There's plenty of blame to go around to be sure, but giving the NSA a pass for developing zero days is batshit insane. These guys are playing god instead of helping make infrastructure more secure overall, and it will not end well, even if they outcompete the Chinese or whatever other bogeyman they cook up to justify their power grab.
Proprietary software makes you rely on a company to fix everything. It's like driving a car without being able to replace a flat tire.
No one expects perfect software; but this clearly happened because Microsoft's software was broken, the NSA found where, and horded and then lost control of that knowledge.
edited: I understand what you mean about people not patching and leaving themselves vulnerable. A lot of pain could have been prevented at that level.
Or just stick to CentOS and with their 11 years support period.
Sorry, open source never equals free software (most of the time). Though what you said may be true for both.
And some day, we will surely know why free software is better than open source. It's only a matter of time. But by the time, it will be late, and out of control.
What we have is a cultural issue, not a legal issue.
Any company that locks themselves into a specific operating system, and then declines investing to upgrade with each new release is entirely at fault. I can imagine the executives at these companies complaining about how their one-time outsourced application made overseas cannot possibly be migrated. Even if built locally, clearly no money was budgeted to maintain the software or infrastructure. These companies get what is coming to them when their only priority is the current quarter's bottom line, with no planning for how the company will manage to keep operations up and running in the next quarter, let alone the years ahead.
You specifically mention lock-in due to "computer controlled hardware". The idea that companies build the core of their business on hardware that can be controlled with Windows XP but not Windows 7 or Windows 10 is laughable. How is that even possible? The backwards compatibility Microsoft provides means it's nearly impossible for any application to become unusable within a decade - or even longer. The application will need to be maintained with minor changes to make use of modified APIs, or to transition from 32 to 64 bit architecture, etc. - but the amount of work needed is nowhere near infeasible. It only becomes difficult if you spend many years ignoring required upgrades, and then try to perform a single massive upgrade covering half a dozen missed release cycles all at once. Even hardware ports going out of fashion (example: serial ports) is not the end of the world. Compatibility between the latest operating system and old port standards will always be possible, as those that need such things make it happen.
No sympathy for any company still running Windows XP. None whatsoever. It sucks when it's government that is affected, whereby taxpayers' dollars take the hit for the fallout. Still not a shocking, unexpected result. In fact, this is precisely the expected result.
At some point companies need to cough up the money and upgrade their technology.
If Windows XP is proven to be untenably insecure, anyone who bought it should receive a refund.
Organisations with high value software that relies on XP still receive ongoing support from Microsoft (such as the US Navy and anyone else who wants to pay big bucks for it). The difference is none of these patches usually make it to the public.
For Microsoft to patch this current issue, there would have already been a pre-existing team working on XP patches, the only difference is this one was released publicly due to it's impact.
http://bgr.com/2015/06/24/windows-xp-support-us-navy-million...
Microsoft wants more money and push newer revisions of the same crap instead of actually improving the existing one.
Until win10 that is, win10 is now the only windows version and offers more spying, a worse UI and UX while also including ads.
I agree with the point on the NSA. there were surgeries cancelled in the UK. This materially impacted the lives of our allies. How is that supposed to work?
Luckily we've got a set of level heads running every branch of government these days...
