Welcome to the Post-XP world, but how on earth did we get here?

Welcome to the Post-XP world, but how on earth did we get here?

Summary: The end of Windows XP support was almost as hyped as the Y2K bug, but it's hard to see any rational reasons why so many organisations stuck with an antique operating system long past its use-by date


There hasn't been such a build-up of pointless excitement since the Year 2000 bug threatened to destroy civilisation as we know it. Of course, Microsoft ending support for its aged and insecure Windows XP operating system never threatened anything like that, regardless of the XPocalypse-style billing. The real risks are in the longer term, and will probably affect large enterprises and governments. Or at least, those are the ones that will be reported.

There is a real risk that malware creators will be able to exploit XP, but it remains to be seen how well its users will be able to defend it. The fact that they couldn't manage a relatively simple (in most cases) upgrade on time, even when given almost seven years advance warning, suggests not.

The idea that specific applications are preventing upgrades doesn't hold much water. Yes, in a survey of 250 IT Decision Makers from large companies published yesterday by Camwood, a specialist in software management and migration, 33% blamed "application incompatibilities". However, competent IT managers would have known they had a problem when their programs didn't run on the new architecture introduced with the beta version of Windows Vista in 2005. Did they test them? Did they — and their software suppliers — think any problems would magically go away? This defies logic.

Competent IT managers must also have realised that persisting with Windows XP was costing them money, and that they would have increased productivity by upgrading to Windows 7 as soon as possible. It just works better. It's more stable, more resilient, better at multitasking, needs far fewer reboots, and is more resistant to malware. And if they have a deal like Microsoft's Software Assurance, the upgrade wouldn't cost them anything.

Why IT directors didn't upgrade

By upgrading to Windows 7 as soon as possible (2009), companies could have run the same OS version for 11 years, because Windows 7 support ends in 2020. Instead, many apparently chose to spend up to 13 years on the inferior operating system, and six years or less on the superior one. The fact that some IT managers are still claiming — on Camwood's numbers, see chart right and below — that "Windows 7 cannot adequately support my organisation" (28%) defies logic. Do any of them actually believe that?

Further, it's unlikely that many of the PCs still running XP are more than five years old, because PC hardware tends to start failing after five years. Since Windows 7 came our more than four years ago, most of these PCs were designed to run Windows 7, or at least Vista. Why did companies downgrade them to XP? Just replacing old XP machines with new Windows 7 machines would have accomplished the required upgrade in a seamless fashion. Indeed, Microsoft provided a free copy of XP with Windows 7 Pro so that companies could do this by running virtual copies of XP to cover the odd out-of-date program.

Historically, corporate IT departments and government services have tended to insist on a single operating system to reduce support costs, and if so, I'd love to see the numbers. How did the savings in support measure up against the lost productivity, and the huge cost of either upgrading to Windows 7 in a hurry (when migration specialists were in short supply and consequently expensive) or, yesterday, running through the buffers?

In any case, the insistence on "a single operating system" went out of the window a couple of years ago, when BYOD (Bring Your Own Device) gained traction. Are we supposed to believe it would have been impossible to run XP and Windows 7 side-by-side when it's apparently possible to support Windows PCs, Macs, tablets and several incompatible types of smartphone? Really?

Although the XPocalypse will not have any immediate effects — XP will continue working normally, until it's hacked — it's obvious that we are now in an era of constant and accelerating change. Most operating systems and browsers will not stay the same for five or 10 years, and many will be upgraded once a year or perhaps even more frequently. Not even Microsoft is operating on a three-year cycle: witness the speed with which Windows 8 was followed by Windows 8.1 and then yesterday's Windows 8.1 Update 1.

The speed of change is even more rapid with online services, which can change every few months — usually for the worse.

According to Camwood's report, 90% of these IT managers believe that the pace of change is accelerating, and 72% find this "unsettling". However, "93% also agree that, in the new IT environment, a flexible IT infrastructure is key to their organisation’s success". (To be picky, the pace of change has been accelerating for decades, but many of them were ignoring it.)

What's driving the need for more agility in corporate IT? The survey says it's things like Big Data (65%), cloud-based services (50%), BYOD (41%), and users demanding the consumerisation of IT (24%). In this context, upgrading from Windows XP to Windows 7 doesn't sound like a big deal, does it?

Camwood's CEO, Adrian Foxall, says in a statement: "The death knell of Windows XP probably marks the last great ‘monolithic’ migration event. The new norm will be constant, successive change, due to ever-closer OS releases, and rapidly changing IT strategies and delivery methods. IT departments must be quick to react to this brave new world. Those who fail will rapidly fall by the wayside."

Camwood's white paper, How to adapt to the accelerating pace of IT, is available free. A link will be sent to the email address you provide.

Read more on Windows XP

Why IT directors didn't upgrade
Why IT directors claim they didn't upgrade Windows XP. Source: Camwood's white paper, How to adapt to the accelerating pace of IT


Topics: Windows, IT Priorities

Jack Schofield

About Jack Schofield

Jack Schofield spent the 1970s editing photography magazines before becoming editor of an early UK computer magazine, Practical Computing. In 1983, he started writing a weekly computer column for the Guardian, and joined the staff to launch the newspaper's weekly computer supplement in 1985. This section launched the Guardian’s first website and, in 2001, its first real blog. When the printed section was dropped after 25 years and a couple of reincarnations, he felt it was a time for a change....

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • The sky is falling! The sky is falling!

    "Competent" IT managers may have simply done the risk calculation and said, "Not worth the trouble."

    Case in point, (not a hypothetical, but actual scenario.)

    I know a company that uses an XP machine to render a final file format used by a manufacturing device: this is a hardware solution, and it needs the proprietary file format sent to it to do any work at all.

    The XP device that front ends it has no software but the OS and the custom rendering application. Nobody logs into the machine, it just sits there. Network segmentation keeps the machine away from the Internet.

    Now - is there a risk? Yes, in the sense that there's always a risk.

    Is it a great risk?

    No. The IT in this case have weighted their pros and cons, and found that the cons are small enough to override the trouble of replacing the whole automated manufacturing process, an investment that was worth hundreds of thousands when it was done, is probably amortized, but nonetheless still usefully functional.

    I think too many people are heavily invested in seeing their favourite IT vendors picking up some coin, and not looking as carefully as they should at the calculus some people are making. Risk mitigation is very, very important.

    But it isn't everything.
    • Agreed

      If the PCs off the web and the USB ports are disabled then there is very little risk. However, PCs like that are not showing up in NetMarketShare statistics, so they don't count.
      Jack Schofield
      • Nice click-bait work

        The PCs that are showing up in NetMarketShare statistics are probably people who are at risk of losing nothing that matters. Businesses weren't the only people who bought computers with Windows XP installed.

        To say that people who haven't upgraded from Windows XP because they lack time management skills is ridiculous...do you wish to be taken seriously or is it all about the clicks?
      • But they should count, Mr. Schofield.

        I only use two machines on the internet, but have 27. This week I cycle all the machines through their updates, completing my last XP updates (since they will be the last), today. I use all the machines, refuse to network them (though I can easily do it). Not many are like me, having so many machines. But many are like me in having multiple machines, using only one for internetting. Because, it's just a simpler thing to do.

        Enterprises can afford IT departments. Your smaller company, cannot (and it's small business which generates the most job growth). So we the owners, do all the IT work ourselves. Or, we have an uncle or sister or cousin to do it for us. We the accountants, the lawyers, the sales reps or doctors, are in the millions. And we stay on XP, are about 50% of the user base, not 27%, and we aptly find Windows 7 and 8, horrific and dysfunctional.

        So instead of condemning us for not wanting to increase our prices to our clients, to spend ALL our free time trying to make the later iterations of the OS work properly, why not just pass on fixes at a price? Oh, no, that would be a SANE AND PROFITABLE BUSINESS MODEL, so MSFT won't do it.

        Pity. But someone will do it, and over the next year or so we'll find out who. Because the new horrible business model of MSFT, is to make the timeline for change, even shorter, viz the new five-week, gun-to-your-head rule for those daft enough to have deployed Win8.1 .

        Past is prologue. Computing used to be fun and productive, and is now a nightmare. All this future was avoidable, but hey: MSFT hates us, that's the only logical conclusion.
        • whateve

          Yes, but you are paranoid. That is not how networks are configured.

          Only 2 computers on the internet? This isn't 1996.
        • Windows 7 ... horrific and dysfunctional?

          Your financial argument for XP made good sense, until I read your unusual thoughts about Windows 7. Now I suspect your entire comment.
        • No brainout, MS doesn't hate you, I believe it's you that fears the future

          MS is not beholden to those that fear the future, and the change that goes along with it, which sounds like you. And the majority should not be held back because of the minority.

          How old are you, if I may inquire?

          And no, not many are like you with multiple machines, and only one for the Internet.

          And here's the curious thing - you have 27 sophisticated, computerized (expensive?) manufacturing machines, and yet claim you can't afford IT Help? As such you're upgrading each manually, one by one?

          I disagree in that a company your size has the owners d1oing the work themselves. A great many outsource to local companies, paying inexpensive service contracts, not much different then the contracts that you have for your manufacturing machines.

          You sound like that guy clinging to his 32 ford because engines "made sense" back then, and it wasn't a chore to work on when something went wrong, because he fears that which is doesn't understand. The reason computing is a "chore" for you is that the technology and capabilities have changed past your point of understanding.

          Many here could have your business functioning much more smoothly in no time, without the need for 27 expensive hardware or software upgrades, just using some up-to-date knowledge, and the addition of a couple of items.
          • Oh, for crying out loud. MS isn't some prophet

            leading us out of the wilderness. They are a company. They reason they dropped support for XP is because they want people to pony up for an upgrade. It really is no more complicated than that.
          • Yes, its far more complicated then that

            Well, if nothing changed in the OS, then sure, I'd agree.

            But you see, your assumptions are totally wrong - it really is different how it runs underneath it all, as the speeds, and other things prove that without any doubt. If it were fundamentally the same, it would run the same, which it doesn't.

            Not even close.

            So no, it's not the same, and it's not cost effective to continue to work on a product that has changed so much in 13 years in a vain attempt to keep it "up to date".

            Case in point - Linux. It's totally free, so there is no incentive to try and get someone to "upgrade" their OS, yet the make drastic changes to the point that old is not compatible with new, to the point they won't support older versions

            So what's their excuse? It can't be for money, right?

        • I NEVER updated XP... :)

          why?? I NEVER used IE or outlook, did not even touch other awful stuff like mediaplayer, etc..
          there is far better stuff like Opera, Firefox, VLC, Klite media, and a lot of older stuff I used to use before that arrived..

          I am shocked that people still blindly use IE, it is like using a low speed three-wheeler, when there are equally priced more luxury vehicle about!!

          Even If you do not use IE, the main content of updates are to plug the many holes in IE, etc!!!

          and if machines are not connected to the net, why bother updating them??
          • Update XP and IE if connected at all

            I assume you are just trolling, but just incase you are not:

            You are right if you are not connected to any network, patches are not nearly as important even though some do improve stability. And when I say any network I mean any network including internal and sneaker-net -- so be careful with USB / CDs/ Floppys.

            IE on XP shipped with a very old version and the highest you can upgrade it is IE. IE 8 was huge improvement over older versions, but compared with newer builds, they have made even more improvements. Usually I see people blindly using Firefox these days, just installing it first thing even though I consider Firefox in recent times to be less secure and stable than IE. (That is a big change, I used to spend a lot of time assisting the Firefox project in its early days).

            But the main reason to patch if you are connected to the network, even IE, is that it is a system component that is than used by other software. Just because you are not running IE does not mean other software that you are using does not use it as well. You want it patched for that reason.
          • And the updates to Opera, Chrome etc.?

            What about the regular updates to Chrome, Opera and Firefox? I suppose those are to plug security holes in the underlying OS, right?

            Have you even used IE lately? On my tablet it is the only usable browser. It is fast and scales well. Firefox is a real sloth in comparison, it crawls along and isn't very touch friendly.
        • Microsoft is setting the timeline for change.

          Dell, Intel, Oracle, Symantec, Apple, AMD, Nvidia, Asus are all contributing. They all are responding to the the world. The business model MS uses is basically the same as any company that sells a product does and that is they put more resources into the newer products. Look at HP, Canon, Epson and Brother as they don't even develop drivers for older printers when a new OS comes out. XP will still run but these printers may or may not. Try getting Nvidia drivers on a Dell PC for a new OS when it comes out.

          Microsoft is using the profitable business model. Its a break even point where it cost too much to support a product. A company in order to provide proper support the company must dedicate all their employees to that specific product. Well those people are working and getting paid whether they are helping customers or not. That number stays the same while the number of people that need help fluxuates and the time has come that it costs too much to support the product. There is no income from sales of the product anymore. They supported the product longer then most companies would have.
      • .....

        Want to take a guess at what OS your bank's ATM runs.....
        • Normally...

          on a segmented network, with no access to the Internet. It is a much lesser risk than somebody on a corporate network or at home using XP and a web browser to access the Internet.
      • antique operating system ?

        That coming from a man of a genetic subsequence that largely have remained unchanged for over twenty thousand years !?

        Now seemingly in intellectual decline due to heavy indoctrination from usage of other peoples automated thoughts, aka software.

        Some solutions are eternal, most of todays computers still rely on inventions from 1930
        just branched out a bit, and made available for tech novices providing a formidable instrument of remote control.
    • XP needed to support old machinery

      The argument that XP is needed to support some old (but very expensive) machine for which the vendor did not or does not want to update the software, or it was too expensive, or not worth the trouble is odd to me. If this is a critical piece of material then running its software on an unsupported OS is a very big risk and will only get riskier going forward.

      As for the lack of the equipment vendor support (especially if you spent hundreds of thousands) that would be an even bigger red flag imho: It's like sorry, we know you bought this ultra high tech medical diagnostic device for hundreds of thousands but we can't be bothered to update our software to the newer OS release...
      • Sorry, what's the risk exactly?

        The computer is imaged... so if the PC it is on now blows up, a replacement is hours away at most. It runs standard old fashioned serial connector to the device so there's no risk they can't replace that part. it doesn't have any additional software, so it isn't like they have incompatibilities to worry about.

        I don't understand what peoples' anxieties about this scenario are? It isn't like they have ever needed Microsoft to come down, with Bill Gates in the back seat, to drop in an entire replacement solution, if there's a problem. So why would that need to start now?
        • Heck

          I was at a customer last year that still has a Windows 98 machine connected to a litho printer which is used to churn out their marketing material!
      • vendor (lack of) support

        You mean, sort of like Microsoft's: Sorry, we know you spent years organizing all of your personal finances in Microsoft Money, setting up all of your accounts, loan amortizations, payment schedules and rules, and learning all of the procedures to keep it all running smoothly, but we can't be bothered to continue supporting it so we aren't going to. Good luck transferring your years of data to some incompatible product and starting over from scratch. Have a nice day.

        Yeah, you're right. Something as customer-hostile as that would never happen.