Re: [CODE4LIB] Windows XP EOL
I have to admit, I still have a Windows ME machine at home, on a big ole HP box. Its not on the network, I primarily use it to backup DVDs. So the originals don't go out to the car. Been so long since I used it I don't know if it will work on recent DVDs and don't have blue ray player or writer. On my MacBook Pro I run Fedora 12, Fedora 16, Win 7, Win 8, GOS, Win XP, Chrome_OS, Ubuntu904Desktop, OpenVAS, CentOS, ReactOS, Android Live, and 3 other instances of Win 7 in Fusion. TMGB Sent from me, not an iThing, droid or other, just me Support Requesthttp://portal.support.appstate.edu Thomas McMillan Grant Bennett Appalachian State University Operations Systems AnalystP O Box 32026 University LibraryBoone, North Carolina 28608 (828) 262 6587 Library Systems http://www.library.appstate.edu Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact this office immediately by return e-mail or at 828-262-6587, and destroy the original transmission and its attachment(s), if any, if you are not the intended recipient. On Mar 5, 2014, at 3:37 PM, Marc Truitt wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/05/2014 04:16 PM, Thomas Bennett wrote: Happy 14.x birthday XP. Now that you have reached the ripe old age of 14+ the Death Panel says No Go, bye bye. Indeed. While I've used Linux as my primary desktop since the 1990s, XP is my hands-down fave Windows flavor. Stable (by M$ standards) and comparatively undemanding of resources (again, in the Windows sense). I still run a copy in a VM under Linux for those things that refuse to imbibe Wine and that I simply must have available. Perhaps that's why several contributors to this thread have suggested that M$' EOL declaration aside, why give it up? XP, I'll miss ya... cheers, - - mt - -- * Marc Truitt University Librarianvoice : 506-364-2567 Mount Allison Universitye-mail : mtru...@mta.ca Libraries and Archives fax: 506-364-2617 49 York Street cell : 506-232-0503 Sackville, NB E4L 1C6 A pattern has emerged in which holders of academic posts related to Internet studies tend to join in the acceptance or even the celebration of the decline of the creative classes' levees. This strikes me as an irony, or an anxious burst of denial. Higher education could be Napsterized and vaporized in a matter of a few short years. -- Jaron Lanier (2013) Wearing the sensible shoes proudly since 1978! * -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTF4r8AAoJEPzj7kQh8LzLA4IIAKuu8BOHERmMJpwwr4AD1ax0 tlSuFx3ePXiGSZ+StbxVRienk0yyjufCnYfRiFUUugvFLsGGnigW7NBvwQciSOG/ KzvsiLQhFIAGPicWSSWBv59YLUB1ZaXfgMN+NlYowQrwG/uA56olhH7bhJkuSrwA hH3SFrueAvyp+F5ciIDIoI9GxFVurKvCxB67u3alvNSDPVd0MRMZn7FC6ynXzvdd en7AhfQPhsXFJ/PSZVZuMMYxAmzFFx7oLR3c/4GfjTdAgI5FaQN5fYojq0Aj8ELs Ivvel8m58WlMjLE52pnFeH6Qd43mK7U07qHfyxJ9ZSDlwVNxo4hSOM8BlSMb+kY= =Bz7n -END PGP SIGNATURE-
Re: [CODE4LIB] Windows XP EOL
Why not setup your XP boxes to use a private network (10.x.x.x or 192.168.x.x) and put them behind a heavily fire walled NAT solution. Could be setup on the network level or with a router and a linux box running IP tables. Lots of ways to do it. Install and keep updated Firefox or Chrome, lock down the machines so that users don’t have permissions to install anything, and setup a whitelist of programs that are allowed to be run (takes a little bit of work, but its very doable. We did this in WVU Libraries on all our machines [500 or so], public and staff, until we got our virtualized desktops in place). You can’t disallow Internet Explorer from running, but you can limit the websites that it is allowed to visit. You could even go as far as only allowing it to connect to the local host, but likely anything ‘on campus’ would be fine. I’m assuming you are using some sort of image management solution (Ghost, at the very least). So once you get an image setup it shouldn’t be that bad to maintain and deploy. And if something does become exploited, you can can re-image the machine. Configure the NAT to not allow any traffic to come from that private network other than ports 80 and 443 (and any other legitimate port that you need). that way if a machine does become compromised it can’t do (much) harm outside of your private XP network. If you need AD authentication you can set that all up in the ACLs for the network as well so that they can only contact a specific authentication server. If you absolutely needed to you could even put an auth server on the same private network that has a trust back to your main auth servers. Put 2 network interfaces in it and it can live on 2 networks so you don’t have to poke a hole through your private networks ACLs to get back to the main auth servers. Its not an ideal situation, but if you can’t afford new machines and you absolutely need to keep your XP machines running there are ways of doing it. But at what point does it become cost prohibitive with your time compared to investing in new hardware? If you don’t do something though, you’ll be spending all your time rebuilding compromised XP boxes eventually. Michael Bond mb...@the-forgotten.org On Mar 4, 2014, at 4:55 PM, Riley Childs rchi...@cucawarriors.com wrote: Not to stomp around, but 1 hour is a LONG time for an unpatched computer, especially when in close proximity to other unpatched computers! DeepFreeze is great, but it is not a long term solution, also starting next week you will get a nag screen every time you login telling you about the EOL. Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: Benjamin Stewartmailto:benjamin.stew...@unbc.ca Sent: 3/4/2014 4:46 PM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Hello everyone (I have been in IT for 25+ years, k-7 for 15 years and now 10 months UNBC Library) If I worked for an organization that did not have the money to go either replacement Win7 or Linux desktop for usability issues. I would contact Faronics and get a deal for educational licenses to install Deepfreeze. Then setup all workstation basic accounts and to reboot if idle for 1 hour. (and shut down, startup between set times) Deepfreeze also has a remote console to unfreeze and refreeze for maintenance to the workstation. (e.g. browser updates flash adobe) This in hand with PDQ deploy/inventory works very nice. (Basic version free) Last option would (no possible for most places) contact the Dell official lease site via direct or eBay. (there is a Canada and US supplier) You can by nice 780 Dell with win7 pro for about $140 with shipping. Some companies like Dell of HP have be know to also donate to non-profit. ~Ben System Administrator Geoffrey R. Weller library UNBC, BC Canada PH (250) 960-6605 benjamin.stew...@unbc.ca On 2014-03-04, 11:12 AM, Ingraham Dwyer, Andy adw...@library.ohio.gov wrote: I would not be surprised if there were black hats out there sitting on exploits they've discovered, waiting until *after* April to release malware that takes advantage of them. -A Andy Ingraham Dwyer Infrastructure Specialist State Library of Ohio 274 E. 1st Avenue Columbus, OH 43201 Tel: 614-644-6849 library.ohio.gov Please contact my supervisor with any feedback regarding my customer service. -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Justin Coyne Sent: Saturday, March 01, 2014 8:35 PM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security
Re: [CODE4LIB] Windows XP EOL
You’d be amazed at what you can do with port 80/443 access, so while that is a deterrent, it is not a solution that will make any guarantees that the machines cannot do anything nefarious. Adding a proxy server in front of the machines with a whitelist of allowed web sites instead of NAT would go further, but at the end of that day you’re still talking about taking a 14 year old operating system that is no longer supported and connecting it to the internet. -- Andrew Anderson, Director of Development, Library and Information Resources Network, Inc. http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | http://www.facebook.com/LIRNnotes On Mar 5, 2014, at 7:20, Michael Bond mb...@the-forgotten.org wrote: Why not setup your XP boxes to use a private network (10.x.x.x or 192.168.x.x) and put them behind a heavily fire walled NAT solution. Could be setup on the network level or with a router and a linux box running IP tables. Lots of ways to do it. Install and keep updated Firefox or Chrome, lock down the machines so that users don’t have permissions to install anything, and setup a whitelist of programs that are allowed to be run (takes a little bit of work, but its very doable. We did this in WVU Libraries on all our machines [500 or so], public and staff, until we got our virtualized desktops in place). You can’t disallow Internet Explorer from running, but you can limit the websites that it is allowed to visit. You could even go as far as only allowing it to connect to the local host, but likely anything ‘on campus’ would be fine. I’m assuming you are using some sort of image management solution (Ghost, at the very least). So once you get an image setup it shouldn’t be that bad to maintain and deploy. And if something does become exploited, you can can re-image the machine. Configure the NAT to not allow any traffic to come from that private network other than ports 80 and 443 (and any other legitimate port that you need). that way if a machine does become compromised it can’t do (much) harm outside of your private XP network. If you need AD authentication you can set that all up in the ACLs for the network as well so that they can only contact a specific authentication server. If you absolutely needed to you could even put an auth server on the same private network that has a trust back to your main auth servers. Put 2 network interfaces in it and it can live on 2 networks so you don’t have to poke a hole through your private networks ACLs to get back to the main auth servers. Its not an ideal situation, but if you can’t afford new machines and you absolutely need to keep your XP machines running there are ways of doing it. But at what point does it become cost prohibitive with your time compared to investing in new hardware? If you don’t do something though, you’ll be spending all your time rebuilding compromised XP boxes eventually. Michael Bond mb...@the-forgotten.org On Mar 4, 2014, at 4:55 PM, Riley Childs rchi...@cucawarriors.com wrote: Not to stomp around, but 1 hour is a LONG time for an unpatched computer, especially when in close proximity to other unpatched computers! DeepFreeze is great, but it is not a long term solution, also starting next week you will get a nag screen every time you login telling you about the EOL. Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: Benjamin Stewartmailto:benjamin.stew...@unbc.ca Sent: 3/4/2014 4:46 PM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Hello everyone (I have been in IT for 25+ years, k-7 for 15 years and now 10 months UNBC Library) If I worked for an organization that did not have the money to go either replacement Win7 or Linux desktop for usability issues. I would contact Faronics and get a deal for educational licenses to install Deepfreeze. Then setup all workstation basic accounts and to reboot if idle for 1 hour. (and shut down, startup between set times) Deepfreeze also has a remote console to unfreeze and refreeze for maintenance to the workstation. (e.g. browser updates flash adobe) This in hand with PDQ deploy/inventory works very nice. (Basic version free) Last option would (no possible for most places) contact the Dell official lease site via direct or eBay. (there is a Canada and US supplier) You can by nice 780 Dell with win7 pro for about $140 with shipping. Some companies like Dell of HP have be know to also donate to non-profit. ~Ben System Administrator Geoffrey R. Weller library UNBC, BC Canada PH (250) 960-6605 benjamin.stew...@unbc.ca On 2014-03-04, 11:12 AM, Ingraham Dwyer, Andy adw...@library.ohio.gov wrote: I would
Re: [CODE4LIB] Windows XP EOL
On Mar 5, 2014, at 12:16 PM, Andrew Anderson wrote: but at the end of that day you’re still talking about taking a 14 year old operating system that is no longer supported and connecting it to the internet. Happy 14.x birthday XP. Now that you have reached the ripe old age of 14+ the Death Panel says No Go, bye bye. TMGB Sent from me, not an iThing, droid or other, just me Support Requesthttp://portal.support.appstate.edu Thomas McMillan Grant Bennett Appalachian State University Operations Systems AnalystP O Box 32026 University LibraryBoone, North Carolina 28608 (828) 262 6587 Library Systems http://www.library.appstate.edu Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact this office immediately by return e-mail or at 828-262-6587, and destroy the original transmission and its attachment(s), if any, if you are not the intended recipient.
Re: [CODE4LIB] Windows XP EOL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/05/2014 04:16 PM, Thomas Bennett wrote: Happy 14.x birthday XP. Now that you have reached the ripe old age of 14+ the Death Panel says No Go, bye bye. Indeed. While I've used Linux as my primary desktop since the 1990s, XP is my hands-down fave Windows flavor. Stable (by M$ standards) and comparatively undemanding of resources (again, in the Windows sense). I still run a copy in a VM under Linux for those things that refuse to imbibe Wine and that I simply must have available. Perhaps that's why several contributors to this thread have suggested that M$' EOL declaration aside, why give it up? XP, I'll miss ya... cheers, - - mt - -- * Marc Truitt University Librarianvoice : 506-364-2567 Mount Allison Universitye-mail : mtru...@mta.ca Libraries and Archives fax: 506-364-2617 49 York Street cell : 506-232-0503 Sackville, NB E4L 1C6 A pattern has emerged in which holders of academic posts related to Internet studies tend to join in the acceptance or even the celebration of the decline of the creative classes' levees. This strikes me as an irony, or an anxious burst of denial. Higher education could be Napsterized and vaporized in a matter of a few short years. -- Jaron Lanier (2013) Wearing the sensible shoes proudly since 1978! * -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTF4r8AAoJEPzj7kQh8LzLA4IIAKuu8BOHERmMJpwwr4AD1ax0 tlSuFx3ePXiGSZ+StbxVRienk0yyjufCnYfRiFUUugvFLsGGnigW7NBvwQciSOG/ KzvsiLQhFIAGPicWSSWBv59YLUB1ZaXfgMN+NlYowQrwG/uA56olhH7bhJkuSrwA hH3SFrueAvyp+F5ciIDIoI9GxFVurKvCxB67u3alvNSDPVd0MRMZn7FC6ynXzvdd en7AhfQPhsXFJ/PSZVZuMMYxAmzFFx7oLR3c/4GfjTdAgI5FaQN5fYojq0Aj8ELs Ivvel8m58WlMjLE52pnFeH6Qd43mK7U07qHfyxJ9ZSDlwVNxo4hSOM8BlSMb+kY= =Bz7n -END PGP SIGNATURE-
Re: [CODE4LIB] Windows XP EOL
On Mar 5, 2014, at 15:37, Marc Truitt mtru...@mta.ca wrote: Perhaps that's why several contributors to this thread have suggested that M$' EOL declaration aside, why give it up? XP, I'll miss ya... XP: The new DOS 3.3? -- Andrew Anderson, Director of Development, Library and Information Resources Network, Inc. http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | http://www.facebook.com/LIRNnotes
Re: [CODE4LIB] Windows XP EOL
Just curious, why can't you do that in your lab? Those operating systems are the right price, that's for sure Jeff Dycus Library Specialist, Electronic Resources University of Kentucky William T. Young Library 500 S. Limestone Lexington, KY 40506-0456 (859) 218-0678 jeff.dy...@uky.edu -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Riley Childs Sent: Sunday, March 02, 2014 12:19 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Smart, too bad we can't do that in our learning lab! Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: John Palmermailto:writing2...@gmail.com Sent: 3/2/2014 12:14 AM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL We are migrating our oldest machines (Pentium, 64-128Mb, 30gb hdd) to TinyLinux. Our Pentium and Celeron machines with 256 Mb, 100gb machines are going to Xubuntu. Anything below 4GB RAM is going to Ubuntu 12.04 4GB+ goes to Windows 7. On Saturday, March 1, 2014, Justin Coyne jus...@curationexperts.com wrote: They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edujavascript:; wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comjavascript:; wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
Don't get too excited. IE8 is still the default browser in Windows 7. At the university where I work, upgrading to IE 9+ is not part of the base images, and users are left to upgrade on their own. Public machines still have IE 8. I am trying to get this fixed but no luck yet. Apparently, too many apps depend on IE 8 and don't work with newer versions. :( Josh Welker -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Michael Schofield Sent: Monday, March 03, 2014 8:59 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL I'm kind of looking forward to exploiting XP EOL. Central IT is 86'ing all XP machines university-wide, which has the benefit that there will be no machines at the university using Internet Explorer 8. The EOL for IE8 is a little ambiguous and will continue to receive support from Microsoft, but for the library the big percentage of IE8 traffic (which all together is less than 7%) is from university staff. I'm already hemming and hawing and pulling stats together to see if I can make a case to drop aesthetic support for Internet Explorer 8 by April 2014, or at least by the end of 2014. Aesthetic, of course, doesn't mean functional, but it just means that IE8 users get the site as rendered before any media queries, and I'll pull IE-specific stylesheets and polyfills unless they're important (like form elements). Here's hoping the remaining IE8 traffic is low enough to fall below our threshold :). I'll throw a party. Michael Schofield / ns4lib.com -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Riley Childs Sent: Sunday, March 02, 2014 12:19 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Smart, too bad we can't do that in our learning lab! Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: John Palmermailto:writing2...@gmail.com Sent: 3/2/2014 12:14 AM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL We are migrating our oldest machines (Pentium, 64-128Mb, 30gb hdd) to TinyLinux. Our Pentium and Celeron machines with 256 Mb, 100gb machines are going to Xubuntu. Anything below 4GB RAM is going to Ubuntu 12.04 4GB+ goes to Windows 7. On Saturday, March 1, 2014, Justin Coyne jus...@curationexperts.com wrote: They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edujavascript:; wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comjavascript:; wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
While I am a big FLOSS advocate, the students are K-7 and I have zero experience with folder redirection for AD auth On 3/4/14, 10:48 AM, Dycus, Jeff A jeff.dy...@uky.edu wrote: Just curious, why can't you do that in your lab? Those operating systems are the right price, that's for sure Jeff Dycus Library Specialist, Electronic Resources University of Kentucky William T. Young Library 500 S. Limestone Lexington, KY 40506-0456 (859) 218-0678 jeff.dy...@uky.edu -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Riley Childs Sent: Sunday, March 02, 2014 12:19 AM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Smart, too bad we can't do that in our learning lab! Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: John Palmermailto:writing2...@gmail.com Sent: ?3/?2/?2014 12:14 AM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL We are migrating our oldest machines (Pentium, 64-128Mb, 30gb hdd) to TinyLinux. Our Pentium and Celeron machines with 256 Mb, 100gb machines are going to Xubuntu. Anything below 4GB RAM is going to Ubuntu 12.04 4GB+ goes to Windows 7. On Saturday, March 1, 2014, Justin Coyne jus...@curationexperts.com wrote: They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edujavascript:; wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comjavascript:; wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
I would not be surprised if there were black hats out there sitting on exploits they've discovered, waiting until *after* April to release malware that takes advantage of them. -A Andy Ingraham Dwyer Infrastructure Specialist State Library of Ohio 274 E. 1st Avenue Columbus, OH 43201 Tel: 614-644-6849 library.ohio.gov Please contact my supervisor with any feedback regarding my customer service. -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Justin Coyne Sent: Saturday, March 01, 2014 8:35 PM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edu wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.com wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
Hello everyone (I have been in IT for 25+ years, k-7 for 15 years and now 10 months UNBC Library) If I worked for an organization that did not have the money to go either replacement Win7 or Linux desktop for usability issues. I would contact Faronics and get a deal for educational licenses to install Deepfreeze. Then setup all workstation basic accounts and to reboot if idle for 1 hour. (and shut down, startup between set times) Deepfreeze also has a remote console to unfreeze and refreeze for maintenance to the workstation. (e.g. browser updates flash adobe) This in hand with PDQ deploy/inventory works very nice. (Basic version free) Last option would (no possible for most places) contact the Dell official lease site via direct or eBay. (there is a Canada and US supplier) You can by nice 780 Dell with win7 pro for about $140 with shipping. Some companies like Dell of HP have be know to also donate to non-profit. ~Ben System Administrator Geoffrey R. Weller library UNBC, BC Canada PH (250) 960-6605 benjamin.stew...@unbc.ca On 2014-03-04, 11:12 AM, Ingraham Dwyer, Andy adw...@library.ohio.gov wrote: I would not be surprised if there were black hats out there sitting on exploits they've discovered, waiting until *after* April to release malware that takes advantage of them. -A Andy Ingraham Dwyer Infrastructure Specialist State Library of Ohio 274 E. 1st Avenue Columbus, OH 43201 Tel: 614-644-6849 library.ohio.gov Please contact my supervisor with any feedback regarding my customer service. -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Justin Coyne Sent: Saturday, March 01, 2014 8:35 PM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edu wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.com wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
Next week - we'll likely see Mac, Android, and (hopefully) Windows 8.1 sales spike! On Tue, Mar 4, 2014 at 1:55 PM, Riley Childs rchi...@cucawarriors.comwrote: Not to stomp around, but 1 hour is a LONG time for an unpatched computer, especially when in close proximity to other unpatched computers! DeepFreeze is great, but it is not a long term solution, also starting next week you will get a nag screen every time you login telling you about the EOL. Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: Benjamin Stewartmailto:benjamin.stew...@unbc.ca Sent: 3/4/2014 4:46 PM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Hello everyone (I have been in IT for 25+ years, k-7 for 15 years and now 10 months UNBC Library) If I worked for an organization that did not have the money to go either replacement Win7 or Linux desktop for usability issues. I would contact Faronics and get a deal for educational licenses to install Deepfreeze. Then setup all workstation basic accounts and to reboot if idle for 1 hour. (and shut down, startup between set times) Deepfreeze also has a remote console to unfreeze and refreeze for maintenance to the workstation. (e.g. browser updates flash adobe) This in hand with PDQ deploy/inventory works very nice. (Basic version free) Last option would (no possible for most places) contact the Dell official lease site via direct or eBay. (there is a Canada and US supplier) You can by nice 780 Dell with win7 pro for about $140 with shipping. Some companies like Dell of HP have be know to also donate to non-profit. ~Ben System Administrator Geoffrey R. Weller library UNBC, BC Canada PH (250) 960-6605 benjamin.stew...@unbc.ca On 2014-03-04, 11:12 AM, Ingraham Dwyer, Andy adw...@library.ohio.gov wrote: I would not be surprised if there were black hats out there sitting on exploits they've discovered, waiting until *after* April to release malware that takes advantage of them. -A Andy Ingraham Dwyer Infrastructure Specialist State Library of Ohio 274 E. 1st Avenue Columbus, OH 43201 Tel: 614-644-6849 library.ohio.gov Please contact my supervisor with any feedback regarding my customer service. -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Justin Coyne Sent: Saturday, March 01, 2014 8:35 PM To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edu wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.com wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
[CODE4LIB] Windows XP EOL
Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes
Re: [CODE4LIB] Windows XP EOL
Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comwrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
I sorry to hear about vipre. However, not all AV providers are ending support so soon. --jimm On Sat, Mar 1, 2014 at 6:11 PM, Riley Childs rchi...@cucawarriors.comwrote: But they ARE a security risk, our AV (vipre) is ceasing support for windows XP, so we really don't have a choice, besides I was presently surprised when I pushed out a windows 8 image to the wrong box and it ran fine (dell deminision 2400s and a really old optiplex) Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: Jimm Wetherbeemailto:j...@wingate.edu Sent: 3/1/2014 5:59 PM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.com wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes -- --
Re: [CODE4LIB] Windows XP EOL
They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edu wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.com wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
We are migrating our oldest machines (Pentium, 64-128Mb, 30gb hdd) to TinyLinux. Our Pentium and Celeron machines with 256 Mb, 100gb machines are going to Xubuntu. Anything below 4GB RAM is going to Ubuntu 12.04 4GB+ goes to Windows 7. On Saturday, March 1, 2014, Justin Coyne jus...@curationexperts.com wrote: They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edujavascript:; wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comjavascript:; wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
Re: [CODE4LIB] Windows XP EOL
Smart, too bad we can't do that in our learning lab! Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes From: John Palmermailto:writing2...@gmail.com Sent: 3/2/2014 12:14 AM To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Windows XP EOL We are migrating our oldest machines (Pentium, 64-128Mb, 30gb hdd) to TinyLinux. Our Pentium and Celeron machines with 256 Mb, 100gb machines are going to Xubuntu. Anything below 4GB RAM is going to Ubuntu 12.04 4GB+ goes to Windows 7. On Saturday, March 1, 2014, Justin Coyne jus...@curationexperts.com wrote: They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches. Doing so will give them an idea about how to exploit the problem the patch was for. They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP. Even if you have a AV, people can exploit your machine without using a virus. Is that a risk you want to accept? -Justin On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee j...@wingate.edujavascript:; wrote: Just because MS won't support XP any more doesn't mean those machines are instantly useless or a security risk come April 8th. We will not be doing anything with our lab computers until Summer because they are too old to run Windows 8 but we cannot do without them. --jimm On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs rchi...@cucawarriors.comjavascript:; wrote: Hi, I wanted to hear how people are dealing with the Windows XP End-of-Life (if anything at all :( Personally I am migrating the computers that can run it to Windows 8 (we ran out of 7 licenses and someone (years ago) bought SA, but that's another story), and when April 7th comes around: throw anything we can't use away (sigh). Riley Childs Student Asst. Head of IT Services Charlotte United Christian Academy (704) 497-2086 RileyChilds.net Sent from my Windows Phone, please excuse mistakes --
