Today is the day that Microsoft's Windows XP reaches "EOL" (End of Life) status. That means they won't be issuing any more updates for it. If security researchers (good guys), or hackers (bad guys), find vulnerabilities with it, Microsoft won't be issuing a fix for them.
This has been widely covered in the media. Apparently, a third of computers worldwide still use XP.
So the cynics suggest this is just a money-grabbing exercise by Microsoft. They're not selling as much software as they used to (because people use things called tablets), so they need some extra revenue. So they try to force XP users to buy the latest and greatest replacement, Windows 8. (Let's not go there).
The problem is that lots of users are using other old software that won't run on more recent versions of Windows. Other users have old hardware that does not mean the minimum system requirements for Windows 7 or 8. So upgrading is not straight forward. It might mean buying a new PC, buying a new accountancy package, or whatever it is.
I can certainly see why it's unpopular.
But we need to see this from Microsoft's point of view. They have to have an "end of life policy" for their software (how long they will support it for after its successor is launched). Windows XP is subject to the EOL policy in force when it was released, so anyone who bought Windows XP could have known that this was the way it would be. By and large, "it's unfair" means "it's inconvenient to me now", rather than it actually being unfair in any objective sense.
Why do they have to have an EOL policy? Because it costs them money to continue to support XP. People joke about bugs in Windows. The fact is, though, that to fix a known-vulnerability, and to test it thoroughly to ensure that it really is fixed and hasn't caused other problems, takes a team of developers a lot of time. Even if Microsoft are having to fix the same vulnerability in a later version of Windows, "backporting" (as it's known) is not a trivial matter.
Where's the money to come from to pay for this?
People buy software in two ways. One approach is to pay a one-off sum for the software when you first buy it. The other is to pay a monthly or annual subscription to use it.
The second, subscription, model, provides a constant income stream to fund improvements and fixes. The first model gives the company a one-off payment to cover support for the lifetime of the product. Microsoft are moving towards offering a subscription approach. With Microsoft Office you can now either buy (a license to use) the office suite outright, or you can take out a subscription to Office 365. With the latter, you can update to new versions as they come out.
When Windows XP was released (apart from for some large clients), the one-off purchase was the only model. So Microsoft will get no further money to pay for keeping Windows XP patched and secure. They have a business to run. Why should they (their shareholders, or the customers of their current line of products) dip into their pockets to pay for ongoing work on Windows XP? The money has to come from somewhere.
The lesson from all this is that technology marches on. We should expect to have to keep paying something for the software we use as the years pass, either renewing our subscription or paying for a future version. Otherwise we'll be stuck on outdated, unsupported, insecure software - which becomes an open pitch for the hackers (bad guys).
The media will continue to find consumers who think it's unjust and outrageous and Microsoft have pulled the plug on XP. The actual situation is more complex.
If you're using XP, please either consider updating, or realise you are now more vulnerable than before - don't skimp on anti-virus / firewall software, and be extra diligent what links you click on and so forth.
If you're buying new software, it may be worth finding out what the EOL policy is for it.
Footnote for Linux users:
If you've read this far, use Linux, and are feeling smug because Linux doesn't have these problems, please make sure you're not running OpenSSL 1.0.1e. I take it you've heard of the "Heartbleed Bug"? It's real. It's in the wild. And most software vendors have now updated their repositories with patched versions. This stuff isn't just for Windows. It's frightening how many web servers are still running PHP 5.2.x.
Add new comment