So Kaby is a waste of an upgrade?

[Lathais]

I used to manage a pair of 7-11s for a private owner.

Everything ran on Win 95 when i started.

It ran on 95 for years longer than it should have (and i mean everything - the register, the ordering handheld, the main computer in the office, all of it).

Right around the time Windows 7 came out, we got upgraded to XP.

I left that job when my son was born almost a decade ago (to take care of him at home) but i am still friends with the owner.

They STILL run XP. Right now.

7-11. Tens of thousands of stores. Major international corporation.

Because the entire ordering system, PoS software, inventory system, etc, is all running on XP and tightly integrated.

It would have to be re-written (a relatively major expense) and relatively bug-free before they could deploy it to stores. Last i talked to her, she was told that the Win 10 version was underway and would be deployed sometime in very late 2017 at the earliest, probably best case mid 2018.

Speedway (major fuel chain) still runs on Windows 7. And probably will for another ~3-5 years.

My wife does IT for a hospital system, notably working with EMR (Electronic Medical Records) software. All of their machines have to run Win 7 and will for at least 3 more years, because EPIC and eClinical Works (the two EMR's they work with) require 7 to run (because they require IE hooks that are ancient). EPIC is working dilligently on upgrading the software, but it is such a huge, complex piece of software that it takes literally YEARS to update it... especially beause they have to make sure that every customer can import their data into the new version (as it is highly customizable for the client to include specific data that that type of medical practitioner might need) without data loss.

Same boat for my company and our software. Yeah, we could upgrade to their new version that works on Windows 10 and actually uses a mouse, but the expense of new software licenses is huge, and we'd need a new server as well. If we had done this last year, instead of the company just barely being profitable, we would have lost money last year. I don't call that greed, I call that staying afloat. The software works and is paid for, no reason to upgrade. On the plus side, we are hiring sales people again and looking forward to some growth this year finally, so maybe if we turn enough of a profit this year we can look at some upgrades next year. That's just how it is for small businesses around the world.

[chronia]

Luckily, I work at a small company. There are less than 10 of us and we all know not to plug USB sticks in to our PCs here. Also, we are very well firewalled and have paid companies to test our security, they can't get in to my network. Also, yes we do back-up, I check them daily.

Again, unless someone comes in to our office, how would they even know we are running XP? We are not open to the public. Our customers call to place orders and the warehouse ships them. There are less than 10 of us here and no one else comes here, it's a semi-secure location and we just do not ever really have guests other than occasionally vendors stopping by.

As a small company with good policies in place the risk is indeed a lot less. Do remember though, most of the risks do not come in outside to inside (which usually is firewalled the best) but from inside to outside, either trough employees falling for phishing campaigns which might or might not be tailor made for your company (with 10 employees its more common to get caught by generic phishing than by tailor made campaigns), employees browsing on infected websites or USB sticks.

How they know you run XP, the same way how stuff like Netmarketshare does, webnanalytics combined with honeypots and stuff. Every online request (be it to open a webpage, load a banner inside that webpagde etc) trough TCP headers / cookies and what not gives the other side information about OS / Browser used and sometimes alot more, if your company is interesting enough that ppl want to know what kind of OS you run internally, they will find out one way or anohter. The question is though, is your company interesting enough for them to go trough hoops to make the effort to try to steal your information.

Best practices for Windows XP formulated here are atleast:

1. Don't run it
2. When one is not possible: Run it on a (virtual)machine without Networking hardware and / or USB ports.
3. When 2 is not possible: Run them in a non internet enabled vlan that cannot initiate any traffic to internet or other internal networks.
4. If none of those are met or cannot be met, you are considered not safe

Also how do you check backups, alot of the companies i mentioned do run backups, and think they check them, their check is only to check daily if the backup has ran, However is not a safe check. Atleast every few months you need to simulate a disaster recovery in a test enviroment to make sure that the backups you make also work should they ever be needed. It's advised to do smaller recovery (lets say a test recovery of a couple of 100 random data files) on a weekly basis. Alot of companies forget this though, and in my 12 years in IT i have now withnesses atleast 10 companies loose alot or even all their data due to their backups being compromised when they needed them after a disaster and the backup chains being corrupt and not readable.

I don't have a source, no. It was a factoid in an e-mail and I lost the e-mail. Remember though, to be included in that 56%, a company just needs one machine still running XP to be counted in that, even if everything else in the company runs W10. You can always look at this though:
https://netmarketshare.com/

XP has nearly always been more popular the 8.1. The line for XP users is also pretty flat, because many of the people using it can not or will not change.

I know netmarketshare, sadly the fun stuff (geo filters and stuff) costs money so not able to make good analysis there where for example China is excluded and you only look al Northern America and Europe for example.

Windows 8.1 more popular then XP does not feel weird to me at all btw, Nearly all our business customers skipped 8(.1) and are still on 7 or migrated directly to 10. Alot of work in coming in soon though, because all the companies that want to keep important IT security certifications will need to be migrated off 7 before Support ends in 2020, it might seem a lot of time, but in practise its not. Not looking forward to those projects after all the Win XP to 7 projects and the headaches that came with those.

[Lathais]

As a small company with good policies in place the risk is indeed a lot less. Do remember though, most of the risks do not come in outside to inside (which usually is firewalled the best) but from inside to outside, either trough employees falling for phishing campaigns which might or might not be tailor made for your company (with 10 employees its more common to get caught by generic phishing than by tailor made campaigns), employees browsing on infected websites or USB sticks.

How they know you run XP, the same way how stuff like Netmarketshare does, webnanalytics combined with honeypots and stuff. Every online request (be it to open a webpage, load a banner inside that webpagde etc) trough TCP headers / cookies and what not gives the other side information about OS / Browser used and sometimes alot more, if your company is interesting enough that ppl want to know what kind of OS you run internally, they will find out one way or anohter. The question is though, is your company interesting enough for them to go trough hoops to make the effort to try to steal your information.

Best practices for Windows XP formulated here are atleast:

1. Don't run it
2. When one is not possible: Run it on a (virtual)machine without Networking hardware and / or USB ports.
3. When 2 is not possible: Run them in a non internet enabled vlan that cannot initiate any traffic to internet or other internal networks.
4. If none of those are met or cannot be met, you are considered not safe

Also how do you check backups, alot of the companies i mentioned do run backups, and think they check them, their check is only to check daily if the backup has ran, However is not a safe check. Atleast every few months you need to simulate a disaster recovery in a test enviroment to make sure that the backups you make also work should they ever be needed. It's advised to do smaller recovery (lets say a test recovery of a couple of 100 random data files) on a weekly basis. Alot of companies forget this though, and in my 12 years in IT i have now withnesses atleast 10 companies loose alot or even all their data due to their backups being compromised when they needed them after a disaster and the backup chains being corrupt and not readable.




I know netmarketshare, sadly the fun stuff (geo filters and stuff) costs money so not able to make good analysis there where for example China is excluded and you only look al Northern America and Europe for example.

Windows 8.1 more popular then XP does not feel weird to me at all btw, Nearly all our business customers skipped 8(.1) and are still on 7 or migrated directly to 10. Alot of work in coming in soon though, because all the companies that want to keep important IT security certifications will need to be migrated off 7 before Support ends in 2020, it might seem a lot of time, but in practise its not. Not looking forward to those projects after all the Win XP to 7 projects and the headaches that came with those.

Good thing my firewall is set so that people can not visit sites I don't let them visit. Good thing if the boss or I catches them attempting to bypass this, it is considered theft of company time and grounds for immediate termination. Same thing with using your cell phone at work for anything personal. If I was anyone else at this company, I wouldn't even be able to browse here while at work, because it's blocked, along with just about anything else not work related.

For the back-ups, yes, I test them, fairly regularly. Probably not as often as I should, but at least once a year, usually twice a year. I used to test monthly, but never had any issues, so it slowly went from monthly, to quarterly, to yearly.

[chronia]

Good thing my firewall is set so that people can not visit sites I don't let them visit. Good thing if the boss or I catches them attempting to bypass this, it is considered theft of company time and grounds for immediate termination. Same thing with using your cell phone at work for anything personal. If I was anyone else at this company, I wouldn't even be able to browse here while at work, because it's blocked, along with just about anything else not work related.

Wow, there must like 0 to none worker rights in your country If you try to terminate ppl contracts for stuff like this in Holland the judge will laugh for a few minutes and then award a large sum om money to the employee for breech of contract. Weird to see that different countries have such different right for workers

To be able to fire someone here for this stuff like that you really need to build a well documented case where in the contract you state that you monitor the employee's traffic, else you cannot even legally monitor them as privacy laws will kick your butt. Then you need to warn them atleast like 3 to 5 times before trying to terminate the contract else as i said the judge will just wave the case away and award the employee. Workers are very well protected here by law, thats its really hard to get any reason for termination trough unless its theft or something like that. But something like time cannot be qualified as stolen here legally.

[Kagthul]

Wow, there must like 0 to none worker rights in your country If you try to terminate ppl contracts for stuff like this in Holland the judge will laugh for a few minutes and then award a large sum om money to the employee for breech of contract. Weird to see that different countries have such different right for workers

well, thankfully Holland is in the EU, and if the company wanted to fight it in the EU courts, Holland would lose handily, as that kind of thing is totally permissible by EU law (and all member nations have to abide by that).

To be able to fire someone here for this stuff like that you really need to build a well documented case where in the contract you state that you monitor the employee's traffic,

Unless Holland is a lot different than the rest of Europe.. yeah, no. Its not their hardware to be mucking about with. It belongs to the company. They dont have the inherent right to use it to browse the internet, or do anything on it other than their job. They arent entitled to employer-provided internet access.

else you cannot even legally monitor them as privacy laws will kick your butt. Then you need to warn them atleast like 3 to 5 times before trying to terminate the contract else as i said the judge will just wave the case away and award the employee. Workers are very well protected here by law, thats its really hard to get any reason for termination trough unless its theft or something like that. But something like time cannot be qualified as stolen here legally.

Its not so much "Stealing" as "not doing your job". If you aren't doing your job, i can terminate you. Usually even here in the US it wont be immediately in any job where you have a Union, but in a small shop like what Lathais is describing.... employment is at-will. You screw up, you go.

If they deal with sensitive material of any kind (*particularly* medical info - and i know that the laws in Europe are just as rough on this, or worse than the US) they can most definitely tell you you cant use your cell phone, because you could be transferring sensitive information out with the camera.

[Lathais]

Wow, there must like 0 to none worker rights in your country If you try to terminate ppl contracts for stuff like this in Holland the judge will laugh for a few minutes and then award a large sum om money to the employee for breech of contract. Weird to see that different countries have such different right for workers

To be able to fire someone here for this stuff like that you really need to build a well documented case where in the contract you state that you monitor the employee's traffic, else you cannot even legally monitor them as privacy laws will kick your butt. Then you need to warn them atleast like 3 to 5 times before trying to terminate the contract else as i said the judge will just wave the case away and award the employee. Workers are very well protected here by law, thats its really hard to get any reason for termination trough unless its theft or something like that. But something like time cannot be qualified as stolen here legally.

There are plenty of worker rights. I live in America. However, theft is theft. If I am paying someone to do work, and they are not doing work and doing whatever the hell they want, why am I paying them? Answer is simple, I don't pay them anymore. They are stealing from me, plain and simple, I give them money to work, not browse facebook, so they are taking money from me. That's theft. It's illegal to monitor what someone does on a public machine? That makes no sense to me. As a company, we own those machines, not the workers. We have a right to know exactly what they are doing on our machines. Again, we are paying employees to work, not browse social media. A country that defends it's worker's "rights" to not do work just sounds stupid.

- - - Updated - - -

Its not so much "Stealing" as "not doing your job". If you aren't doing your job, i can terminate you. Usually even here in the US it wont be immediately in any job where you have a Union, but in a small shop like what Lathais is describing.... employment is at-will. You screw up, you go.

If they deal with sensitive material of any kind (*particularly* medical info - and i know that the laws in Europe are just as rough on this, or worse than the US) they can most definitely tell you you cant use your cell phone, because you could be transferring sensitive information out with the camera.

That's why I consider it theft of time. You are not doing your job that I am paying you to do. So you took that money, without doing what you were supposed to do to get that money. You stole that money from me.

and yes, employment-at-will, that's the term I was looking for but was drawing a complete blank at the time. Texas is most definitely an employment-at-will state.

In addition to that, being such a small company, we outsource payroll to a staff leasing agency. It is in their rules that if you are terminated from your position, you must contact them within 24 hours and they will attempt to find you a position at one of their other customers. So technically, just because I terminate someone, does not mean they are terminated, they can easily be re-assigned. If they fail to notify them within 24 hours, they gave up any rights they had. Of the 4 or 5 people I have had to terminate over the years, none have followed this simple step and I am sure to advise them of it upon termination and give them the number they need to call.

Personally, we do not deal with any sensitive data here, other than maybe customers credit card numbers, but those are encrypted so that after we enter it, no one can see it. We can run it for any order for that customer, but literally no one can see the number, not even me with unlimited access to the software. It's just not possible to get to the credit card numbers in our software. However, I do know people that work at the new Amazon warehouse up near San Marcos, I know people that work at the main UPS Hub here as well and I know people that work in an above top secret government building known only by the name "Building 19." None of them are even allowed to take their cell phones in to the building they work in. Must be left in your vehicle.

[chronia]

well, thankfully Holland is in the EU, and if the company wanted to fight it in the EU courts, Holland would lose handily, as that kind of thing is totally permissible by EU law (and all member nations have to abide by that).



Unless Holland is a lot different than the rest of Europe.. yeah, no. Its not their hardware to be mucking about with. It belongs to the company. They dont have the inherent right to use it to browse the internet, or do anything on it other than their job. They arent entitled to employer-provided internet access.



Its not so much "Stealing" as "not doing your job". If you aren't doing your job, i can terminate you. Usually even here in the US it wont be immediately in any job where you have a Union, but in a small shop like what Lathais is describing.... employment is at-will. You screw up, you go.

If they deal with sensitive material of any kind (*particularly* medical info - and i know that the laws in Europe are just as rough on this, or worse than the US) they can most definitely tell you you cant use your cell phone, because you could be transferring sensitive information out with the camera.

I don't know if Holland is much different then the rest of Europe, but employee's are very well protected here, atleast in terms of terminating permantent contracts. If you want to fire a employee without having to pay a payoff for the contract you have to build a case, unless there are grounds for immediate termination, but those are quite hard to get. For example browsing to a not allowed website is not one of them, or using a phone to facebook one time (if they do it constantly its different, but you have to give out warnings) and after a few warnings termination will be allowed without pay off. For example, if you don't want ppl to use their cellphones at work, then don't allow them to bring the cellphone to the desk, that is allowed here.

Mediacal info is a whole other can of worms though, agree there, there the rules are very strict, because patient privacy is even higher valued legally than employee protection. If you mess around there esp with patient files termination is not something that is hard to get.

There are plenty of worker rights. I live in America. However, theft is theft. If I am paying someone to do work, and they are not doing work and doing whatever the hell they want, why am I paying them? Answer is simple, I don't pay them anymore. They are stealing from me, plain and simple, I give them money to work, not browse facebook, so they are taking money from me. That's theft. It's illegal to monitor what someone does on a public machine? That makes no sense to me. As a company, we own those machines, not the workers. We have a right to know exactly what they are doing on our machines. Again, we are paying employees to work, not browse social media. A country that defends it's worker's "rights" to not do work just sounds stupid.

Its not as much as illegal to monitor devices and activity, as it is that you have to be open about it, else it might not be admissable in court should you want to terminate someones contract based on the monitoring data. If you don't notify upfront to your employee's that you will monitor, in a lot of cases that data is then also not usuable in a court case and since its not easy to terminate contracts here, alot of those cases go trough court. You can still monitor ofcourse. Therefore nearly every company here has a passage either in the contract or in the Company rulebook that employees need to sign next to their contract that internet activity is monitored, or if camera monitoring is used and stuff like that.

A lot of the employee protection, atleast in Holland has been put in the law because in the early 1900's employers were not good for their employee's and employee's had nothing to protect them against the employers. Its also not a right not to work, if you abuse it, it will be very easy to get your contract terminated. Its just so that you cannot fire someone for taking a personal call every once in a while, fire them for browsing a little here and then, going to the toilet outside of breaks and stuff like that. If you browse facebook for several hours a day or take breaks every hour, you wont work somewhere very long.

[Lathais]

Its not as much as illegal to monitor devices and activity, as it is that you have to be open about it, else it might not be admissable in court should you want to terminate someones contract based on the monitoring data. If you don't notify upfront to your employee's that you will monitor, in a lot of cases that data is then also not usuable in a court case and since its not easy to terminate contracts here, alot of those cases go trough court. You can still monitor ofcourse. Therefore nearly every company here has a passage either in the contract or in the Company rulebook that employees need to sign next to their contract that internet activity is monitored, or if camera monitoring is used and stuff like that.

A lot of the employee protection, atleast in Holland has been put in the law because in the early 1900's employers were not good for their employee's and employee's had nothing to protect them against the employers. Its also not a right not to work, if you abuse it, it will be very easy to get your contract terminated. Its just so that you cannot fire someone for taking a personal call every once in a while, fire them for browsing a little here and then, going to the toilet outside of breaks and stuff like that. If you browse facebook for several hours a day or take breaks every hour, you wont work somewhere very long.

That just sounds stupid to me. Of course if I am a company and I own the machines and pay for the internet I inherently have a right to monitor whatever goes on. Should not have to be spelled out to anyone at all. I own it, I get to monitor it. Period. Would not want to live in a country where I am not allowed to monitor what I own.

Let's look at this from a different angle. Let's say a friend comes over to your house and asks to use your internet. He uses that time on the internet to e-mail another person with their plans to rob a bank. You monitor your stuff and happen across this info. You present it to the police and they can't do anything with it because you did not tell your friend that you were monitoring your internet traffic? BS. YOU own the hardware he used, you have the right to monitor it.

Taking a personal call while on my time at all is theft. I am not paying you to take personal calls. I am paying you to do something else. By being on a personal call, YOU are the one breaking the contract, hence I can terminate the contract. If there are laws in place that make it so I can not fire someone for not doing what I am paying them to do, that's not a country I would want to live in.

[chronia]

That just sounds stupid to me. Of course if I am a company and I own the machines and pay for the internet I inherently have a right to monitor whatever goes on. Should not have to be spelled out to anyone at all. I own it, I get to monitor it. Period. Would not want to live in a country where I am not allowed to monitor what I own.

you're allowed to monitor it all you want, however here for some cases the monitoring data is not useable without upfront notice under civil law, one of them being termination of contract. For other cases, for example criminal activities that exemption is not active, so reporting criminal activity on your internet connection to law enformenent is totally fine.

Let's look at this from a different angle. Let's say a friend comes over to your house and asks to use your internet. He uses that time on the internet to e-mail another person with their plans to rob a bank. You monitor your stuff and happen across this info. You present it to the police and they can't do anything with it because you did not tell your friend that you were monitoring your internet traffic? BS. YOU own the hardware he used, you have the right to monitor it.

See above, this would be totally fine. Its also totally fine for example to monitor your kids and to see what they do online and disable their internet should they be on pornhub all day or whatever. Remember, as i said its not illegal to monitor, there are just certain rules in some situations that you have to follow before the date is admissible in civil court.

Taking a personal call while on my time at all is theft. I am not paying you to take personal calls. I am paying you to do something else. By being on a personal call, YOU are the one breaking the contract, hence I can terminate the contract. If there are laws in place that make it so I can not fire someone for not doing what I am paying them to do, that's not a country I would want to live in.

Thats you maybe, i am glad that in Holland (and probably most of atleast Western Europe) employees are actually protected from employers that seem to think they own their personel. I wonder how productive employees would be under such a regime. Studies show for long a time already that on average employees are more productive the more freedom you give them (up to certain boundaries ofcourse), instead of restrict them. If i would not be allowed to take a personal call without the risk of being fired or send a text or whatever, i would do alot less out of office for my employer then what i do now for example. If the employer is not flexible, i'm not flexible either it works both ways.

I just guess when it comes to stuff like this the US is alot different then Europe. For example, the you're fired pack up your stuff and leave immediatly way of firing ppl that you sometimes see in American Series would backfire alot here in Europe for the employer, generally its just not allowed to fire ppl like that unless very severe actions like fraud or something are in play. And even usually then its better to send the employee home on leave, get law enforcement into action (if criminal activities were involved) and build a case and fire him a few days later when you have ran everything past Legal. Just to make sure that every procedure is followed correcty and you don't have to pay him several 10's of thousands of euro's for firing him premature.

[Lathais]

Thats you maybe, i am glad that in Holland (and probably most of atleast Western Europe) employees are actually protected from employers that seem to think they own their personel. I wonder how productive employees would be under such a regime. Studies show for long a time already that on average employees are more productive the more freedom you give them (up to certain boundaries ofcourse), instead of restrict them. If i would not be allowed to take a personal call without the risk of being fired or send a text or whatever, i would do alot less out of office for my employer then what i do now for example. If the employer is not flexible, i'm not flexible either it works both ways.

Not saying I own people, but if you are at work and I am paying you, you should be working, not doing whatever the hell you want.

As for being less productive because you are not allowed to do those things? Doing those things makes you less productive. Employees get breaks, usually about every 2 hours. Is that text or personal call so important it can't wait 2 hours? Then you obviously need to be off the clock.

It's not the employers job to be flexible. They hired you to do a job, you do it. They are paying you to do something, so do it. If you don't like that, it's employment-at-will, your choice don't be employed or go be employed elsewhere.

[Deleted]

I totally agree with Lathais on this. As an employee, your employer is paying you to do a job, for a specified time, at a specified rate.

There may be downtime, cyclic work or what have you, but a good employer should notice an employee who is looking at possible service improvements, or learning skills to assist the co., or learning skills to improve themselves, during those times.

As for EU, the U.K totally nannies corporate web proxies typically, as well as user log audits etc. The vast majority of front line staff will be utterly gimped (no access to social media,webmail,media sites, selling sites, anything "fringe" interest) and then less so as as you work up the hierarchy, or except the people that need to be.

In my experience, over the last 15 years or so in tech service delivery, immediate management may not be that interested themselves and the effect cascades. I think it helps a lot to work in a group that aims for accomplishment.


Legacy.... beyond ms..., times change, the way we compartmentalise now is much more rigorous than during the early 2000's, tech changes, and people didn't seem to be appreciated that proprietary non-compliant variants were a bad idea. I previously worked in a business that was built on tech from the ground up, all core elements were extremely strong, despite translating many disparate languages and provisioning many complex nodes, it was all capex and it was done properly.

There comes a point, if the company/agency has any ability to increase capex to replace legacy cores the potential value it offers is very high. The same teams that are agile and trying to work around problems which simply shouldn't exist, and needn't, can then look at exactly what they are removing and replacing it with. It doesn't look attractive on the books, but longer term the ability to operate more effectively, scale more easily, manage change, require less maintenance, whilst being easier to maintain (because of the superb comments/tech docs you've written), all offset heavily the capex investment against future opex. Some projects appear vast when trying to fix a spaghetti mess but shrink by joining the pieces with good practice.

So....kabylake, not much of an upgrade is it

[Vash The Stampede]

In my opinion Kaby lake was released as a quick cash grab. Intel knows about Zens release, and they know who would buy a Zen. Particularly people with i5-3570k type cpus or older. So with Kaby comes with the 7000 series names, which makes something like a i5 2500 look slow and old. 7000 > 2000. Bigger numbers are better, right? Kaby Lake is meant for people who don't read benchmarks and has the itch to upgrade, which is a lot of people. Meant to take cash from people who might upgrade to Zen, because once Zen is released Intel will lose those customers.

[TaintedOne]

unless you absolutely need some of the features there is no point in upgrading.

Crazy talk. Who doesnt need 4k netflix on their desktop ? Absolutely everyone should upgrade... /s