Main Area and Open Discussion > Living Room
[Breaking News] Cyber Attack cripples UK NHS.
wraith808:
f you have a product (e.g. Win XP) that has fundamentally changed the world and the world in its current form still relies on it to function, then you (MS) can't just decide for commercial reasons to entirely abandon it (and the world). I mean you can, but it is not right and it will have consequences, including commercial ones.-dr_andus (May 14, 2017, 06:37 AM)
--- End quote ---
I quite disagree.
Windows XP is 15+ years old, has had way longer support lifetime than you get for LTS version of other software, and there's been a very clearly planned and communicated timeline for support EOL.
-f0dder (May 14, 2017, 11:12 AM)
--- End quote ---
I'm not sure if we're talking about the same thing. My point is that here we are no longer dealing with just any software of any private company. If Win XP has become a mission-critical part of vital infrastructures around the world, MS can no longer wash its hands by saying "I told you so, you should have upgraded." If people die because their operations were cancelled or other critical infrastructures fail as a result, it's beside the point whose fault it was and whether usual rules of business markets apply. It becomes a public and social issue. Even if MS doesn't think so, if they mishandle it, it could backfire on them very badly.
On another note, I think a lot of people and organisations have been sticking with XP and Win7 because they are actually pretty good products. The other day I turned back on an old PC of mine with Win95, and I was amazed how snappy the system was on some very old hardware (that was not turned on for years). So maybe that's why MS changed strategy and started producing crappier products, so customers have more motivation to keep upgrading to newer versions. :D
-dr_andus (May 16, 2017, 06:34 AM)
--- End quote ---
So they are now bound to support it forever?
Stoic Joker:
By that logic, if somebody likes driving a 1965 Chevy Impala, because it's cool. But they get into an accident, and are killed because the 1965 Impala didn't have ABS, Air Bags, or computerized stability control. Their death is Chevrolet's fault.
The XP era internet doesn't exist anymore. During the XP era - Service Pack 2 Specifically - over 70% of Windows code was deprecated due to security issues. Changes to the architecture were made that resulted in their being no direct upgrade path from XP to Vista. This kind of stuff can't be "patched".
There is no fixing these old systems, from a security standpoint they must be replaced. And the issue isn't so much MS who was stuck begging and pleading with the hardware folks - to share the security burden by updating their shit - during the 5 years it took to get Vista launched. Creative soundcards being among the worst direct hardware access foot dragging offenders. Certain common (yet then becoming dangerous) practices like direct hardware access by software had to be stopped. And the fact that some lazy manufacturer decided to keep doing it on a$30,000 X-Ray machine...just because that's the way they'd always been doing it ... Is not Microsoft's fault. Or anything they have a snowball's chance in hell of "fixing".
dr_andus:
I'm not sure if we're talking about the same thing. My point is that here we are no longer dealing with just any software of any private company. If Win XP has become a mission-critical part of vital infrastructures around the world, MS can no longer wash its hands by saying "I told you so, you should have upgraded." If people die because their operations were cancelled or other critical infrastructures fail as a result, it's beside the point whose fault it was and whether usual rules of business markets apply. It becomes a public and social issue. Even if MS doesn't think so, if they mishandle it, it could backfire on them very badly.
-dr_andus (May 16, 2017, 06:34 AM)
--- End quote ---
It turns out Microsoft would actually agree with me on this to some extent and have been trying to do something about it:
The need for a Digital Geneva Convention - Microsoft on the Issues
...cyberspace in fact is produced, operated, managed and secured by the private sector. Governments obviously play all sorts of critical roles, but the reality is that the targets in this new battle – from submarine cables to datacenters, servers, laptops and smartphones – in fact are private property owned by civilians.
There’s an additional consequence that results from all this. The tech sector today operates as the first responders to nation-state attacks on the internet. A cyber-attack by one nation-state is met initially not by a response from another nation-state, but by private citizens.
...
And as the private citizens thrust into this challenge, the question for all of us in the tech sector is what we will do to address it.
...
We therefore need to recognize a critical truth – this is not a problem that we can solve solely with each of us acting alone.
...
While there is no perfect analogy, the world needs an organization that can address cyber threats in a manner like the role played by the International Atomic Energy Agency in the field of nuclear non-proliferation. This organization should consist of technical experts from across governments, the private sector, academia and civil society with the capability to examine specific attacks and share the evidence showing that a given attack was by a specific nation-state.
--- End quote ---
tomos:
^ that is relevant,
but I think that what f0dder and Stoic Joker say is more practically relevant to the situation. XP gotta go (unless machine is offline and not connected a network). Otherwise you are taking a risk: if that risk involves other people, then the decision (be it passive or active) to keep XP will probably be the cause of trouble for you and them -- by the sounds of it, even if MS tries to support it.
wraith808:
^ That's exactly the point. No one company can be expected to support any software forever. Money, resources, and effort expended to support a 15 year old OS is, at this point, charity and PR work in my opinion. The companies themselves should see the technical debt that they have, and create a mitigation policy for changing their ongoing technical strategy. The inability to get drivers isn't, IMO, a valid reason. It might be an impediment or an obstacle, but not an insurmountable one. It requires those same things that it seems that some expect Microsoft to invest, i.e. money, resources, and effort.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version