Exactly! You do it internally for a long time, then you try a few customers, then a few more, for a long time, etc. I haven't done that type of software, I work with medical equipment but since that is under FDA, updates don't get pushed that often because then the device has to be recertified by FDA. So, yea, it goes thru lots of testin…
Exactly! You do it internally for a long time, then you try a few customers, then a few more, for a long time, etc. I haven't done that type of software, I work with medical equipment but since that is under FDA, updates don't get pushed that often because then the device has to be recertified by FDA. So, yea, it goes thru lots of testing, too and the code is locked down which also begs the question of what type of configuration control they are using. I'm thinking it was intentional at this point. And the fact that it affected computers in medical facilities also begs the question of why in the world those computers are allowed to accept uncontrolled automatic updates. IDK, maybe it was only the scheduling software in the medical offices and not the FDA approved devices but I bet medical facilities are turning off automatic updates now!
This is a "dammed if you do and dammed if you don't". Most people don't realize that their devices are constantly calling home to the vendor. Microsoft Defender is enabled by default if you do not install third party software.
Patching is good IT hygiene but IT departments need to go back to the dev, test, production model where updates are tested first before being put into production.
Standalone devices are inherently more secure because they require physical access, but problems can still occur. A great example is the joint US-Israeli Stuxnet attack against the Iranian centrifuges: https://en.wikipedia.org/wiki/Stuxnet
The malware was able to access the Iranian computers via USB thumb drive - no external connectivity required.
Silly me, I thought they did dev, test, production model.
One thing this demonstrated was the vulnerability of the whole dang system. Everyone involved downstream should be having emergency meetings how to prevent this in future. 911 disrupted all day, NOT acceptable and if that means no more computers with Microsoft OS, so be it.
Exactly! You do it internally for a long time, then you try a few customers, then a few more, for a long time, etc. I haven't done that type of software, I work with medical equipment but since that is under FDA, updates don't get pushed that often because then the device has to be recertified by FDA. So, yea, it goes thru lots of testing, too and the code is locked down which also begs the question of what type of configuration control they are using. I'm thinking it was intentional at this point. And the fact that it affected computers in medical facilities also begs the question of why in the world those computers are allowed to accept uncontrolled automatic updates. IDK, maybe it was only the scheduling software in the medical offices and not the FDA approved devices but I bet medical facilities are turning off automatic updates now!
This is a "dammed if you do and dammed if you don't". Most people don't realize that their devices are constantly calling home to the vendor. Microsoft Defender is enabled by default if you do not install third party software.
Patching is good IT hygiene but IT departments need to go back to the dev, test, production model where updates are tested first before being put into production.
Standalone devices are inherently more secure because they require physical access, but problems can still occur. A great example is the joint US-Israeli Stuxnet attack against the Iranian centrifuges: https://en.wikipedia.org/wiki/Stuxnet
The malware was able to access the Iranian computers via USB thumb drive - no external connectivity required.
Silly me, I thought they did dev, test, production model.
One thing this demonstrated was the vulnerability of the whole dang system. Everyone involved downstream should be having emergency meetings how to prevent this in future. 911 disrupted all day, NOT acceptable and if that means no more computers with Microsoft OS, so be it.