The latest Spudda Snip

Second, Microsoft deliberately left the world at risk in pursuit of relentless profit. Windows XP was a strong and stable operating system that was more than adequate for the vast majority of the world’s business (and NHS) needs. It was only deliberate technical and commercial obsolescence that left it unsupported when many users had no reason at all to update because it very successfully let them achieve all they wanted of IT. This vulnerability to attack was, then, deliberately made possible by a company refusing to support a product simply to extract revenues from those who had no need to pay it.

Third then this situation arises because we live in a political economy that grants corporations that are effective monopolies (as Microsoft and other such companies clearly are) the right to hold us to ransom by refusing to support perfectly useable product that we have purchased, which refusal does in turn lead us vulnerable to quite literal attack, which has a wholly foreseeable consequence. The cost is very obviously to us all. The benefit is equally obviously to a very few.

And let me be clear, this is not about profit maximisation. That can, even by its firmest enthusiasts only be justified when competitive environments prevail. That is not true in the market for IT operating systems. Sio this then is rent extraction and not profit maximisation. This is what the goal of modern multinational corporations is. Innovation is limited, and designed only to render obsolete systems that can be discarded when still useful to force customers to unnecessarily spend, in the process limiting choice, stifling real opportunity and ultimately imposing untold externalities on society at large.

Is this the direction in which we wish the world to continue to progress? I personally don’t think so. Regulation to control this abuse seems as essential as measures to prevent hacking.

The Curajus State would force British Leyland to still provide maintenance for Austin Allegros.

And it’s worth noting that Microsoft hasn’t refused to support XP. They’ve just said that it would cost them some money to do so, would someone therefore like to pay them to do so please?

The NHS said no.

So now the Curajus State is going to demand that British Leyland support Austin Allegros for free, eh?

51 comments on “The latest Spudda Snip

  1. “Windows XP was a strong and stable operating system that was more than adequate for the vast majority of the world’s business (and NHS) needs.”

    Why stop at WinXP? I bet Windows 95 was good enough for most people, why not stop all OS development at that point? Hell Windows 3.1 would still do a lot of what I need a computer for. Lets forget the last 25 years of improvements and all go back to dial up. In fact who needs IT anyway, we managed fine without it for centuries. Quill pens and abacuses all round!!

  2. Windows XP was shit. It was slow, resource-hungry, buggy and insecure compared with other contemporaneous operating systems.

  3. Funny you should think “Austin Allegro” when you read Spud’s article. Something completely different sprang into my mind when I read the first few lines – “Morris Marina”

  4. Is there a lot of sun spot activity at the moment? Is the tuberous claque egging him on too vigorously? His output as reproduced here by Tim is rather wilder and more obviously bonkers than usual.

    Nurse Ratched to Ely, please.

  5. Microsoft publishes the end of support dates, so it’s not like the NHS bought it not knowing that – you’d hope.

    E.g. right now they say that Win10 ends extended support in 2025.

  6. Not every NHS trust went down: I think firing the IT staff of affected trusts and a machine gunning the senior admin would be appropriate. There was nothing inevitable about something made possible by sloth and misdirection of resources.

  7. The irony being that the exploit was known to the Curajus State who could have told Microsoft about it, but decided to use it for other purposes and keep it to themselves.

    Perhaps those in gummint might now realise why forcing back doors to be put into tech products really isn’t a good idea.

  8. I know someone who still runs an Austin Allegro. A crap motor but it still runs. But then I once owned an Austin Princess.

  9. …this situation arises because we live in a political economy that grants corporations that are effective monopolies…

    Someone want to tell Ely’s Cunt that he misspelled “market”?

    And the Window operating system is hardly the only alternative out there for large institutions. Of course, when you live in Ely and bash out blog posts on an IBM PC jr., you might not know this sort of thing.

  10. Ah, that’s why my wife came back early from her job this morning, telling me that Barts’s system was kaput.

  11. Isn’t Windows 10 a free upgrade?

    Yes, as in “transfer for free – and then we’ll screw you“.

    Unlike earlier OSs, which you purchased a licence for and then could use in perpetuity, it intends subsequently that it will become a rental OS (and hence W10 will be their final OS).

    So yes, transfer away from something you paid for and could use forever (albeit in the future without support) to something where once they’ve conned & captured you, they’ll charge you annually forever..:)

  12. Personally I am not looking forward to the end of Windows 7. I installed on the day of release and will run it until M$ pry it from my cold dead hard drive.

  13. Danes know what a snippa is. Can I not read a single post in peace?

  14. Before being banned, I used to taunt him about joining the public service to see for himself what happens.

    He had no interest. He knows it would shatter illusions, and prefers to keep his opinions untainted by personal experience.

  15. I run a clean Windows XP installation on my main programming PC. It runs fine, it’s online presense is protected by various firewalls and things, and it runs faster on the 10-year-old hardware than my neighbour’s 1-year-old Win10 PC.

    And where has Tuppenny Murphy suddenly got IT expertese from?

  16. BiG

    “until M$ pry it from my cold dead hard drive

    I got a backup W7 Pro box to try and prolong that as long as possible.

    I want to start to get stuff away from MS – but I suspect I may always need a Windows version for some things. And secure it with LUA, whitelisting, sandboxing & similar as MS OS updates evaporate.

  17. I’m not an evangelist for any OS but it seems to me that for a massive organization like the NHS using an open source OS like Linux, their own modified version, might make a lot of sense.
    This would free it from the need to be at the mercy of a third party like Microsoft or Apple with their own priorities. Linux is also less dependent on regular updates of equipment and many distros will more than happily run on decades-old PCs.

    No doubt the initial costs of designing an appropriate distro would be significant but then the current costs of working with Windows seem to be even greater and over time the savings on not having to upgrade Windows, buy new equipment so often and fork out millions on Windows licenses should more than cover it.
    Add the increased security and now might be the perfect time to bite the bullet.

  18. I want to start to get stuff away from MS – but I suspect I may always need a Windows version for some things. And secure it with LUA, whitelisting, sandboxing & similar as MS OS updates evaporate.

    I’ve been running my windows operating systems separately from my machine operating systems by running them within an Oracle VirtualBox x64 environment.

    It’s a bit quirky, but means that I’ve still got access to outdated versions (Windows 7 x64) even if I am running my machine on Unix (currently Ubuntu 16.10)

    Having a machine as a single (very large) file also makes backing it up easy, especially since I have 28 TB of disk available.

  19. JS: No. There’s a reason why corporate America and corporate everywhere else ends up using Windows. A big org like that runs hundreds of different applications in different places, and everything is available for Windows, be it email, calendar collaboration, graphic design, diagnostic software, database maintenance, report generation.

    And when you want to outsource some software writing, like maybe something that connects to some equipment and monitors a woman’s vitals and progress through labor, you get a much higher quote for a Linux version than for a Windows or Mac version.

    And the ability to manage hundreds or thousands of Windows machines simultaneously through Microsoft tools is far greater and cheaper than anything equivalent for Linux or Mac.

    I’ve been working on Linux every day for the past 12 years and I use exclusively Macs at home, but if I were put in charge of NHS IT, common sense would lead me to prefer Windows.

  20. I think firing the IT staff of affected trusts and a machine gunning the senior admin would be appropriate. There was nothing inevitable about something made possible by sloth and misdirection of resources.

    I don’t think this is sloth or incompetence on the part of the IT folks. For the most part they can only change what they are allowed to change and that is subject to local hospital budget constraints.

    Even if money were no option, it would require that all of the software running on XP could be run on a new Windows OS (even if this wasn’t Windows 10, but something like Windows 7), this is by no means certain as a lot of it is provided by non-UK 3rd Parties like Siemens Healthcare Systems.

    A lot of these systems would have already been upgraded if the UK Infrastructure projects hadn’t been abandoned, so there is a political aspect to this as well which goes to the top of the political food chain.

    I expect Jeremy Hunt’s resignation sometime between now and the end of next week. It is an election period after all.

  21. I’ve just read the article at the gruniad

    “As soon as the Shadow Brokers dump came out everyone [in the security industry] realised that a lot of people wouldn’t be able to install a patch, especially if they used an operating system like Windows XP [which many NHS computers still use], for which there is no patch.”

    WTF would you patch the OPERATING SYSTEM??? You update your firewall/virus blocker as soon as a recognition signiture is available REGARDLESS OF OPERATING SYSTEM.

  22. John Galt: I was part of a team doing XP->Win7 rollout for a local authority. About a third of their software and most of their specialist plug-in equipment refused to work with Win7, and they complained “we haven’t budgeted for new hard/software, *you* (the IT contractors) pay for the stuff *you’ve* broken”.

  23. Windows XP [which many NHS computers still use], for which there is no patch.

    But there was a patch for Windows XP, it was the same patch as exists for the other still supported versions, but sending out the patch would send the wrong message about patching “unsupported” operating systems for customers who weren’t paying for post-end-of-life support (very expensive for Windows XP as Jeremy Hunt has learnt)

    One aspect of this which is unclear is whether the NSA was contributory in this exploit remaining upon (until their software was stolen).

    Were Microsoft complicit or acting under duress in leaving this exploit unpatched across the board until they had no choice but to release the patch?

    I don’t see either the NSA or Microsoft escaping all blame in this matter…

  24. *you* (the IT contractors) pay for the stuff *you’ve* broken”

    Yup. Been there, done that, got the T-shirt. This is exactly why you need to make sure contracts exclude this sort of liability.

    IT equipment is subject to similar sorts of entropy as a motor car. When it’s brand new it shouldn’t be a problem, but as it gets older without maintenance and upgrading it becomes harder to find the people with the skills to fix things (as the technology moves on) and gets more costly.

    Running out of date operating systems and software is a risk and what the NHS is seeing today is the costs of a risk becoming an actual issue.

    Paying a $300 or $600 ransom per affected PC to learn this mistake might be very cheap in the long run.

  25. “Why stop at WinXP? ”

    There are probably four real different versions of Windows.

    – The useless ones – as far as version 3.0
    – The useable 16 bit ones, 3.0, 3.1, 3.11 and Workgroups
    – The quasi 32 bit kludges 95, 98 and ME
    – The NT rewrites NT – NT4, NT2k, XP, Vista, 7, 8, 8.1 and 10

    The good ones are the early NT rewrite ones. NT4 and NT2000 (v5) are good and work reliably. Lots of people still use them. XP is v5.1, and is really NT2000 with a kiddie colour scheme. But it inherits the benefits of NT2000.

    Vista has piles of additional security / media junk and everyone hates it, lots of rubbish thrown in. Seven is the best of the new ones, it’s a bit of an XP throwback. 8 and 8.1 tried to foist Microsoft’s unwanted new system on you. 9 was missed out for marketing reasons. 10 is the one they want you to have and force down your throat.

    People who say “use Win10” are idiots. Firstly, it’s out of your control, Windows updates in its own time in its own way and there’s nothing you can do about it (they do allow some to turn this off), so if they f**k up with the upgrades, which they do, or they try and introduce some new lockout to enhance their business, which they do, then tough if it doesn’t work. Like, for example, one companies routers stopped working (Talktalk ?) due to a broken upgrade. NOBODY in the business trusts Microsoft’s upgrades. Any organisation with any sense blocks them and sees if they screw up the home users first.

    So, what’s the answer. Use Unix/Linux/BSD based software (Macs are BSD with a pretty front end), which actually is designed to be secure and networked rather than being bolted on 15 years late (seriously) in a half baked fashion. More to the point, Unix et al are atomic – specific files do specific things, whereas Windows is a huge monolith with everything glued together in various files, which is why half the upgrades don’t work reliably if there is the slightest problem. If you break an update in Unix, only that breaks. If you break one in Windows there are all sorts of knock ons.

    Most computers do simple documents, simple spreadsheets and email and browsing which is dead easy and can be done by browser or terminal based applications, which can be whitelisted (so you can’t visit Twitter when you’re supposed to be working) The staff will whine but this isn’t because they need Office, it’s because they want Facebook and Solitaire – this specific outbreak is due to bugs in Office’s attachments. Specific things run on safe servers (e.g. not Windows one, WTF would anyone use a Windows Server for anything) as SAAS, e.g. the actual software runs on a different system and you just have a front end visible. Proper documents can be done on a Mac and should be anyway.

    You will have a small collection of systems where some radiography system only works on XP or something. These can be on the network, but not on the internet. They can’t be upgraded (hardware upgrades are notoriously unreliable on Windows, Microsoft just say, buy new hardware). Most of this will be protected by the lack of other Windows boxes.

  26. Can someone confirm the round numbers on this:
    It seems that in the NHS around half of Scottish Boards, and a quarter of English Trusts. If that data is right, and Hunt has to fall on his sword, does it mean his Scottish equivalent has to fall on it twice?

  27. Whatever dumb things Ritchie says, windows 10 is still a giant pile of crap, seemingly designed to fuck up small businesses and private users too small to do anything about it. It is absolutely awful.

  28. “I’m not an evangelist for any OS but it seems to me that for a massive organization like the NHS using an open source OS like Linux, their own modified version, might make a lot of sense.”

    It really doesn’t. That’s a lot of cost and support work. It’s precisely why you buy an operating system – because one bunch of guys sell it for a small amount of money to millions, become billionaires, while it’s cheap to you.

    I know that open source sounds great, that you aren’t at the mercy of one company, or so it seems, but you really are. Pretty much no Linux teams out there go tweaking Red Hat, except for Red Hat.

    And they have similar sorts of “end of life support” times as Microsoft. The cost of Microsoft software doesn’t make that much difference if you’re volume licensing software, either.

    The real problem here isn’t about operating systems. It’s about application compatibility and testing and you’d have *exactly* the same problem with any other operating system. A supplier tests an application on a version or versions of operating systems and then sells it with that in the contract.

    Every other huge organisation has managed this by now, including most of the public sector.

  29. “Windows XP was a strong and stable operating system….”

    Windows XP: The Theresa May of Operating Systems.

    This vulnerability to attack was, then, deliberately made possible by a company refusing to support a product

    As noted, patches were available for this 16 year old, inherently insecure OS, the NHS just didn’t pay for them. Or upgrade. Or use one of the *nixes.

    Has it not dawned on the NHS religious adherents that a single centralised healthcare system might be vulnerable when these kinds of attacks happen? And I bet it won’t be the last.

  30. “Isn’t Windows 10 a free upgrade?”

    I can’t recall if the upgrade is free for a corporate license but the greater cost would be in the management of a new operating system.

    Things like installation, legacy support, maintenance, end user training etc.

    As it sounds like their systems were poorly managed then most likely even if they were running a newer version of Windows they probably wouldn’t have patched the flaw anyway.

  31. @jgh, May 13, 2017 at 3:49 pm

    +1 same here

    Re: XP updates
    1. As TW said NHS decided not to pay
    2. XP POS still receives free updates

    Anyone wanting more info on the Waanacrypt ransomeware which affected NHS IT and others:

    In chronological order:
    1. https://www.theregister.co.uk/2017/05/12/jaff_ransomware/
    2. https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/
    3. https://www.theregister.co.uk/2017/05/12/spain_ransomware_outbreak/
    4. https://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/ – 13 May 2017 at 00:16, Iain Thomson

  32. Dennis,

    “Someone want to tell Ely’s Cunt that he misspelled “market”?”

    I fear that in this case Spud is right, for the wrong reasons. We certainly don’t have a free market because there’s lots of political interference.

  33. Paul — the others are no better. My android device got an update recently and in the process destroyed a lot of my settings. Some people’s fingerprint keys stopped working, leaving them locked out.

    When people say we “don’t need” the new versions, generally what they mean is that they don’t use them to anything like their full potential. They literally don’t know what they could do but aren’t because they are too tech illiterate.

    I can imagine the NHS using old systems precisely to limit what people can do, such as wasting NHS time playing games.

  34. It’s custom stuff and compatibility usually
    , there was a report a few years back that government had loads of stuff that would only run on outdated versions of IE
    In some cases if it’s critical and has to be tested and certified against the OS it’s easy to be stuck running old stuff when the vendor has no reason to do the recertification for old stuff. I’ve seen OS/2 warp stuff as recently as 5 years ago where it was only kept for that reason. There’s likely still a lot of stuff running on embedded version of XP floating around out there. The internet of stuff is just going to make this worse as for example a thermostat is likely to still be running well after the software support period or routers/modems have moved on and can’t support them, same issue for the new smart meters that can’t run on the new network

  35. Even the pervasive and brutal Chinese government couldn’t make such a stupid idea work.

    “China’s homegrown answer to Windows has gone the way of the dodo after failing to make an impact on the domestic market for operating systems.”
    https://www.theregister.co.uk/2014/02/14/china_shutters_windows_rival_red_flag_linux/

    In a free market bad ideas do indeed go the way of the dodo. Under Socialism they get a bigger budget.

    Fortunately the Chinese government has now abandoned Socialism, though sadly it has simply side-stepped into Fascism. Hence Red Flag Linux was allowed to die.

    But that doesn’t mean the UK government couldn’t resurrect it, given a sufficiently heroic budget.

    Sure, not a single company would use it. Even if it were free. But I’m sure Ritchie could explain to every IT department in the country precisely why they are wrong and he is right. He is, after all, a Renaissance Man; a polymath; a new Jonathan Miller.

  36. Quote from in-house computer expert “even (little brother) doesn’t deserve to be left on XP, so upgrade his computer to Windows 7”.

    Windows 95 was better than XP

  37. I see Murphy has added IT expert to the long and varied list of things about which he hasn’t got a fucking clue.

    There are reasons for the NHS continuing to use Windows in the fashion that it does, but they’re not very good ones and boil down to inertia and empire-building. Organisations with comparable data-handling requirements haven’t been doing it like this for some time. Even in a small business, these days the backend stuff will be containerised with Docker, perhaps running under Kubernetes with provisioning and roll-out coordinated with, say, Ansible. Machines themselves can be virtualised and sandboxed. This needn’t cost a great deal of money.

  38. Murphy’s last PDF report shows he’s using a 2 year old version of OS X on his Mac. So the corporate horror gives him free updates as he insists, but he doesn’t use them himself.

  39. @ChesterDraws – Android has the same problem. They try and lump things you don’t want in, make changes you can’t control. Open Source stuff, you can see what you are getting, what it does and it’s optional. Google are better than Apple and Microsoft, but they’re still gaming it for themselves.

    Most people don’t need the new versions because new versions of Windows don’t actually offer anything very much ; they look different and they have new apps which are irrelevant to the NHS. In the Unix world if you don’t want it, don’t install it. A bare bones working Unix system does very little. If you want a GUI and a Browser add it ; if you want a database, web server, app server, add it. With Windows you have little choice about whether you get their junk or not.

  40. A quote from former senior NHS bod defending his former colleagues:

    “If you’re sitting in a hard-pressed hospital in the middle of England, it is difficult to see that as a greater priority than dealing with outpatients or A&E.”

    Bollocks. Your IT director isn’t dealing with outpatients or A&E. Your senior management should be able to manage multiple things simultaneously. It’s pathetic to use this excuse.

    From here: http://www.bbc.co.uk/news/uk-39911385

  41. @John77
    “Windows 95 was better than XP”

    He’s wrong. The 9x/ME series are awful kludges of the original (16 bit) Windows. XP is basically a version of NT 2000 made to look user friendly, with consumer things like media player added by default. As such, it inherits all the plus points of being a version of the (then) stable NT. Seven is better than Vista, but 95 isn’t better than XP.

    The thing is, they didn’t really tinker with it too much. When they introduced Vista they made all sorts significant changes, and then carried on as far as 10 (Metro, and the new monolithich mess)

    The reason for XP in the NHS appears to be the shambolic CFH, which required ‘new computers’ (which would have been XP at the time) and so much money was wasted on it for nothing they probably weren’t allowed anything else.

    The solution is SaaS ; do not actually run any operating system at all, just remote apps accessed via a browser or terminal. Yes, some legacy software is still going to require XP or some other version of Windows, but mostly it doesn’t. Virtually no-one uses all the facilities of Google Docs, let alone Office or LibreOffice.

    It’s either that or all be on 10, which is just asking for trouble,

  42. My uncle used to have a Leyland Princess. That was enough. There will never be a car in our family that an English auto workers union has touched, unless the production is managed by Japanese capitalists.

    It’s not so surprising that Murphy is out of his depth here, it’s just the sheer arrogance that is astounding. I see this as a good thing, because even his supporters will see what a load of bollocks he’s spouting.

  43. Rob said: “Your IT director isn’t dealing with outpatients or A&E. Your senior management should be able to manage multiple things simultaneously. It’s pathetic to use this excuse.”

    It’s not their time, it’s their budget. If you have £100,000 left in your capital expenditure budget, it’s hard to justify spending it on what people will call “shiny new computers” rather than whatever new life-saving gizmo (or drug treatment) that the clinicians are lobbying for.

  44. All this stuff about budgets won’t wash, for two reasons.

    (i) Most trusts avoided the problem, so it obviously can be done within NHS budgets. (That also exempts Hunt from any major criticism; the idea that the Sec State should be making local IT decisions is moronic.)

    (ii) It’s the perpetual public service excuse for everything, however lazy and incompetent the cvnts have been.

  45. I work in the NHS.

    The NHS IT system is a farce from beginning to end. The computers are old, in some cases steam driven (the lab reporting system we use dates from 1983) we still have Internet explorer 8 on the computers and one room I work in has no printer. The security consists of not allowing you to do any meaningful work on the computers and having passwords for every fucking programme. I have at least six passwords for fucks sake!

  46. And when you want to outsource some software writing, like maybe something that connects to some equipment and monitors a woman’s vitals and progress through labor, you get a much higher quote for a Linux version than for a Windows or Mac version.

    We’d charge a heck of a lot more to implement our systems on Windows than we do on Linux.

    And one of the main reasons people stick with XP is because of the cost of rewriting software to work on a new version of Windows. We have an XP machine because it’s running special hardware for which there are no drivers beyond XP, and a market of maybe a couple of dozen users to spread the development cost over. One our customers retired their Windows 95 machine that was running test hardware only a few years ago: again, no drivers for newer versions of Windows.

    Of course, neither of those are/were connected to the Internet, because we’re not morons. But I wouldn’t be at all surprised if someone at the NHS decided that there was no point spending millions and millions of pounds upgrading systems that only worked with XP, while they worked perfectly fine as they are.

  47. Oh, yeah, it’s also worth remembering that many companies won’t let you use their software or hardware in medical applications. I remember when I worked for chip company, our terms explicitly forbade any medical use for our chips unless they paid us more than enough money to cover any potential lawsuits if something went wrong.

    That only adds to the cost and difficulty of upgrades.

Leave a Reply

Name and email are required. Your email address will not be published.