I’m writing this column the week after Microsoft officially discontinued support for Windows XP. About 28 percent of all computers worldwide still run it. Here, in my not especially Luddite town in Massachusetts, the public library, my kids’ school and my bank all run it. The British and Dutch governments still run it, as does the U.S. Internal Revenue Service—our tax dollars at work. Microsoft just can’t kill this thing off, no matter how hard it tries and how much the company wishes it could.
I remember the release of XP in 2001. Developers rejoiced that the consumer and industrial versions of Windows had finally merged. We no longer had to develop two versions of all our applications, one for Windows 95/98 and one for Windows NT. Life was improving.
That was a very long time ago in this industry. My first daughter, now 14, had just mastered walking and was starting to chase our poor cat around the house (“No, Annabelle, Simba’s tail is not a handle”). PCs had no obvious rivals—smartphones and tablets didn’t exist. Mobile connectivity meant Wi-Fi in the hotel lobby. Amazon was just starting to get big. Social media meant an online bulletin board. The world was a friendlier, less-dangerous place.
Microsoft tried to replace XP with Windows Vista starting in 2007, but the new Aero UI turned off a lot of people, and the need to replace hardware to run it didn’t help. The Great Recession didn’t do Vista any favors, either. The User Account Control (UAC) prompts were unpopular, and still are today. (Has any user ever clicked No, even once, in the history of the universe? I call upon Microsoft to release statistics of how many exploits UAC has prevented versus its cost in users’ time, as I discussed in my July 2011 column, “When Security Doesn’t Make Sense,” msdn.microsoft.com/magazine/hh288087.)
When the old XP hardware finally does break, its owners will naturally rethink their current needs. A full PC was the only viable option in 2001. But today, my library could get along just fine with a $199 Chromebook for its catalog browser, using the money saved to buy more Kindle books to lend out.
Microsoft says it won’t release any more security updates for XP, except for those aforementioned large, high-paying clients. I’ll be curious to see how that plan holds up when the next big breach occurs. It’s one thing for Microsoft not to develop updates: “Sorry, we just don’t build fixes for that. We don’t build them for your buggy whip, either. Here’s a discount coupon for an upgrade.” It’s another thing entirely to develop updates and then withhold them when the next Heartbleed hits the fan: “Yep, we’ve got that fixed, but we’re only giving it to the tax man, not you.”
We’ll probably keep bumping into XP now and again, kept running with third-party patches, string and chewing gum. We’ll probably pause a moment to marvel at it, as we do at old DC-3 airplanes hanging around airports. (Buffalo Airways still uses them for scheduled passenger service between Yellowknife and Hay River in northern Canada. For your bucket list, perhaps?) The Second Law of Thermodynamics dictates that we’ll see fewer XP systems every year.
For an XP recessional, I’ll give the last word to General Douglas MacArthur, whose farewell address to Congress in 1951 could describe any once-ubiquitous, now-receding technology:
“I still remember the refrain of one of the most popular barrack ballads … which proclaimed most proudly that ‘Old soldiers never die; they just fade away.’ And like the old soldier of that ballad, I now close my military career and just fade away, an old soldier who tried to do his duty as God gave him the light to see that duty. Good-bye.”
David S. Platt teaches programming .NET at Harvard University Extension School and at companies all over the world. He’s the author of 11 programming books, including “Why Software Sucks” (Addison-Wesley Professional, 2006) and “Introducing Microsoft .NET” (Microsoft Press, 2002). Microsoft named him a Software Legend in 2002. He wonders whether he should tape down two of his daughter’s fingers so she learns how to count in octal. You can contact him at rollthunder.com.
I too can vouch for the "No" on UAC - I've used it a few times, I know of others that have also. The new security model introduced in Vista was WAY overdue, not to mention it partially covers Microsoft's liability. "You were specifically asked if you wanted this program to modify your computer and you still said YES" sounds a lot better than "You inadvertently double clicked on something and it stole all your credit card details". Vista's new security model was good, it was the implementation that lacked polish. Most of that was corrected with Vista R2 (or Windows 7 as it was called commercially). In terms of dropping support for XP? Yes, it fills me with dread on the one hand because plenty of users are still running it. On the other hand, I completely understand not wanting to support an OS that was released 13 years ago. XP users now have to pay the piper or move on.
How about asking different questions: 1) How many users (in terms of percentage) have turned off UAC completely to avoid the hassle? 2) Of these users, how many have regretted at least once because of get bitten by malware? Regardless of how people feel about MS's decision to discontinue support of XP, I find MS a pretty enlightened company simply because it allows articles like this to get published in its official magazine. Contrast this with google or facebook, where all you can do is +1 or like something, never to -1 or hate anything. I'd say MS promotes fairness and openness, whereas FB and GOOG encourages people/organizations to self-promote and stifle different opinions.
I have clicked NO on a UAC prompt many times over the years since Vista. UAC is truly the last line of defense against malware. To bad most users just don't care. JamesNT
On UAC, I have clicked "No" a few times. On one occasion, that stopped malicious Java applet (exploiting JVM vulnerability) from taking over my computer. Thanks to UAC, all I had to do was delete a few files under Users folder instead of reinstalling the OS. With proper settings, UAC pops up only with the software installations, which means it is fully tolerable. Sure, David may well be right that I am an exception to the rule. However, I believe it is fair to give the users a chance to stop these exploits by being vigilant, regardless of the mainstream user behavior represented by the statistics.
More MSDN Magazine Blog entries >
Browse All MSDN Magazines
Subscribe to MSDN Flash newsletter
Receive the MSDN Flash e-mail newsletter every other week, with news and information personalized to your interests and areas of focus.