WannaCry [OT]

Ralph DiMola rdimola at evergreeninfo.net
Sat May 13 18:47:35 EDT 2017 

I still run batch processing on a pair of VAXs running Open VMS. No viruses
on these babies. They've been booted for ...

"OpenVMS V7.1  on node ALBVM1  13-MAY-2017 18:44:45.72  Uptime  921
21:52:27"
"OpenVMS V7.3-2  on node EISVM1  13-MAY-2017 19:31:56.06  Uptime  72
11:09:55"

The lame 72 days on the second VAX is only because I did not get the
generator on-line fast enough 72 days ago when I lost street power.

Ralph DiMola
IT Director
Evergreen Information Services
rdimola at evergreeninfo.net

-----Original Message-----
From: use-livecode [mailto:use-livecode-bounces at lists.runrev.com] On Behalf
Of Richmond Mathewson via use-livecode
Sent: Saturday, May 13, 2017 1:05 PM
To: How to use LiveCode
Cc: Richmond Mathewson
Subject: Re: WannaCry [OT]

I cannot afford to be smug as my Linux rig (Xubuntu 16.04 64-bit) was hosed
completely about 4 months ago and I only managed to reciver about 5% of my
files.

What I do not understand is how organisations like the British State Health
System (NHS) cane be so bl**dy stupid to rely on Windows, without
(obviously) all sorts of safeguards.

My "underpants" may have a few holes in them, but everyone knows that
Windows is more holes than underpants, and it has been quite adequately
demonstrated that Windows executables running under WINE on Linux tend to be
faster and less vulnerable to viruses.

In about 1985, when I was an undergraduate, the news about AIDS was suddenly
announced, and the TV and radio was banging on about "preventative
measures": obviously the British medical authorities know their stuff re
medical matters, but when it comes to computer systems they neither know
anything much about them, nor do they employ people who do.

----------

  Many years ago I read a science fiction book about people living in a
ploice state on Venus, which was, for the purposes of the story, a steamy,
soggy jungle planet with lots of muddy, hummocky islands in one big bog. The
rebels started communicating via AM radio (Amplitude Modulated) because the
authorities of the dictatorship had forgotten about that "old-Tech" and were
using FM (Frequency Modulated) equipment for all their communication needs.

Three days ago I got an e-mail from a chap in Ireland using a Commodore 64!

So, the answer, for us folks who don't have "endless boodle" to constantly
upgrade/update our machines, may lie in retreating into using ancient
machines . . . . so, I suppose my Summer will be spent on getting a
Winchester disc into my BBC Master Compact and sorting out how to get the
5-pin DIMM connection at the back to let me send and recieve e-mail
messages: after all, in 1989 I was using it, via Etisalat, to communicate
with various services even before the internet started.

You cannot send a virus to a BBC because the whole system resides on a ROM
chip!

Anyway, just at the moment I'm dusting off my G3 iMac running Mac OS
9.2.2 with Classilla.

Richmond.

On 5/13/17 6:36 pm, Richard Gaskin via use-livecode wrote:
> Richmond Mathewson wrote:
> > " The WannaCry virus only infects machines running Windows"
> >
> > http://www.bbc.com/news/technology-39896393
> >
> > Err . . . Linux
>
> While it's true that this particular exploit is dependent on a 
> Windows-specific vulnerability, this is no time for smugness. There's 
> a larger issue here relevant for all of us:
>
> IF YOUR SYSTEM US NO LONGER RECEIVING UPDATES, IT'S NO LONGER 
> RECEIVING CRITICAL SECURITY PATCHES FOR KNOWN VULNERABILITIES.
>
> Any such system, if connected to any network that connects to the 
> Internet, should be considered too dangerous to use.
>
> Doesn't matter whether it's Windows, macOS, or Linux.  Once the OS has 
> reached EOL, either upgrade to a supported OS version or turn off all 
> network connectivity.
>
>
> This exploit has become a global tragedy, but worse is that it appears 
> to have been preventable:
>
> Microsoft issued a patch protecting against this months ago, and for 
> the (shockingly large number of) machines still running XP, Microsoft 
> spent literally millions over a many years reminding everyone of XP's 
> EOL date and encouraging them to upgrade to a supported OS version.
>
> Apple (for reasons only they can discern but AFAIK have not disclosed) 
> are less kind to their users, often stopping updates without explicit 
> notice and little if any forewarning.  They do advertise when new 
> versions are available, but generally haven't provided clear notice 
> when EOL is reached for a given version. For example, when Snow 
> Leopard reached EOL, even though some 19% of all Macs were still 
> running it, no notification was provided that it would not be 
> receiving patches; it simply stopped getting them.
>
> With Ubuntu, EOL date is well advertised even before a version is 
> released.  That project follows a fixed release cycle in which all 
> long-term support versions get exactly five years of updates, and all 
> interim releases get 18 months of updates.  You know even before you 
> download exactly when it will reach EOL.
>
> With all three, once you know it's reached EOL you must either 
> upgrade, or put yourself and your organization at risk.
>
> If the post-EOL exploits that occurred with Best Buy and Target a 
> couple summers ago didn't drive the point home clearly enough, 
> yesterday's global attack should:  "What, me worry?" is not a sound IT 
> policy.
>

_______________________________________________
use-livecode mailing list
use-livecode at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

More information about the use-livecode mailing list