|
Kurieg posted:Use his contractors fee as an excuse to get his help putting in new equipment over the summer. Well yeah, that's exactly what I'm saying. Hire him for an installation contract. whoops; page snipe.
|
#
?
May 12, 2017 23:27
|
|
|
|
| # ? May 19, 2024 13:38 |
|
|
Ugh I just got woken after a night of way too much beer and ginger beer by my boss. On a Saturday at 9am. Is there actually a widespread global ransomware attack or can I go back to sleep after this hellish bowel evacuation? E: "The prime minister said the incident was part of an untargeted wider attack affecting organisations globally." Ah poo poo. iRend fucked around with this message at 00:49 on May 13, 2017 |
|
#
?
May 13, 2017 00:45
|
|
|
GnarlyCharlie4u posted:We had an HP printer completely shutdown a whole leg of our network. What the gently caress ConfusedUs posted:That poo poo is going code red all hands on deck serious all over. Is this legit? If so I think my server guys might hate me soon. E: I really don't even know why I thought there might be a patch. I just didn't want to make that call. Well at least it's something that set everyone's pants on fire we can push to upgrade with e: vv yeah that just occurred to me as I was dialing Ugato fucked around with this message at 04:18 on May 13, 2017 |
|
#
?
May 13, 2017 04:04
|
|
|
Ugato posted:Is this legit? If so I think my server guys might hate me soon. MS stopped doing patches for XP machines even under extended contracts years ago at this point, haven't they?
|
|
#
?
May 13, 2017 04:08
|
|
|
Ursine Catastrophe posted:MS stopped doing patches for XP machines even under extended contracts years ago at this point, haven't they? yeeeeep. Well last year maybe?
|
|
#
?
May 13, 2017 05:25
|
|
|
Ursine Catastrophe posted:MS stopped doing patches for XP machines even under extended contracts years ago at this point, haven't they? You can still get special extended contracts, as you can going back to the Windows 3.x versions. However the costs are supposedly in the millions a year easily.
|
|
#
?
May 13, 2017 05:41
|
|
|
"The alleged perpetrators are a group of Systems Administrator, or 'Sysadmins', who were, quote: 'so loving sick of those cheap dickheads refusing to upgrade to an OS that's been supported within the past three years.'"
|
|
#
?
May 13, 2017 07:13
|
|
|
22 Eargesplitten posted:"The alleged perpetrators are a group of Systems Administrator, or 'Sysadmins', who were, quote: 'so loving sick of those cheap dickheads refusing to upgrade to an OS that's been supported within the past three years.'" If that were the case, they'd have sent out an outage notice beforehand  .
|
|
#
?
May 13, 2017 09:15
|
|
|
Ursine Catastrophe posted:MS stopped doing patches for XP machines even under extended contracts years ago at this point, haven't they? OWLS! posted:yeeeeep. Well last year maybe? I couldn't remember exactly when so I looked it up. XP was end-of-life April 8, 2014. It's been over three years. Server 2003 was July 14, 2015. I assume this includes extended contracts, since it would be pointless to EOL it if they were, in fact, still developing patches.
|
|
#
?
May 13, 2017 11:41
|
|
|
Neddy Seagoon posted:If that were the case, they'd have sent out an outage notice beforehand They did, everyone just had a filter that sent it to spam. 
|
|
#
?
May 13, 2017 11:42
|
|
|
guppy posted:I couldn't remember exactly when so I looked it up. XP was end-of-life April 8, 2014. It's been over three years. Server 2003 was July 14, 2015. I assume this includes extended contracts, since it would be pointless to EOL it if they were, in fact, still developing patches. You'd be wrong, there are still extended contracts available for both O/S's. Stupidly, Windows XP Embedded, which differs from Windows XP by one registry setting, has support until the 2020's sometime.
|
|
#
?
May 13, 2017 11:48
|
|
|
EoRaptor posted:You'd be wrong, there are still extended contracts available for both O/S's. Stupidly, Windows XP Embedded, which differs from Windows XP by one registry setting, has support until the 2020's sometime. Ah, I stand corrected. That does turn out to be the end of extended support, though, according to Wikipedia; end of mainstream support was April 14, 2009. There is some kind of "custom support" offering, and in the event of really big security flaws like this one, they apparently still release emergency patches. XP Embedded support apparently ended January 16, 2016 (also over a year ago) although I assume they are still offering custom support plans if you pay enough.
|
|
#
?
May 13, 2017 12:02
|
|
|
Windows XP Embedded ended in 2016, but Windows Embedded Standard which was an updated version of the exact same operating system will carry on until 2019.
|
|
#
?
May 13, 2017 12:17
|
|
|
This one is such an incredible "Stallman was right again, welp" public relations disaster moment that MS has released an XP/2003 patch. The problem is also that hospitals have lots of equipment with an embedded Windows that never, ever gets updates. Now you might think it obviously insane to base an expensive vertical market machine that connects to the Internet on a copy of XP that never gets updated ever, but edit: also, Jeremy Hunt cut NHS funding and so they just decided ... not to upgrade the remaining kit, just tell NHS trusts "I dunno, do something with it." This clusterfuck is a clustered clusterfuck, each gently caress in the cluster containing a similar, smaller cluster of fucks. divabot fucked around with this message at 13:03 on May 13, 2017 |
|
#
?
May 13, 2017 13:01
|
|
|
divabot posted:This one is such an incredible "Stallman was right again, welp" public relations disaster moment that MS has released an XP/2003 patch. Oh, huh, turns out you DO need money for things that are not explicitly front line services, and hospitals and GP surgeries don't run on 100% doctors and nurses. Who knew? (A: everyone, including Hunt knew)
|
|
#
?
May 13, 2017 14:51
|
|
|
guppy posted:I couldn't remember exactly when so I looked it up. XP was end-of-life April 8, 2014. It's been over three years. Server 2003 was July 14, 2015. I assume this includes extended contracts, since it would be pointless to EOL it if they were, in fact, still developing patches. You can contract with Microsoft for special extended service, including security patches, for OSes going back at least as far as Windows 3.x. The catch is, you start having to pay millions a year easily. This has no expiry date so long as you keep paying, unlike the standard free patching support you get with the normal licenses. Of course, most companies that still use these no-longer-supported OSes aren't going to bother to spend millions a year for security patches. If they were interested in spending money, they'd have just upgraded to a supported OS in the first place.
|
|
#
?
May 13, 2017 15:31
|
|
|
fishmech posted:Of course, most companies that still use these no-longer-supported OSes aren't going to bother to spend millions a year for security patches. If they were interested in spending money, they'd have just upgraded to a supported OS in the first place. 
|
|
#
?
May 13, 2017 15:34
|
|
|
I can't really blame them for wanting it to be worth their while to have people writing patches for ancient operating systems as opposed to focusing on current products.
|
|
#
?
May 13, 2017 15:42
|
|
|
Can you imagine being the guy who's job it is to write security patches for Windows for workgroups?
|
|
#
?
May 13, 2017 15:50
|
|
|
I seem to remember hearing that MS has a patch group just for supporting ancient OSes for the Department of Defense.
|
|
#
?
May 13, 2017 16:09
|
|
|
Humbug Scoolbus posted:I seem to remember hearing that MS has a patch group just for supporting ancient OSes for the Department of Defense. It's not just for the DoD. It's just that the DoD is by far the largest customer for the patches. The next largest customer is rumored to be the US federal government besides the DoD, and then various NATO militaries. RFC2324 posted:Can you imagine being the guy who's job it is to write security patches for Windows for workgroups? Frankly it'd be an easy job by now. So many modern security issues just don't work on it! There's already tons of malware and other exploits out there that no longer run on Windows 95/98/ME because they simply aren't new enough for them. For instance, most Cryptolocker-type malware relies on crypto APIs only introduced in Windows 2000 or XP, and even when they don't they expect an NT kernel to run against. Since Windows 98 lacks both of those things, the malware will just crash. Honestly, if you're in an environment where something "has to be" Windows XP so some creaky old program can work - it might be for the best to replace that system with Windows 98SE. The old program was probably developed for DOS or Windows 3.x/9x anyway so it'll run fine, and Windows 98 is just plain too old to be affected by many current threats. For the ones which work on it anyway, the XP machine would be just as vulnerable, so you're not really losing any security. As a bonus, since no modern browser runs on Windows 98, you won't get idiots using it to gently caress around online as much, further reducing the attack surface.
|
|
#
?
May 13, 2017 16:20
|
|
|
Ursine Catastrophe posted:They did, everyone just had a filter that sent it to spam. "I don't read emails from IT."
|
|
#
?
May 13, 2017 16:26
|
|
|
fishmech posted:It's not just for the DoD. It's just that the DoD is by far the largest customer for the patches. The next largest customer is rumored to be the US federal government besides the DoD, and then various NATO militaries. I find it hilarious that we are at a point where we are trying to convince people to downgrade below XP instead of just upgrading.
|
|
#
?
May 13, 2017 16:35
|
|
|
fishmech posted:Frankly it'd be an easy job by now. So many modern security issues just don't work on it! My thought is that it would suck for being boring, and make you likely the leading expert on knowing when someone is spearphishing you.
|
|
#
?
May 13, 2017 17:11
|
|
|
Speaking from the experience of working on a product with long support contracts, there probably isn't someone dedicated to the old release as much as whatever component team dreading the next time they get called on to produce a hotfix for the ancient version of their component, probably with little to know documentation or build infrastructure in place.
|
|
#
?
May 13, 2017 17:28
|
|
|
UK government, 2015: You're on your own to upgrade XP. They determined they weren't paying for super-extended support. Which is fair enough, but they then didn't give the departments - including the NHS - the funding they needed to clear out the unsupported XP. Leading directly to last night. Our local hospital's A&E (Whipps Cross) is open again. It was eerie last night having a Friday evening without ambulance sirens. Sure wasn't because the Engrish had given up their national pastime of getting drunk and maiming each other.
|
|
#
?
May 13, 2017 17:34
|
|
|
divabot posted:Sure wasn't because the Engrish had given up their national pastime of getting drunk and maiming each other. You could've just said there was a football match on.
|
|
#
?
May 13, 2017 17:41
|
|
|
fishmech posted:It's not just for the DoD. It's just that the DoD is by far the largest customer for the patches. The next largest customer is rumored to be the US federal government besides the DoD, and then various NATO militaries. 
|
|
#
?
May 13, 2017 19:41
|
|
|
Two tickets came in A user cannot log on Fired, no one told Seriously, this guy's been terminated and no ones told him and he's sitting there wondering why he can't log in remotely. I really don't see why IT is being tasked with telling him this, but our site manager is gonna do it
|
|
#
?
May 13, 2017 20:56
|
|
|
I had the same thing happen once, our reply was "You need to speak to your supervisor" and problem solved. What actually pisses me off is when people "fire" someone then don't tell HR, or HR takes forever in notifying IT, so their accounts stay active and I wind up having to file a bunch of incident reports about it.
|
|
#
?
May 13, 2017 22:02
|
|
|
I've taken to checking the intranet for staff departure. HR feels it's important to update the announcement page when somebody quits but can't be assed to send me a quick email.
|
|
#
?
May 13, 2017 22:29
|
|
|
From a contact in NHS IT: no patient data compromised (it's all safely off in data centres), only end user client PCs were cryptolocked; no bitcoin paid out, just IT people reimaging thousands of PCs. Phew! Good the NHS dodged a bullet; I'm sure they won't go off and be complacent now.
|
|
#
?
May 14, 2017 00:31
|
|
|
Neddy Seagoon posted:If that were the case, they'd have sent out an outage notice beforehand Ursine Catastrophe posted:They did, everyone just had a filter that sent it to spam. Criminally overlooked posts here 
|
|
#
?
May 14, 2017 02:33
|
|
|
divabot posted:Phew! Good the NHS dodged a bullet; I'm sure they won't go off and be complacent now. I'm sure the current UK government will give them time and funds to fix the issues and not use this as an excuse to punish them even more.
|
|
#
?
May 14, 2017 08:59
|
|
|
IndustrialApe posted:I'm sure the current UK government will give them time and funds to fix the issues and not use this as an excuse to punish them even more. Expect more outsourcing that will cost the NHS even more.
|
|
#
?
May 14, 2017 11:29
|
|
|
spog posted:Expect more outsourcing that will cost the NHS even more. It's OK, I believe Capita has just started a cyber-crypto-bitcoin-crime-secure-thing division who are obviously the ideal organisation to take this forward.
|
|
#
?
May 14, 2017 12:20
|
|
|
spog posted:Expect more outsourcing that will cost the NHS even more. divabot posted:It's OK, I believe Capita has just started a cyber-crypto-bitcoin-crime-secure-thing division who are obviously the ideal organisation to take this forward. Oh, I'm certain of that happen. Same with everyone who's talking about Cyber Delta Works in the Netherlands due to this. They probably got a perfect candidate who's willing to do this.
|
|
#
?
May 14, 2017 13:05
|
|
|
A lot of people have been referring to this as a Bitlocker and I'm pretty sure some marketing manager at Microsoft is having a meltdown.
|
|
#
?
May 14, 2017 18:49
|
|
|
I run https://fsrm.experiant.ca - can you tell when WanaCrypt news started breaking out?
|
|
#
?
May 15, 2017 00:04
|
|
|
|
| # ? May 19, 2024 13:38 |
|
|
Judge Schnoopy posted:I've taken to checking the intranet for staff departure. HR feels it's important to update the announcement page when somebody quits but can't be assed to send me a quick email. drat. I'm guessing y'all who have to hunt terms are not being audited. I will say some bad things about SOX, but forcing SOD and a termination policy are a benefit.
|
|
#
?
May 15, 2017 04:17
|
|
