It's scary how dependent UK is on Windows. Comment from an anonymous physician.
>I'm a doctor in the NHS. It hit my hospital hard. The bosses triggered the MAJAX protocols meaning everyone off work was called to come in and help. Computers are used for everything, so blood tests, admissions, scan requests, referrals, all had to be done by hand. The public were asked to keep away from A+E because hundreds of people were waiting. It was terrifying how little failsafe infrastructure there was. The hospital just stopped working.
Fuck this shit. Why aren't hospitals using a good OS for critical infrastructure?!?!?!?!
Because loads of devices that make up the critical infrastructure are only Windows compatible, and the manufacturers aren't willing to write drivers for Linux. Beyond that, most computers in the medical field are Windows, and it already takes several years to just move between versions of that, a shift to Linux/macOS would probably take over a decade assuming more medical equipment firms actually embrace those platforms.
Thomas Murphy
Linux. MacOS.
Brayden Powell
The problem wasn't the use of Windows. The vulnerability in Windows that was taken advantage of by the worm had already been fixed in March. The problem is the user who does not regularly apply security patches.
You are the one to blame. Next time, don't leave your fucking door open if you don't want people to come into your house and rob you.
Matthew Martin
>mfw libertarian >mfw just thought about governments creating regulations and requiring manufacturers to ship linux drivers
wtf i love socialism now
Evan Harris
>most computers in the medical field are Windows This scares me.
Blake Rodriguez
All you'd have to do is declare Windows in general non HIPAA compliant. The industry would have no choice but to comply without a single line of new law.
Anthony Gomez
>Windows kills people No, ransomware writers do.
Jose Nguyen
You just need to say one word. Telemetry.
Nicholas Torres
>This scares me
it should. Hospitals cling onto old software until the very last day of support. When I was laid off last December, we still had Windows XP machines in production because the jews at the commiefornia HQ refuse to buy the upgrade needed for our security badge system
Isaiah Allen
>"If [the NSA] had privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened," he added.
>Hospitals have been partly blamed for not updating their software in March when a patch was released to fix the flaw. But Mr Snowden pointed out that had the NSA disclosed the vulnerability when it found it, hospitals would have had years to prepare, rather than months.
is he right Sup Forums?
Parker Watson
OpenBSD
Jackson Hill
Many smaller healthcare facilities like doctors offices have some two bit MSP handle their IT so it's even worse. These "people" routinely send passwords in clear text email.
Source: work for a company selling backup software to these fuckwits.
Jeremiah Fisher
snowden is a smug traitorous faggot, and I wish russia would put a bullet in his head soon
The problem is that corporations put stability over everything, and they don't put any manpower into the testing needed in order to roll out these patches to production machines in a timely manner
Cameron White
And then they'd ship drivers that will only work on the particular version of 2.6.32 that RHEL 6 ships, with kernel security updates routinely breaking it. And then in 2030 there'd be a scandal where hospitals all over the place stopped working because half of their critical infrastructure was running RHEL 6 because the incompetent fucks who wrote the specialized medical software never updated it for anything else.
Samuel Myers
Fuck off NSA shill
Owen Torres
No worries, we'll just create even more regulations, both for hospitals and Red Hat.
Huh, this is easy!
Carter Taylor
He is correct. The government is objectively immoral for having done this and is directly responsible for the damage done and potential lives lost.
Kayden Lopez
At $300 per machine this is the point when you just start fucking paying You pay for a machine, you update that machine, and you move on to the next one.
Christopher Cooper
Red Hat should just start refusing to certify drivers that aren't in the mainline kernel. Proprietary kernel drivers are fucking gone except for the embedded world and a few companies selling server shit. Even AMD is pushing for total mainlining, with their full OpenCL stack hitting github.
Daniel Gutierrez
When you swear an oath in government service, you swear to uphold the Constitution. An organization like the NSA that violates the Constitution is owed no loyalty by any citizen.
You're right that the problem here is shitty patch management. Organizations in general don't like that, and the IT department doesn't have enough clout to say "Nope, this is important. We're bringing things down for patching once a week, deal with the downtime. If a patch breaks something, blame [Microsoft, Red Hat, Oracle, etc]" The top management says no to all that shit.
Cameron Rivera
I bet trump is going to ask the NSA to keep making more of this.
Lincoln Stewart
It wouldn't surprise me if the medical devices only run on non patched or old OSed...
Jose Long
>a shift to Linux/macOS >macOS >shift to an OS not even intended to run off non-Apple computers
Its Linux or BSD.
Tyler Long
Windows is the only system taken seriously in the enterprise. I'm a *nix system architect but the windows sysadmin/SOE impl team at my company actually ensure we stay up to date. Weve got 50k employees and about as many desktops.
This is just typical public sector IT. Underskilled and underfunded.
Jayden Jenkins
Easily addressed with VLANs which arent internet routable, and for people who need internet access, using VDI or session based virtual desktops. Its as if you're just some gaymer who thinks he understand computers because he changed a clock multiplier in his bios. Oh wait… you are.
>Fuck this shit. Why aren't hospitals using a good OS for critical infrastructure?!?!?!?! This is common in large environments. FFS WinXP is still used widely in defense environments such as on the UK's newest aircraft carrier - theregister.co.uk/2015/12/15/windows_xp_royal_navy/
IT is expensive and management never wants to spend money when the existing systems already work.
Noah Martin
Sorry, s/system/Desktop system*
big important thing I forgot to miss in my post
Benjamin Gray
Window Update servers are overloaded right now? I tried updating but it won't leave 0%
Brody Long
>Windows kills people
Same logic as banning guns. Malware kills people
Jackson Sullivan
>all had to be done by hand Who was saying it was impossible to run this on paper? Has anyone died yet?
That's what I thought.
Owen Garcia
>Window Update servers are overloaded right now? No, you're just retarded.
Brayden Wood
I know what hospital this is. Their badge server crashed and they never backed up the database on the reg. Fucking stupid.
Jaxson Perry
>so blood tests, admissions, scan requests, referrals, all had to be done by hand
Blood tests done by hand, impressive.
Henry Nelson
Hell would freeze over before microsoft lets the government label their bread and butter software product as a security threat under color of law.
Wyatt Myers
>attack vector was written by the NSA >the NSA is the government >the government kills people
Yep, checks out.
Anthony Jackson
I wonder if the guys who wrote this are shitting themselves right now, I don't think there is anyway they expected it to spread so fast and hit hospitals. People could actually die because of this. Because this has spread worldwide I expect a lot of governments will be doing all they can to track them down.
Oliver Hill
>Not using seL4 on mission critical and life critical hardware Holy Kek my sides
Justin Williams
Military systems using 70's tech is more reliable than XP connected to the internet.
Eli Lewis
> malware kills people Same argument as guns kill people. You kill people.
Landon Russell
>Why aren't hospitals using a good OS If you don't call windows XP a good OS, don't know what you do call one
Reminder heartbleed was the worse remote exploit of this decade and only affected openssl machines, not schannel which windows uses
Luis Anderson
>everyone at work telling me to make sure my devices are secure >no one ever fucking listened to my advice before when they bitched about getting ransomware
Brayden Anderson
What's more scare is how easy they can get your data, this smb exploit could have been used for pretty much anything, who knows if someone already got a hold of medical and banking information of millions around the world. I really hope it's just the cryptolocker thing.
Kevin Myers
/thread
Chase Hernandez
>Why aren't hospitals using a good OS for critical infrastructure?!?!?!?! Anyone that has ever worked with doctors can tell you the answer to that. They fucking hate technology, and the only thing they hate more than technology is relearning how to use technology. And since IT is lower on the totem pole than doctors in a hospital, then what the doctors say goes. IT tries to upgrade software to something modern, then the doctors throw a fit. And if it's not rolled back outright, then the deadlines for switching over get pushed back indefinitely. Which means they end up sticking with old shit like Windows XP. Which, by the way, is why they had this problem. They were still using Windows XP in those hospitals. You know, the operating system that hasn't received security patches for three years and expects everything to run as administrator.
Jaxon Ramirez
>I wonder if the guys who wrote this are shitting themselves right now If they're shitting themselves then it's because of how much money they made off it. If they had some moral dilemma about it then they'd just release all the decryption keys like that one ransomware group did.
Julian Ward
Whatever they do they're beyond fucked now. It's innawoods time for them.
Colton Gray
In the US, hospitals routinely take down their computer systems for maintenance and upgrades and switch to pen & paper for the day. This usually happens once a month and everyone hates it but are used to it. It also serves as practice in case the system gets fucked for real- or so they say.
OP is probably fake.
Ayden Butler
not defending hospitals, but I'd imagine that it's hard to update computers that are almost always in use e.g. ER computers, MRI, x-rays, etc
Andrew Fisher
Are there even any alternatives to the software they use on other platforms? I always notice hospitals/dentists/medical institutions in general tend to use commercial suites to deal with managing patient information and the like that doesn't seem to have an equivalent on macOS or Linux.
Jace Hill
Not really.
You can do old blood test methods by hand, but its extremely tedious and takes WAY longer than letting a computer do it.
Aiden Hughes
It's not Windows or Microsoft's fault, it's the NHs for using UNPATCHED Windows XP. This was HOTFIXED for windows XP months ago. X FUCKING PEE.
Adam Ward
How the fuck did hospitals even function before computers? What a train wreck. This is just a warning of what can happen if people don't start implementing more failsafes and teaching people how to do shit when technology goes kill
Gavin Clark
>HOTFIXED for Windows XP Link to hotfix?
Lucas Perez
They're probably third-worlders and don't give a fuck.
Jackson Watson
>not defending hospitals, but I'd imagine that it's hard to update computers that are almost always in use e.g. ER computers, MRI, x-rays, etc Easy way to work around this PXE booted thin clients with session based or VDI based desktops. If you need to update just have them reboot their computer, and on the server side you just have them reconnect to their virtual desktop when you've updated the image, or some of nodes in the RDS cluster.
Alexander Jenkins
CentOS
Cooper Thomas
>Easy way to work around this PXE booted thin clients with session based or VDI based desktops. Keep in mind this is public sector IT, they would be completely unable to run a VDI solution competently.
Owen Russell
people who think everything would magically be great if Linux was used over Windows are the most cancerous faggots on the planet
Christopher Russell
This.
Matthew Walker
No way would I use thin clients in a hospital. Loss of network connectivity means the thin client stops working.
Austin Morris
>no, don't test your failsafe infrastructure, just pretend it's there and it'll work when you need it, the computers are fine and will be until the end of time....
John Young
Can't really blame them, they don't know what they don't know.
Lincoln Gutierrez
Everything else already runs on Linux. You would be surprised how much of the world's infrastructure already does. Windows is the problem.
Jaxson Ortiz
A lot of hospitals still use hand and paper instead of tablets. Not everyone is as helpless as Euro trash.
Lucas Watson
Hospitals use Windows, because it's better than Linux and doesn't require special gay hardware like OS X
Joshua Hughes
No.
They couldn't be assed to use basic Windows features. The NSA coming out and saying hey guys we found an exploit wouldn't change the type of behavior that got people here.
But of course Snowden has to make it about Big Brother.
Carson Brown
>Loss of network connectivity means the thin client stops working. It doesnt matter because if they're using a computer then either just about app they would need to use requires network connectivity, or it is an embedded system.
That is what happens when management downsizes IT. Fucktards at the top only view IT as a cost center. Hurr durr they don't bring in any profits. They are there exactly to prevent shit like this from happening. Well now the shit has hit the fan. NHS deserves to burn for their incompetence.
Dominic Bennett
That only goes to Vista SP2.
Christian Clark
Maybe prior to systemd, sure.
Depends on the distro. Selinux would have stopped the worm in its tracks.
Not always. Sometimes you can make do with offline access and just sync the data afterward or whatever.
Ian Perez
>Selinux would have stopped the worm in its tracks Is that before or after the hospital IT disables it?
Asher Davis
>Not always. Sometimes you can make do with offline access and just sync the data afterward or whatever. literally what.
>Depends on the distro. Selinux would have stopped the worm in its tracks. You can do the same thing with Windows's AppLocker.
Aiden Bennett
>Hospital IT They had to write 6 hours worth of paperwork to get permission to disbale it. Such is the life in the public sector.
Nathaniel Hill
I have no doubt that some idiot would disable it, but I don't consider someone removing the lock from their door to be the fault of the door manufacturer.
Justin Gonzalez
>NSA has been telling US business, medical, financial companies, to use SELINUX for over a decade now They release documents describing how to setup networks that this wouldn't work on for windows too. The main point is to not have unrestricted SMB everywhere.
Juan Martin
magically be great? no magically be better? Pretty much definitely
Alexander Morales
Maybe.
It's also plausible that the attackers ALREADY had this vulnerability, but were stockpiling it and now that MS has patched it, the number of target machines was dwindling, so they said fuck it and released. In that case, the hopsitals would have had even less time than now to prepare.
Carter Foster
NSA had this vulnerability It got leaked. MS patched it. Someone weaponized it afterwards.
Jason Hill
>You can do the same thing with Windows's AppLocker. Not on the Windows XP machines they're running. Hell, I don't even have App Locker in my environment either because Windows 10 Pro can't do AppLocker. Microsoft is fucking retarded.
Brayden Powell
>In US Hospitals >NHS Hospital in UK
Did you know in Japanese Hospitals they have a priority for Prevention rather than Treatment, so they get less patients overall.
I think US hospitals focus on Treatment is fake.
Josiah Garcia
If anyone there had the ability they would have been using applocker.
The issue is not a technological one, this is purely a human / process one.
Ethan Campbell
>But of course Snowden has to make it about Big Brother. He is pushing pretty fucking hard, but the worm was written by the NSA, and they did lose it. This why privacy and security are important.
>Who cares if the government has all your data, nothing to hide bro >oops they leaked it
>Who cares if the government maintains backdoors, they'll catch terrorists >oops they leaked it
It's less about the concept of government, and more about the implementation. The US government is unbelievably fucking stupid.
Tyler Sanders
Even setting aside the reality that computing is more than web servers, internet of shit devices and hip PR projects from big megacorps you constantly upvote, Windows is the "problem" because it's popular on desktops and other systems operated and managed by everyday people, meaning it's an easy as shit vector for skiddies like these guys to target and compromise an organization with. They didn't get into the NHS's systems because of the SMB exploit that was undoubtedly firewalled off from the outside anyway, they got in because some dipshit clicked a fucky email attachment and set it loose on an unprotected local network, which then spread to more critical systems from there.
This same shit could happen no matter what operating system you use; Linux, macOS, Haiku, whatever, all it takes is a little PEBCAK.
But of course, none of you retards understand that, you think you're smart because you took the 5 minutes to download a Ubuntu ISO and click through an installer, but in the end you're no different from grandma who thinks major security breaches occur through hacker magic and hollywood-tier exploitation.
Aaron Lewis
>"lets" They have no power over Trump or his Secretary of Health and Human Services, and regulations are the purview of the executive branch.
Blake Gutierrez
Kek. Hopefully the people who suffered from this learn to fucking secure their systems because it fucking matters.
And maybe they'll stop enabling organisations like the NSA making software more insecure.
Ethan Flores
NSA having the vuln doesn't necessarily mean *only* the NSA had the vuln (however, being a law enforcement agency, they should have disclosed this far, far sooner -they're aren't *supposed* to be crooks)
Gabriel Peterson
If they cared enough to use move to Linux to use SELinux (highly unlikely) they would have enough recources to by the enterprise sku.
The issue is people not technology.
Benjamin Powell
seL4 is only capable of interactive use cases as a base for Genode, which is nowhere near ready. For static embedded stuff you have a point.
Andrew Cruz
Gee, it's almost as if normies are what's wrong with the world entirely today.
Levi Anderson
Use terminal services. Simple. Cheaper than PCs, autobackup, can be made secure as
Jacob James
No retard, because systems that are able to access the internet are not hooked into unrestricted SMB with your fucking databases unless you hired bottom dollar and never spend any money.
Dominic Morgan
The thing about stockpiling exploits is that they have an expiry date because no one knows when it is going to get patched/discovered and they are a one time use thing. The fact that NSA still held onto this exploit meant no one else knew it, or if they did they didn't use it yet or it was used in a manner that went completely undetected.
Christopher Baker
>yfw microsoft only has a monopoly because socialist policies are keeping it that way if true capitalism were in place, monopolies would vanish in a blink of an eye because they are not profitable, since competitors can move faster than you
Noah Gomez
>operating can't be updated without restarting This is the reason why people don't update
Those computers might need to be used constantly
Charles Adams
>Not on the Windows XP machines they're running. We're talking about hypotheticals here, stop being autistic.
>Hell, I don't even have App Locker in my environment either because Windows 10 Pro can't do AppLocker. Thats your fault, I use it at home.
Lucas Campbell
>What is price fixing
Blake Rodriguez
I think it would be better to offer tax incentives to companies who write linux drivers maybe....
or grants to 3rd party groups who do it ....
Landon Wood
>The issue is people not technology. It's both. Microsoft reinforced poor security practices for about two decades before they finally started to do something about it, and by that point shit was already ingrained. If Microsoft didn't exist we wouldn't have a lot of these problems.