The day is now upon us. After a nearly 13 year affair, marked by manic periods of love and hate, we now face the inevitable conclusion of our relationship with Windows XP. We knew that our time together was only temporary, and many are applauding the end of an era that was probably several years past its prime. As much as I appreciated the time that Microsoft granted us, I recognize that it’s time to move on.
My acceptance aside, I believe that many others are forced to remain in denial. Consider that some reports continue to pin XP usage at anywhere from 10% to nearly 30% of all desktop systems. Combine these statistics with reports that 95% of all ATMs, many medical devices and cash registers run Windows XP. I’m not one to succumb to FUD (Fear, Uncertainty, and Doubt), but the numbers imply that we face a potentially catastrophic security condition once Microsoft ceases its support for the operating system. How many vulnerabilities are hiding out there, their hacker benefactors giddy as they wait for Microsoft to cease providing security patches for XP computers? I suspect that we’ll find out soon.
Microsoft can help by making the XP operating system core available as open source software. I think that it should.
After making a sarcastic tweet about open source XP, I started digging only to find...almost nothing. Other than one 2012 Network World article and a recent but largely ignored Reddit post, the idea of an open source XP is nonexistent.
I’m not entirely surprised about the reticence. Microsoft really has no motivation to open source XP, XP’s demise is widely credited with sparking PC sales (perhaps for the last time?), and there may even be legal implications associated with Microsoft’s past monopoly problems. But, why not at least discuss the potential benefits? That lack of associated coverage does surprise me.
Microsoft’s decision to end XP support is reasonable. With three major operating system upgrades since it released Windows XP Service Pack 3 (Windows Vista, 7, and 8), Microsoft has given us more than ample opportunity leave XP behind.
Either by choice, requirement, or financial reasons, many businesses and consumers (including myself) have held on to XP. From a business perspective, Microsoft may think that it can force businesses to upgrade by eliminating support, but I suspect that we’re at the point now where that argument no longer applies. Despite having the support end date held over their heads for years, businesses continue to stick with it due to conditions outside of Microsoft’s control. It’s not resistance to change that's holding them back so much as being tied to XP for some legitimate reason at this point. That reasoning doesn’t suddenly change with the end of support.
Unlike when XP was first released, businesses have a lot of reasonable computing choices available now. The community has realized the benefits of using open source software such as Linux. Manufacturers of closed systems such as ATMs and medical devices will likely respond to the impact that XP's demise has had on their products by migrating to more open systems that can grant far greater flexibility and control.
Consumers, too, now have many more good choices than we had 13 years ago. Apple OS X systems are much more prominent and familiar now, aided by the popularity of Apple iDevices. Linux, too, has become much more user friendly. With the advent of cloud computing, consumers are also realizing that the desktop operating system is becoming much less important to their daily lives than it once was.
This is all to say that Microsoft probably cannot expect to get much more out of XP upgrades than it already has. Those businesses and consumers that are holding on are doing so for a reason. More modern Windows operating systems don’t automatically represent the answers to our problems.
While Microsoft should relinquish it’s responsibility over maintaining such a dated operating system, cutting off those businesses that continue to depend on XP is almost responsible. Instead, releasing Windows XP as open source software would give those businesses control over their own destinies. If they are absolutely dependent on XP, then they can collectively accept responsibility for its maintenance. Microsoft may not profit from the move, but I submit that my arguments above suggest that the profit potential from this community is low anyway. I doubt Microsoft would really lose much of anything.
What the community would gain from open source XP is great, though. It would gain an opportunity to leverage the open source movement to quickly close new vulnerabilities. Also, giving the community access to the code would make it much easier to identify and quash vulnerabilities that we may not have known before. Some businesses may claim that openness as an argument against open source, leading others to believe that it will result in a flood of vulnerabilities that attackers will quickly exploit. While a legitimate concern, the now lengthy history of the open source movement has demonstratively quashed those legacy concerns. I believe the argument to be irrational anyway. Knowledge trumps ignorance from a security perspective every single time.
Microsoft, too, would stand to gain from releasing the Windows XP core open source. Beyond the obvious goodwill gained, Microsoft would be able to retain consumers and businesses in the Windows ecosystem rather than lose them completely to Apple and Google. For example, imagine how a supported open XP mobile could compete with Android and iOS. Developers could get excited about Windows again, granting an opportunity for Microsoft to easily port XP solutions to its more advanced and modern Windows mobile strategy. The move could also enable Microsoft to begin relinquishing its dependence on the operating system at a time when businesses and consumers are prioritizing services and apps over system dependence.
Perhaps, someday, an open source Windows version could compete with Microsoft’s own system development. This is a legitimate risk, but it's no different than the competition that Microsoft is already facing in both the desktop computing, enterprise, and mobile spaces. Many might even say that it’s a battle that Microsoft is losing. If Microsoft is going to truly think cloud and mobile first, then releasing XP open source just makes sense. It may be time to embrace the change with a new strategy, one that ultimately supports the security of a large percentage of the Windows user population rather than leave them on their own.