The Coming IT Nightmare of Unpatchable Systems

snydeq (1272828) writes "Insecure by design and trusted by default, embedded systems present security concerns that could prove crippling if not addressed by fabricators, vendors, and customers alike, InfoWorld reports. Routers, smart refrigerators, in-pavement traffic-monitoring systems, or crop-monitoring drones — 'the trend toward systems and devices that, once deployed, stubbornly "keep on ticking" regardless of the wishes of those who deploy them is fast becoming an IT security nightmare made real, affecting everything from mom-and-pop shops to power stations. This unpatchable hell is a problem with many fathers, from recalcitrant vendors to customers wary of — or hostile to — change. But with the number and diversity of connected endpoints expected to skyrocket in the next decade, radical measures are fast becoming necessary to ensure that today's "smart" devices and embedded systems don't haunt us for years down the line.'"

This "nightmare" rigns a bell

[Jailbrekr]

They had the same problem prior to the year 2000, so why wasn't this lesson already learned?

Re:This "nightmare" rigns a bell

[ZouPrime]

The lesson wasn't learned, but the problem was somewhat mitigated. Big software companies adopted regular patch cycles and deployed patch management tools on their customers. It kinda worked because PC are powerful computers well designed to be upgraded and modified.

This is not the case for many embedded systems. They are designed to be installed and then you forget about them. So the "classic" mitigation technique doesn't work. This is a big problem.

Re: This "nightmare" rigns a bell

There are two lessons here: one, if you make something non-upgradeable it may have a bug that requires a fix; two, if you make something upgradeable some nefarious actor could exploit that and install something bad.

Re:This "nightmare" rigns a bell

[NoNonAlphaCharsHere]

Different nightmare. The Y2K embedded system nightmare was systems that wouldn't know what to do when the clock rolled over. By and large, the doomsayers were completely wrong. The current problem is *Internet enabled* embedded systems, easily hackable, out of warranty, out of support, manufacturer TU, owner/deployer isn't even sure how many they have, or where they're located, etc., etc. Picture making a botnet out of all the traffic light controllers, or the elevator controllers, or smart water meters, or internet toasters.

Re:This "nightmare" rigns a bell

[Penguinisto]

They are designed to be installed and then you forget about them. So the "classic" mitigation technique doesn't work. This is a big problem.

Hell, I thought the "classic" mitigation schemata for embedded devices was to not have them networked at all, leaving them to run for years (decades?) on end.
(See also the hordes of NT Telecom PBXes out there which are likely still around, requiring a goofball proprietary connection to a computer running OS/2 (!?) in order to patch it (or more commonly, you did it to add new/licensed features or to fix something gone corrupt).)

Therein lies the whole problem with the paradigm, truth be told - originally, embedded devices didn't communicate with jack shit - you unpacked it, turned it on, maybe configured it, and then you forget that it existed until it broke (at which time the vendor/contractor sent someone out to fix it), or got replaced.

All that said, hell, we already have a testbed for this nightmare - an ocean of smartphones whose carriers and manufacturers ceased to give a crap whether their wares ever got upgraded.

Re:This "nightmare" rigns a bell

[Tom]

This is not the case for many embedded systems. They are designed to be installed and then you forget about them. So the "classic" mitigation technique doesn't work. This is a big problem.

Only because software development sucks and nobody takes the time and effort for not-so-much-fun things like code review.

Re:This "nightmare" rigns a bell

[SuricouRaven]

The doomsayers were right. A great deal of effort went into patching and testing all critical systems before the year ticked over. There was no disaster because systematic action to avert it was taken well in advance.

Re:This "nightmare" rigns a bell

The doomsayers were wrong because we patched our systems.

Re:This "nightmare" rigns a bell

[Archangel+Michael]

Companies aren't "cheapskates", customers are.

Here, I'll prove my point,. You can buy something for $15 today, and have it supported until tomorrow(or whenever) or you can pay $300 for the same exact thing, only support will go for a guaranteed 10 years.

Guess what, the company didn't make the choice, you did. The company is just following the choice you've taken.

The problem is solvable. Like Cellphones, it is cheaper and easier in the long run to simply buy a new one every 2 years than it is to buy one that will last you five. And in two years, sufficient advancement means that your old cell phone won't do all the neat cool things that all the new phones want to do, and you're gonna upgrade it anyway, so buy the cheaper one now, and upgrade in two years.

Re:This "nightmare" rigns a bell

[plover]

So perhaps they should be sold like that: "You can buy our Amazing zPhone 5 for $100, guaranteed to work until 2018, or our Amazing zPhone 5c for $150, guaranteed to work until 2021. We no longer sell the Ordinary zPhone 4, whose guarantee runs out in 2015, and will in fact quit working by 2016."

Right now when someone buys a cell phone, they have it in their brains that they're making an "investment", that the phone will last for the next 20 years, or even forever. They are used to products that wear out due to usage, abuse, accidents, but for some reason they do not ascribe the same attributes of reliability to software, even though they've almost never encountered perfect software in their lives. For the most part, it's ignorable to them, even when it has bugs.

Re:This "nightmare" rigns a bell

[wonkey_monkey]

That was actually January 3982. It was easier just to let it roll over the first time round.

Re:This "nightmare" rigns a bell

[wonkey_monkey]

A deadline has a wonderful way of concentrating the mind. No deadline, less motivation.

Re:This "nightmare" rigns a bell

[mythosaz]

Right now when someone buys a cell phone, they have it in their brains that they're making an "investment", that the phone will last for the next 20 years, or even forever.

They do? Who are these people?

For a sufficiently true portion of "everyone," "everyone" just gets a new phone every two years on contract anyway.

Re:This "nightmare" rigns a bell

[EmperorArthur]

A deadline has a wonderful way of concentrating the mind. No deadline, less motivation.

This is the next big one: https://en.wikipedia.org/wiki/...

Honestly I wonder how many devices it will affect. I know anything which isn't patched and relies on security certificates is hosed, but what about the network printer that nobody cares about and is running completely unsecured?

Re:This "nightmare" rigns a bell

[marka63]

Total BS. Phones should last 20 years. The old land line ones last 20+ years. The only thing in a modern phone that doesn't have a 20+ year life span is the battery and that is not through not trying.

As for the 2 years that is the time to pay off the phone in instalments, not when it is supposed to be unusable any more. Yes, phone companies would like you to get a new phone every 2 years as that locks you into them for 2 more years.

As for fixing bugs in the OS most of the time a bug that exists in one version of the OS exist in all versions of the OS. Once the initial diagnoses is done back porting is usually a relatively low cost apart from the regression testing. That said there does become times where back porting becomes expensive. This is usually when a new feature is in the same area of code where the old bug is.

Now in sane countries there are consumer laws about replacement parts needing to be available from the manufacture for reasonable lengths of time for any product being sold. The length of time differs depending upon the product and the price etc. For cars 10-20 years is not unreasonable. Spares are needed to be available well after the warrantee expires.

OS and application bug fixes are no more than getting a spare parts and should be available for similar lengths of time. The only reason they aren't is that consumer law hasn't caught up yet.

Driverless cars...

[russbutton]

Wait until we have driverless cars on the road. But I'm sure they'll all be bullet-proof secure, don'tcha think?

Re:Nightmare of Slashdot ads sending me to viruses

[david.emery]

Well, that would be less of a problem if you didn't surf SlashDot using your refrigerator or crop-monitoring drone...

The poster is showing his prejudice.

[mmell]

"Insecure by design". Faa.

"Poorly designed", or "incorrectly designed" - perhaps. I'm fairly sure that even the ATM designers who went with an embedded MicroSoft operating system felt that they had mediated security risks adequately to deploy their systems. Incidentally, I had a chance to peek inside a local casino's slot machines - all of them, regardless of external appearance were based on an identical piece of hardware. Watching them boot showed me a MicroSoft OS underlying those slots. Not a problem, as I'm fairly certain that none of the slot machines on the floor have any conceivable way of ever connecting directly to any network except for the dark wire casinos use for exactly this purpose.

My takeaway point is that the summary is (IMHO) slightly biased. The original article appears to be well written. Just to ask - how many embedded systems should be permitted to ever connect to the internet? ATM's, for example, should demonstrably be either confined to a darknet or (as I've seen in some places) required to use dialup access. It's not perfect, but it adds a significant obstacle for crackers to overcome. The casino I mentioned earlier seems to get this point.

I don't mind smart appliances - but again, I don't see why they need internet access. The exceptions to this (smart TV's, for example) should be viewed with suspicion specifically because they are likely to be connected to the internet in some way, but my smart refrigerator probably shouldn't be - and ATM's, slot machines, SCADA systems, etc. almost certainly should never be.

Re:The poster is showing his prejudice.

[plover]

I don't mind smart appliances - but again, I don't see why they need internet access. The exceptions to this (smart TV's, for example) should be viewed with suspicion specifically because they are likely to be connected to the internet in some way, but my smart refrigerator probably shouldn't be - and ATM's, slot machines, SCADA systems, etc. almost certainly should never be.

Just because you haven't encountered a specific example for yourself doesn't mean they don't exist in the real world.

• 
  The TV? Netflix, of course.

• 
  The BluRay player? New keys for new disks, and to unlock "extra special downloadable content" (whatever that may be.)

• 
  The thermostat? You're coming home from summer vacation and want to turn on the A/C a few hours before you arrive.

• 
  The laundry machines? You're upstairs, out of earshot of the dryer, and want to know when the load is done so you can hang up your clothes to prevent wrinkles.

• 
  The smart refrigerator? Maybe you're having a problem, and need the technician to connect to it to remotely diagnose it and give you an estimate without making an expensive house call.

• 
  The freeze alarms? You're out of town during the winter, and want to be alerted if your house temperature drops to the point where it's threatening to freeze your water pipes, so you can call a neighbor for help or a repairman to fix the furnace.

• 
  The door camera, locks, and security alarms? You're still out of town and want to let the repairman in, so you look at the ID he holds up to the camera and remotely unlock the door for him.

• 
  The window shades? They're located high up in the skylights where you installed a motorized system to operate them, so it was a small additional expense to add a remote control. And as today may be very sunny, you want to close them while at work to keep the house cooler.

• 
  The dishwasher? It might need to know the scheduled price of electricity in order to avoid running during peak rates, and save you money.

These are not made up examples - they happen every day. If someone already has the connectivity, and pays for the equipment to have the capabilities, there's no reason they shouldn't also enjoy the convenience.

Note that this is true whether or not you personally think it's a good idea to connect your washing machine to the internet: the reality is Sally Soccermom and Charlie Cuttingedge already have houses full of this tech. You can buy all this stuff at Best Buy and Home Depot and Verizon today.

Of all of these systems, most are designed and built with a remote update mechanism. Some that aren't (door locks, freeze alarms) are generally run through a home automation controller that is itself updatable; so even if you can't remotely patch your freeze alarm, you can at least patch the controller that interfaces with the network. Also of note, most are aware of the typical home firewall configuration, and are designed to "phone home" to check for updates. They generally don't sit on the raw internet and listen for incoming connections, so the attacker generally has to get inside the firewall to abuse them (which is not that big of a problem for many models of firewalls, that's for sure.)

Re:The poster is showing his prejudice.

[AdamHaun]

A lot of those examples are solved problems, and at worst are minor inconveniences. Many IoT proposals can easily be replaced with three existing categories of solution: "other people", "paying attention", and "non-networked computing". To address your specific examples:

Thermostat: Schedule the turn-on in advance. Alternate, come home, move your luggage inside, turn on the AC, and go out to dinner.
Laundry machines: Check a clock every so often.
Broken fridge: Show failure status on an LCD. Or have a USB port that you can plug a laptop or a smart phone into.
Freezing weather: Ask a neighbor or a friend to check on your house once every day or two. You may already be doing this if you have pets.
Door opening: See above re: neighbor or friend, or hide a key somewhere.
Out-of-reach window shades: Close them before you leave for work.
Dishwasher: Assuming that scheduling is really that much of a money-save, start it manually before you go to bed. Or use a time delay. Or load the data into the washer via USB.

The more serious problems are much more rare, and that must be weighed against the constant vulnerability from having internet-connected appliances and the upkeep required to secure them.

Perhaps a better option would be to get away from the idea that networking should imply both internet access and full remote control. Is there any reason an embedded device can't limit communications to its own subnet? Stick an upgradable, patchable PC on the network to act as a master, and have it talk to the outside world. Meanwhile, the appliance should be designed at the hardware level so that remote access only gets you status information and the ability to trigger a few well-defined fail-safe modes. Using a stove as an example, you would be able to tell if the burners are on, or force them off, but you wouldn't be able to turn them on or change the heat setting.

Re:The poster is showing his prejudice.

[radish]

Door opening: See above re: neighbor or friend, or hide a key somewhere.

A truly special reply suggesting mitigating a theoretical, limited, network security vulnerability by quite literally leaving the physical keys to the castle out in public. Please hand in your risk assessment credentials at the door.

Re:The poster is showing his prejudice.

[mythosaz]

Slots? Impossible :)

http://www.wired.com/images_bl...

The "hack" was to get the operator of the video poker machine to enable the "double or nothing" bonus, which had a unique bug.

Most newer video poker and slot machines allow (or can allow) you to play at various coin values. Each credit can be $0.01, $0.05, $0.25, $1, $5, etc.

This particular machine would allow you to wager at $0.01, reach the Double or Nothing screen, use a combination of keys to get to the credit value change screen, and return to the Double or Nothing wager with your bet still pending.

In short, you would put in a $100 bill. You would wager 100 of your 10,000 credits at $0.01/credit ($1) until you won, and when reaching the Double or Nothing screen, you would navigate out to the change credit screen. You'd change your credit value to $5 per credit (dropping you down to ~20 credits in the bank), return to the DoN screen with your bet IN CREDITS, NOT DOLLARS still pending and then you'd stand a chance to win 400 credits (twice your original CREDIT win) on your DoN bet. you could win $400 on $1, on what should have been a simple 2-1 (doubled) 4-1 payout.

The spread likely wasn't $0.01/$5.00, probably was $0.25/$2.00 at the most, but by picking and choosing good payouts to DoN on, they were essentially playing machines with a winning paytable. [Since DoN's didn't pay double or zero, they paid 16x or zero.]

Re:The poster is showing his prejudice.

[plover]

You completely missed the point. Nobody cares if you don't want your stuff connected to the internet, or if you have clumsy workarounds to offer them.

This stuff already exists and it is already connected to the internet. It is an existing problem that will only get worse as more stuff is added.

It doesn't matter if you personally think hooking things to the network isn't safe. They're not products under your control. Samsung and JVC and Sony and LG and Panasonic and Honeywell and everybody and his brother are already making metric butt-tons of money filling homes with this equipment. They're not going to stop making money just because you think it's a bad idea. Many people want them, and you won't persuade them otherwise.

Worse, just because you don't put them in your house doesn't mean they're not your problem: perhaps you cheesed off some gold farmer when you were playing World of Minecraft, and he hires a botnet to DDoS you out of the game. The bot herder fires up his DDoS cannon, which conscripts the help of unsecured thermostats around the world, and they all hammer you until your ISP drops your connection.

You may not be contributing to the problem, but you're not in a position to contribute to the solution, either. All we can do is deal with the fallout.

wait

[Charliemopps]

"Unpatchable" does not mean "Unsecured" in fact, I'd say it adds to security in many senses. A system that can't be patched, can also not be altered to do the attackers bidding. At the very least, any privileges the attacker may have access to can not be elevated to create some even worse situation. Worst case scenario you just disconnect power to the device in question. Submit it for warranty repair. If you're using a closed source software product out of warranty/support it's your own stupid fault.

Re:wait

[plover]

There are plenty of embedded systems that are "unpatchable": those that have their programs burned into ROM instead of Flash or EEPROM. The physical hardware required to modify the ROM chips simply doesn't exist in the equipment the manufacturer shipped; or the chips themselves may not even be modifiable once burned.

However, "unpatchable" does not mean they are "unhackable", as the CPU of a von Neuman architecture chip can still be subverted to execute code dynamically loaded into a RAM buffer (and the code in the ROM can still be used by the attacker using techniques like ROP.) The chances are the manufacturer didn't leave the attacker much extra RAM to play with, but if all he's looking to do is have it execute a DDoS attack (sending ACKs to his victim in a tight loop) it's probably enough to wreak havoc. Or he might be looking for a simple IP proxy just capable enough to forward his network traffic.

Yes, a reboot will refresh the RAM and remove the malware, but that generally won't matter to the attacker. If he hacked it once, he can hack it again; or he might have a thousand more smart toasters in his robot army, all of which are sending the same DDoS attack.

Any vulnerabilities they were shipped with, they still have today; and you simply can't fix them without replacing some hardware.

Re:Nightmare of Slashdot ads sending me to viruses

[NoNonAlphaCharsHere]

You know, I'll bet if you fixed your hosts file...

A systemic problem

[rijrunner]

There are two bleeding edges. One is the leading edge of cutting technology.

There other is the trailing edge where systems age out because they take a lot of effort to update.

One way the trailing edge can not be updated because the overall system is designed to where there are critical parts that can not be monkeyed with in a low risk scenario. (This does happen).

The other option on the trailing edge is where the systems are not worth the effort. Most of the Internet of Everything appliances really have zero income after the first few months and yet are expected to have a longer lifetime than many major IT infrastructure requirements.

Easy.

[roc97007]

Make them patchable over the internet by default.

Oh, wait...

Who cares? It all sucks anyway

[gelfling]

The overall level of system quality is so piss poor anyway what does it matter than your toaster is going to try to kill Sarah Connor? Anyone read the news recently? Car makers recalled about eleventy zillion cars recently and half the problems were on board computer based. Are you going to lose any sleep that your refrigerator will get hacked and join Skynet? Because the real problem is going to be that when your Refrigerator blows an 80 cent part on a 2 dollar circuit board it's going to cost $1100 to 'repair'.

Re:But if it can be hack broken, it can be hack fi

[plover]

Probably not unless the user wants it fixed, and most don't. People have plenty of experiences with patches breaking new things, or taking away old functionality they had come to depend on. When someone tells me "this patch will solve all your problems", they usually aren't advertising the list of new problems they're creating for me. Anyone who plays iPhone app games knows that the patches sometimes come with game-stopping bugs; other patches have been known to suddenly add annoying advertising.

Usually, I'm at a point of equilibrium where I am at least coping with the bugs in the devices surrounding me. If I know that the "mute button" on my GoogleTV box doesn't work unless I press it twice, I simply learn to press it twice; while I know it's a stupid workaround, it's one I can live with. What I might not be able to live with are the bugs that come with the next round of patches.

Now, we make that experience hurdle even harder to scale: as a end user, I think security patches are worse than regular patches. The end user doesn't see a physical benefit from the patches, but knows he might suffer. What does he care if his thermostat or washing machine is sending spam around the world, as long as his house is warm and his clothes are clean? But if he installs the patches, he risks having a cold house or dirty clothes, or even advertisements streaming across his refrigerator's screen. It's just not worth the risk to patch them.

And if you want to see a really risk-averse, don't-patch-me crowd, talk to the SCADA industrial control people. If you suggest you need to update the software running the sewage ejection pump, the city engineer is going to hand you an invoice for $20,000 and say "that covers my cost of testing your patch."

Embedded System Designer's Opinon

[Murdoch5]

Well as an Embedded System Designer I have to speak up here, systems are usually not insecure because of lazy development, systems are insecure because clients, managers and stakeholders don't provide proper funding, deadlines or requirements. The number of times I've had to go to a manager or project manager and ask them to clarify a customers request is almost sad. The amount of times I've had to go to the same group and ask for twice or three times the amount of time to develop a solution is almost sad and the amount of times I've had to ask for much more funding to do a proper job is sad. For some unknown reason embedded designers aren't treated like normal software developers and the truth is we aren't. We don't rely on some insecure patched to hell OS to keep us safe and we don't trust laughable memory managers and kernels to keep us crash free and running smooth. We do the real work in the development world and generally it's the GUI designer who takes the credit.

We generally don't work in the world of garbage collected and managed languages, we don't work in the world where everything is already setup and ready to be called through some piss poor abstracted class implementation of system.IO and we don't get safety nets under us to catch what falls through in some kind of completely illogical and messed up exception error system ( C# ). To say embedded systems are insecure is really another way to say one of several things:

1. You didn't allocate enough time, money or proper requirements.
2. You didn't hire someone who is qualified to the job, such as putting a desktop developer onto an embedded project.
3. You didn't consider security when you dreamed up you're fragmented and broken project idea.

This is of course mitigated by a great developer who will go back to the table of executives and tell them they need what they need and won't start until it's delivered. You can't treat an embedded project like a normal software project, when you do you'll end up with systems that make Microsoft proud ( aka 0 security and patch opportunities to fly to the moon ), you need to treat an embedded project like an embedded project and give the embedded developer what he / she needs. Doing other wise will always end up you shit creek and generally the manager or stakeholder is left with the paddle looking like a fool.

Repetitive (broken) OS abandonment

[fyngyrz]

<RANT>

One thing that's causing problems is the habit of Apple and Microsoft to abandon operating systems for new, often incompatible ones, instead of fixing the bugs in them. OSX 10.6.8 is full of problems; the only way to fix them is to move up to OSX 10.7 or further, which in turn can break a lot of things, because the later release isn't just fixed (if, in fact, it is fixed), it's a different animal altogether. Just one example. OS vendors take the view that you can either move forward with them, or die in a fire. Windows, Ubuntu, XP, etc... same deal.

I'm not saying these old OS's should get new features. But bugs? They should be fixed as long as humanly possible. The product was sold as having feature set X, and working. If it doesn't work as advertised, or is unreliable, it shouldn't be abandoned, it should be fixed. Except in the very rare case where it is not possible (I can't even think of one of those, actually.)

The problem is multifaceted. It isn't just that users are left with a choice of being left behind and becoming steadily more vulnerable to exploits; it is also that as the OS vendors keep jumping away from their buggy versions, the OS landscape, as it were, is left lettered with broken junk, and the new stuff is going to also be broken in new ways (plus, often, the old ways too), because:

None of these OS vendors ever intends to work any product into shape such that it becomes stable, reliable, and actually what it was advertised to be when it was sold. Instead, hey, look over here, New! Shiny!

Then we have application vendors that, for no particular good reason, make their apps not just use, but depend upon new OS features. Generally speaking, you don't have to do that. You can tie a feature to an OS, and there are very good reasons to do so (the feature may not even be possible under a previous one), but then there are things that have no sane reason to be tied to an OS, such as the ability to load a new image format (Apple, I'm thinking of Aperture here.) New interface to load images through? Sure, great idea. Abandoning the old interface? Not generally a sensible thing to do. No doubt there are applications out there that use the old interface, and there will be users with (shock!) new cameras.

I find the entire cycle of abandonment to be reprehensible and ethically bankrupt. I think applications should be maintained until they aren't broken under the OS's they were designed to run under, and OS's should be maintained until they work in every way they were supposed to in the first place, and are kept as secure as possible without actually breaking things. But that's just me.

</RANT>

Re:Repetitive (broken) OS abandonment

[RightwingNutjob]

It's a two cultures problem in IT. The vast majority of Microsoft's, or Apples, or Oracles, or whoever's customers use their OS on laptops, workstations, or servers, where the consequences of bugs are fairly well approximated by "nuisance". The other culture of computer software customers are folks who use computers handle large amounts of money and control moving machinery (power plants, drones, etc), where the consequences of bugs and unintended features start at "oh shit, we've lost millions of dollars" to "oh shit, the crane dropped its load 200ft" up through "oh God, the power plant has exploded!" People in the second camp have a healthy suspicion of getting the latest and greatest upgrade from companies run by and for people in the first camp. And that dichotomy is why most embedded OS's come with source code that you get to debug yourself if it doesn't quite work for your application (VxWorks, QNX, Windows Embedded, RTLinux, etc).

Re:Repetitive (broken) OS abandonment

[scottbomb]

People shouldn't HAVE to pay for bug fixes. I sell you a product for $100 and I promise it does a, b, and c. However, sometimes it does c incorrectly. You'd demand that I fix it, no? But no, I'm a software developer so I just say, "Sorry, I don't have time for that, but here's my new version you can have for (another) $100!" What other industry gets away with this?

Re:Repetitive (broken) OS abandonment

[NickFortune]

People shouldn't HAVE to pay for bug fixes

Well yeah. If I sell you a potato peeler and it doesn't peel potatoes, you shouldn't have to upgrade in order to peel a spud.

The trouble is it's harder to clearly define requirements in the software world. In IT a lot of those bug reports would concern the peeler's inability to cope with Grapefruit. Or with Potato 2.0 the peel of which is made from 4 inch steel for security reasons. Or with a potato three miles in diameter.

You can't reasonably expect a single product to cover all those use cases. I won't deny that some vendors take advantage, but the situation is far from as cut and dried as you suggest.

Security

[fyngyrz]

My thermostat is just a device on my wall which regulates my furnace - it has no business being internet-enabled.

What if that could save you money? (it can.) What if it adds convenience and security? (it can.) What if it informs you about your usage such that you can improve your comfort level? (it can.) What if it gives you remote information, such as "the heater has failed, the pipes will freeze, you need to come deal with this" (it can.) What then? Still no business being Internet enabled?

It's not a failure of needlessly Internetting the device; it's a failure of vision on your part (and perhaps a failure on the manufacturer's part to make a secure device... that can be fixed, and pressure should be applied so the fix happens.) Sure, you can get along with your old thermostat. You could get along with a coal stove instead of a gas or electric range, too. But most of the time, not such a good idea.

Facilities that worry about security start with air-gapping their networks so that one simply cannot get into the system from the outside. There is a very, very good reason to keep things inaccessible. Really, there is...

The problem isn't accessibility. That's just a stopgap, though certainly a highly effective one. The real problem is security. Worthy of raving about, for sure. But with the idea of making it actually secure -- not of dumping capability out the window because of too little effort expended.

No "Unpatchable Systems"

[NotInHere]

We don't have unpatchable systems. What we have are vendors not wanting to maintain support for too long as they want to force people to buying always the newest to generate revenue.
There is this overall trend in IT industry that hardware gets softer and softer. With every generation, more features are implemented in software, and therefore are, in theory, patchable. But the possibilities of the soft hardware don't meet the commercial interest of the companies.

We have multiple benefits when using computer machines for doing human's work. But we also need to realize this doesn't come for free. Either we live with vulnerable systems, or we update them, simple as that. When purchasing new hardware it should always be a question to ask whether the software can be updated, and how the hw will be maintained. Compliances usually have a bad performance in this. Use well known parts, and be as mainstream as possible.

Computers don't have a long history of serving humans yet. I hope these update issues are a problem of the first generations.

Re:Nightmare of Slashdot ads sending me to viruses

[plover]

Don't say that word, lest you summon ... him.

Subscriptions are the fix

[mcrbids]

Microsoft doesn't want to produce a new version of Windows; they want to make money and selling new releases of Windows is how they accomplish this.

I truly do not understand why they are nixing Windows XP. The money making opportunity is tremendous: Take 1/10th of their O/S development team, and have them work on bug fixes for Windows XP. Pay them by charging subscriptions for XP support. It wouldn't have to be much: maybe $10 to $20 per year would be more than enough, and those still hanging on to Windows XP would very likely be completely happy to pay $12.95 per year to to have to mess with their obviously working system.

If you assume that the $25 or so that MS gets for a OS license from vendors covers 3 years, then $12.95 per year is at least 100% to 200% more per year, from customers that don't demand or want new features. It's like shooting fish in a barrel! If it's true that 30% of computers are still running Windows XP, this would easily become one of the most profitable divisions of MS in the near future.

Integrated Appliances Already Hit by This

[Carcass666]

I have an Onkyo amplifier (mid-range) and an LG BlueRay player (low-end). A few months back, the Onkyo no longer could connect to Rhapsody (yah, I know, Rhapsody, but the wife likes it). Onkyo knows about it, and basically says "tough" because it's an old model (~ 4 years). I can use Chromecast, but it's an annoyance, because now I have to have a phone or tablet around to listen to music. The BlueRay player no longer shows images for Netflix in its bundled application. I can use Chromecast, but again, it's annoying. It's apparently in neither company's interest to update the firmware (which is updateable on both devices) to fix these issues, because they believe I will go out and by a more recent device (if I do, obviously it will be from neither of these companies).

The whole concept of integrated A/V appliances continues to underwhelm me. Fortunately, I didn't drop extra coin for a "smart" TV, but it seems that it's how the market is moving.

And languages and libraries too!

[Paul+Fernhout]

Well said! Now if we could only get people also to apply the same ideas to fixing up programming languages and libraries (e..g Swift vs. C/D/Java/JavaScript/Smalltalk/etc.) instead of inventing new ones that just have different gaps and different bugs...