Back to Silas S. Brown's home page

Upgrading old Windows to GNU/Linux

As a small public service to the numerous non-technical users of ageing equipment I've met, since April 2014 my site has included a piece of Javascript which displays the following message at the top of all my pages if it detects Windows 2000 or XP, and I added Vista in 2017:

Connecting old Windows 2000, XP or Vista to the Internet is dangerous. Upgrade to Linux urgently!

My site detected you're using an old Windows 2000, XP or Vista computer, and I'm worried about your safety. Microsoft's security blog said:
When Microsoft releases a security update...criminals will...identify the specific section of code that contains the vulnerability...develop code that will allow them to exploit it on systems that do not have the security update installed on them.  They also try to identify whether the vulnerability exists in other products...if a vulnerability is addressed in one version of Windows, researchers investigate whether other versions of Windows have the same vulnerability...the Microsoft Security Response Center...[releases] security updates for all affected products simultaneously...But after April 8, 2014, organizations that continue to run Windows XP won't have this advantage over attackers any longer.  The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities.  If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP.  Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a ``zero day'' vulnerability forever.
This also applies to Windows Vista (which was end-of-life'd on April 11, 2017) and to Windows 2000 and earlier.

What does this mean?

Attackers typically scan across the whole Internet to find computers they can attack.  Being `insignificant' does NOT mean you'll escape. Simply connecting your computer to the Internet will be enough for them to break in and:

What can I do?

My suggestion is GNU/Linux, specifically a ``beginner-friendly'' version like wattOS-LXDE R9 which fits on a CD-ROM, is supported until 2019 and is easily upgradeable thereafter.

Otherwise, you will likely need a new computer if you wish to continue to use the Internet.  Your old computer can perhaps be put to good use by someone who doesn't use the Internet, or by a trustworthy Linux expert (I say `trustworthy' because they can sometimes recover confidential things you thought you'd deleted).  I am not able to give computer buying advice at this time; you could try asking someone who knows the shops in your area.  I recommend not choosing Windows.


All material © Silas S. Brown unless otherwise stated.