingo, Bing News, Pandora, Eclipse Manager, etc.

Re:Mass Chaos

[antdude]

Why doesn't USAF use Linux or something else to save costs? They can even customize their own OS with it!

Re:Mass Chaos

[AHuxley]

That "save costs" is profit and share holder value to the contractors.
Nobody wants the US mil to have their own OS the US mil can create and upgrade using their own internal experts.
The more Windows, the more work for contractors and consultants.
Thats decades of wages, pay, shareholder value and over time.
Entire parts of the US private sector are supported for years by helping the US mil understand and use M$ products.
Should the US ever go back to an Ada or their own Linux with internal US mil workers?
Think of the contractors and their spending in the local tows and all over a state near the US mil computer sites.
Every day helping with the US mil with a MS product is a days local wage all over the USA.

Re:Mass Chaos

[jezwel]

I'm running Win10 enterprise at work and all of the things you mention are disabled.

At home, sure it might be a problem for someone that needs to look at their start menu to figure out how to open an app.
At work, all that crap is gone. Win10 not running on some hardware is a bigger problem for us - we needed to find devices running older chipsets that still have Win7 drivers as our Win10 migration is dragging out much longer than it should.

Re: Mass Chaos

And for those who can't get Enterprise??

This policy from Microsoft leaves a substantial gap in the market! There is a group of users who need control over their PC, so Home and "Pro" (it's not really since MS removed many options) are out, but they aren't large enough to justify the cost and infrastructure required for Enterprise. I'm guessing MS have decided that this market doesn't matter much to them as they are entirely neglected by the current licensing model.

The problem is that most people currently working in this gap are the smart ones: engineers, small business owners, consultants, small manufacturers of hi-tech products. They know they've been neglected by MS, and the few of them that move on to positions of power and influence in larger companies will be looking to any alternative they can find.

Re:Mass Chaos

[gtall]

The short answer is they do not for the same reasons other organizations cannot be rid of MS...too much computing infrastructure and organizational processes rely upon MS software. Throwing Linux in there does not solve those problems. And no organization can halt operations while ripping out MS Malware and replacing it with software, especially not the U.S. Military.

Re:Mass Chaos

[thegarbz]

Windows 10 also has spam in the start menu ('Suggested Apps')

Only for stupid people who don't turn off the most obvious of settings "Occasionally show suggestions in start".

Seriously anyone running windows 10 with this setting on should be given an etchasketch because they are too stupid to own a computer.

Re:Mass Chaos

With 114,000 employees, Microsoft is one of the largest employers in the US which means that congress people kiss their booty and pass bills requiring the military to use products made by Americans that benefit the American people. Fat chance finding a Linux company that passes the muster, outside of RedHat which dropped development of their own desktop OS long ago.

Re:Mass Chaos

[Killall+-9+Bash]

Congratulations! You've finally found a use for MCSE's!

Re:Mass Chaos

[Killall+-9+Bash]

Most business users are not using enterprise licensing. Bringing up enterprise, as if everyone (or everyone who matters) has that is invalid.

Re:Mass Chaos

[Wootery]

Oh, but you can turn that off (if you're paying enough attention to realise they're doing it in the first place, and have the technical competence to disable it)

Other companies are doing it too (and therefore it's ok?)

It's understandable why they want to do that to their customers (and therefore it's ok?)

Mixing weak sauces doesn't give you a stronger sauce.

Your defence of UWP is particularly pitiful. Microsoft deliberately want to prevent distribution outside their app-store. They don't want you to be able to put the .exe on a Flash drive. They don't want Steam to be able to compete with them. They're walling off some of their technologies as UWP-only to try to force people's hands. And yet you're trying to spin it as benefiting the user.

Re:Mass Chaos

[amiga3D]

The Air Force does have it's own Linux Distribution but it's not for standard installations. https://spi.dod.mil/LPS-Public...

govt joins the club

[v1]

Consumers, and business owners in particular, love to drag their feet on upgrading their hardware. Kick the can down the street again and again, until finally they hit a wall and are forced to upgrade. It's interesting to see the government pulling the same derp maneuver.

A better plan is to do gradual upgrades on a schedule. When you suddenly find you have to upgrade a bunch of computers, AND peripherals AND os AND proprietary software all at once, it's not only financially painful but causes major pains for the people that have to learn all this new stuff at once. But they're blind, they just can't see the train until it hits them.

Can't say it surprises me to see the govt join the party.

Re:govt joins the club

[Snotnose]

A better plan is to do gradual upgrades on a schedule.

Yep, cuz when you're managing 1,000+ systems it's much easier to deal with 5-10 different configurations than it is for just 1.

Re:govt joins the club

[Archangel+Michael]

I've seen it way too many times. The typical argument is "Why do I need to replace the controller, it works fine". The answer is, because it runs on a serial board interface on your old Win 95 machine that just died (22 years later) and the board doesn't fit in any new computer, and nobody makes the software for it or makes a replacement serial board to drive the machine.

The sad thing is, that just might bust the company.

Re:govt joins the club

[BronsCon]

It's much easier to deal with 10-20% of your systems being down due to a vendor fuckup than 100%, so I's say yeah that's probably true in this case.

Re:govt joins the club

[Narcocide]

The sad thing is, that just might bust the company.

Jeez, it's a real shame nobody ever thought of creating another operating system to save these people from Microsoft's reign of terror.

Re:govt joins the club

[Bing+Tsher+E]

If I had installed a 386-sx motherboard into some piece of hardware in 1996 that controlled a steel mill, or a lathe, and the software it ran on was embedded Linux, none of the current mainstream versions of Linux would now run on it.

Re:govt joins the club

[Solandri]

A couple of the small businesses I do computer support for have 1990s-era hardware for mission-critical operations. They're not as clueless as you've described. They knew what they were up against, and bought additional compatible computers, boards, and cables as spares while they were still available. These computers aren't networked so there's no security risk. And the old hardware does the job well enough that it'd be silly for them to spend a lot of money upgrading to a modern system.

That's what a lot of people who think like you don't seem to get. A lot of business tasks don't need GHz computers with gigabytes of RAM. And if the computer you've got is handling that job just fine, it's a waste of money to upgrade it. Need I remind you we successfully landed people on the moon a half dozen times using a computer with as much processing power as a modern calculator. Bigger/faster is not always better.

Re:govt joins the club

[amalcolm]

Often industrial control from that era was actually RS485. Even those on RS232 often do funky things with the modem control signals that are either not replicated by USB devices or the timing is processor-speed dependant. RS232 was never a well-defined standard and was/is often abused, which compromises compatibility

Re:govt joins the club

[edtice1559]

I wish I could mod this up. Being homogenous really doesn't make sense at all if you ave availability requirements.

Re:govt joins the club

[hairyfeet]

Riiight, because Linux has such great support for ancient proprietary devices like ISA CNC boards, Serial connections to laser cutters, when Linux can't even keep support for older webcams working.

Re:govt joins the club

[toddestan]

On the other hand, you would have no problems using whatever version of Linux you were using back in 1996, and if you had to, you could even modify it.

One of the problems I have seen with equipment running something like Windows XP is that Microsoft will not sell or license Windows XP anymore (outside of a MSDN subscription) which means that if you need to replace the computer, even if you can procure some new hardware that's compatible with Windows XP you can't actually buy a license from Microsoft to install Windows XP on it (legally). At least with Linux, licensing for old versions of Linux is not a concern.

Re:govt joins the club

[toddestan]

Most of those devices like don't even handle the RS232 standard that well either. Granted, they can generally do fine with how almost all RS232 devices are actually implemented. However, for example RS232 standard allows for the voltage level to be up to +/- 15 V, and if you manage to find some weirdo device that actually uses something like a 12 V signalling level, good luck trying to find something that can talk to it that's not ancient.

Other way around

[bhcompy]

However, because Windows 10 is not compatible with many of the Air Force's existing systems, a significant number of computers will need to be replaced in order to hit the deadline.

Many of the systems are incompatible with Windows 10, not the other way around. One piece of govt software I work with uses a version of Crystal Reports that's about 15 years old, and hasn't been supported for ages. The reports do not function on newer drivers, and there's no compatible driver for W10, so users of that software have held off, but they're being forced off this year. And don't get me started on COM+

Re:Other way around

[jezwel]

Access????

Luxury!!!

We're still supporting Lotus Approach databases, which was deprecated in favor of MS Office back in 2003.
Yep, 15 years later and these groups still haven't moved to a newer program...

Re:Are they still using XP?

[darkain]

There are a number of things that Win10 has broken at this point from a hardware standpoint. One of which is imaging devices if they're using a now non-supported imaging codec. This broke a great deal of web cams, and I wouldn't be surprised if it broke other WIA devices too like normal cameras and scanners.

Yeah, I feel their pain...

[ZeroPly]

I'm small potatoes compared to the military - I manage about 800 desktops and laptops. But if the computer won't run Windows 10 (usually due to driver issues), there's not much choice. Even if the user loves their computer, doesn't want anything newer, and thinks Win10 sucks, I have to upgrade them. I'm a cheapskate by nature, and I hate recycling perfectly good equipment, but that's the cost of doing business.

Re:Are they still using XP?

[ZeroPly]

Driver incompatibility is the big thing. And it's real - when someone's $2,000 microscope camera works with Win7, but not with Win10, upgrading is painful.

"Slap in a SSD" is great when you have three computers at home. When you're dealing with thousands, the simplest steps become year long projects.

Re:Are they still using XP?

It is actually happening in all of DoD. The big thing driving hardware refresh is the DISA mandate to use TPM 2.0 as part of their "Secure Hardware Baseline". There is a lot of hardware that is even just a couple of years old that is stuck at TPM 1.2 (vendors not offering updates) that is having to be replaced.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Latin never goes out of style

[Tablizer]

If they had used Mainframe "green screen" applications, they wouldn't have this problem.

Re:Latin never goes out of style

[Bing+Tsher+E]

Certainly. The applications would still be running in terminal emulators on whatever hardware is current.

Re:Are they still using XP?

[DivineKnight]

https://www.amazon.com/StarTec...

Re: The hardware apocolypse is getting worse

[cyber-vandal]

Yeah 2 years to rewrite all the drivers and 3rd party software

Wondering what happened to them all?

[tie_guy_matt]

Check out gsaauctions.gov. When government property isn't needed any more, it usually goes to some type of surplus room for a while. If no one claims the item from surplus then after a while it will be auctioned off to the public. Hence the site. They have all sorts of stuff on that auction site. From old FBI police cars to former DoD computers. Note that most of the computers have had their hard drives removed though.

Re:The hardware apocolypse is getting worse

[mikael]

I kept a coffin dodger laptop alive this way. There used to be companies who dealt with recycling spare parts for laptops plus the manuals in PDF form. The LCD screens were the most expensive part at half the price of the original laptop with a trade in of the old screen (they could replace the mini fluorescent tube). Everything else was fairly cheap - cooling assembly for the CPU/GPU, logic circuit for the screen lid closed latch. Even when the audio jack got mangled due to the cable being pulled, that could be replaced with a USB socket. Hard disk drives were upgraded as time went by: 40 GB/60 GB/80 GB/250 GB. But as the Linux and Windows OS's went to 64 bit, the minimum size OS partition went from 20GB to 60GB for a full development kit.

Re:Deep State 9

[ddtmm]

Obama took away our guns and now he's trying to take away our F-22 Raptors, too.

You sir, are a moron

Re:Deep State 9

[PopeRatzo]

The military *is* part of the government, and of course it should be under the government's control. If government leaders want to know what the Air Force is doing they just call a meeting and ask them what's up. Furthermore, Obama did not take away your guns.

No shit, Sherlock. It just shows that the most outrageous and uninformed statements can be easily mistaken for mainstream Republican views.

Re:Deep State 9

[PopeRatzo]

You sir, are a moron

I am a moron, but you still get a "woosh!" for not realizing I was joking.

Hum. MS has to love the profits

[WindBourne]

Seriously, between Russia cracking it, and dod forcing USAF to run win 10, ms has to love it.

Changing OS is easy, unless..

[MpVpRb]

..you have old computer controlled machines. The device drivers may not be available, either because the product is obsolete, the company is dead, or they decided to not update the drivers, or the updates are prohibitively expensive

It's not just hardware. Some old (very expensive) software only runs on the old OS.. same problems as device drivers

If all you use is common, recent software... no problem

Re:Changing OS is easy, unless..

[Bing+Tsher+E]

At a previous job, we had two Unholtz-Dickie shaker tables. One was controlled by a PC running Windows XP, the other by a PC running Windows 2000. Nobody ever touched the machines except to run the U-D application to operate the shaker table.

It's no more of an issue than the fact that some equipment might use Amphenol connectors that might have been out of production for a decade or more.

At my present job they are scrambling to find ancient Cinch-Jones connectors.

Why Not Virtual Machines atop Linux?

[rea1l1]

Why not install some version of Linux and run whatever windows is necessary as a virtual machine? Sure would make windows upgrades easier to deploy, as one could merely distribute an updated image, and machines would be less likely to crash all the way down, and instead would only crash the emulator. For devices that depend on old versions of windows, the VM image might be read only in order to halt any malicious writes.

Re:Why Not Virtual Machines atop Linux?

[l0n3s0m3phr34k]

Because that adds a whole huge issue doing your 800-53 auditing.

Re: Why Not Virtual Machines atop Linux?

[lsatenstein]

Microsoft has done it's marketing and schmear. Forget about what's best, consider what is politically best

Re:Are they still using XP?

[ShanghaiBill]

I would have been horrified to know that our military just uses Microsoft Windows and not some super secret flavor of a home grown operating system. What happened to security?

Even Windows is more secure that some crap OS slapped together by a low-bid defense contractor. These are the people that designed the F-35. To get a feel for milspec software, go try to write a program in Ada.

COTS > Milspec

800-53

[l0n3s0m3phr34k]

Is what this is all about. If you've had to work with the various DISA stigs, then you know just how much software can't really easily be deployed. You can't just "run linux and a VM for Windows", because there are only SPECIFIC versions of Red Hat that have STIGs that allow it to be "properly audited". Getting a "Certificate to field" is a complicated, torturous route that must be re-done for each different enclave the CtF is for. Software like MySQL doesn't even have a STIG, so all of that is out the window.

And it then there is Trusted Platform compatibility, Fedramp certified cloud, etc. My current job is working towards 800-171 certification, which is a watered-down version of 800-53. It's still a huge PITA, but these standards are needed because of APTs and stupid end-users. IMHO, your "electronic election system" should at least be at 800-171, but "STATES RIGHTS" means easily hackable machines.

They should require a complete set of source code

They should require a complete set of source code for every piece of technology utilized. There should never be a piece of third party technology that has a dependency like this that puts a third party in control of critical technology.

It's utter bull shit that a government entity of any kind anywhere is putting themselves in such a situation where they do not have full control over the technology they're adopting. Talk about a security failure.

I know there is at least one major government which is not Russia, China, or the United States that has recognized this issue and is taking steps to correct it. The country has figured out that having access to a complete set of source code for everything is critically important to there national security. It's not Iran or North Korea either. I'm not at liberty to state the country at this time although there is talk of funding a completely open SoC for national security reasons.

Not too hard

[Notabadguy]

For a fraction of the cost of the shitty F22 Program, the air force could...

-Deploy brand new, state of the art computers across the entire Air Force.
-Pay to have any legacy programs rewritten or migrated to their OS of choice.
-Pay to have all of those certified.
-Pay Microsoft to develop a DoD-grade OS compatible with those programs.
-Give every Air Force employee a huge Christmas bonus.
-Solve world hunger.
-Fix the national debt.
-Find extra-terrestrial life.

They could use Linux..Wait, no

[Eravnrekaree]

I was about to say that with Linux this wouldn't happen. But then I remebered that X.org had deleted dozens of video drivers when they decided on an irrational whim to delete all of the XAA code which turned a huge number of older computers into boat anchors. Linux systems developers seem to think you should need the latest Intel GPU made within the last 3 years. Whoops.

Anyone solved the multiple PIN prompts issue?

[Bite+The+Pillow]

Lots of people having multiple prompts for smart card PINs. Has anyone solved that one? And no, Google search doesn't return useful results.

Re:Are they still using XP?

[AHuxley]

Also consider all the changes to the US mil. Say the CIA wants someone who can resupply the freedom fighters.
Someone with navigation skills, can fly at night, has a lot of international flying experience, a top security clearance and the other people needed to load, unload.
That search deep into plain text Air force files cannot be logged, seen, recovered, tracked in any way.
Old version of mil computers stay secure from all congressional oversight.
A new MS OS might go full Iran Contra and recall freedom fighter support missions years later.
An old MS OS is a trusted OS.

Also consider the medical records that have to be kept. Who has a poor diet, was not fit, could not pass a standard fitness tests, could not read a map, could not keep up.
With an old OS everyone joining is set as ready for duty. A new OS might see the political changes to ensure everyone got a free pass on some too difficult fitness tests that are not politically correct.

Re:Deep State 9

[Bing+Tsher+E]

Most of us know you're just a joker.

Re:Are they still using XP?

[AaronW]

It depends. For example, if it is specialized hardware it can't just be replaced.

Re:Are they still using XP?

[AaronW]

That reminds me of some of the laptop computers I worked on back in the early 1990's. I worked for a well-known laptop manufacturer who made some laptops for the military. The military laptop I worked with was Tempest certified. It had a removable SCSI hard drive where all data on the drive was encrypted. It was a nightmare to take it apart. Once you took off the cover you had to remove all of the RF shielding (128 screws held the RF shielding on, I kid you not!). The screen was an electroluminescent VGA screen with a fine wire mesh in front of it. It was designed so there were no detectable RF emissions. The company's laptops were also quite rugged. One of the other commercial laptops they made was modified to run on the US space shuttle.

The DOD can have a lot of weird hardware requirements and often the current hardware is what we would consider outdated due to the long development times and how long all the approvals and whatnot took.

Re:Deep State 9

[PopeRatzo]

Most of us know you're just a joker.

One would hope.

My jokes and witty repartee are the reasons I was elected President of Slashdot Comments three times. And I intend to represent all Slashdot commenters, even the haters and losers.

Linux

[stooo]

Use Linux

Re:Are they still using XP?

[thegarbz]

pcmcia cards

I thought these things were a myth.

Re:Are they still using XP?

[rickb928]

You're close, I bet. Proprietary (old) imaging and scanning hardware will not have drivers. Old apps will require these devices.

This isn't unusual for any large organization that standardized on apps. The planning and budgeting is a military problem only when there was a disconnect. Someone should have known this a year ago.

How old are these machines?

[btroy]

My guess is a lot of them are quite old - 10+ years.

Even in Linux, at some point the hardware is just too outdated.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Are they still using XP?

[Eravnrekaree]

OK, I was overexaggerating a bit. If you go further back like ones from 2002 or before I think you'll have more problems