Re: You see, this is the kind of stuff that discredits government-led initiatives...
What the story does not bother with, nor did the report bother with is, there are times that one is using highly specialized software, where a software patch breaks the piss out of the entire system.
I'm an IA guy by trade, that is Information Assurance. Much of my work is and has been government related.
I've had systems that drove me over the edge, as they *always* popped on vulnerability scans and I had to explain that fact in my reports.
The NA/SA in me sought more data, to find to my horror, patches frequently broke those specialized systems. Things had to be tuned and some vulnerabilities left alone.
Which lead me to see to it that those systems were placed onto a heavily protected VLAN.
Now, you may still object, the reality of it is, it very well is likely that patching those vulnerabilities would create an inoperable control system.
If it's all the same to you, I'd rather have operators able to control those rather expensive satellites.
One can only hope that their IA guy or girl saw to it that said sensitive and vulnerable systems are protected by isolation from the big, bad network.
Because, for such specialized systems, that isn't really that difficult.