Queen Lizzie uses Windows XP

Navy chiefs boasted the defence system on the UK’s biggest ever warship, the HMS Queen Elizabeth, will be NASA standard – rather than like the NHS system that was hacked into several months ago.
But computers in the flying control room on the £3.1billion state-of-the-art carrier showed the system was still running on Windows XP.
This was the same software used by the NHS computers which were hit by a global cyber-attack in May this year.

That’s the Windows XP which is so outdated that it cannot load, let alone pass on, modern viruses?

Seems pretty safe really…..

31 thoughts on “Queen Lizzie uses Windows XP”

  1. Pretty sure that will be XPe the embedded version rather than the desktop variant. Different in many ways including security.

  2. Bloke in Wiltshire

    The Windows XP system will be for admin-level stuff.

    You aren’t supposed to use Windows for life-and-death applications.

  3. Well, it presumably works…. (Although, bearing in mind this is GOVERNMENT IT, this is hardly a given) But does rais a question:
    Why do MS not market a basic, simple operating system? ,There must be more people like me who just want to web browse, word process, do a few calculations & open files. Who do not play games, need voice & image recognition, back-ups to cloud storage, their lives managed for them & all the other bells & whistles.
    My little netbook is sweet & since it gained an SSD, loads its XP O/S like lightening. But isn’t safe, on its own, on the web. It’s my machine of choice for everything else. Small enough to carry around (& does anybody do serious work on a touch screen tablet/ How?) The W7 machine’s also SSD. Loads its O/S in under a minute & I’ve tried to strip out as much of the bilge as possible. But it still squats over an enormous volume of the hard drive. The conventional H/D one got updated to W10 & unfortunately timed out on the rollback. It’s now a POS, taking about 10 minutes to get itself sorted from boot & seems horribly slow for a 2 year old medium price bit of kit. So it’ll be a factory reinstall & start again. If it lets me (?)
    It seems obvious M/S are going to lose me. Eventually I’ll get the hang of Linux* & migrate. Don’t they care?

    *I can actually do pretty well all of what I need on a 30 quid RaspberryPi

  4. The Register nicknamed it “Windows for Warships”. It’s a heavily customised and locked down version of Windows XP. Still far from ideal though.

  5. BIS

    Try Lubuntu Linux on your netbook. You can run it from a USB stick for a while (which will be very slow) to see if it’s compatible before overwriting XP.

    If you like it, Linux Mint would be a good choice for your desktop machine. Some people have success with a dual installation (keeping Windows, choosing which OS at start-up), but others recommend going all-Linux as being more stable. The XFCE version is very XP-like and you’d quickly feel at home. Security isn’t perfect, but Linux is safer than Windows if only because it’s less of a tempting target for crims.

  6. @Tom

    Some people buy a car and then spend hours tinkering with it and fitting extras to squeeze the last ounce of performance (however you define performance) from it. Good for them. Most people buy a car to get them reliably from A to B and have zero interest in what’s happening under the bonnet/hood.

    The former types may find Linux very satisfactory, but most people will find it too complex, and tinkering with it without knowing what you’re doing is dangerous. For the latter, modern versions of Windows do a very good job of running a secure setup ‘out of the box’ – most of the recent issues have been to do with people still running XP.

    The most dangerous person from a security viewpoint, is the one who says “I’m running Linux/Apple software, so I’m secure”.

  7. @Chris

    That used to be true: Linux was strictly for nerds, but the chances are that a modern ‘distro’ (i.e. distribution) will work flawlessly and need little, or probably no, tinkering at all. In fact it can be more challenging to find drivers and whatnot for Windows, and then of course there is the horror of kludgy automatic updates, besides W10 telling Microsoft and hence the alphabet agencies everything you, your cat and your budgie are up to.

  8. “That’s the Windows XP which is so outdated that it cannot load, let alone pass on, modern viruses?”

    There are viruses designed to attack XP, because it’s known that it’s no longer updated. There are still an awful lot of computers running XP.

  9. I would echo Thomas Fuller. The other advantage of Linux is it will work, usually ‘out-of-the-box’ on older hardware where W10 & even W7 would struggle. If you only need a browser (Firefox or Chromium), Office apps (LibreOffice), mail (Thunderbird) and few other apps, then Linux will work well. You can even run many simpler Windows apps under Wine (a Windows environment emulator), though forget it for Office and stuff like Photoshop.

  10. bloke in spain,

    “Why do MS not market a basic, simple operating system? ,There must be more people like me who just want to web browse, word process, do a few calculations & open files. Who do not play games, need voice & image recognition, back-ups to cloud storage, their lives managed for them & all the other bells & whistles.”

    Not much demand, if you’re running hardware from the last 5 years, which is nearly all OS purchases (either businesses with machines, or new home PCs). If you’re running on those, the overhead of Win 10 is pretty much irrelevant.

    If I wanted to do something to an old PC, I’d take a look at something like RemixOS and install Android on it. Linux is a fine OS, but a lot of the software for desktop Linux is garbage. But there is some good stuff on Android.

  11. Warship OS is locked down – no access to USB sticks etc with heavily supervised permissions enforced by design and military discipline

    Hardware supply chain carefully scrutinised or obfuscation used

    All software subject to verification checks, safety cases (in many cases), SIL levels and a well defined and policed supply chain

    No access to the internet or other attack vectors

    Access to the OS itself strictly controlled – probably one one of two people on the whole ship can upload information

    Cyber attacks would have to penetrate a succession of military communications links

    Or as the Daily Mail would say: highly vulnerable to cyber attack

  12. Two aircraft carriers look to me to be a foolish expenditure. What are we going to use them for? Against whom? How are we to protect them?

  13. “Or as the Daily Mail would say: highly vulnerable to cyber attack”

    Or as the US Navy would say, highly vulnerable to attack by container ship. (Which was presumably not intending an attack at all.)

  14. Maybe there will come a day when the electronic control systems for warships and the like will be so vulnerable to electronic attack that it will be safer (and more fighting effective) to have no electronics at all and revert to analogue systems.

  15. To those thinking of jumping ship to Linux, its still possible to retain and run windows within a virtual environment.
    Oracles VirtualBox is pretty good and not hard to set up.
    You can have the best of all worlds, Linux for day to day stuff which is still faster and less prone to viruses than windows, and still maintain the ability to run as many versions of windows as you like (all at once even) and retain all your old programs and data.
    When my Windows 7 computer dies, Microsoft and its Windows 10 abomination isn’t getting a look in.

  16. Oh yes, forgot to mention.
    Plenty of industrial cnc machinery is still using xp embedded behind the scenes.
    I’m running a 2 year old, 1/2 million piece of kit that has it, and there’s lots of others that still haven’t moved on to NT never mind anything newer.
    Never mind all the kit in the NHS that’s still under PFI!

  17. On the basis that there won’t be any aeroplanes for the “flying control office” to supervise for another couple of years there’s plenty of time to upgrade the systems to something more up-to-date before they’re needed for real.. 🙂

  18. @starfish

    ‘Access to the OS itself strictly controlled – probably one one of two people on the whole ship can upload information’

    So what happens when they’re killed?

  19. Jim – I think I saw a documentary about that from the early ’80s. Got remade a few years ago, with much the same conclusions.

    Some chaps called Starbuck and Apollo fronted it, if I remember correctly.

  20. I suspect it’s not so crap as the Mail makes out, but there will be vulnerabilities anyway.

    I’m more concerned about the lack of aircraft and support vessels to ensure a reasonably secure carrier group like the Americans have.

    And about what exactly her role is to be? Force projection is fine, and carrier groups are great for gunboat diplomacy; but there are presumably cheaper and safer ways to hit accurately targets on the other side of the world.

    I would say the grievous lacunae in UK armed forces are more to do with attack helicopters, heavy lift and numbers of infantry, the most useful and flexible military force money can buy.

  21. IT security for end user systems is determined by:
    5% – choice of OS
    10% – configuration of OS
    10% – choice of application software
    25% – configuration of application software
    50% – end user security awareness and training
    In a commercial environment there are other factors, such as physical security, but I assume we can take that for granted on a warship.

    In an office, if an end user does something against the published company policy that compromises security, they may (if they’re detected) get a ticking off. If they do it often enough disciplinary procedures may be invoked. Ultimately they might lose their job.

    In the armed forces they can be put on a charge. A significantly less pleasant procedure with consequences.

    A significant part of the US fleet has been running ‘Windows for Warships’ for years. I’m not aware of any successful cyberattacks against them. Even though they probably wouldn’t publicise any such, I think we’d have noticed if warships were continually grinding to a halt waiting for Ctrl-Alt-Del.

  22. Re the basic OS for users with simple requirements, there is of course ChromeOS on inexpensive (and expensive!) Chromebooks. Very common in US schools apparently. I’ve happily used one for the last four years. Mind you, I’m not an “evil/snoopy google” type person, happily use Gmail and an Android phone.

    Just flagging an option for consideration.

  23. bloke in spain:
    “My little netbook is sweet & since it gained an SSD, loads its XP O/S like lightening.”

    Did someone come out with a TRIM command for XP? If not, that SSD will clog and slow soon enough.

    (typed on an iPad + Logitech keyboard = slow + meh)

  24. Bloke in Italy,

    The analogy I rather liked is to a 70,000-ton Leatherman tool (change for brand of choice if you prefer Gerber or other manufacturer). At no point is that tool ideal for any task: for a strike carrier, QNLZ is STOVL-only, for amphibious tasking she lacks a well deck and vehicle access, for humanitarian work she’s too big.

    But the problem is that the RN can only afford to buy two ships, not six or eight (two carriers, two LPDs, at least one LPH, a few more LSDAs) yet they need to cover all those tasks and the existing fleet is aging hard after two decades of “peace dividend” and then Op ENTIRETY; so QNLZ is four acres of sovereign flight deck that can embark a Tailored Air Group (not just the eventual goal of 30-40 F-35s flying 120 sorties a day for strike, but a deck full of Chinooks for rescue and humanitarian work, or a battalion of Royals, the Merlins to lift them ashore, and a flight each of Lightnings and Apaches to support them: all giving deck and hangar space for CROWSNEST and Merlin for airborne early warning and ASW…)

    We don’t know what we’ll need her to do (MoD Main Building and Defence Intelligence are currently fitted for, but not with, a working crystal ball), so she’s able to tool up to do a lot of different jobs and get to where she’s needed at five hundred miles a day in reaction to events; and the requirement to protect her will scale with the problem (remembering that once she’s facing a serious threat, the UK is highly unlikely to be going it alone and will have help from friends, in the same way that US carriers in the Persian Gulf have on occasion had a RN destroyer as their sole escort within fifty miles)

  25. Confirmed, XP wasn’t affected by the WCry ransomeware, it couldn’t run the executables. Culprit was a whole bunch (like nearly every one) of unpatched W7 PC’s and unpatched Windows servers.

Leave a Reply

Your email address will not be published. Required fields are marked *