canopic jug writes:
A derivative of Microsoft Windows ransonware, Wannacry, has hit a Boeing production plant in Charleston, South Carolina. An internal memo from Mike VanderWel, chief engineer of Boeing Commercial Airplane production engineering, warned that the company's production systems and airline software were "at risk".
Wannacry was based on Microsoft Windows' CVE 2017-0144 which is used in the EternalBlue exploit kit. EternalBlue was initially utilized in apparent coordination with Microsoft's long delay in patching. Despite massive media spin, Wannacry was found to have hit all recent versions of Microsoft Windows.
The Verge: Boeing production plant hit with WannaCry ransomware attack
The New York Times: Boeing Possibly Hit by ‘WannaCry’ Malware Attack
The Daily Express: Vital Boeing computer network INFECTED with WannaCry VIRUS - is it safe to fly?.
Previously: UK Blames North Korea for WannaCry Attacks, Says NHS Didn't Follow Cybersecurity GuidelinesWannaCry Ransomware Attack Linked to North Korea by Symantec
I will say it again. FOSS does not buy lunches or golf vacations.
I'll say it again, too: Engineers ain't getting those lunches or golf vacations, yet they are the ones responsible for getting actual work done.
If it weren't for their sniveling, shy, autistic nature, maybe they'd learn to say "No" to these know-nothing, extroverted, cocaine-snorting "executives".
What's the maxim again? "Dog food isn't marketed to the dogs, it is marketed to their masters?"
I know all too well how it works. The products used generally go against the wishes of developers, when talking about development products. I'd consider them pretty knowledgeable on the subject, yet here we are. Throw the word "enterprise" in print of it, add a couple of zeros and a support contract and break out the martinis. Not that I'm fucking bitter.
Been there... done that... didn't want the T-shirt... just plain disgusted.
This is how it works...
Engineer shows technical skills of seeing design flaws. If he's ethical, he is apt to be insubordinate if pressured to do it anyway. I mean what engineer in his right mind would design a bridge he knew was likely to fall down, just because someone else was ranking aesthetics above stress analysis?
The manager shows leadership skills of handling insubordinate engineers. An engineer stands up to a manager, he's now on the layoff list. A troublemaker.
Executives show organizational skills of fitting people's roles and corporate goals into an organizational structure.
And, at the very top, are the people who pay each level what they believe each level is worth.
Some really bad decisions get made when the people empowered to spend did not have to earn it themselves, instead chartered with the authority to demand funds from someone else. These people may have no use whatsoever for the good in the first place... the whole affair is nothing more than theater to transfer public wealth into private hands, legally, through tax law and disbursement channels.
>I will say it again. FOSS does not buy lunches or golf vacations.
I don't know about golf vacations, but Red Hat is a multi-billion dollar corporation whose largest customer is the US Government, and whose FOSS products are used extensively in that government.
There is simply no excuse for using Windows for anything requiring security. Alternatives exist, and at least one of those has plenty of money for salespeople, marketing, etc., and even works with the NSA. (I don't think Boeing is too worried about being spied on by the USG, if you're thinking along those lines; they're a major defense contractor.)