GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,094
Rep:
Quote:
Originally Posted by Soadyheid
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?.....
The FedEx headquarters in Memphis was hit pretty hard (or so I've been told).
I guess I should know better, but I still find it hard to believe any company would use microsoft software for "mission critical" operations. That the U.S.Navy uses Xp just boggles my old mind.
A large part of the UK's National Health Service has been attacked by a ransomware virus. The effect is patchy across the country, but many hospitals have lost access to their patient records and are accepting only emergency patients. A ransom in bitcoin has been demanded.
Apparently the NHS has for years been using old, unpatched, vulnerable software, so an attack like this was very much on the cards.
We tend to think of ransomware as merely costing money. This one could cost a lot of lives.
Microsoft has announced that they are fixing the vulnerable versions of Windows including some versions that they have already dropped support for. The vulnerable versions that Microsoft intends to fix are Windows 10, Windows 8, Windows 7, Windows Vista, and Windows XP.
This is a wake up call. I say, stop using ancient operating systems! Use anything but windows XP or vista.
If there is ever a big cyberwar of the top countries the losers will obviously be using windows XP or vista
Or Vista 10 or Vista 11 or whatever the "current" version will be at the time of the next attack.
From reading the last few weeks, it looks like all versions of Vista were affected for a long time, even Vista 10 which is the latest. It was so long a period that the NSA had time to develop and deploy malware to exploit that specific hole, with M$ knowledge. The problem there is that the malware got loose. Only recently did M$ patch the newer editions of Vista so that they could then steer the press into blaming old XP and take the heat off of Vista 10. I wonder if it was the Wikileaks reports that forced their hand and got them to patch Vista 10 and how long M$ would have left things unpatched had Wikileaks not reported on the problem(s).
Windoze has never been secure and always been a magnet for malware even back before it had a TCP/IP stack. The more things change the more they stay the same. What needs to happen now is a staff audit. Who allowed deployment of Windoze inside NHS?
It was so long a period that the NSA had time to develop and deploy malware to exploit that specific hole, with M$ knowledge. The problem there is that the malware got loose.
I was going to ask if that story was true. If it is, it just illustrates the point I made before: you can't have a system that is secure against criminals, and at the same time insecure against the government (e.g. for the purpose of catching terrorists). Theresa May and Amber Rudd think that's possible and seemingly the NSA thought so too, but the laws of arithmetic don't allow it.
A back door is a back door is a back door!
PS: Vista may be insecure but does anyone actually use it? ISTR that when it came out, it was wildly unpopular and no one wanted to use it.
PS: Vista may be insecure but does anyone actually use it? ISTR that when it came out, it was wildly unpopular and no one wanted to use it.
I do, since it came with the laptop I use to run some model railway software I can't do without and to update the maps on my satnav (which needs interweb access). The latter is particularly annoying - why does garmin think it sensible to only allow a windows machine to talk to their android device?
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
I'm just trying to work out what new powers and laws the government is going to demand on the back of this. Making vulnerability scanners illegal, perhaps? Insisting that everyone register their email addresses and Windows license keys with the government? Or will this mean that the NHS needs to be sold off to private investors "who can afford to spend money on infrastructure"?
I expect that the person or persons who did it will get caught sooner or later and spend a very very long time in prison. So far it appears they have only made a comparatively small amount of money out of it.
I am surprised that the NHS does not use a separate network, either physically or virtually.
I would have thought that the NHS and other government bodies are big enough to finance the creation or adaption of a separate secure OS that is not available to the public.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
