End of Windows XP: Who all are at risk

windows

Microsoft will end support for the persistently popular Windows XP on Tuesday.

Microsoft will end support for the persistently popular Windows XP on Tuesday, and the move could put everything from the operations of heavy industry to the identities of everyday people in danger.

An estimated 30% of computers being used by businesses and consumers around the world are still running the 12-year-old operating system.

“What once was considered low-hanging fruit by hackers now has a big neon bull’s eye on it,” says Patrick Thomas, a security consultant at the San Jose, California-based firm Neohapsis.

Microsoft has released a handful of Windows operating systems since 2001, but XP’s popularity and the durability of the computers it was installed on kept it around longer than expected. Analysts say that if a PC is more than five years old, chances are it’s running XP.

While users can still run XP after Tuesday, Microsoft says it will no longer provide security updates, issue fixes to non-security related problems or offer online technical content updates. The company is discontinuing XP to focus on maintaining its newer operating systems, the core programs that run personal computers.

The Redmond, Washington-based company says it will provide anti-malware-related updates through July 14, 2015, but warns that the tweaks could be of limited help on an outdated operating system.

Most industry experts say they recognize that the time for Microsoft to end support for such a dated system has come, but the move poses both security and operational risks for the remaining users. In addition to home computers, XP is used to run everything from water treatment facilities and power plants to small businesses like doctor’s offices.

Thomas says XP appealed to a wide variety of people and businesses that saw it as a reliable workhorse and many chose to stick with it instead of upgrading to Windows Vista, Windows 7 or 8.

Thomas notes that companies generally resist change because they don’t like risk. As a result, businesses most likely to still be using XP include banks and financial services companies, along with health care providers. He also pointed to schools from the university level down, saying that they often don’t have enough money to fund equipment upgrades.

Marcin Kleczynski, CEO of Malwarebytes, says that without patches to fix bugs in the software XP PCs will be prone to freezing up and crashing, while the absence of updated security related protections make the computers susceptible to hackers.

He added that future security patches released for Microsoft’s newer systems will serve as a way for hackers to reverse engineer ways to breach now-unprotected Windows XP computers.

“It’s going to be interesting to say the least,” he says. “There are plenty of black hats out there that are looking for the first vulnerability and will be looking at Windows 7 and 8 to find those vulnerabilities. And if you’re able to find a vulnerability in XP, it’s pretty much a silver key.”

Those weaknesses can affect businesses both large and small.

Mark Bernardo, general manager of automation software at General Electric’s Intelligent Platforms division, says moving to a new operating system can be extremely complicated and expensive for industrial companies. Bernardo, whose GE division offers advisory services for upgrading from XP, says many of the unit’s customers fall into the fields of water and waste water, along with oil and gas.

“Even if their sole network is completely sealed off from attack, there are still operational issues to deal with,” he says.

Meanwhile, many small businesses are put off by the hefty cost of upgrading or just aren’t focused on their IT needs. Although a consumer can buy an entry-level PC for a few hundred dollars, a computer powerful enough for business use may run $1,000 or more after adding the necessary software.

Barry Maher, a salesperson trainer and motivational speaker based in Corona, Calif., says his IT consultant warned him about the end of XP support last year. But he was so busy with other things that he didn’t start actively looking for a new computer until a few weeks ago.

“This probably hasn’t been as high a priority as it should have been,” he says.

He got his current PC just before Microsoft released Vista in 2007. He never bought another PC because, “As long as the machine is doing what I want it to do, and running the software I need to run, I would never change it.”

Mark McCreary, a Philadelphia-based attorney with the firm Fox Rothschild LLP, says small businesses could be among the most effected by the end of support, because they don’t have the same kinds of firewalls and in-house IT departments that larger companies possess. And if they don’t upgrade and something bad happens, they could face lawsuits from customers.

But he says he doesn’t expect the wide-spread malware attacks and disasters that others are predicting – at least for a while.

“It’s not that you blow it off and wait another seven years, but it’s not like everything is going to explode on April 8 either,” he says.

McCreary points to Microsoft’s plans to keep providing malware-related updates for well over a year, adding that he doubts hackers are actually saving up their malware attacks for the day support ends.

But Sam Glines, CEO of Norse, a threat-detection firm with major offices in St. Louis and Silicon Valley, disagrees. He believes hackers have been watching potential targets for some time now.

“There’s a gearing up on the part of the dark side to take advantage of this end of support,” Glines says.

He worries most about doctors like his father and others the health care industry, who may be very smart people, but just aren’t focused on technology. He notes that health care-related information is 10 to 20 times more valuable on the black market than financial information, because it can be used to create fraudulent medical claims and illegally obtain prescription drugs, making doctor’s offices tempting targets.

Meanwhile, without updates from Microsoft, regular people who currently use XP at home need to be extra careful.

Mike Eldridge, 39, of Spring Lake, Mich., says that since his computer is currently on its last legs, he’s going to cross his fingers and hope for the best until it finally dies.

“I am worried about security threats, but I’d rather have my identity stolen than put up with Windows 8,” he says.

 

Advertisements

GadgEts n MobilEs: First impressions: Nokia Lumia 630

Nokia Lumia 630

Nokia announced the new Lumia 630 on the sidelines of Microsoft’s BUILD coference.

At its Build 2014 conference, Microsoft unveiled the next iteration of its mobile operating system, Windows Phone 8.1. The event also saw Nokia announce three new mobile phones that will run on the new OS — Lumia 630, Lumia 635 and Lumia 930. Windows Phone 8.1 brings a number of new features in order to catch up with Google’s Android and Apple’s iOS including a centralized notification tray which Microsoft calls Action Centre, voice assistant Cortana, tweaks to the home screen and updated native apps, among others. — See more at: GadgEts n MobilEs: First impressions: Nokia Lumia 630.

As new Microsoft CEO makes entrance, Sony mulls PC exit

Sony has been one of the top laptop players in the Windows market. But the Japanese company is now in talks to sell off the Vaio line.

The day Microsoft announced a new CEO, word came from Japan that Sony is trying to exit PCs.

Whatever Sony ultimately does, it’s a clear signal one of the top brands doesn’t see PCs running Microsoft software as an attractive market anymore.

“Sony’s planned sale of its personal computer operations underscores how far this business has fallen in the eyes of Japanese and U.S. manufacturers,” an editorial said in Japan’s Nikkei on Wednesday.

Sony established the Vaio brand in 1996 when Microsoft and Windows 95 ruled the world. At Sony’s peak, it shipped close to 900,000 units a year. In 2013, it’s expected to ship fewer than 600,000 units, according to IDC estimates.

Not surprisingly, the impetus for the expected sale is financial. The company’s consumer electronics operations — of which the Vaio PC line is a part — continues to operate in the red and it PC group is facing an operating loss, according to Japan-based reports.

Sony wouldn’t be the first Japanese player to bow out of the PC business. NEC, once Japan’s top domestic PC brand, handed over control of its PC business to Lenovo in 2011.

And even Lenovo, which is vying with Hewlett-Packard to be the No. 1 global PC maker, is putting increasing emphasis on smartphones these days, evidenced by its planned purchase of Motorola’s handset business.

By selling the Vaio PC business, Sony intends to accelerate its shift to smartphones. And Microsoft has acknowledged this global shift in its own way with the purchase of Nokia’s mobile devices unit.

Will Nadella appointment weigh on debate over tech visas?

In what some might call an advertisement for the classic story of an immigrant pursuing the American dream, Redmond’s new boss, Satya Nadella, was born in Hyderabad, India. Now he’s running Microsoft.

In his first e-mail to Microsoft employees in his newly-minted role as chief executive, Satya Nadella included a brief but important section titled, “Who am I?”

Over the last week especially, the world came to know a lot more about the executive, after the news was leaked that Nadella was the expected choice for the company’s top job. But still, a dark horse he was, beating out splashier choices like former Nokia CEO Stephen Elop and Ford CEO Alan Mulally. So we’ve still got a lot to learn about the new leader in Redmond.

His answer is only a few lines long, and he mentions basic points: 46 years old, married for 22 years, three kids. “So family, curiosity and hunger for knowledge all define me,” he wrote.

But also important to the story is his personal journey as a naturalized US citizen from his familial home in Hyderabad, India, which coincidentally also happens to be the home of the largest Microsoft research and development center outside the US.

As the debate over immigration reform and work visas has heated up in the tech industry, the fact that someone born and partly educated in India is now CEO of Microsoft is sure to be seized upon by proponents of issuing more H-1B visas as being in America’s enlightened self interest. Sure, there are other Indian-born tech CEOs, like Shantanu Narayen at Adobe and Sanjay Mehrotra at Sandisk, but taking the top job at Redmond is an outlier.

“Microsoft is in another class. Apple, Google, Microsoft — these are the few companies defining the future of tech,” said Venktesh Shukla, president of TiE Global, a venerable Silicon Valley organization closely associated to the South Asian business community (Vinod Khosla of Khosla Ventures is a charter member). Nadella was even a keynote speaker at the organization’s annual TiECon conference last year. Pepsi, helmed by the Indian-born Indra Nooyi, is another example of one of those preeminent global companies.

In the 2012 fiscal year, more than 135,000 people were issued H-1B visas, a type of visa that allows US employers to temporarily employ foreign workers in “specialty occupations” — fields like engineering, biotech, education or law, according to the US Bureau of Consular Affairs. The heads of many of the world’s largest tech companies have called for an increase of the cap in H-1B visas, the idea being to attract the brightest minds in the world to work in the US. Critics are opposed to raising the cap during an era of high unemployment, arguing that plenty of US tech workers are still looking for jobs.

To that last point, Vivek Wadhwa, the veteran entrepreneur and outspoken Stanford professor who’s written frequently on the topic, said that it is not a zero sum game: If a company like Microsoft has a good leader, then it will be adding jobs, he argues. “It should reinvigorate [the debate],” he said. “If the most qualified person for the Bill Gates job was a foreign-born person, it says something about immigration. We would have been reducing the pool.”

Of course, the state of immigration in the US is utterly complicated, and can’t be illustrated by one person’s success. For one, Shukla concedes that things have changed a lot since Nadella first came to the US, likely on a student visa. (“The lines for green cards are a lot longer now,” he said.) But he said Nadella’s appointment illustrates the kind of impact intelligent, foreign-born people can have.

According to Reuters India, Nadella’s father was a member of elite government organizations under the country’s prime minister. Growing up, he attended the prestigious Hyderabad Public School. Later, Nadella attended Mangalore University, studying electrical engineering. He then moved to the United States to get his masters degree in computer science from the University of Wisconsin-Milwaukee, then another master’s in business administration from the University of Chicago. After that, Nadella went to work at Sun Microsystems before joining Microsoft in 1992.

Nadella’s ascension to Microsoft’s helm also sheds light on other issues. In a business climate where companies have been scrutinized over racial and gender diversity — especially recently — it’s a rare appointment. According to Fortune, only 23 of all Fortune 500 CEOs are minorities, a term that includes African Americans, Asians, and Latin Americans.

In the tech industry, things are statistically a little better for people of Indian decent. Wadhwa cites his own research, which says that as of 2012, of all companies in Silicon Valley that have a foreign-born CEO or chief technologist, over 33 percent of them were founded by Indians.

But that track record could be undone without proper reform, he said. “How many more Nadellas are there that are being turned away?”