10 April 2014

Windows XP and ACT Health

| thatsnotme
Join the conversation
12

So due to a nasty accident about 6 months ago, I’ve been spending a lot of time in offices running ACT Health computer systems – from TCH, to Physio offices in ACT Health Centres.

What I’ve noticed – as recently as today – is that they’re all still running Windows XP. The system that is now end of life, and won’t be updated with security updates any more. The system that is the front door to a whole stack of my medical records. Mine are pretty innocuous really – lots of stuff about broken bones – but I’m sure plenty of other people have far more sensitive information stored on the system.

Does anyone know if there’s a project underway to upgrade these systems? Or is the plan just to fudge the OS version, along with waiting lists?

Join the conversation

12
All Comments
  • All Comments
  • Website Comments
LatestOldest
JustThinking7:35 pm 15 Apr 14

CR#$.
I didn’t think Y2K was so bad… just went into system and turned my PC back a few years.

BTW… companies do not seek/catch flaws then prevent hackers.
Hackers find flaws then when they are reported companies fix the flaws.

Hackers can get you no matter what you run and it’s usually nothing to do with the system you run… but what you do online.

I don’t think the OP was interested in the hacking side though… just how to transfer/upgrade all the XP data.

Let’s start naming and shaming more organisations which are still using Windows xp. The latest I’ve been able to sniff out is Southern Cross Health Club. An hour or so after I posted my above reply I went to the gym and tried to file a feedback form and saw the Windows xp Pro screen saver on the computer terminal behind the desk in the weights area. Actually, there are some people who think that people who lift weights and build muscle are so old school they wouldn’t even know what computers are.

thatsnotme said :

Y2K was a big deal, and then a big anti-climax because nobody could truly say what would happen when all of those 99’s ticked over to become 00’s. There’s no question about what’s going to happen if people continue to use XP though. No, your Virgin plane won’t fall out of the sky – but you might want to think twice about using your credit card as proof of purchase in one of their ticket booths.

Y2K was a big deal, which sys admins / software developers around the world dealt with so on the stroke of midnight the world would keep on going. The problem is the news preferred to show “survivalist wackos” hording food and guns rather than showing a sys admin successfully applying a patch to a server, since only one of those made good TV viewing.

With regards to XP, a quarter of the worlds computers still use it. This is more than every other OS out there (including linux / unix and mac) combined with exception to Win 7 (which has 50% market share).

In regards to actually securing a system, unfortunately everyone running XP is now vulnerable to any new exploits found, and with still such a large share you can bet there will be loads of people looking very closely at XP over the next few months looking for loopholes. Basically a quarter of the worlds computers now have massive targets painted on their backs.

Furthermore, just running a firewall, not visiting dodgy websites / using dodgy software and running an AV program every so often is not enough. They might mitigate some risk, but it’s sort of like using a bucket to take water out of a boat whilst ignoring the giant hole in the bottom of the haul…

screaming banshee said :

You would think after 10 years they would have plugged all the holes

It’s not a case of hackers just finding a hole that’s been there all along though. You hear about hackers ‘crafting’ an exploit – because that’s kinda what they’re doing.

Operating systems don’t live in isolation – they’re designed to allow other people’s software to run in them. So all it takes is one manufacturer to produce something that has flaws, and suddenly a hacker has a back door into the guts of the system.

It’s a bit like if you were the editor for a book, were handed the finished work, and had to find all the mistakes. But then people kept adding new chapters, and the mistakes in these meant you had to keep going back to change the original text, and so on. You’d never fix them all – as quickly as you found one, a new one would appear in an area you’d already read.

thatsnotme said :

dungfungus said :

OMG, does this mean Virgin aircraft will be falling out of the sky? It’s the “Year 2000 bug” all over again.

Comparing this to the Y2K hysteria just makes you look silly.

Security exploits are discovered all of the time in computer systems. The manufacturers learn about them, and – hopefully before the bad guys learn about them – release patches that close the hole. It’s been going on for years, and will likely not change any time soon.

Now, a system that’s still used on a massive number of computers won’t receive those patches any more. As time goes on, more and more holes will be found, and nothing will be done to fix them. It’ll reach a stage where just using one of these systems will be as good as leaving your front door open while you go to work, and never locking your car.

Y2K was a big deal, and then a big anti-climax because nobody could truly say what would happen when all of those 99’s ticked over to become 00’s. There’s no question about what’s going to happen if people continue to use XP though. No, your Virgin plane won’t fall out of the sky – but you might want to think twice about using your credit card as proof of purchase in one of their ticket booths.

Actually, you are the one that looks silly as my post was a parody on the incipient hysteria in the other posts.
Actually, you seem to have some Y2K carry-over paranoia emerging on this XP issue but I have today deleted Microsoft Security Essentials and installed Trend Micro Titanium to keep things at arm’s length. I think you would agree that was a sensible thing to do.

dungfungus said :

OMG, does this mean Virgin aircraft will be falling out of the sky? It’s the “Year 2000 bug” all over again.

Comparing this to the Y2K hysteria just makes you look silly.

Security exploits are discovered all of the time in computer systems. The manufacturers learn about them, and – hopefully before the bad guys learn about them – release patches that close the hole. It’s been going on for years, and will likely not change any time soon.

Now, a system that’s still used on a massive number of computers won’t receive those patches any more. As time goes on, more and more holes will be found, and nothing will be done to fix them. It’ll reach a stage where just using one of these systems will be as good as leaving your front door open while you go to work, and never locking your car.

Y2K was a big deal, and then a big anti-climax because nobody could truly say what would happen when all of those 99’s ticked over to become 00’s. There’s no question about what’s going to happen if people continue to use XP though. No, your Virgin plane won’t fall out of the sky – but you might want to think twice about using your credit card as proof of purchase in one of their ticket booths.

screaming banshee6:45 pm 10 Apr 14

You would think after 10 years they would have plugged all the holes

I read that corporate users could negotiate an ongoing support agreement with microsoft. That would cover the bank’s atm network etc.

I had a laugh when a week after last year’s super rugby gf all the Canberra hospitals pcs still had the compulsory Brumbies screen background.

ACT Gov seems to be using Win7, so I would expect if it isn’t rolled out yet that direct service Health would be on the list to update. I believe health has lots of databases and programs that make it a little more complex that your normally office public servant.

HiddenDragon said :

Roundhead89 said :

It’s not just ACT Health. I was at the self-serve checkouts at Woolies, Woden Plaza and one of the staff had to reboot one of the terminals. Incredibly up came the Windows xp splash screen. I mentioned this on Facebook and someone said that Virgin Australia also uses Win xp.

And a story on the news last night about bank ATMs using XP.

OMG, does this mean Virgin aircraft will be falling out of the sky? It’s the “Year 2000 bug” all over again.

HiddenDragon10:57 am 10 Apr 14

Roundhead89 said :

It’s not just ACT Health. I was at the self-serve checkouts at Woolies, Woden Plaza and one of the staff had to reboot one of the terminals. Incredibly up came the Windows xp splash screen. I mentioned this on Facebook and someone said that Virgin Australia also uses Win xp.

And a story on the news last night about bank ATMs using XP.

It’s not just ACT Health. I was at the self-serve checkouts at Woolies, Woden Plaza and one of the staff had to reboot one of the terminals. Incredibly up came the Windows xp splash screen. I mentioned this on Facebook and someone said that Virgin Australia also uses Win xp.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.