By Perseverance Tavagwisa
we conducted a survey on most Techies near our Harare Office (114A Hebert Chitepo), we were in shock by the number of techies who haven’t migrated to a higher window OS and are still clinging -on Religiously to their outdated Win XP.
agonizingly even after the april 8 official date that was announced by Microsoft that they will no longer provide support for the popular (to some extent) Operating system, it still has not triggered much to them…these are techies who fully know the implications and the adverse results should the system develop a glitch!
we further sort to find out why XP is regarded as the “Holly Grail” of the windows Operating systems!
After april 8, 2014 (which already passed,so its now a reality), technical updates for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date. If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time, but this does not mean that your PC will be secure because Microsoft will no longer be providing security updates to help protect your PC.
Microsoft released XP about 12 years ago and published also a lot of patches in this time (Does this mean that all vulnerabilities were found and fixed? )Most definitely not. As a matter of fact, Microsoft Trustworthy Computing director, Tim Rains, said that the cybercriminals can go so far and even reverse-engineer patches for more modern and supported versions of Windows in order to see what remained unpatched in Windows XP. Even if Windows 7 and 8 are quite different than Windows XP, there is still a lot of code shared between these operating systems.
If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses. You can even install a fresh copy of Windows XP even after April 8th.
now i do not know where the techies are getting their confidence( To Hold on to the defunct Win XP) from…but for those whom i have managed to convince, i have sourced-out a few probable solutions for you :
The best solution is clearly to move away from Windows XP. There are plenty of resources and tutorials in the Internet that explain how to migrate to Windows 7 or 8. But be aware that this might come with additional costs, since these operating systems require better hardware than Windows XP(which may force some individuals to ditcht their P2s and P3s)
Hardening (only if you really can’t afford to migrate at the moment)
Hardening is the process applied to a computer to reduce its attack surface. Reducing the attack surface means identifying and reducing the available ways to attack the computer. Typically this includes the removal of unnecessary software, unnecessary logins and the disabling or removal of unnecessary services (file and print sharing, media center). On a lower level, it means also closing all non-critical ports, removing any not needed driver, ideally, removing the computer from the INTERNET completely!
Also the software that is used must be made as secure as possible. This means run it in a sandbox, run with minimum or completely without extensions, addons or plugins and in general, reduce the functionality which is not strictly needed.
Also the risk created by the one who stays in front of the monitor, the user, must be reduced. Create better passwords, change the default passwords, make them expire after a month. Use an account without administrative rights in order to reduce the damage of an attack happening under your account.
The software that users install must be checked thoroughly from now on, as there is no guarantee that they are backward compatible with an now obsolete operating system. Ideally, use only software created for Windows XP.
Speaking of software, make sure you keep your software (which is the bare minimum needed to do your job) up to date. Don’t use default installed programs like Outlook Express, Internet Explorer, Media Player as they might contain vulnerabilities that can get exploited. The best in this case are Mozilla Thunderbird as replacement for Outlook Express and Chrome or Firefox for replacing Internet Explorer. For Media Player there are thousands of replacements online.
Last, but definitely not least, install and keep updated a security product (anti-virus , hopefully some may provide minimum support)
And if your Windows XP holds business critical information on it (but why would you trust an obsolete operating system with such a task?) then isolate the computer in the network. This means that you should filter the traffic coming from the exterior to your vulnerable computer using some gateway filtering product.
If this fail…Pray!
Another method to continue to run a Windows XP without having to expose it completely is to run it in a virtual machine on an up to date host operating system. This way you have a secure underlying operating system which you can easier protect than the XP.
If you have a PC with XP installed and there are your good old programs that run since many years, there is a solution to virtualize that as well.
Use Disk2VHD from Microsoft to create a virtual hard machine and play it with the free Microsoft Virtual PC under a safer operating system like Windows 7 or Windows 8. This program will create a snapshot of your installed Windows XP, including all programs, registries, files and will clone them in the virtual machine. The result is an identical environment with the real one, only that it is virtual.
In any circumstance, make sure though that even you harden the XP machine, no matter if it is real or virtual
We strongly recommend to migrate from Windows XP!! There is NO WAY to fully protect the operating system anymore. There is nothing (or at least nothing that is economic feasible) that you or security experts can do to protect it.(the creators (microsoft) themselves have made it obsolete…they even went on to invent other systems after xp as an up-grade(to name a few win 7&8)
And don’t think that you necessary have to stick with Windows. If you don’t have to use some legacy software that runs only on XP, think about alternatives. Linux distributions like Ubuntu (and flavours) have become really good as a desktop operating system.
there is nothing mysterious or worth holding onto XP…its simply outdated and OBSOLETE!