Although widely known in IT circles for the last couple years, the "death of XP" [as it's been dubbed] yesterday still caught most computers users unaware. Moreover, the words "XP is Dead" is scaring the bejezus out of people. We are going to take a few minutes and break down what it means for you, whether you're a home user, or a business user.

Will my XP computer stop working?

xpisdead_new_shRelax. No. Your computer won't suddenly stop turning on and leave you staring at a  black screen with no idea how to go forward from here. In fact it will work exactly like it did yesterday, and will continue to work exactly like it did yesterday, unless it dies from some other problem - bad hard drive, virus corruption, etc. Nothing about the death of XP means your computer wont' work anymore.

What does it mean then?

The answer sounds very innocuous but has severe repercussions across the world. The shortest answer is there will be no more updates released for your computer's operating system. Microsoft has been releasing patches for XP since it hit the market 12 years ago. As of April 8, 2014 they simply said they weren't going to do it anymore. Every operating system has a timeline of how long the manufacturer will support it. XP has reached the end of its timeline. It's called a Lifecycle. The official lifecycle for all current windows operating systems is as follows:

  • Windows XP
    • Mainstream Support Ends: April 14, 2009
    • Extended Support Ends: April 8, 2014
  • Windows Vista
    • Mainstream Support Ends: April 10, 2012
    • Extended Support Ends: April 11, 2017
  • Windows 7
    • Mainstream Support Ends: January 13, 2015
    • Extended Support Ends: January 14, 2020
  • Windows 8
    • Mainstream Support Ends: January 9, 2018
    • Extended Support Ends: January 10, 2023

There you go. Now you can't be surprised the next time this comes up. You've been forewarned and forearmed. Let's get back to the "no support" thing  and what it means for you.

hackerThere are hundreds of thousands of people out there on the internet that seek nothing more than to find ways to take advantage of others. Let's agree on that much. Maybe they simply want to break your computer, or have it display popups to porn sites for fun. Maybe they want to steal your personal passwords, or financial data. There are too many reasons to list why they do it. They just do it. The way they do it is by finding little chinks in the armor of your operating system. These are called exploits. To put it in terms non-geeks would understand, the ability of a car-thief to steal a 1984 pickup truck with nothing more than a bent coat-hanger is an exploit. They found way to break in using a design flaw in the automobile. How did automakers respond? They made changes to future vehicles that make it so that won't work, by creating electronic locks or moving the lock mechanism so a coat hanger can't get to it.

Microsoft has that same ability except they don't have to wait until a new version comes out. They can re-write the code of your XP computer to close that loophole. It's referred to as a patch, or an update. When they have a whole huge tremendous amount of patches they fix at once they call it a service pack. Some of you remember those little screens that showed "4 updates need to be installed" on the Windows Update screen. It might surprise you to know that XP has been patched over 500 times since it was released. That's not because it had 500 broken features on day one. Instead, new technologies that have evolved have revealed problems that didn't exist before, so they had to release a patch to fix it.

After 12 years, Microsoft has finally had to make the decision to stop patching the operating system and focus on improving their newer technologies. You can't really blame them in all honesty. Many of you out there use Quickbooks or Quicken for your personal finances. You don't call up Intuit and yell at them for not updating your copy of Quickbooks 2001 do you?  Business people have learned that Quickbooks supports a program for two years after release. After that it's up to you to update to a more recent version if you want to continue to get support. Microsoft is probably the only company on the planet that has still been working to update a 12 year old product. Eventually, they had to simply stop. The code base isn't worth the time and money it takes them to continue to patch it. After all you haven't been able to purchase XP since 2009, so why continue to write code to a product you're not making money on? You're simply devoting millions of dollars and hundreds of thousands of man-hours to something no one has paid a dime for in the last five years. Make sense?

Ok, so you understand there are no more patches, and WHY there are no more patches. How do you go on from here and what do you do?

There are a few solutions out there for you.  I'm going to highlight a few of them.

  1. Buy a new computer: No, that's not the answer anyone wants to hear, but in all honesty it's the cheapest solution long term. The computers today are made with dual and quad core processors, hundreds of times more power than the best XP computers ever made, and they're relatively cheap compared to what they used to be. A good-value computer that will last a business user 5 years can be purchased for $750 or less all day long. If you're just a home user with internet and email needs, you can pick up a cheap desktop or laptop for $399. (Don't call me about them, because we don't want to work on junk computers. If you bought the bottom of the barrel new computer, chances are you don't want to pay me $65 an hour to fix it for you. Otherwise you'd have bought a $750 computer and you wouldn't need the support anyway.)
  2. Keep using the one you have: I'll get into more on this in a minute, but for home users there's really no reason you can't continue to use the one you have. You DO have to be more careful though. Again, read on to find out why.
  3. Get protection for the XP computer you have: Just because there are no more security fixes for XP doesn't make it worthless, but it does make it vulnerable. At Twisted Networx, we have a lot of clients, expecially in the medical and legal communities, that are forced to run XP on computers because their vendor doesn't support anything else. For example, one of our veterinary clinic customers has an X-Ray program that will only be supported if it's on XP. That was no problem when the clinic adopted the radiograph program in 2008, but what about now? The clinic either has to continue to keep that XP computer around or decide to change X-Ray vendors and spend $30,000 on a new program plus $5K a year in licensing. It makes sense that they want to keep that XP computer now doesn't it? (Let's leave aside that fact that no responsible vendor on the planet should still be requiring XP for their customers. That's deplorable, but isn't the customer's fault.) The point is, MANY businesses, especially small ones, are at the mercy of a tool they need that isn't available on newer computers because the company that made it back in 2006 has since gone belly-up and there's no cost-effective alternative.   If you find yourself in this predicement, it's OK. XP CAN still be protected, but it requires a little more diligence.

Why XP is Dangerous Now:

The massive amount of media hype surrounding the retirement of XP  has painted a huge target on the back of every XP user. Basically the entire IT support world just said "If it gets hacked, we ain't fixing it anymore!"

opportunityWhat does that say to the hacker community?  If I were a black-hat hacker, that tells me I have a fat juicy target to attack that no one will be protecting except for the person behind the keyboard and it's doubtful they know enough to stop me. XP vulnerabilities  (exploits) have been discovered almost every month of the year for the last 12 years. Within a couple days notice of the problem, Microsoft fixed it. They won't be doing that anymore. The very next nasty exploit that's discovered will be a field-day for hackers because no one will be fixing the bug. They'll have carte-blanche to do whatever damage they can with no fear of the bug ever being corrected by Microsoft or anyone else.

How can XP be protected?

With the retirement of XP also comes the retirement of Microsoft's Anti-Virus engine, known commonly as Microsoft Security Essentials. You just found out XP is no longer getting support and you're losing Microsoft's antivirus protection at the same time. What in the world do you do?

No internet work on your XP computers!

No internet work on your XP computers!

First, you can use the self-reliant approach of not using a business XP computer for web-browsing. Use it for file storage or whatever you've been using it for, but stop going online with it. If it can be re-purposed into a computer that doesn't need internet at all, even better! If it can't get online, it can't get infected easily. (Notice I said "easily"... it's still not impossible, just less likely.)  If you just use it to scan x-rays and transfer the x-rays to the server, great. Just don't go playing on Facebook with it. While you're at it, avoid all the common vectors for infection. Don't open PDF files on it, don't access documents on any server or workstation that you aren't 100% sure have been virus-scanned before being put on the network shares, etc.  Basically just treat the computer like you would a human with no immune system - don't expose it to anything you don't have to that can make it sick.

Secondly, you can apply some non-Microsoft tools to protect yourself. For example, our antivirus engine (and yes, I'm going to toot my own horn here) protects against just about everything out there as fast as it gets created. So just because you're not getting computer updates doesn't mean we can't virus scan your data with the newest virus detection technology. Our managed antivirus solution works just fine on XP. If you want to take the sanctimonious approach of taking the advice but going elsewhere for the service, feel free. We won't stop you. Just be sure you get a product you trust, because you're literally betting the value of your data on it.

Web Filter blocking a malicious web site.

Web Filter blocking a malicious web site.

Third, and definitely highest on my list, is to put SOME FORM of web-browsing protection on your computer. I'm not going to tell you what to use. That's for you to choose. I will tell you our web-filtering technology coupled with our anti-virus protection gives you rock solid defense, even against cryptolocker - the worst virus to ever hit the net. We do that by locking down what your XP computer can and can't visit online. We can block almost everything that would give a hacker a vector into your computer. No Facebooking on the company XP computer. No pintersest, tumblr, bittorrent, porn, online gaming, online casinos, coupon printing, or other dumb stuff that gets people infected. We can literally lock down your XP computer to the point that it's as safe (as it can be) until you decide to purchase something new when you have the funds or ability to do so.  IF you know you're going to keep the computer and you know someone is eventually going to do something on it they shouldn't, this is the only line of defense that makes sense.

What's the cost? Its $15 a month for managed antivirus and web-filtering for all computer systems. We don't offer web-monitoring only for XP effective April 9, 2014 because we won't take on the liability of another vendor's antivirus product. We stand behind our own. Yes, Windows 7 and 8 computers can get web-monitoring only, but XP requires both.

Again, if you want to contact your own IT vendor, or computer guy, please do. Just get SOME kind of protection. Device protection ranges from $5-$50 per month and appliance protection ranges from $1,500 to $10,000 per location depending on the way you choose to implement. (Makes our $15 a month sound a lot more attractive doesn't it? By all means though, please go shop around first. It's much easier to talk about the service AFTER clients know you're not lying to them.)

This XP thing hit me by surprise. Now I'm Worried. What do I do?

If you're a business that didn't know this was coming, you are in one of two scenarios.

  1. You don't have an IT guy at all. This is YOUR fault. If you'd had one or a firm to handle this kind of stuff for you, they would have told you sometime within the last five years they've known about it that you needed to be preparing for this.
  2. You have a "computer guy" that you need to fire. If your $12/hour computer guy didn't tell you and try to warn you to death about this for the last half a decade, he deserves to be flipping burgers somewhere far away from an internet connection. This is NOT news. Our industry has been plagued with this knowledge for years now. We've known since at LEAST April of 2009 - thats the month that XP started being VERY hard to come by (legally.)

Time for the Hard Truth - Planning for next time.

The hard truth is, and maybe nobody has explained it to you yet, that computers have a life cycle. And even more important than the computer itself is the software on it. Anyone that's been in business (and I mean ACTUAL business, not sitting with 1 XP computer on a $30 desk in the dank back room of your bookstore) should already know this. Everything you have in your business has a depreciable lifespan. If you don't know what I mean, ask your accountant. They've probably already told you this.

  • QuickBooks has a lifespan of two years if you use ANY of their pay-as-you-go services (Payroll, credit card processing, etc.) You're forced to buy a new copy every two years if you want to keep using those features because they decided at a corporate level to stop investing time and money into QuickBooks 2011 when it's 1/3 of the way through 2014. If you want payroll through QuickBooks, it's a 100% guarantee that you have at least QuickBooks 2013 as of the date of this article.
  • Microsoft Office will eventually get replaced with a new version. Yes, some of you are beating your employees to death like idiots making them use Office XP when there so many hundreds of ways to make their workflow more productive in Office 2010 and Office 2013, but you don't ever see it because you neither know how to use it properly or don't value your employee's time even though they're an overhead cost you continue to pay for daily. You think you're saving $100 per computer. No, you're being stupid and wasting employee time that costs you MUCH more than that per year, but no one will have the courage to tell you that. We do. We don't want stupid clients. We want clients who value our opinion because this is what we do. If you had the sense to run your network as well as I do, then you'd be the network engineer instead of a doctor or lawyer. Lose the idea that your mastery of twitter and emoticons makes you the master of the desktop experience. It doesn't.
  • Your Windows OS has a life span of about three years. Whether or not you upgrade it, you will most likely have to have it refreshed or re-installed due to some problem or another. That's not a fact per-se, but it's a good average across the industry. By the time your OS is three years old, it's probably so bloated with junk you've installed and uninstalled over the previous years that you'd save the money you'd spend on reinstalling it three times over in just increased performance alone. Imagine if you gained 10 seconds every time you opened a browser, 30 seconds every time you opened Adobe Acrobat, and 45 seconds every time you opened QuickBooks, not to mention 1-2 minutes every time you reboot. Within a month, you could quite easily be gaining 2+ hours of productive time. My time is worth a lot of money, both to me and my clients. If I can operate FASTER, then I can operate more efficiently and get more done for more people. The same holds true for ANY business that relies on computers. This is one of the things we do in new client interviews. We simply walk around and watch the staff for a whole day, looking at how they interact with the computer, how they file and process paperwork, and glance at our watch a lot. We're not worried about missing the next episode of NCIS (ok, maybe I am). We're counting how long mundane tasks take up from your day. We have a client with 5 doctors and 22 support personnel. In less then three months we managed to spend a LOT of that client's money. The net effect was almost 1 hour per day per employee gained in productive time-saving through technology. (That's 27 billable hours per day they saved. That's 135 hours a week they can spend billing or working instead of stupid trivial filing crap they had been doing. That's roughly equivalent to $81,000 a year in payroll they got back with about $10,ooo of expense, meaning our bill paid itself off in the first 40 days.)
  • Stop buying shitty computers. I don't know how else to say it. We had two clients about three months ago (and I hope they smile when they read this) that told us they needed to buy a new computer. They told me what they were going to get. I very patiently told them they were looking at it wrong. Spending $400 on a business computer is the most stupid mistake you can possibly make.I priced them one that was about $600, not what I wanted them to get, but one that wouldn't break the bank either. They bought the $400 one.I then spent 3 hours working on it, when I could have literally spent 45 minutes working on the faster one. My bill to them was $195 for 3 hours of my time.

    If they'd spent the extra $200 on the better computer, my bill would have been about $32.50. Now, they're going to have to pay me more EVERY time I have to work on that computer because it's slow as molasses. It's brand new.. but slow because it's a crappy computer. Heads-up people... there is NO SUCH THING as a $400 business computer.  In reality, I wouldn't give a $400 computer to my nine year old. It's not worth the time and maintenance it takes to keep it running. If it were, we wouldn't have any managed services clients! Over the life-span of that computer in the first year alone it will cost them about $200-$300 more for labor on that machine.  Much of this is fresh in my mind because I just performed a massive amount of 8.1 upgrades last night. The $750 computers we recommended took about an hour. The $400 computers too almost 5 hours to upgrade from 8.0 to 8.1.Save your checkbook for hardware, not labor. If you DON'T spend it on hardware (which YOU get to enjoy) you WILL spend it on labor (which people like me get to enjoy.) Think about it!

So, what are the highlights to take away from this post:

  • You got surprised that this was coming. Don't let it happen again.
  • Budget between $200-$300 per year per computer for upgrade/repair costs. No, you might not have to spend a dime of that the first or second year, but you'll likely have to spend ALL of it on the third year when you replace the thing.
  • If you're in business and running XP, for god's sake get a trusted consultant to help you fix the problems you have and get your systems protected.
  • No, we don't want to sell 150 new managed-services customers with 1 computer each. If you've got 5 or more, then it's worth the conversation. If you have 10 or more, we're interested. If you have 25 or more, we can start talking now. Call us any time. Otherwise, call your local "computer guy" because you'll likely balk at the up-front consulting charge anyway.
  • If you're still sitting at home complaining about how unfair it was that Microsoft stopped supporting a product that stopped being sold five years ago, you really have no concept of business economics and don't need to own a computer.
  • And finally, yes.. I don't care what your vendor told you - ANY program that was designed to run on XP will run on Windows 7. It was designed that way with it's original 32-bit architecture. That's WHY it was originally designed with a 32-bit architecture. Spend $100 and get the upgrade.

Thoughts, questions, comments? Leave 'em below.