Please run windows update now

Randy Bush randy at psg.com
Mon May 15 08:48:51 UTC 2017


> Or BSD, or anything but Windows.  Anyone running Microsoft products
> is quite clearly an unprofessional, unethical moron and fully deserves
> all the pain they get -- including being sued into oblivion by their
> customers and clients for their obvious incompetence and negligence.

aside from being grossly rude, hyperbolic, and uninteligent, this rant
ignores reality enough to make you a viable presidential candidate.

80% of desk/laptops run windows.  get over it.  windows is embedded in
many systems which will be hard to update in an hour or 100 hours.  and
rude ranting is not doing one micron to help deal with it.

embedded systems are very hard to update, think special drivers, kinky
mods, ...  aside from the long softdev time, how much time do you think
QA will take for moving a piece of medical equipment from xp to win10,
let alone bsd?  and the state of the bsd update process is not something
to describe in polite company.

we have a vulnerable chain from weak software (which is improving, and
msoft has been in the lead there for a decade), to nsa/cia not
disclosing, to people choosing or having to run old versions (of
whatever (and linux/bsd are not immune) for financial or technical
reasons, to the conservative or lazy logistics of patching.  we can try
to improve things at each link.  but this is gonna be slow.

though this ransomware attack is not really that much larger than other
attacks in the past (and the future is not cheering), at least it has
reached the front pages and maybe people will patch more and vendors
will issue more/better updates.  but, as @zeynep says, the lack of
liability along the chain above allows bad practices to continue.

in the meantime, backup, backup and take it offline so it does not get
encrypted for you, patch, turn off unnecessary services/options, rinse
repeat.  and try to promote prudent use among friends, family, and
workplace.

randy


More information about the NANOG mailing list