Linked by Thom Holwerda on Mon 15th May 2017 16:18 UTC
Windows

Friday saw the largest global ransomware attack in internet history, and the world did not handle it well. We're only beginning to calculate the damage inflicted by the WannaCry program - in both dollars and lives lost from hospital downtime - but at the same time, we're also calculating blame.

There's a long list of parties responsible, including the criminals, the NSA, and the victims themselves - but the most controversial has been Microsoft itself. The attack exploited a Windows networking protocol to spread within networks, and while Microsoft released a patch nearly two months ago, it’s become painfully clear that patch didn’t reach all users. Microsoft was following the best practices for security and still left hundreds of thousands of computers vulnerable, with dire consequences. Was it good enough?

If you're still running Windows XP today and you do not pay for Microsoft's extended support, the blame for this whole thing rests solely on your shoulders - whether that be an individual still running a Windows XP production machine at home, the IT manager of a company cutting costs, or the Conservative British government purposefully underfunding the NHS with the end goal of having it collapse in on itself because they think the American healthcare model is something to aspire to.

You can pay Microsoft for support, upgrade to a secure version of Windows, or switch to a supported Linux distribution. If any one of those mean you have to fix, upgrade, or rewrite your internal software - well, deal with it, that's an investment you have to make that is part of running your business in a responsible, long-term manner. Let this attack be a lesson.

Nobody bats an eye at the idea of taking maintenance costs into account when you plan on buying a car. Tyres, oil, cleaning, scheduled check-ups, malfunctions - they're all accepted yearly expenses we all take into consideration when we visit the car dealer for either a new or a used car.

Computers are no different - they're not perfect magic boxes that never need any maintenance. Like cars, they must be cared for, maintained, upgraded, and fixed. Sometimes, such expenses are low - an oil change, new windscreen wiper rubbers. Sometimes, they are pretty expensive, such as a full tyre change and wheel alignment. And yes, after a number of years, it will be time to replace that car with a different one because the yearly maintenance costs are too high.

Computers are no different.

So no, Microsoft is not to blame for this attack. They patched this security issue two months ago, and had you been running Windows 7 (later versions were not affected) with automatic updates (as you damn well should) you would've been completely safe. Everyone else still on Windows XP without paying for extended support, or even worse, people who turn automatic updates off who was affected by this attack?

I shed no tears for you. It's your own fault.

Thread beginning with comment 644250
To read all comments associated with this story, please click here.
Comment by ssokolow
by ssokolow on Mon 15th May 2017 18:25 UTC
ssokolow
Member since:
2010-01-21

I see this article and raise you "This is why Windows users don't install updates"

http://goodbyemicrosoft.net/news.php?item.810.3

(Seriously, though, as the other commenters have pointed out in detail, this is a gross oversimplification.)

Reply Score: 4

RE: Comment by ssokolow
by loic on Mon 15th May 2017 18:49 in reply to "Comment by ssokolow"
loic Member since:
2012-09-23

I would not ever boot a Windows XP system on any network-enabled machine. About any reasonably recent laptop (< 8 yo) can launch it on a virtual box virtual machine, with no networking adapter enabled. It does not even need much RAM, XP is known to run well on 512 MB.
For non-techies, of course it could make sense, but I cannot see how any user with a dual boot would not know this.

Reply Parent Score: 2

RE[2]: Comment by ssokolow
by ssokolow on Mon 15th May 2017 21:36 in reply to "RE: Comment by ssokolow"
ssokolow Member since:
2010-01-21

Hey, I'm not saying I agree with that reckless behaviour... just that it's not necessarily that simple for people who are determined to be that reckless.

My Windows 3.11/98 and XP retro-gaming machines sit alone on their own leg of my router where the only traffic allowed to cross the boundary is connections initiated by the retro PCs which are either local DNS and DHCP (to daemons running on the router itself) or NTP and SSH (to my main workstation, with the SSH being limited to a chrooted SFTP-only account which I use for quickly moving files back and forth).

I find it a nice way to balance security with the convience of having networked file transfer, NTP time sync, and automatic network setup. (I even dug up DOS NTP and SFTP clients.)

Heck, the DNS allow rule is just a convenience that I should probably drop, since I've pinned the IP address of the workstation that provides the NTP and SFTP servers.

Edited 2017-05-15 21:37 UTC

Reply Parent Score: 2

RE: Comment by ssokolow
by Bill Shooter of Bul on Tue 16th May 2017 16:00 in reply to "Comment by ssokolow"
Bill Shooter of Bul Member since:
2006-07-14

That's a horrible counter argument. An old out of support version was too old to get the update because it hadn't been updated. Great. How is that MS fault?

I think the argument there is Don't use unsupported operating systems unless you really really have to and are supa careful on how they are used ( ie air gap them, please!)

Reply Parent Score: 2