Windows kills people

>This scares me

it should. Hospitals cling onto old software until the very last day of support. When I was laid off last December, we still had Windows XP machines in production because the jews at the commiefornia HQ refuse to buy the upgrade needed for our security badge system

>"If [the NSA] had privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened," he added.

>Hospitals have been partly blamed for not updating their software in March when a patch was released to fix the flaw. But Mr Snowden pointed out that had the NSA disclosed the vulnerability when it found it, hospitals would have had years to prepare, rather than months.

is he right Sup Forums?

OpenBSD

Many smaller healthcare facilities like doctors offices have some two bit MSP handle their IT so it's even worse. These "people" routinely send passwords in clear text email.

Source: work for a company selling backup software to these fuckwits.

snowden is a smug traitorous faggot, and I wish russia would put a bullet in his head soon

The problem is that corporations put stability over everything, and they don't put any manpower into the testing needed in order to roll out these patches to production machines in a timely manner

And then they'd ship drivers that will only work on the particular version of 2.6.32 that RHEL 6 ships, with kernel security updates routinely breaking it. And then in 2030 there'd be a scandal where hospitals all over the place stopped working because half of their critical infrastructure was running RHEL 6 because the incompetent fucks who wrote the specialized medical software never updated it for anything else.

Fuck off NSA shill

No worries, we'll just create even more regulations, both for hospitals and Red Hat.

Huh, this is easy!

He is correct.
The government is objectively immoral for having done this and is directly responsible for the damage done and potential lives lost.

At $300 per machine this is the point when you just start fucking paying You pay for a machine, you update that machine, and you move on to the next one.

Red Hat should just start refusing to certify drivers that aren't in the mainline kernel. Proprietary kernel drivers are fucking gone except for the embedded world and a few companies selling server shit. Even AMD is pushing for total mainlining, with their full OpenCL stack hitting github.

When you swear an oath in government service, you swear to uphold the Constitution. An organization like the NSA that violates the Constitution is owed no loyalty by any citizen.

You're right that the problem here is shitty patch management. Organizations in general don't like that, and the IT department doesn't have enough clout to say "Nope, this is important. We're bringing things down for patching once a week, deal with the downtime. If a patch breaks something, blame [Microsoft, Red Hat, Oracle, etc]" The top management says no to all that shit.

I bet trump is going to ask the NSA to keep making more of this.

It wouldn't surprise me if the medical devices only run on non patched or old OSed...

>a shift to Linux/macOS
>macOS
>shift to an OS not even intended to run off non-Apple computers

Its Linux or BSD.

Windows is the only system taken seriously in the enterprise. I'm a *nix system architect but the windows sysadmin/SOE impl team at my company actually ensure we stay up to date. Weve got 50k employees and about as many desktops.

This is just typical public sector IT. Underskilled and underfunded.

Easily addressed with VLANs which arent internet routable, and for people who need internet access, using VDI or session based virtual desktops. Its as if you're just some gaymer who thinks he understand computers because he changed a clock multiplier in his bios. Oh wait… you are.

>Fuck this shit. Why aren't hospitals using a good OS for critical infrastructure?!?!?!?!
This is common in large environments. FFS WinXP is still used widely in defense environments such as on the UK's newest aircraft carrier - theregister.co.uk/2015/12/15/windows_xp_royal_navy/

US nuke command and control systems are still being ran on 1970s era IBM hardware - theregister.co.uk/2016/05/25/us_nuclear_guidance_system_running_on_8inch_floppies/

IT is expensive and management never wants to spend money when the existing systems already work.

Sorry, s/system/Desktop system*

big important thing I forgot to miss in my post

Window Update servers are overloaded right now?
I tried updating but it won't leave 0%

>Windows kills people

Same logic as banning guns. Malware kills people

>all had to be done by hand
Who was saying it was impossible to run this on paper? Has anyone died yet?

That's what I thought.

>Window Update servers are overloaded right now?
No, you're just retarded.

I know what hospital this is. Their badge server crashed and they never backed up the database on the reg. Fucking stupid.

>so blood tests, admissions, scan requests, referrals, all had to be done by hand

Blood tests done by hand, impressive.

Hell would freeze over before microsoft lets the government label their bread and butter software product as a security threat under color of law.

>attack vector was written by the NSA
>the NSA is the government
>the government kills people

Yep, checks out.

I wonder if the guys who wrote this are shitting themselves right now, I don't think there is anyway they expected it to spread so fast and hit hospitals. People could actually die because of this. Because this has spread worldwide I expect a lot of governments will be doing all they can to track them down.

>Not using seL4 on mission critical and life critical hardware
Holy Kek my sides

Military systems using 70's tech is more reliable than XP connected to the internet.

> malware kills people
Same argument as guns kill people.
You kill people.

>Why aren't hospitals using a good OS
If you don't call windows XP a good OS, don't know what you do call one

Reminder heartbleed was the worse remote exploit of this decade and only affected openssl machines, not schannel which windows uses

>everyone at work telling me to make sure my devices are secure
>no one ever fucking listened to my advice before when they bitched about getting ransomware

What's more scare is how easy they can get your data, this smb exploit could have been used for pretty much anything, who knows if someone already got a hold of medical and banking information of millions around the world. I really hope it's just the cryptolocker thing.

/thread

>Why aren't hospitals using a good OS for critical infrastructure?!?!?!?!
Anyone that has ever worked with doctors can tell you the answer to that. They fucking hate technology, and the only thing they hate more than technology is relearning how to use technology. And since IT is lower on the totem pole than doctors in a hospital, then what the doctors say goes. IT tries to upgrade software to something modern, then the doctors throw a fit. And if it's not rolled back outright, then the deadlines for switching over get pushed back indefinitely. Which means they end up sticking with old shit like Windows XP. Which, by the way, is why they had this problem. They were still using Windows XP in those hospitals. You know, the operating system that hasn't received security patches for three years and expects everything to run as administrator.

>I wonder if the guys who wrote this are shitting themselves right now
If they're shitting themselves then it's because of how much money they made off it. If they had some moral dilemma about it then they'd just release all the decryption keys like that one ransomware group did.

Whatever they do they're beyond fucked now. It's innawoods time for them.

In the US, hospitals routinely take down their computer systems for maintenance and upgrades and switch to pen & paper for the day. This usually happens once a month and everyone hates it but are used to it. It also serves as practice in case the system gets fucked for real- or so they say.

OP is probably fake.

not defending hospitals, but I'd imagine that it's hard to update computers that are almost always in use e.g. ER computers, MRI, x-rays, etc

Are there even any alternatives to the software they use on other platforms? I always notice hospitals/dentists/medical institutions in general tend to use commercial suites to deal with managing patient information and the like that doesn't seem to have an equivalent on macOS or Linux.

Not really.

You can do old blood test methods by hand, but its extremely tedious and takes WAY longer than letting a computer do it.

It's not Windows or Microsoft's fault, it's the NHs for using UNPATCHED Windows XP. This was HOTFIXED for windows XP months ago. X FUCKING PEE.

How the fuck did hospitals even function before computers? What a train wreck. This is just a warning of what can happen if people don't start implementing more failsafes and teaching people how to do shit when technology goes kill

>HOTFIXED for Windows XP
Link to hotfix?

They're probably third-worlders and don't give a fuck.

>not defending hospitals, but I'd imagine that it's hard to update computers that are almost always in use e.g. ER computers, MRI, x-rays, etc
Easy way to work around this PXE booted thin clients with session based or VDI based desktops. If you need to update just have them reboot their computer, and on the server side you just have them reconnect to their virtual desktop when you've updated the image, or some of nodes in the RDS cluster.

CentOS

>Easy way to work around this PXE booted thin clients with session based or VDI based desktops.
Keep in mind this is public sector IT, they would be completely unable to run a VDI solution competently.

people who think everything would magically be great if Linux was used over Windows are the most cancerous faggots on the planet

This.

No way would I use thin clients in a hospital. Loss of network connectivity means the thin client stops working.

>no, don't test your failsafe infrastructure, just pretend it's there and it'll work when you need it, the computers are fine and will be until the end of time....

Can't really blame them, they don't know what they don't know.

Everything else already runs on Linux. You would be surprised how much of the world's infrastructure already does. Windows is the problem.

A lot of hospitals still use hand and paper instead of tablets. Not everyone is as helpless as Euro trash.

Hospitals use Windows, because it's better than Linux and doesn't require special gay hardware like OS X

No.

They couldn't be assed to use basic Windows features. The NSA coming out and saying hey guys we found an exploit wouldn't change the type of behavior that got people here.

But of course Snowden has to make it about Big Brother.

>Loss of network connectivity means the thin client stops working.
It doesnt matter because if they're using a computer then either just about app they would need to use requires network connectivity, or it is an embedded system.

technet.microsoft.com/library/security/MS17-010

That is what happens when management downsizes IT. Fucktards at the top only view IT as a cost center. Hurr durr they don't bring in any profits. They are there exactly to prevent shit like this from happening. Well now the shit has hit the fan. NHS deserves to burn for their incompetence.

That only goes to Vista SP2.

Maybe prior to systemd, sure.

Depends on the distro. Selinux would have stopped the worm in its tracks.

Not always. Sometimes you can make do with offline access and just sync the data afterward or whatever.

>Selinux would have stopped the worm in its tracks
Is that before or after the hospital IT disables it?

>Not always. Sometimes you can make do with offline access and just sync the data afterward or whatever.
literally what.

>Depends on the distro. Selinux would have stopped the worm in its tracks.
You can do the same thing with Windows's AppLocker.

>Hospital IT
They had to write 6 hours worth of paperwork to get permission to disbale it. Such is the life in the public sector.

I have no doubt that some idiot would disable it, but I don't consider someone removing the lock from their door to be the fault of the door manufacturer.

>NSA has been telling US business, medical, financial companies, to use SELINUX for over a decade now
They release documents describing how to setup networks that this wouldn't work on for windows too. The main point is to not have unrestricted SMB everywhere.

magically be great? no
magically be better? Pretty much definitely

Maybe.

It's also plausible that the attackers ALREADY had this vulnerability, but were stockpiling it and now that MS has patched it, the number of target machines was dwindling, so they said fuck it and released.
In that case, the hopsitals would have had even less time than now to prepare.

NSA had this vulnerability
It got leaked. MS patched it. Someone weaponized it afterwards.

>You can do the same thing with Windows's AppLocker.
Not on the Windows XP machines they're running. Hell, I don't even have App Locker in my environment either because Windows 10 Pro can't do AppLocker. Microsoft is fucking retarded.

>In US Hospitals
>NHS Hospital in UK

Did you know in Japanese Hospitals they have a priority for Prevention rather than Treatment, so they get less patients overall.

I think US hospitals focus on Treatment is fake.

If anyone there had the ability they would have been using applocker.

The issue is not a technological one, this is purely a human / process one.

>But of course Snowden has to make it about Big Brother.
He is pushing pretty fucking hard, but the worm was written by the NSA, and they did lose it. This why privacy and security are important.

>Who cares if the government has all your data, nothing to hide bro
>oops they leaked it

>Who cares if the government maintains backdoors, they'll catch terrorists
>oops they leaked it

It's less about the concept of government, and more about the implementation. The US government is unbelievably fucking stupid.

Even setting aside the reality that computing is more than web servers, internet of shit devices and hip PR projects from big megacorps you constantly upvote, Windows is the "problem" because it's popular on desktops and other systems operated and managed by everyday people, meaning it's an easy as shit vector for skiddies like these guys to target and compromise an organization with. They didn't get into the NHS's systems because of the SMB exploit that was undoubtedly firewalled off from the outside anyway, they got in because some dipshit clicked a fucky email attachment and set it loose on an unprotected local network, which then spread to more critical systems from there.

This same shit could happen no matter what operating system you use; Linux, macOS, Haiku, whatever, all it takes is a little PEBCAK.

But of course, none of you retards understand that, you think you're smart because you took the 5 minutes to download a Ubuntu ISO and click through an installer, but in the end you're no different from grandma who thinks major security breaches occur through hacker magic and hollywood-tier exploitation.

>"lets"
They have no power over Trump or his Secretary of Health and Human Services, and regulations are the purview of the executive branch.

Kek.
Hopefully the people who suffered from this learn to fucking secure their systems because it fucking matters.

And maybe they'll stop enabling organisations like the NSA making software more insecure.

NSA having the vuln doesn't necessarily mean *only* the NSA had the vuln (however, being a law enforcement agency, they should have disclosed this far, far sooner -they're aren't *supposed* to be crooks)

If they cared enough to use move to Linux to use SELinux (highly unlikely) they would have enough recources to by the enterprise sku.

The issue is people not technology.

seL4 is only capable of interactive use cases as a base for Genode, which is nowhere near ready. For static embedded stuff you have a point.

Gee, it's almost as if normies are what's wrong with the world entirely today.

Use terminal services. Simple. Cheaper than PCs, autobackup, can be made secure as

No retard, because systems that are able to access the internet are not hooked into unrestricted SMB with your fucking databases unless you hired bottom dollar and never spend any money.

The thing about stockpiling exploits is that they have an expiry date because no one knows when it is going to get patched/discovered and they are a one time use thing. The fact that NSA still held onto this exploit meant no one else knew it, or if they did they didn't use it yet or it was used in a manner that went completely undetected.

>yfw microsoft only has a monopoly because socialist policies are keeping it that way
if true capitalism were in place, monopolies would vanish in a blink of an eye because they are not profitable, since competitors can move faster than you

>operating can't be updated without restarting
This is the reason why people don't update

Those computers might need to be used constantly

>Not on the Windows XP machines they're running.
We're talking about hypotheticals here, stop being autistic.

>Hell, I don't even have App Locker in my environment either because Windows 10 Pro can't do AppLocker.
Thats your fault, I use it at home.

>What is price fixing

I think it would be better to offer tax incentives to companies who write linux drivers maybe....

or grants to 3rd party groups who do it ....

>The issue is people not technology.
It's both. Microsoft reinforced poor security practices for about two decades before they finally started to do something about it, and by that point shit was already ingrained. If Microsoft didn't exist we wouldn't have a lot of these problems.