London Metropolitan Police's 18,000 Windows XP PCs Is a Disaster Waiting To Happen

According to MSPoweruser, the London Metropolitan Police are still using around 18,000 PCs powered by Windows XP, an operating system Microsoft stopped supporting in 2014. What's more is that the police force is upgrading its PCs from Windows XP to Windows 8.1, instead of Windows 10. Only 8 PCs at the police force are reportedly powered by the "most secure version of Windows right now." From the report: From the looks of things, the London Metropolitan Police will continue to upgrade their systems to Windows 8.1 at the moment. Windows 8.1 is still being supported by Microsoft, although the mainstream support for the OS is set to end on the 9 January 2018. Microsoft will offer extended support for the OS until 2023, which means Windows 8.1 is still a much more secure alternative for the Metropolitan Police than Windows XP. Windows 10 still would have been the best option in terms of security, however. Microsoft is releasing security updates for the OS every month, and the new advanced security features like Windows Defender Advanced Threat Protection makes PCs running Windows a whole lot more secure. The spokesman of the 0Conservative London Assembly said in a statement: "The Met is working towards upgrading its software, but in its current state it's like a fish swimming in a pool of sharks. It is vital the Met is given the resources to step up its upgrade timeline before we see another cyber-attack with nationwide security implications."

Re:I love this crap

[beelsebob]

Private companies upgrade regularly, realizing it improves security/productivity. Government agencies never upgrade, then bitch that their anti-terrorism agencies are using 10 year old HW/SW cuz they can't afford to upgrade.

The problem is that while the government fully recognises that upgrading is worthwhile, convincing tax payers that spending millions on upgrading computers is a valid thing to do is nigh on impossible.

You and I can see that in the long run it'll cost less, but some conservative will always tell you that short term tax cuts are worth more than long term stability.

"most secure version of Windows right now"

[Nexion]

Its called Windows Powered Off Edition. :P

Re: I love this crap

[Kiuas]

Move to Linux. "Unsupportable" software becomes "support it ourselves if need be". You can't do that now, with MS, and you cannot do that in the future, with MS.

I fully agree with this as someone who works for IT side of the public health care sector of Finland. In fact the main project I'm currently in charge of which is an ERP overhaul project for hospital logistics is an Linux based project that saves us quite a lot money on the licensing costs alone. Most of the coding itself is done by a midsize Finnish software company.

However let me illuminate to you the difficulties of doing this at a large scale. A recent list I saw which is not comprehensive probably included 66 active systems currently in use by the hospital district. 6 of those, mine included, are Linux based, the rest are running on Windows. Why is this?

Well, the acquisition process itself is in its current shape such that it pretty much prevents small to midsize companies from bidding on major projects. The largest IT project going on at the moment is the replacement of the patient information system with a newer one that also unifies lab and imaging results systems and others directly to the patient files so that the treatment staff itself can access all relevant imaging lab and other data directly from the patient file itself without having to keep open several different systems at once like they still currently do.

We're a large hospital district, the largest in northern Europe. On a yearly basis we treat over a million people and as the most populated district in Finland we're also in charge of all highly specialized care. So needless to say that updating systems critical for the health and safety of over a million people is not exactly something to be done lightly.

Due to this projects of this size and scope are usually tendered out so that the tendering process itself contains a lot of terms and conditions limiting the size and type of companies that can even participate in the process. First of all they have to be on a stable enough basis monetarily, the financial/risk analysis by itself eliminates most smaller players directly from the game as they're deemed in too high risk of bankruptcy to be reliable.

The second thing that really cuts out the companies like the ones I'm currently working with from participating in these large scale projects past experience. Because the margin for error with acquisitions of this kind is so small, it is required that the companies have experience with providing similar systems using similar tech in the past 5 years to a similarly sized hospital area.

This pretty much narrows the options down a lot. And currently there are no open source players on the market that fill these conditions, as Linux based patient information systems are in their infancy at this point and have not been implemented at this scale yet.

Due to this the project is currently being developed by Epic Systems, an american megacorp. It's intended to enter use in 2019 with a total price tag of 385 million for the system itself, with a yearly price tag of around 40 million afterwards. How reliable these estimates are I cannot say, because outside proving technical support in the integration between logistics and the system itself I'm not involved in the management of the patient information system project itself and thus am going purely based on publicly available information.

The way forward here I think would be to set up a government owned IT company. Torvalds is Finnish after all so Linux is more widely used here than in many places so the expertise is there. The government could then pay for the development of large scale open source systems to be used by our public organizations. That's really the only feasible path to a more widespread adoption of open source systems in the public side, because the megacorporations currently in charge of this sphere - Epic included - are not going to be switching over to Linux and surrender their control of the product.