@sawboman
Forum Replies Created
-
AuthorPosts
-
Bottom line, do not blame the hospital techs. If you must blame anyone then blame Hunt and his inflexible targets.
Ah yes blame culture, Hunt is a good target after all in 2014 and 2015 instructions were issued by him to remove XP and bring systems up to date.
I introduced the fact that windows drove some equipment,. In the case to which I specifically referred, it was not MRI or CT scanner devices but equally expensive kit – that also had a 10 year amortisation period. The fact that it used unpatched windows and was not software maintained was clear to anyone who looked. The hospital IT staff did not know it was even there until they were told of its existence and its parlous state. Have you no experience of the NHS culture? I have and it can be a dangerous issue when things like this happen always protect the guilty at all cost.
I wonder why your hospital and mine as well, along with our GP’s system were updated in time? Could they have followed Hunt’s inflexible targets?
It is not always the case that PCs are shown on manifests, they can be treated as part and parcel of the installation supplied by the system integrator, sometimes the chassis is truly built in.
I have been guilty in the past of slipping in terminals to avoid the internal IT police, (in another country, a long and partially political issue). However, they were completely stand alone and had no interface to any other systems. So risks were non existent. Networking was not an option or needed.
I suggested to Tamara that if the US were to drop thousands of preloaded tablets with pictorial comparisons of NK and SK, people could be stirred up. She immediately said not possible. They have no money, and are frightened to death (money is needed for any coup anywhere). She is correct, knowing something of the USSR and its satelites. Just look at the soldiers etc when on parade in front of fat idiot. Yes, just LOOK. They are both frightened to death and heavily brain washed. I expect most DO believe the Kims are gods! Frightening. Les.
Sad but very, very true, they get Kims-as-gods cradle to grave, possibly before the cradle in most cases. Once a culture like that is established it is virtually impossible to break through to anyone.
I removed SMBv1 yesterday for both of the machines in the office, others will follow when the portables are next woken up.A check of the WHS found no trace, I hope that is a good sign?
Perhaps IE6 was a passable idea in when, in 2006 or before? However, the world has moved on so it is clearly time for action on that thorn and I really hope MS show some armour covered action to break that and the SMBv1 issue giving a cut off date in the very near future.
I gave the issue of e.g. scanners, MRI, CT, and a number of other highly expensive pieces of hardware, etc. that were, in 2010 using XP since then much water has flowed under the bridge and asking around most of that era hardware has been replaced. The philosophy of not even notifying IT of such items, let alone getting them patched may well still apply, cultural changes are almost impossible to achieve. The device I spoke about had no patches applied in 6 years of use and IT were not even ware of its status, the culture rode again.
Our GP reported no issues this morning and confirmed that the bag of nails they had been using (running mandated software) had been replaced. The new system is less than a year old with an upgraded support package. I have to trust that package included update management…
I accept that there are always crude ways of air-gapping such as using a USB stick or even printing. Forgetting for the moment the horrendous control problems with sticks, if you go back to manually transporting all the data you lose a lot of productivity. Mandating air-gapping everything deemed critical brings its own (I think bigger) issues. There are of course ways of accomplishing pseudo-airgapping (for example a crude method could be interposing a secure Linux box with rigorous rules on file transfers). However these ‘solutions’ cost money and add complexity. Better I think to address the root cause and get the NHS funding and targets sorted out. As said earlier asking a Hospital Administrator to choose between drugs and PC upgrades was an impossibly hard requirement. (It has always been one of my biggest bitches about the UK Government/Civil Service, they do not seem to understand the differences between expense, depreciation and capital.)
In about 24 months I see a whole new set of headlines as the gravy train now being stocked with fresh fuel derails and the gravy turns out to be something else.
Can anyone tall me why SMBv1 is still ticked to be available in Windows 10?
a good old subvert US lead coup is probably on cards. I love a good thriller.
I think if you are even vaguely suspected of being involved in planning for a coup then you will end up like the poor sod at KL airport, a swift whiff of Tabun, Sarin or Vx up your nose. In all probably the same then happens to the next couple of levels of your friends, family and colleagues. After 60 years or so of autocratic rule and brain-washing in schools I think a coup option is currently unlikely.
Horribly true, some appear to be terminated just to encourage the others not to try.. Internal dissents are unlikely to prevail, ever. It is not just the poison gas some are used as crash test dummies for missiles, rapid firing guns, etc.
The leadership cult needs to have a mind
implant, sorry change.Richard if I go back nearly 30 years ALL our process control computers were completely air-gapped from the outside world. Unfortunately (or should I say fortunately) times have moved on, driven by productivity and convenience. Just before this debacle I had to go to my local hospital for scheduled dental work that required a CT scan to show the details of my sinus cavity, and its relationship to the roots of a tooth. The radiography department was a five minute walk from the dental department, but when it was all over the radiographer just pressed a button to wing it all over to the dental surgeon. He did not have to wait for or use a hospital porter, and neither did the dental surgeon. What would have consumed an hour of my time in the old days took maybe 15minutes at the most. I would estimate that through the day the surgeon gets an extra hour of productive time, and saves a couple of hours in hospital porter time. As it happens I know that this hospital was completely unaffected by the exploit so the embedded device was either patched or attached to a fully patched server. (Visible PCs are all Windows 7). [edit] There is a fair chance that the CT scanner uses an embedded Linux device rather than Windows and Samba would be the normal interface medium.
I am aware of the vast improvement that has taken place over the past few years. When I had back trouble back in 2002 I was told to take some pills and go away. In 2012 by which time I was not able to walk unaided I had MRI scans and, not only were they available to the on site staff, I was seen at a hospital 20 miles away who had full access to the results. Within 24 hours of an operation I could walk again. I was given a copy of the MRI results for a later back scan which preceded a second spinal operation. I am converted to making information available What I was saying was that 30 years go networking issues, i.e. no network, could be by passed. such abilities still could avoid the issue of not networking vital but fragile hardware/software.
I believe that most of my trust’s hardware is (a) suitably modern and (b) tended by a switched on IT department. They were pre-emptive on Friday and I suspect have been busy ever since.
PS, every possible source of information has even sent me data on this issue and I am not signed up for any special treatment. Loads of the messages had links into further details.
PPS, it is time to
blackblock list allsoftwarecrapware vendors who mandate only one browser ever be used with their crapware until such time as they make their offering agnostic. As for insisting on the use of IE6 or something else a dinosaur sat on or used when it was at school, bankrupt the stupid XXXXs with extreme prejudice. There was an offering a little while ago that could ape obsolete software while running on secure, usable hardware/software, was it Browsium and is it still available? A quick check suggests it is still offered and its web site suggests it would have been of some interest to those stuck with crapware.Edited to correct a very unfortunate typo and add in a few missing items.
As Ed mentioned in the other thread, board members, like civil servants, often have arts or legal degrees. They’ve usually got up the greasy pole by back stabbing and can be entirely self serving. One particular IT manager I knew used to make sure he didn’t spend all his budget to impress his boss (the Finance Manager) at appraisal time of his financial acumen. I used to spend all mine and go back for more ?
Yes the game playing is rife, I know of one who wanted more staff = more clout at meetings. He was slowing down work to obstruct others to make a fuss, so he could lay claim to need more staff and thus gain more status. Sadly he was allegedly a ‘technically qualified’ person
Such “embedded” devices or even separate control PCs are widespread in the defence and postal sectors too. But as I mentioned earlier they are thoroughly isolated and air gapped. The problem that I have seen with my own eyes is that XP isn’t just in use on such systems, it’s still in widespread use on clinicians PCs too. Speculation. Just getting the patches out on (maybe) unaffected PCs (this malware can lie dormant for weeks) will I suspect be a manual affair as you can’t risk putting a machine back on the network. Problem is if they’ve disabled the USB and DVD drives by policy or software you may not be able to do even that (as you have to have it on the network to change the policy). I think I’d just be rebuilding the lot and be done with it. The problem I have seen with line of business software isn’t so much that it won’t work on a particular o/s, but that it will only work in a particular browser. And of course it costs money to put that right. The other thing with obsolete o/ses is that you may not be able to run up to date apps and those apps will have vulnerabilities too. Patch XP and you still have holes elsewhere. EDIT – Ed MS did warn of dire consequences. Each patch comes with an Affected Software and Vulnerability Severity Rating by o/s. I used to put these into a matrix for review by the Security Dept to decide if an accelerated roll out was required for a particular patch. In cases like this Security would have been on to us as MS would have pre warned them. In the case of MS17-010 it’s Critical / Remote Code Execution pretty much across the board link, enough to have alarm bells ringing.
Dave, I admit that it was some years ago and before widespread use of networking anyway, but I wrote data capture programs to take printer output, (actually from non-PC devices) so data could be processed downstream. I guess that is as close to air gapped as it needed to be. Though this was not full air-gapping since there was a one way output only electronic connection to a receiver. In some cases one device acted as a collector for more than one source.Printed output can be scanned into downstream machines to achieve suitable separation.
I wrote terminal emulation packages that could pretend to be a manual operator working via MMI ports to execute commands into a system to extract or input data, it was orders of magnitude faster than a human operator! This required some careful system management due to the rapid pace of inputs. As the data source was the only verified one in the business unit it ensured that systems were, for once consistent – yippee!
High value, but not depreciated devices with hard or impossible to upgrade OS systems can only be managed safely if there is a desire to achieve such a ‘breakthrough’.
I understand your comment on patching out of date machines, possible already nobbled machines. Re-imaging is ideal – probably a lot faster and ideally with a modern OS. This is perhaps the only way to achieve the required relief – if suitable images exist or can be created and if the hardware can support the image. Too many ifs to be a certain option.
With hind sight browser dependant business (non)systems were a terrible idea.
Which will cause the bigger business hit, ditching such rubbish now, or losing their network including the browser dependant crap at anytime?
I was surprised to see that even patched Windows 10 machines still had SMBv1 made available. Is there any advantage in not removing it as an active option? I have unticked it on my machine and that of my wife, so far without an apparent issue. At least one advisory suggested disabling it in this way.
I understand the existence of XP PCs varies by trust.
I suspect that it is unlikely that a problem like North Korea can be ‘solved’ in the normal sense. One has simply to hope that their apparent ravings are not the whole story and that this is simply a ploy to annoy others. Their rancid out pourings against just about everyone while expecting their fat lump to be revered by the rest of the world more or less takes the biscuit – which is more than many in North Korea had for their evening meal tonight.
Perhaps it is best to ignore them with some very quite responses as was it FDR once said, walk softly but carry a big stick. Do not hit North Korea, do not respond to them at all, but be ready to flatten them if they do something even more stupid than usual.
Meanwhile let life go on as normal all about them.
Bob, sadly the forces of nature rarely appear to be on the side of the good, though I do like your idea. Even more sadly Trump is a lost cause I wonder how the week will unfold for him in the Senate?
The embedded windows you refer to is I think called win xt or nx, they still gets security patches. Atms and stuff like that use it. Xp is almost two decades old, it was created in and for a pre Internet era, Ms should cut it lose Altogether.
Not relevant, this is not the full on embedded version like that used in ATMs but was a proper version used for such unimportant functions as CT scanners and MRI units and other ‘possibly useful’ stuff. If you are happy to do without those extra fair enough, others might like a more thought ful and pragmatic answer.
I guess you missed the point about a history of failure to apply patches at all? Since the latest figures show that many Trusts have gone to more modern systems anyway, but still got caught because of a lack of patching and generally poor IT hygiene habits there are some culture changes still urgently needed.
I repeat my closing remarks from earlier in case you missed them, ‘
Some greater effort to find solutions, not chest beating is clearly required. A year or two spent on re-certification is not usually helpful either.
Any ‘manager or ‘higher up’ who assumes, should be encouraged to assume they do not have a job.
FS, I can see your point but there are other issues in play. The patch still has to be applied and this appears to be an emerging issue. Patches appear not to have been applied where they should have been, thus allowing greater impact than would have been the case.
Secondly some equipment has embedded or semi embedded ‘PCs’ that cannot simply be replaced or easily ‘updated’ and which are not really PCs in the usual meaning, they are hardly ‘personal’. In the past it was sometimes the case, that no one made any efforts to even install available updates to such devices due to ‘policy stipulations’. A relation was told not to mess with several unpatched systems for this reason and no one else would tell IT about the issue either – the relation did make a report and some stink was kicked up.
Sadly if such equipment is not a short term depreciation PC but a major expense, capital item with no apparent upgrade path what should anyone do? Yes, the system managers should of course do everything they can to isolate such devices and use them in ways to mitigate threats.
It appears that this problem may apply not just to medical hardware but some in other fields such as manufacturing.
Hopefully, the original builders can be pressured to sort out the issue, though in some cases they have dropped out of the business. While spare parts can be obtained, (often they were bought in anyway), the overall machine design is a more difficult issue. Some greater effort to find solutions, not chest beating is clearly required. A year or two spent on re-certification is not usually helpful either.
Any ‘manager or ‘higher up’ who assumes, should be encouraged to assume they do not have a job
At least you have stopped the fertilizer dump, I d hope you will be stumping up for the investment in what is it 40,000 PCs, 80,000 PCs?
Just why are a whole raft of other businesses also suffering?
Or would it be impudent to ask they they are affected?
Were you even aware that PCs cost money, and that deployment can cost three times or more of their purchase price. Still we could cancel a NHS few appointments.
Or we could get rid of some of the dross managers, like the one empire builder I know of who was slowing down work so that other departments would apply pressure and he could try to justify a bigger staff count to give him more clout at managerial meetings.
Or staff who did not care to know that a process could do 40 times the work rate it was currently doing if it was used correctly? The bringer of this information was happy to move onto another location when the staff were unable to use the information or equipment correctly.
Come to think of it, that might have paid for a few of the PCs that you so crave.
At least those switched on locations who pulled their internet/intranet plugs this afternoon did the right thing, hooray for them if, big IF that is the whole story.
Relax and stop the fertilizer shower.
I have thrown up no smoke screen, but rather dislike your harping on about those you clearly show a visceral hatred towards. The attack is GLOBAL and affects huge numbers of other points beyond the NHS, FEDEX, many in the USA, South America, Europe, Russia, the Middle East and the Far East. There is no smoke screen from me but there is a putrid stench of miss-information about what you are pushing.
My local trust urgently disabled their internet at the first whiff of trouble elsewhere and according to staff working there have avoided trouble, fact; no smoke or mirrors. Nor any false claims about XP this, that and the other. See Dave’s far less emotive posting; human factors are a real issue, perhaps even the only issue: they almost always are at the root of problems.
I suggested some should calm down, I feel that is still a valid suggestion. Speculation sells news and phalse news sells even more, it never helps anyone except those guilty of hyperbole.
I have very recently been in touch with a relation who is currently on leave from his duties. He saw his colleagues earlier today and they confirmed that his work place and trust have not been hit but took action to block all internet access. As far as they knew the plans worked well and no damage was caused.
There is a greater issue, it is dead easy to blame the staff, the technology, etc. until the cows come home. The attack is global and some dick heads will pay/have paid, will they get their data back? The crooks will make some money and bit coin will get another notch in its bed post of shame. The only answer might appear be to disable links from e-mails until they were verified – except that another trick would be found to play to human factors, social engineering, etc.
The only certain fact is that it involves far more than the NHS which for our parochial reasons is hitting our headlines.
Do not wait up late for any FEDEX parcels over the next few days and a few other items may be about to crawl out of many bits of the wood work. At least DHL are still working OK and giving updates.
Ars reports that it was US Government’s NSA malware that was the root cause of the problem. As the vulnerability was patched by Microsoft back in March for Windows 7 and upwards, it looks like Dave pinpointed the NHS problems as being due to the service continuing to use obsolete XP machines and servers. Either that or gross incompetence by inexperienced or untrained IT staff. It also looks like May’s opponents have been handed a golden Election opportunity on a plate!
The ARS reports contains some questionable data, was it East and North Hereford NHS Trust website as they said or East and North Hertfordshire NHS Trust website as the rest of the media and the site linked to says?
No doubt dopey Corbyn will along with is army of fools claim that with just a few more thousands of clerks with quill pens it would never happen, but for how long has the NHS digital service run services across the globe? Is FEDEX really run by the NHS, along with chunks of the USA, South America Russia across Europe and the far East? Are they all using cast-off NHS XP machines?
Perhaps it would be worth calming down the rhetoric and settling for what is the real case?
Just been talking with my ex RMG colleague who’s now in one of the local Trusts. As soon as they heard they “pulled the plug” to isolate themselves. Looks like some big organisations on the Continent have been hit today too. Telefonica got mentioned.
Yes a few from the more thinking end the thought that there was probably a connection with suppliers and the spread of this trouble.The malware appears to be the same strain affecting many different organisations across Europe.
The ‘pull the plug’ reaction might not have been totally necessary but should limit the spread of damage. It will probably take a while to work through the estate to find out which machines have been affected,so get cleaned up and which have remained clean. I trust that someone has taken charge to ensure that access to the network and more particularly its connection(s) are tightly restricted until they are certain that only ‘clean’ machines can participate once more.
The post mortems could be interesting across a number of European locations next week.
I would expect that some bunch of lowlife will feel that they have hit their lucky day while they hope for a bonus. There is are reports that someone(?) might have paid up .
I will have to keep an eye on the cpu temps 
Don’t worry, give it a couple of paracetamol, bed rest and plenty of fluids and it will be fine… Err on second thoughts???
Lightscribe used a sort of double sided disk with a light, or more accurately laser sensitive surface on both sides. I cannot now remember if you had to turn the disk over or use a special double laser drive, but the laser recorded data tracks as per normal and then a laser in effect etched the label on the other side.
I agree with your concerns about labels, I did use them for a while but sometimes the glue did as you said, sometimes it did nasty things to the reflective layer on the topside of the disk causing the disk to be unreadable. While the track side was often looked after and people worried about scratches, it is the other side that was most likely to get damaged and make the disk unreadable. Labels and the wrong markers were very good at doing just that. Some would pull off the backing treatment, pretty but not useful.
Edit addendum;
The purpose of LightScribe is to allow users to create direct-to-disc labels (as opposed to stick-on labels), using their optical disc writer. Special discs and a compatible disc writer are required. Before or after burning data to the read-side of the disc, the user turns the disc over and inserts it with the label side down. The drive’s laser then etches into the label side in such a way that an image is produced.
Just Google ‘British Rail privatisation’. Virtually every entry examines in detail just why it was a disastrous failure by John Major. Not one deals with its successes (for very good reason). I rest my case. There is one dated paper in 2002 that fairly dispassionately lists the initial problems of privatisation, and other than Network Rail nothing has changed for the better and much for the worse (especially Southern Rail and inflationary ticket prices). It is quite a good read, and I believe historically accurate.
The problems of our broken railways run far deeper than any partisan studies. Since the mistake was made to nationalise them after they successfully got us through the war. The leadership of one side needs to keep as many bodies in the industry as it can, because from bodies comes their own strength. So years of wasted ‘investment’ on ever more complex and costly to maintain steam systems was fiercely maintained. The APT was ‘blacked as it did not have the space for a full compliment of crew sust like the steam engines of yore, sorry the day before. The only issue of safety that ASLEF and the RMT are worried about are their own union membership numbers. Southern. like all rail companies, (whether government owned or not) needs the correct staffing levels, not to be a pensioners club. Ticket offices are another dumb battle ground, with ever fewer passengers paying cash at a ticket window why ar they needed? Because they need lots of expensive staff to sit round doing nothing very much. Just look at the ways that other countries run their railways.
Should tracks and operation have been split? Probably not, they wroked better when part of the pre broken rail fiasco. Did they even work joined up in broken rail? No.
Anyone remember the death star delivery service operated by BR? Oops that should have been red star next day service. The one that took 3 weeks to deliver – because a consignment was accepted for an place with a listed but non operational station and BR were too dumb to deliver by a vehicle.
Just how large has the increase in passenger numbers been in the last few years?
Shooting the RMT leadership might help perhaps along with some of the management of the train company. However, back in the days of state run BR (Broken Rail?) which some so revere, when there were no trains during the day for the fourth weekday running (or not running?). I went to the administration office and warned them that I was about to use the rudest possible word for Broken Rail staff to hear. One or two huffed and puffed and tried to stop me, but they were too stunned when I spoke the terrible, evil word,
‘maintenance’
in their hallowed sanctum.
Stunned silence fell as I left the station master’s holy chamber with the terrible sound of that word ringing round the scene of their crimes against transport.
Of course the real value of all these fighting drivers was shown in the case of the Croydon tram disaster, where there was no automation to control the wetware in the front.
I thank god I will never again use trains and their work if the feel like it staff.
-
AuthorPosts