Ah, Windows Phone. I’ve never personally owned a Windows Phone device, but it was nice knowing you. As of July 11, Microsoft has ceased supporting Windows Phone 8.1. With only about 20% of Windows Phone devices running Windows Phone 10 – and Windows Phone in total having less than 1% of the overall mobile market – observers predict that support for the platform will soon stop completely. Now is the time to consider the history of Windows Phone, and what the cybersecurity world may have lost.
It all started with Windows CE, otherwise known as Windows Embedded or Windows Embedded CE. Development began in 1992. The first version of Windows CE launched in November 1996, appearing in some PDA devices of the era – and Windows CE also appeared in the Sega Dreamcast, Sega’s last attempt in the video game console market, which was released in Japan in 1998, and worldwide in 1999.
The Windows CE 3.0 kernel was used in the first version of Windows Mobile, originally named Pocket PC 2000, appearing in more advanced PDA devices and smartphones. The platform ran from the first version of Pocket PC 2000 in April 2000, through to Windows Mobile 6.5 in May 2009.
Windows Mobile 6.5 was going to be followed by Windows Mobile 7, but with the massive success of Apple’s iPhone, which launched in 2007, and smartphones running Android (the first Android phone was T-Mobile’s G1, which launched in October 2008), Microsoft changed direction.
During Mobile World Congress in February 2010, Microsoft announced Windows Phone 7. This new version of the OS was designed to be optimized for touchscreen smartphones, featuring Microsoft’s Metro design language. In my opinion, smartphones and tablets are the devices that the Metro UI is appropriate for. I never personally liked it on the desktop in Windows 8 and 10, Windows Server 2012 and 2016, or on the Xbox 360 and Xbox One, but to each their own.
Although Windows Phone 7, 8, and 10 were actually pretty good operating systems, Microsoft may have released the platform too late to acquire major mobile marketshare, even with their historic Nokia partnership in 2011. What interests me is that some cybersecurity experts believe that Windows Phone is the most secure mobile operating system.
Penetration tester Steve Lord of Mandalorian Security Services analyzed Windows Phone for himself, telling WhatMobile.net:
All have benefits and drawbacks. Currently Windows Phone seems to be the hardest nut to crack. Blackberry has a long history of being very security-focused. If I have physical access to the device, I find Android’s usually the easiest target. Then comes iPhone, then older versions of BlackBerry. If it’s over a network or I have to attack via email or message, Android’s usually the softest target.
Older smartphones tend be considered less secure as they’re usually affected by known weaknesses. If you’re using an older phone you’re better off with a classic dumb phone. If you have to have an older smartphone, use an older BB10-based Blackberry, or a Windows Phone running Windows Phone 8 or newer.”
Simon Reed, Sophos’s own security guru, says:
History shows that Windows Phones were low-risk devices to use. How much of this was due to the inherent security of the device vs the cybercriminals focusing on the high-volume platforms, we will never know.
With the death of the Windows Phone platform, this leaves mobile users exposed in two ways. Firstly, those people who continue to use an out-of-date product need to think about what this means to their security posture going forward. Up to now, cybercriminals typically ignored the WP due to low market adoption.
Secondly, in the rush to move to an alternative platform (iPhone or Android) users need to consider the impact of migrating from a platform that mostly cybercriminals ignored, to ones they are focused on.
So now those of us in the cybersecurity world can reminisce about what we may be losing in a world with no more Windows Phone. Windows Phone, it was nice knowing you.
16 comments on “So long, Windows Phone – it was nice knowing you”
An article virtually devoid of any useful facts whatsoever, but chock full of musings. Thanks! Can I get my time back please? W8 is ending regular service life but not extended service life which includes security updates. So security patches will still be issued to W8 handsets. Newer W10 Mobile continues unaffected. W8 handsets are min 2-3 years old at this point. No one realistically expected another W8 feature update.
If you click on the very first link in the article (which you would have encountered before you had lost very much of the time you now seem to want back :-), you will see the following text, officially published by Microsoft:
That’s unequivocal in my book.
At the very least, your statement that “security patches will still be issued to W8 handsets” is dangerously incorrect.
And to think that (to me) it all started with PocketPC on an iPaq. No that’s not from Apple. Syncing with Lotus Notes and what not, and reading on the bus. Nostalgia.
It makes sense, since they’re standardizing the codebase on 10, but I hope they keep Phone 10. I love it, since it’s super stable and a joy to use. The 950 is a great phone.
Agreed – they’re still the devices with the best cameras. I’ve got a 950XL (among, er, others; I have quite a collection of Windows handsets) and I only reluctantly moved to Android last year after smashing the screen of my beloved 1520.
I am really upset about this. I have only owned a cell phone for 3 or 4 years, and HTC 8X was my first and only one. I love the UI on my Windows phone, security, ease of use, and beauty of it all. I don’t use a million apps and I have always got what I needed from this phone. I still refuse to believe it, even though the writing is on the wall. I always enjoyed not being one of the sheep in the Android/iOS fascination. Hate this.
I too had an ipaq, which was more capable but not quite so elegant as the Palm device it replaced. I never had a modern Windows Phone either but that was largely because I had an early version that was quite clunky, which left me with an Android handset as my first proper (personal) smartphone. A dalliance with Apple left me uninspired (where does the SD Card go?) so I have remained with Android.
Given the majority of us use Windows at work, it always struck me that Windows Phone should have done better in the corporate environment, been much more seamless (and perhaps secure) than the alternatives and had much deeper integration. Shame really.
I owned a dopod 610, followed by a htc tytn2 both running Windows mobile. I thought they were great. Then Microsoft decided to go to WP7 with no backwards compatibility and no migration path. I looked at a WP7 phone, hated the interface and switched to Android. If I have to replace all my apps anyway, why go with such an unpersonalisable os? They lost a lot of customers that way.
I still use my HP 620LX, the “palmtop computer” running WinCE 2.
As an alarm clock, mind you, but I DO still use it.
We like our Windows phones and will continue using them until they’re no longer supported by Microsoft. They sync easily with our computers and are easy to use. The only drawback is that sometimes there’s not as much app selection but that’s changing with more apps for Windows in general.
Brilliant phone operation system.
I’ve tried most phone platforms and I actually found Windows Phone 8.1 to be the best to use. The tiles interface suited my chunkier man hands much better than Apple or Android and the phone was always intuitive and fast. But a lack of investment by MS meant that increasingly the phone was incompatible with services and devices that I needed to use.
I’ve now got an iPhone which works beautifully with everything but the user interface is far poorer than WinPho.
I love my Lumia 950XL running Win10, but I’m transitioning to Android.
At a reject major tech conference, I sat down with one of the leading mobile phone analysts in the industry, and (after I did so) he put his personal daily driver on the table–same phone. We looked at each other, and I said, “it’s just the apps.” He replied, “yep.”
Windows 10 Mobile (nee Windows Phone) is a fantastic platform. I’d argue that it’s the best mobile OS by far, now that I’ve used all three platforms (four if you count BB). But the apps just aren’t there.
Yep, this is exactly my experience. Smashed my beloved Lumia 1520’s screen and moved to a 950XL, which is a great phone (though I found the battery life shonky) and then reluctantly moved to Android as app support dropped away. What phone are you moving to? I’m using a Pixel XL which is really not bad at all, though I still think the camera on the 950XL is better despite the glowing reviews.
I’m trying a few of them. My wife and daughter are also moving on from 950XLs. The Mrs. is currently using a Nexus 6p; I’m using a Samsung Galaxy 6. I prefer the Samsung because of its Miracast support, and Samsung Pay is incredibly good. I like the clean design of the Nexus (and Pixel), but I’m not thrilled at Google’s extremely short support lifecycle and the proprietary nature of Project Fi.
I haven’t used the Samsung phones for ages – I used to dislike the heavily customised UI and the proprietary apps, but I gather Samsung is rather better about that now. I’ve also got a OnePlus 5, which is mostly a very good device indeed: it’s a lovely, sleek design. However, I found Android Pay flaky – have to keep restarting the NFC, which is tiresome, and the camera isn’t as good as the Pixel XL. I do like the minor but nice tweaks OnePlus makes to its version of Android.