|
devmd01 posted:Usually hospitals will just contract with GE or whatever to support their stuff. And if the decompile/rewrite thing were to happen I'm assuming the support path becomes somewhat more, um, complex?
|
# ? Jul 18, 2020 18:55 |
|
|
# ? May 25, 2024 00:16 |
|
At the risk of outing myself, I work for one of those third party biomed firms...that isn’t something we would touch with a ten foot pole. There is way too much regulation around medical devices and software validation that it wouldn’t be worth the effort. See: Therac-25. We focus our cyber security efforts around risk mitigation, i.e. advising on network isolation/segmentation and applying patches to devices where appropriate. Security in the medical device industry is getting better but given the capital expense of devices like an MRI they have a lifespan far beyond what is appropriate for the software and operating systems that run them. devmd01 fucked around with this message at 19:26 on Jul 18, 2020 |
# ? Jul 18, 2020 19:22 |
|
I’m reminded of an old client that was a vet clinic. Their ultrasound machine had a bad hd and didn’t boot anymore. We had to order a new 1.8 inch drive, gerry-rig an adapter, get the original drive cloned, rebuild the boot image, and copy some system files that had been corrupt. They did not even blink at the $3k bill they got for fixing it as replacing it would have been 10x that.
|
# ? Jul 18, 2020 19:32 |
|
mllaneza posted:
|
# ? Jul 18, 2020 20:04 |
|
GreenNight posted:Can they be run in a WinXP virtual machine? Maybe ! My director doesn't want our group to own the infrastructure behind managing a few hundred business-critical VMs for, basically, until the end of time. And he's right, that's wildly out of scope for us. We did a PoC, it works, we're done with it.
|
# ? Jul 18, 2020 20:06 |
|
mllaneza posted:Maybe ! My director doesn't want our group to own the infrastructure behind managing a few hundred business-critical VMs for, basically, until the end of time. And he's right, that's wildly out of scope for us. We did a PoC, it works, we're done with it. I guess my thought is if you can image it and turn it into a VM, you can run it on anything for the rest of time.
|
# ? Jul 18, 2020 20:12 |
|
mllaneza posted:I might get to do that in December for a whole OU. That OU being "Win7/XP machines without an upgrade path to Win10 but still run instruments". I'd like to remove Ipv4 and IPv6 entirely, but some of them need IPv4 to talk to the instruments. These things are appliances that just happen to run Windows - I have to deal with the same sort of issues with CNC machines. Each machine goes on its own segment of network, you don't try and apply group policies or manage it like it's a workstation, only the workstation(s) that needs to interact with it can make inbound connections, the same sort of stuff you'd do for any black box IoT appliance that you know nothing about.
|
# ? Jul 18, 2020 21:30 |
|
GreenNight posted:I guess my thought is if you can image it and turn it into a VM, you can run it on anything for the rest of time. In our case the problem tends to be that the instruments are so old that they don't support communication via ethernet or even USB. Also dongles.
|
# ? Jul 18, 2020 22:03 |
|
GreenNight posted:I guess my thought is if you can image it and turn it into a VM, you can run it on anything for the rest of time. Right. But our upper bound is 600 non-compliant systems. That's not something to be taken on lightly. All of those VM hosts will need to be managed through their hardware and software lifecycles. We're a glorified desktop support department. My team handles anything that isn't a standard corporate build running standard software, a VM host is in-scope, 600 VM hosts is not. Sheep posted:In our case the problem tends to be that the instruments are so old that they don't support communication via ethernet or even USB. Also dongles. Passthrough of serial and USB ports to any VM is solid enough for dongles and controlling devices over RS-232. I've done it with both kvm and HyperV. Use a PCI card or USB-serial adapter to add serial ports to a modern system.
|
# ? Jul 18, 2020 22:16 |
|
mllaneza posted:Right. But our upper bound is 600 non-compliant systems. That's not something to be taken on lightly. All of those VM hosts will need to be managed through their hardware and software lifecycles. We're a glorified desktop support department. My team handles anything that isn't a standard corporate build running standard software, a VM host is in-scope, 600 VM hosts is not. It seems like it would be cheaper to hire someone to manage this infra than to get new.
|
# ? Jul 18, 2020 22:42 |
|
mllaneza posted:Passthrough of serial and USB ports to any VM is solid enough for dongles and controlling devices over RS-232. I've done it with both kvm and HyperV. Use a PCI card or USB-serial adapter to add serial ports to a modern system. A lot of modern systems actually still have serial ports, or at least headers for it on the motherboard. The IT department at work is dead-set on removing a Windows XP machine that's still in use to control a hydraulic press and also some other software that refuses to run on anything newer. Turning it into a standalone with no network attachment was acceptable until they realized we'd be using USB drives to get the data off. When I questioned one of them on why it would be a problem if we use a known clean USB drive that's never leaving the premises and only touches computers that are properly updated and stuff, the answer was "what if the XP computer already has a virus?" "Then it would already be crypto-ing the entire network, not waiting until someone disconnects it from the network to hopefully infect a usb drive and then magically start crypto-ing the network from a fully up to date Windows 10 computer." "We take network security very seriously after last time!!" (Last time refers to the time the network got crypto'd and their backups were hit as well.) This is the same department that gives every user local admin and only passive-aggressively started putting passwords on the advanced settings in ESET after I added a firewall exception for a PLC's internal IP address. Without reverting my change, making my computer the de-facto only system able to talk to the loving PLC.
|
# ? Jul 18, 2020 23:04 |
|
Geemer posted:A lot of modern systems actually still have serial ports, or at least headers for it on the motherboard. I was waiting for the twist in the last paragraph and I was not disappointed.
|
# ? Jul 19, 2020 00:02 |
|
I see that Colorfinger is streaming some piano playing. Am I hallucinating or did he once do a beautiful rendition of 'Part of Your World' except it was flavored after Larches IT adventures? Does anyone have that song bookmarked/saved anywhere?
|
# ? Jul 19, 2020 01:58 |
|
Geemer posted:The IT department at work
|
# ? Jul 19, 2020 02:07 |
|
Hughmoris posted:Am I hallucinating or did he once do a beautiful rendition of 'Part of Your World' except it was flavored after Larches IT adventures? Does anyone have that song bookmarked/saved anywhere? You are not hallucinating, he did it and it was glorious. Pretty sure it was called Part of IT. But I don't have it bookmarked and a quick Google search isn't turning it up .
|
# ? Jul 19, 2020 02:15 |
|
Super Soaker Party! posted:You are not hallucinating, he did it and it was glorious. Pretty sure it was called Part of IT. But I don't have it bookmarked and a quick Google search isn't turning it up . Found it! https://forums.somethingawful.com/showthread.php?noseen=0&threadid=3564747&pagenumber=872&perpage=40#post458610763 He just did a fresh rendition on Twitch. Those lyrics were a thing of beauty.
|
# ? Jul 19, 2020 02:19 |
|
Super Soaker Party! posted:You are not hallucinating, he did it and it was glorious. Pretty sure it was called Part of IT. But I don't have it bookmarked and a quick Google search isn't turning it up . It was Out of IT, attributed to Josh Jones and Lunar Suite. I have the link bookmarked but it's coming back as a private video now. https://www.youtube.com/watch?v=yqjpJtL5D-k is where it used to live.
|
# ? Jul 19, 2020 03:35 |
|
Geemer posted:A lot of modern systems actually still have serial ports, or at least headers for it on the motherboard. We only just dropped the serial port from the standard desktops, network and USB connected instruments are now very solidly in the majority.
|
# ? Jul 19, 2020 06:06 |
|
mllaneza posted:I might get to do that in December for a whole OU. That OU being "Win7/XP machines without an upgrade path to Win10 but still run instruments". I'd like to remove Ipv4 and IPv6 entirely, but some of them need IPv4 to talk to the instruments. We've put those on a quarantine VLAN. They can only interact with each other, WSUS, but not the outside world. And yeah, we have those too. Including some very expensive electron microprobes running win95? or so. Luckily, those are old enough not to have a TCP/IP stack
|
# ? Jul 19, 2020 22:24 |
|
mllaneza posted:I might get to do that in December for a whole OU. That OU being "Win7/XP machines without an upgrade path to Win10 but still run instruments". I'd like to remove Ipv4 and IPv6 entirely, but some of them need IPv4 to talk to the instruments. Wait is there a separate kind of MRI machine for babies or is this just a slightly smaller version of a different MRI machine.
|
# ? Jul 19, 2020 22:30 |
|
Presumably the non-baby ones are the ones that they have in Seaworld?
|
# ? Jul 19, 2020 23:07 |
|
A ticket came in:quote:Computer makes error noise every time I click the mouse. Internet very slow. Ticket closed: quote:Ticket closed. Cat sleeping on keyboard and holding down the "," key. When asked why, user stated "I didn't want to disturb her"
|
# ? Jul 20, 2020 15:40 |
|
That is entirely reasonable, yes. Also, goongrats on the move, job escape, new life, new identity, etc etc etc, Larches. I let this thread go once covid hit, and only just now caught up.
|
# ? Jul 20, 2020 16:32 |
|
Antigravitas posted:We've put those on a quarantine VLAN. They can only interact with each other, WSUS, but not the outside world. We were able to get Networking to start a quarantine segment project, I just have to hope they get it ready in time to cut over as planned.
|
# ? Jul 20, 2020 16:32 |
|
larchesdanrew posted:This is true! I don't mean to hijack the thread about this, but it's something I kept hidden for a very long time. It was the deciding factor of my moving. Now I get to be my authentic self and work for a really understanding and supportive business in a neat city on top of it. moving to Denver and revealing yourself buddy. Make sure you check out Blush n Blu 💖 Also, once you have the job, people usually love the horror stories that make the current job sound like paradise, so don't be afraid to share
|
# ? Jul 20, 2020 16:42 |
|
now that i'm off probation (bad posting) i'm also happy to say congratulations to larchesdanrew on the changes and improvements in your life!!
|
# ? Jul 21, 2020 17:22 |
|
take: "Executive Assistants" are professional Karens
|
# ? Jul 21, 2020 19:00 |
|
I dunno about that, in my company it's more like the executives they support are corporate Karens.
|
# ? Jul 21, 2020 19:04 |
|
TITTIEKISSER69 posted:I dunno about that, in my company it's more like the executives they support are corporate Karens. This is far more universal. Some executive assistants tend towards that, but almost all executives score high on the Karen scale.
|
# ? Jul 21, 2020 19:09 |
|
In a previous role at my University I took care of a department that just kept and maintained expensive equipment: lasers, microscopes, etc. There was a room with two older scanning electron microscopes, and a computer connected to each, one ran Win95, the other Win98. The Win98 machine kept getting kicked off the network by the central security team because they'd see traffic that would profile as Win98 and apparently lots of malware would profile like that as well so they'd assume it was malicious and pop it offline. The Win95 computer didn't have that problem. Also we were connected to the campus' centrally provided chilled water line, and at some point some of the water was brown. It got brought up in a staff meeting: "Oh I had some time so I put it under the scanning electron microscope, it was mostly iron, so just some rust." He solved the problem by LOOKING AT THE ATOMS like 6 or 7 years later I still can't get over that.
|
# ? Jul 22, 2020 01:04 |
|
FISHMANPET posted:In a previous role at my University I took care of a department that just kept and maintained expensive equipment: lasers, microscopes, etc. Shot in the dark, but did you happen to be there in 2004? In the latter half of that year, I did a couple months at VisionTek customer support. We once got a call from a university needing old video card drivers for their Windows 95 computer controlling an electron microscope.
|
# ? Jul 22, 2020 01:18 |
|
Lol that's waaaaaay farther back than me. I was still in high school in 2004. Oh one other funny thing about that pair of microscopes, the one connected to Win95 had a little note taped to the display (of the microscope, not the computer) that said to turn it off when you weren't using it to observe, because the tube wasn't produced anymore so eventually they'd be unable to replace it when they burnt out.
|
# ? Jul 22, 2020 02:20 |
|
FISHMANPET posted:Also we were connected to the campus' centrally provided chilled water line, and at some point some of the water was brown. It got brought up in a staff meeting: "Oh I had some time so I put it under the scanning electron microscope, it was mostly iron, so just some rust." He solved the problem by LOOKING AT THE ATOMS like 6 or 7 years later I still can't get over that. That's one of the upsides of the job, just being surrounded by people with expensive toys who know how to use them. We even have internal workshops for making custom equipment, so if I need any custom made metal or wooden parts I can ask them. The idiot bean counters axed our glass blowers sadly, which continues to baffle me. Though the best part of the university job is the food during Christmas. We have people from all over the world working here and everyone brings some food.
|
# ? Jul 22, 2020 10:25 |
|
Antigravitas posted:The idiot bean counters axed our glass blowers sadly, which continues to baffle me. That is utterly baffling. Was hardly anyone using them, or had they just never actually seen how much a lot of custom glassware actually costs if you don't have your own glass blower?
|
# ? Jul 22, 2020 11:33 |
|
senrath posted:That is utterly baffling. Was hardly anyone using them, or had they just never actually seen how much a lot of custom glassware actually costs if you don't have your own glass blower? "Pah, how much can test tubes cost? They're like a dollar each on Amazon" *Pays for German glassblower to fly over from Hamburg with custom glassware as his handluggage*
|
# ? Jul 22, 2020 11:40 |
|
senrath posted:That is utterly baffling. Was hardly anyone using them, or had they just never actually seen how much a lot of custom glassware actually costs if you don't have your own glass blower? They were well used. All in all a glass blower isn't that expensive. But it is literally impossible to have the tight feedback loop between experiments and glassworks with outside glass makers, so some things just aren't possible anymore. Some experiments just can not be performed at all.
|
# ? Jul 22, 2020 12:27 |
|
That's rough. My own experience with glass blowing just comes from doing grunt work in a chem lab, where the price savings of an in house blower were definitely discussed more than having to get a piece refined over multiple iterations.
|
# ? Jul 22, 2020 12:35 |
|
Had a friend growing up that had a whole glass blowing setup in his garage, not sure if his dad did it as a hobby, side gig, or what, but man that looked fun; buddy actually ended up learning it from his dad and would make pipes and such, dad did not care.
|
# ? Jul 22, 2020 14:36 |
|
A ticket came in, and I paraphrase: “please open up a production SQL server on 1433 to the Internet for a vendor proof of concept, this is their source IP.” Hahhahaha oh hellllll no.
|
# ? Jul 23, 2020 14:42 |
|
|
# ? May 25, 2024 00:16 |
|
A ticket came in:quote:Please help us Not a single identifying piece of information. How ominous.
|
# ? Jul 23, 2020 15:23 |