The Very Worst Uses of Windows 816
bigplrbear writes "I found an interesting article revealing the many places that Microsoft products reside, and what they're used for, ranging from elevators to ticket scanners."
From the article: "Thanks to VMWare Windows is spreading throughout the datacenter. And, of course, there is only one operating system to use if you are dependent on Microsoft apps like Outlook, Word, and Excel. While I have joined the chorus of security folks who rail against the Microsoft Monoculture I still cannot believe some of the uses for Windows. Some of them are just downright silly, some you may claim are criminally negligent." Note: I'm making no claim of criminal negligence!
Medical equipment (Score:4, Informative)
Medical equipment: I confirm. My cousin is an engineer for General Electric, Medical section. As far as I know he services cardiac echography equipment. From what he told me, they all run Windows. Of course, this isn't life threatening, but I do know he's hardware guy and it wouldn't be the first time he calls me for a software problem in his job.
While not in this case, a BSOD may mean real "D" these days in a hospital.... Sad, but true...
Re:There can be only ONE (Score:2, Informative)
Plants (Score:5, Informative)
Most plants are running on PLCs, but their user interfaces HMI are pretty much all running some form of Windows. Common ones include Proficy iFIX (by GE), RSView (Rockwell), and WonderWare InTouch (Wonderware) on either Windows XP, Windows 2000/2003 or some form of Windows Embedded.
It is actually incredibly difficult to find mature HMI software that is available for Linux.
Re:WARNING (Score:1, Informative)
Funny you say that, since it was used on the Aegis... [seclists.org] If i remember right they now use bluecat linux.
Public BSODs (Score:5, Informative)
Re:There can be only ONE (Score:3, Informative)
Re:Medical equipment (Score:4, Informative)
Well, I certainly hope so. From what I hear those machines are indeed standalone. However, you just need one doctor with a laptop that is infected connecting directly to such a machine and mayhem ensues. Are they allowed to do that? Probably not.... Will they do it? Probably yes... :-(
Also note I was marked Overrated, just for confirming the article by personal experience. *sigh*
Re:Medical equipment (Score:4, Informative)
While I agree this is questionable, I don't think they are connected to the internets (at least I hope not). So, the whole virus/worm fear is probably irrational.
There are several monitoring devices that transmit wirelessly from the procedure rooms to control rooms. We use wireless network to transmit blood pressure and heart rate information from MRI scanning room to the control computer. The control computer is connected to the centralized medical records server which is "supposed to be" super secure. But if it is broken into, you can pretty much control the communication with monitoring devices. Hope it doesn't happen.
Why I still use Windows(tm) (Score:2, Informative)
While I have joined the chorus of security folks who rail against the Microsoft Monoculture I still cannot believe some of the uses for Windows.
Why do I still use Windows? Well its so I can get my little 32-bit Ski-Free [ihoc.net] fix. What is that you say? SkiFree works fine via Wine?
dd if=/dev/zero of=/dev/hda1
CnC on Aegis Radar Cruisers (Score:5, Informative)
A good chunk of the Command and Control systems on most modern (or most recently refitted) naval vessels in the United States' inventory run on Windows technology.
It kinda gives me the shivers knowing that one of our ships could be sunk by an "inbound" because the point defense system is suffering a BSOD...
Re:Power draw (Score:1, Informative)
"Another problem with overbloated systems running simple tasks is the huge draw of electricity. How much power could we save (and, therefore, money) by using bloated systems less for simple things?"
That is one of the big wins for running VMware ESX. You can consolidate 20 servers onto one machine. Obviously the real # varies. But you can take racks of old machines and retire the hardware and run the systems virtually on one host. It increases the load on that one host, but is a net gain in power and cooling savings over running all the extra machines.
However I do fear that because of virtualization that Win NT 4 will still be running 100+ years from now in a VM.
Ho ho ho! *snort* (Score:3, Informative)
it doesn't even indicate what version of Windows the system he's talking about uses - there IS an embedded version of Windows available for such tasks, you know.
I presume you mean Windows CE?
I'm on a team that (among other things) makes BSPs for Windows CE. Did you know that every single driver in CE5 runs in user mode? Ayup. They're simple DLL files that device.exe launches and runs as threads. Just at a slightly higher priority than Pocket Word.
Think about that a moment.
The drivers crash just like programs too. They just...bail. Suddenly the device the DLL is providing an interface to is simply gone. They don't run in supervisor mode, so they are susceptible to every single thing that can crash a regular program.
They're starting to fix this in CE6, but naturally Microsoft's solution is...to do both! [e-consystems.com]
In typical MS fashion, they are fixing a clusterfuck by mixing it with what they should have been doing in the first place, thereby making an even larger clusterfuck.
Re:WARNING (Score:5, Informative)
Database is definitely the way to go with that many lines of CSV. But he's already got Office so why not just Access? If you're going to go Microsoft, go all the way.
Re:WARNING (Score:3, Informative)
walmart uses windows (Score:1, Informative)
windows CE on those price guns, but the thing is, they all act like thin clients and use software thats actually running on a unix server.
Re:CnC on Aegis Radar Cruisers (Score:3, Informative)
And that has already caused problems [wikipedia.org]
Re:Plants (Score:4, Informative)
Re:Ho ho ho! *snort* (Score:5, Informative)
>I presume you mean Windows CE?
No, he means Embedded Windows, like Windows XP Embedded: http://www.microsoft.com/windows/embedded/products/whichproduct/default.mspx [microsoft.com].
(What scares me is that you work on embedded systems and have never heard of it. I've never even touched embedded systems work and I know about it.)
Re:Plants (Score:2, Informative)
I'm not a MS fanboy by any means but just want to agree with your post. If I had mod points I'd use them.
I setup a waste processing plant using Intellution about a decade ago. Was running on NT4, now 2k. But there is nothing scary about that. When the PLCs are programmed properly nothing terrible happens when the Wintel box crashes. Nope the proverbial sh*t doesn't hit the fan. It only makes it a little difficult for the plant engineers to monitor things and adjust levels. When the system boots back up everything is fine.
Re:Medical equipment (Score:3, Informative)
What did your daughter do to make it crash? :)
Re:WARNING (Score:1, Informative)
Re:Roller Coaster controls (Score:1, Informative)
Thats not the only coaster to boast windows, AIR at Alton Towers is one i know for sure uses a windows platform (the screens are visible from the platform, and was of windows 2000 flavour by the looks of it)
Also Cyberspace Mountain at Disney Quest, a 'create your own track' coaster simulater, runs on Win95
I know there are loads more, but i remember the AIR one more specifically cause it stalled on the rise out of the station, just after the track switch (there are 2 loading stations and the track switches between each). it was running again in about 5mins but if it set a train running or suddenly pulled the seat into 'flying' position (or dropped em for that matter), that could be a potential killer.
BUT!! heres the thing, these systems are kept in close loop, no internet or wireless connections, if only a operater was dumb enough to put a floppy/mem stick in could they get infected, that is why nearly all known accident on coasters are from either stupid people going in zones they shouldnt or mechanical failure, not a running system failure.
Win 3.11 is safe, as long as its kept solo.
Re:Medical equipment (Score:4, Informative)
Re:My favorite was... (Score:2, Informative)
Re:Local AMC 24 movie theater Win98 ticket machine (Score:1, Informative)
They're Windows XP Embedded running on Radiant POS touchscreen terminals [radiantsystems.com]. Yes, the managers have the keyboards locked up in the back. Sure, those terminals have USB connectors under the screen so you could use anything you want, but the terminals are running under a least-privileged user. No they are not rebooted daily to avoid memory leaks, but the main server at the theatre that drives all the box and concession terminals monitors them all and can reboot them remotely at any time if necessary. The software on there (RTMS by Radiant) is quite small and efficient, and the 'terminals' are really just all-in-one desktop PCs running XP.
And yes, each AMC theatre is on the VPN which is corporate wide.
Re:The alternatives suck harder (Score:2, Informative)
Came here to say this...
I've got a windows 2k3 machine that has been up for the last year and a half (I have owned it for a year and a half).
I have never really understood the "omg windows is t3h evil!" bullshit. Use whatever tool is most appropriate for the job. I use windows on my laptops because i need it to just work....I have putty and openvpn when i need to get back in and work.
Re:Medical equipment (Score:3, Informative)
Medical equipment: I confirm. My cousin is an engineer for General Electric, Medical section. As far as I know he services cardiac echography equipment. From what he told me, they all run Windows. Of course, this isn't life threatening, but I do know he's hardware guy and it wouldn't be the first time he calls me for a software problem in his job.
While not in this case, a BSOD may mean real "D" these days in a hospital.... Sad, but true...
While I agree this is questionable, I don't think they are connected to the internets (at least I hope not). So, the whole virus/worm fear is probably irrational.
I worked for hospitals and they are connected to the internet. The products from GE were so far behind in Windows updates and virus protection it was scary. We had to pull a couple of machines of the network for blasting out virus' several times.
Re:Medical equipment (Score:1, Informative)
Not only ARE they connected to the internet, they are also networked together in hospital units and patient data is loaded on them. Your hourly blood pressure and temperature while you're in ICU, your allergies, your currents meds, and many other things get loaded into Windows systems that work together (or not). That saves me and I see it every day, along with the problems caused by lockups, crashes, system errors, updates, and other things.
Three flavors of Python GUI (Score:4, Informative)
I've never done a GUI in Python
There are several GUI frameworks for Python. You could try either Tkinter or wxPython if you want a GUI app that runs on the local machine. Or read on:
All of my Access replacements in recent memory have been web projects.
And you can make web projects with Apache mod_python.
Re:One word: Accountability (Score:2, Informative)
I've worked with army aviation systems under lynxos and it was a part of the system that generated fewer WTF's than several of the other flavors involved.
Re:Medical equipment (Score:1, Informative)
FYI: BSOD != "worm/virus". HTH. HAND.
Re:Ho ho ho! *snort* (Score:3, Informative)
Re:Plants (Score:3, Informative)
True that and the PLC software won't work on Vista. I have a brother-in-law that programs PLCs for his business. He had to buy a used laptop with Windows 2000 on it to be able to program his PLC controllers. Vista wouldn't install or run the PLC software it was designed for 2000/XP, and no Vista port has been written yet.
He would gladly use Linux, but his brand of PLC has no Linux port either.
Re:Obligatory... (Score:5, Informative)
While that sounds good it doesn't wash. It depends what you are setting up to do. If you want a permissive, bug ridden system where most of your company's bandwidth is used for P2P and every three months your clients call you to tell you their computer has slowed to a crawl, go ahead and use Windows.
This is hyperbole or ignorance.
In controlled environments, modern versions of Windows don't have these performance problems.
Re:Medical equipment (Score:4, Informative)
Nothing is "not connected to the internet", not if it has an IP address
What?
Did you know that DHCP servers hand out IP addresses?
Did you know that you can have a DHCP server on a LAN?
Did you know that you can have a LAN that's not connected to the internets?
Re:OT: nostalgic Tv cable stations (Score:3, Informative)
I suspect this may be fairly common (Score:3, Informative)
After all Windows has a number of advantages when it comes to being a system that interfaces with the user. However often the hardware itself isn't directly controlled by the Windows system, but by another embedded device that runs whatever it needs to (and doesn't need to interact with the user).
I've seen this sort of thing quite often. We have a spectrophotometre (I think that's the right term) and there are three components: The measurement unit itself, the controller computer, the Windows PC. The unit is, of course, where you put your samples and what does all the actual measurement. However it is a very complicated device, that has lots of things to control. Well the PC you are on doesn't do that directly for a number of reasons. It instead connects to a specially modified PC (has a bunch of proprietary cards in it and such) that runs just the control software on some RTOS (not sure which). That controller then actually interfaces with the hardware.
In this way you have a nice GUI program that you can easily get data and pictures to programs you need to work on them in, or across the network, but the unit is still controlled with the complex hardware and software it needs.
Sensible way of doing things, really. Windows has good tools for GUI programming and such that make it very easy, and is a platform on which many apps run. Why not develop the user interface component on that, and only do the code that needs to be realtime on the embedded platform? Also a way to increase security of the embedded system. Rather than having to worry about all sorts of local attacks (like buffer overflows and such) you only accept input from a port that is connected to another computer and just sanitize data there. There's no complex access to the system, as there is with a GUI, and as such less anyone can screw up.
Re:Medical equipment (Score:3, Informative)
There are lots of IP networks which are not connected to the Internet. However, the concern you raise is valid for many, but not all, networks. Most organizations are worried only about perimeter security rather than looking at the whole network.
Re:Medical equipment (Score:5, Informative)
Well, I certainly hope so. From what I hear those machines are indeed standalone. However, you just need one doctor with a laptop that is infected connecting directly to such a machine and mayhem ensues. Are they allowed to do that? Probably not.... Will they do it? Probably yes... :-(
You would be surprised how much medical equipment is connected to the internet. My mother is a CT tech who works the night shift (in the USA). Rather than have a radiologist at each hospital all night to interpret the scans, they have one radiologist receive all the scans from all the hospitals in their group over the internet. The CT scan system is online: it takes the scans, stores them digitally, and then transfers the files to wherever they need to go.
They supposedly have a firewall and a VPN, but their IT department is not so bright, so I wouldn't count on them to be able to configure it correctly. I have heard tales of spyware infections of the CT scan terminal due to employee web surfing, and an employee who was (incorrectly) accused of viewing porn sites on the job.
Even when medical equipment is not directly connected to the internet, you can be pretty sure that patient records are stored on internet-connected machines (for things like sharing records between hospitals in the same system, etc.). It may not be directly life-threatening, but it certainly is a huge privacy concern.
Re:Medical equipment (Score:4, Informative)
You don't leave patients in MRI's any longer than necessary. Unless you like being shoved in a sewer pipe and having dwarfs with hammers bang on it (the sound of an MRI firing), it gets pretty scarey in there. And the staff can't chat with you easily when you're in there and they have to stay outside fixing things.
Also, this is a patient. If something goes wrong, you don't want them _stuck_ in the MRI and have to cart medical equipment in, especially anything electronic like an EKG or a defibrillator, while they're near the magnets. It's much safer to wheel them out so that they know you care more about them than about the equipment.
Re:Obligatory... (Score:2, Informative)
This created a de-facto monopoly, since people could not do without the government and bank websites (which now required windows to work properly), and before you know it, everything runs windows because 'everybody uses windows anyway'.
It's actually so bad that most websites require multiple activeX components before they run, and they won't run at all on firefox or opera because most programmers don't care about proper coding, because all they 'need' is for it to run on iexplorer. The switch to newer versions of IE or to windows vista was a huge mess too, because nobody had bothered to code the components with the future in mind. My girlfriend couldn't online-bank for half a year because she ran vista.
The funniest thing is the korean free trade commision recently fined MS $32 billion for running a monopoly, which they themselves created, hah.
Re:CnC on Aegis Radar Cruisers (Score:3, Informative)
There is an example of systems failure causing the loss of a ship - although I do not believe Microsoft was at fault. (I'll blame them anyway, to be consistent.) That example was HMS Sheffield, in the Falkland's War, which was hit by an exocet missile despite having the ability to shoot them down. The point defense systems were confused by too many objects on the RADAR.
It's more complex than that.
- Sheffield's radar was the old Type 965, which wasn't very good at detecting seaskimming missiles. The RN was in the process of replacing it with a new system, but Sheffield hadn't been upgraded yet.
- Sheffield's alert status at the time is unclear:
One history of the Falklands war says that as there were no "bogeys" on any radar screens at the time, the officers were making a satellite phone call back to Fleet HQ in England, an action that would jam the use of the ship radar. However, with other ships close by, notably the Carrier Invincible, this was not seen to be a risk. At the end of the call, reported the Guardian newspaper, the radar came back on and the two Etenards were spotted just 33km away. It was the Navy's first encounter with low-flying Exocet-carrying attack planes.
Another history says that the Sheffield's crew were "only in second-degree readiness rather than at full action-stations". The first the crew heard was a loudspeaker warning "Missile Attack - hit the deck". It reportedly took four minutes to close a ship down into battle stations and to be ready to take evasive action. The Sheffield had little more than a minute to react.
(from here [tripod.com])
- Sheffield did not have point defence systems. Its armament consisted of Sea Dart (designed to attack high-flying aircraft) and a 4.5" gun, both considered long-range systems.
Later in the war, the RN tried the "missile trap": a Type 42 would operate in conjunction with a Type 22 frigate, which carried the Sea Wolf short-range missile system which was designed for use against low-flying targets such as the Exocet.
So, Sheffield was not lost to systems failure but to incorrect procedure and a lack of foresight.
Re:WARNING (Score:1, Informative)
Re:Obligatory... (Score:5, Informative)
I am a Korean, who also uses Ubuntu on a daily basis. Maybe I can answer this question.
To get the Korean people use Linux, some things must be solved first.
1) A good localization team which can catch up all the changes
2) ActiveX-free site designing practices
It seems that 2) is somewhat getting better, since I find that many webpages that didn't render properly starts to get rendered quite well on Firefox. Although there still are many websites that doesn't properly run without ActiveX, it isn't that serious in many cases. I guess it is because people are suddenly figuring out that ActiveX is insecure, unreliable, and may cause a whole lot of portability problems (surprise, surprise). Now, they try to implement them using Flash or plain Javascript.
Now, what remains is when doing anything related to banking or shopping, since the Korean government requires all financial transactions to use their own way of digital signatures, which requires additional libraries. AFAIK, there is no regulation which limits its implementation to be in ActiveX, but the only problem is that nobody implements it in anything else. I believe there is a Java implementation which ran as an applet, but is seriously outdated since most people stuck with Windows anyway.
Actually, I think the localization problem is more serious. Although many applications are well localized, it's still hard to find every newest distribution to be fully localized (I'm not even talking about beta versions). And it may cause problems, even if the number of non-localized messages is small.
Combining it with a lack of cheap Linux programmers (also caused by the lack of localization, since the cheap workforce isn't so good at English anyway), I don't think we in Korea would see some serious Linux usage over here.
ps : the mad cow demonstration isn't actually against United States - it's against the Korean government which didn't even try to do any negotiation at all - they simply threw the towel, even giving up their right to have any power to protect themselves in case of an outbreak of mad cow disease or whatsoever. Now suddenly, the government figured out that people actually did care about public health. (surprise, surprise).
Re:Obligatory... (Score:5, Informative)
Where did you get that idea?
Australia has never recorded [csiro.au] a case of BSE or vCJD and is one of a handful of countries recognised as having a negligible BSE risk by the World Organisation for Animal Health.
Re:WARNING (Score:1, Informative)
Re:DeepFreeze DeepSchmeeze (Score:3, Informative)
If you set the file system permissions correctly and keep all logins in the Users group, it is remarkably difficult to crack these systems.
That does suggest that you are lucky enough that all your Windows apps are happy running as a "normal" user. There is still plenty of Windows software around that insists on an Administrator account.
Cheers,
Toby Haynes
Re:Medical equipment (Score:3, Informative)
Re:Obligatory... (Score:3, Informative)
"Not to be rude, but when will the open source crowd realise that no legal department is going to let a firm go to linux until there is somebody they can sue if everything goes belly up"
Of course you are a troll, but...
I still have to see a corp installation that at boot up says "here's Linux booting". They all say "Here Comes Red Hat", or "That's Novell SUSE coming", or "welcome to Canonical's Ubuntu", or something like that.
Are you implying that Microsoft can be sued but Red Hat, Novell or Canonical can't?