I read this about the ransomware outbreak that has crippled hospitals and other places that are running older versions of Windows – https://www.theverge.com/2017/5/15/15641198/microsoft-ransomware-wannacry-security-patch-upgrade-wannacrypt
One of the things that has always bothered me about Windows is how Microsoft will bring out an operating system, it spreads worldwide and then, after a few years, just stop supporting it; no more automatic updates and if your computer running an unsupported version of Windows has a problem, you’re faced with either paying Microsoft a lot of money to fix it up or pony up the money to buy a new computer that will support the latest version of Windows.
The article asks if Microsoft’s program of planned obsolescence is at blame and I kinda agree with that, plus I know all too well how fussy it is trying to get enterprise-level software current with updates; because of the number of computer systems involved – from servers to laptops, desktops, etc., just upgrading from say, Windows XP to Windows 7 can be a massive and expensive venture and even when such a project is approved, it takes time to implement… and that’s after a boatload of compatibility testing like you just wouldn’t believe.
I’ve been a part of too many of those upgrade projects and I can tell you that they’re no picnic. But because they’re so expensive in money and man-hours, a lot of businesses running enterprise-level versions of Windows take the “if it ain’t broke, don’t fuck with it” approach and that usually doesn’t help them to keep running systems that are really inadequate to keep up with how quickly the technology changes… and that’s even if something like this ransomware hack isn’t happening.
And, please, don’t get me started on how many people don’t keep their devices updated when updates are available or how many businesses are running inadequate versions of anti-malware software… and if they’re even running it at all. Even the anti-malware software I use on our computers, Malwarebytes, says that if you’re running the free version, your computer isn’t safe – just the folks running premium version of the software are safe from this hack.
The cyberwar is escalating and no one is safe because the companies that writes the software our many devices use really do think more about their bottom lines and how they can keep their product lines making them money and, sadly, continuing support for older software version takes huge bites out of their profits because they’d rather you replace your “outdated” hardware and software. The result, as you’ve probably been hearing about, is that a lot of people have been affected, from home users to hospitals and, here in the US, FedEx.
The costs to replace not only the affected systems and loss of data is staggering and I shudder to think of how those hospitals affected could be causing life or death situations for patients because they have no access to their computerized data and processes. The biggest and yet to be answered question is why would someone do this in the first place?
Because they can. Do the people who launched this attack have an agenda or some point they’re trying to make, some change in the world they’re trying to make happen by force? If they do, haven’t seen anything written about it but what’s really on my mind is whether or not device and software creators safe now going to see the folly of their planned obsolescence behavior. We are deeply invested in this electronic age and many of us have our whole lives on various devices and, sadly, devices that may or may not be immune to being hacked and held captive for money or some other unknown reason… or just for the hell of it and because it can be done.
Microsoft has developed the bad habit of releasing buggy software then relying on users to report problems so they can be fixed and it’s because it’s cheaper for them to do this than to pay a team of people to close up all the holes and make the software bulletproof before it goes gold and released to the public. Such an effort takes time and it’s proven to be a very shoddy way to do things; it might save them millions of dollars along the line… but the cost to users who get affected by these exploits has a price tag that goes beyond mere money.
Just my opinion but there has to be a better and more concerted effort by the companies involved to make damned sure that when we buy their products, we can use them without having to worry about being subject to a cyber attack. It seems to me that if they cannot provide a quality product, it might convince folks to not buy said products going forward and I do wonder if anyone has given any thought to what will happen to their corporate bottom lines if/when people decides it’s better to be safe than sorry and stop buying their stuff…