back to article Conficker seizes city's hospital network

Staff at hospitals across Sheffield are battling a major computer worm outbreak after managers turned off Windows security updates for all 8,000 PCs on the vital network, The Register has learned. It's been confirmed that more than 800 computers have been infected with self-replicating Conficker code. Insiders at Sheffield …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    no individual ...

    "This decision was taken by the IT Change Advisory Board to prevent further disruption in theatres which could have affected patient care." No individual was responsible for the move, the Trust added.

    Well sack the lot of them then.

  2. lIsRT

    "No individual was resonsible for the move"

    "This decision was taken by the IT Change Advisory Board to prevent further disruption in theatres which could have affected patient care." No individual was responsible for the move, the Trust added.

    Clearly the IT Change Advisory Board is a borg-like entity, so perfectly assimilated that distinguishing its individual drones is now practically impossible.

    Sack 'em all (it?) then, obviously; if no-one is responsible, then everyone is.

    Also, shouldn't anything you need in an operating theatre be running one of the guaranteed, real-time scheduling, safety-critical OSs that things like aircraft use?

    Looks like some(one/thing) else is in need of being removed.

  3. Paul Uszak

    Let OS wars begin...

    Windows virus story? ...Linux ...Mac... begin.

  4. Anonymous Coward
    Anonymous Coward

    IT Change Advisory Board

    "This decision was taken by the IT Change Advisory Board to prevent further disruption in theatres which could have affected patient care." No individual was responsible for the move, the Trust added.

    Quick, Henry! The Flit!

  5. Anonymous Coward
    Jobs Horns


    MRSA and CDiff and now Configer, can UK Hospitals not get anything right ? Dont answer that.

  6. Phil Endecott

    Err, "WIndos for Operating Theatres"?

    > PCs in an operating theatre rebooted mid-surgery.

    Bloody hell. What on earth are they doing using Windows computers in an Operating Theatre???

    That is absolutely insane.

  7. Anonymous Coward
    Thumb Down

    Turning off Automatic Updates.

    This is pretty typical, and 100% understandable as the MS updates have a nasty habit of rebooting when they see fit. Switching it off is a fast and easy way of ensuring that your systems are up.

    Thank you MS for your totally shit update system.

    A better way, of course, would be to have the PCs update from a local (and thus controlled by the trust) source, but still denying auto-reboot. Chuck a message up to user, (so they can re-boot when safe); run audits and have an IT bod check the PCs that say they have not re-started for the updates to take effect.

    These problems are caused by the pathetic MS update system and semi-competent IT bods trying to work around the "we know best, you shall obey" attitude of MS. A machine reboot on a critical system could damage kit or, in the case of a hospital, kill someone.

    As for the committe; yes. Sack them. They are obviously, to a person, not competent.

  8. Jamie

    Can't believe it

    Why would you use Windows in a Situation Critical Environment like a Surgery Room?

    Honestly, you pick the best product for the scenario. Even MS know this as their Graphics Departmet (at least use to) are setup with Mac for graphic development.

  9. This post has been deleted by its author

  10. Jared Earle
    Thumb Down

    That's ok ...

    Surely all they need to do is roll out the redundant back up system and ... oh, wait.

    Muppets, the lot of them. That's what you get with a "lowest tender" system.

  11. umacf24

    October != December

    MS08-067 exploited by Conficker came out a bit late in October and they switched off the patching at the end of December .... so that's err more than nine weeks to patch?

  12. Anonymous John

    This isn't an anti-Microsoft rant, but

    this is their fault. It should be left to the user to decide when to reboot the computer after an automatic update.

    Having your PC reboot unexpectedly when left unattended, causes no end of problems.

  13. Anonymous Coward
    Anonymous Coward


    Surely any organisation that size should have a managed IT program, that includes

    wheeling out updates in a scheduled manner?

  14. myxiplx

    Incompetent on so many levels

    Dear god!

    You've first got utter stupidity on the part of the network managers: Computers in an Operating Theater should not be connected to the internet, especially if they're vital to the success of operations. And they should definately not be allowed to install updates unsupervised.

    But to then react to that by disabling security updates across your entire organisation? Somebody needs to be sacked here. It sounds like both the network staff and the management are utterly incompetent.

    I'm managing 100 computers here, without anything so critical as an operating theater, but I still have better policies in place than these jokers.

  15. Anonymous Coward

    The revolution is close at hand Comrades!

    The military machine is under threat!

    The medical infrastructure is close behind!

    We need to storm the Winter Palace, stand on the tables waving bits of paper at each other!

    All hail the penguin!

  16. Mike Crawshaw

    Not a problem

    We still use leeches in Sheffield, so a lack of computers ain't a problem....

  17. Jon

    WHY are these PCs connected to the Internet???!!!!

    PC in operating theatre... seems reasonable.

    Running Windows on it.... wouldn't be my first choice, but suitably locked-down it's reasonable, and has the benefit that people are familiar with the UI.

    Turning off automatic updates... also reasonable (albeit counter-intuitive). Testing changes is extremely important; and the PC should be locked-down enough that it's not going to get infected.

    Connecting life-critical PC in operating room to the internet... absolutely insane. Any life-critical PC should be air-gapped from the public internet.

    (Also, any PC with my medical records on should be air-gapped from the public internet - not that the NHS would ever bother doing that).

  18. David Edwards

    LIcence agreement

    Does not the windows licence screen say "dont use this in critical areas such as Operating theaters and Nuclier Subs?"

    I await an update on from the Royal Navy, assuming they are not at the bottom of the sea.

  19. Anonymous Coward
    Anonymous Coward


    > PCs in an operating theatre rebooted mid-surgery.

    Imagine waking up mid-surgery - bad enough in itself - to hear that dreaded tune 'do do do do' !

  20. Anonymous Coward


    Wait, some machines were playing up a bit, so they disabled *all* patching?

    WSUS is free, and you can auto assign patch groups through GP. Wouldn't have been a stretch to put the critical machines in one group that needs patches more stringently tested before rollout and stick the general ones to update as per normal?

    Anyone who can read TechNet articles can get WSUS running in an afternoon.

  21. Waderider


    umacf24 hits the nail on the head, the dates in the story don't make sense. I just checked my in-laws Vista machine and it received the update in the first half of November.

    I *want* to type things like 'use linux you fools', but of course if linux was more popular it would be as exploited, so I'd rather it stayed in the domain of the geek, server and netbook. And of course using Mav would make the NHS even more bankrupt........

  22. Adrian

    Operating Theatres?

    Why are these computers connected to a LAN with internet access. Surely anything critical, and in this case potentially life-threatening should be on a separate network?

    I worked for many years in the Space industry, and the operational machines (those which run the satellites) were on a physically separate LAN with absolutely no internet connection. PCs with the usual office apps and internet connections were on the development LAN.

    That would be too sensible in this case.

    @Paul Uszak: The operational machines are all Linux and Solaris, so no chance of a virus there ;)

  23. Thomas

    A pure configuration problem?

    I'm pretty sure Windows has a "notify me when updates are available, don't automatically download and install them". That said, if they can find the ecosystem to support it then the NHS really should switch to Linux for simple budgetary reasons.

  24. Stuza

    Hasn't cost the public money?

    "The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"."

    Oh .... and I though that WE the public paid the IT staffs wages... I wonder who does then?

  25. André Marques

    @This isn't an anti-Microsoft rant, but

    Well, thing is, you CAN alter that! In fact, you can change that behaviour in all pcs at teh same time by using a Group Policy, you know, the same way they decided instead to TURN OFF THE UPDATES IN THE FIRST PLACE!

    +1 at firing all the IT Board.

  26. Anonymous Coward

    No cost?

    'The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams".'

    All well and good, but that's time and effort that costs the trust wages, and means they can't be off doing something more useful instead. Time costs - even if you already employ the staff, there is still a cost - I'm sure the support guys weren't sitting around on their backsides doing nothing beforehand...

  27. Geoff Mackenzie

    Interestingly ...

    ... if you read the Windows license carefully, it actually states that you shouldn't use it where anybody's life is at stake. This probably doesn't apply to Windows for Warships and the like, but what are these people running? XP? So Microsoft warned them the system wasn't up to it (and in fairness, if I'm guessing right about the OS, the system wasn't designed to be up to this sort of job).

    Does nobody read the license agreement? Don't answer that.

    My gut reaction was actually to go on a Linux-recommending rant, but in fairness, although I do think Linux is pretty stable and a minimal configuration can be incredibly robust, there are probably better things to run in an operating theatre. It would still be preferrable to an OS that literally comes with a health warning though.

  28. Bruno Girin
    Thumb Down


    'The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams".' Err... and with what money is the IT team paid? Public money presumably? I know IT staff are not paid that much these days but still.

    Also @Jon and others: they never said the theatre PCs were connected to the Internet nor that any of those were part of the 800 that are infected, they just said it was due to one of them that the decision to suspend automatic updates was taken. And remember that this virus can propagate through network shares, USB keys, etc. so depending on their network topology, you could very well have machines infected even though they have no Internet access: they just need to be connected to the network and they presumably are, at least indirectly, if they receive Windows updates.

  29. Anonymous Coward
    Anonymous Coward

    Operating Theatres

    I have worked in an OT environment for 7 years, and all the PCs used by our health trust run windows.

    What mystifies me is that the PCs rebooting caused a significant problem. The software used in our theatres is primarily a database to track operating lists, staff involved in operations, surgical implants used, operating times, serology and other investigation results, and the like - the vast majority of which is still recorded on paper as well.

    The only other application (and only recently introduced) has been the electronic viewing of X-rays and CT scans, with software to allow orthopaedic surgeons to plan the sizes of hip/shoulder/knee replacement implants pre-surgery.

    The temporary (over the span of even as much as an hour or so) unavailability of any of these systems is nothing more than slightly inconvenient. However, this is simply a snapshot of OT computer use in a single trust,. Sheffield may be using more involved and safety critical systems.

    Also, our IT department at least has the sense and decency to run planned maintenance and updates out of hours, and have the courtesy to email us and let us know in advance when and for how long the computers will be out of use.

  30. Loki
    Thumb Down

    You have to love comittees

    Its why they have committees. So nobody is to blame and they can keep taking their fat pay checks regardless of how badly they feck up.

    Its been proven time and again, if nobody is responsible for decisions then people do what they think is easiest for them.

    Was it President Eisenhower who had on his desk a sign saying: The buck stops here.

    Nothing wrong with Committees per se as advisory boards, but someone has to be decision maker and put their balls on the line.

    Still, sounds like one major SNAFU. Auto-rebooting computers... shouldnt happen anywhere these days.

  31. Anonymous Coward

    Group Policy and WSUS

    I can't believe no one here has said this yet but every single aspect of Windows Update that you can think of is configured using Group Policy and WSUS and is exactly what an organisation of this size should be using and I'm sure they were (though perhaps the Automatic Reboot setting wasn't ideal for the operating theatre PC's, pro's and con's of using Windows in a theatre aside.

    It sounds to me as though the Anonymous person quoted in the article suggested to his boss that operating theatre computers be assigned to their own WSUS / Group Policy groups so they can be configured differently. His computer illiterate boss who one assumes is pally with a rather miffed surgeon overruled this decision. I think this man is where the focus should be.

  32. Chris Byers

    Please don't blame the techies (yet)

    Blaming the network staff here is a little premature I think. Many times the advice of network managers and other IT staff is ignored and it is very possible the 'IT Change Advisory Board' has no one with any technical experience at all, or the senior IT bods on the panel are so out of date to be next to useless when forming any kind of sensible decision.

    Please don't blame the techies. Chances are they know exactly what they need to do and how to do it. Unfortunately the 'customer' and management may be getting in the way here I suspect.

  33. Anonymous Coward
    Thumb Down

    @AC - No cost?

    not to mention that I doubt "external anti-virus specialists", called in to work on an emergency, will do doing so free of charge...

  34. Anonymous Coward

    "IT Manager" -- orly?

    Sack the clueless cunt. As others have said, the fucking exploit was announced waaaaay before December and it's just piss-poor admin policy if the fucking things are set on the default "check for updates smack-bang in the middle of the working day" policy and have them internet-capable and not on a segregated LAN with its own update server...


  35. robert

    How many times does this sort of thing have to happen...

    before people will learn not to use Windows crapware.

    There are better alternatives and as soon as people start using them they will get even better.

  36. Anonymous Coward
    Anonymous Coward


    Perhaps if they setup the Update Services correctly they would not have had to disable it.

  37. Anonymous Coward
    Anonymous Coward

    Who said anything about the Internet?

    Some dumb comments on here - this worm spreads on a network internally via network shares, no access to the Internets required. It might have got onto the network via USB flash drive.

    Also, the surgery could have been taking place at 3am - this is the default setting for automatic updates to be applied. You've got to keep it simple - yes WSUS & GP allows you to configure everything but changing defaults around for the sake of it isn't a good idea. No doubt lesson learned - the hard way. Feel sorry for the IT bods at the bottom dealing with it.

  38. Anonymous Coward


    Where I work, we don't deal with anything as important as a machine in an operating theatre, but even we implement Windows updates using WSUS and if anything is mission critical we only update it manually when we can safely take it off line.

    It's not rocket science!

  39. Anonymous Coward


    This is one of the most ridiculous things I've ever heard.

    Group policy combined with WSUS has all the options you need to control updates, stop machines automatically installing or rebooting!

  40. Anonymous Coward

    In a critical area doesn't mean the computer is safety critical

    Why is everyone assuming that just because a computer is in an Operating Theatre it means that it must be running mission critical tasks?

    The article says nothing about what it was actually doing and for all we know it could have just held the surgeon's mp3 collection! It's fairly safe to say that it's not running anything on the life support side as it's likely that we'd have heard about the resulting deaths along with an amusing Register headline like "Blue Screen of Death" or something.

    Having said that, what an absolutely crazy decision to turn of ALL updates! As has been said by others, it's not like WSUS is a difficult one to set up!

  41. N

    PCs in an operating theatre?

    Do I read this right, or has the NHS along with the dim wits that run its IT gone insane?

    So, if I ever have to go into hospital, not only do I take my own cleaning stuff & so on but a computer as well, just in case the one in use croaks


  42. Mungo
    Paris Hilton

    Oh we go again.....

    You just cant help yourself can you. You just dont get it!!!!!

    If each and every one of you beardy-wierdy, tank-top abusing, sandal wearing, penguin loving freaks of nature wrote as many lines of code for linux apps as you do lines of abuse found here and in other comment areas and blogs then the world would be run completely by linux.

    You slag off the fact that there is a windows PC in the theatre. Its not there to run OpenOffice or pick up some fucking email. The reason a windows PC is in there is because the application THEY want to run isn't available in Open Source or Linux. Why isn't it available? Because you usless fuckers are patrolling comment areas and blogs ready to troll windows failures instead of looking to improve Open Source application availability and properly compete in the market.


    Paris because even she knows a single opensource app does not fulfill the requirement of an entire market sector.

  43. Ed Blackshaw Silver badge

    For automatic updates to reboot a computer

    it would surely have to be connected to t'internet. This somewhat beggars the question, WTF is a computer in an operating theatre, presumably which performs some critical function towards the surgery (otherwise what is it doing there) connected the the internet? Surely any machine performing a critical life support function in a hospital should be in an isolated environment, in which case it wouldn't need updates anyway?

  44. TerryG
    Thumb Down

    Patch management?

    Why was an organisation of this size relying on automatic updates to patch their machines? There are enough patch management systems out there to control the rollout of updates to PCs that don't rely on the vagaries of a random download and reboot. Even WSUS could've handled the theatre PCs as a special case and that's a free download from MS.

    This isn't a Windows problem so much as a management issue. Put this shower of monkeys in charge of a Linux installation and they'd still screw it up.

  45. Bassey

    The trust are talking crap

    None of this adds up to a problem with Microsoft. It all adds up to a problem with management not having a clue what they are doing. For a start, despite comments from the usual Mac and Linux retards above, Operating Theatre PC's running windows are not running anything important. They don't run life support systems or any of that crap so the PC's rebooting would have been a minor inconvenience, not life threatening.

    Secondly, why were the PC's all left to update themselves? There is no good reason for 90% of these PCs to be on the Internet in the first place and, in any case, it's appalling bad management to let them update themselves. Updates should be being pushed out from a central location in a controlled manner and at a specified time. Even then, it can be configured so that the user is ASKED if they want to reboot now or later.

    And lastly, as pointed out above, the patches were released in October but update wasn't turned off until December. So, someone, somewhere, is telling big fat lies to cover their arse..

    So this is a case of management not knowing Jack Shit and making crap up to cover themselves. The Linux and Mac retards who clearly didn't bother reading the article before hitting the button they have set up to post "Ha ha, Windows failed, Linux/Mac rules" can all crawl back under their rocks now.

    NHS in huge management fuck-up is hardly a news story is it?

  46. Anonymous Coward

    Time for SEI CMMI for IT?

    I'd think a hospital would be Level V.

  47. Anonymous Coward
    Thumb Up

    From Sheffield, quote of the week

    "Don't you just hate it when your boss is so computer illiterate yet has the power to veto the simplest of ideas to catastrophic end"

    Immaculately phrased.

  48. Conrad Longmore

    Patches? We don't need no stinking patches.

    Patching is the optimum solution (and for the vast majority of PCs on desks it is the only sensible one). But in the case of Conficker, any decent AV program should have stopped it. Alternatively, a product such as eEye Blink can provide effective endpoint protection without really needing patches at all.

    HOWEVER - Conficker is a tricky beast. If someone logs onto an infected machine with Domain Admin rights then it's pretty much game over, even if you have the patches installed. You cannot rely on patching alone.

  49. Duncan Hothersall

    @ Mungo

    Alright sunshine, what app was it that was so mission-critical in the operating theatre that they had an internet-connected PC running Windows to enable it to be run? Name the app, or withdraw your shitty, wrongheaded diatribe.

  50. Anonymous Coward
    Thumb Down

    Linuxtards find another excuse to strike

    It's not the OS that's at fault here, it's the mis-management that allowed a) the machines not to be properly locked down, b) system updates to be slapped on in what seems to be an uncontrolled manner, c) an ill-considered response to some objections to a small number of these updates to cause an even bigger outage!

    The problem exists between keyboard and chair...

  51. Anonymous Coward
    IT Angle


    Hasn't anyone heard of Windows Server Update Services?

    Updates can be scheduled by group policies to avoid things like this.

  52. Anonymous Coward
    Anonymous Coward

    OR Documentation System is not life threatening.

    Just for the alarmists out there gravely concerned of the welfare of patients on the table, typically the systems written in Windows are surgical documentation systems, not monitoring, care disbursement systems.

    I worked on an IntraOp/PeriOp documentation system used in operating rooms in the U.S. It was written on Windows. It took about 9 man years to write the first two phases of the software. The software is used in OR's is to document what happens in the case (nurse inserts catheter size x at time y, patient says ouch). Hospitals always have the "failover" method of pen and paper documentation if the system ever fails for whatever reason. Though we do as much as possible to keep the system running when things happen, shit still does happen (like windows reboot).

    Basically you write systems in Windows, or you cut your customer base by 90%. It's generally the customers who drive the OS decision. I have problems with Windows for all the obvious reasons everyone else does, but until there is a major paradigm shift in the way the global IT purchasers think, we're stuck with it.

    The good news is that most of the backend stuff can be written OS neutral. Web services and Oracle databases can all be run on unix/linux platforms, but the customer still drives the decision. If the customer says they want to use Windows on their back end, we install it on Windows. Most of the customers want Windows.

    Until all the unix/linux advocates can justify the multi-million dollar conversion to linux/unix, instead of blathering, "you're a noob for using Windows because of bla bla bla," Windows is what's run. It's what we call entrenched.

  53. Mat

    Wel well well..

    The following comment seems to show what NHS managers *really* think of IT

    The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams".

  54. Ken Hagan Gold badge
    Dead Vulture

    Boo hiss, El Reg

    "In internal emails seen by The Register, staff were warned not to make details of the outbreak public."

    I think that's a little unfair. If she really said...

    "Please note that this incident could over the next few days attract outside interest from the press... If you are at any time approached by anyone to give information relating to the current problem then please refer them to me in the first instance,"

    ...then "IT services manager Carol Hudson" is simply asking that the press have an informed point of contact rather than a load of headless chickens spreading FUD.

  55. Anonymous Coward

    Rebooting automatically?

    @Anonymous John - Microsoft have thoughtfully provided a whole host of group policy settings to prevent a PC rebooting automatically. All the NHS IT staff had to do was configure one of those.

  56. UBfusion
    Thumb Down

    Please enforce moderation

    @ Mungo: You have crossed the line - I have been severely insulted by your attitude and language. Please retract.

    @TheRegister: Please consider moderating all comments that are expected to provoke OS wars.

  57. Anonymous Coward
    Anonymous Coward


    Another case of something happening, everyone blaming windows when basically it was ill configured, MS actually have the group policy stuff in place FOR businesses like this, as someone else said. MS is perfectly fine for software in places, as long as people arn't idiots and actually schedule the updates properly , or if they can;t schedule them due to being in a environment thats used a lot , set it to download but not install and install after surgery!!

  58. Ed Blackshaw Silver badge


    I don't see anyone here particularly dissing MS - the general consensus would appear to be that the IT infrastructure in the hospitals is mismanaged and it is those who are responsible for administering the trust's computers and (more likely) those who are responsible for managing those (most likely overworked and underpaid) administrators who are at fault. For anyone who has had experience of badly-run NHS management (and plenty of it exists), this should come as no great surprise.

    So Mungo, put down the block caps and step away from that bridge you ridiculous little troll.

  59. RobT

    IT Knowledge inverse-proportionality to IT management Level

    The NHS are not the only ones who have this kind of procedure forced upon them by superior "IT Management"

    We have had a forced hold on the installation of all updates of any type for the last 6 weeks due to peak trading in the retail sector. As such we are hoping that our AV is catching everything before it can cause problems.

    I personally feel sorry for the poor techs that will be getting ripped to shreds for "allowing" this situation to occur when the chances are that they suggested, as we did, that this was not a suitable resolution to the problem and out of hours installs and restarts are a more desirable position.

    With a good testing environment in place it should be possible to release the patches to unused test PCs, then a select UAT group, before a final all estate rollout.

    Poor NHS IT.

    Surely once again IT end up firefighting rather than being allowed to proactively stop outbreaks and issues!

  60. Tim Schomer

    @ Anyone who can read TechNet articles can get WSUS running in an afternoon.

    "Anyone who can read TechNet articles can get WSUS running in an afternoon."

    Well, they might be able to if ...

    a) they had a machine to put it on (this was a 'lowest quote' system)

    b) the managers allowed them the afternoon to do it

    c) they didn't think they'd be sacked for doing something that wasn't approved by the IT Policy Direction Committee. (I was nearly had up on that one for changing the background colour on my PC)

    All in all, don't blame the Techs, sounds like they've got enough to deal with as it is.

  61. Sarah Bee (Written by Reg staff)

    Re: Please enforce moderation

    I considered it, UBfusion (if that *is* your real name). And then I moderated it accordingly. Which is why it's now available for your viewing pleasure, discussion and rebuttal.

    Also, I can't see where you yourself are directly addressed in Mungo's comment. If you can point out to me what exactly caused you such offence I'll be glad to take appropriate action.

  62. Tone

    No Management System?

    Who ever decided to deliver windows updates via the web should be sacked - it would seem a lot of people dont know how to manage or harden windows - including some of the comments above.

  63. Mungo

    @Duncan Hothersall

    I don't what the app was, I don't care what the app was, It doesnt matter what the app was.

    What matters is that if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one.

    Read AC - OR Documentation System is not life threatening. Until people like you get off your arse and FLOOD the market with Linux apps that the market wants then we will always be entrenched in a Windows environment and I will always be biting my lip listening to people like you whining like an eight year old girl. Grow up and get on with it or shut the fuck up.

  64. alan



    that is all.

    /me goes off to write 3 lines of linux....

  65. Anonymous Coward
    Anonymous Coward


    we had the virus at fujitsu recently, supporting government accounts, the brilliant advice from our internal support was "take the network cable out".

    Quietest couple of days at work ever :D

  66. Luther Blissett

    The meme of virality, and the virality of memes

    Conf*cker = con + f*cker. A good name for a successful virus. If reflexivity is a necessary condition of success (as in "reflective practice"), then to be resistent to infections the NHS must rebrand itself asap. That's not a job to be devolved to "experts", "elders" or "leaders" (interesting near-anagram there). But first we must decide if hospitals are places to recuperate to live or to go to die. Which means knowing what is life and what is death. (Which the NHS doesn't, because post-op care is far more lethal than surgery).

    So, Socratic question, what is the meaning of life?

    Is it, perhaps, a matter of aliens seeding the planet, as Dawkins probably <wink> believes? In which case there are only two possibilities. Either (1) the aliens will come back, because the human experiment "works", and is Good, so we are logically forced to believe in UFOs. Two extensions are available here - (a) the aliens come and take us away ("redemption"), so we have cargo cults, or (b) the aliens leave us here, with new "secret knowledge". (Which does the Co$cientology prefer?). Or (2) the aliens never come back, because the human experiment is a catastrophic failure, Bad or Evil, so that when the going gets tough, we stop thinking about the possibility of a world without war, poverty, misery, or usury - to make the best of our lot we walk on by, while those fortunately placed game the financial system in the psychotic attempt to become little gods via the belief that money = power = everything. (There are ways of creating gods such as they would like to be, but not in that way, as the Pharaoh tombs evidence - and besides, there are currently no job vacancies in that sphere).

    Or.... what is wrong with the logic (as opposed to the rhetoric) of that last paragraph?

  67. Anonymous Coward


    Like most things in the NHS, it's 90% business and management consultatnts, comitties and HR policies and 10% people doing the work. Most of them outsourced to private companies who only want to increase their proifit.

    That's what's wrong with the NHS, everyone knows it but whenever they try to figure it out, they hire business and management consultants, set up comitties and write new HR policies. That's where the money goes and that's why it's in such a fucking state!

  68. Mungo

    @Duncan Hothersall - And another thing!

    Even if Windows never, ever exisited, are you that naive to think that it would be impossible for a 'mission critical' Linux or Solaris machine to be in that Theatre, connected to the Internet and remain unpatched. I think it would be just as likely.

    Grow up. You're a knob.

  69. Anonymous Coward
    Anonymous Coward


    "You have crossed the line - I have been severely insulted by your attitude and language. Please retract."

    Heh. Working in the tech industry requires a much thicker skin than that. If you want practice, I can come up with better.

  70. g e

    Group policy blah

    Yeah you can set a policy but that doesn't change the fact that by default (??) Windows update will autonomously reboot your PC/Server if you're not paying attention/busy/called into a meeting/etc (and haven't configured it not to) is utterly shit.

  71. Apocalypse Later

    Malware costs

    'The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"

    But the moment they catch the culprits responsible, the position reverses. "This virus cost the NHS or other government department umpty million pounds in cleanup costs and specialist recovery services, and the people who wrote it (or hacker who penetrated, etc.) is therefore a major criminal equivalent to a mob godfather."

    That's how the poor goof who went looking for UFO data on US military computers is being made out to be a threat to world security. The US government does not bother to secure their computers, then panics when they are "penetrated" and runs up a big bill to check that no harm has actually been done. Then the cost of the panic is attributed to the goof who wandered in.

  72. Anonymous Coward
    Thumb Down


    Oh, brilliant, someone posts something that gets your blood moving and you call for moderation of comments on The Reg.


  73. Anonymous Coward

    Free Gary

    "The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"."

    In that case Gary McKinnon is innocent as he has caused no expense to the US Government, only 'time and effort by IT teams'.

  74. Mungo


    I apologise to the group for any offence caused by my language but my attitude stands so go screw yourself. @UBFusion sorry if you do have a beard, wear a tank top or sandals and you 'love' penguins. I was exploiting a stereotype I didnt think existed.

    But there is a recurring theme here.

    Headline: Poor environmental/management conditions of IT Support causes (specifically) 'mission critical' Windows PC to fail.

    This causes outcry that why isnt OpenSource/Linux being used because it is a role that is too important for a windows PC to be relied upon and therefore missing point entirely and going on to make same mistakes again and again.

    I am not sticking up for MS or dissing Linux (I use and own a number of OS) but is it too much of a stretch of imaginations to realise that if Linux was the market leader then MS trolls would be creeping out of the woodwork to slate Linux.

    Popularity breeds contempt regardless of market leader. If posters think that Linux should be market leader then get off your arse and make it so but if you dont want to do that, at least look for the root cause of the issue which is usually OS independant. As in this case.

    In essence lets bury our MS/Linux differences and slag off managers which would be much more on-topic in this case.

    Just getting my coat in case we have a load of managers in!

  75. Anonymous Coward

    Blame MS, *not* the hospital management

    It's microsoft's arrogant "we're going to reboot your computer even when you tell us not to" stance that is the cause of this problem.

    Rebooting without operator permission isn't a practical option on any PC, let alone one that might be responsible for somebody's life. And its made worse by MS continual nagging to reboot and the refusal to understand that "do not reboot without permission" ought to mean do not reboot without permission, not "reboot if I don't manage to hit the "NO" button every 23 seconds.

    Stop blaming the hospital management. It is Microsoft that needs to be taken out and shot.

  76. Duncan Hothersall

    @ Mungo

    Oh dear, you haven't even got the beginning of a clue, have you.

    "if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one"

    No, they wouldn't. Choice of application, like choice of operating system, is rarely if ever decided by how good it is at its job. That is almost the whole reason people get irate with Windows being adopted in this sort of scenario, and it has completely passed you by.

    I can show you an operating system which outperforms Windows in just about any technical sphere you care to mention, and it won't give it an inch of market traction in the NHS or elsewhere, because performance, quality and fitness for purpose are simply not the criteria on which such decisions are made.

    That was the entire point of my first response to your silliness - name the app that was deemed so critical and I'm sure I could point to 5 alternatives that could be run without Windows; but they won't be because MS has a monopoly and is very accomplished at using it.

    Your gratuitous insults make your argument even less convincing, by the way. You silly little twat.

  77. UBfusion
    Dead Vulture

    @ Sarah Bee

    Yes, this is my real name (I am not an anonymous user offended by the OS war).

    I cannot really get used to the idea that Reg moderators tolerate a user that calls other posters "usless fuckers" without apparent reason.

    No, I deny being called a "fucker" by anybody. Is this the brand new strategy of ElReg in order to attract more users/comments? Do we want to become like Digg or 4chan? Can you show me past topics in the Register where this has happened? Please google for "fuckers" (I just did) and find me an instance where this behaviour has been accepted in the past.

    I wonder where you do place the red line - calling with that name a minister, or the Queen Herself would have made it too through the moderation?

  78. Sarah Bee (Written by Reg staff)

    Re: @ Sarah Bee


    This is a, how you say, lively site, and I am a fickle moderator. I try to keep peace and civility and all up to a point, and then after that point I tend to let everyone fight it out amongst themselves. And then after another point, I join in.

    The Queen is not necessarily safe here.

  79. Anonymous Coward

    @Sarah Bee

    Surely you mean that f*cker the Queen?

    (anon 'cos TPTB are well known for not having a sense of humour)

  80. Oliver Mayes

    Oh come on

    Please leave poor MS alone. Windows may not be perfect but there's a reason it's used by so many people. That reason may be a combination of user stupidity and questionable business practices but that's beside the point in this case.

    Windows update doesn't automatically reboot your PC when it needs to. Mine does nothing without asking permission first, both before downloading and before installing anything. It then asks me to confirm whether I want to reboot if necessary or postpone by X hours. This is a simple setting that anyone who can install windows can set.

    This is clearly the fault of whomever maintains the PCs, for not setting them up correctly before putting them into use. This is then compounded by ignorant management making a stupid decision.

    And before anyone starts, I'm not some windows zealot. I run Vista at home, Ubuntu at work and am currently listening to my iPod Touch so I'm about as unbiased as most people can get.

  81. Anonymous Coward
    Thumb Down

    What a surprise ...

    Having a girlfriend who's a doctor, and having worked on the biggie NHS IT project, this does not surprise me.

    The NHS as an entity doesn't exist - it's a few thousand fiefdoms run by empire building *crats (medical and otherwise) who have the power to pretty much decide their own suppliers for everything. Hence they have a few thousand smallish networks that are funded and managed / run as such.

    The National IT programme never included provision to push out a fully managed desktop / network solution .. welcome to the result.

  82. Joel Clark

    Bad IT Decisions

    I second all the comments pointing the blame at a committee decision to do something stupid. I wonder if there was a techie or two in there throwing the kind of temper tantrum they should have been throwing against a decision like that.

    @ UBfusion: You are indeed a useless fucker for not liking 4chan.

  83. Bisaerts Danny
    Black Helicopters

    Belgian hospital also affected ...

    Apparently a large Belgian hospital located in the town of Bonheiden is also affected by a major outbreak of the same worm.

    The worm has said to be slowing down operations but patient health should not be in any danger. The network is experiencing difficulties due to the nature of the worm attack which leads to denial of service and network flooding ...

    More on (in Dutch).

  84. Kevin Pike

    the problem

    'I can't believe no one here has said this yet but every single aspect of Windows Update that you can think of is configured using Group Policy and WSUS and is exactly what an organisation of this size should be using'

    the problem with this statment is that you assume the NHS is one It controlled enity. Its not.Even down to a building of say 100 people will have there own It staff and doing the own thing compared to say the building next door. That 90% of the problems with It in the NHS and 100% of the reason why its budget is so high.

  85. Mungo

    @Duncan Hothersall

    Duncan what the hell are you on about. Every procurement selection panel I have ever sat on has ALWAYS started with the application and how well it performs the job you want it to based on its selection criteria decided by the application stakeholders. Admittedly there may be a climb down from the primary candidate due to mitigating factors but seriously we work on the best candidate for the job and we do our damned best to ensure that it fits well with what we already have regardless of vendor or OS. This has not stopped us from selecting Open Source vendors when they are designated the best candidate by the stakeholders.

    So how does your outfit select software then? The one that 'sort of' does the job? Do you line up the best 5 candidates and choose number 6? Seriously, if your are not using a defined selection criteria for your stakeholders and sticking to it how are you selecting vendors? Please post here as I would love to know.

    The one thing that is always predictable in these panels is the utter lack of OpenSource presence compared to Windows offerings but we will always seek to consider them which means we keep an eye on Open Source 'also rans' because given time they will become better. Which if you have read previous posts we have decided to call this situation 'entrenchment' because there is not enough open source apps out there for stakeholders to select from. If there were more open source apps there would be more open source programmers. If there were much more of both then you would be in Microsoft's position. Hence the crux of my original post.

    You dont have to convince me of the abilities of Linux as I use it on a daily basis as well as Solaris & Windows and I also predate Windows so I can still remember companies might have 6 different operating systems in use from 6 different vendors and zero interoperability and have no wish to go back down that road.

    But like a good little geek I seek to make the best of what is available to me and as the majority of worlds computing power currently hosts Windows (through no fault of my own) you will do well to remember also that this is only the OS du jour. 35 years ago my skills were based in SCO System 5 and Xenix. Currently its in Windows & Linux. In 35 years time Windows may not even exist but that is up to you at the end of the day. Technically I am OS independant, you have to pick up what you are given and make the best of it

    I do feel sorry for you because it sounds like you are in a rut where you are and there is nothing more miserable than a geek in a rut. Get out and find a company that will listen to you because I am not. You will feel much happier.

    With regards to the rest of your post, aside from your outfits dodgy vendor appointment, the only other point I would like to correct is the bit about Microsofts monopoly. It doesnt have a monopoly. Currently it just has a lack of real competition in certain key sectors. That statement is neither pro MS or anti Linux. Just honest common sense.

    You're still a knob though.

  86. Mike Bell
    Paris Hilton

    Typical f*cking public-sector!

    "No individual was responsible for the move, the Trust added."

    "A lot of lessons have been learned."

    ... Until next time.

    Paris: because she has more of a clue than this lot.

  87. Anonymous Coward
    Thumb Down

    @AC - "Blame MS, *not* the hospital management"

    "It's microsoft's arrogant "we're going to reboot your computer even when you tell us not to" stance that is the cause of this problem."

    That's either a piss-poor troll or you are seriously out of your depth, sunshine.

  88. Mark Russell

    Who said anything about "safety critical"?

    Maybe we should get the surgeons in to give us IT advice, eh?

    Nice to see so many judgements being made in the absence of any knowledge of the situation. These computers are used to enter theatre data (operation, swabs & instruments used etc) and looking at blood results/XRays for inpatients between cases.

    The lack of them will certainly impair the smooth running of the theatre, but no-one has yet died because the computer in the corner of theatre was running windoze - last time I checked, humans could acquire virii from computers

  89. Duncan Hothersall

    @ Oliver Mayes

    Sounds like you have been fortunate enough never to have been bitten by that unpleasant "feature" of Windows Update that means running an update can sometimes magically change your settings back to the default "reboot whenever you want" ones. And you don't find out until that PC reboots itself at a most unfortunate moment.

    That said, if you have a large network with Group Policy and WSUS you can control this behaviour more, so it really shouldn't have happened in the hospital instance - but for home and small network users, setting your PC to ask before it does everything isn't actually the panacea you might think it is.

  90. Daniel


    What are you doing, that's so productive, while all these Linux types get your blood boiling?

    You seem to have enough hours in your day, to not only post here once, but to repeatedly come back - like a dog to his sick - to see what replies you've had. Truth is, your type always comes acorss like Travis Bickle ranting at himself in the mirror. If you'd only realise that that shadow you were pouring your bile at was actually your own reflection, you might lead a happier and more fulfilled life.

  91. Fragula The Furry


    It is "unacceptable" (if you will pardon the nuManagement speak) that a non-resilient system should be used in operating theatres. Whilst this might be good enough for bleating emails between managers, and the odd bit of ipod loading and "MSN"ing. It has no place in one of the most mission critical places on earth.

    Even if the surgeon was only using it to surf porn, the frustration and annoyance could distract him/her from their work.

    Sack the manager*s* responsible for this.

  92. Anonymous Coward
    Anonymous Coward

    Operating Theatre PC Usage

    Years of working in and managing operating theatres and I have yet to meet a PC application used in theatres that is critical for patient care. They are predominantly for scheduling and, yes, there are some who might deem that an interruption to the work routine and the possible need to log in again and possibly re-enter some data could "jeopardise" patient care but these are the usual shroud wavers you get throughout the NHS.

    Doesn't excuse the switching off of updates and then the failure to manually update the machines by some other manner though....

  93. Duncan Hothersall


    Is UBfusion your first name or your surname?

  94. Dave Gregory
    Thumb Up

    @Mark Russell

    Thank you. I'm glad I'm not the only one who's ever worked in theatre. The comments have been running a little shrill!

  95. The BigYin
    Black Helicopters

    @Sarah Bee

    Does the light moderation in this thread mean we can start discussing what Bubba should do to the IT managers?

  96. Anonymous Coward

    Why would you have a PC in an operating theatre

    My poor aching head cannot deal with this one. Nasty bugs and flesh eating bacteria kill and have life altering effects for people every week after surgary Never mind a borked OS and daft IT policy. what about the keyboard and mouse used to update information after say abdominal surgary. How are "the dirty items of the office"cleaned?

  97. Duncan Hothersall

    @ Mungo

    Do you work for Sheffield Teaching Hospitals Trust? If not (and I am pretty sure the answer is no) then whatever procurement procedures your company uses is neither here nor there.

    Let me come back to the deeply mistaken point you made: "if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one"

    This simply isn't true, and none of your bleating has made it any more true. STHT almost certainly has a policy which says that desktop PCs run Windows, full stop. Most places do, because they are scared of the support costs in having more than one platform. They will therefore only look for desktop applications in the Windows realm. The existence of a perfect, productivity-enhancing, life-enhancing application which does not run on the already chosen OS will be of no consequence.

    You were wrong, I'm afraid, and your self-important wittering does nothing to change this. The reasons for Linux's inability to even be considered in the desktop arena are structural, not qualitative, and Microsoft's monopoly is the key structural barrier.

  98. Sarah Bee (Written by Reg staff)

    Re: @Sarah Bee

    Why don't you try it and see?


  99. Phil the Geek

    Oooh, this is bad tempered, isn't it?

    UBfusion, that really isn't your given name is it? Though I did hear about one poor bastard whose parents named him Astroflash. And Mungo, I hope you are in theatre having your head removed from your own arse when when the theatre computer reboots itself.

    As for all the NHS bashing, last year my girlfriend had some life-threatening health issues and our experience with the NHS has been:

    * NHS medical personnel: excellent, absolutely outstanding

    * Facilities and equipment: far better than you would expect (esp if you believe Daily Mail)

    * Admin: Rubbish - utterly useless, incompetent, lazy and contemptible

    * Overall experience - better than private at Priory Hospital despite the atrocious admin

    PS I'm OS neutral, I dual boot XP and Ubuntu and both have their place and their limitations.

  100. Paul

    "external anti-virus specialists"

    Ahh yes, they installed an old version of norton 03, when that didnt work they saw some convienient pop up offers for system mega virus cleaner pro 2009 and thought, why not?

  101. Anonymous Coward
    Anonymous Coward

    Luther Blissett

    Did amanfromars beget Luther Blissett, or is it a case of software self replicating?

  102. Anonymous Coward
    Anonymous Coward

    The probable picture...

    From having worked in NHS tech, the probable picture is more like:

    A PC reboots in an operating theatre. PCs in operating theatres tend not to have much on there apart from access to the databases of what's next, and what's going on. It's an inconvenience, but not a showstopper. The really imporant stuff is non-windows, and that's the stuff that keeps you alive.

    Now, one of the consultants is likely to have been most peeved by this, and demanded an instant assurance from the trust board that this doesn't happen again. The trust board let IT know that it needs to be fixed NOW. Don't think about it, just stop it happening.

    Trust IT are usually completely overworked (try 5000 users, with one sysadmin, one DBA, one Network Admin and 6 people to fix PCs, all that to support all the external vendor supported systems, plus stuff the local devs do, the security, the patching, the planning, the documentation, the management of systems etc.).

    The likely event is that the decision was made to hold back updates until all the policy could be implemented to split the main load of computers apart from the Theatre ones, and the admin(s), if they had an admin team (some hospitals share people amongst several sites, and rely on vendors for support of all the machines they have; a LOT of NHS vendors keep trying to say "You don't need local admins, buy from us, and we'll look after the application on the machine for you". Without saying they won't keep machines updated or anything else like that, and some trusts, not knowing better, go with it, especially the small hospitals), being told, "Just turn it off until it can be fixed. Directive from the Directorate".

    The reason Windows in in the NHS is because all the developers code for it (the amount of medical software that is Windows/SQL Server/IIS only is the huge majority). Which means it needs to be implemented. And there are also huge Microsoft deals making it cheap to install Windows.

    So, because of budgetary constraints (no NHS hospital has enough funds to run well at the moment; the 'Targets Culture' has meant huge amounts of money having to be spent on ticking the boxes, or being fined by the Government when you don't manage to, Which creates a vicious circle of "Can't afford the resource to meet the arbitrary target set by the Government, so they fine you, taking what little you had away from you, making you miss more targets") , you end up with too few staff to do the real work, but because everything usually keeps pushing out the number, the Directorate consider that all is ok. And if everything just works, they cut back more on IT, making it a prime target for cuts at every stage.

    NHS IT is a bind. You're overworked, understaffed, under resourced at every stage, with a group of competing Medical departments all pushing for arbitrary systems to be installed (sometimes with a day's notice if you're lucky), all wanting things to be done. Yesterday.

    Yeah, this kind of thing is likely to happen in a large amount of the hospitals around. There is an easy solution (and it's not "fire the teams there"). It's called "hire the right size of team to do the job, with extra qualifications and experience to complement the existing skills".

    However, that costs money. And it comes back to the NHS not having any, so requests to expand the team will be met with a resounding "No".

    Oh, and for all the people out there saying NHS should use Linux.. It does. It has a standing deal with Novell, and using several other flavours in various trusts.

    As well as using Solaris, AIX, Netware and a whole host of other operating systems too.

    It's nice to have a big team of people looking after a homogenous network (been there, done that; it's quite comfy)..

    Seriously, spend a bit of time in NHS IT, with a tiny team (if there is a team) supporting several different OSs, databases and applications with little to no time for research, testing or even basic infrastructure maintenance (that costs money for resource that isn't there). Again, been there, done that, and it's NOT very comfy at all.

    The choices for IT are basically: Keep the systems secure and well maintained, but the doctors and medical staff up in arms about the maintenance outages. Or keep the place running and operational, but just barely.

    Oh, and if you choose the secure and maintained, Directorate overrule you because of complaints by Medical that nothing gets done.

  103. Anonymous Coward

    Fickle moderation


    Give the buggers an inch, and they'll take the full John Holmes.

  104. Warhelmet

    Zero Investment in Public Sector IT Support

    For a start off, if the re-booting of a PC in an operating theatre is considered dangerous, arguably, the situation that occurred should be considered a "near miss". Accident reporting process that should exist as part of Health & Policies should kick in which should lead to a investigation and detailed analysis of the problem. What should not occur is a knee-jerk reaction. Switching off updates doesn't deal with the root cause of the problem. Also, switching off updates should go through a change control process and the associated risks should be picked up at this point.

    Management ignorance of IT is not the issue. The issues are about riding roughshod over proper policies and processes - if they exist at all.

    This situation generally occurs because the resource to implement proper processes do not exist. There is tendency to view IT as an obstacle rather than an enabler. "Projects" tend to suck resources away from business-as-usual IT support. Public sector pay can't compete with private sector pay (well - different equation now). Etc, etc...

    Most of youse otha commenters kno nuffink. Youse are just as guilty as those managers who funked up because youse can't see the real problem and look towards a TECHNICAL solution to a problem that you THINK exists. Bah.

  105. Anonymous Coward


    You'd need to take a flamethrower to a cornfield to generate enough popcorn for this spectacle.

    Keep it up, kiddies...

  106. raving angry loony

    Yet again...

    Yet again, a deficiency in Microsoft's products results in a workaround that creates even more problems. It should be possible to set things up so that the operating system cannot reboot without user intervention. By all means install the patches - but wait for confirmation before booting. Not so for Microsoft, who knows better and will happily reboot a system in the middle of a critical task, sometimes even when you tell it not to.

    Fucking idiots.

    For that matter, in a real operating system most patches shouldn't cause a reboot at all.

    As for the other arguments about why corporations choose certain OS, the rule I've developed in my 25 years of working in the field is "if a decision makes no sense, follow the money". Probably someone who made the decision was rewarded, one way or another, for making that particular decision. Either the fact that they drained the accounts of other divisions into their own triggered a bonus (because their division is obviously "making a profit", even if it's at the expense of the rest of the enterprise), or they got a kickback from the vendor, or any number of other scenarios that I've seen played out. The OS selection rarely if ever has anything to do with the technical merit, and everything to do with who is married to whom, or who is shagging whom, or who is an boot licking arse bandit with no more ethics than a hungry weasel.

  107. Fraggle
    Gates Horns

    Re: Patches? We don't need no stinking patches.

    "HOWEVER - Conficker is a tricky beast. If someone logs onto an infected machine with Domain Admin rights then it's pretty much game over, even if you have the patches installed. You cannot rely on patching alone."

    Erm... if that's the case, then in what way has this vuln actually been patched?.....

  108. ThinkingOutLoud
    Paris Hilton

    IT Change Advisory Board?

    All that needs to be said already has.

    One, only one individual on that board will have first put forward that idea and he/she will remain untouched while hiding behind the collective. One day I'll start a campaign to eek out these people!

    Paris because she'd be fun to play with on that boardroom table. (High Tenuous Factor, sorry.)

    PS. in sales negotiations, saying you have to consult the Board or Committee is a popular way to tell a salesperson you COULD make a decision, but you have no intention of being pushed into it.

    PPS. Paris is now wriggling on that highly polished table... Sh*t, she fell off...

  109. Fred

    Why does the NHS pay for insecure OS?

    It just goes to show how corrupt some of the NHS deals are. Some one there made the decision to put windows on those computers, paid for with our taxes!

    Im glad i dont live in that area and need urgent medical help. Of course they claim its under control - P.R. department damage control option #1 is obvious.

    Also if they used an OS other than windows, where the staff didnt know to muck about with it, then the mystery entry point for such problem is removed.

  110. Bob Bramwell

    Windows in operating rooms?!

    The next time I'm under the knife I want to know what's running my life support system. WHY oh WHY do these people insist on using Windows in critical situations like warships and operating rooms? In particular, why are they connected to the internet? This is just asking for trouble.

  111. Anonymous Coward

    @ Duncan Hothersall 14:58

    "Your gratuitous insults make your argument even less convincing, by the way. You silly little twat."

    !!! ..... o_0

  112. Anonymous Coward
    Thumb Down


    "The existence of a perfect, productivity-enhancing, life-enhancing application which does not run on the already chosen OS will be of no consequence."

    Then will you guys stop harping on about Linux/Open Office/Firefox at *every opportunity*, please? That's the bleating, not comments that aren't rabidly pro-Linux. And as for others taking offence at wording, tough - Linux zealots have always been quick to call Windows users 'lusers', 'stupid' and whatever else. And say they deserve to get viruses, etc. Spiteful little gits, all. You're using Linux? Fine. Think that makes you seem more intelligent? OK - kid yourself. Please just sit with the other zealots and leave normal people alone. All the ranting and rite MS jokes are old as hell now. And before someone uses the stunningly original 'MS shill' argument, don't bother. I'm not. People don't need to be paid to disagree with you, no matter how unassailable you think your arguments are.

  113. Anonymous Coward
    Anonymous Coward

    Seems a little fool hardy...

    NHS/Public Sector bods, correct me if I'm wrong, but aren't these IT Change Advisory Boards normally headed up by "senior management", which in the NHS is likeley to be made up of doctors who do not have a fucking clue? Having said that, I know of several private sector organisations that have yet to install service pack 2 on to XP. I honestly cannot think of a business reason why this is the case. Is there anybody out there that can shed light on it?

    To me it just seems wholly irresposible to turn of updating wholesale. I hear the aguments for, but think they are at best misguided. If, over 8000 computers, a patch knackers 100 of them. Thats only 1.25% that are down. If they are all unpached on a LAN then 100% could potentially go down. Neither scenario is particularily acceptable, but surely the first is preferable?

    Mungo. Chill the fuck out mate. Its only an OS. Get a grip. Ignore the trolls. Besides, I'm sure I've read you pointing a gaffawing finger at Mac/Linux. If I'm wrong, sorry, if not, sucks being made to look stoopid doesn't it?

  114. Mungo

    @ Duncan Hothersall

    You are still talking from your arse Duncan.

    These 'most places that have a policy that only Windows is allowed on the desktops' organisations you talk aren't public sector. I'll stand corrected but I havent found one yet with the balls to state that they only allow windows on their production desktops because in terms of public sector procurement you aren't allowing fair competition and I will include STHT in that. Anything over 50K comes under a European Competitive Tender process which is very picky about how you dismiss tenders you dont want.

    These are probably private companies that you talk of and I suspect that your company isn't even one of them cause I'll bet you use a Linux desktop at work just like me. I'll bet your outfit has a smattering of macs also, just like mine and guess what, just like STHT so I doubt that this is the case at all. So where's your Windows-only desktop policy now? Does your outfit have a Windows only desktop policy, Duncan. Of course it doesn't. So shut up you fanny.

    I will concede that there are going to be companies that do have this policy but not yours, not mine and not STHT. The real reason why Linux isnt on that desktop in the theatre in STHT is that it still lacks the application development needed for it to be seen to be competing directly with windows. From an application stakeholders point of view the nice-looking but crap windows app will always beat the crap looking but good linux app.

    As for the monopoly element you speak of, it has no legs. Even if windows disappeared overnight and we were all left with completely blank servers and desktops, do you really think there is enough diversity in linux applications to fill the void left in each market sector? You know there is not. If there were more development for Linux apps it would be considered more seriously as an alternative which brings me back to my point.

    You have illustrated my point perfectly. The amount of effort and lines you have wrtten today would have gone someway towards writing an app for that PC in the theatre at STHT but instead you chose to use it to moan about why Linux isn't where you believe it should be.

    I dont want to fight anymore. You either get it or you dont so I will agree to disagree. No hard feelings Duncan, sorry for any offence etc.

  115. Charles Smith

    Absolute plonkers - fire them!

    "just time and effort by the IT teams"

    So the Spokesperson and the negligent Board would not object to the following costs being collectively deducted from their salaries:

    Manhours x cost of internal IT staff tied up in fixing the problem


    Fees arising from external consultants


    Manhour cost of hospital staff disrupted by the outage.


  116. Anonymous Coward

    Back on track?

    The first post seems to say it all.

    I'd guess that IT directors don't really want to have shift workers update kit when it is in non-operational mode?

    It seems (yet?) another instance of some people operating outwith their level of competence.

  117. Goat Jam


    Why does Winblows need to reboot after almost every single update, no matter how seemingly innocuous it appears to be?

    It's absolutely nuts and a sign of an utterly terrible architecture.

    Windows users, just say no.

  118. Anonymous Coward

    @UBfusion & @mungo

    Hell UBfus, if someone called me a 'useless fucker' things would be looking up ! I'd even have to consider it a mark of respect !

    Keep it running smoothly - noone notices. The moment there's a problem you fucked up and it's your fault.

    My problems are the same as for everyone else working in IT :-

    1) management who do not understand the issues involved, are not really qualified to make technical decisions, but do so anyway - what I suspect has happened in the Sheffield hospital in the article.

    2) wider organisational policy : thou shalt do this, and thou shalt not do that. Immediately if you try to be proactive you run the risk of a disciplinary. This even goes so far as choice of systems/platforms as others have said.

    3) the difficulties of locking down systems, whilst still leaving the same systems in a state where useful work can be done by normal users. Yes this applies to any OS ! No system is totally secure. Not even one that is switched off. I still have a hammer available at all times :-).

    4) the difficulties of maintaining systems, particularly core servers in a 24/7 operation that can rarely be taken offline without causing disruption of some kind. Suddenly it's bye-bye bank holidays, etc.

    5) the technical side is great - continual evolution ensures no stalemate. However you are just an employee number, and a resource. One that rarely gets noticed at that. Hence the BOFH in us all.

    I don't have a tank top, am clean shaven, and can't stand wearing sandals. However, I have worked alongside some of the guys who do attire themselves with these items. Every single one of them was first class, experienced, intelligent and hugely capable. I am fortunate to have worked with them. I have also worked with other good people who do not fit the above clothing description, but again feel fortunate to have done so as they were very capable too. Who cares what people look like/wear if they're good at what they do, and are decent people to boot ?

  119. Anonymous Coward
    Anonymous Coward

    @Mungo, actually no ...

    although I'd agree there is much writing to be done, the same applies to the alleged/anticipated/evaporated applications of NPfIT written for Windows.

    The way Windows was sold to the NHS was far more like Bill sitting on a sofa with Tony, for a rather short time and agreeing to do it. None of the software was written by then, and well, how much of it is written now?

    The NHS has a record of doing things wrong first, then scrapping it and redoing it. The X.400 email system was a case in point. though has been running a parallel service of Exim on a commercial Unix for many years. It is only the rollout and enforcement of Exchange Server as a replacement for whatever the replacement for the Exchange X.400 stuff was that is likely to kill it off.

    My coat? The one with an iPhone in one pocket and a penguin in the other.

  120. Roger Heathcote

    How likely is it...

    ...that they've managed to completely clean their network.

    My experience working for the NHS IT doesn't give me much confidence in their cleanup.

  121. Anonymous Coward

    NHS computers aren't connected to the internet... Directly...

    As someone who used to work for a large IT Contractor to the NHS, I can confirm that NHS Networks are not directly connected to the Internet as assumed here...


    The computers that the IT Firm I worked for were connected to the internet. And they connected to a network, that connected to a network, that connected to the hospital's network... Theoretically all 'firewalled' of course...

    And the IT Contractor I worked for had a internal policy of indefinitely postponing security updates on all OSs because they didn't have the staff to do testing, and most of what we sold as an "IT Solution" was cobbled together and had a tendency to fall over if something changed. Like the cluster of NT boxes at one hospital which were in such a poor state that they were set to automatically reboot every fifteen minutes because otherwise they'd lock up.

    Combined with the unofficial policy that 'permanently fixing a problem would cost us billable support hours we get from a temporary repair', and I can see exactly why things like the above story happen.

  122. Moss Icely Spaceport

    Cadaver volunteers?

    Send 'em all to the mortuary!

    Useless munters!

  123. Tom Cooke

    Windows in operating theatre?

    When I worked in the NHS, the only 'general-purpose' computing equipment (as opposed to monitors etc with embedded chippery) permitted in the operating theatres was special 'hardened and certified' kit (think it was running some kind of Citrix) approved by US and UK medical device agencies, and we were told CATEGORICALLY (I worked in IT) that no way would we ever get any of our standard Windows or *nix kit in there that was deployed elsewhere in the Trust. What donkey changed that policy?

  124. Duncan Hothersall

    @ Mungo

    I realise I'm flogging a dead horse, but the explicit policy of the entire NHS Connecting for Health or whatever that gargantuan, ineffective body is called now, is to limit support for the vast majority of its desktop functionality to Windows-based PCs. You are simply wrong about there being a level playing field in the desktop space - wrong about the NHS, and wrong about the vast majority of corporates.

  125. Alexander

    slap your self very hard

    The Scottish frie brigade was down as of yesterday 1100 pcs and servers on their ass.

    Firewall and closed networks don't count for shit if your staff can plug in those infected USB pen drives ...

    When will companies learn and users are at work your equipments designation is work not as a holiday snap viewersor the latest tune player or funny you tube video.

    Truning this into an Operating system arguement is like chewing house bricks , not very bright and rather unpalateable.

    Dont blame the OS if your companies change control and update policy is non existent.

    This is less of a microsoft problem and more of a WTF is ITIL problem.

  126. Nathan

    Same situation here

    I have problems at LANs, because I have only limited internet access, I'm always behind on windows update. Then it reboots in the middle of my game :'(

  127. Tone

    Group Policy - USB

    You would think that the NHS would have a group policy to disable the USB storage driver.

    @Nathan - is that a joke?

  128. John
    IT Angle

    USB etc.

    All computers could be installed with Windows 95a or b (the version I had) as the USB ports didn't work at all. Even with the USB support pacakge they only worked with limited success. I had to stick 98 on to get 'em working, and there were only 2 to play with, so a hub costing £30 had to be bought for the emerging technology. This had the side effect of slowing the computer down to a crawl. As other posters have said, a group policy would sort this problem out, or (this may have been suggested earlier, but I haven't gone through all the replies) stick a (a hi-tech) sticky label over the USB ports and get the team leaders to check they haven't been used by more savvy admin civvies.

  129. Anonymous Coward
    IT Angle

    If IT weren't so despicable, maybe people would listen to them

    Mat wrote:

    "The following comment seems to show what NHS managers *really* think of IT:

    "The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"."

    Mat, I agree with you, *but* the thing is - if a significant percentage of people in IT weren't woman-hating socially-inept losers (evidence the pejorative word "cunt" in this thread and certain Reg readers' perpetual Paris-bashing elsewhere at this website) who probably can't get laid unless they pay for it, maybe management *would* always take IT more seriously and always listen to their suggestions.

    As it is though, 'normal' people (management, other employees, etc) often view IT as a bunch of cavemen, not deserving of respect. Little wonder IT suggestions often are ignored.

    Needless to say, this doesn't include everyone.

    AC wrote:

    "Heh. Working in the tech industry requires a much thicker skin than that. If you want practice, I can come up with better."

    Like I was saying.

  130. David

    Internet in Operating rooms

    It must be to view that, "How to perform open heart surgery" video on Youtube.

  131. Paulcutts
    IT Angle


    i cant believe they dont use wsus on a wan that big! who is running that network?

This topic is closed for new posts.