Tuesday, April 8, 2014

10 things to do with an old Windows XP PC

Today Microsoft will release the final updates for Windows XP, the once-novel, oft-maligned, and persistently enduring operating system. Microsoft has provided stability and security updates for 12 years but will no longer do so after today.

What does this mean to you? If you have a PC bought in about the past 5 years or so, nothing. Most if not all PCs bought since late 2009 came with Windows 7, which according to the current roadmap will be supported through 2020. (If you bought between early 2007 and late 2009, and did not manage to upgrade, you may have been stuck with the quite unpopular Windows Vista, but still have a few years of Microsoft support left).


But for the millions still running Windows XP at home (and even more importantly, for the operators of millions of ATMs and point-of-sale registers running embedded Windows XP) there are some very real implications. 12 years of updates have resulted in a pretty stable operating system, and the most egregious security flaws have been fixed (at least the known ones). In its early years, Windows XP was riddled with holes that lead to such malware fiascoes as Code Red and Nimda, Internet worms that crashed millions of PCs and brought businesses to their knees for days or even weeks. That has not been the case lately.


That could all change tomorrow though. Who knows what vulnerabilities have been discovered but not revealed? Who knows what exploit methods have not yet been discovered? Perhaps few and minimal, perhaps many and severe. Either way, they won't be fixed.

Software developers and device manufacturers will have little incentive to continue developing for Windows XP. If you use only software and hardware you already have, that's not a big deal. It may become a big deal the first time you buy a new device and find it is not compatible with your old computer though.


What can you do with an old Windows XP PC?


  1. Throw it away. Or at the very least, remove any WiFi adapter, unplug the Ethernet cable, lock it in a safe, and stick it in the back of a closet.

    ...that's probably not the most practical of advice though, so here are a few other suggestions.
     
  2. Use it in a completely disconnected application. Without a connection to the Internet, there are few ways for a PC to be compromised. Writing term papers (without the benefit of Google), editing and printing photographs (without posting them to Instagram), playing movies (the old-fashioned way, from Disc instead of Instant Watch) ... yeah, the list of realistic uses is pretty short.
      
  3. Use it on your local network but don't do any web browsing from it - that's the single easiest way to come into contact with malicious software. Then again, email is not far behind as a source for infection, so this only gets you so far.
      
  4. Upgrade your OS. This is really the best solution, but 10-year-old PCs running Windows XP may well not be up to the task of running a modern operating system. Upgrading memory, disk storage, and the processor (not to mention buying a license for the new OS) may well cost as much as buying a new or "lightly used" PC.
     
  5. Put a lightweight Linux image on it. PC World lists several versions of Linux worth trying. Linux Mint is another alternative designed to look and feel similar to the familiar Windows XP. They are free, they are fast, they will run on older PCs, and as an added bonus, Linux is not as popular a target as Windows when it comes to malware. The downside is, well, it's a new OS to learn, and it's not quite as intuitive as Windows has become. Of course if you have "geek-like" tendencies you are already familiar with Linux and can ignore my caveat.

    If you absolutely must continue to use Windows XP connected to the Internet, here are a few precautions to take. 
     
  6. Install the final round of Windows XP patches today. At least close up the security flaws that are known now.
     
  7. Ditch Internet Explorer. Just because the OS has ended support doesn't mean you need to stick with a browser that has ended support. Chrome, Firefox, and Aviator will still have software updates. IE for XP will not.
     
  8. Ditch Microsoft Security Essentials. I tend to like MSE in many cases, but Microsoft will cease supplying virus detection for Security Essentials on Windows XP. There is no sense in compounding things by using an antivirus program that will immediately become obsolete when there are so many alternatives (both free and paid).
     
  9. Remove any software you don't use. Less software = fewer points of entry for something bad. For the software you do keep, make sure it is kept up-to-date.
     
  10. Finally, regardless of what else you do, make sure your computer is behind a firewall. Most modern wireless routers and some higher-end cable modems have one built-in. If all else fails, turn on the Windows Firewall. This won't prevent you from getting a "drive-by" infection by visiting a compromised web site or clicking on a malicious email link, but it at least keeps the bad guys from getting to your computer without a little help.

Do you have something to add? A question you'd like answered? Think I'm out of my mind? Join the conversation below, reach out by email at david (at) securityforrealpeople.com, or hit me up on Twitter at @dnlongen

Whois David?

My photo

I have spent the better part of two decades in information technology and security, with roots in application developer support, system administration, and network security. My specialty is cyber threat intelligence - software vulnerabilities and patching, malware, social networking risks, etc. In particular, I strive to write about complex cyber topics in a way that can be understood by those outside the infosec industry.

Why do I do this? A common comment I get from friends and family is that complex security topics give them headaches. They want to know in simple terms how to stay safe in a connected world. Folks like me and my peers have chosen to make a profession out of hacking and defending. I've been doing this for the better part of two decades, and so have a high degree of knowledge in the field. Others have chosen different paths - paths where I would be lost. This is my effort to share my knowledge with those that are experts in something else.

When not in front of a digital screen, I spend my time raising five rambunctious teens and pre-teens - including two sets of twins. Our family enjoys archery, raising show and meat rabbits, and simply enjoying life in the Texas hill country.

For a decade I served as either Commander or a division leader for the Awana Club in Dripping Springs, Texas; while I have retired from that role I continue to have a passion for children's ministry. At the moment I teach 1st through 3rd grade Sunday School. Follow FBC Dripping Springs Kids to see what is going on in our children's ministries.