LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-13-2017, 07:47 PM   #16
cwizardone
Senior Member
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib." FreeBSD.
Posts: 3,526
Blog Entries: 1

Rep: Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894

Quote:
Originally Posted by Soadyheid View Post
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?.....
The FedEx headquarters in Memphis was hit pretty hard (or so I've been told).
I guess I should know better, but I still find it hard to believe any company would use microsoft software for "mission critical" operations. That the U.S.Navy uses Xp just boggles my old mind.
 
Old 05-13-2017, 08:12 PM   #17
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 3,516

Rep: Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546Reputation: 1546
Apparently we got lucky here in the US. The "Accidental Hero" stopped the spread before it got very far here.
 
Old 05-13-2017, 08:18 PM   #18
jailbait
LQ Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Linux Mint 17, Debian 8
Posts: 7,863

Rep: Reputation: 311Reputation: 311Reputation: 311Reputation: 311
Quote:
Originally Posted by hazel View Post
A large part of the UK's National Health Service has been attacked by a ransomware virus. The effect is patchy across the country, but many hospitals have lost access to their patient records and are accepting only emergency patients. A ransom in bitcoin has been demanded.

Apparently the NHS has for years been using old, unpatched, vulnerable software, so an attack like this was very much on the cards.

We tend to think of ransomware as merely costing money. This one could cost a lot of lives.

Here's a link to the BBC story
Microsoft has announced that they are fixing the vulnerable versions of Windows including some versions that they have already dropped support for. The vulnerable versions that Microsoft intends to fix are Windows 10, Windows 8, Windows 7, Windows Vista, and Windows XP.

https://www.ft.com/content/348d4f7a-...a-6027b8a20f23

So what version of Windows is not vulnerable?

----------------------
Steve Stites
 
Old 05-13-2017, 08:21 PM   #19
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 15,812

Rep: Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168
Isn't that a rhetorical question ?.
 
Old 05-13-2017, 09:03 PM   #20
KennyIRC
LQ Newbie
 
Registered: May 2017
Posts: 4

Rep: Reputation: Disabled
This is a wake up call. I say, stop using ancient operating systems! Use anything but windows XP or vista.

If there is ever a big cyberwar of the top countries the losers will obviously be using windows XP or vista
 
Old 05-14-2017, 12:09 AM   #21
nigelc
Member
 
Registered: Oct 2004
Location: Sydney, Australia
Distribution: Mageia 6
Posts: 354
Blog Entries: 4

Rep: Reputation: 63
This is how it works

http://blog.talosintelligence.com/2017/05/wannacry.html
 
Old 05-14-2017, 12:24 AM   #22
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,276
Blog Entries: 1

Original Poster
Rep: Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578
Quote:
Originally Posted by nigelc View Post
Dugan already posted that one!
 
Old 05-14-2017, 02:18 AM   #23
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 6,240
Blog Entries: 2

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
Quote:
Originally Posted by jailbait View Post
So what version of Windows is not vulnerable?
Quote:
Originally Posted by syg00 View Post
Isn't that a rhetorical question?
Isn't that a rhetorical counter-question?
 
Old 05-14-2017, 05:18 AM   #24
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,386
Blog Entries: 3

Rep: Reputation: 1051Reputation: 1051Reputation: 1051Reputation: 1051Reputation: 1051Reputation: 1051Reputation: 1051Reputation: 1051
Quote:
Originally Posted by KennyIRC View Post
This is a wake up call. I say, stop using ancient operating systems! Use anything but windows XP or vista.

If there is ever a big cyberwar of the top countries the losers will obviously be using windows XP or vista
Or Vista 10 or Vista 11 or whatever the "current" version will be at the time of the next attack.

From reading the last few weeks, it looks like all versions of Vista were affected for a long time, even Vista 10 which is the latest. It was so long a period that the NSA had time to develop and deploy malware to exploit that specific hole, with M$ knowledge. The problem there is that the malware got loose. Only recently did M$ patch the newer editions of Vista so that they could then steer the press into blaming old XP and take the heat off of Vista 10. I wonder if it was the Wikileaks reports that forced their hand and got them to patch Vista 10 and how long M$ would have left things unpatched had Wikileaks not reported on the problem(s).

Windoze has never been secure and always been a magnet for malware even back before it had a TCP/IP stack. The more things change the more they stay the same. What needs to happen now is a staff audit. Who allowed deployment of Windoze inside NHS?
 
Old 05-14-2017, 05:45 AM   #25
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,276
Blog Entries: 1

Original Poster
Rep: Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578
Quote:
Originally Posted by Turbocapitalist View Post
It was so long a period that the NSA had time to develop and deploy malware to exploit that specific hole, with M$ knowledge. The problem there is that the malware got loose.
I was going to ask if that story was true. If it is, it just illustrates the point I made before: you can't have a system that is secure against criminals, and at the same time insecure against the government (e.g. for the purpose of catching terrorists). Theresa May and Amber Rudd think that's possible and seemingly the NSA thought so too, but the laws of arithmetic don't allow it.

A back door is a back door is a back door!

PS: Vista may be insecure but does anyone actually use it? ISTR that when it came out, it was wildly unpopular and no one wanted to use it.

Last edited by hazel; 05-14-2017 at 05:49 AM.
 
Old 05-14-2017, 05:51 AM   #26
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 15,812

Rep: Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168Reputation: 2168
And there are people that don't trust things like selinux because of the NSA entanglements.
No wonder we are all paranoid.
 
Old 05-14-2017, 06:19 AM   #27
fido_dogstoyevsky
Member
 
Registered: Feb 2015
Location: Victoria, Australia
Distribution: Slackware 14.2
Posts: 128
Blog Entries: 1

Rep: Reputation: 105Reputation: 105
Quote:
Originally Posted by hazel View Post
PS: Vista may be insecure but does anyone actually use it? ISTR that when it came out, it was wildly unpopular and no one wanted to use it.
I do, since it came with the laptop I use to run some model railway software I can't do without and to update the maps on my satnav (which needs interweb access). The latter is particularly annoying - why does garmin think it sensible to only allow a windows machine to talk to their android device?
 
Old 05-14-2017, 06:28 AM   #28
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,770

Rep: Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935
I'm just trying to work out what new powers and laws the government is going to demand on the back of this. Making vulnerability scanners illegal, perhaps? Insisting that everyone register their email addresses and Windows license keys with the government? Or will this mean that the NHS needs to be sold off to private investors "who can afford to spend money on infrastructure"?
 
Old 05-14-2017, 07:47 AM   #29
grumpyskeptic
Member
 
Registered: Apr 2016
Posts: 154

Rep: Reputation: Disabled
I expect that the person or persons who did it will get caught sooner or later and spend a very very long time in prison. So far it appears they have only made a comparatively small amount of money out of it.

I am surprised that the NHS does not use a separate network, either physically or virtually.

I would have thought that the NHS and other government bodies are big enough to finance the creation or adaption of a separate secure OS that is not available to the public.
 
Old 05-14-2017, 08:13 AM   #30
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,770

Rep: Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935Reputation: 1935
Quote:
Originally Posted by grumpyskeptic View Post
I expect that the person or persons who did it will get caught sooner or later and spend a very very long time in prison.
Only if they're in the extradition zones for the countries affected. Otherwise they'll get away with it or be hired by their government.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Locky Ransomware Spreading in Massive Spam Attack LXer Syndicated Linux News 0 03-17-2016 06:32 PM
Hackers warn NHS over security Jeebizz Linux - News 1 06-10-2011 08:57 AM
LXer: Schools and the NHS: does Linux even get a look in? LXer Syndicated Linux News 0 07-21-2010 02:00 PM
Microsoft to keep our NHS records? sycamorex General 1 08-10-2009 07:17 PM
LXer: Novell starts work on NHS contract LXer Syndicated Linux News 0 12-19-2005 05:16 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 02:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration