Windows XP Hard To Kill, Continues To Gain Market Share

[sadsteve]

Yeah, linux will always suffer from the catch 22 problem. Businesses won't release commercial software and games for the platform, because the users aren't there, and users won't adopt the platform because the saoftware/games aren't there.

I love Linux on the desktop. I still reboot to Windows for games though

Same here. Due to Windows 10, I switched to Mint Linux for my normal computing needs. Windows is now only booted for the games that aren't available on Linux. It is getting better thought, about a third of my Steam games are available on Linux.

 

[Zarathustra[H]]

Same here. Due to Windows 10, I switched to Mint Linux for my normal computing needs. Windows is now only booted for the games that aren't available on Linux. It is getting better thought, about a third of my Steam games are available on Linux.

Yeah, Linux is getting more games, but I haven't been completely happy with performance in Linux. They usually feel "off" to me. I don't know if it is mouse settings or what it is, but I still prefer games in Windows, even when they are linux compatible unfortunately. I wish I didn't. I would love to ditch Windows once and for all.

 

[jlbenedict]

XP is awesome... one of the best operating systems Microsoft has released. It wasn't full of bloat, like everything after it has been..

 

[heatlesssun]

Yeah, Linux is getting more games, but I haven't been completely happy with performance in Linux. They usually feel "off" to me. I don't know if it is mouse settings or what it is, but I still prefer games in Windows, even when they are linux compatible unfortunately. I wish I didn't. I would love to ditch Windows once and for all.

Performance is obviously a critical part of this and it doesn't get any coverage in sites like this place. There are a good number of folks on YouTube that do Linux vs. Windows testing. A lot of times those numbers do seem to fare well for Linux. Here's an example of that: . Now there's a ton of things that could be, Vulkan, different distros, etc. but ultimately in one of the few games that come out for Linux and Windows that can suck up PC hardware resources, there's really no reason for the average gamer to play this title at this time on Linux.

And in time I'm sure it could get better, maybe even better under Linux with Vulkan, or for that matter even under Windows with Vulkan. But developers are almost alwas going to spend more time with Windows versions and optimizing them first for market reasons.

 

[Zarathustra[H]]

Performance is obviously a critical part of this and it doesn't get any coverage in sites like this place. There are a good number of folks on YouTube that do Linux vs. Windows testing. A lot of times those numbers do seem to fare well for Linux. Here's an example of that: . Now there's a ton of things that could be, Vulkan, different distros, etc. but ultimately in one of the few games that come out for Linux and Windows that can suck up PC hardware resources, there's really no reason for the average gamer to play this title at this time on Linux.

And in time I'm sure it could get better, maybe even better under Linux with Vulkan, or for that matter even under Windows with Vulkan. But developers are almost alwas going to spend more time with Windows versions and optimizing them first for market reasons.

Yeah, I'm not even talking about absolute performance, like FPS tests.

In first person games I just feel like the mouse motion feels off. Maybe there is some acceleration hiding in the settings somewhere I haven't disabled.

I've also had other problems. Like when I tried to run Metro 2033 the game would always start on one of my small side monitors in portrait mode instead of my center screen, even though in display settings my center screen was the primary. I tried troubleshooting it for a while, bit was never able to find a solution.

Then there was Civ 5. Without DX11, it just didn't look the same in Linux. The visual quality was enough of a disappointment that I quickly went back to Windows.

 

[heatlesssun]

Yeah, I'm not even talking about absolute performance, like FPS tests.

It can get complicated, there are a lot of factors that come into play in gaming experiences. And it's not necessarily the developer's fault nor have anything to do with deficiencies in Linux, it's a matter of focusing resources on where your customers are.

 

[BloodyIron]

I bet I can play all the games I care about.

I bet I play a lot of games you can't.

 

[M76]

Yeah, I'm certainly hoping this is just due to errors in data collection.

Considering how many known open vulnerabilities XP has, that will never be patched since EOL continuing to use it on a machine connected to the internet is a REALLY stupid idea.

I was always wondering. If the machine sits behind a firewall / NAT, how can someone exploit said vulnerabilities? It seems unlikely.

 

[Zarathustra[H]]

I was always wondering. If the machine sits behind a firewall / NAT, how can someone exploit said vulnerabilities? It seems unlikely.

Client initiated requests, man in the middle attacks, etc.

Firewalls are a great security tool, but overconfidence in them results in a lot of problems.

 

[blkt]

Client initiated requests, man in the middle attacks, etc.

Firewalls are a great security tool, but overconfidence in them results in a lot of problems.

This. Most security problems occur between the keyboard and chair. The list goes on: phishing, execution of downloaded software, exploits to network applications and services...

 

[M76]

Client initiated requests, man in the middle attacks, etc.

Firewalls are a great security tool, but overconfidence in them results in a lot of problems.

So basically you have to do something stupid.

 

[M76]

This. Most security problems occur between the keyboard and chair. The list goes on: phishing, execution of downloaded software, exploits to network applications and services...

As I said you have to do something stupid. All of those scenarios require downloading dubious software or trojan and executing it.

 

[blkt]

Don't forget the frameworks (some examples: ActiveX, Adobe Flash, Adobe Reader, Java, JavaScript, .NET, File and Printer Sharing, Samba). But for the most part yes, it usually involves bad configuration of OS, software choice/config, network setup and/or user initiation. Edit: A couple of these are technically more of an application or service, but due to the heavy integration upon install I tend to group these together.

 

[Zarathustra[H]]

This. Most security problems occur between the keyboard and chair. The list goes on: phishing, execution of downloaded software, exploits to network applications and services...

True, most security problems do lie between the chair and the keyboard, but that doesn't mean you are immune if you are "smart" or "knowledgable"

Even the most seasoned IT professional can fall for a social engineering trick. Thinking that you yourself are so much better than all those other idiots and it could never happen to you, is very very dangerous.

We all have our off days. Maybe we are sick, or tired or hungover or drunk or in a huge hurry and do something we normally wouldn't. It can happen to absolutely anyone, no matter how experienced or "good" they think they are.

In fact the hubris to think that one is immune to this shit makes it more likely to happen as one is less likely to take precautions, or do stupid things, like disable UAC, or run programs in an admin account, instead of a separate limited user account, or not run a patched os or something else foolish.

It is important to have a multi-layered defense to protect against accidents.

Then there could be other problems too, that are not user related. For instance one vulnerability could be privilege escalation. You could be running a program believed to be safe, yet it turns out not to be, and is able to take advantage of an unpatched exploit to gain admin privileges and install a payload....

 

[blkt]

True, most security problems do lie between the chair and the keyboard, but that doesn't mean you are immune if you are "smart" or "knowledgable"

Even the most seasoned IT professional can fall for a social engineering trick. Thinking that you yourself are so much better than all those other idiots and it could never happen to you, is very very dangerous.

We all have our off days. Maybe we are sick, or tired or hungover or drunk or in a huge hurry and do something we normally wouldn't. It can happen to absolutely anyone, no matter how experienced or "good" they think they are.

In fact the hubris to think that one is immune to this shit makes it more likely to happen as one is less likely to take precautions, or do stupid things, like disable UAC, or run programs in an admin account, instead of a separate limited user account, or not run a patched os or something else foolish.

It is important to have a multi-layered defense to protect against accidents.

Then there could be other problems too, that are not user related. For instance one vulnerability could be privilege escalation. You could be running a program believed to be safe, yet it turns out not to be, and is able to take advantage of an unpatched exploit to gain admin privileges and install a payload....

You are right. Some of what I mentioned in the previous post are notorious for privilege escalation and/or access to files.

 

[serious]

I was always wondering. If the machine sits behind a firewall / NAT, how can someone exploit said vulnerabilities? It seems unlikely.

It is the classic story of Troy to assume firewall fixes everything security.

What if there is a hole in the firewall? Rumor has it that TeamViewer was hacked and were able to access people's computer, and since usually, people don't put a password on their computer, it is a buffet. Besides, if your Wifi signal goes beyond the walls of your house, then a cellphone with brute force attack algorithm can get into your home network in minutes. Once inside the network, it is the matter of time before they get access to your router using brute force/vulnerabilities as simple network query tools can expose all the devices within the network as well as the OS/version they use. Once they gain access to your router, it can be turned into a bot that acts as a 'man in the middle' node which monitors, redirects all network traffic and pipe them through internet; and a bot that attacks all devices on the network silently and send all login info out undetected, bypassing your firewall while mocking the true origin of attacks. Once a node is compromised, any nodes can become compromised, and hacks anything within the network.

Fortunately, unless you are worth hacking, those who process such skillz won't even bother hacking you.

This. Most security problems occur between the keyboard and chair. The list goes on: phishing, execution of downloaded software, exploits to network applications and services...

That was the case, but it is clear that hacking big companies like Yahoo yews better result nowadays, and things that are most important to user is stored (can be accessed) online. Chances are, if you lost control to your primary email/phone, then you are more or less screwed even though your computer is not connected to the internet.

I bet most people are vulnerable to attacks without even knowing it. I have 4 simple roles:

• Have unique, preferably randomly generated password and passcode on all computers and phones, use passcode to gain access. (No, XP does not support passcode).
• Have a dummy email accounts, use it to register websites except critical sites like banks.
• Have a LTE home phone that is registered with your parent's name. Use home phone instead of 2-step authentication instead of cellphone.
• Password to critical sites should be encrypted in a way that only you can decrypt, in a text file or a physical notebook.

If you are not currently doing this, then the security of your OS/computer is the least of your problems.

 

[blkt]

It is the classic story of Troy to assume firewall fixes everything security.

What if there is a hole in the firewall? Rumor has it that TeamViewer was hacked and were able to access people's computer, and since usually, people don't put a password on their computer, it is a buffet. Besides, if your Wifi signal goes beyond the walls of your house, then a cellphone with brute force attack algorithm can get into your home network in minutes. Once inside the network, it is the matter of time before they get access to your router using brute force/vulnerabilities as simple network query tools can expose all the devices within the network as well as the OS/version they use. Once they gain access to your router, it can be turned into a bot that acts as a 'man in the middle' node which monitors, redirects all network traffic and pipe them through internet; and a bot that attacks all devices on the network silently and send all login info out undetected, bypassing your firewall while mocking the true origin of attacks. Once a node is compromised, any nodes can become compromised, and hacks anything within the network.

Fortunately, unless you are worth hacking, those who process such skillz won't even bother hacking you.

That was the case, but it is clear that hacking big companies like Yahoo yews better result nowadays, and things that are most important to user is stored (can be accessed) online. Chances are, if you lost control to your primary email/phone, then you are more or less screwed even though your computer is not connected to the internet.

I bet most people are vulnerable to attacks without even knowing it. I have 4 simple roles:

• Have unique, preferably randomly generated password and passcode on all computers and phones, use passcode to gain access. (No, XP does not support passcode).
• Have a dummy email accounts, use it to register websites except critical sites like banks.
• Have a LTE home phone that is registered with your parent's name. Use home phone instead of 2-step authentication instead of cellphone.
• Password to critical sites should be encrypted in a way that only you can decrypt, in a text file or a physical notebook.

If you are not currently doing this, then the security of your OS/computer is the least of your problems.

LOL, nice one. You are right, most people are not high risk/value targets. I like my ethernet. Some of what you mention can be solved by choosing not to store information online or on your phone. Strong passwords, management and dummy emails are a given but good to point them out. Yeah, having things tied to your daily travel phone is a big no-no.

 

[M76]

It is the classic story of Troy to assume firewall fixes everything security.

A firewall is not protection for everything. I obviously wasn't talking about running XP as your daily rig. But the mere presence of it is not the end of the world automatically.
I don't rely solely on a firewall as protection.

What if there is a hole in the firewall? Rumor has it that TeamViewer was hacked and were able to access people's computer, and since usually, people don't put a password on their computer, it is a buffet. Besides, if your Wifi signal goes beyond the walls of your house, then a cellphone with brute force attack algorithm can get into your home network in minutes.

I though brute force attacks are only effective on WEP. Why aren't we hearing about it if it's really only a few seconds to access any wifi network from a phone no less?
Rumor has it? Sounds like a conspiracy theory or better yet a smear campaign to me. Also never seen that mentioned anywhere.

Once inside the network, it is the matter of time before they get access to your router using brute force/vulnerabilities as simple network query tools can expose all the devices within the network as well as the OS/version they use. Once they gain access to your router, it can be turned into a bot that acts as a 'man in the middle' node which monitors, redirects all network traffic and pipe them through internet; and a bot that attacks all devices on the network silently and send all login info out undetected, bypassing your firewall while mocking the true origin of attacks. Once a node is compromised, any nodes can become compromised, and hacks anything within the network.

If the attacker is inside the network you're screwed period.

Fortunately, unless you are worth hacking, those who process such skillz won't even bother hacking you.

That's exactly what I'm talking about, you need to be targeted specifically to encounter real serious threats. But in that case you're screwed anyway unless you had mad skillz yourself and protected against every conceivable threat.

Chances are, if you lost control to your primary email/phone, then you are more or less screwed even though your computer is not connected to the internet.

I can pull the plug on my primary email at any time.

I bet most people are vulnerable to attacks without even knowing it. I have 4 simple roles:

There is no such thing as being totally invulnerable. If you think you are then maybe you're the one with overconfidence.
I accept that if I'm targeted specifically I have no chance. But I also think I'm reasonably protected from general threats, at least much better than the next guy.
But this is getting very far off course the topic at hand.

 

[tetris42]

I bet I can play all the games I care about.

So if you laugh at people who think Linux isn't ready for mainstream gaming, but any games that aren't on Linux you don't care about, it sounds like you laugh at people who play games that won't run on Linux. This sounds like another "I'm so happy I'm on Linux because it works for me personally and mock others who aren't on it even if they want to do things that Linux can't perform" post. That's not how you win people over.

I mean hell, I'm on Windows 7 and I'd love to play Quantum Break and Forza Horizon 3, but that's not going to happen unless I switch. I don't laugh at people on 10 and pretend I'm not interested in other games, I just think it has too many other issues for me personally and probably won't use it for quite some time.

I'd love to see Linux hit 99% compatibility in gaming, but until it starts getting close, people in denial about its shortcomings aren't doing the platform any favors.

 

[BloodyIron]

No, I don't laugh at people for playing the games they want to play. I don't give a shit. Play what you want, and I'll do the same.

The point is that there are so many games you can play on Linux that it doesn't matter that it's not 100% of the titles.

I know Linux isn't for everyone, but the statement that you can't game on Linux is just completely false.

So if you laugh at people who think Linux isn't ready for mainstream gaming, but any games that aren't on Linux you don't care about, it sounds like you laugh at people who play games that won't run on Linux. This sounds like another "I'm so happy I'm on Linux because it works for me personally and mock others who aren't on it even if they want to do things that Linux can't perform" post. That's not how you win people over.

I mean hell, I'm on Windows 7 and I'd love to play Quantum Break and Forza Horizon 3, but that's not going to happen unless I switch. I don't laugh at people on 10 and pretend I'm not interested in other games, I just think it has too many other issues for me personally and probably won't use it for quite some time.

I'd love to see Linux hit 99% compatibility in gaming, but until it starts getting close, people in denial about its shortcomings aren't doing the platform any favors.

 

[heatlesssun]

I mean hell, I'm on Windows 7 and I'd love to play Quantum Break and Forza Horizon 3, but that's not going to happen unless I switch.

Quantum Break is on Steam and Windows 7 compatible:

I don't laugh at people on 10 and pretend I'm not interested in other games, I just think it has too many other issues for me personally and probably won't use it for quite some time.

I'd love to see Linux hit 99% compatibility in gaming, but until it starts getting close, people in denial about its shortcomings aren't doing the platform any favors.

Of course one can game and Linux, and while Linux gaming is growing in titles supported, that growth isn't even close to macOS let alone Windows. Looking at numbers on Steam, Linux added about 1100 games in 2016, macOS about 1650 and Windows 5200. So while Linux gaming is growing it's no where near the pace of Windows, at least on Steam. The gap is growing. And that's the problem.