Instead, the policy choices of the last thirty years seem to have led to Boeing 737 Max-style crises, everywhere, but out of sight. Don’t be bummed out, because as scary as this stuff sounds, it’s all fixable, mostly by doing a lot of the things Matt tends to write about. In Maryland, the National Security Agency had a very different notion of how serious this breach was and how much Microsoft’s control over our computer systems matters. In fact, it was so serious that it was the NSA who disclosed the existence of the issue to Microsoft. This was the first time that Microsoft has credited the NSA for a reported security vulnerability. In other words, in cyber speak, it’s a five alarm fire.
The potential impact on the systems is tremendous:
While the Windows breach probably didn’t affect your machine, it could affect your life. Breaches of Windows or underlying operating systems, or just bad software development practices regularly cost time, lives and money. Sometimes it’s inconvenient, like when airline reservation systems go down and cancel or delay thousands of fights. It can be annoying, like in 2016 when AirBnB, Paypal, Twitter and Reddit went down due to an attack by infected ‘Internet of things’ systems, or when hackers took control of tornado sirens near Dallas in 2017 and set them on and off between 2:30 and 4:00 AM one morning.
In effect, while the proprietary systems are not “bad” or “terrible” when the managers make the choices for their workforce, one needs to understand that the complex codes are essentially the liabilities placed on us as a society. Megacorporations can easily escape fines (or settlements) running into millions of dollars without batting eyelids- they refer to them as “costs of doing the business”. However, as we advance towards the increasing role of the same corporations in the healthcare (and increasingly mission critical systems for healthcare), we need to address these issues.
That’s why I usually link to these stories here (including the unfortunate ransonwares) because of extremely idiotic reliance on Microsoft.
I mean, why not use BSD (or thin Linux clients)?