Gah, typos, it's late.

* Did not mean to insinuate Core2's were 7 years old, just the range of CPUs would be 4-7 years old.
* "One can pull an image from a central server"

As listed, this only applies to outdated computers made between 2004-2007. Namely, Pentium 4's, Pentium D's, and perhaps some Core 2's from 4-7 years ago.

But as the article states: "A lot of these devices, given their age, will not be in good working order and does not support the latest versions of Microsoft products."

Most IT Departments in school systems have been switching to Windows 7 as a cost-cutting measure, not just because XP security updates expire in 2 years. The deployment tools on Server 2008 R2 for Win7 are insanely excellent. One can pull a central server to a distant school just once from a PXE boot, and it will peer-to-peer on the local network, rather than download a ~10GB file 30 times. Any additional drivers, software, and updates can be installed on the spot -- think Ninite, except before the installation. Doing things like installing XP from Ghost and babysitting the systems for an hour are obsolete, as is the staffing required for it.

But Windows 7 requires 1-2GB of RAM to run properly depending on software installed. With the crisis in the EU (PIIGS especially), it's very unlikely that they'll spend the money to buy DDR1/DDR2 to upgrade systems that don't. A 7-year old system is going to have hardware problems that low staffing can't troubleshoot, to the point where they won't even bother. And they certainly won't have the staffing required to take the time to set up an OSS system, much less train their staff on it, as it was only "recommended."

At best, someone might set up the ability to install Edubuntu through PXE boot, but they'll just be Edubuntu systems, nothing more. Some kids might play around on them at times, but otherwise, these old systems are just going to collect dust.

If it was 1996 or 1997, perhaps not too much different. But in 1994, that would change everything. That predates HTML 2, the first attempt at standardizing it. It predates Apache, Javascript and CSS. Late 1994 predates the web presences of Amazon, Craigslist, the New York Times, and Dell.

The only well-visited site I can think of still in existence was the whitehouse.gov, and it was extremely primitive. Here's a mirror:

http://www.iterasi.net/openviewer.aspx?sqrlitid=lqkszdizgkk3n6kga5zzja

Basically, if Microsoft was able to redirect web development that early, they'd go for something very similar to what ActiveX was for vendor lockin. HTML would remain primitive, broken, and discarded. To make anything more than what was available, you would basically use Microsoft systems over HTTP.

Instead of HTML, you'd use something like Visual Studio to create forms and graphics via drag-and-drop and upload .rc files with Access/VBScript like background controls. Video would be embedded as Microsoft Media Server (MMS) and would run locally.

Taking that out to 2011, it'd probably be similar but sandboxed, and using a lot more XML. But nevertheless, you'd basically only be able to browse the web from OSS with something like WINE -- basically, a emulator/compatibility layer developed from a lot of reverse engineering that wasn't 100% reliable.

Despite the fact that web browsers were considered commercial specialty products in the late 1990s, that era was one of completely non-standard "quirks" HTML. While Acid2-era HTML4/CSS2 is perfectly standardized and supported by all modern web browsers, HTML5/CSS3 is not, it's practically Quirks Mode II. Passing Acid3 is really a gimmick in comparison to Acid2.

The reason Internet Explorer took the market over Netscape was that Microsoft provided an extremely high-quality browser for 1997 in an age of non-standards. It was far more secure than Netscape -- it wasn't vulnerable to crashing your system with the XSS loops people posted on each other's Guestbooks at the time. IE 4/5 was insanely fast compared to Netscape, which involved watching a logo with stars fly most of the time even outside of 28k modems.

But the reason IE 4/5 took over was because of quirks. Netscape was horrible to develop a cutting-edge website with. And IE was very tolerant to bad code -- Netscape would stop rendering the page if a /table tag wasn't included, IE wouldn't. The second a web developer made a popular site "Best viewed with IE", the end user use their bundled IE to visit that site. And not long after, they would use IE for everything else.

Bash Microsoft all you want, but history is repeating itself. IE10 is seriously fast and has some serious, but user-friendly lockdowns on security. IE10 feels as nice as Chrome but uses far less memory. Firefox, like Netscape, since version 3 has been building its perception as incompetent bloatware and is likewise being dumped. Unlike IE 6-8, IE10 is a seriously competitive browser.

And Microsoft has plenty of time to regain the old IE browser share. The way the W3C bureaucracy works, HTML5 likely won't be standardized until 2022.
http://en.wikipedia.org/wiki/HTML5#W3C_standardization_process

*TLDR*: All MS has to do is to make a very nice bundled browser, ensure everything is written to its own quirks, and it's 90% of the market share again. It's the 90's again except with high-bandwidth multimedia and 3D shooters in CANVAS tags.

On April 8, 2014, security patches and hotfixes for all versions of Windows XP will no longer be available. That basically means if you run it past that date, any exploit released out into the wild will not be patched, ever.

Furthermore, hardware vendors haven't consistently supported XP in years. Windows drivers are only forward-compatible, and Vista has been out since January 30, 2007, which is nearly 5 years. If you upgrade or purchase new hardware in any way, good luck with getting that to work in XP without installing old network and sound cards for starters. Even then, the performance is also going to be terrible on an OS tuned for 10-12 year old hardware and considers SATA to be exotic.

Don't expect software vendors to thoroughly support XP in the next 2 years or so, either, when XP usage will likely plummet to single digits like IE6 has in the past 2 years. The fact that a simple program like Paint.NET 4, due at the end of the year, won't support XP is a harbinger of this. At 10 years old, XP is like a Linux system stuck on Kernel 2.2, KDE 2.2, Xfree86 4.1, and GTK 1.2. The fact that such an old configuration is still supported to any extent and remains thoroughly tested by software developers is nuts. Like with web devs and IE6, most probably can't wait to drop it.

The true creative class is the people who are willing to put forth the hard work to study particle physics, microbiology, colloid science, differential equations, managerial accounting, and parallel algorithms. Their dedication is what makes carrying out their creative dreams possible. As the article states, they're doing well, as there's still scarcity in that market. Their competition in overseas diploma mills that teach to the test do not produce the same results.

What this article is referring to is the so-called "creative class" who thought they could start a grunge band by learning power chords, buy a Canon EOS and become a professional photographer, or become a psychologist because they were interested in their bad teenage relationships. They are the types who thought they'd win the lottery and become rock stars without the serious learning required to invent, build, and deploy something new.

Those people in the so-called "creative class" locked in an entitlement mentality are a dime a dozen.It may have worked in the 1990s when they and their friends were given unlimited subsidy by coddling baby boomer parents, but these days, you're on your own and actually have to know your shit. Universities today aren't full of ambitious engineers who will take full advantage of their $50K in student loans, they're full of future waitresses and customer service reps with a piece of paper.

A better article would be "Why did 17 million people go to college?" -- http://chronicle.com/blogs/innovations/why-did-17-million-students-go-to-college/27634

If you can, ask management "What's the cost of shutting down the production line for a day?"

Explain to them that the system is a petri dish for viruses and even intentional industrial sabotage. A single Win7 Professional license to virtualize the system (virus protection, instant restoration, little to no downtime) via XP Mode, or even a damned Xen Server License, is pretty good insurance versus that.

I did something similar once while consulting for something else at a factory, and the VP turned white and was on the phone immediately.

Agreed.

Security in Windows XP was really an afterthought -- it wasn't until SP2 seven years ago that it was reasonable to install. Before that, it would get rooted WHILE installing. In Win7, that is built in, not merely tacked on or recompiled. But it still includes IE6 by default, which US-CERT said was not fixable in its security model in 2004, and is the biggest danger of installing it.

Of course, I don't know what kind of masochist would voluntarily install an OS from 2001 that still considers SATA to be exotic hardware and can only be cloned across the same hardware, but that's another issue.

Windows 7 boxes are still exploitable, but only if they're grossly unpatched. The ones that get infected are usually have no Service Pack, much less have ever had Windows Update run, and are using an expired version of Norton Antivirus. Windows Update kills common malware rather well, and Security Essentials is free and actually quite nice (beats AVG).

The same would apply to someone who has ignored 2 years of Ubuntu Security Notices and patches. There are quite a few: http://www.ubuntu.com/usn/

As far as Flash and Java goes, I've been putting Chrome on home systems for browsing. It blocks usage of versions of Flash, Java, Quicktime, and other plugins that are exploitable. The malware blocker is also excellent on it, although Firefox and IE9 are catching up on doing that well.

If you're destroying drives on your own, go for it. But in any kind of business, even if you don't have some old motherboard with an IDE connector, it's worth spending the $20 on an adapter or card to just DBAN those crappy old drives.

Why? Solely to prevent someone from injuring themselves while destroying old hard drives with a drill, which is bad in itself. It's worse when they bill the company for the ER visit because a spark gets in their eye. It gets even worse when they go on perfectly collectible workers comp and settle a lawsuit because they weren't given safety goggles when they did so.

Or, more realistically, some manager or person in HR from chewing you out for an hour and writing you up just because they think that way, and you allowed it to happen. And even that will probably not happen, but do always CYA just in case.

I was about to post this myself, but DBAN will do the trick. There's practically no way anyone will recover anything but a few random strings of plain text out of that, and that's only if they have the analog tools in a forensics lab. Even the chance of reconstructing a usable credit card account out of that is in the same probability range as guesswork.

But I will say that your estimate of 200GB is pretty low for what's worth re-using unless you're broke. Any drive that's been in use for 3-5 years is well past warranty and isn't really worth putting anything valuable on without a sensible backup and recovery scheme. Any drive 200GB in size (unless it's SSD, etc) is usually at least that old, I had a 200GB drive personally in early 2003. A brand new 1TB drive will only run $55.

(I of course agree that throwing fresh 3TB drives into tubs of driveway cleaner simply to "100% wipe data" would be absolutely stupid.)

As for legality, extreme legacy software and hardware is still often used in industrial plants. The claims against MSFT for purposefully wiping one of those systems and shutting down the lines for weeks would be huge.

Whoever wrote that is probably smarter than thinking doing that will just wipe some old Pentium 2's still out in the wild that'll get replaced with a Win7 laptop the next time a social security check is cashed.

And remember, Code Red/Green are 10 years old. :)

Wikipedia: The Code Red worm was a computer worm observed on the Internet on July 13, 2001.
Securelist: Net-Worm.Win32.CodeGreen.a, Detected: Sep 14 2001 09:23 GMT
Microsoft: Patch Q300972, [fix] Originally posted: June 18, 2001

I would agree with this if this was posted sometime circa 2005 or before, but that really isn't the case now.

This malware and others like it can only take over if you open an e-mail, go to a bad website, download a bad executable, and run it. Let's break that down.

E-Mail: Any credible ISP and any web-based e-mail service (Yahoo/Gmail/Hotmail) will filter botnet spam. Even if you find said botnet e-mail in your spam folder and try to go to it, any modern web or desktop e-mail client will still warn you like hell.

Browser: Internet Explorer 8 has a malware filter enabled by default (SmartScreen). You get a horrible warning if you try to access malware, and an even worse one if you try to download an executable flagged as malware. IE8 is freely available for XP users, and every mainstream website in the world (including MSFT's) will nag you to upgrade, as most (Youtube/Facebook/Google) don't even support XP's default of IE6 anymore.

OS/User Access: Windows Vista is nearly 5 years old now and included proper user-mode access to the system (UAC) by default. Try to run something that will do something horrible like Kelihos will, and it will also flag a less dangerous-looking, but existent "do not run this" warning. That was improved with Windows 7, which is now 2 years old.

Patches on XP: Anything since XP SP2 (August 2004?) will not only nag for Windows update, but even forcibly reboot your system after enough idle time if what needs to be patched could open the door for botnets. Like with any of the years before listed, any retail PC sold since then will have that. Patches on XP won't fix everything, but the patches (Malicious Software Removal Tool) will typically circumvent well-known botnets.

Conclusion: I would say almost the entirety of the 41,000 systems affected had somehow went ridiculously unpatched for years. We're probably talking Windows 2000 systems. And Linux/BSD was always better as a baseline, but run it unpatched at any such similar level as described, and it will have even worse SSH server vulnerabilities for starters.

I would agree with this if this was posted sometime in circa 2005, or especially circa 2002, but that really isn't the case now.

This malware can only take over if you go to a bad website, download a bad executable, and run it.

Internet Explorer 8 has a malware filter named SmartScreen. You get a horrible warning if you try to access malware, and an even worse one if you try to download an executable of malware. IE8 is freely available, and every mainstream website in the world (including MSFT's) will nag you to upgrade, as most (Youtube/Facebook/Google) don't even support IE6 anymore.

Windows Vista is nearly 5 years old now and included proper user-mode access, named UAC, by default. Try to run something that will do something horrible like Kelihos will, and it will also flag a less flagrant, but existent "do not run this" warning. That was improved with Windows 7, which is now 2 years old.

And as far as patches go, anything since XP SP2 (August 2004?) will not only nag for Windows update, but even forcibly reboot your system after enough idle time if what needs to be patched could open the door for botnets.

I would say almost the entirety of the 41,000 systems affected had somehow went unpatched for years. A number were likely Windows 2000 or even 98 boxes somehow still out in the wild and online.

Firefox was really the browser that broke the internet out of MSFT's painful grip. There is good cause for brand loyalty there.

In the early 2000's, Internet Explorer 5 and 6 had nearly 90% of the browser market share. The only real competitors were Opera, which was basically adware at the time, and Mozilla Suite, which still felt like a re-branding of the godawful 90's Netscape browser even though it used the Gecko engine.

When Firefox came out in the 0.x stages around early 2003 (named Phoenix then Firebird), it was out of this world. It was free. It was insanely fast. It rendered old quirky pages as well as IE did, and supported open and well-documented standards for future projects. Best of all, it was secure -- unlike with IE, you wouldn't get rooted and spyware'd to death from ActiveX garbage.

But times changed. I switched to Chrome well over a year ago and haven't really looked back. It's just too quick and bloat-free in native speed, UI navigation, and especially versus the damned updates Firefox has. Sadly, I'd almost consider the test version of Internet Explorer 10 to be a better browser...