Of course criminals are to blame. But not taking simple precautions against crime are also silly. Rather like leaving your car keys in the ignition.
I'm not a computer nerd, but although having dual boot XP and Win 7, I only ever use XP for the couple of progs on it I can't (or won't) upgrade. I've disabled the online side.
And you complain about people putting words in your mouth! Do you have any idea how the NHS is constituted, financed and managed? Do you think NHS managers get £200,000 packages to just do what Whitehall tells them?
How very convenient for you. Did you happen to look at anything else? Or were you scared you'd see inconvenient reports such as:
formatting link
"Eleven of Scotland's 14 territorial health boards were hit by the "ransomware" attack linked to other IT attacks around the world."
As regards Wales, I was told that NHS Wales email was down but later reports suggest this was a precautionary move and they have not been affected by ransomware. So I was wrong on that. Are you prepared to admit you were wrong about the socialist nirvana of Scotland?
Oh and by the way, Wales had c.20,000 systems running XP in 2015 so how come if it was all the Tory government's fault for not paying for XP updates they have not suffered?
The MS patch for XP for this particular problem was only released a couple of days ago after the events. It is still quite difficult to find as the old update manager doesn't seem to work anymore
And, if you take XP sp3 as the operating system, it is under 10 years old.
The bug in the code has been there since it was written and passed for sale. MS could have issued an XP patch when they did for later OS's, and they must have known that a lot of industrial equipment runs on XP. I don't think anyone would argue against compulsory updates that address security bugs, but I do object to MS throwing non-working driver updates and Soda Splash or whatever it was into my W10.
Linux is useless for a lot of things, but at least the code is presumably available somewhere, so third parties (eg the manufacturer of an MRI scanner) could presumably get their own patch commissioned. Just as third parties can make and sell parts for old cars.
Yeah, I dunno how that works, although sending files as attachments is probably the easiest. That could still go through the gateways as I described in another post. And although I was implying that from within the NHS only email would be allowed to the outside, there would be other requirements for which similar arrangements would need to be made. Such as, a doc or nurse might use some gizmo made by Some Company. So they might need the User Guide for that device, or software updates for it (OK, that's probably IT).
Not an easy task, overall, but I think the model of putting the security at the end device, i.e. everyone's desktop machine or the ones running scanners etc, may no longer be viable.
You mean being offered a chance to develop the world's premium OS as opposed to working for a massively diminished supplier of uncompetitive slow overpriced mini computers. ERm.. Tough one that...
Customers value compatibility.
For NT 4.0 they also had to undo his separation between the OS kernel and Graphics drivers in NT's layered architecture. So he didn't get everything perfect.
Do we *know* XP was the main - or even just a substantial - issue? I have seen several reports that Trusts suffered corruption because people opened infected email attachments on networks which had no XP systems, but did still have the SMBv1 vulnerability. The question for those Trusts is why the relevant patches had not been applied. (NB I say Trusts because AIUI there is no command-and-control system for NHS Digital or anyone else to dictate what Trusts do when on such things.)
There are many OSes that old and people don't patch them. They are antiques. You can't even get patches for 5 year old linux systems, you are expected to upgrade to the latest version. That may be why there is so much resistance to using linux, people expect their OSes to stay the same for a decade and linux doesn't, not even the LTE versions.
I don't think Apple are releasing many patches for ten year old OSes either.
Do you really think manufacturers of such specialised items have the resources to look after linux source? Do you think they will pay for someone to fix a bug that wasn't known about? Will it take less than two months to find the bug, fix it and test it?
Hmm. put updates on a server, let machines update, very difficult. You could even let them update without your own server if you wanted to. How does linux do it now, oh yes the same.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.