Practically speaking, how will Windows XP end of life affect me?
March 30, 2014 12:26 PM   Subscribe

I run some really old voice recognition software that will not run on newer versions of Windows, and have resisted upgrading all this time because the newer versions don't work as well for my various disabilities. Is there anything I should be doing now to prepare for Windows XP end of life? Unlike previous questions here on the green, I want to continue connecting to the Internet.
posted by Soliloquy to Computers & Internet (17 answers total) 9 users marked this as a favorite
Well, there will be security risks. Here are some things you can do now to decrease them, although they will not disappear:

- Use an alternate browser, not IE
- Use Adblock+ and NoScript and only allow javascript as needed on a case by case basis
- Use an alternate e-mail client, not any type of Outlook
- Install a hosts file
- Make sure that you are behind a firewall (can be software or hardware)
posted by Too-Ticky at 12:35 PM on March 30, 2014 [3 favorites]

Keep in mind that those are all great suggestions, but you could do all that and still be shit out of luck.

Windows XP is 13 years old and End Of Life means that on April 8th there will be no more patches or updates of any kind ever again.

We do not know exactly what kind of vulnerabilities will be discovered and exploited, but you can bet that hackers will descend on the OS like a swarm of locusts.

You could take all the precautions in the world and still get screwed.

Anyone who is security minded would tell you that connecting an unsupported and vulnerable OS to the internet at large is a recipe for disaster.

Upgrade! Upgrade. Please upgrade.
posted by kbanas at 12:46 PM on March 30, 2014 [6 favorites]

Can you try and install the software on a machine running 7 but set the compatibility settings back to Windows XP to see if it will work?
posted by deezil at 12:56 PM on March 30, 2014 [1 favorite]

The use of a virtual machine XP in Windows 7 Pro is one way of dealing with the situation. You could also try setting up your applications using the Wine process on a Linux based machine - that would be my first choice.
posted by ptm at 1:25 PM on March 30, 2014 [2 favorites]

I am indeed also looking into the feasibility of upgrading with other people who need to run their computers completely hands-free, but any such switch to a new computer and OS will certainly not be possible before April 8 (if at all).
posted by Soliloquy at 1:37 PM on March 30, 2014

make the account you actually use the machine on a user account, not an administrator account. anything that absolutely must run as admin gets a "run as". google around how to actually disable logins to the admin account so it can only function as a run as.

i'm aware that many programs abuse the requirements for this and will break in weird ways when not run as admin, but this will make a HUGE security difference. an enormous portion of malware abuses the fact that there was no UAC in XP, and that everyone runs as admin.

That said, i would put this up there with driving an 80s car with no airbags or modern safety features. It's not old enough to be something historic/interesting, and the reasons to figure out what you'd need to do to upgrade outweigh the pluses of soldiering on even if you take effort to reduce the risks or at least be mindful of them. You can guarantee that every type of hacker out there is popping wood thinking about this, because TONS of systems especially in china and other places outside the US(not like there isn't a ton here, but still) run XP. Zero days will never be patched. Within six months there's definitely going to be a stack of forever-open backdoors in XP.

As it is, if you install XP from an SP1 disk it will be rooted within minutes of being online(I think there's even a youtube video of someone demonstrating this). This will, very soon, be the default state for XP. The no running as admin thing is a bandaid, but a bandaid won't really help for too long with arterial bleeding, so to speak.

I tried to straight-on answer your question as best as i could, but this is a bit of a "How do i best light my clothes on fire for a comedy bit? I want to use normal clothes" type of question.
posted by emptythought at 2:15 PM on March 30, 2014 [1 favorite]

Seconding emptythought that if you haven't already, set up a limited/standard (non-administrator) user account for your day-to-day use of the computer. If there is only one user account on the computer now, you'll need to add another, to have one of them be the limited account (you always need to keep at least one administrator user account). I think this article explains it pretty well (but doesn't include Windows 8 instructions).

(And an up-to-date antivirus program, of course - there are some good free ones, including Avast.)

As a longtime XP holdout, I like Windows 7 and hope that other answers might help you figure something out to make things work with a newer system for the long run.
posted by hsieu at 2:33 PM on March 30, 2014

As it is, if you install XP from an SP1 disk it will be rooted within minutes of being online

While this is true, this is mostly because XP didn't get a built in firewall until SP2, and it was way too easy to get access to services that should never have been exposed to the open internet.

So that's step 1. Make sure you have a real router with a firewall blocking all inbound connections by default. This should be the default setup anyway, but if you're using a PPPoE connection to get just that PC on the internet, you'll need to stop and get a router. Also have a good, continuously updated anti-virus and security package. Kaspersky internet security is pretty good, but there are a number of others.

Step 2 is factor in your areas of attack, and mitigate them as best you can. Your browser and its plugins are the biggest attack vector. IE8 is getting very old, and will receive no more patches. Use a browser that will be supported and patched for the mean time. Chrome will continue to work on XP until April 2015. Firefox has no current end-date for XP support. Ideally get rid of flash and java, as they are often zero-day attacked themselves, and will probably be used to take advantage of unpatched XP flaws for more serious attacks. You're probably going to have to give up internet banking from this computer - if your machine is compromised and you don't know it, you're taking a hell of a risk. The same goes for putting in your credit card details to buy things.

You also want to protect the rest of your system from your browser. A sandbox app, like sandboxie is one option that prevents your browser from making changes to the system; another is to use a system rollback tool, like deepfreeze, to restore your system to a known good state on reboot.

You could even run a more modern OS like windows 7 in a virtual PC (virtualbox is free) and use that to access the internet, rather than do it from XP directly. I suspect though that that won't work properly with your voice recognition software, so is probably impractical.

Step 3 is eliminate other vectors. Email, USB flash drives and network shares are the next biggest risks. If you're not already using web-based mail from a major provider, it's probably worth the switch. Any locally hosted anti-virus that scans your email will not be sufficient, as it often does not find new attacks fast enough. Even JPEGs have been used as attacks via email, so this will be the hardest thing to protect on your machine I think.

Step 4 - back up your personal files often - at least daily - and don't leave the backups attached to your computer. Also backup the system itself, and be able to restore from said backups via CD boot or the like. You may need to go back quite a way if you're infected, as you may well not spot it immediately, thus keeping your system and data backups separate.

Encrypting your files when hacked, and then ransoming them back to you is already a thing, and I expect such incidents to rise substantially on XP. Be prepared to nuke the system from orbit and restore if you have to.

Step 5 - research alternative accessibility software that fits your needs and does work on newer versions of windows (or OSX, or linux) and switch as soon as you can, as the highest urgency. With XP EOL, plenty of other software is also going to stop support soon, not least antivirus and browsers. The writing has been on the wall for XP for a number of years. It's 13 years old, and things are only going to get worse for keeping it running. Your goal is not to keep XP running indefinitely, but only run it as long as you absolutely must.
posted by ArkhanJG at 2:59 PM on March 30, 2014

There are issues discussed above, but there is another thing to be aware of.

As Microsoft fixes security issues in newer versions of Windows, those wanting access to your system or info will test Windows XP to see if the same exploit exists there. Since Microsoft will no longer patch XP, the door is wide open for them. In some ways, patching newer versions of Windows tells them were to look or what to do in XP to get into your system.
posted by Leenie at 3:06 PM on March 30, 2014

I'm going to say there will (soon or eventually) be no way to run XP safely on the Internet.
That being said, add FlashBlock to @Too-Ticky's list above. Also, unless you absolutely MUST have it, uninstall Java if it's installed now.
posted by cnc at 3:22 PM on March 30, 2014 [1 favorite]

Not to discount the suggestion to upgrade but as a reality check XP will not just shutdown on the 8th. Beef up firewalls, double check that backups are running but it's not a drop dead date.
posted by sammyo at 3:42 PM on March 30, 2014 [1 favorite]

If you find you can upgrade to newer hardware, I've found the built-in voice recognition of Windows 7 amazingly good. I haven't used it as my only interface, but it's so much better than the dedicated voice recognition software I had with XP some years back.

In the meantime, follow ArkhanJG's advice: step one is to make sure you have a real router with a firewall blocking all inbound connections. And all the other suggestions above...
posted by anadem at 4:17 PM on March 30, 2014

ptm: "The use of a virtual machine XP in Windows 7 Pro is one way of dealing with the situation. You could also try setting up your applications using the Wine process on a Linux based machine - that would be my first choice."

I'd suggest this route, assuming the software will run in Wine. You can check their AppDB, which uses a rating system to classify whether the software runs well. If you'd like some assistance with this, MeMail me. I'd be happy to help.
posted by spiderskull at 4:32 PM on March 30, 2014

I have no idea whether this is true, but the rumours I've read about the upcoming ReactOS announcement is that they will be announcing a "ReactOS XP" so to speak. Essentially trying to capture some of the XP users who don't want to upgrade but still want a supported operating system. ReactOS is an open source re-implementation of Windows based on Wine. Might be something worth keeping an eye on.
posted by Poldo at 5:19 PM on March 30, 2014 [1 favorite]

What are you running that depends on Windows XP?

There are chances that it may work on newer systems, or a virtual machine, or a Wine-like implementation, but it's hard to give a definite answer without knowing what you're running. Voice recognition is one of those things that requires specific weird aspects of the OS to be supported.
posted by Ashlyth at 11:03 PM on March 30, 2014

Now would be the time to find out whether your preferred voice recognition stuff runs satisfactorily on a virtual Windows XP machine. If it does (and it probably will) then you no longer need to care what OS is hosting the virtual machine - if you use a cross-platform virtual machine host like VirtualBox or VMWare Player, the host could be Windows 7 (don't go for 8, it's a pig) or Linux or OSX; really doesn't matter. And you can easily transfer your virtual XP installation from computer to computer when you need to replace failing hardware just by copying a few (large) files.

You can run XP in a VM indefinitely and perfectly safely, provided you use the VM management software's snapshots feature correctly. Once you have a clean XP installation set up the way you want it, create a snapshot of it. Then whenever you "power down" the VM, tell the management software to revert it to the snapshot. That way, anything nasty that does get installed while you're using XP - even really nasty things like rootkits that install themselves on obscure corners of the hard disk outside the filesystem - will simply disappear.
posted by flabdablet at 11:28 PM on March 30, 2014

Malwarebytes has said that they will continue support for XP indefinitely.
posted by getawaysticks at 7:22 AM on April 1, 2014 [1 favorite]

« Older Good Examples of Collected Journalism   |   Accomodations in Toronto and Stratford Newer »
This thread is closed to new comments.