I don't know about his case, but what I see in the industry is this.

ABCorp buys Softapp 2.0 that depends on JKLibrary.dll 3.0 that doesn't follow Microsofts API to the spec and does some rather odd magic for copy protection purposes. Softapp 2.0 is *very* expensive so ABCorp sticks with it for years.

Years later Softapp 6.0 is out, but no longer does what ABCorp needs it to. JLKibrary parent company doesn't exist any longer and has disappeared so there are no modern versions.

Sometimes it is easy, as you say to change registry keys or directory permissions, but many times it is not. Actual function calls that no longer exist or are now in the wrong context are passed and cause windows to throw access violations.

>networking under xp was much easier.

You much mean much less secure, I mean like, turn on and get pwnt insecure.

>copy dialog was bad, now it is a total disaster

Huh? Hell, you even try it on Win 8, it's pretty nice.

Most of the problems in 7/8 are not operating system problems, but stupid user interface choices. The reason so many people are pissed at 8 is you cannot turn on classic mode with a set of scripts.

Not ALSR, I mean ASLR.

>Is Microsoft claiming that, after all these years, there are still extremely serious vulnerabilities in Windows XP?

Yes, because the definition of secure has radically changed in the past 10 years. See ALSR

>Will Microsoft, in a few years, say Windows 8 is too buggy to support any longer, and try to convince people to upgrade to something else? I

No, even Microsoft realizes the gig is up and is looking for an operating system 'rental' model.

>Would moving to Windows 8 merely expose your family or your staff to a set of new problems?

Yes, But it is the same with Linux, Apple, whatever else. Security is not a place you reach, it is a target that is carried on the backs of the attackers. If you think anyone sits around and engineers security holes (well other than the NSA), you don't know anything about the industry.

You think you're smart, but in many places you wouldn't be able to get inspection because it wouldn't pass emissions testing. Next, you cannot buy a new car with '93 safety and emissions standards. Lastly, the manufacture has no responsibility to sell you parts at this time.

And if it has a computer it in, it is very likely there are optional computer updates for it, and possibly have been manufacture recalls.

Again, this is one of the dumber things I've heard. WHY THE FUCK would Microsoft ever sell an operating system again if the law forced them to do that? No, instead they would push to operating system rental with monthly check-ins to see if you got to continue to use your OS (have you payed your monthly/yearly payment).

It is not Microsofts fault you are using old crap.

There is not a 1 to 1 comparison here.

If the plumber uses good materials 100% to building code and later it it is found the building code is wrong, it is likely you have to pay for the damage.

If a plumber uses pipes rated for 10 years usage and your pipes break at 11 years, you likely have to pay for the damage.

A whole shitload has changed in how we view security in the last decade, saying MS is at 100% fault is one of the dumber things I've read today.

>Age doesnt increase the attack surface of a compute

The experts tend to disagree.

https://www.schneier.com/blog/archives/2013/12/security_vulner_3.html

Too bad you have not learned a damn thing about security in the past 15 years, rather then just brushing it off as a side duty of a modern operating system.

Here's the thing, if you operating system needs to talk on the web, yet presents a serious security risk to its users when doing so, it is not the right tool. I mean, if using a 60 year old milling machine on new modern steel cause it machine to blow up injuring the user, who in their right mind would consider it the right tool for the job.

>no one in MY house will every buy into Windows dependency ever again ... Apple ...

HAHAHAHAH. Out of the frying pan in to the fire.

>Please name one thing in the last decade which has changed sufficiently to justify a new OS.

If you honestly cannot answer that question yourself without more then 30 minutes of research please put all your computing devices down and step away from computers, forever.

http://en.wikipedia.org/wiki/Address_space_layout_randomization#Microsoft_Windows

http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.2

http://en.wikipedia.org/wiki/64-bit_computing

Just to start.

>Security updates are not features

I'm guessing you don't know what TLS/1.1 and 1.2 are. It's ok, the chinese are already probably capturing your SSL sessions.

>You think that being attractive automatically means not being geeky,

Based on popular culture as viewed on U.S. TV. Yes. Yes I do.

> In fact, I would have to assume that some foreign governments have already retrieved the entire treasure trove of information because news outlets aren't experts on data security.

I'd assume some foreign government have already retrieved the data before that because the NSA aren't expert's on data security (as shown by said leak).

>This would not have even been possible in the old analog phone system

Um, what? You evidently never saw the problems that cropped up on overloaded telephone exchanges and PBX's back in the day.