Sunday, 14. May 2017
Slow down greed - don't wanna cry no more

So what's the current status on the WannaCry ransomware infection? Several hundred thousands of non-Windows-10 - also non-Linux & non-MacOS - PCs/laptops/servers may have been infected, making many of them useless due to important files having been scrambled. For many of these, apparently no functioning backups exist! Microsoft had recently finally/correspondingly released a free complete security update (no. KB4012598) for free download. All sorts of calls for more oversight and general control of the Internet - whatever that means, and does that include Internet-espionage government agencies?! - are now being made public...

In a current op ed in the New York Times some interesting ideas have been put forward, on how Microsoft and government could do much more to raise industry security standards.

One point not mentioned there, is that the fast release cycle for new operating systems, initiated at its current high-profit 3-4 year level by Microsoft* itself decades (!) ago, copied by all major op. system distributors since then, may also have contributed greatly to the current problem. All system administrators know why their bosses live by the motto NEVER CHANGE A RUNNING SYSTEM - because new software invariably contains new bugs, including doorways for exploits by viruses such as the current "big in the news" one. So, if an operating system, like Windows XP, has proved stable, it tends to be kept in use as long as possible.

Buggy software means unexpectedly high & sudden expenses.

The motto (in capitals, above) is also automatically enforced by another problem: The connecting interface** to applications - esp. big ones like database and document retrieval management systems - tends to also change whenever a major release to an operating system is installed. So, most application levels "sitting" on the op. system may have to be updated, then, too!

An upgrade always takes a lot more effort (= money) to apply than a smaller update of the current version.

So, maybe the rapidity of the whole innovation cycle is the problem. Or rather, it is part of a self-regulating overall system that will cause massive failure of partly important systems, if a more appropriate balance between release cycles and need for innovation is not found...

I am not against innovation, but it could use more stabilisation and good testing. Any software engineer can tell a story supporting that.

We are part of the world, and thus so are the things we make within the world. And the world has regulated itself for a long, long time.

Let's - especially us i.t. guys - get with the rhythm!

(* in collusion with Intel, I feel /
** API or "system calls")

... Comment