Poll Microsoft has got off remarkably lightly from WannaCry, as the finger pointing between Whitehall and NHS trusts began. But that might be beginning to change.
调查微软已经有了显著地从想哭,是指与Whitehall NHS信托开始。但这可能开始改变。
The NHS had 70,000 Windows XP PCs, but only after the ransomware hit did Microsoft issue a patch. Officially, support had ended in 2014, spurring an upgrade cycle.
强化个人信息安全 严惩行业内鬼
NHS0 Windows XP的电脑,但只有在勒索打了微软发布补丁。官方支结束,推动升级周期。
In a letter to The Times [paywalled, of course], former GCHQ chief Sir David Omand has put the moral responsibility on Microsoft for withdrawing support from Windows XP three years ago, knowing the OS was in frontline use worldwide.
在本次[ paywalled的一封信,当然],前首vid Omand爵士已经把英国的道德责任在微软撤回三年前从Windows XP的支持,知道操作系统是全球使用在前线。
Omand raises the question of whether vendors like Microsoft should continue to secure systems long after their support “expiry date”.
奥曼德是否提出供应商如微软应该继续安全系统长期支持“过期后的问题”。
“Should Microsoft have stopped supporting Windows XP so soon, knowing that institutions had invested heavily in it (at the urging of the company at the time)? At least a Windows XP patch for the flaw that allowed the worm to spread so readily has now been issued, but it would have been better if it had been released a month earlier, when the company first became aware of the problem,” he writes.
“微软应该停止这么快就支持Windows XP,知道机构投入了大量的IT(在该公司当时的敦促)?至少有一个Windows XP补丁的漏洞,让蠕虫传播如此容易,现在已经发出,但它会更好,如果它已被释放一个月前,当公司第一次意识到这个问题,“他写道。
The withdrawal of security patches is a big stick, perhaps the biggest stick, that Microsoft possesses to oblige customers to upgrade their archaic systems. (Windows XP will be 16 years old in September – that’s an eternity in computing, longer than the time elapsed from the first microprocessor to the launch of OS/2.)
安全补丁的撤回是一个大棒,也许是最大的坚持,微软拥有迫使客户升级其古老的系统。Windows XP将年前的九月-这是一个永恒的计算,长于从第一微处理器到OS \/ 2推出的时间。
Sympathy for the vendor comes from many who work in health and public sector IT, who blame poor management for mission critical services retaining decrepit and ageing PCs. Microsoft gave the NHS years of notice that support would cease. But isn’t there a social responsibility to maintain even the most inept NHS manager?
对于供应商的同情来自许多人工作在健康和公共部门,谁怪可怜的管理为关键任务服务留住衰老和老化的电脑。微软给的通知,将停止支持NHS年。但即使是最无能的NHS管理者,也没有社会责任吗?
An analogy may be vehicles that develop a dangerous defect. Would we excuse the manufacturer and allow unsafe vehicles on the road?
类比可能是发展危险缺陷的车辆。我们会原谅制造商并允许道路上不安全的车辆吗?
So we’ll throw this open to you. The question is straightforward. Should the government regulate (or legislate) that “unsafe” public services must be patched, and if they are not, place those vendors on a blacklist?
所以我们会把这个开放给你。这个问题直截了当。如果政府监管(或立法),“不安全”的公共服务必须修补,如果不是,把这些供应商列入黑名单?
JavaScript Disabled
禁用javascript
Please Enable JavaScript to use this feature.
请启用JavaScript使用此功能。
polling(150)
轮询)

It’s over to you. ®
软件程序员必须在软件设计流程就开始履行安全职责,事后才想起补充安全功能将花费大量的时间和精力。
它的结束给你。®
Sponsored:
赞助:
Continuous lifecycle London 2017 event. DevOps, continuous delivery and containerisation. Register now
连续生命周期伦事件vOps,连续的传递和集装箱。现在登记
公司应该建立信息系统资产安全管理制度,编制资产清单,明确资产管理责任部门与人员,规范资产分配、使用、存储、维护和销毁等各种行为,定期对资产清单进行一致性检查并保留检查记录。

猜您喜欢

信息安全概念股有哪些?信息安全7只概念股价值解析(2)
信息安全管理的科学方法,让信息安全同业务目标保持一致
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
赵本山女儿给母亲尽孝心,但她侧脸太吓人了吧
FLASHTRAFFICBLOG D2FOOTBALL
网络安全意识——不要随意通过个人设备连接互联网