Ubuntu 'weaponised' to cure NHS of its addiction to Microsoft Windows

How uncomfortable exactly?

"The reference to Windows XP is an uncomfortable reminder that the WannaCry attack that hit the NHS in May"

This would be the WannaCry attack that El Reg has several times noted didn't actually affect XP systems? And that would be the same Windows XP that had already been patched to fix the vulnerability exploited by Petya before the latest outbreak everyone's made a fuss about? As long as you're paying for support and patching in a timely manner, there doesn't appear to be anything particularly uncomfortable about sticking with XP, other than maybe the cost of said support.

Thanks fuck for that.

Cost is important everywhere. And you have to be careful with what your costs are.

From my experience in deploying a number of simple machines, Windows license costs are the least of worry. There's the cost of installing Windows - a PITA when compared to being able o PIXIEboot a new machine and install an image. I can commision a Linux box in the time it takes for Windows to boot the install media.

NHSubunt should just deply a simple GUI desktop, and shove all the logic behind a web browers.

Being a former domain admin at one of the NHS organizations I can tell you this is not going to fly. HSCIC is too small to have big enough influence and local NHS Trusts and hospitals don't realize how important the security is. It is taking them ages to approve something and when they approve it it's already outdated. Not to mention the non-existing budgets on IT training for IT employees.

About cost.....

Quote: "One of the brains behind the project, Rob Dyke...."

*

100 million pounds a year would seem to be a very large upper limit for the break even budget to maintain NHSbuntu. What am I missing?

*

Just as an example, Red Hat has been delivering a high quality distribution (in my own direct experience) since at least 2000. So that would imply that the NHS has spent, say, £1.7 Billion pounds with Microsoft since 2000. £1.7 Billion pounds seems to to be quite a lot of money....perhaps a fraction of that amount would have been useful in developing something like NHSbuntu over the last seventeen years.

*

...and this new initiative is being touted by people described as the "brains" among NHS IT specialists. Where have they been for all of the current century?

"The project organisers aim to educate clinicians and administrators alike about the benefits of open source and to provide doctors with the tools to develop their own apps if they so wish."

Develop their own apps *shudder* then expect IT to support them when it goes wrong.

Bah!

I wish everyone luck with this project, but have to wonder who will be providing the paddles five years after rollout.

As for these "smartcards", they sound like the PINs we had in the late 60s and which I've been urging everyone to have another look at for Lo! these many years. They only work properly if they are part of the security badge of the user and lock up the equipment when the card is not present any more though.

And of course one must make it a dismissing offense to lend out your card.

Makes perfect sense

I've been involved in Windows, storage, etc for many, many years now, but of late have been getting more involved in AWS, Linux and agile workloads. If the NHS can embrace these concepts and move to an open source platform it would be of huge benefit. There are plenty of Linux skills around and there's simply no need to have ancient PC's running Windows XP. Yes some applications will need to be migrated/redeveloped, but gone are the days where an application should be tied to an operating system.

As for proprietary hardware, which there will be loads of in the NHS, suppliers will simply have to decide whether or not they want their contracts renewed. Once the messages gets through that Linux will be the new platform they will all follow suit or be replaced by competitors who will. And where there are no competitors, yes some money will need to be spent.

I'm not underestimating the size of the task here, or trivialising how important application availability is, but this culture of pockets of IT that exist within our public services, not just the NHS, has to change. Nor am I underestimating the costs - it will be damn expensive to make the move - but the long-term benefits will be worth it.

procurement cycles

One of the arguments which can be used on smaller outfits is "With NHSbuntu, you don't _need_ to buy new hardware. Your existing computer is more than powerful enough to do the job"

Source Code Escrow

We've had years of OS lockdown at some organisations because somebody bought software years ago which is essential to the business. We can't upgrade the Windows version because it will break a business critical application. And the software supplier ceased trading eight years ago.

I've worked with a few perceptive IT managers. Prior to year 2000, one of them asked small companies for source code for their products; some handed over tapes and others signed escrow contracts -- source code resided in a safe place, to be accessed and modified if the company went bust. I think we used an escrow agreement once.

In more recent years, I've encouraged managers to pay extra for source code access or escrow. It costs money but you can turn software on and off -- with a bit more money, of course.

I've been in NHS IT for 15 years and as much as I personally like this idea, it simply won't happen.

Too many people, with too many vested interests have their fingers in too many pies. At a local level, finance directors simply won't understand the rationale and cost behind the change, and believe me no amount of talk of long term savings will register with them, they have a tough enough time balancing the books year to year yet alone looking 3, 5, 10 years down the line.

Operations managers will decry the disruption which will, without a shadow of doubt, be massive. Regardless of how well it's planned, this is the NHS, it will go to shit. I guarantee it.

There will be uproar from staff and the ever difficult unions some of whom will feel personally affronted that they no longer have access to MS Office, regardless of the open source versions being just as good.

Then there are the technical issues, there are so many archaic and disparate software systems and databases at so many different hospital trusts and even down to individual sites within single trusts.

It all boils down to one simple thing, money. If this were resourced properly it could work, however it won't be. It'll be thrown together on a shoestring at best.

Criminal waste and corrupt suppliers

Giving Microsoft £100m a year just to license Windows is fucking criminal

Imagine what that could achieve within an Open Source community.

I read the gov report on Open Source. The single biggest obstacle are vendors who don't want to build for *nix and muddy the waters by saying that they have proprietary code which they legal can't run on an Open Source OS. Utter BS and the government is too chickenshit to call them on it.

Five years?

Let us know in five +- years what the status of all of this is.

By then, Microsoft will probably have the operating system in the cloud, and all the data as well. If you want your health records you can call Bletchley Park Redmond and ask them.

Being dependent on a single vendor for the basis of your platform that is holding sensitive information who doesn't want to talk much, looks like a fools errand, and a move to open source looks good.

A recent (two days ago) visit to the doctors office had machines in every room and more at reception desks. I suspect that they were windows boxen, and hope that they were up to date. From the looks of it, they used it as a fancy web browser with (reasonably good) two factor authentication (RFID cards).

Me? Pretty healthy (knock on wood).

Do I understand this right....

...a major government organization dumping Microsoft in favor of Linux ?

What rubbish. XP usage had nothing to do with WannaCry.

"The reference to Windows XP is an uncomfortable reminder that the WannaCry attack that hit the NHS..."

WannaCry crashed on XP but not on 7. What bit the NHS (and Telefonica and others), as proven by the Shodan search engine, was their propensity for either hanging servers directly on the Internet or by intentionally exposing the TCP 139 and TCP 445 file sharing ports directly on the Internet and available to the entire world.

Negligence and incompetence cannot be fixed by changing the desktop operating system.

sounds a bit of a nightmare

full linux clients at scale is difficult. and as prev post said consultant lock in.

*build a smartcard interface for browser (may require plugin)

*move all core applications to web model

*use net booting thick clients with guest login or kiosks but either way running the browser as a local app - load these with ram (like 16gb)

*add second or third monitors so users are 'getting something' and have added productivity

also prob work ok with byod with ur 'smartcard plugin' but firewall these devices off with something like zscaler or similar

accept there will be technical equipment that falls under different scope.... mri machine needs windows or similar. treat these as special cases that require extra attention.

have a nice day

But, really...

Why Ubuntu? Fedora was a better choice with red hat behind, instead canonical has nothing to offer except iot technologies

It's not just cost

You're mad if you willingly give up your confidential information to SatNad the data mining whore.

Your medical records are sacrosanct.