Discussion:
Cyber attack on NHS England
(too old to reply)
Ophelia
2017-05-12 16:10:30 UTC
Permalink
Raw Message
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.

Hospitals across the country appear to have been simultaneously hit by a bug
in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.

Meanwhile doctors have been posting on Twitter about what has been happening
to their systems.

East and North Hertfordshire NHS trust, one of the those affected, said in a
statement: “Today (Friday, 12 May 2017), the trust has experienced a major
IT problem, believed to be caused by a cyber attack.
“Immediately on discovery of the problem, the trust acted to protect its IT
systems by shutting them down; it also meant that the trust’s telephone
system is not able to accept incoming calls.

“The trust is postponing all non-urgent activity for today and is asking
people not to come to A&E - please ring NHS111 for urgent medical advice or
999 if it is a life-threatening emergency.

“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure that
patients already in the trust’s hospitals continued to receive the care they
need.”

Article in full here:

http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
--
http://www.helpforheroes.org.uk
7
2017-05-12 17:48:39 UTC
Permalink
Raw Message
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.

Get rid of them now and install open source Linux.

China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.

UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
newsreader crashed again
2017-05-12 17:44:24 UTC
Permalink
Raw Message
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems,
If it is a system bug, why is that a cyber attack - and not incompetent programming.

More daily right wing media lies - no change there, then.


leading to many diverting emergency patients. NHS
Post by 7
Post by Ophelia
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
--
Posted by Mimo Usenet Browser v0.2.5
http://www.mimousenet.com/mimo/post
burfordTjustice
2017-05-12 19:37:45 UTC
Permalink
Raw Message
On Fri, 12 May 2017 12:44:24 -0500
Subject: Re: Cyber attack on NHS England
Date: Fri, 12 May 2017 12:44:24 -0500
User-Agent: Mimo Usenet Browser - http://www.mimousenet.com/mimo/post
Newsgroups: uk.politics.misc,uk.legal,comp.os.linux.advocacy
Cyber attack spreads across 12 countries; some UK hospitals crippled

Cyber attacks that hit 12 countries across Europe and Asia Friday, impacting the public health system in Britain, apparently involved a leaked hacking tool from the National Security Agency.

The attack used ransomware, which is malware that encrypts data and locks a user from their data until they pay a ransom. The tool, which was leaked by a group known as Shadow Brokers, had been stolen from the N.S.A. as part of a wide swath of tools illegally released in 2016.

Microsoft said that they had rolled out a patch to fix the issue, but certain targets, including the hospitals in Britain, had not yet updated their systems.

The malware was sent via email with a file attached to it. From there, it subsequently spread.

Tom Donnelly, a spokesman for N.H.S. Digital, said the attack was still "ongoing" and that that the organization was "made aware of it this afternoon," according to an interview in The New York Times.

The impact of the attacks caused phone lines to go down, appointments to be canceled and patients to be turned away, but there has been no reported evidence of patient data being breached.

There were a number of pictures posted to social media highlighting the ransomware, which asked for $300 in Bitcoin.

NHS Digital, which oversees cybersecurity in Britain, said the attack did not specifically target the NHS and "is affecting organizations from across a range of sectors." In total, 16 NHS organizations said they were affected.

In addition, several Spanish companies had also been affected via a ransomware attack. Spain did not say which companies were affected, but Telefonica, a telecom giant said it had detected an incident which affected some of its employees.

Hospital operator NHS Merseyside tweeted "following a suspected national cyberattack, we are taking all precautionary measures possible to protect our local NHS systems and services."

Bart's Health, which also operates a number of London-based hospitals, activated its major incident plan, which included canceling routine appointments and diverting ambulances to different hospitals.
pullgees
2017-05-12 18:25:37 UTC
Permalink
Raw Message
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
Is it hack proof?
burfordTjustice
2017-05-12 19:58:36 UTC
Permalink
Raw Message
On Fri, 12 May 2017 11:25:37 -0700 (PDT)
Post by pullgees
Is it hack proof?
no
and the current attack is not a hack.
pullgees
2017-05-12 22:29:32 UTC
Permalink
Raw Message
Post by burfordTjustice
On Fri, 12 May 2017 11:25:37 -0700 (PDT)
Post by pullgees
Is it hack proof?
no
and the current attack is not a hack.
It was first reported as a hack but first reports are usually inaccurate.
pullgees
2017-05-12 22:53:43 UTC
Permalink
Raw Message
Post by burfordTjustice
On Fri, 12 May 2017 11:25:37 -0700 (PDT)
Post by pullgees
Is it hack proof?
no
and the current attack is not a hack.
That's moot.

Hackers used cyberweapons stolen from the US National Security Agency to strike organisations across the globe on Friday, from the UK’s National Health Service to European telecoms company Telefónica and FedEx of the US, the Financial Times has learnt.
A tool known as Eternal Blue developed by US spies was used by the hackers to supercharge an existing form of criminal malware, three senior cyber security analysts said, leading to one of the fastest-spreading and potentially damaging cyber attacks seen to date.
Their analysis was confirmed by western security officials who were scrambling to contain an attack that initially hit hospitals and doctors’ practices across the UK. The same or similar virus was used in a large-scale attack in Spain that hit Telefónica, the country’s main telecoms provider.
As the attack spread, FedEx, the US delivery services company, said it was “experiencing interference with some of our Windows-based systems caused by malware.” The Russian interior ministry confirmed that 1,000 of its computers had been affected, about 0.1 per cent of the total, but said its servers were not harmed.
The People’s Daily in China tweeted that similar attacks may have hit China and there were reports of similar attacks in dozens of other countries, including Russia, Portugal, Taiwan, Germany and Vietnam. MegaFon, one of Russia’s largest telecoms operators, confirmed it had been hacked.
The attack is a modified version of a virus known as WannaCry, a piece of ransomware first used by criminal networks online earlier this year. Ransomware encrypts data on computers and demands a fee typically payable in untraceable digital currency to unlock them.
Infection is almost always made by email but the latest version of WannaCry spread laterally through the computer networks of infected organisations.
The NSA’s Eternal Blue allows the malware to spread through file-sharing protocols set up across the internal networks of organisations, many of which criss-cross the globe.
Security officials in the UK, which has been among the countries worst hit, currently believe that the attacks are the work of a criminal group, though they are still working to assess the full nature of the attack.
“Whoever it is it looks very much like they are taking advantage of the NSA’s tools,” said Becky Pinkard, vice-president at Digital Shadows, a cyber intelligence firm. Ms Pinkard pointed to a highly classified NSA arsenal of digital weapons leaked online last year by a group called the Shadowbrokers as the likely source. “They seem to have adapted one particular tool, Eternal Blue, and that would explain why this is spreading so very fast.”
The UK’s National Cyber Security Centre, an arm of GCHQ, has been put on a state of high alert. The speed of the spread of the virus has caught many by surprise.
“We are still trying to find patient zero,” said John Bambenek, manager of threat systems at cyber security company Fidelis. “Everybody is scrambling right now. If I were a betting man I would say this has to be a criminal group — given the targets that have been hit, if this was a nation state, this would be active war material.”
In the UK, more than a third of the 260 hospital trusts across the country have been hit.
Hospitals in cities and towns such as London, Liverpool, York, Leicester, Derby and Glasgow were forced to close services, including cancelling operations and diverting ambulances to other hospitals. Staff were forced to use pen and paper.
The NHS said that there was no evidence that patient data had been accessed but was continuing to assess the damage done by the hack.
https://www.ft.com/content/e96924f0-3722-11e7-99bd-13beb0903fa3
Silver Slimer
2017-05-12 19:47:47 UTC
Permalink
Raw Message
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
Considering how China isn't exactly a model when it comes to quality, I
don't think that imitating them is necessarily smart.
--
Silver Slimer
OpenMedia & EFF Member
Gab.ai: @silverslimer

Death to Islam
Nightjar
2017-05-13 08:30:47 UTC
Permalink
Raw Message
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
--
--

Colin Bignell
Fredxxx
2017-05-13 08:46:11 UTC
Permalink
Raw Message
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency
patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?

There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
pullgees
2017-05-13 08:51:12 UTC
Permalink
Raw Message
Post by Fredxxx
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
If it's open source software isn't easier to corrupt and write malware?
Fredxxx
2017-05-13 09:12:53 UTC
Permalink
Raw Message
Post by pullgees
Post by Fredxxx
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
If it's open source software isn't easier to corrupt and write malware?
There is the chance that through reading source code you might be able
to 'find' a vulnerability.

Historically many hacks have used some form of stack overflow to cause a
jump to malware.

The difference here is that there will be a number of groups looking for
the same vulnerability with the intention of publishing a fix, hopefully
before there is any malware in the wild.
MM
2017-05-14 11:27:05 UTC
Permalink
Raw Message
Post by Fredxxx
Post by pullgees
Post by Fredxxx
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
If it's open source software isn't easier to corrupt and write malware?
There is the chance that through reading source code you might be able
to 'find' a vulnerability.
Yeah, that's something the computer department does ALL the time,
isn't it!

"Say, Jim, how is the biscuit production line doing? And did you read
through some source code this morning already?"

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
Fredxxx
2017-05-14 12:00:45 UTC
Permalink
Raw Message
Post by MM
Post by Fredxxx
Post by pullgees
Post by Fredxxx
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
If it's open source software isn't easier to corrupt and write malware?
There is the chance that through reading source code you might be able
to 'find' a vulnerability.
Yeah, that's something the computer department does ALL the time,
isn't it!
You seem to have no idea how Linux works or how it is supported.

You're not very bright if you think Linux is written or supported by a
"computer department".
MM
2017-05-14 13:49:48 UTC
Permalink
Raw Message
Post by Fredxxx
You're not very bright if you think Linux is written or supported by a
"computer department".
Typical response from a Linux cheerleader!

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
Fredxxx
2017-05-14 15:21:43 UTC
Permalink
Raw Message
Post by MM
Post by Fredxxx
You're not very bright if you think Linux is written or supported by a
"computer department".
Typical response from a Linux cheerleader!
I don't use Linux, except in various gadgets and a variant on my phone.

You seem to get so many things wrong without even trying.

The closest you might get to a "computer department" is where a
company's business model is to offer technical support and other
services associated with a version of Linux. Ubuntu comes to mind as
does Red Hat.
Martin Barclay
2017-05-14 15:50:45 UTC
Permalink
Raw Message
Post by Fredxxx
Post by MM
Post by Fredxxx
You're not very bright if you think Linux is written or supported by a
"computer department".
Typical response from a Linux cheerleader!
I don't use Linux, except in various gadgets and a variant on my phone.
You seem to get so many things wrong without even trying.
The closest you might get to a "computer department" is where a company's
business model is to offer technical support and other services associated
with a version of Linux. Ubuntu comes to mind as does Red Hat.
Also Oracle, Lenovo & SUSE.
s***@gmail.com
2017-05-14 13:45:19 UTC
Permalink
Raw Message
Post by MM
Yeah, that's something the computer department does ALL the time,
isn't it!
"Say, Jim, how is the biscuit production line doing? And did you read
through some source code this morning already?"
most of the bugs ("real" bugs, not backdoors) are detected during either the compiling process or when the software is used.

proper, full audit of the code is really expensive and most software- with exception of the critical parts of it- never gets it.

sg
MM
2017-05-14 13:50:36 UTC
Permalink
Raw Message
Post by s***@gmail.com
Post by MM
Yeah, that's something the computer department does ALL the time,
isn't it!
"Say, Jim, how is the biscuit production line doing? And did you read
through some source code this morning already?"
most of the bugs ("real" bugs, not backdoors) are detected during either the compiling process or when the software is used.
proper, full audit of the code is really expensive and most software- with exception of the critical parts of it- never gets it.
Well, certainly Linux won't. It's a freebie that nobody pays to
support.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
s***@gmail.com
2017-05-14 15:04:33 UTC
Permalink
Raw Message
Post by MM
Post by s***@gmail.com
proper, full audit of the code is really expensive and most software- with exception of the critical parts of it- never gets it.
Well, certainly Linux won't. It's a freebie that nobody pays to
support.
with exception of systems that manage things like fightjets or spacecrafts no system (yes, including the nt kernel) gets an audit like that.
and RH earns quite a nice amount of money from supporting its RHEL.

sg
Fredxxx
2017-05-14 15:23:23 UTC
Permalink
Raw Message
Post by MM
Post by s***@gmail.com
Post by MM
Yeah, that's something the computer department does ALL the time,
isn't it!
"Say, Jim, how is the biscuit production line doing? And did you read
through some source code this morning already?"
most of the bugs ("real" bugs, not backdoors) are detected during either the compiling process or when the software is used.
proper, full audit of the code is really expensive and most software- with exception of the critical parts of it- never gets it.
Well, certainly Linux won't. It's a freebie that nobody pays to
support.
Wrong again on so many counts. You should get out more.

Do you get anything right?
Martin Barclay
2017-05-14 15:48:37 UTC
Permalink
Raw Message
Post by Fredxxx
Post by s***@gmail.com
Post by MM
Yeah, that's something the computer department does ALL the time,
isn't it!
"Say, Jim, how is the biscuit production line doing? And did you read
through some source code this morning already?"
most of the bugs ("real" bugs, not backdoors) are detected during
either the compiling process or when the software is used.
proper, full audit of the code is really expensive and most software-
with exception of the critical parts of it- never gets it.
Well, certainly Linux won't. It's a freebie that nobody pays to support.
I guess that's why RedHat is the first $2billion company then, because no
one pays them for support!
Post by Fredxxx
Wrong again on so many counts. You should get out more.
Do you get anything right?
Nightjar
2017-05-13 11:14:35 UTC
Permalink
Raw Message
On 13-May-17 9:46 AM, Fredxxx wrote:
...
Post by Fredxxx
True, but Linux would be a maintained operating system. When was the
last update for XP?..
According to postings on another group, MS still update it for large
corporate users, just not for Joe Public.
--
--

Colin Bignell
Joe
2017-05-13 11:33:14 UTC
Permalink
Raw Message
On Sat, 13 May 2017 12:14:35 +0100
Post by Nightjar
...
Post by Fredxxx
True, but Linux would be a maintained operating system. When was the
last update for XP?..
According to postings on another group, MS still update it for large
corporate users, just not for Joe Public.
The UK government purchased extended support for a year, but that ended
two years ago. MS greatly increased the price year-on-year in order to
discourage continued use.

http://www.v3.co.uk/v3-uk/news/2406304/windows-xp-government-support-deal-ends-leaving-pcs-open-to-attack
--
Joe
James Harris
2017-05-13 11:50:10 UTC
Permalink
Raw Message
...
Post by Fredxxx
Post by Nightjar
Post by 7
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
It appears that some of the Microsoft communications code (their SMB
code) was poorly written so this was a Microsoft-specific vulnerability.

Linux is not fault-free. But the open-source nature of it means that
many people get to see the code. That, in turn, generally means that
faults get detected much more quickly.
--
James Harris
Martin Barclay
2017-05-13 15:49:09 UTC
Permalink
Raw Message
Post by James Harris
...
Post by Fredxxx
Post by Nightjar
UK should mandate all its systems must be Linux and open source by
2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing.
Because of the way Linux systems work, if an everyday user opened an email
which contained malware, it would /only/ affect that users /home partition.
It would not affect other users on the system.
Nor would it take the system down, because it would need to know the root
password which the everyday user is unlikely to know as they would not
have root privileges.
Post by James Harris
Post by Fredxxx
Post by Nightjar
However, that was all that would have been needed to prevent the
existing infection happening, even using Windows.
True, but Linux would be a maintained operating system. When was the
last update for XP?
There has also been the suggestion that these backdoors were maintained
for the benefit of NSA, I would say less likely for Linux?
It appears that some of the Microsoft communications code (their SMB
code) was poorly written so this was a Microsoft-specific vulnerability.
Linux is not fault-free. But the open-source nature of it means that
many people get to see the code. That, in turn, generally means that
faults get detected much more quickly.
Correct.
Jeff
2017-05-14 10:07:26 UTC
Permalink
Raw Message
Post by Martin Barclay
Because of the way Linux systems work, if an everyday user opened an email
which contained malware, it would /only/ affect that users /home partition.
It would not affect other users on the system.
Nor would it take the system down, because it would need to know the root
password which the everyday user is unlikely to know as they would not
have root privileges.
In a corporate environment most of these attacks only succeed because
someone with privileges higher than the average user opens something
something that they shouldn't.

The average user should not be able to have access to their C: drive or
run executables other than authorised ones from authorised locations.

Even in a Linux system such malware would attack anywhere that the ueser
has write privileges on the network.

Jeff
s***@gmail.com
2017-05-14 13:31:43 UTC
Permalink
Raw Message
Post by Martin Barclay
Because of the way Linux systems work, if an everyday user opened an email
which contained malware, it would /only/ affect that users /home partition.
It would not affect other users on the system.
so- exactly as (properly) configured NT system. unless some sort of MAC (Mandatory Access Control) is configured properly, it doesn't really help an user (as opposite to the administrator)- so what if the malware cannot load or modify a driver if all my documents are gone?
Post by Martin Barclay
Nor would it take the system down, because it would need to know the root
password which the everyday user is unlikely to know as they would not
have root privileges.
again- same as in the Windows.
Post by Martin Barclay
Post by James Harris
Linux is not fault-free. But the open-source nature of it means that
many people get to see the code. That, in turn, generally means that
faults get detected much more quickly.
Correct.
no, not really.
the bugs in grub or bash were there for a decade or even for longer.
plus, the- let say it politely- not necessarily best idea of the repositorium and the fact that half of distributions' developpers think they know better than software developpers doesn't really help.

simon
MM
2017-05-14 11:25:17 UTC
Permalink
Raw Message
Post by Fredxxx
Post by Nightjar
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
China has mandated that all government offices must be Linux
in 3 years time with windopws booted out of EVERY government office
to precisely and exactly remove this kind of international
cyber threat.
UK should mandate all its systems must be Linux and
open source by 2020 to keep up.
All that would achieve would be for more malware to be written to suit
Linux. While Linux has an extra layer of security when opening email
attachments, ultimately the system security would still rely upon
thousands of everyday users not doing the wrong thing. However, that was
all that would have been needed to prevent the existing infection
happening, even using Windows.
True, but Linux would be a maintained operating system.
Remind me when "Linux" issued operating system maintenance bulletins.

"Linux" is a blanket term for countless distros, all "kinda" organised
by enthusiastic geeks. You can sue Microsoft, but how can you sue
"Linux"?

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
s***@gmail.com
2017-05-14 13:42:47 UTC
Permalink
Raw Message
Post by MM
Post by Fredxxx
True, but Linux would be a maintained operating system.
Remind me when "Linux" issued operating system maintenance bulletins.
"Linux" is a blanket term for countless distros, all "kinda" organised
by enthusiastic geeks. You can sue Microsoft, but how can you sue
"Linux"?
RedHat is a proper company. So is Novell. So is Canonical.
All of them invest money and produce a decently supported systems. Sure- I wouldn't really wish to use RHEL on my desktop, but all of them (i.e. distributions whose support these companies offer) is good for NHS use (as long, of course, as the software required by the nhs runs on linux).

sg.
MM
2017-05-14 13:52:18 UTC
Permalink
Raw Message
Post by s***@gmail.com
Post by MM
Post by Fredxxx
True, but Linux would be a maintained operating system.
Remind me when "Linux" issued operating system maintenance bulletins.
"Linux" is a blanket term for countless distros, all "kinda" organised
by enthusiastic geeks. You can sue Microsoft, but how can you sue
"Linux"?
RedHat is a proper company. So is Novell. So is Canonical.
Yeah, but what about the *other* distros?
Post by s***@gmail.com
All of them invest money and produce a decently supported systems. Sure- I wouldn't really wish to use RHEL on my desktop, but all of them (i.e. distributions whose support these companies offer) is good for NHS use (as long, of course, as the software required by the nhs runs on linux).
Which by and large it doesn't.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
s***@gmail.com
2017-05-14 14:09:21 UTC
Permalink
Raw Message
Post by MM
Yeah, but what about the *other* distros?
what about them?
if you wish to have a proper support, you have to pay.
if you wish not to pay, you get something without the producer's support (and then you pray for nothing to go wrong and if it does you pay alot).
Post by MM
Post by s***@gmail.com
All of them invest money and produce a decently supported systems. Sure- I wouldn't really wish to use RHEL on my desktop, but all of them (i.e. distributions whose support these companies offer) is good for NHS use (as long, of course, as the software required by the nhs runs on linux).
Which by and large it doesn't.
that's true, without doubt.
proper software management is important to avoid the vendor lock-in.

sg
MM
2017-05-14 11:21:49 UTC
Permalink
Raw Message
Post by 7
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by a
bug in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.
All windopws systems.
Get rid of them now and install open source Linux.
Why, when the Linux kernel was found to be one of the three most
vulnerable operating systems in 2014 -- along with Apple Mac OS X
and Apple iOS?
http://thehackernews.com/2015/02/vulnerable-operating-system.html

"Microsoft’s Windows 7, 8 and 8.1 Operating Systems were the least
vulnerable OS, as they fall into the bottom half of the list and rank
at 5th, 7th and 8th"

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
s***@gmail.com
2017-05-14 13:38:59 UTC
Permalink
Raw Message
Post by MM
Why, when the Linux kernel was found to be one of the three most
vulnerable operating systems in 2014 -- along with Apple Mac OS X
and Apple iOS?
http://thehackernews.com/2015/02/vulnerable-operating-system.html
every software has bugs (well, every longer than "hello world").
the question is- how exploitable are those bugs? also- what's the producer's response to the bugs- how long does it take for a patch to be created?

simon
Ophelia
2017-05-12 17:02:38 UTC
Permalink
Raw Message
"Ophelia" wrote in message news:***@mid.individual.net...


A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.

Hospitals across the country appear to have been simultaneously hit by a bug
in their IT systems, leading to many diverting emergency patients. NHS
England said it was aware of the problem and would release more details
soon.

Meanwhile doctors have been posting on Twitter about what has been happening
to their systems.

East and North Hertfordshire NHS trust, one of the those affected, said in a
statement: “Today (Friday, 12 May 2017), the trust has experienced a major
IT problem, believed to be caused by a cyber attack.
“Immediately on discovery of the problem, the trust acted to protect its IT
systems by shutting them down; it also meant that the trust’s telephone
system is not able to accept incoming calls.

“The trust is postponing all non-urgent activity for today and is asking
people not to come to A&E - please ring NHS111 for urgent medical advice or
999 if it is a life-threatening emergency.

“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure that
patients already in the trust’s hospitals continued to receive the care they
need.”

Article in full here:

http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap

===

Just heard it has hit Scotland too!
--
http://www.helpforheroes.org.uk
Davey
2017-05-12 18:16:18 UTC
Permalink
Raw Message
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted to
protect its IT systems by shutting them down; it also meant that the
trust’s telephone system is not able to accept incoming calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure
that patients already in the trust’s hospitals continued to receive
the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and China
etc etc.
--
Davey.
Ophelia
2017-05-12 20:27:07 UTC
Permalink
Raw Message
"Davey" wrote in message news:of4tva$3qc$***@dont-email.me...

On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted to
protect its IT systems by shutting them down; it also meant that the
trust’s telephone system is not able to accept incoming calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure
that patients already in the trust’s hospitals continued to receive
the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and China
etc etc.


Davey.

==

Oh my! I hadn't heard that!
--
http://www.helpforheroes.org.uk
The Todal
2017-05-12 21:21:54 UTC
Permalink
Raw Message
Post by Davey
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted to
protect its IT systems by shutting them down; it also meant that the
trust’s telephone system is not able to accept incoming calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure
that patients already in the trust’s hospitals continued to receive
the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and China
etc etc.
Davey.
==
Oh my! I hadn't heard that!
Good Heavens! the Tay Bridge is blown down.
Davey
2017-05-12 23:41:04 UTC
Permalink
Raw Message
On Fri, 12 May 2017 22:21:54 +0100
Post by The Todal
Post by Davey
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack,
NHS England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted
to protect its IT systems by shutting them down; it also meant
that the trust’s telephone system is not able to accept incoming
calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in
place quickly, the trust declared a major internal incident to
make sure that patients already in the trust’s hospitals continued
to receive the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and
China etc etc.
Davey.
==
Oh my! I hadn't heard that!
Good Heavens! the Tay Bridge is blown down.
Is Mafeking relieved yet?
--
Davey.
Ophelia
2017-05-13 10:42:37 UTC
Permalink
Raw Message
"Davey" wrote in message news:of5h08$3qc$***@dont-email.me...

On Fri, 12 May 2017 22:21:54 +0100
Post by The Todal
Post by Davey
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack,
NHS England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted
to protect its IT systems by shutting them down; it also meant
that the trust’s telephone system is not able to accept incoming
calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in
place quickly, the trust declared a major internal incident to
make sure that patients already in the trust’s hospitals continued
to receive the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and
China etc etc.
Davey.
==
Oh my! I hadn't heard that!
Good Heavens! the Tay Bridge is blown down.
Is Mafeking relieved yet?

Davey.

==

;p
--
http://www.helpforheroes.org.uk
Fredxxx
2017-05-13 08:28:03 UTC
Permalink
Raw Message
Post by Davey
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted to
protect its IT systems by shutting them down; it also meant that the
trust’s telephone system is not able to accept incoming calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure
that patients already in the trust’s hospitals continued to receive
the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and China
etc etc.
Davey.
==
Oh my! I hadn't heard that!
But not Wales. Perhaps they don't have a computer system?
Ophelia
2017-05-13 10:43:03 UTC
Permalink
Raw Message
Post by Davey
On Fri, 12 May 2017 18:02:38 +0100
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit
by a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
Meanwhile doctors have been posting on Twitter about what has been
happening to their systems.
East and North Hertfordshire NHS trust, one of the those affected,
said in a statement: “Today (Friday, 12 May 2017), the trust has
experienced a major IT problem, believed to be caused by a cyber
attack. “Immediately on discovery of the problem, the trust acted to
protect its IT systems by shutting them down; it also meant that the
trust’s telephone system is not able to accept incoming calls.
“The trust is postponing all non-urgent activity for today and is
asking people not to come to A&E - please ring NHS111 for urgent
medical advice or 999 if it is a life-threatening emergency.
“To ensure that all back-up processes and procedures were put in place
quickly, the trust declared a major internal incident to make sure
that patients already in the trust’s hospitals continued to receive
the care they need.”
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
===
Just heard it has hit Scotland too!
And Russia, and most of the EU, and North and South America, and China
etc etc.
Davey.
==
Oh my! I hadn't heard that!
But not Wales. Perhaps they don't have a computer system?

==

Or they have upgraded.
--
http://www.helpforheroes.org.uk
MM
2017-05-14 11:17:36 UTC
Permalink
Raw Message
Post by Fredxxx
But not Wales. Perhaps they don't have a computer system?
They spent the money to make sure their systems are up to date.

The Welsh government is a Labour government. But of course I don't
expect Jeremy Corbyn to exploit this fact to expose the Tories'
short-termism during the election campaign.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
Fredxxx
2017-05-14 12:09:36 UTC
Permalink
Raw Message
Post by MM
Post by Fredxxx
But not Wales. Perhaps they don't have a computer system?
They spent the money to make sure their systems are up to date.
The Welsh government is a Labour government. But of course I don't
expect Jeremy Corbyn to exploit this fact to expose the Tories'
short-termism during the election campaign.
I'm not he'd want to bring up the state of the Welsh NHS, would he?
http://www.bbc.co.uk/news/uk-wales-30881328
MM
2017-05-14 13:48:26 UTC
Permalink
Raw Message
Post by Fredxxx
Post by MM
Post by Fredxxx
But not Wales. Perhaps they don't have a computer system?
They spent the money to make sure their systems are up to date.
The Welsh government is a Labour government. But of course I don't
expect Jeremy Corbyn to exploit this fact to expose the Tories'
short-termism during the election campaign.
I'm not he'd want to bring up the state of the Welsh NHS, would he?
It's obviously in a lot better state than most trusts in England,
nearly all of which will continue to have problems from the ransomware
attack for weeks. Don't believe for one moment the guff emanating from
Amber Rudd and the PM.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
A. Filip
2017-05-12 17:56:03 UTC
Permalink
Raw Message
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?

[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
pullgees
2017-05-12 18:28:18 UTC
Permalink
Raw Message
Post by A. Filip
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
Linux is free
Martin Brown
2017-05-13 08:52:48 UTC
Permalink
Raw Message
Post by pullgees
Post by A. Filip
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?
I am not that surprised there were a lot of ancient XP machines in
hospitals I have visited and under skilled under paid overworked IT
staff spread too thinly (you get what you pay for).
Post by pullgees
Post by A. Filip
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
Linux is free
They may not have much choice for some of their larger scientific
instruments though. A lot of big ticket kit I know of that is still in
service only has drivers for XP and nothing beyond that. The odd maker
does use Linux but there is a heck of a lot of legacy XP still about.

Instrument makers are only interested in selling their new shiny
hardware and almost never do upgrades for new MS operating systems. Done
properly with the instruments firewalled from the outside world and the
resulting data put on a shared drive there is no serious problem but if
an infected memory stick breaches the firewall then all hell can break
loose.
--
Regards,
Martin Brown
Fredxxx
2017-05-13 09:15:42 UTC
Permalink
Raw Message
Post by Martin Brown
Post by pullgees
Post by A. Filip
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?
I am not that surprised there were a lot of ancient XP machines in
hospitals I have visited and under skilled under paid overworked IT
staff spread too thinly (you get what you pay for).
I believe its more down to the cost of an upgrade and XP functions
efficiently.
Post by Martin Brown
Post by pullgees
Post by A. Filip
[1]
https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
Linux is free
They may not have much choice for some of their larger scientific
instruments though. A lot of big ticket kit I know of that is still in
service only has drivers for XP and nothing beyond that. The odd maker
does use Linux but there is a heck of a lot of legacy XP still about.
Instrument makers are only interested in selling their new shiny
hardware and almost never do upgrades for new MS operating systems. Done
properly with the instruments firewalled from the outside world and the
resulting data put on a shared drive there is no serious problem but if
an infected memory stick breaches the firewall then all hell can break
loose.
I suspect most instruments are sold on the basis they are 'network
ready' and can integrate into the NHS or hospital system.
steve robinson
2017-05-13 11:05:55 UTC
Permalink
Raw Message
On Sat, 13 May 2017 09:52:48 +0100, Martin Brown
Post by Martin Brown
Post by pullgees
Post by A. Filip
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?
I am not that surprised there were a lot of ancient XP machines in
hospitals I have visited and under skilled under paid overworked IT
staff spread too thinly (you get what you pay for).
Post by pullgees
Post by A. Filip
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
Linux is free
They may not have much choice for some of their larger scientific
instruments though. A lot of big ticket kit I know of that is still in
service only has drivers for XP and nothing beyond that. The odd maker
does use Linux but there is a heck of a lot of legacy XP still about.
That's not just a problem in the health service, many pos systems
are still xp based primarily because they need to seamlessly
interface with existing kit , even for smaller operations the cost to
upgrade to a later operating system is so disruptive to business and
costly to implement its avoided as long as possible
Post by Martin Brown
Instrument makers are only interested in selling their new shiny
hardware and almost never do upgrades for new MS operating systems. Done
properly with the instruments firewalled from the outside world and the
resulting data put on a shared drive there is no serious problem but if
an infected memory stick breaches the firewall then all hell can break
loose.
pensive hamster
2017-05-13 11:19:56 UTC
Permalink
Raw Message
[...]
Post by steve robinson
Post by Martin Brown
They may not have much choice for some of their larger scientific
instruments though. A lot of big ticket kit I know of that is still in
service only has drivers for XP and nothing beyond that. The odd maker
does use Linux but there is a heck of a lot of legacy XP still about.
That's not just a problem in the health service, many pos systems
are still xp based primarily because they need to seamlessly
interface with existing kit , even for smaller operations the cost to
upgrade to a later operating system is so disruptive to business and
costly to implement its avoided as long as possible
That's more-or-less what this article says:

----------------------------------
http://www.bbc.co.uk/news/technology-39901382

Why do companies still use Windows XP?
By Chris Foxx, technology reporter
13 May 2017

Many jobs can be done using software everyone can buy, but
some businesses need programs that perform very specific
jobs - so they build their own.

For example. a broadcaster might need specialist software to
track all the satellite feeds coming into the newsroom, and a
hospital might need custom-built tools to analyse X-ray images.

Developing niche but useful software like this can be very
expensive - the programming, testing, maintenance and continued
development all adds up.

Then along comes a new version of Windows, and the software
isn't compatible. Companies then face the cost of upgrading
computers and operating system licenses, as well as the cost of
rebuilding their software from scratch.

So, some choose to keep running the old version of Windows
instead. For some companies, that is not a huge risk. In a
hospital, the stakes are higher.
----------------------------------

The article also says Win XP will be updated:


----------------------------------
How does the malware work and who is behind it?

The infections seem to be deployed via a worm - a program
that spreads by itself between computers.

Most other malicious programmes rely on humans to spread
by tricking them into clicking on an attachment harbouring the
attack code.

By contrast, once WannaCry is inside an organisation it will
hunt down vulnerable machines and infect them too.

Some experts say the attack may have been built to exploit a
weakness in Microsoft systems that had been identified by
the NSA and given the name EternalBlue.

The NSA tools were stolen by a group of hackers known as
The Shadow Brokers, who made it freely available in April,
saying it was a "protest" about US President Donald Trump.

At the time, some cyber-security experts said some of the
malware was real, but old.

A patch for the vulnerability was released by Microsoft in
March, which would have automatically protected those
computers with Windows Update enabled.

Microsoft said on Friday it would roll out the update to users
of older operating systems "that no longer receive mainstream
support", such Windows XP (which the NHS still largely uses),
Windows 8 and Windows Server 2003.
Post by steve robinson
Post by Martin Brown
Instrument makers are only interested in selling their new shiny
hardware and almost never do upgrades for new MS operating systems. Done
properly with the instruments firewalled from the outside world and the
resulting data put on a shared drive there is no serious problem but if
an infected memory stick breaches the firewall then all hell can break
loose.
MM
2017-05-14 11:33:06 UTC
Permalink
Raw Message
Post by pullgees
Post by A. Filip
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
Hospitals across the country appear to have been simultaneously hit by
a bug in their IT systems, leading to many diverting emergency
patients. NHS England said it was aware of the problem and would
release more details soon.
[...]
Post by Ophelia
http://www.msn.com/en-gb/news/uknews...ack/ar-BBB3Yap
It is time to pay for cost cuts [1], isn't it?
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
--
A. Filip
| My theology, briefly, is that the universe was dictated but not signed.
| -- Christopher Morley
Linux is free
No guarantees, then.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
GB
2017-05-12 18:30:46 UTC
Permalink
Raw Message
Post by A. Filip
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
There's been loads of discussion on usenet about how awful Win 10 is, as
it allows limited information to go back to MS. Hmmm.
MM
2017-05-14 13:57:22 UTC
Permalink
Raw Message
Post by GB
Post by A. Filip
[1] https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
Post by Ophelia
It is understood WannaCrypt, which is raiding companies and
organizations across the planet today, is being spread by a worm that
exploits unpatched vulnerabilities in Windows machines – particularly
MS17-010, an SMB bug attacked by the leaked NSA tool, EternalBlue. The
security hole has been patched for modern Windows versions, but not
WindowsXP – and the NHS is a massive user of the legacy operating
system.
There's been loads of discussion on usenet about how awful Win 10 is, as
it allows limited information to go back to MS. Hmmm.
I have a Windows 10 blocker on my Windows 7 PC. No way do I want
Windows 10, thank you very much!

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
burfordTjustice
2017-05-12 19:41:35 UTC
Permalink
Raw Message
On Fri, 12 May 2017 17:10:30 +0100
"Ophelia" <***@gmail.com> wrote:


Cyber attack spreads across 12 countries; some UK hospitals crippled

Cyber attacks that hit 12 countries across Europe and Asia Friday, impacting the public health system in Britain, apparently involved a leaked hacking tool from the National Security Agency.

The attack used ransomware, which is malware that encrypts data and locks a user from their data until they pay a ransom. The tool, which was leaked by a group known as Shadow Brokers, had been stolen from the N.S.A. as part of a wide swath of tools illegally released in 2016.

Microsoft said that they had rolled out a patch to fix the issue, but certain targets, including the hospitals in Britain, had not yet updated their systems.

The malware was sent via email with a file attached to it. From there, it subsequently spread.

Tom Donnelly, a spokesman for N.H.S. Digital, said the attack was still "ongoing" and that that the organization was "made aware of it this afternoon," according to an interview in The New York Times.

The impact of the attacks caused phone lines to go down, appointments to be canceled and patients to be turned away, but there has been no reported evidence of patient data being breached.

There were a number of pictures posted to social media highlighting the ransomware, which asked for $300 in Bitcoin.

NHS Digital, which oversees cybersecurity in Britain, said the attack did not specifically target the NHS and "is affecting organizations from across a range of sectors." In total, 16 NHS organizations said they were affected.

In addition, several Spanish companies had also been affected via a ransomware attack. Spain did not say which companies were affected, but Telefonica, a telecom giant said it had detected an incident which affected some of its employees.

Hospital operator NHS Merseyside tweeted "following a suspected national cyberattack, we are taking all precautionary measures possible to protect our local NHS systems and services."

Bart's Health, which also operates a number of London-based hospitals, activated its major incident plan, which included canceling routine appointments and diverting ambulances to different hospitals.
Col
2017-05-13 13:03:35 UTC
Permalink
Raw Message
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
And all Amber Rudd could offer when asked about the matter of backing up
files was "Well they're supposed to".

Doesn't exactly fill you with confidence, does it?
--
Col
Ophelia
2017-05-13 15:06:26 UTC
Permalink
Raw Message
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
And all Amber Rudd could offer when asked about the matter of backing up
files was "Well they're supposed to".

Doesn't exactly fill you with confidence, does it?

Col

==

Not much about politics does these days
--
http://www.helpforheroes.org.uk
Judith
2017-05-13 16:40:47 UTC
Permalink
Raw Message
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.

I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
James Harris
2017-05-13 17:20:45 UTC
Permalink
Raw Message
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
--
James Harris
pullgees
2017-05-13 17:36:36 UTC
Permalink
Raw Message
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
--
James Harris
Another ransom demand.
Judith
2017-05-13 19:32:03 UTC
Permalink
Raw Message
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
I understand, but could be wrong, that Microsoft continued providing the
security updates to those who had critical systems which they could not afford
to lose and who paid; it was to continue to support the users and to encourage
them to move away from XP.

Hunt decided that it was not worth doing.

They had not "created a fault" : all programs have bugs in them: people find
them and exploit them. As soon as MS became aware of the insecurity they
created a fix for those who had already paid for such fixes.
Post by James Harris
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
j***@gmail.com
2017-05-14 00:01:31 UTC
Permalink
Raw Message
Why are these externally accessible?

I have three computers, one that I use on the net and a private computer. The third is used as an intermediate for both in which files can only be saved via a flash drive. At each stage a virus check is performed.
Jeff
2017-05-14 10:11:48 UTC
Permalink
Raw Message
Post by j***@gmail.com
Why are these externally accessible?
I have three computers, one that I use on the net and a private computer.
The third is used as an intermediate for both in which files can only
be saved via a flash drive. At each stage a virus check is performed.
However, that gives you no protection against a zero day attack which is
not detected by your virus protection.

Jeff
MM
2017-05-14 11:32:10 UTC
Permalink
Raw Message
Post by j***@gmail.com
Why are these externally accessible?
I have three computers, one that I use on the net and a private computer. The third is used as an intermediate for both in which files can only be saved via a flash drive. At each stage a virus check is performed.
Indeed. I have disabled file sharing, and any transfer from one PC to
another will be by sneaker net in future. Another method is to use an
RS-232 cable to the COM port on each PC, which is obviously slow, but
totally secure.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
s***@gmail.com
2017-05-14 13:58:49 UTC
Permalink
Raw Message
Post by MM
Indeed. I have disabled file sharing, and any transfer from one PC to
another will be by sneaker net in future. Another method is to use an
RS-232 cable to the COM port on each PC, which is obviously slow, but
totally secure.
MM
only because you use com/lpt/serial port instead of lan one it doesn't make it any more secure (per se). it depends from which applications do you use to share, as a which user (normal or root) and if they are sandboxed (apps, not users).

sg
Handsome Jack
2017-05-14 10:03:44 UTC
Permalink
Raw Message
Post by Judith
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
I understand, but could be wrong, that Microsoft continued providing the
security updates to those who had critical systems which they could not afford
to lose and who paid; it was to continue to support the users and to encourage
them to move away from XP.
Hunt decided that it was not worth doing.
Rubbish.
--
Jack
James Harris
2017-05-15 10:50:22 UTC
Permalink
Raw Message
Post by Judith
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
I understand, but could be wrong, that Microsoft continued providing the
security updates to those who had critical systems which they could not afford
to lose and who paid;
That's as I understand it, too. The patch was available to those who
paid but Microsoft decided not to make it available for free.
Post by Judith
it was to continue to support the users and to encourage
them to move away from XP.
Hunt decided that it was not worth doing.
Well, the government decided not to keep spending the money but told NHS
trusts that they had to upgrade or pay for their own IT patches.

On reflection, you could say that the government should have kept paying
Microsoft and/or the trusts should have paid for patches or upgrades.
But that's with hindsight.
Post by Judith
They had not "created a fault" : all programs have bugs in them: people find
them and exploit them. As soon as MS became aware of the insecurity they
created a fix for those who had already paid for such fixes.
Well, the original Microsoft code had a bug in it. They wrote the code.
They sold it. Neither their programmers, their code review team, nor
their system testing procedures picked up the fault.
--
James Harris
Phi
2017-05-15 13:05:25 UTC
Permalink
Raw Message
Post by MM
On Sat, 13 May 2017 18:20:45 +0100, James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the
�5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask �5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
I understand, but could be wrong, that Microsoft continued providing the
security updates to those who had critical systems which they could not afford
to lose and who paid;
That's as I understand it, too. The patch was available to those who paid
but Microsoft decided not to make it available for free.
Post by MM
it was to continue to support the users and to encourage
them to move away from XP.
Hunt decided that it was not worth doing.
Well, the government decided not to keep spending the money but told NHS
trusts that they had to upgrade or pay for their own IT patches.
On reflection, you could say that the government should have kept paying
Microsoft and/or the trusts should have paid for patches or upgrades. But
that's with hindsight.
Post by MM
They had not "created a fault" : all programs have bugs in them: people find
them and exploit them. As soon as MS became aware of the insecurity they
created a fix for those who had already paid for such fixes.
Well, the original Microsoft code had a bug in it. They wrote the code.
They sold it. Neither their programmers, their code review team, nor their
system testing procedures picked up the fault.
--
James Harris
An MP speaking on TV today said Trident uses XP
James Harris
2017-05-15 12:10:05 UTC
Permalink
Raw Message
On 15/05/2017 14:05, Phi wrote:

...
Post by Phi
An MP speaking on TV today said Trident uses XP
For what? Target control? Or just staff rotas? Makes a difference!
--
James Harris
Phi
2017-05-15 13:12:23 UTC
Permalink
Raw Message
Post by James Harris
...
Post by Phi
An MP speaking on TV today said Trident uses XP
For what? Target control? Or just staff rotas? Makes a difference!
--
James Harris
Doesn't make any difference, the system will be unified.
James Harris
2017-05-15 12:17:30 UTC
Permalink
Raw Message
Post by Phi
Post by James Harris
...
Post by Phi
An MP speaking on TV today said Trident uses XP
For what? Target control? Or just staff rotas? Makes a difference!
--
James Harris
Doesn't make any difference, the system will be unified.
What do you mean by "unified"?
--
James Harris
The Todal
2017-05-15 14:54:22 UTC
Permalink
Raw Message
Post by James Harris
...
Post by Phi
An MP speaking on TV today said Trident uses XP
For what? Target control? Or just staff rotas? Makes a difference!
Unfortunately all our nuclear missiles will be encrypted. Each missile
is actually a Word document with a macro in it. On the plus side, they
are no bloody use whether or not they work. The encrypted file can
safely be deleted.
j***@gmail.com
2017-05-15 15:19:57 UTC
Permalink
Raw Message
http://www.telegraph.co.uk/technology/2017/05/15/nhs-cyber-attack-latest-authorities-warn-day-chaos-ransomware/

Have the Americans not learned from when the sold arms to Indiana?
MM
2017-05-14 11:29:39 UTC
Permalink
Raw Message
On Sat, 13 May 2017 18:20:45 +0100, James Harris
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
More justification for the Tories, if they win, to impose
super-Draconian snooping software and make its use mandatory for ALL
users.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
pensive hamster
2017-05-14 11:37:34 UTC
Permalink
Raw Message
Post by MM
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
More justification for the Tories, if they win, to impose
super-Draconian snooping software and make its use mandatory for ALL
users.
How would mandatory super-Draconian snooping software (MSDSS)
help to reduce cyber attacks, malware, etc.? Surely it would
just provide another route in for clever hackers?
MM
2017-05-14 13:56:30 UTC
Permalink
Raw Message
On Sun, 14 May 2017 04:37:34 -0700 (PDT), pensive hamster
Post by pensive hamster
Post by MM
Post by James Harris
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack, NHS
England has confirmed.
What a pity that Hunt the ........ decided to stop paying the £5.5million
one-year support deal with Microsoft for Windows XP until the machines were
upgraded which had been negotiated with Microsoft.
Don't you think it's a bit of a cheek for Microsoft to ask £5.5 million
of our money for doing nothing? It did very little work to produce the
necessary patch in the first place. The patch was needed because of a
fault they had created in their software. Then they released the fix
only to paying customers.
Post by Judith
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
I expect it has.
More justification for the Tories, if they win, to impose
super-Draconian snooping software and make its use mandatory for ALL
users.
How would mandatory super-Draconian snooping software (MSDSS)
help to reduce cyber attacks, malware, etc.? Surely it would
just provide another route in for clever hackers?
Nope. Everything would be disabled bar the absolute essentials, just
as the Politbüro permitted East German citizens to save up for 8 years
to buy a Trabant.

Like I implied elsewhere, the vast majority of computer users DO NOT
need to be connected ALL the time. This post, for example, needs a
millisecond or two to be sent, and then I can click my button to
disable the Ethernet connection. I do it all the time.

MM

---
This email has been checked for viruses by AVG.
http://www.avg.com
Joe
2017-05-13 19:14:31 UTC
Permalink
Raw Message
On Sat, 13 May 2017 17:40:47 +0100
Post by Judith
Post by Ophelia
A number of hospitals have been hit by a large scale cyber attack,
NHS England has confirmed.
What a pity that Hunt the ........ decided to stop paying the
£5.5million one-year support deal with Microsoft for Windows XP until
the machines were upgraded which had been negotiated with Microsoft.
I trust that the NHS has not lost more than £5 million because of his
short-sighted action.
It was 5.5 million for the *first* year. Custom support prices were
expected to double and treble for the next two years, and it was only
ever going to be extended for three years, so it's over now.

The end-of-life schedule was announced in 2007, so nobody can claim to
have had insufficient warning. Replacement of obsolete assets is one of
the major objectives in setting budgets.

The usual excuse was given, that vital software doesn't work on later
versions of Windows, which if true, displays even greater incompetence.

And no, it isn't the Minister's job to schedule hardware and software
procurement in the NHS, it's his job to fire the extremely expensive
NHS senior managers who messed up, both in hardware replacement and
software specification. And he's not the only Minister involved, as
this wasn't an NHS-only issue, it was one for the entire government
which decided on the one-year extension in 2014. We probably won't get
to hear about the rest of the government, as not much of it is
public-facing.
--
Joe
Loading...