London Metropolitan Police's 18,000 Windows XP PCs Is a Disaster Waiting To Happen (mspoweruser.com) 232
According to MSPoweruser, the London Metropolitan Police are still using around 18,000 PCs powered by Windows XP, an operating system Microsoft stopped supporting in 2014. What's more is that the police force is upgrading its PCs from Windows XP to Windows 8.1, instead of Windows 10. Only 8 PCs at the police force are reportedly powered by the "most secure version of Windows right now." From the report: From the looks of things, the London Metropolitan Police will continue to upgrade their systems to Windows 8.1 at the moment. Windows 8.1 is still being supported by Microsoft, although the mainstream support for the OS is set to end on the 9 January 2018. Microsoft will offer extended support for the OS until 2023, which means Windows 8.1 is still a much more secure alternative for the Metropolitan Police than Windows XP. Windows 10 still would have been the best option in terms of security, however. Microsoft is releasing security updates for the OS every month, and the new advanced security features like Windows Defender Advanced Threat Protection makes PCs running Windows a whole lot more secure. The spokesman of the 0Conservative London Assembly said in a statement: "The Met is working towards upgrading its software, but in its current state it's like a fish swimming in a pool of sharks. It is vital the Met is given the resources to step up its upgrade timeline before we see another cyber-attack with nationwide security implications."
I love this crap (Score:5, Insightful)
It's called managing your resources. Or maybe "scare the government into giving us more money than we need cuz look how outdated we are". Either way, the folks in charge need to be fired and the entire culture changed.
/ I used to get a new desktop every 3 years, whether I needed one or not
Re:I love this crap (Score:5, Insightful)
Private companies upgrade regularly, realizing it improves security/productivity. Government agencies never upgrade, then bitch that their anti-terrorism agencies are using 10 year old HW/SW cuz they can't afford to upgrade.
The problem is that while the government fully recognises that upgrading is worthwhile, convincing tax payers that spending millions on upgrading computers is a valid thing to do is nigh on impossible.
You and I can see that in the long run it'll cost less, but some conservative will always tell you that short term tax cuts are worth more than long term stability.
Re: (Score:2, Informative)
Why would they care about long term stability? A PM will last 1-2 terms tops, so their sole motivation is to be elected in the next cycle. They will always choose a saving now over a saving in 10 years time. That's why they do silly stuff like sell natural monopolies and fail to cover asset maintenance costs.
Re: I love this crap (Score:5, Insightful)
How about using free software to begin with, the manpower argument is nil because you're spending more on keeping this old crap running.
Re: I love this crap (Score:5, Insightful)
How about using free software to begin with, the manpower argument is nil because you're spending more on keeping this old crap running.
Came here looking for this comment. Was not disappointed.
You know, all through the years a bunch of us pointed out that anything your office worker is doing on Windows can be done on a Linux desktop. We had little effect on those whining "But, but, but ... training!!!!"
Well, the jump from Win7, to Win8, to Win10 is a lot greater than the jump from WinXP to KDE and guess what - your users managed to do just fine.
So now, to mitigate the security nightmare of literally unsupportable software you want to change to ... temporarily supportable software? You know that this game will play itself out, again, in a few years, right?
At some point in the future you'll be sitting with security nightmare boxes all running Win10, and moaning about how you need more money to move off an unsupportable Win10 to the new temporarily supportable WinSwissCheese.
Move to Linux. "Unsupportable" software becomes "support it ourselves if need be". You can't do that now, with MS, and you cannot do that in the future, with MS.
Or, don't move - I'll still be around to say "I told you so", so at least I'll get to be all smug and stuff.
(NOTE: "Unsupportable" is different from "unsupported". The former is literally "Impossible to support" while the latter is "Vendor doesn't support it, but we can hire people to support it if need be")
Re: (Score:2)
Yeah but support it ourselves requires paying someone to support it. This requires more tax money. Keeping an old version of windows and not paying for upgrades is still cheaper, until the bottom falls out anyway.
Re: (Score:2)
Re: I love this crap (Score:5, Insightful)
I fully agree with this as someone who works for IT side of the public health care sector of Finland. In fact the main project I'm currently in charge of which is an ERP overhaul project for hospital logistics is an Linux based project that saves us quite a lot money on the licensing costs alone. Most of the coding itself is done by a midsize Finnish software company.
However let me illuminate to you the difficulties of doing this at a large scale. A recent list I saw which is not comprehensive probably included 66 active systems currently in use by the hospital district. 6 of those, mine included, are Linux based, the rest are running on Windows. Why is this?
Well, the acquisition process itself is in its current shape such that it pretty much prevents small to midsize companies from bidding on major projects. The largest IT project going on at the moment is the replacement of the patient information system with a newer one that also unifies lab and imaging results systems and others directly to the patient files so that the treatment staff itself can access all relevant imaging lab and other data directly from the patient file itself without having to keep open several different systems at once like they still currently do.
We're a large hospital district, the largest in northern Europe. On a yearly basis we treat over a million people and as the most populated district in Finland we're also in charge of all highly specialized care. So needless to say that updating systems critical for the health and safety of over a million people is not exactly something to be done lightly.
Due to this projects of this size and scope are usually tendered out so that the tendering process itself contains a lot of terms and conditions limiting the size and type of companies that can even participate in the process. First of all they have to be on a stable enough basis monetarily, the financial/risk analysis by itself eliminates most smaller players directly from the game as they're deemed in too high risk of bankruptcy to be reliable.
The second thing that really cuts out the companies like the ones I'm currently working with from participating in these large scale projects past experience. Because the margin for error with acquisitions of this kind is so small, it is required that the companies have experience with providing similar systems using similar tech in the past 5 years to a similarly sized hospital area.
This pretty much narrows the options down a lot. And currently there are no open source players on the market that fill these conditions, as Linux based patient information systems are in their infancy at this point and have not been implemented at this scale yet.
Due to this the project is currently being developed by Epic Systems [wikipedia.org], an american megacorp. It's intended to enter use in 2019 with a total price tag of 385 million for the system itself, with a yearly price tag of around 40 million afterwards. How reliable these estimates are I cannot say, because outside proving technical support in the integration between logistics and the system itself I'm not involved in the management of the patient information system project itself and thus am going purely based on publicly available information. [apotti.fi]
The way forward here I think would be to set up a government owned IT company. Torvalds is Finnish after all so Linux is more widely used here than in many places so the expertise is there. The government could then pay for the development of large scale open source systems to be used by our public organizations. That's really the only feasible path to a more widespread adoption of open source systems in the public side, because the megacorporations currently in charge of this sphere - Epic included - are not going to be switching over to Linux and surrender their control of the product.
Re: (Score:2)
Move to Linux. "Unsupportable" software becomes "support it ourselves if need be". You can't do that now, with MS, and you cannot do that in the future, with MS.
If they can't support their systems running Windows, which is much easier to maintain and have user's accept, then they definitely won't be able to support Linux on their shoestring budget. Supporting software themselves? Hah.
Re: (Score:2)
Free software isn't free. Staff need re-training, incompatible equipment replacing, work-arounds for incompatible software need to be developed (if even possible)... Don't get me wrong, I think government should use free software for many reasons, but it isn't likely to save much, if any money.
Re: (Score:2)
Re: (Score:2)
How about using free software to begin with, the manpower argument is nil because you're spending more on keeping this old crap running.
Unfortunately, most members of management are too ignorant, naive, and/or arrogant to recognize that, even when it is pointed out to them.
They buy into the marketing hype of M$, Oracle, and SAP, and then expect their IT departments to implement the crapware that they just bought.
Re: (Score:2)
This "no longer supported" nonsense needs to stop too. Microsoft released a patch for XP regarding the Samba flaw just a couple weeks ago. They (allegedly, anyway) still support XP for embedded systems such as ATMs and Point of Sale systems. I'd bet they still support it for any industry still willing to pay a service contract, including the gov.
Re: (Score:2)
You should not be modded downwards, but then, you should have never been modded up either.
You said:
The problem is that while the government fully recognises (sic) that upgrading is worthwhile, convincing tax payers that spending millions on upgrading computers is a valid thing to do is nigh on impossible.
The person above you said:
It's called managing your resources. Or maybe "scare the government into giving us more money than we need cuz look how outdated we are". Either way, the folks in charge need to be fired and the entire culture changed.
Let me re-target the discussion for you: An entity gets $x amount (through profits/taxes/whatever) to perform certain things. Management is supposed to manage $x in such a way as to ensure the proper performance of the entity.
You seem to be under the impression that the normal operation of the entity should not include budgeting resources for upkeep of the software and hardware enviro
Re: (Score:2)
convincing tax payers
Since when have politicians needed to convince taxpayers before throwing massive sums of money around?
They havent in my lifetime.
Re:I love this crap (Score:5, Insightful)
Fired? The person who wouldn't give them a budget to upgrade is Prime Minister now.
It was a deliberate "austerity" policy.
Re: (Score:2)
Fired? The person who wouldn't give them a budget to upgrade is Prime Minister now.
It was a deliberate "austerity" policy.
Um, if someone has the ability to allocate resources then they are part of management. The implication is obvious.
I guess as long as The Met can claim that it was the politicians and the politicians can blame the Met, the situation never needs to get fixed. For myself, it is all government and it has become ineffective at what is is supposed to do and should be fired/removed from responsibility.
I am going to build a guillotine. Hopefully I can put it to good use sooner rather than later. Vive la France!
Re: (Score:2)
I am surprised the government doesn't rotate out the PCs every 3-5 years. XP machines have no warranty, so spending money to find parts to fix stuff is likely more expensive than a replacement cycle, there are likely auditing issues (not sure what items they are under, but having backlevel machines and operating systems surely runs afoul of some regulation.)
Of all the things that need to be updated/upgraded, it would be PCs. For example, AppLocker as a policy, disallowing admin access unless needed, enabl
Re: (Score:2)
Disallowing admin access doesn't really help in a networked environment (and chances are at such organisations, users never had admin access to begin with).. In order to exploit the smb vulnerabilities you only need the ability to connect to port 445 on a target host. The initial infection may have run as an unprivileged user on 1 workstation, but if other hosts are unpatched it would easily be able to gain privileged access to those.
Bitlocker only helps when machines are turned off, a machine thats booted
Re: (Score:2)
The public doesn't know how to think about IT -- the rapid change and the extensive spread into our lives and into critical infrastructure.
On the one hand there is an eagerness to adopt and "put everything onto the computer" -- on the other there's no sense of time and pace and scale and change.
And I guess for a lot of medium sized organisations (whatever that means) the IT "works" and continues to "work" and so doesn't need replacing until it "doesn't work" -- but to actually replace it you have to "start"
Re: (Score:2)
Are you seriously talking about software warranties of being any import what so ever, you must be kidding, what planet do you live one, certainly not this one with totally craptastic warranties, hey the software can cause billions in damages and kill thousands of people and the warranty will cover the cost of the software, right in the warranty in all piece of shit windows software it states that it is unfit for purpose.
What should happen is governments with their software budgets should directly locally f
Re: (Score:2)
Private companies upgrade regularly, realizing it improves security/productivity.
If only that were true. Where I'm working at the moment, we are still using Office 2007. Other tools for software development are nowhere near current. Instead, the IT department has rolled out some kind of USB connected display device for which the device drivers regularly break so that no one can actually display anything on the meeting room TVs. That solution undoubtedly cost more that a couple of types of video cable per room.
Re: (Score:2)
Private companies upgrade regularly, realizing it improves security/productivity. Government agencies never upgrade, then bitch that their anti-terrorism agencies are using 10 year old HW/SW cuz they can't afford to upgrade.
It's called managing your resources. Or maybe "scare the government into giving us more money than we need cuz look how outdated we are". Either way, the folks in charge need to be fired and the entire culture changed.
What are you talking about? I work for a private company and we still image Windows XP or 2000 machines when the hard drives die. In fact I just upgraded an XP SP2 computer to SP3 the other day. I needed to use a floppy disk just 6 months ago. My corporate laptop is Windows 7, at least, however the lack of a CD drive is a frequent frustration.
It's no use complaining about it or insulting the entities using old software. It's expected. It will not change. The only option is external mitigation of atta
Re: (Score:2)
> Private companies upgrade regularly, realizing it improves security/productivity.
BWAUAHA. That's funny.
Who's going to pay for it?
Small business don't "fix" what isn't broken.
Re: (Score:3, Insightful)
I wish idiotic people would stop equating upgrading with security. Windows 10 is the LEAST secure OS ever because it comes prepackaged with spyware, malware and back doors galore.
There is absolutely nothing wrong with running Windows 8 or XP, so long as your administrator is competent. Any OS, aside from Windows 10, can be hardened. Those dinky Microsoft Tuesday patches don't secure shit compared to having a real admin around who understands firewalls, user permissions, network permissions, antivirus/antima
Re: (Score:2)
Unfortunately that's just not true, while you can take steps to mitigate the risks by running old software you will end up running software which has known vulnerabilities that you can't fix. You'll end up having to disable so many features because they have unfixable flaws, that you might as well turn the systems off.
A competent administrator is better off running an ancient linux distro, not only can you harden it to a greater degree due to being more modular, but you can also patch the software yourself
Re: (Score:2)
You can mitigate risk, but it requires encapsulation of questionable software. Encapsulation in terms of local system access, but also encapsulation in terms of network access. Essentially, you need either a sandbox, or a virtual machine connected to a separate (heavily filtered) network.
However, the support for either is very weak in Windows XP, which makes it a poor choice as your main OS. And that is what we are talking about here. (Once you virtualise it, the risk becomes much easier to manage.)
Re: I love this crap (Score:2)
Re: (Score:2)
Complete nonsense.
For a start, XP has known unpatched vulnerabilities. But more importantly, you don't seem to understand how computer security works these days. When XP was new, one exploit would get you the keys to the kingdom, full access. Later versions introduced defence in depth, where its not just user/admin accounts any more, most stuff is virtualized or sandboxed to some degree and great effort is made to carefully separate data and executable code.
Running XP these days is suicide. Even if you keep
Re: (Score:2)
Private companies upgrade regularly, realizing it improves security/productivity.
You are not aware of the number of Windows Xp/Windows CE 5.0 systems sold to this day. Industrial machinery, HVAC control systems, medical equipment etc. are all using outdated, insecure operating systems.
Re: I love this crap (Score:2)
Re: (Score:2)
I'm afraid that the idea that private companies upgrade regularly or reliably is not well founded in corporate experience.
I'm up right now tuning and helping run disk backups to virtualize obsolete software on obsolete hardware because many private companies _do not_ upgrade. Getting proper backups of them before replacing or upgrading them can be quite tricky when the backup software is the policy mandated corporate licensed software, and it's old, buggy, and the upgrade version does not run on the out of
Re: I love this crap (Score:2)
The worst thing is not that some customers still have old systems that want to buy from you. The worst is unreplaceable internal mission critical software that require IE6. Find the project managers who had that idea and shoot them.
Re: I love this crap (Score:3)
While that may be satisfying it doesn't solve the problem.
Conflict of interest (Score:2)
Re: I love this crap (Score:2)
Re: (Score:2)
Re:I love this crap (Score:5, Insightful)
That isn't an unreasonable question, but the answer is that this isn't possible in any meaningfully secure way. You can have your XP continue to run, provided that the hardware is still available, or that a virtual machine can be built to support it, but your other two requirements are contradictory.
Bug fixes + keep shit the same. If bug fixes are understood to include security patches, and security patches include things like fixing weak encryption algorithms, or immense security disasters like ActiveX or (even worse) third-party immense security disasters like Flash, then you can't really "keep shit the same". Fundamentally, security is not a bug fix, it's an underlying design process that can't be tacked on at the end.
Re: (Score:2)
Upgrading encryption algorithms is easy to do without breaking any software. You upgrade the SSL libraries, and the applications use them so long as the application software doesn't do anything stupid like request specific algorithms. Plenty of old unix based software designed in the openssl 0.x days will happily build against the latest openssl and use modern algorithms if the remote peer supports them.
But that's because ssl is generally well designed with extensibility for adding new algorithms designed i
Re: (Score:2)
> You upgrade the SSL libraries,
This is not always this easy. Even 3 year old versions of OpenSSL have eal compatibility issues with the most recent releases, and the most basic software compiled with the old dependency can be broken by breaking change in the library. Even such robust software as OpenSSH, curl, wget, and apt have had issues with encryption library updates.
Re: (Score:2)
ctivex was always poorly designed, and anyone with an understanding of security would have refused to use it in the first place.
Exactly. And these sorts of design decisions are still being made, because humans aren't good enough at software yet. Fully extensible interfaces are likely impossible, and flaws such as leaving passwords around in memory can involve an entire software stack.
Re: I love this crap (Score:2)
It sounds like a great idea.
The problem is that the distinction between "bug fix" and "new stuff" is not very meaningful technically, but is rather a construct used for support schedules.
It's a strategy meant to mitigate software regression, but even a "supported" system will have countless unpatched bugs, not to mention all the third party software you might rely on.
Furthermore, while you might want "I like how it works" windows XP to stay the same for 50 years, the next person wants an eternal Windows 7,
Re: (Score:3)
You can. If you want it, I can put you in touch with a couple of companies that will offer you a fixed FreeBSD version with security backports. One of them was supporting FreeBSD 2.2.x[1] until a couple of years ago (not quite 20 years of support, but close). I know of at least one major US bank that runs FreeBSD 6 internally (and have only just finished their upgrade) and are paying for security backports and the occasional feature backport. The lack of SMP support was what eventually caused the last 2
Re: I love this crap (Score:2, Funny)
Why use an iPad as a replacement for a PC? Why not use a plastic dish?
The dish can be thinner and more durable while weighing less. It is dishwasher and microwave safe, immune to electronics bans on TSA screened flights and no one can hack it over the internet.
Sure, it doesn't let you type quickly or accurately, but neither does the iPad. It also comes in more colors and has many millions of accessories available, including trays, copies, placemats and even salad forks.
All in all, a PC is great, but if you
Re: (Score:2)
Re: (Score:2)
Win XP still gets updates ... (Score:5, Interesting)
... after a registry hack [zdnet.com] to tell it it's an ATM (or other embedded).
To apply the hack, create a text file with a .reg extension and the contents below:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
Re: (Score:2)
But is that supported in Home and Pro versions? IIRC, MS said no.
Re: (Score:2)
windows 10 is a total piece of shit,
How so? Care to list your points compared to XP?
Re: (Score:2)
I'll just leave these random questions lying here. (Score:2)
How does the current support level of the XP-based POSReady version (the Windows version for bespoke embedded device use), which is still receiving patches until 2019, compare with the support level of Windows 8.1?
Windows is not the way. (Score:5, Insightful)
I'm sorry but if you are serious about security and long-term stability (decades) then Windows isn't the way. Sure, no OS is perfect but that doesn't means you should choose to drink raw sewage because filtered water isn't really pure water. Honestly, they should be using some minimal version of FreeBSD with an minimalistic or possibly text interface. Progress is good but only if you are heading in the right direction.
Re: (Score:2, Troll)
Have you EVER met a government employee? Do you think they can handle an OS with a text-only interface?
Re: (Score:2)
Yes, but they have since retired and millennials have replaced them.
Re: (Score:2)
The UK cannot afford to create its own programming language, make its own police OS, code its own apps, have 24/7 support for its own UK OS and have perfect vetting for all its police.
The educational efforts of the 1980's to educate a lot of computer ready workers failed. All the computer hardware used in schools all over the UK did not result in a huge uptake of computer education and create skilled experts.
So the UK has generations of staff who know
Re: (Score:2)
>"The UK cannot afford to create its own programming language, make its own police OS, code its own apps, have 24/7 support for its own UK OS and have perfect vetting for all its police."
Right. So install and use CentOS for free (and the myriad of apps, including LibreOffice) and contract one of the many places for support. Have your GUI and a hardened, reliable, world-class, long-term, regularly-updated OS. Take the money you save on licensing and unnecessary hardware updates and malware payments, an
Re: (Score:2)
They would fear it and all the logs it keeps.
Tracking of gov staff would become more difficult as gov staff stopped using interesting search terms that the security services could watch for.
Staff could just search on XP and never faced any issues about results. New staff who might be loyal to other nations, be politically active, have to do tasks for their faith, be criminal or who
Re: (Score:2)
How the UK set up the CIB, DIB, the use of a Home Office Warrant, IPI, JIC, LIC, SLO and was able to move information in from all over the Empire.
How to get around most other nations embassy encryption methods.
How people or groups of people doing interesting things had to be found in the UK or trying to enter the UK.
Long term a lot of good methods and very new science got perfected.
The su
Re: (Score:2)
For good measure a number of the lead CentOS developers are based in the UK.
Re: (Score:2)
All you do is claim what people cannot do. You greatly underestimate your common man.
Re: (Score:2)
Interning people are getting more gov jobs and for some reason get police clearances.
Staff keep on giving or selling information due to politics, faith, another nation they are more loyal to or the need for cash.
Lawyers and activist human rights groups demand total access to security service methods in open courts via police reports.
Interesting people then change their methods
Re: (Score:2)
holy shit dude, try to condense your thoughts into a small logical compact form. i'm not reading your stream of consciousness posts.
Re: (Score:2)
So the UK has generations of staff who know of a Windows GUI, how to use some Windows productive apps and played computer games on Windows or early consoles.
So, the staff can handle the change from Windows classic interface to Windows 10, but they can't handle the change from Windows classic interface to KDE? Nor Gnome?
I'm afraid that the "trained in Windows UI" argument is well and truly lost - the smartphone take-up demonstrated without a doubt that people can easily pick up a new interface and use it.
Re: (Score:2)
The typical IT desk mantra is to get the latest OS always. But that latest Windows OS is a major screwup. The users hate it and it's not actually providing extra security, although the word "security" does show up in the marketing more than others. But everyone knows IT is just a marketing arm of Microsoft due to the hiring practice of only hiring those with Microsoft certificates which trains you to be an expert at marketing Microsoft products.
Re: (Score:2)
Of course it is more secure because it is new and closed source.
hehe
Just wait for while although...
Re: (Score:2)
Yes, and all that costs you is the ability to run and deploy the software that's critical to your infrastructure.
I happen to know someone who works in a small city IT dept. As far as I understand it, they're a 100% Windows department, mostly because all the software the city uses is available on Windows. Unless that software the city depends upon actually runs and works on the OS you're advocating, there's precisely zero chance it will ever happen. There is some very specialized (and expensive) software
Re: (Score:2)
Great! Basically, we have been pwned and there is nothing we can ever do about it. It is just the way it is, like the sun rising every morning.
We may as well accept it. That's for our own good after all.
Re: (Score:2)
I'm sorry but if you are serious about security and long-term stability (decades) then Windows isn't the way.
Are there any Linux-based desktop-focused distributions that have the longevity of Windows?
I am still running my 2004 version of SecureCRT and my 1999 version of Multiedit (less often). I just copy their directories between computers and have done since I bought these way back when.
I tend to run my Windows OSs until literally the day they stop maintaining them (I liked to stress test the development teams I worked with by being the one person in the office that wasn't running the latest & greatest so c
Re: (Score:2)
I'm not an MS fanboy by any means (almost everything I do outside of my desktop is on Linux) but I still think it's near I can SSH to one of my servers using a copy of SecureCRT I bought 13+ years ago.
hmm... you sure seem to enjoy proprietary stuff and to be well trained in MS concepts although.
I never had any problems logging into SSH servers without SecureCRT and I still run some servers with patched versions of slackware from 1997. Some running XVNC GUIs.
Re: (Score:2)
hmm... you sure seem to enjoy proprietary stuff and to be well trained in MS concepts although.
Hah! I mostly enjoy just doing what I want to do and not having to fight the OS every step of the way. FWIW I run almost exclusively open source software on my desktop wherever possible (looking at my list of applications open at the moment I have Firefox (my primary browser), VLC, Launchy and Notepad++ :)
Don't get me wrong - I would love to see more en masse migration to Linux on the desktop. But every time I've tried (and I make a concerted effort every few years) I just run into a laundry list of proble
Re: (Score:2)
I'm sorry but if you are serious about security and long-term stability (decades) then Windows isn't the way. Sure, no OS is perfect but that doesn't means you should choose to drink raw sewage because filtered water isn't really pure water. Honestly, they should be using some minimal version of FreeBSD with an minimalistic or possibly text interface. Progress is good but only if you are heading in the right direction.
Consumers are a considerable part of the problem with insecurity, because they will prefer functionality over security every time.
Is it possible to make Microsoft OS secure? Sure. Remove the GUI, disable file sharing protocols, and reduce it to a powershell box.
Is it possible to make a smartphone secure? Sure. Disable all app installs and cloud sync, remove unnecessary apps, and secure with 8-digit PIN.
Will consumers find these products useful after securing them? No, not really. They want to have th
Re: (Score:3)
So you think cops will do "media capture and processing" or software development? They don't even trust them with guns, you think they'll give them C++ compilers?
Re: (Score:2)
I do indeed do software development on a minimalistic text based system...
I do some image processing in a text based environment (automated image processing)..
And i do media capture in a text based environment...
Windows is aiming to be a jack of all trades, but most organisations only need to use a small subset of its functionality, and often different subsets depending on specific tasks within that organisation. Use a tool which is suited to the task at hand. Any additional functionality that you don't req
Re: (Score:2)
What you're thinking about already exists and is called "Wine"...
It's not as complete or compatible as the linux subsystem for windows, and that's both because windows is massively over complicated as well as being proprietary and closed source. It's much easier to clone the behaviour of linux because you have lots of documentation and source code to study.
I blame the public (Score:3)
Welcome to Public Spending, you see things like this everywhere. No money to fund Gov agencies. Makes one wonder if it is due to graft or incompetence or something else.
I blame the public, the vast majority will talk about a celebrity's sex life or a bunch of millionaires running around on a playing field like the world depends upon it. But knowing or really caring about what an elected official does, no one cares. So we end up with a majority of officials who only cares about themselves and how much they can skim for themselves or family/friends.
Can we stop pretending XP is dead? (Score:5, Interesting)
Forms of XP are still being sent out on brand new systems and will be for years. These devices tend to be the all in one industrial computers or the ones that integrate with car systems like the ones used in police cars. Because no one is making a secure browsers for XP anymore (developers repeat the lie "it isn't supported by MS anymore"), their users may be leaking data about you.
Free support for home XP users stopped but to many, it is still a current product. While it would be great to have it disappear, I expect its use will far outlive Windows 10 simply because of the old hardware the can't run anything newer that is often attached to even more expensive hardware in a way the prevents upgrades.
I hate to be that guy... (Score:3, Insightful)
...but "18,000 PCs is?" We have this word, "are," for when you have more than one thing. You should look into that.
"most secure version of Windows right now" (Score:5, Funny)
Its called Windows Powered Off Edition. :P
Re: "most secure version of Windows right now" (Score:3)
Understatement Alert (Score:2)
"...a Disaster Waiting To Happen"
I think that's putting it mildly. It may well be the understatement of the century.
Objectively: is XP the least secure Windows? (Score:2)
XP may not be getting updates, but it is not getting targeted either.
I am seeing most attacks targetting Windows 7.x - 10.x.
Back up your data, if XP is hit with malware, scrub your system and reinstall.
Windows systems newer than XP are not especially safe either.
Re: (Score:2)
China has hundreds of millions of XP systems still live and Internet exposed, even if only through home routers. It's still a very fertile ground for infection.
Re: (Score:2)
XP might not be targeted by generic botnet/ransomware/etc type of attacks, but targeted attacks (e.g. an attacker who specifically wants to steal data from a British police force) will find it much easier to develop an exploit to do so from a static target that's full of security weaknesses and is not being patched.
win8.1 vs win10 (Score:5, Insightful)
given that:
a) police computers hold private information on thousands of individuals - convicts, suspects, victims, informants, witnesses, and more
and
b) Windows 10 is spyware that routinely uploads data that it finds on PCs to microsoft servers
It should be illegal for police computers (or those of any government department or any company holding personally identifiable information) to use Windows 10 to store, process, or interact with that data.
Re: (Score:2)
It was only "backported" in the form of "recommended" (not "critical") telemetry updates, most of which can easily be removed [github.com].
And telemetry can be disabled by opening Task Scheduler and looking through all the schedules tasks, along with the disabling "Customer Experience Improvement Program" [microsoft.com] which is what opts the user into telemetry collection in the first place.
I remember reading (Score:5, Informative)
Re: (Score:2)
But either way it's pretty obvious the problem is a lack of funding...
And the continued use of the world's most insecure, and expensive, desktop operating system.
Re: (Score:2)
But either way it's pretty obvious the problem is a lack of funding...
Eh? There are PLENTY of funds. It is the distribution of those funds that are an issue.
Re: (Score:2)
And soon enough, given microsoft update policy... (Score:2)
"London Metropolitan Police's 18,000 Windows 10 PCs Is a Disaster In Progress "
Linux Makes Sense, but will never happen (Score:2)
When Linux first started to produce viable desktop products, the argument was the same as for Macs: we need to run just one O/S, and many of our users need Windows applications, so that's that, we all have to run Windows.
But then IT themselves pushed every major software project towards web solutions, because they didn't want to install any .EXE files at all - they never really got over their beloved mainframe environment, you see; they wanted all the PCs to go back to being dumb terminals and leave them in
Re:Virtualization? (Score:5, Informative)
Running a VM doesn't take all that much in terms of processor power, but it requires a lot of memory (RAM), usually around 4GB or more. The problem is that 4GB is right at the limit of what XP can use. You want to have at least 8GB of RAM to run smoothly, but that means you have to upgrade to Win7-64 at the very least.
And even if you're running a VM, the machine can still be infected, and act like a vector to spread the virus through the network. So you have to have a firewall and virus scanner, just like a hardware machine.
And since we're dealing with previously unknown zero-days, neither of those are of much use. Indeed, they may be worse than useless, as we're starting to find out. [nytimes.com]
Re: Virtualization? (Score:2)
Re: (Score:2)
The problem is that 4GB is right at the limit of what XP can use.
I'm pretty sure XP had a 64bit version which could address more than 4GB
Re: Virtualization? (Score:2)
Virtualization is older than a Pentium. IN modern times QEmu has been around forever and even the Mac PPC platform had a pretty decent x86 emulator.
Re:43 comments and no talk about proper firewall (Score:4, Insightful)
Completely Firewall off the internet ...
Completely Firewall off the internet
Completely Firewall off
Hey! Look at this neat USB drive I found!
Re: (Score:3)
And this great new mouse!!!
http://hackaday.com/2010/09/30... [hackaday.com]
Re: (Score:2)
https://arstechnica.com/securi... [arstechnica.com]
Shattered Assurance, Emotional Simian, Brutal Kangaroo, EZCheese, Lachesis.
Re: (Score:2)
For some reason that sort of freaks me out (semi-relevant XKCD [xkcd.com]).
Re: (Score:3)
Err, no, WinXP was the best OS Microsoft ever made.
Win 7 has countless annoying usability issues - some of which are fixed by Classic Shell [classicshell.net] and 7+ Taskbar Tweaker [rammichael.com], including usability issues with the start menu.
One of the most glaring problems is the lack of horizontal scrollbar in Windows Explorer in the folders pane. And when expanding a folder with double-click (rather than clicking "+", in the folders pane or on a pop-up folder selection box), for no reason, it spasmodically scrolls up and you can't see