The fact that Microsoft is no longer going to maintain and supply patches for Windows XP should not be news to you. When you license (you do not buy it) the right to use software, the supplier maintains ownership to it, including the right to stop updating and supporting it. This is nothing new, nor is it different from other industries. Just think about your car. You pay a premium (at least here in Norway) for the right to own it, and you get to keep paying for maintenance, updates, services for as long as you choose to keep said car. And you are fine with that.
With computer hardware, you buy what you want, and accept a life-expectancy of 3 (laptops) to 5 years, as well as the responsibility and risk of HW failures. All on you.
Why is it different with software, I ask. In fact, we should be very grateful for Microsoft and the other software makers to maintain their software for free for us. As long as THEY decide there is a business case for doing so.
If you are in a situation where you all of a sudden discover that your computers are in risk, because there will be no more updates, I must ask you, beg you, to consider the following question: Where have you been the past decade? You know, as I do, you should have planned for this, because this is not a surprise, nor is it a highly unlikely event. In fact, it is the opposite – it is a planned event, communicated for a long time, together with plenty of opportunity to change platforms (Windows Vista, Windows 7, Windows 8, as well as OSX and variations of *nix).
Stop putting the blame on someone else. Start taking responsibility for your own lack of planning and control.
Yes, there are embedded systems using XP, like ATM´s and some control systems still out there. I have two things to say about those:
1. You never cared too much about updating those until now anyway, so why the noise?
2. There are alternatives. Suck it up, make the investment, move on.
Obviously, if you run your nuclear plant on XP, you are doomed anyway.
Kai Roer | The Roer Group | Senior Partner | @kairoer
To find out more about our panel members visit the biographies page.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.