Main Area and Open Discussion > Living Room

[Breaking News] Cyber Attack cripples UK NHS.

<< < (3/8) > >>

dr_andus:
This incident highlights some interesting issues concerning corporate social responsibility. If you have a product (e.g. Win XP) that has fundamentally changed the world and the world in its current form still relies on it to function, then you (MS) can't just decide for commercial reasons to entirely abandon it (and the world). I mean you can, but it is not right and it will have consequences, including commercial ones.

If I was a non-US large organisation such as the NHS, I would think twice about continuing to invest into MS products and would start very quickly to consider alternatives (such as the French police that went with Linux). There are also national security issues for a non-US country to have such a total reliance on the product of a single US corporation:

Europe's reliance on Microsoft has governments under a worrying digital 'killswitch'

Stoic Joker:
An OS that was released over 15 years ago, in an age where people pay for latest phones, latest consoles and other gadgets ... sorry but that's silly.-rgdot (May 12, 2017, 04:33 PM)
--- End quote ---
Yes and no.

In general, I agree that it's silly to cling on to an operating system that's that old - but there might be good reasons for it at a hospital. They have special equipment that sometimes, unfortunately, need drivers that haven't been updated for modern systems.
-f0dder (May 13, 2017, 12:18 AM)
--- End quote ---

Many of our clients are medical, and this is indeed quite true. Also - just to make things worse - since these systems frequently manage to be just complex enough to offer/require a (remote) support agreement...Air Gaping is not an option.

Carol Haynes:
It is the faults of the UK and US governments primarily.

It is the US governments fault for legislating that the NSA can snoop on American citizens that ultimately got stolen by/leaked to hackers (which everyone knows is inevitable) - this is going to happen more oftne inthe US and UK and we should all be railing against the decimation of our rights and privacy as citizens.

It is the UK's fault to refusing to fund the necessary upgrades to computer hardware/software in the NHS. It isn't by negligence but a decision not to fund.

When the NHS were building integrated infrastructure across all branches of the NHS everyone knew this would be an inevitable result - to be honest I am surprised it took so long!!

rgdot:
It is an almost fundamental design issue. It's like chicken and egg argument, driver for modern system not existing/available is an impediment to moving from XP to 7.
As for funding issue, that's both yes and no, up until very recently - and in some cases still - bank ATMs and commercial POS ran XP ....  at multi million and sometimes billion companies. Not restricted to government entities.

f0dder:
f you have a product (e.g. Win XP) that has fundamentally changed the world and the world in its current form still relies on it to function, then you (MS) can't just decide for commercial reasons to entirely abandon it (and the world). I mean you can, but it is not right and it will have consequences, including commercial ones.-dr_andus (May 14, 2017, 06:37 AM)
--- End quote ---
I quite disagree.
Windows XP is 15+ years old, has had way longer support lifetime than you get for LTS version of other software, and there's been a very clearly planned and communicated timeline for support EOL. Now, it would be interesting if some product liability (within limited timeframe) was introuced - Poul-Henning Kamp of FreeBSD frame has some thoughts on this that are worth reading, but for a product as antiquated as WinXP, it really is the fault of the victims for not upgrading.

As I've said, and Stoic Joker confirmed, there's good reasons why some equipment is not upgraded, and it's not easy to secure those machines - but it's not impossible, either. Virtualization, network segragation, proper backups, etc... and obviously a lot of the photos we've seen the last couple of days show pwned machines where there really aren't any good excuses for not having patched.

Anyway, the bugs exploited are pretty bad - the SMBv1 used for worming isn't exactly XP-only, and the Windows Defender/Anti-Malware exploit is probably the worst I've seen in... 10+ years, I reckon.

It is the US governments fault for legislating that the NSA can snoop on American citizens that ultimately got stolen by/leaked to hackers (which everyone knows is inevitable) - this is going to happen more oftne inthe US and UK and we should all be railing against the decimation of our rights and privacy as citizens.-Carol Haynes (May 14, 2017, 08:25 AM)
--- End quote ---
NSA does what National Security Agencies do - I'm appalled at how they're doing mass surveillance of honest citizens, but NSA doing offensive malware research is not a problem - the bugs were there, it's only a matter of time before somebody found and exploited them.

Navigation

[0] Message Index

[#] Next page

[*] Previous page