back to article Ubuntu 'weaponised' to cure NHS of its addiction to Microsoft Windows

A quiet revolution has been rumbling in Leeds, in the north of England. It may not seem revolutionary: a gathering of software developers is scarcely going to get people taking to the barricades in these uncertain times, but the results of this particular meetup could shape access to NHS PCs in the coming years. The gathering …

  1. Paul Crawford Silver badge

    Cost is the smaller concern

    “Ultimately, open source allows you to be in control of you own destiny.”

    Is probably the most important aspect. More so with the future of Windows being forced updates and data slurping that we hope is not going to be part of the 'enterprise' version, but we just don't know how that will go.

    1. Mark 110

      Re: Cost is the smaller concern

      I disagree. For the NHS cost is the biggest concern and will become increasingly so.

      The NHS is a great setting for an Linux desktop where 90% of the estate is applied to specific job functions - booking systems, record keeping, etc - just a handful of applications and hopefully a lot of them browser based. Limited set of applications and should be locked down nice and tight.

      1. Doctor Syntax Silver badge

        Re: Cost is the smaller concern

        "For the NHS cost is the biggest concern and will become increasingly so."

        The two are linked. Having overall control prevents lock-in to expensive proprietary solutions.

        1. frank ly Silver badge

          Re: Cost is the smaller concern

          Furthermore, the NHS itself could have its own in-house repository for all the software it needs. This would be copied down, in a controlled manner as appropriate from Debian, Ubuntu etc. That way, if external developers go insane, the NHS could keep going.

          1. macjules Silver badge

            Re: Cost is the smaller concern

            Furthermore, the NHS itself could have its own in-house repository for all the software it needs. This would be copied down, in a controlled manner as appropriate from Debian, Ubuntu etc. That way, if external developers go insane, the NHS could keep going.

            1) That would last just as long as the first time the government-appointed contractor (Capita) got their hands on it. Then the repo would disappear into the bowels of the Reading monolith, never to be seen again.

            2) What about the interaction between life support machinery and desktop computers? Has anyone actually considered that this is perhaps the main reason why the NHS is still on older versions of Windows? Is someone going to make every ECG or Kidney Dialysis machine Windows 10-compliant?

            1. Doctor Syntax Silver badge

              Re: Cost is the smaller concern

              "That would last just as long as the first time the government-appointed contractor (Capita) got their hands on it. Then the repo would disappear into the bowels of the Reading monolith, never to be seen again."

              You seem to lack familiarity with GPL, BSD and other open source licences.

              1. Adrian Midgley 1

                Re: Cost is the smaller concern

                But may be familiar with Capita...

            2. Wayland Bronze badge

              Re: Cost is the smaller concern

              "2) What about the interaction between life support machinery and desktop computers? Has anyone actually considered that this is perhaps the main reason why the NHS is still on older versions of Windows? Is someone going to make every ECG or Kidney Dialysis machine Windows 10-compliant?"

              This is precisely why those interfaces should be documented. In reality they are going to be pretty basic but would require some dedicated tinkering to determine the protocol and write some new drivers. The NHS really has been in the hands of some unscrupulous computer companies.

              In manufacturing all those protocols are well documents with hundreds of companies able to support them. Even 40 year old CNC gear is supported.

          2. Loud Speaker

            Re: Cost is the smaller concern

            if external developers go insane

            if?

            You must have missed systemd - its not a virus - its a psychosis

            1. Alan Brown Silver badge

              Systemd

              There's a lot of hate being tossed at systemd, much of which is not deserved (and a lot which is)

              I recall the change from BSD to SysV startups and the hate which went with that. As with that, it's mostly just "different", but there are some fundamental boneheaded ways of handling things in systemd which need improving.

              The big advantage of systemd is the change from singlethreading all the startups to parallelising things as much as possible - this speeds up desktop boots dramatically (not sure if there's much advantage on a server)

              The single biggest disadvantage is the change from singlethreading all the startups to parallelising things as much as possible - if anything goes wrong it becomes much harder to debug AND the tendency to go into a boot loop instead of just stopping the sequence just makes things that much harder (a truely boneheaded decision if you ask me)

      2. Anonymous Coward
        Anonymous Coward

        Re: Cost is the smaller concern

        "just a handful of applications and hopefully a lot of them browser based"

        And 99% of those will be only work on Internet Explorer....

        1. Doctor Syntax Silver badge

          Re: Cost is the smaller concern

          "And 99% of those will be only work on Internet Explorer...."

          Which is a major risk as long as that situation continues, because of the proportion which will only run on specific versions of IE.

          It's a situation which needs to change and this is the way to change it.

        2. Alan Brown Silver badge

          Re: Cost is the smaller concern

          "And 99% of those will be only work on Internet Explorer...."

          SystmOne and others tried that shit. Many discrimination complaints were filed (and upheld) forcing them to remain standards compliant and browser agnostic.

          The good thing about contracting to a government entity is that they're beholden to cabinet office rules about accessiblity and as they discovered those rules have teeth.

    2. Anonymous Coward
      Anonymous Coward

      Re: Cost is the smaller concern

      If you deploy a modified distro, you will be just in the hands of the "consultants" which all ask you more and more money to maintain it. And after a while, it will become just another lock-in, because it will become difficult to hire a different company to maintain it. Also, good luck in porting all the changes to a newer version, especially when this kind of small companies lack the proper resources (after all, they've been five years in the making!) and there's not a small risk to be stuck in an older, outdated version.

      Open source won't save the world. For many, it's just a different way to make money, trying to deceive you into believing they're some sort of white knight fighting for Good.

      1. Doctor Syntax Silver badge

        Re: Cost is the smaller concern

        "it will become difficult to hire a different company to maintain it."

        Why on earth should that happen? The source is available. The upstream, Debian>Ubuntu is already maintained. If NHSbuntu makes any more widely applicable code contributions - such as smartcard ID - they can also be passed back upstream and integrated with it. So what you'd be looking at would be a collection of userland add-ons which could be maintained separately. You (a) wouldn't need a single company to do that and (b) iit could be competitively tendered. This is a different world to what you're used to in Microsoft.

        1. Anonymous Coward
          Anonymous Coward

          Re: Cost is the smaller concern

          Why on earth should that happen? The source is available.

          Yes, but will you be able to find a company capable of, and willing to, take on someone else's hacked and undocumented spaghetti code? If so, will they charge you less than a commercial supplier would for support?

          1. Dr_Barnowl

            Re: Cost is the smaller concern

            > someone else's hacked and undocumented spaghetti code

            Don't forget that with closed-source software, this is also often exactly what you're getting - only you can't do anything about it, and you might not even be aware of just how hacked and spaghettified it really is.

            > will they charge you less than a commercial supplier would?

            That marvellous thing, the invisible hand of the market, comes into play at this point. A closed-source product creates a monopoly on service for its copyright holder. Open-source software can by maintained by anyone - you are free to select a supplier and discriminate on price, quality, confidence in their ability, etc. Competition can actually apply to this market, where with a closed product your options are limited to a) what the supplier wants to charge b) an expensive change to a competitor's product.

            1. Doctor Syntax Silver badge

              Re: Cost is the smaller concern

              @ Dr_Barnowl

              Careful there, you're getting beyond some people's comprehension - markets, competition. Weird stuff.

          2. oldcoder

            Re: Cost is the smaller concern

            Will you be able to find a company capable of, and willing to, take on someone else's hacked and undocumented spaghetti code? If so, will they charge you less than a commercial supplier would for support?

            YES. Open source code being available that "alternate support" will also be cleaner and cheaper.

            Will you be able to find a company capable of, and willing to take on someone else's hacked and undocumented spaghetti code from a proprietary company?

            NO. The code is not available.

            1. Anonymous Coward
              Anonymous Coward

              Re: Cost is the smaller concern

              Will you be able to find a company capable of, and willing to take on someone else's hacked and undocumented spaghetti code from a proprietary company?

              NO. The code is not available.

              But it should be in escrow. Due diligence should require it.

              Good luck getting that in your licensing agreement, though.

          3. Doctor Syntax Silver badge

            Re: Cost is the smaller concern

            "someone else's hacked and undocumented spaghetti code?"

            Citation needed as to your assumptions.

            However let's look at what might be involved. As research is so difficult I've taken the liberty of cutting and pasting this from their website:

            Our customisations are as follows:

            -NHSbuntu wallpaper!

            -A look and feel similar to a well known desktop…

            - NHSmail2 compatability

            --Email, calendar, address book

            --Messager, with file sharing!

            - N3 VPN compatability

            --RSA token supported

            -Remove games packages (sorry folks, no Minesweaper!)

            -Added Remmina, a Remote Desktop client for VDI (or whatever it’s called these days)

            Yup, maintaining that is going to be far too much of a challenge.

            1. Anonymous Coward
              Anonymous Coward

              Re: Cost is the smaller concern

              Citation needed as to your assumptions.

              Personal expoerience with open- and closed-source code.

              The difference is:

              Open Source - developers look at it and say "fuck me, I'm not touching that crap"

              Closed Source - developer looks at it and says "fuck me, I'm paid to maintain this crap?"

              Have a look at the work being started by https://www.coreinfrastructure.org/, an advocacy group in the Linux Foundation, that is looking for sponsorship from big industry players to pay developers to work on essential FOSS code, because there aren't enough competent volunteers who want to do it.

              1. Doctor Syntax Silver badge

                Re: Cost is the smaller concern

                "Have a look at the work being started by https://www.coreinfrastructure.org/, an advocacy group in the Linux Foundation, that is looking for sponsorship from big industry players to pay developers to work on essential FOSS code, because there aren't enough competent volunteers who want to do it."

                Remember that Linux has from its earliest days attracted contributions from companies who find it to their commercial advantage to do so. From last year's report at: https://www.linux.com/blog/top-10-developers-and-companies-contributing-linux-kernel-2015-2016

                Company Changes Percent of total

                Intel 14,384 12.9%

                Red Hat 8,987 8.0%

                None 8,571 7.7%

                Unknown 7,582 6.8%

                Linaro 4,515 4.0%

                Samsung 4,338 3.9%

                SUSE 3,619 3.2%

                IBM 2,995 2.7%

                Consultants 2,938 2.6%

                Renesas Electronics 2,239 2.0%:

                "None" is the category which covers volunteers. The biggest contributor continues to be Intel. Are you saying their employees aren't competent?

              2. Adrian Midgley 1

                Re: Cost is the smaller concern

                I'm puzzled why you assume that support of closed source code should not be done free by volunteers.

                Or alternatively that you assume that people willing to pay for work on closed source code would not be similarly willing to pay for work on open source code. Hewlett Packard's experience, relayed by their VP for that, was that most FLOSS is written by people who are paid to at least in part write code, and that HP could make a profit out of maintaining/developing FLOSS. Not everywhere, but where they sold that service.

                It is one of those memes that goes around and seems to indicate either thinking failure, or an attempt to mislead.

          4. John Brown (no body) Silver badge

            Re: Cost is the smaller concern

            "Yes, but will you be able to find a company capable of, and willing to, take on someone else's hacked and undocumented spaghetti code?"

            You seem to be under the impression the NHSbuntu is something knocked up over a weekend by a couple of pizza fuelled nerds in their mothers basement.

          5. hplasm Silver badge
            Gimp

            Re: Cost is the smaller concern

            "...someone else's hacked and undocumented spaghetti code"

            It works for the mess that is Windows.

            None more hacked, none more undocumented.

          6. Anonymous Coward
            Anonymous Coward

            Re: Cost is the smaller concern

            That's precisely what happens in almost every outsourcing initiative, do you really think all those in house solutions are any better?

            The main difference is the source is already open, as a result the party taking on the stewardship of the codebase has more of head start in untangling the spaghetti.

          7. Wayland Bronze badge

            Re: Cost is the smaller concern

            "...will they charge you less than a commercial supplier would for support?"

            I would hope that anyone charging money is commercial and not simply feeding a drug habit. I would expect that the NHS are prepared to pay for the work. As for spaghetti why would someone write untidy code if they knew others would look at it?

            It sounds to me as if you think people never get paid for writing open source software.

          8. Anonymous Coward
            Anonymous Coward

            Re: Cost is the smaller concern

            Yes, but will you be able to find a company capable of, and willing to, take on someone else's hacked and undocumented spaghetti code?

            CSC will, they are known - and universally reviled - as "The IT supplier of last resort". Maybe Indian HCL.

            The Law of The Market Says: When blood is in the water, sharks and seagulls will be around in abundance.

          9. Adrian Midgley 1

            Re: Cost is the smaller concern

            Your code may be mangled pasta. Not all is.

            A strength of FLOSS is that the mess inside cannot be hidden.

      2. Joe Montana

        Re: Cost is the smaller concern

        Depends what they modify... Most installs of anything are customised to some degree, and these customisations have to be adapted to future versions.

        If they're making significant changes (e.g. the addition of smartcard support) they could commit these back upstream, so future versions have the support by default.

        Of course for an organisation the size of the NHS, where so many users have very similar needs the cost of customisation could easily be outweighed by the benefits of software more tailored to the needs of the organisation.

        1. Peter2 Silver badge

          Re: Cost is the smaller concern

          "For the NHS cost is the biggest concern and will become increasingly so."

          When working in NHS county level IM&T the biggest concern was avoiding generating "clinical risk" (ie bodies) as a result of IT failures.

          Just saying.

          Seriously, most IT professionals really don't care which OS systems run on as long as the required software runs on that OS. SystmOne & EMIS are web based now anyway so they should be good enough for a wide swathe of healthcare applications.

      3. Spanners Silver badge
        Holmes

        Re: Cost is the smaller concern

        If you deploy a modified distro, you will be just in the hands of the "consultants"

        Only if all "consultants" are in the same cartel. This whole thing is open source and so *you get the source code*. You can take that to someone else. They will probably have a copy already. You can even, perhaps in conjunction with other trusts, set up your own developers.

      4. Lord_Beavis
        Linux

        Re: Cost is the smaller concern

        "Open source won't save the world. For many, it's just a different way to make money, trying to deceive you into believing they're some sort of white knight fighting for Good."

        Open Source may not save the world. Everyone's got to make money. I'm just glad it's not going to be Micro$oft.

        Long gone are the days when you had a dedicated team in house that kept your systems running. Maybe this is the rebirth of that.

      5. bombastic bob Silver badge
        Linux

        Re: Cost is the smaller concern

        "If you deploy a modified distro, you will be just in the hands of the "consultants" which all ask you more and more money to maintain it. "

        FUD.

        Ernie Ball already proved the cost savings by using RH Linux, over a decade ago.

        https://www.cnet.com/news/rockin-on-without-microsoft/

        1. Updraft102 Silver badge

          Re: Cost is the smaller concern

          Aw crap... you beat me to it. I just mentioned that in a reply to the same message...

      6. Dinsdale247

        Re: Cost is the smaller concern

        The local school district recently switch over to an all Linux environment. The results have been a disaster. Week long outages of mail systems. Total lock out of the teachers from being able to use the software on multiple occasions. Rooms full of PCs that nobody can fix.

        Open Source software is not free. It costs time and money and requires REAL skill to work with. I hope someone is recording all the hours spent making things work, because the total is going to be staggering.

        1. Hans 1 Silver badge
          Linux

          Re: Cost is the smaller concern

          The pre-school of my daughter recently had a PC outage, CPU overheated on the library computer, kids could no longer borrow books. I dunno if you know French council policy, but, being ALMOST summer holidays (end of next week), the school was out of luck ... this was two weeks ago ... I had a pi lying around ... bought a 15 euro charger, one of the more reliable ones, came along with those, plugged them in, the library software is web-based, teachers could not believe the little box I was holding was actually a computer ... AND, it was faster than XP with a pentium 4, 1Gb of RAM.

          Everybody happy ... I still have a few pi's, a print server and a media center .... the one I gave them B+, was originally used to play antiquated games, from the days I was much younger ... however, total failure, the kids did not enjoy them as much as I did ... :-(, so a library PC it became.

          When you switch to Linux, it is NOT FREE, NEVER, cheaper than Windows, YES, OF COURSE .... every box you install beats a Windows Server Data Center Edition is EVERY RESPECT. No anti-features (This is not availabl in Home editions, you need Pro/Enterprise for that, or Server, Advanced Server, no, Datacenter edition), features that require additional licenses ... of course, you need to hire some trained staff for the project to work ... more people in the community get jobs ... instead of sponsoring Redmond Cancer ... d'oh!

          1. Anonymous Coward
            Anonymous Coward

            @Hans: Re: Cost is the smaller concern

            I had a pi lying around

            You do realise that you are now that school's unpaid IT administrator, and that everything that goes wrong from now on is your fault? If any harm or problems arise you will be blamed, and you have no insurance? I'm only half joking, there are many more costs involved in "free" systems than are obvious up front.

            1. Alan Brown Silver badge

              Re: @Hans: Cost is the smaller concern

              Last time I put a Linux system in place in a school and made sure that the staff were ok with the way it worked vs the previous software they were using, the next time I heard from them was 5 years later when the hard drive went titsup.

        2. John Brown (no body) Silver badge

          Re: Cost is the smaller concern

          "The local school district recently switch over to an all Linux environment. The results have been a disaster. Week long outages of mail systems. Total lock out of the teachers from being able to use the software on multiple occasions. Rooms full of PCs that nobody can fix."

          So they installed a new system with little to no support or training? Wow. What if they'd been all Apple and had switched to all Windows with the same lack of prep and training? Or vice versa?

          Any place that can have a week long email outage has incompetent admins who are desperately in need of training.

          1. Doctor Syntax Silver badge

            Re: Cost is the smaller concern

            "Any place that can have a week long email outage has incompetent admins who are desperately in need of training."

            Training or replacing?

        3. Uffish

          Re: "the total is going to be staggering"

          @ Dinsdale247

          When it comes to providing a non-working system I assure you that I could do a worse job, even using 100% proprietary software (Windows and Windows based for example). This is because I do not have enough knowledge of what is required to do that particular job correctly nor knowledge of what software can do that particular job correctly.

          I suggest lack of competence is the cause of your school area's problems, not whether the software is open source or not.

        4. Alan Brown Silver badge

          Re: Cost is the smaller concern

          "The results have been a disaster."

          That's an implementation issue, not a Linux one. My pick is that it was pushed through with insufficient budget to do full testing and relied on a too-small changeover team for support.

        5. Anonymous Coward
          Anonymous Coward

          Re: Cost is the smaller concern

          The results have been a disaster. Week long outages of mail systems.

          The truble with empowering Monkeys is that their shit will still get everywhere, but now with The Force of Empowerment behind the throwing.

          The results were probably already an ongoing disaster well *before* the switch over, then I Bet they expect, with the same people, and of course less money, only to discover the hard way that one cannot just pour some special brand of magick IT-sauce over a dysfunctional situation and expect the result to be better (Except, now they get to blame Linux and The New Consultants for decades of carefully groomed organisational incompetence, so, there is That).

        6. Adrian Midgley 1

          Re: Cost is the smaller concern

          Really?

          And where is that?

    3. Anonymous Coward
      Anonymous Coward

      Re: Cost is the smaller concern

      “Ultimately, open source allows you to be in control of you own destiny.”

      Strictly speaking that's also true of closed source, but it just might be more painful to change one's destiny... The important thing is to use open standards for one's application / system development so that one can very easily change one's destiny regardless of the open or closed nature of the underlying OS. Development of a classical Win32 app is locked in to Windows. Use Qt, any decent Web platform, etc. and then you have true freedom. It's interesting that MS now seem to understand this; official blessing for Mono is at least some evidence of that.

      Open source with no support merely makes one solely responsible for one's destiny. Buying support from Ubuntu or RedHat or someone simply puts one back in the same position as when using closed source (reliance on someone else), but with more options.

      Don't get me wrong; MS are steadily making their platform highly unsuitable for many enterprises where privacy is a key requirement, like the NHS. It's a good thing that people are taking a serious look at an alternative. So long as they dump systemd.

      1. Hans 1 Silver badge
        Windows

        Re: Cost is the smaller concern

        “Ultimately, open source allows you to be in control of you own destiny.”

        Strictly speaking that's also true of closed source, but it just might be more painful to change one's destiny.

        Where do you come from ? Closed source, BY DEFINITION, means the software is OUT OF YOUR CONTROL, AGAIN, BY DEFINITION!!!!! I think that was the stupidest sentence I have had the leisure to read on this site AND I have been here many years. Crikey, where do you come from ?

        The important thing is to use open standards for one's application

        Well, that means you avoid MS, entirely, and most other proprietary vendors I have heard of, if not all.

        official blessing for Mono is at least some evidence of that.

        Mono ? Listen, NOBODY USES THAT ON Linux/macOS ... Mono is cursed, despite MS' blessing. No, I grant you, there are a bunch of .Net fans around here who are sick of WIndows 10, they might ;-).

        Open source with no support merely makes one solely responsible for one's destiny.

        Hm, 100m ? how many support staff can you hire for 100m a year ? Nahhh, let's say, 10m, it has to be 90% cheaper .... Again, this is licensing, not IT staff doing maintenance, who call MS, desperately, to get lousy support, and see no patch but a promise that some Tuesday next month, if they are lucky, they might get a fix ... that is, if the MS support guy understands your problem ... Again, with that money, you can hire one or more kernel hackers + a fully staffed support team!

        1. Doctor Syntax Silver badge

          Re: Cost is the smaller concern

          "Crikey, where do you come from ?"

          Don't know what you think, Hans, but I can hazard a guess.

        2. Hans 1 Silver badge
          Windows

          Re: Cost is the smaller concern

          Ok, where I live, the cost of an employee is 2x the net salary of the employee ....this means that with 10m, you can hire ~200 staff, each @25k a year, after taxes! You will need managers, paid more, and a couple of kernel hackers, paid even more, so, lets say you hire 120 ordinary support staff, 6 managers, 4 highly paid kernel hackers and 10 well paid package maintainers ... you can do this easily with 10m, and have some change for bonuses ... multiply by 10 for 100m (status co) and you could easily fund your GNU/Linux distribution, note that in this case, you even get "help for free" (contributers). Worse, you have FULL CONTROL over the software you deploy.

          Sorry, I know this shit!

          For those on Windows, hit the "Windows" key, the one with the four squares, type "c" followed by "a", followed by "l" (lower case L, and you are almost there!!!!!), followed by "c" and divide 10 000 000 by 200.

          How MS get away with this is beyond me ...

          1. Doctor Syntax Silver badge
            Happy

            Re: Cost is the smaller concern

            "You will need managers"

            I was with you until this.

    4. Anonymous Coward
      Anonymous Coward

      Re: Cost is the smaller concern

      " £500 for the machine and £700 for the licence"

      What? PCs already come with a Windows license.

      We already know from the failures and vast migration expenditures at Munich that Linux simply doesn't replace Windows well except for niche uses.

      1. This post has been deleted by its author

      2. Richard Plinston Silver badge

        Re: Cost is the smaller concern

        > What? PCs already come with a Windows license.

        In a retail shop the PCs already have Windows installed and the cost included as part of the price. In enterprises an annual licence fee is paid for every machine regardless of whether they 'already come with a licence'. And then there is Office licences, CLIs and such.

        1. David Bond

          Re: Cost is the smaller concern

          "In enterprises an annual licence fee is paid for every machine regardless of whether they 'already come with a licence'. And then there is Office licences, CLIs and such"

          Only if they have an enterprise agreement and are using software assurance. For windows, office and CALS would not come to 700 per desktop in and enterprise, especially not in the public sector (they get large discounts). The only reason I can think it costs this is because they are paying for Microsoft to support XP still. Making them paying for Software Assurance, if they are paying, stupid as they aren't using it.

      3. Nattrash
        Mushroom

        Re: Cost is the smaller concern

        > We already know from the failures and vast migration expenditures at Munich [...]

        Ahhh, here we go again... The MS FUDding machine at work. remarkable we never see comparisons, only dogmatic "can't be done"s. So, let me ask you: on what do you base this. I realise you're an AC, but could you share your location, so we know you actually have insight into this German project. Oh, and before you even go there: are you referring to the "reports" in the "news" that local politicians couldn't spell the name of their OS correct, or "reported issues opening their mail"? Because if you do, also please share the fact that many of them were complete computer illiterates, who let us know that they had secretaries to do their office work (including opening mail) while they were spotted having lunch with MS representatives. Meanwhile, all the official systems, you know, the ones keeping citizen records, payments, taxes, all that sort of trivial stuff is running fine on Muniches Linux. Oh, and BTW, I can tell you from personal experience that their speeding ticket management/ system, what-you-called-it is also working fine ☹

        Listen, I'm all for makeing the best and most sensible solutions happen. But can we please stop this FUD. FUD was never a good driver, and, mark my words AC, will eventually land you without a job...

        1. Hans 1 Silver badge

          Re: Cost is the smaller concern

          No we do not, YOU cut the FUD.

          Munich has actually saved money, and the longer they use Linux, they will save money ... they have switched mayors, and the new mayor wants an offshore account full of $$ $$$ $$$ so .... there we have it. Simples!

          1. Anonymous Coward
            Anonymous Coward

            Re: Cost is the smaller concern

            >Munich has actually saved money, and the longer they use Linux, they will save money ... they have switched mayors, and the new mayor wants an offshore account full of $$ $$$ $$....

            The IT folk who have now almost certainly now pushed through the migration back to Windows 10 (by 2020) are citing critical issues with SAP/Oracle systems - it's not coming from the new mayor. Issues at the client are more fixable, but nonetheless perennial, Linux stuff - OOXML/PDF display, Munix driver support etc.

            All fixable if Munich take the 'greater good' line, but not cheaper and certainly not easier.

      4. Richard 12 Silver badge

        Re: Cost is the smaller concern

        Wrong way around AC.

        Within most organisations, it's only a very small number of niche users who need Windows.

        The majority of "line of business" applications (email, ERP, CRM, etc) are genuine web apps these days, and work on any HTML5 browser.

        MS Office 365, Google Apps, Libre Office and MS Office are all interchangeable for almost all users.

        So most functions are in fact OS agnostic.

        There will be a few specialists where the software they need is only available on one specific OS - usually Windows or Mac.

        Then there is specialist hardware like MRI scanners etc, which runs whatever it runs (often Windows, Linux, or VXWorks) and the manufacturer is responsible for it.

        And finally, if you are a big enough customer, the specialist software will be ported to the platform you demand. The NHS is definitely big enough...

      5. Updraft102 Silver badge

        Re: Cost is the smaller concern

        "We already know from the failures and vast migration expenditures at Munich that Linux simply doesn't replace Windows well except for niche uses."

        Then again, we know from Ernie Ball that it does.

      6. hplasm Silver badge
        Gimp

        Re: Cost is the smaller concern

        "Munich that Linux simply doesn't replace Windows well except for niche uses."

        You call them niche uses, the world calls them those-who-are-not-narrow-minded fanbois.

      7. Anonymous Coward
        Anonymous Coward

        Re: Cost is the smaller concern

        "We already know from the failures and vast migration expenditures at Munich that Linux simply doesn't replace Windows well except for niche uses."

        Bollocks.

        User training was the problem there. I.e. they didn't do any

        1. Alan Brown Silver badge

          Re: Cost is the smaller concern

          "User training was the problem there. I.e. they didn't do any"

          This is the standard pitfall of migration projects. If bosses are persuaded on the "Free"/cheaper/mo licensing costs part then they're also likely to be so tight they won't authorise the expenditure required for training even if it's cheaper than a years' continuing subscription charges associated with remaining on the status quo.

          Companies/organisations which plan well, make training resources available and migrate smoothly are not newsworthy. Munich is far from the only example, but being first they get all the attention and FUD (whilst others use their mistakes as lessons in what not to do). Pioneers get arrows in their backs, etc.

        2. Nattrash
          IT Angle

          Re: Cost is the smaller concern

          Hmmm... True, maybe...

          However, I think it's closer to the truth to highlight that this perhaps has nothing to do with tech, however tech oriented we all are.

          It's all politics. Like some other commentards here already mentioned, the mayor who championed the development and roll out of LiMux was a Green politician. His policy and commitment was to be vendor lock in independent. As we all know, MS took this policy so serious that our friend, raging bull Steve B flew to Munich to discuss this issue with the mayor specifically. Now, you have to admit, that is at least remarkable, especially if we take MS attitude (problem) in account.

          But as always in politics, nothing is for eternity...

          When the (current) more conservative mayor (CSU for the insiders) campaigned, he already announced the abolishment of LiMux and a return to Windows. This was in his campaign speeches and policy proposals. And from that I think it's safe to conclude this has nothing to do with the tech. Politics? Yes. Campaign support? Yes. MS promise to move their HQ to Munich (which by now is a fact)? Yes. Money? Yes! But tech? No, don't think so.

          And I mean, if your doubting that, the arguments used/ reported in the media should (as an IT person) show you something. I mean, Munich's HR department is quoted multiple times as a trouble spot. They seem to be "special users" with "special applications that only work with Windows". Now, cloud/ browser/ SaaS based seems to be too special for them, but reading about it more, even the "special", or if you will "power user" status becomes doubtful. It turns out that their main argument for the return to Windows is that with LiMux they "can't open/ print PDFs".

          ...

          ...

          I know...

          Politics isn't always pretty...

          Or cheap...

          Or fair...

          But luckily there is one certainty: People can't stop making an arse of themselves.

        3. Adrian Midgley 1

          Re: Cost is the smaller concern

          Really? No training in a local gov seems frightfully unlikely.

      8. Alan Brown Silver badge

        Re: Cost is the smaller concern

        "What? PCs already come with a Windows license."

        Its the other software that MS makes money from. It's long been the case that MS could afford to give Windows away (which is why they tolerated piracy for so long) as long as they could sell copies of MS Office.

        As others have already observed the vast majority of PCs in the NHS are doing basic functions (web browsing and word processing). As such they could be replaced with lightweight clients.

        1. Adrian Midgley 1

          Re: Cost is the smaller concern

          But the built-in/stuck-on licence was not the one in use for the machines in the bit of NHS I used to be involved with.

          Partly because it was Vista for some of the boxes, partly because W7 installs were no use where the org used XP still.

      9. Richard 51

        Re: Cost is the smaller concern

        The key is not the underlying OS of desktops but to make the applications independent of the desktop operating system. With cloud/internet based apps it does not matter which OS the user has.

      10. enormous c word

        Re: Cost is the smaller concern

        Why not Android? I use a KODI box purchased on Amazon for £30 with a standard monitor and USB keyboard/mouse - its totally disposable/replacable, sips power and makes for a great network terminal.

        Most NHS employees will be familiar with Android through their phone / tablets.

    5. Anonymous Coward
      Anonymous Coward

      Re: Cost is the smaller concern

      The Microsoft July 2017 Government price list has an Office 365 E3 subscription at £11.96/month before any NHS discounts. This includes Office 2016 ProPlus, the Office apps for Apple/Android/Windows tablets/phones and Office Online for UNIX browsers. Plus a 1TB ODfB allocation, 50GB mailbox, PowerApps, Flow, Delve, zzzz, zzzzz. Need I go on?

      The issue with the NHS is not the cost of the software/subscriptions, it is the willingness of the 50+ year old ex UNIX admins to understand that this isn't the 1990's UNIX glory days. The world has moved on, so either take early retirement or stop moaning. No one is forcing you to work for the NHS.

  2. Halfmad

    Good luck.

    But for many places 2.5 years isn't long enough to move over even if it was a proven option right now. Existing contracts for many clinical systems are 3 years+ as a minimum and moving off those will have a major cost in terms of finding an alternative system and training etc.

    I'd love to have the flexibility of not being on Windows but no way will anyone be fully off it by 2020 for this, not without a huge chunk of additional funding and staff.

    1. tfewster Silver badge
      Facepalm

      Re: Good luck.

      Did you read the part of the article that said "not for clinical systems"? The attitude* that "We can't do everything, so we won't do anything" infuriates me.

      Re: Training - How much training do you need to use a different browser? Especially given that most people have already chosen to learn a new UI, on their smartphone?

      * I'm not saying YOU are saying that, but it's a short step from your sensible caution to organisational paralysis.

      1. Halfmad

        Re: Good luck.

        Not for clinical systems rules out 95% of computers in most health trusts/boards as clinicians have to have access to clinical systems, not just in wards.

        They can say that but the way these places work means it's not possible WITHOUT including those and preferably as early as possible as frankly many developers dont have a linux client from my experience so far. Sure they can make one, but that costs money and takes time.

        1. Doctor Syntax Silver badge

          Re: Good luck.

          "many developers don't have a Linux client"

          If their sales office received a call from the NHS saying "We're reviewing the market, do you have a Linux client?" that might not be something they'd admit to. It might be followed up by a flurry in development involving Wine so they could put up a plausible demo.

        2. Rob Dyke

          Re: Good luck.

          Our 80/20 operational/clinical split has been validated by many a CIO.

      2. Doctor Syntax Silver badge

        Re: Good luck.

        "Especially given that most people have already chosen to learn a new UI, on their smartphone?"

        To say nothing of learning a new UI for each Windows version.

      3. Rob Dyke

        Re: Good luck.

        Could not have put it better myself.

      4. John Brown (no body) Silver badge

        Re: Good luck.

        "Did you read the part of the article that said "not for clinical systems"? The attitude* that "We can't do everything, so we won't do anything" infuriates me."

        I can't up vote this enough! There are probably huge numbers of PCs in the NHS that could switch to NHSbuntu with almost no pain while leaving the rest on Windows of whatever version they need. A gradual roll-out would start saving money on licensing relatively quickly, money that can be re-invested into updating other systems or re-developing systems to use more open standards leading to further roll-outs into more departments. As has been mentioned already, some of the prime apps are already web based so the OS becomes a lot less important.

        There's definitely plenty of very expensive medical equipment that is controlled by Windows or will only talk to Windows that will be around for years to come but if anyone has the spending power to convince suppliers to build for another OS or make their data and protocols more open, it's the NHS.

      5. Anonymous Coward
        Anonymous Coward

        Re: Good luck.

        tfewster - "The attitude* that "We can't do everything, so we won't do anything" infuriates me."

        Me too. But ... experience in public sector (in transport, not healthcare) suggests two issues might arise.

        Firstly, it'll be a great plan, then internal finance guys will get hold of it - we had a draft contract for new capital assets (anything £1m and up that required either a) full source code, or b) sufficient supplier guarantees to cover costs of replacing system during contract duration. Internal finance guys saw that, and decided it could be scrapped as a saving, without asking why it was there, and before even talking to suppliers (even though they knew one of the three in question had indicated privately they could live with providing source, and one had said "probably but show us the wording").

        Secondly, and I've mentioned this on another story -any change at all to software required union approval, training courses, and if "difficult" or "new skills", possible pay rises.

        To be clear, I have problems with both, I'm not supporting their positions at all, but seen it happen.

        1. Alan Brown Silver badge

          Re: Good luck.

          "Secondly, and I've mentioned this on another story -any change at all to software required union approval, training courses, and if "difficult" or "new skills", possible pay rises."

          The "Thatcher" option on this is to let them have their pay rises, because the increases in efficiency will allow you to make 20% redundant later on (in many cases simply not hiring as people leave has the same effect and has been in use across business for decades)

        2. Alan Brown Silver badge

          Re: Good luck.

          "Internal finance guys saw that, and decided it could be scrapped as a saving, without asking why it was there, and before even talking to suppliers "

          Presumably without consulting you too. This is where management buy-in helps.

          "Put that clause back in or collect your P45"

      6. fajensen Silver badge
        Paris Hilton

        Re: Good luck.

        How much training do you need to use a different browser?

        Lots, and lots, and Lots!

        Most people have no idea how their technology works on any level at all. To cope with ignorance, they have their very own internal models that are of course totally wrong but explains what they experience. We are back to witchcraft (or maybe we never gave up on witchcraft and sorcery).

        My otherwise lovely and intelligent wife, for example, absolutely *cannot* comprehend that the browser is not the computer. The idea that the web browser is a program which is controlled by another persons computer, so when Facebook does not work, doesn't load fast enough, The Borg updates the interface so everything is in the wrong place, it just cannot be comprehended by her. Which is a problem because, If husband cant fix the internet-program, then husband is being lazy!

        The funny side is that she does not distinguish between LibreOffice and MS-Word, she sees them as "the same thing, but the buttons are sometimes in the wrong place" (when she uses the windows or her iPad).

        That's the reality that people changing things will just need to deal with.

    2. Lars Silver badge
      Linux

      Re: Good luck.

      The main thing is start and get on with it, and why not rather pay Brits than Microsoft. Kudos to Ubuntu for getting involved. In the long run they will both win on such a project.

      When I studied Computer Science in England people from vendors and companies came to tell us about their stuff. A guy from NHS came to tell us about their big project to have the whole population on a computer system with all data linked so that eventually the doctors could have a picture from grandfather to grand kids and so forth. All common sense in my opinion. The year was 1968. I almost assume it's not quite there yet and has any country managed it yet,

  3. Anonymous Coward
    Anonymous Coward

    Fantastic

    I'm all for sinking costs now, and reaping the benefits forever. Tax money going to Microsoft is entirely wasted.

  4. jake Silver badge

    Not a *buntu fan, but more power to 'em!

    That said, for the last several decades, every time I've heard the phrase "paperless office" used in earnest, I have bought a couple more shares in Weyerhaeuser, Plum Creek Timber, Boise Cascade, Crown Zellerbach, Georgia-Pacific, Crane&Co., etc. ...

    This practice has served me rather well these last forty years. (This is not investment advice, I am offering a testimonial, consult an expert before investing, etc.)

    1. phuzz Silver badge

      Re: Not a *buntu fan, but more power to 'em!

      Years back, when everyone was wittering on about the paperless office, almost nothing ever seemed to happen. The last 5 years or so though, I've not heard anyone mention it once, but I've noticed office printers being used less and less. Ours probably does less than a page per day for eight of us.

      Partly I think it's a result of older workers who insist on hard copy gradually retiring and being replaced by people who've grown up reading off screens.

      1. Spanners Silver badge
        Facepalm

        Paperless Office?

        I can still remember (a fragment of) my induction lecture.

        "Ladies and gentlemen, by the time you graduate, the paperless office will have become the norm."

        I have but it hasn't. That lecture was in September 1979!

      2. streaky Silver badge

        Re: Not a *buntu fan, but more power to 'em!

        The last 5 years or so though, I've not heard anyone mention it once, but I've noticed office printers being used less and less. Ours probably does less than a page per day for eight of us.

        Yeah because it stopped being a buzzword and started being an actual thing. I don't think the drive towards PO actually advanced it anywhere either, it just naturally found its place.

      3. Anonymous Coward
        Anonymous Coward

        Re: Not a *buntu fan, but more power to 'em!

        I think it's a result of older workers who insist on hard copy gradually retiring and being replaced by people who've grown up reading off screens.

        In my place of work, it rather comes from the older workers growing ever more cynical over the "social compliance" needed to keep the "screen gawkers" and "SO-ME unicorns" from blowing a gasket.

        Why should we pick up the slack and get on the bad side of manglement by performing our work on paper, using our heads even, while everyone else is "forced into" taking their 20, 30, 40% time off "networking", "communicating" ... often while waiting for that 6x10^6 EUR (and counting) god-damn piece of crap 4D integration tool, that a burning bush said we cannot work without, to load the model (45 minutes, if it works) or be nursed into some rickety performance once again by IT support (when it doesn't)..

        Meting the Expected Performance* is plenty good enough these days. Blaming the tool is perfect, because the tool was procured by The Board, therefore we must follow the rule of the tool - or someone will have egg-sies on their face. And that won't do.

        *)

        Modern leadership, same as Outdated Leadership:

        John Maynard Keynes, “A sound banker, alas, is not one who foresees danger and avoids it, but one who, when he is ruined, is ruined in a conventional way along with his fellows, so that no one can really blame him.” Original quotation from “The Consequences to the Banks of the Collapse of Money Values”, 1931.

    2. Rob Dyke

      Re: Not a *buntu fan, but more power to 'em!

      Thanks!

      We thought about using an rpm base, but NHSdora didn't sound as good as NHSbuntu.

      1. Alan Hope

        Re: Not a *buntu fan, but more power to 'em!

        Offends my OCD - ubuntu is a word not an acronym. NHSbuntu would be like NHSindows. Why not "UbuntuNHS"?

        1. Updraft102 Silver badge

          Re: Not a *buntu fan, but more power to 'em!

          It ties in to a long line of *buntus, like Edubuntu, Kubuntu, Xubuntu, Lubuntu...

      2. PVecchi

        Re: Not a *buntu fan, but more power to 'em!

        It could be an idea to look at NHSevuan for those allergic to systemd or NHSMint if they really want a Windows 7 look and feel without the pain ;-)

        1. Anonymous Coward
          Anonymous Coward

          Re: Not a *buntu fan, but more power to 'em!

          NH SMint might run into some trademark issues ...

      3. Doctor Syntax Silver badge

        Re: Not a *buntu fan, but more power to 'em!

        "We thought about using an rpm base, but NHSdora didn't sound as good as NHSbuntu."

        Personally I'd have gone for Debian with an intent to move to Devuan or a BSD and a neutral name. The name ties you to a parent.

        BTW, did you consider a Raspberry Pi edition? Just the thing for thin clients.

    3. Alan Brown Silver badge

      Re: Not a *buntu fan, but more power to 'em!

      "every time I've heard the phrase "paperless office" used in earnest, I have bought a couple more shares in (paper merchants) "

      Up until about 3 years ago I had the same point of view, as our paper consumption kept increasing year upon year.

      In the last few years it's actually declined and it's no coincidence that it goes in step with the ubiquity of personal portable devices. For the first time _ever_ I'm looking at despeccing printer requirements because of decreased levels of usage.

  5. Voland's right hand Silver badge

    It will take 1-2 more WannaCries

    Fantastic news, but IMHO it will take at least 1-2 WannaCries before this happens.

    1. Anonymous Coward
      Anonymous Coward

      Re: It will take 1-2 more WannaCries

      There's no particular reason why Linux is more secure than Windows. Windows gets attacked more. If Linux becomes the dominant OS, that'll get attacked too.

      And just at the moment it seems that Linux security is in a bit like a mess; it doesn't seem to be a major focus of the kernel community...

      1. Naselus

        Re: It will take 1-2 more WannaCries

        "There's no particular reason why Linux is more secure than Windows. "

        Indeed, this appear to be suggesting that the NHS going from Windows (which, if patched, was immune to the 2 big headline attacks of the last 2 months) to go to NHSbuntu (which, via systemd, was not immune to the latest Linux vulnerability, no matter how up to date it was).

        Nothing to see here, just more Penguinista 'this will be the Year of Linux on the Desktop!' nonsense.

      2. Joseph Haig

        Re: It will take 1-2 more WannaCries

        There's no particular reason why Linux is more secure than Windows.

        That is true and anyone who claims to be inherently secure simply because of any particular OS is setting themselves up for a massive pratfall.

        However, any up-to-date version of Linux is massively more secure than Windows XP, which ceased being supported years ago. Of course, a modern version of Windows is also secure but the reason XP is still so widely used is because upgrading on the scale of the NHS is so expensive and such a logistical nightmare. Yes, for the sake of security they should have upgraded to Vista, then 7, then 8 and now 10 but the cost and the breaking changes each time made it impossible.

        In so far as an upgrade is necessary, and the upgrade will be painful in any event, it makes sense to find a solution that is not going to result in the same problem in another 10 years time.

      3. Joe Montana

        Re: It will take 1-2 more WannaCries

        Linux *does* get attacked a lot..

        Linux (especially the kernel) is used on a lot more devices than windows, but the differences are diversity and modularity. There are thousands of different linux distributions (including android and various embedded devices) which are configured to suit the specific needs they are targeting, and this blends into the modularity aspect...

        Windows is pretty monolithic, it comes with support for tons of hardware, html rendering, APIs for gaming, several legacy versions of most APIs intended to support older applications, a bunch of network services like rpc and smb which are difficult to turn of let alone remove. With Linux you can easily turn off what you don't need, resulting in a lighter system with a much smaller attack surface.

        Both linux and windows recently had vulnerabilities in their most common implementations of SMB (which is what wannacry exploits), the difference being that every windows box has SMB not only installed and enabled by default but very difficult to remove (they actually suggest you firewall it rather than turning it off properly), while the vast majority of linux systems do not run smb at all.

        1. HmmmYes Silver badge

          Re: It will take 1-2 more WannaCries

          Windows has large secutiry holes all thru it.

          Avoid.

      4. Steve Graham

        Re: It will take 1-2 more WannaCries

        There's no particular reason why Linux is more secure than Windows.

        No, that's factually incorrect. The architecture of Windows is inherently less secure than that of Unix-like systems, and it has become more unravelled with every new release. Add to that the huge Win API with much poorly-understood but powerful functionality.

      5. oldcoder

        Re: It will take 1-2 more WannaCries

        Linux already does get attacked - daily. Before I retired all the linux systems in the center were attacked. constantly.

        Most of the attacks just didn't work.

        Linux has a much better foundation for security, better partitioning, better design, better implementation.

        Unlike proprietary systems, ALL bugs get action, including the security bugs. Anyone can look and work on the bugs they find.

        Windows... Nope.

      6. Doctor Syntax Silver badge

        Re: It will take 1-2 more WannaCries

        "And just at the moment it seems that Linux security is in a bit like a mess; it doesn't seem to be a major focus of the kernel community."

        While any monoculture isn't a good idea I suspect the comment about the kernel community is a misunderstanding of an attitude that all bugs are bugs so security bugs are no different to any others. But your response to this depends on whether you think some bugs don't need to be fixed.

        1. Updraft102 Silver badge

          Re: It will take 1-2 more WannaCries

          I don't see the problem with security bugs being no different than other bugs either. In any case, you have to triage the bugs and work on the most serious ones first. Security bugs that are likely to be operationalized or that already have been will be assigned high importance, but so will non-security bugs like data-loss bugs. Security bugs are not by any means the only ones that can ruin your day if they manifest themselves on your computer while it's doing something important.

      7. sisk Silver badge

        Re: It will take 1-2 more WannaCries

        There's no particular reason why Linux is more secure than Windows.

        False. The architecture of Linux makes it inherently more secure (note: more secure != perfectly secure) than Windows. Unless Microsoft throws out all existing Windows code and starts from scratch that will never change. You just can't equal the security of Linux with the foundations that Windows is built upon (though, in all fairness, they have gotten closer than I would have believed possible in recent years).

        If Linux becomes the dominant OS, that'll get attacked too.

        Linux IS the dominant OS. It's got an install base three times that of all other OSes combined. Just because it doesn't have much presence in the tiny fraction of the market that is desktop PCs doesn't mean it's got a small attack surface. It also gets attacked all the time, and every time a Linux attack enjoys widespread success it makes headlines. Which, I think, says a lot for how rare such an event is.

        And just at the moment it seems that Linux security is in a bit like a mess

        Um....are we living in the same reality? Because, no, it's not. What is a mess is the security of Linux based IoT devices, but that's the fault of manufacturers who ship the things with absolutely absurd configurations like an unsecured adhoc wifi network with no easy way for the end user to shut it off. Just as you can lock down any OS pretty well these days you can also turn the security of any device into Swiss cheese with bad configuration, and that is exactly what's happening.

      8. Updraft102 Silver badge

        Re: It will take 1-2 more WannaCries

        "There's no particular reason why Linux is more secure than Windows. Windows gets attacked more. If Linux becomes the dominant OS, that'll get attacked too."

        I agree with you, but wouldn't that be a pretty nice problem to have?

        Edit: I mean on the desktop here.

      9. Hans 1 Silver badge
        Windows

        Re: It will take 1-2 more WannaCries

        If Linux becomes the dominant OS, that'll get attacked too.

        Every average punter has more Linux boxen in his home than Windows boxen, stupid!

      10. Anonymous Coward
        Anonymous Coward

        Re: It will take 1-2 more WannaCries

        "If Linux becomes the dominant OS..."

        That happened a long time ago - Linux is by far the most prolific OS out there in the world today - embedded, mobile, servers, cloud, HPC, etc.

  6. Prst. V.Jeltz Silver badge

    " WannaCry attack that hit the NHS in May stripped bare a system that relied heavily on unpatched Windows software, leaving to many health insiders questioning if there could be a better way to run software projects."

    How about just appying security critical patches in a timely manner? or am i missing something?

    " “One of the key drivers was the immense amount we spend on desktop licensing – it’s at least £100m every year, according to figures from Digital Health Intelligence. That’s being spent on Windows XP - although that’s as widely used as you’d expect – and Windows 7. "

    I guess most of that is the winXP extended support? my plan would be stop paying , mak sure the machines arnt externally facing , and replace asap.

    Those machines running xp , are probably doing so because they have cheap software on that the developer didnt feel the need to upgrade to W7 , and is possibly still collecting licence fees. Changing to Ubuntu wont remedy that.

    In fact there are very few of the computers in an NHS trust that dont use software unavailable on linux , if you can unpack that string of negatives.

    1. Doctor Syntax Silver badge

      "In fact there are very few of the computers in an NHS trust that dont use software unavailable on linux , if you can unpack that string of negatives."

      I think I've unpacked it correctly.

      But let's make a slight change:

      there are very few of the computers in an NHS trust that don't use functionality unavailable on Linux

      As an example, if we discount Wine IE isn't available under Linux but other browsers are. It may well be that there are web-based applications that are tied to ancient versions of IE. That's something that has to be faced anyway, otherwise the NHS would be stuck on XP forever. When these are replaced there should be an insistence on cross-platform support so any browser can be used. The same insistence could be applied to any new web-based applications: if they're not sufficiently generic to run across multiple browsers the bid goes in the bin.

      1. Anonymous Coward
        Anonymous Coward

        Thats true doctor , but asking for cross platform compatibility is a trick the NHS have not yet mastered. We have many browser based systems, but they barely run on Internet Explorer and often refuse to entertain chrome or firefox , let alone a Linux browser.

        In fact we are only just now managed to move off IE8 , after dragging some of the web apps , kicking and screaming up to IE11 . Other browsers still not supported.

        I'm looking at you Cyberlab.

        (think ill click that anon button now)

        1. sisk Silver badge
          Headmaster

          often refuse to entertain chrome or firefox , let alone a Linux browser.

          Most systems don't know the difference between Chrome or Firefox on Windows and Chrome or Firefox on Linux. This is doubly true since DRM has been implemented in the browsers themselves (hence why we now have Netflix on Linux). It's incredibly difficult for me to imagine what, in this day and age, you could do to a web based app that would make it run in Chrome or Firefox on Windows but not in Chrome or Firefox on Linux. And if your web based app only supports any one browser then, in my not-so-humble professional opinion, you've done it very wrong.

      2. Hans 1 Silver badge

        IE is the most dangerous piece of vulnerable crap there is, up there with flash ... almost EVERY bloody month for the past 20 YEARS have they been fixing remote execution vulnerabilities in various IE versions, ALMOST EVERY MONTH for 20 YEARS ... considering that some months they fixed several, I think we can agree, that shite should not be on production systems ... sadly, there is no way to remove Mshtml.dll, as it is used by Windows Explorer and a whole bunch of other software.

    2. John 110

      "Those machines running xp , are probably doing so because they have cheap software on that the developer didnt feel the need to upgrade to W7 "

      Those machines running xp , are probably doing so because they have eyewateringly expensive software on that the developer didnt feel the need to upgrade to W7

      There FTFY

      1. Anonymous Coward
        Anonymous Coward

        True , depending how easily your eyes water. Here's a real life example for you. When you go to the GP and sit in the waiting room, there may well be a TV with handy info for staying alive on it , that also calls patients when its their turn. THAT is run on XP . Why you ask? for such an incredibly simple job that could be coded in half a day on W7 / w10 ?

        Beats me. Its basicly running a program that talks to the bigger patient system ( called EMIS) and then yells out in the waiting room . So its a 3rd party add on for emis i guess. Anyway the people who made it wont make it work on W7 , but they will sell you their new thing that does exactly the same ,but on win 7. For £2000.

        That's not a lot for the NHS , but its the GPs who are paying per waiting room.

        If I was in charge id get emis to add that functionality in , given that were paying them billions per year

        1. sebbb

          damn java devs...

          Have you ever tried SystmOne? It is used in community outpatients clinics.

          A Java software which runs on Windows only, not being updated since ages, to print a stupid patient letter you MUST have MS Word on it (it calls directly the .exe with some parameters), it is a hassle to troubleshoot when has problems connecting to the Spine, it uses its own JRE hidden in some folder inside the installation (1.6.0) regardless of what you install on the machine... It's simply a nightmare to support.

          Not to mention 99% of browser applications use still Java applets for smartcard integration.

      2. Alistair Silver badge
        Windows

        "Those machines running xp , are probably doing so because they have cheap software on that the developer didnt feel the need to upgrade to W7 "

        "Those machines running xp, are probably doing so because they are running the software that controls medical hardware for which either the original vendor no longer exists, or for which the vendor has not seen fit to re-write their code for newer versions of windows"

        FTFY

    3. oldcoder

      "How about just appying security critical patches in a timely manner? or am i missing something?"

      Part of the problem is that the patches tend to break other things... and make the system unusable.

      So, do you want a useless MRI machine with a patched controller...

      OR

      A usable MRI machine with an unpatched controller?

      1. Anonymous Coward
        Anonymous Coward

        I understand you dont just throw out every patch untested.

        You have groups right ? test groups?

        A small proportion of the PCs in each site / department whatever - a nice cross section.

        maybe ONE of your x amount of MRI machines.

        Also you have a rollback plan

        I imagine that's how it works anyway. Nobody ever asks me to devise a strategy.

        God knows what plan the overpaid monkeys in our server room are going by. if any.

    4. Alan Brown Silver badge

      " my plan would be stop paying , mak sure the machines arnt externally facing "

      In other words, leave your machines vulnerable to attacks from compromised systems inside your firewalls.

      This is one of the primary attack vectors exploited by Wannacry and a number of other worms. It's that level of complacency which _allowed_ it to become so successful.

      One of the maxims of retail is that your largest stock theft threat comes from staff("shrinkage"), not shoplifters, with spoilage coming a close second (also mostly caused by staff) and it's something that people seem to forget in their focus on external threats. Those threats still apply in non-retail business, just in slightly different forms.

  7. Rupert Fiennes Bronze badge

    Well, might be better than windows. But not much cheaper

    Lets face it, licensing just isn't that big a cost overall. As a previous commenter says, the real plus point is control: you can get support from more than one source, and if necessary strip down the builds to the bare minimum. The real problem with NHS IT is that it's a govt organisation, and inertia rules. Not much point pulling Windows out and replacing open SMB shares with open NFS shares, is there?

    BTW, regarding Moorfields: I was at their A&E last Wednesday and there was sod all sign of electronic records. All notes written down. Clearly it's having minimal impact on workflow :-(

    1. AMBxx Silver badge

      Re: Well, might be better than windows. But not much cheaper

      A good paper system is better than a bad electronic system and we've had much more practice with paper! Would just be nice to have more good electronic systems!

      I've recently used a mixture if NHS and Private medicine. Big distinction was the lack of any apparent electronic records in the Private hospitals.

      1. Anonymous Coward
        Anonymous Coward

        Re: Well, might be better than windows. But not much cheaper

        Depends how you look at it. Auditing a bad electronic system is still possible, even the best paper systems have dreadful audits and are far more likely to suffer from being lost, misfiling or being in the wrong place at the wrong time.

        Health record departments are huge, typically one of the largest in each trust/board and moving that paper costs a hell of a lot more than people realise. My own health records department has 250 full time staff out for a trust of 6000 total.

        All those staff do is organise, move paper record and deal with requests for record from the public/police. Whilst we're becoming far more electronic over time we'll still have hundreds of KM of shelving to look after for years.

        1. Alistair Silver badge
          Windows

          Re: Well, might be better than windows. But not much cheaper

          @AC "Depends how you look at it. Auditing a bad "....

          You missed the biggest component of your health records department. MDTs. Since I'm related to one (even if leftpond side) I can tell you there isn't an MDT who doesn't do electronic. And the agency my mother works for is now 80% linux. I just have to get their IT lads and lasses something a bit more informative and VMware will be evicted .... (they haven't *printed* something unless a specific request was filed in almost 11 years)

      2. Doctor Syntax Silver badge

        Re: Well, might be better than windows. But not much cheaper

        "A good paper system"

        Ahem...https://www.theregister.co.uk/2017/06/27/watchdog_slaps_nhs_for_failure_to_tackle_correspondence_backlog/

    2. Doctor Syntax Silver badge

      Re: Well, might be better than windows. But not much cheaper

      "Not much point pulling Windows out and replacing open SMB shares with open NFS shares, is there?"

      No, but then a migration is a good time to change to a better approach.

  8. I_am_Chris

    Support

    The key aspect many OSS project fall down on is training and support. In order to gain traction the project must get support front and centre. No large organisation is going to deploy core software without a long term plan for managing updates and upgrades.

    This is where the brand factor wins big. You aren't going to bet against Microsoft as you know they have been around for decades.

    I have huge respect for NHSbuntu: it is the right way to do this. It is what the NHSIT debacle of 5-10 years ago should have been. Can you imagine what an OSS project with £10bn could have achieved?

    1. John Smith 19 Gold badge
      Unhappy

      "No large organisation..deploy core software without a..plan for managing updates and upgrades."

      And yet the NHS seems to have done exactly that.

  9. Korev Silver badge

    Terminal servers?

    Hopefully most of their applications are provided using terminal servers etc. so the data is in a physically-secure place (no laptops to be pinched or left in taxis). There is no reason why NHSbuntu couldn't be used as a thin client in this case regardless of which OS is used in the backend.

    1. Halfmad

      Re: Terminal servers?

      We use to do this, problem is reliance on boardband connections, even with failover circuits when it happens you can have many hours or even days of outages.

      That's frankly unacceptable but no amount of stamping of feet and pointing at an SLA helps in that situation.

    2. TheVogon Silver badge

      Re: Terminal servers?

      "There is no reason why NHSbuntu couldn't be used as a thin client in this case regardless of which OS is used in the backend."

      Other than that many such devices already exist running both Linux / Windows CE - and would be far better tested, established and supported...

  10. wolfetone Silver badge

    Pipe Dream

    But it's a pipe dream that I hope happens.

    The Government - and I won't name names, but both the Conservatives and Labour are infested with these parasites - don't want there to be an NHS in the way that it's free for the people of the UK to use. They want an NHS in name only, but with it's services divisioned up and provided for by private health companies. Virgin Health is already one provider, and they're also suing the NHS at the moment after losing a contract bid which the NHS tendered out and the NHS won.

    The Government are doing their best to bring this change around quickly. We've seen this week, after a month of praise for our emergency services for all their hard work, won't have their 1% pay cap removed. But there are 10 DUP MP's who do absolutely nothing other than say "Aye" (which is a change from them saying "Never") who have collectively gained £150 million each.

    We have also seen over the last 7 years funding be cut. Services outsourced to private companies. Hospitals built in such a way where by the NHS Trust that "owns" the building end up paying rent to the builders for 100+ years. I don't recall the correct term for that, but that was started by Labour and continued by The Nasty Party.

    The last thing this Government want to do is do the logical thing and replace an ageing abandoned operating system with something that will work and gives the organisation more control over it's security. It'll be for the private companies who (if unchecked and allowed to prosper under this government) to provide their own computer systems, allowing the NHS to cut back to become a silo for patient records instead. Not to mention what would happen when Microsoft start lobbying the Government to be allowed to either upgrade or remedy the Windows XP situation. They have previous with this when the Government mandated that all documents created should be available in the Open Document Format, not the Microsoft Office Document one.

    1. Anonymous Coward
      Anonymous Coward

      Re: Pipe Dream

      Clinical systems developers will simply charge more for developing systems on linux, since all they typically develop for just now is browser or Windows.

      This won't be a straight off saving and no not all clinical systems can be ported to browser only.

      1. Doctor Syntax Silver badge

        Re: Pipe Dream

        "Clinical systems developers will simply charge more for developing systems on linux, since all they typically develop for just now is browser or Windows."

        For a start those who develop for either are going to have to move on from XP only. That's unsustainable and they shouldn't have been allowed to get away with it.

        Secondly, the NHS is a big customer. For many their only customer. Giving the customer a reason to review the market is a really, really bad sales strategy.

        1. graeme leggett

          Re: Pipe Dream

          "Secondly, the NHS is a big customer"

          The (English) NHS is a lot of large customers (hospital trusts), and a really big number of medium size customers (GPs etc).

          And then there's Scottish and Welsh NHSs which are two more sets of customers, and the NI Health and Social Care which is yet another set of customers.

          1. MisterHappy

            Re: Pipe Dream

            Have an upvote, I try and get this across every time 'The NHS should buy....' comes up.

          2. Doctor Syntax Silver badge

            Re: Pipe Dream

            "The (English) NHS is a lot of large customers (hospital trusts), and a really big number of medium size customers (GPs etc)."

            Fair comment. But some things do get decided centrally. I had one job which covered all England and Wales (integrating the two was a pain) and, separately, Scotland. We only missed out on NI. Trusts, GPs & all ordered separately but there was central control.

            Thinking back to my comment about not giving the customer reason to review the market, I wonder if some suppliers who have been coasting on the back of supplying a very few products into the NHS might not have sales staff sufficiently on the ball to realise that.

            OTOH I'm sure some of us who've worked with more, shall we say aggressive, salesmen will have had the experience of making good on assurances that, yes, we have such a product.

            1. Alan Brown Silver badge

              Re: Pipe Dream

              "OTOH I'm sure some of us who've worked with more, shall we say aggressive, salesmen will have had the experience of making good on assurances that, yes, we have such a product."

              I'm sure you have, especially when faced with customers having experience with such people in the past and having recorded the meetings.

              On the other hand, we could all come to an agreement that the salesman was lying and arrange for him to carry the liabilities for making false representations. (the ones who do this repeatedly get away with it leaving companies and customers both out of pocket. The only way to stop them is to ensure that they get personally and publically slapped with the costs)

    2. John 110

      Re: Pipe Dream

      I'm not sure why somebody downvoted you for this comment. I don't always see eye to eye with you on other things, but this time you're spot on.

      Have an upvote.

    3. Blitheringeejit
      Holmes

      Re: Pipe Dream

      "The Government - and I won't name names, but both the Conservatives and Labour are infested with these parasites - don't want there to be an NHS in the way that it's free for the people of the UK to use."

      You're right to castigate Labour for their role in this during the Blair/Brown/Mandleson years - they drank the free-market kool-aid, and became indistinguishable from the Tories. And many of those people are still powerful in the Parliamentary party.

      But I sense that Corbyn's Labour party is a different animal, with a genuine commitment to social welfare and the NHS.

      Though of course commitment in itself isn't enough - they have to take the huge step of finally breaking to the voters the bad news that Blair always concealed: that we can only have better public services and safer housing if we actually pay more tax. Not just have Them pay more tax, but We pay more too. And they have to get Us to vote for it - a tall order.

      But then again, an increase in the Labour vote under Corbyn's leadership was a tall order, until a couple of weeks ago...

      1. wolfetone Silver badge

        Re: Pipe Dream

        "But I sense that Corbyn's Labour party is a different animal, with a genuine commitment to social welfare and the NHS."

        I would like to think so, but after Chuka Umunna's stunt yesterday I have the feeling that a lot of them are wearing masks which will slip the moment they get in to power. Corbyn, I feel, is on the button with it and genuine, along with other MP's. But MP's like Mr.Umunna that spent the majority of Corbyn's time in leadership trying to oust him are keeping their heads for the time being.

        But they'll be back unless they're rooted out. And until that happens, I don't think the NHS is all that safe from those Labour MP's either.

        1. Spanners Silver badge
          Flame

          Re: Pipe Dream

          but after Chuka Umunna's stunt yesterday

          Would that be where Corbyn won an approving tweet from Farage for firing front benchers who voted against the Conservatives?

          Labour was the recipient of a large quantity of tactical votes. They were not given for any other reason than people want the conservatives opposed. If Labour stays like Blairs neo-Tories, they will not get those votes next election and more of their supporters will desert them again.

          1. wolfetone Silver badge

            Re: Pipe Dream

            "Would that be where Corbyn won an approving tweet from Farage for firing front benchers who voted against the Conservatives?

            Labour was the recipient of a large quantity of tactical votes. They were not given for any other reason than people want the conservatives opposed. If Labour stays like Blairs neo-Tories, they will not get those votes next election and more of their supporters will desert them again."

            That would be where Umunna decided to be a little prick about things and cause a rebellion on wanting an ammendment that could never happen. Not only did it go against the Labour manifesto that he supported but it also goes against what the country - rightfully or wrongly - voted for.

            For the record, I voted to stay in the EU. But I'm not a wanker about it and I accept that it's happened. If the tables were turned, those who voted to stay (who are crying now) would tell those who voted to leave to shut up and accept it.

            99% of those who voted know now it's a stupid thing and given the opportunity to vote in a second referendum the result would be completely different by a much bigger majority. That's not going to happen though unfortunately, although it's hard to know what to think when it's getting more obvious by the day that May won't be PM by the time the negotiations are finished, whenever they do finish - as there is scope in the legislation to extend negotiations if it's supported by all involved.

            1. Alan Brown Silver badge

              Re: Pipe Dream

              > there is scope in the legislation to extend negotiations

              Yes there is.

              > if it's supported by all involved.

              Which it never will be.

              The one thing you can count on is that the clock is ticking and will end in 2 years time with the UK out of the EU with or without a "deal" in place, unless it blinks and says "sorry, we didn't mean it, we want to stay"

              Either way, all the concessions and allowances the rest of the EU has made to Europe's petulant brat are gone. The Cold War is long over and the UK hasn't been America's beachhead for a very long time.

      2. John Sanders
        Facepalm

        Re: Pipe Dream

        >> But I sense that Corbyn's Labour party is a different animal, with a genuine commitment to social welfare and the NHS.

        Corbyn is a Trotskyist, he essentially believes on a version of Marxism which believes in "permanent revolution", this is seizing power by force.

        For people too lazy to fcuk read and do some research, he is totally nuts and his ideal version of society is communist Cuba/Venezuela.

      3. Anonymous Coward
        Anonymous Coward

        Re: Pipe Dream

        I agree with almost all of what you said except about us needing to pay more taxes too. I think the most relevant thing to do about taxation is to move back to taxation closer to what it was in the early 1970s. Here in Canada, at least, that would mean lower personal taxation rate for most of the population and higher taxation rate for the wealthy and Corporations. It is very important that corporations are taxed on the tax rate of where that corporation earned its money not where its headquartered. Taxing corps. on where one is headquartered makes no sense and can only be explained as politicians having been bought and paid for to pass such foolishness. Just like the outsourcing of jobs such as call centers and administration of businesses that earn all income in a particular Country, Province, or State or importing workers to do particular jobs because there are skills shortages. I call BS. Most jobs aren't filled because the employer won't pay enough or are easily able to import much cheaper foreign labour. We see this in the Canadian Tarsands or did until the price of oil drop so drastically a few years ago. Much less work there now, I hear.

    4. Anonymous Coward
      Anonymous Coward

      Re: Pipe Dream

      Of itself, there is nothing wrong in out-sourcing some aspects of healthcare to private companies.

      GP surgeries and "NHS" Dentists are two examples of private companies (often partnerships) that are paid from taxation for looking after the nation's health.

      Equally some routine lab work can be outsourced. At certain scaling, dedicated central labs can do it more cost-effectively than the same work spread across smaller labs at hospitals.

      The problem is when quality requirements, and enforcement mechanisms for the delivery and pricing of the service are lacking and the supplier "takes advantage".

      1. wolfetone Silver badge

        Re: Pipe Dream

        "Of itself, there is nothing wrong in out-sourcing some aspects of healthcare to private companies."

        There is plenty wrong with it, because private healthcare firms need to turn a profit in order for shareholders to get their investment back. WIth healthcare how do you turn a profit? Something has to go, something has to give.

        Private healthcare in the UK is a joke anyway. I don't get it, but I know some who do. One guy I know died recently had cancer. He was fairly well off and had paid in to a private health care fund for as long as he was alive basically. His health care provider deemed his cancer treatment too costly for them to foot the bill for, so he was referred to the NHS.

        1. Anonymous Coward
          Anonymous Coward

          Re: Pipe Dream

          GPs make a profit on their time spent seeing sick people. Including the "worried well".

          If a out-source can deliver as well as in-house (and that assumes all the bars - confidentiality, quality, responsibility - are met so it is genuinely like-for-like) for a lower cost then, given the fixed budgets of the NHS, it looks almost a moral obligation to put the work there to maximise return on taxation.

          That doesn't mean there aren't hidden costs in the grander scheme for the government of the day to contend with. In moving to out-source are you making an NHS worker redundant, or freeing up their time for higher-return work. Are you replacing an adequately-waged job in a hospital with a barely-minimum-wage job somewhere else?

        2. Loud Speaker

          Re: Pipe Dream

          There is plenty wrong with it, because private healthcare firms need to turn a profit in order for shareholders to get their investment back. WIth healthcare how do you turn a profit? Something has to go, something has to give.

          There is absolutely no reason on earth why private enterprises, competing to supply the NHS with services should not be able to deliver better service, cheaper, while still paying for the capital required to do this (in reality, that is what "profit" is). Nationalised industries have to provide capital, and pay for it - generally in a poorly managed way. However, in a nationalised industry, all high level decision making is by politicians, and provision of capital becomes a political football, leading to fiascos like WindowsXP still being widely used now.

          Actually, Nationalisation has mostly been shown to be horrifically inefficient - because you cannot ever be your own quality controller. I am not saying that it is GUARANTEED that privatised systems would be better, but neither is it necessarily worse. You might not be old enough to remember GPO telephones and the Gas Board.

          Public/private ownership of capital is not the same argument as open source vs closed source infrastructure software.

        3. Richard 12 Silver badge

          Should the NHS make toilet paper?

          Or manufacture medical instruments?

          This "NHS must not buy anything from the private sector" attitude appears to ignore reality completely.

          There are many private hospitals that specialise in particular types of treatment. They don't do anything else at all so they're really quite good at it.

          One of the reasons those places can specialise is because the NHS does the general care, so they don't have to.

          Would you really want the NHS to refuse to send you to the best place for your replacement knee because it happened to be a private hospital?

        4. Doctor Syntax Silver badge

          Re: Pipe Dream

          "Of itself, there is nothing wrong in out-sourcing some aspects of healthcare to private companies."

          There is plenty wrong with it

          It has been built into the system from the start: GPs, dentists and pharmacists have been private from the start. The only question is where do you draw the boundary. Do you really want to roll it back so that GPs are nationalised? Dentists? Boots? Should the NHS start making its own hospital beds?

          There are two things to realise here.

          1. No political party dare get rid of the NHS. Yes, I know it's thrown about as an accusation but do you really, if you give it a moment's thought, think that any party would believe they could do it and survive?

          2. No political party has worked out how to deal with the mushrooming costs.

        5. Alan Brown Silver badge

          Re: Pipe Dream

          > His health care provider deemed his cancer treatment too costly for them to foot the bill for, so he was referred to the NHS.

          Similarly, when private health care providers bollox any routine surgical work, they dump the results on the NHS as an emergency.

          This kind of thing has to be stopped - not by refusing the patients, but by charging the private outfits punitive rates and investigating their competence every time it happens.

  11. Dante Alighieri

    moving to citrix and thin client deployment at our institution, mostly due to the specification creep for the desktop machines.

  12. Anonymous Coward
    Anonymous Coward

    You can have all the open source desktops in the world...

    ...but if the back end is propriety back end that only runs on windows, then you suddenly hit brick walls.

    They need to ensure the back end adheres to open standards first, then move the back end.

    That way you can use Windows, Linux, MacOS, BSD or whatever you want.

    Get the back end sorted and the rest will follow.

  13. GreggS

    Unpatched=Unsafe

    It seems to me that the main issue was unpatched systems. The IT support will have to have a major change for that to be any different, regardless of what OS they are using.

    1. Doctor Syntax Silver badge

      Re: Unpatched=Unsafe

      That's a big win for Linux given the relative speed and simplicity of applying patches.

      1. GreggS

        Re: Unpatched=Unsafe

        They are only simple if you have an IT department who knows what they are doing. It could be said that Windows patches are equally simple and speedy to apply if they are being pushed out by a mechanism such as Windows Update for Business or by IT departments centrally for Enterprise installs.

        1. Anonymous Coward
          Anonymous Coward

          Re: Unpatched=Unsafe

          ours are being done (eventually) by SCCM as far as i can tell. Is that the "best practice?"

      2. Anonymous Coward
        Anonymous Coward

        Re: Unpatched=Unsafe

        "That's a big win for Linux given the relative speed and simplicity of applying patches."

        You can't use set it and forget it in an enterprise. Windows has advanced features like WSUS (free) and SCCM (paid) that provide a proper controlled patching solution, reporting, etc. that is largely missing out of the box with Linux.

        1. Anonymous Coward
          Anonymous Coward

          Re: Unpatched=Unsafe

          "You can't use set it and forget it in an enterprise."

          Oh yes you can.

          And WSUS? Please!

  14. Aitor 1

    Modified distro

    A modified distro is a no no.

    You DON'T want to do that!!

    It would be way better to give 200.000£ o rmore to someone to take care of that.

    Just use a "standard" deployment of LTS with specific packages, and call it a day, and learn to live with that.

    1. MacroRodent Silver badge
      Linux

      Re: Modified distro

      Just use a "standard" deployment of LTS with specific packages,

      Exactly! Unless your needs are very special, and you have immense technical talent at your disposal, do not even think about a making custom distro, or even basing your work on some less-known existing distro. Let Red Hat, Ubuntu or Suse deal with the base OS. (If on shoestring, just use CentOS. You essentially get the reliability and utterlly boring predictability of Red Hat Enterprise for free...).

      1. Prst. V.Jeltz Silver badge
        Paris Hilton

        Re: Modified distro

        Shoestring? I thought Linux was free?

        Im a bit in the dark about all this. People charge for supporting a free Linux system right?

        If these people in the article think they have the skills to re write it , surely they can support existing distro themselves? or do "Enterprises" pay regardless?

        1. Anonymous Coward
          Anonymous Coward

          Re: Modified distro

          "I thought Linux was free?"

          If your time has no value and you don't need support.

        2. MacroRodent Silver badge

          Re: Modified distro

          Shoestring? I thought Linux was free?

          It is. But enterprise distributions require a subscription for support and updates. CentOS, which is a recompiled RHEL, gives you the updates for free, like most non-enterprise distributions.

          1. bombastic bob Silver badge
            Devil

            Re: Modified distro

            "enterprise distributions require a subscription for support and updates."

            many IT departments prefer this. And the overall cost is lower than a Micro-shaft solution. win-win.

            the alternative would be a support contract with some consultants, or hiring your own expert. But at least you have that choice, to contract with Red Hat [let's say], or with a local Linux admin consulting group, or hire your own expert. Whichever you pick, it's highly likely to be a cost savings over Micro-shaft. [I posted the Ernie Ball link already, no need to re-post]

      2. Loud Speaker

        Re: Modified distro

        Unless your needs are very special, and you have immense technical talent at your disposal,

        £200 billion is not capable of purchasing "immense technical talent"? And they have been pretending their needs are very special for generations. Although if the "special" is it needs IE6, then perhaps it this is "special needs" as a tactful way of saying "developmentally challenged".

    2. keithpeter
      Coat

      Re: Modified distro

      Currently the NHSbuntu proof of concept .iso appears to be a more or less standard Ubuntu 16.04 live image with some nice theming in 'classic' mode. Screen shot below from within a live session

      http://sohcahtoa.org.uk/nhs2.jpg

      Note use of MS Office-like icons for LibreOffice and standard Ubuntu repositories. Can't use ssh at present (keyring?) but apart from that looks bog standard. Now if someone could convince the Gnome project to just allow the top bar to be the bottom bar in classic mode...

      I take the point that a real system is going to need custom software and then that implies maintenance. I hope this initiative gets gradual acceptance with a careful roll-out to appropriate client machines.

  15. frank ly Silver badge

    Connections

    Are Microsoft well connected in the UK civil service, the Department of Health in particular?

    1. My Alter Ego

      Re: Connections

      Joined at hip. Apparently an orthopaedic surgeon got a tad confused...

    2. PickledAardvark

      Re: Connections

      "Are Microsoft well connected in the UK civil service, the Department of Health in particular?"

      Yes and No. In my experience, Microsoft behave like any other supplier wishing to make a mutually beneficial relationship. Microsoft, VMware, Oracle, SAP, Dell et al are all doing similar things.

      They'll appoint diligent contract managers who know a bit about customer requirements and are willing to learn. Customers will receive additional technical support -- e.g. accelerated connection to product specialists. Customers will receive free project consultancy -- bad if it is just about selling products, bloody brilliant when you get to work with independently-minded people who know their stuff. If you are in a position to participate in a product development programme as a working partner, they'll throw loads of resources your way.

      Is this unfair to open source developers or small companies? A smaller outfit will never have the resources to match the big players. Sometimes modest resources are all that are necessary. If a company doesn't have to maintain 20+ years of cruft (e.g. VMware in year 2000), business can take off rapidly.

      Congratulations to the NHSbuntu team for their work on smart cards and ID management.

  16. Buzzword

    The city of Munich tried this

    But found it cost too much. They recently announched a move back to Windows.

    https://www.theregister.co.uk/2017/02/13/munich_may_dump_linux_for_windows/

    1. Doctor Syntax Silver badge

      Re: The city of Munich tried this

      "But found it cost too much. They recently announched a move back to Windows."

      Nope. Politics. It helps not to have your local politician too chummy with vendors.

    2. Roger Greenwood
      Pint

      Re: The city of Munich tried this

      The vote went against that but I haven't seen a recent update other than they are keeping their options open. I'm in Munich next week - shall I ask them over a beer?

      1. MacroRodent Silver badge

        Re: The city of Munich tried this

        I'm in Munich next week - shall I ask them over a beer?

        Please do, and tell us what is going on there!

    3. oldcoder

      Re: The city of Munich tried this

      Did you bother to read the item?

      Even the title says "MAY".

      Big difference between MAY and WILL.

    4. TheVogon Silver badge

      Re: The city of Munich tried this

      And more to the point, it was crappy to use and the users hate it.

      1. the Jim bloke Silver badge

        Re: The city of Munich tried this

        Are you talking about windows or Linux?

        From my memory of the article, it was some HR department whinging about Linux, which has got to be a positive recommendation, and possibly even intentional.

  17. Allonymous Coward
    WTF?

    I wonder what a "Head of Ecosystems Development" actually does. Sounds like one of those non-specific job titles so common in the senior public sector - "Director of Improvement" etc.

    Also I call bovine excrement on "[T]he whole procurement process is geared to buying something off the shelf: something proprietary." Source: I procure NHS technology all the time, it's mostly open source (admittedly not clinical systems), and I've never seen any problems other than the usual ones when you try to procure anything in the NHS.

  18. JakeMS

    Yet another distro?

    Not to sound crude or downing anyone but is creating an entirely separate distribution really the best way forward?

    I mean, there are several distributions which could be up to this task as they stand even some which could be highly tuned (Gentoo, Arch anyone?) surely the better way forward would be to use an existing distribution and add any required packages/features as an additional repository/ppa?

    At least this way your applications are not tied to a custom distro and you can recompile them / package them for other distributions as and where required.

    If support is an issue then you could go to someone such as Red Hat who for a subscription fee would be happy to provide any and all technical assistance where required. In addition they have a lot of experience in that particular field (supporting businesses).

    I just feel that a new bistro isn't necessarily the best way forward. I understand that they may need specific applications or security tuning, but all of that could be easily accomplished by simply adding an extra repository and tuning to an existing bistro (you can roll your own install media/live image where required to avoid tuning each PC)

    In addition, those doctors who are already using uBuntu would only have to add the PPA to their existing installs, avoiding a reinstall and in some cases confusion.

    Just my 0.02 GBP.

    1. Smooth Newt
      Thumb Up

      Re: Yet another distro?

      A dedicated NHS distro doesn't see a big deal to me. e.g. The CERN CentOS 7 distro used by the particle physics community worldwide is more or less done by one man + St Bernard dog. Canonical seem to produce and maintain a full functioned distro on about £85 million per year and I doubt anything remotely approaching that is needed. I suspect the cost would be less than the Microsoft licence fees.

      As an indicator of the sort of sums that are ploughed into NHS IT, previous governments found £10bn to spend on the abandoned National Programme for IT system, which would have paid for a Canonical sized operation for more than a century.

      1. Doctor Syntax Silver badge

        Re: Yet another distro?

        "A dedicated NHS distro doesn't see a big deal to me."

        Quite. AFAICS enterprise deployments of Windows seem to rely on their own build and routinely overwrite the vendor's install with their own. This doesn't seem to be much different.

    2. Doctor Syntax Silver badge

      Re: Yet another distro?

      "I mean, there are several distributions which could be up to this task as they stand even some which could be highly tuned (Gentoo, Arch anyone?) surely the better way forward would be to use an existing distribution and add any required packages/features as an additional repository/ppa?"

      s/Gentoo, Arch/Ubuntu/ and you seem to have described what's described here.

    3. HmmmYes Silver badge

      Re: Yet another distro?

      I dont know know but Id guess ts more of a stripped down, less choices of a particular Ubuntu release - i.e. XFCE only, no dev stuff- bascia kernel, X, and web browser.

      i.e. nothing more than a stripped down YUM repo.

  19. Anonymous Coward
    Anonymous Coward

    It's also about automation...

    To support paperless a great deal of automation is required. Today, and for many years, the NHS has relied on Office macros to function. Changing the OS will be trivial in comparison to changing office automation.

    Anon 'cos guess where I work...

    1. bombastic bob Silver badge

      Re: It's also about automation...

      "for many years, the NHS has relied on Office macros to function"

      like legal firms do the same thing from what I understand.

      MS Office Macros are HIGHLY overrated [and a dangerous vector for malware]

      I have to wonder how many of these could be re-done with simple shell scripts + python/Perl utilities

    2. Doctor Syntax Silver badge

      Re: It's also about automation...

      "the NHS has relied on Office macros to function."

      Getting rid of those should be a security improvement in itself.

  20. Steve Davies 3 Silver badge

    MS won't take this lying down

    Their NHS cash cow is far too big a revenue stream to lose.

    All power to Leeds but I feel that once MS get their big guns out and start arm twisting in Whitehall it will come to nowt.

    But if a properly hardened Linux can be made viable then brilliant and all those naysayers (it seems that many have posted here) will be proven wrong.

    My only doubt is the LTS point. I think the NHS needs at least 10 years of support out of a distro. AFAIK, Ubuntu LTS does not give you that. AFAIK (and I am willing to be proved wrong) only RedHat and SUSE do that.

    If by making their own distro they can get the 10 years of support then brilliant but anyone who has been around Linux long enough will know that distros come and with all the best will and intentions die after a few years because the people responsible give up or move onto other things. If by paying a company money for support the longevity of the distro can be secured then brilliant.

    But as I said at the start of this post, watch out for the MS bully boy tactics.

    1. MisterHappy

      Re: MS won't take this lying down

      A few years back this would have been the case but one of our glorious leaders decided to 'save' the public money by cancelling the licensing agreement between UK Gov & Microsoft.

      As a result each NHS Trust (and local government) have to have their own licensing agreements with Microsoft, rough estimates have put the cost of this at 3 to 4 times the cost of the original agreement.

      So one Trust moving to Linux means the lost of a single medium to large customer for MS.

  21. Destroy All Monsters Silver badge
    Black Helicopters

    In other news

    A few large, black "cleaner" vans have been spotted being loaded with bottles of FUD, lobbyists, lawyers and stuffed brown envelopes and been seen exiting the Microsoft UK parking lot, driving by grim-faced "agents".

    1. Doctor Syntax Silver badge

      Re: In other news

      driving by grim-faced "agents".

      I see a couple of them have proved your point with downvotes.

    2. John Brown (no body) Silver badge
      Coat

      Re: In other news

      grim-faced "agents".

      Do they look a bit like cartoon paper-clips?

  22. John Smith 19 Gold badge
    WTF?

    If smartcard support was the long pole in the NHS tent

    Why did it take 5 years to get round to it?

    I find it very hard to believe there are no other large organisations around the world that wanted smartcard support in a Linux distro. And note, if they feed the changes back upward it will not need to be a "custom" distro, it will the standard Ubunto build.

    So Moorfields have an EPR system ready to go?

    That is intriguing.

    The question is does it cope anything other than eyes?

    1. Richard 12 Silver badge

      Re: If smartcard support was the long pole in the NHS tent

      I guess there were other tall nails that were handled over the last five years, the smartcard will just have been the most recent.

      I rarely bother mentioning stuff I fixed a few months ago, let alone a few years ago. It's only what I did in the last few weeks that's news.

  23. sitta_europea Bronze badge

    “Power of community and collaboration is the real story here – being open source you don’t have commercial vested interests,” says Coates.

    Yeah. Right. Ask Canonical customers what they think about that.

  24. Anonymous Coward
    Anonymous Coward

    Only a matter of time till it gets released "accidentally"

    if NOT illumina then drop 100 pr places

    1. Alan Brown Silver badge

      > Only a matter of time till it gets released "accidentally"

      No accident, it's already downloadable.

  25. RyokuMas Silver badge
    Paris Hilton

    Swings and roundabouts

    Trouble is, in the NHS, you'll have a lot of "stick-in-the-mud" users who get in a big flap every time something changes.

    What you save in Windows licences, you'll have to pay in retraining staff.

    Note: this is based off experience from when I had several hospitals as clients... getting calls to attend on-site and "look into an error" that turned out to be a warning stating that the report that was about to run was quite big and take a bit of time... panic that data had been lost because they had switched to a different view mode... that sort of thing

    1. Norman Nescio Silver badge

      Re: Swings and roundabouts

      I take your point about "stick in the mud users", but isn't there still retraining required when moving from Windows XP to Windows 10? Or indeed from IE6 to Edge, or MS Office (Creaky old edition that works) to MS Office (New super whizzy edition that finds novel ways to confuse you and lose your data).

      Given that training will be required, doesn't it make sense to train for a less expensive option?

    2. rmason Silver badge

      Re: Swings and roundabouts

      Also - an entire first and second line team at each trust with no experience other than (trust application collection)+windows.

      I know "munich" got mentioned earlier in the comments, didn't they end up almost 2 years late and tens of millions over budget? End result was a system that did not work correctly and will shortly be scrapped.

      1. John Brown (no body) Silver badge

        Re: Swings and roundabouts

        "I know "munich" got mentioned earlier in the comments, didn't they end up almost 2 years late and tens of millions over budget? End result was a system that did not work correctly and will shortly be scrapped."

        "May" be scrapped. And there's a big pool of knowledge there on what worked and what didn't. Likewise, the experience of the French Gendarmerie, and other large government projects in Spain, The Philippines, Brazil etc..

    3. Anonymous Coward
      Anonymous Coward

      Re: Swings and roundabouts

      ---What you save in Windows licences, you'll have to pay in retraining staff---

      Switch on computer

      Call IT because nothing is on the screen.

      Be informed that "computer" is that box the screen is standing on and you just turned the monitor on.

      Turn on the computer.

      Type name and password then press the Enter key.

      Call IT again because you have forgotten your password for the fourth time this week (It's Tuesday)

      Type in your password again.

      Make the tea

      and so on.

      No retraining needed there. If an application is web based, it should look the same whatever the OS.

    4. Alan Brown Silver badge

      Re: Swings and roundabouts

      There's a simple solution to that kind of stupidity: Charge them for non-contracted support. (ie, callout for a non-error), at the non-contracted rate.

      It's amazing how many ineducatable users suddenly decide to read the manuals when they find that their wallet is affected.

    5. bombastic bob Silver badge
      Linux

      Re: Swings and roundabouts

      "What you save in Windows licences, you'll have to pay in retraining staff."

      how would SHIFTING TO WIN-10-NIC be ANY different in this regard?

      if you're going to have to re-train, go LINUX!

    6. Doctor Syntax Silver badge

      Re: Swings and roundabouts

      "What you save in Windows licences, you'll have to pay in retraining staff."

      From the examples you give where did that "re" in "retraining come from?

    7. Alan Brown Silver badge

      Re: Swings and roundabouts

      "What you save in Windows licences, you'll have to pay in retraining staff."

      Retraining is "once", licenses are recurring.

      "Stick-in-the-mud" users, unless bringing provable value to the organisation are the same people who make the NHS experience so demoralising ("Computer says NO") for patients AND staff. Identifying and expunging them outright is likely to result in a better running organisation at lower overall costs.

  26. Cuddles Silver badge

    How uncomfortable exactly?

    "The reference to Windows XP is an uncomfortable reminder that the WannaCry attack that hit the NHS in May"

    This would be the WannaCry attack that El Reg has several times noted didn't actually affect XP systems? And that would be the same Windows XP that had already been patched to fix the vulnerability exploited by Petya before the latest outbreak everyone's made a fuss about? As long as you're paying for support and patching in a timely manner, there doesn't appear to be anything particularly uncomfortable about sticking with XP, other than maybe the cost of said support.

    1. Doctor Syntax Silver badge

      Re: How uncomfortable exactly?

      "This would be the WannaCry attack that El Reg has several times noted didn't actually affect XP systems?"

      ISTR that that was because XP had a protection measure: it fell over before any damage could be done. I suppose the closest medical equivalent is "the operation was a success but the patient died".

  27. HmmmYes Silver badge

    Thanks fuck for that.

    Cost is important everywhere. And you have to be careful with what your costs are.

    From my experience in deploying a number of simple machines, Windows license costs are the least of worry. There's the cost of installing Windows - a PITA when compared to being able o PIXIEboot a new machine and install an image. I can commision a Linux box in the time it takes for Windows to boot the install media.

    NHSubunt should just deply a simple GUI desktop, and shove all the logic behind a web browers.

    1. rmason Silver badge

      Eh?

      In a past life I was a contractor doing a windows 7 rollout for my local NHS trust.

      All done by casting an image over the lan using tools including 'Pixie' boot.

      The rollout was cancelled because they had paid for the wrong licence, then built the image on the incorrect (ie the version they *meant* to buy a licence for) version of Win7, but that's another story!

      1. Doctor Syntax Silver badge

        "The rollout was cancelled because they had paid for the wrong licence, then built the image on the incorrect (ie the version they *meant* to buy a licence for) version of Win7, but that's another story!"

        This is an argument for Windows?

      2. Maventi

        "The rollout was cancelled because they had paid for the wrong licence, then built the image on the incorrect (ie the version they *meant* to buy a licence for) version of Win7, but that's another story!"

        And that, folks, is one of many examples of the hidden costs of complex proprietary licenses that simply disappear with FOSS. It goes beyond the sticker price - the cost of license management and compliance is eye watering but seems to be often overlooked.

    2. MonkeyCee Silver badge

      installing

      "There's the cost of installing Windows - a PITA when compared to being able o PIXIEboot a new machine and install an image."

      Your statement is contradictory. Either you've built a deployment image, in which case 95% of the work has been done, or you're using install medium of some flavor.

      Building an image is more about the testing, especially whatever apps are getting rolled out. The actual install should be able to be done by a well trained ape adding the computer to the relevant groups, then PXE boot and follow some destructions*.

      Installing a machine from scratch is always a PITA. I've got images for Windows with all the relevant patches and SPs installed which makes a comparable install speed to Mint/Ubuntu on a whitebox. Then there's always some dicking with drivers and config, whatever the OS, unless all the HW is bog standard. Then futzing with the apps, which are either as simple as apt-get or rolled out through group policies, or involve some buggering around with config files, registry entries or whatever chicken sacrifices are required.

      * As for speed of rollout, I've managed to re-image 400 windows boxen in an hour using two 12 year olds and a six pack of red bull. 40 minutes if we don't do test login. About 150 an hour if by myself, but that's a terrible plan :)

  28. MMR

    Being a former domain admin at one of the NHS organizations I can tell you this is not going to fly. HSCIC is too small to have big enough influence and local NHS Trusts and hospitals don't realize how important the security is. It is taking them ages to approve something and when they approve it it's already outdated. Not to mention the non-existing budgets on IT training for IT employees.

    1. Alan Brown Silver badge

      "Trusts and hospitals don't realize how important the security is"

      A chat with the executive about how much NOT taking it seriously might cost them is worthwhile.

      1. Anonymous Coward
        Anonymous Coward

        They won't believe you if it's a MIGHT. It has to be a WILL. Also, personal risks will usually be shrugged off with connections.

  29. Anonymous Coward
    Anonymous Coward

    About cost.....

    Quote: "One of the brains behind the project, Rob Dyke...."

    *

    100 million pounds a year would seem to be a very large upper limit for the break even budget to maintain NHSbuntu. What am I missing?

    *

    Just as an example, Red Hat has been delivering a high quality distribution (in my own direct experience) since at least 2000. So that would imply that the NHS has spent, say, £1.7 Billion pounds with Microsoft since 2000. £1.7 Billion pounds seems to to be quite a lot of money....perhaps a fraction of that amount would have been useful in developing something like NHSbuntu over the last seventeen years.

    *

    ...and this new initiative is being touted by people described as the "brains" among NHS IT specialists. Where have they been for all of the current century?

    1. Rob Dyke

      Re: About cost.....

      /me won't feed AC posters....

  30. John Smith 19 Gold badge
    Unhappy

    So do 7 NHS trusts still lack a line item for IT security?

    I think they probably do.

    But it would still be interesting if they were hit as hard, or less hard, than others that did.

  31. adam payne Silver badge

    "The project organisers aim to educate clinicians and administrators alike about the benefits of open source and to provide doctors with the tools to develop their own apps if they so wish."

    Develop their own apps *shudder* then expect IT to support them when it goes wrong.

    1. Anonymous Coward
      Anonymous Coward

      I have an honest, if simplistic question, why bother explaining about Open Source? Use it, give them the number to call if they have issues, describe the new system simply as the new system, what it does and how they will be using it. Why introduce more information and potential confusion than most of them need or want? The users just want a system that's easy to use and does what it's supposed to do. The few users who are interested can be given more info if they want it, but keep it simple. The very, very few who are really interested will doubtlessly know something about, "The Google and The Intertubes".

  32. Jason Bloomberg Silver badge
    Linux

    With or Without?

    Should NHSUbuntu be systemd based or not?

    Is it only acceptable with systemd or without systemd, or does it not matter and the systemd debate is meaningless nonsense?

    1. Anonymous Coward
      Anonymous Coward

      Re: With or Without?

      Well, it appears that all the large linux distros that offer support have gone down the systemd road. To my limited knowledge you'd have to go with FreeBSD to get non-systemd support, on new installs. I do hope that Devuan Linux gets the support it needs to keep going as its purpose is to be a systemd free alternative to Debian, Redhat, Ubuntu, Suse. Choice is important.

  33. Stevie Silver badge

    Bah!

    I wish everyone luck with this project, but have to wonder who will be providing the paddles five years after rollout.

    As for these "smartcards", they sound like the PINs we had in the late 60s and which I've been urging everyone to have another look at for Lo! these many years. They only work properly if they are part of the security badge of the user and lock up the equipment when the card is not present any more though.

    And of course one must make it a dismissing offense to lend out your card.

    1. Doctor Syntax Silver badge

      Re: Bah!

      As for these "smartcards", they sound like the PINs we had in the late 60s and which I've been urging everyone to have another look at for Lo! these many years.

      TFA says:

      "Its mission was to find a way to deploy... Linux ... on 750,000 smartcards used to verify clinicians accessing 80 per cent of applications – excluding those for clinical use – on millions of health service PCs."

      Apart from the rather dodgy phraseology which suggests the smartcards would be running Linux I read this as saying these smartcards are already in use with Windows PCs.

  34. LeedsMonkey

    Makes perfect sense

    I've been involved in Windows, storage, etc for many, many years now, but of late have been getting more involved in AWS, Linux and agile workloads. If the NHS can embrace these concepts and move to an open source platform it would be of huge benefit. There are plenty of Linux skills around and there's simply no need to have ancient PC's running Windows XP. Yes some applications will need to be migrated/redeveloped, but gone are the days where an application should be tied to an operating system.

    As for proprietary hardware, which there will be loads of in the NHS, suppliers will simply have to decide whether or not they want their contracts renewed. Once the messages gets through that Linux will be the new platform they will all follow suit or be replaced by competitors who will. And where there are no competitors, yes some money will need to be spent.

    I'm not underestimating the size of the task here, or trivialising how important application availability is, but this culture of pockets of IT that exist within our public services, not just the NHS, has to change. Nor am I underestimating the costs - it will be damn expensive to make the move - but the long-term benefits will be worth it.

    1. TheVogon Silver badge

      Re: Makes perfect sense

      "it will be damn expensive to make the move"

      Very. And massively complex and would take many years. And many users would always still need Windows.

      "but the long-term benefits will be worth it."

      I doubt it. You would just end up with an expensive to run mess. If this were true, many CIOs would be doing this, but near zero are....

      1. LeedsMonkey

        Re: Makes perfect sense

        Not true. Look at jobserve, a large number of organisations are now going down the cloud (internal/external/hybrid) route with agile development. The job market is usually a pretty good measure of what is actually happening.

        1. Allonymous Coward
          Linux

          Re: Makes perfect sense

          Yeah but no but... rebuilding backend systems using Agile/Cloud/OSS/LatestBuzzword (which I agree is happening, and is good) is one thing. Linux-on-the-NHS-desktop is quite another.

          Possibly there are some overlaps; make things web-based, use open standards, similar underlying tech etc. But many of the challenges to overcome are quite different, and IMO the open source crowd do ourselves no favours by conflating the ideas.

  35. Alan Brown Silver badge

    procurement cycles

    One of the arguments which can be used on smaller outfits is "With NHSbuntu, you don't _need_ to buy new hardware. Your existing computer is more than powerful enough to do the job"

  36. PickledAardvark

    Source Code Escrow

    We've had years of OS lockdown at some organisations because somebody bought software years ago which is essential to the business. We can't upgrade the Windows version because it will break a business critical application. And the software supplier ceased trading eight years ago.

    I've worked with a few perceptive IT managers. Prior to year 2000, one of them asked small companies for source code for their products; some handed over tapes and others signed escrow contracts -- source code resided in a safe place, to be accessed and modified if the company went bust. I think we used an escrow agreement once.

    In more recent years, I've encouraged managers to pay extra for source code access or escrow. It costs money but you can turn software on and off -- with a bit more money, of course.

    1. Korev Silver badge

      Re: Source Code Escrow

      I once "owned" some software with an Escrow agreement. The software's yearly licence was just over a million GBP, the Escrow was a condition of the agreement, I believe it cost the vendor just over a thousand (the Escrow company would notify us when it was a paid and b they got source code); I make that 0.1% of the licence cost.

  37. Dave the Cat

    I've been in NHS IT for 15 years and as much as I personally like this idea, it simply won't happen.

    Too many people, with too many vested interests have their fingers in too many pies. At a local level, finance directors simply won't understand the rationale and cost behind the change, and believe me no amount of talk of long term savings will register with them, they have a tough enough time balancing the books year to year yet alone looking 3, 5, 10 years down the line.

    Operations managers will decry the disruption which will, without a shadow of doubt, be massive. Regardless of how well it's planned, this is the NHS, it will go to shit. I guarantee it.

    There will be uproar from staff and the ever difficult unions some of whom will feel personally affronted that they no longer have access to MS Office, regardless of the open source versions being just as good.

    Then there are the technical issues, there are so many archaic and disparate software systems and databases at so many different hospital trusts and even down to individual sites within single trusts.

    It all boils down to one simple thing, money. If this were resourced properly it could work, however it won't be. It'll be thrown together on a shoestring at best.

    1. Ken Hagan Gold badge

      I think you are missing the point that the alternative is equally disruptive. The NHS appears to be running on a vast number of XP boxes. The fact that these systems haven't already (many years ago) migrated to a more recent version of Windows surely proves that there is no upgrade path that isn't massively disruptive and painful.

      1. Dave the Cat

        I don't disagree in any way Ken, I'm all for the move but I just don't see it happening any time soon. I can't speak for all trusts but certainly in the handful I've worked at, I can't see it happening for a decade at least.

        It'll take several more WannaCry type incidents and several more huge security breaches before the people holding the purse strings will register that something needs to be done. They'll then set up a task force to examine what needs to be done, this will run for a minimum of two years. The task force will be made up of a horde of finance and procurement people, staff representatives in the form of union reps (who's job is solely to be difficult, irrational and obstinate) and a lone brow beaten representative from IT. They will then inevitably recommend the path of least resistance which will be Microsoft.

        1. Anonymous Coward
          Anonymous Coward

          Sadly, I expect that's what will happen.

  38. uncommon_sense
    Trollface

    Early Adopters..

    The Proctologists should like this!

    After all, they do OpenArse all day anyway...

  39. Anonymous Coward
    Anonymous Coward

    Criminal waste and corrupt suppliers

    Giving Microsoft £100m a year just to license Windows is fucking criminal

    Imagine what that could achieve within an Open Source community.

    I read the gov report on Open Source. The single biggest obstacle are vendors who don't want to build for *nix and muddy the waters by saying that they have proprietary code which they legal can't run on an Open Source OS. Utter BS and the government is too chickenshit to call them on it.

    1. Anonymous Coward
      Anonymous Coward

      Re: Criminal waste and corrupt suppliers

      Because telling someone they're bogus usually results in them take g their ball and going home. And if they're the ONLY supplier of something (say due to a hardware patent or it simply being too niche), that's a captive market. A Hobson's Choice.

  40. Herby Silver badge

    Five years?

    Let us know in five +- years what the status of all of this is.

    By then, Microsoft will probably have the operating system in the cloud, and all the data as well. If you want your health records you can call Bletchley Park Redmond and ask them.

    Being dependent on a single vendor for the basis of your platform that is holding sensitive information who doesn't want to talk much, looks like a fools errand, and a move to open source looks good.

    A recent (two days ago) visit to the doctors office had machines in every room and more at reception desks. I suspect that they were windows boxen, and hope that they were up to date. From the looks of it, they used it as a fancy web browser with (reasonably good) two factor authentication (RFID cards).

    Me? Pretty healthy (knock on wood).

  41. This post has been deleted by its author

  42. John Doe 6

    Do I understand this right....

    ...a major government organization dumping Microsoft in favor of Linux ?

  43. Amos1

    What rubbish. XP usage had nothing to do with WannaCry.

    "The reference to Windows XP is an uncomfortable reminder that the WannaCry attack that hit the NHS..."

    WannaCry crashed on XP but not on 7. What bit the NHS (and Telefonica and others), as proven by the Shodan search engine, was their propensity for either hanging servers directly on the Internet or by intentionally exposing the TCP 139 and TCP 445 file sharing ports directly on the Internet and available to the entire world.

    Negligence and incompetence cannot be fixed by changing the desktop operating system.

  44. Anonymous Coward
    Anonymous Coward

    sounds a bit of a nightmare

    full linux clients at scale is difficult. and as prev post said consultant lock in.

    *build a smartcard interface for browser (may require plugin)

    *move all core applications to web model

    *use net booting thick clients with guest login or kiosks but either way running the browser as a local app - load these with ram (like 16gb)

    *add second or third monitors so users are 'getting something' and have added productivity

    also prob work ok with byod with ur 'smartcard plugin' but firewall these devices off with something like zscaler or similar

    accept there will be technical equipment that falls under different scope.... mri machine needs windows or similar. treat these as special cases that require extra attention.

    have a nice day

  45. t0no6

    But, really...

    Why Ubuntu? Fedora was a better choice with red hat behind, instead canonical has nothing to offer except iot technologies

  46. Anonymous Coward
    Anonymous Coward

    It's not just cost

    You're mad if you willingly give up your confidential information to SatNad the data mining whore.

    Your medical records are sacrosanct.

  47. J J Carter Silver badge
    Windows

    Seriously?

    I wouldn't trust my life to code written by people who smoke weed 24/7 !

    1. Anonymous Coward
      Anonymous Coward

      Re: Seriously?

      "I wouldn't trust my life to code written by people who smoke weed 24/7 !"

      Seeing that weed is legal in the state of Washington, it sounds like this NHSbuntu project might be the answer you were looking for!

    2. Doctor Syntax Silver badge

      Re: Seriously?

      "I wouldn't trust my life to code written by people who smoke weed 24/7 !"

      Thanks for explaining how Windows got to be that way.

  48. Lusty

    Patching

    Since lack of patching was the cause of most of their issues, rather than running Windows, can someone point out how patching at large scale works in Ubuntu and derivitives?

    I'm not trolling I promise, I've not used Ubuntu at scale. I know Red Hat have an enterprise grade patching and reporting solution but I've never seen one for Ubuntu (and a quick half arsed search turned up nothing just now). I realise they could script using apt or whatever, but that won't report compliance etc. centrally as far as I know. With 750,000 desktops there's a lot of complexity to deployment and maintenance and Windows has a good ecosystem for that kind of thing.

    Not that it makes much difference, the NHS weren't doing maintenance anyway. I'd just like to know out of curiosity :)

    1. Dominion

      Re: Patching

      If they can script using apt then they can script to push / pull rpm databases back to a central server? Or use Chef/ Ansible / puppet or what ever to run compliance reports. It really isn't that complicated for someone with decent scripting skills.

      1. Lusty

        Re: Patching

        It may not be complicated but the development and testing of custom scripts costs real time and money. Every custom script adds up and at some point the cost tips in favour of buying an off the shelf solution. Since this comes free with Windows it's a definite consideration. Red Hat licences plus management adds up to more than the cost of Windows so open source isn't necessarily always cheaper at the enterprise scale.

    2. Alan Brown Silver badge

      Re: Patching

      > can someone point out how patching at large scale works in Ubuntu and derivitives?

      What you're looking for on Ubuntu is called "Landscape"

      1. Lusty

        Re: Patching

        Thanks I thought there must be something but holy cow that's expensive!

        1. Allonymous Coward

          Re: Patching

          > holy cow that's expensive

          ...and proprietary, IIRC.

  49. Anonymous Coward
    Anonymous Coward

    identify via a smartcard... something that’s only available for Microsoft Windows

    Maybe if they'd spoken nicely to ATOS who ran the UK's MOT computerisation system for several years using smartcards, card readers and a unix like system. I still have the card reader somewhere..

  50. energonic

    Support

    Open source or not, vendors are apparently not willing (or able?) to modify their expensive systems to accommodate system security updates. What do you get when you pay for support on an MRI scanner?

  51. mark l 2 Silver badge

    Sounds good but I would have thought that something like scientificlinux.org or CentOS would be a better distro to base it on than Ubuntu since the recent announcement by Shuttleworth about Ubuntu concentrating on the server side from now on.

  52. chrismeggs

    Smart? Cards

    Educate me please!

    Since when has the possession of a token proved the continuous identity of the holder? Surely we should be heading towards a biometric possession that continuously identifies the holder?

    1. Jason Bloomberg Silver badge

      Re: Smart? Cards

      Not sure why you got so many downvotes because you are absolutely right; holding the card does not prove you should be holding the card, and if we want to guarantee it is an authorised person accessing the system, rather than just an authorised card being used, we do need something more, probably biometrics.

      But card access is good enough, at least good enough for now, being no worse than it already is, whether a Windows or a Linux setup.

      What I believe brings a lot of big projects down is demanding more than needs to be done; not just moving from Windows to Linux as suggested here, but layering on other changes to improve security, to limit access, to provide better reporting, give larger cost savings, etc. What should be a simpler 'from this to that' migration becomes a whole new development with all its attendant problems, risks, rising costs and overruns.

      1. Charles 9 Silver badge

        Re: Smart? Cards

        "What I believe brings a lot of big projects down is demanding more than needs to be done;"

        The problem becomes that the things that are "added on" can really ONLY be done DURING such a transition, since for things like security you really have to bake it in while it's being made.

  53. Anonymous Coward
    Anonymous Coward

    OMG... really!

    This may fly in a GP surgery, how would it work in a large acute?

    1. If running VDI you will still need Microsoft licences for the virtual desktops and SQL cals.

    2. A lot of vendors, especially those peddling pathology systems are never going to warrant running their system on a Linux distro.

    3. Where will I get IT staff with Linux skills and where is the money coming from to train my existing staff?

    Surely you need to start at the back end by ensuring vendors don't force you to run MS SQL or Oracle.

    1. Doctor Syntax Silver badge

      Re: OMG... really!

      A lot of vendors, especially those peddling pathology systems are never going to warrant running their system on a Linux distro.

      The phone calls to the vendors' sales and marketing department start thusly: "Hello, I run procurement for $NHSTrust. We're reviewing the market and asking vendors about Linux support. Do you have Linux support?"

      Remember the two important things about salesmen:

      - They never want to lose a sale let alone an existing customer.

      - You can tell when they're lying because their lips move.

      Many development teams have been told to make good on something their sales teams have promised they had.

      1. Charles 9 Silver badge

        Re: OMG... really!

        That model breaks down in niche markets like medical equipment. There it's a lot easier to form cartels where everyone gets a piece of the pie.

  54. Conor Turton

    Smartcard recognition, really?

    Smartcard recognition has been the huge barrier.

    No idea why it is a barrier. Where I work we've been running bespoke software written by the company using chip, RFID and magstripe for some time and the ability to encrypt the info on is there too. In fact it has been less of a pain in the arse than it has on Windows.

    1. ddeasy

      Re: Smartcard recognition, really?

      NHS Digital provide "client software" and APIs to authenticate people.

      Users are issued smartcards to log-on to their systems and a real time authentication against the user data held in the Spine is required. There is a permissions system, controlling who can do what on what data. Each user registered with the Spine Directory Service has a User Profile with several Roles.

      If the client software provided by HSIC does not work on NHSUbuntu then this restricts what users can do if they need the roles provided by their smartcard to work. At the moment they only support Windows OS.

      Spine technical information: Warranted Environment Specification (WES)

      https://digital.nhs.uk/spine/technical-information-warranted-environment-specification

      Disclaimer: I work for a company which provides a unified healthcare information system. Any comments I post here are purely personal and do not represent the company in any way.

      NHSUbuntu works with our system which should be no suprise as any Internet-connected device – tablets, smartphones, or computers work with it. The issue is with SmartCard authentication for specific roles which you can only do with Windows OS clients due the software provided by NHS Digital.

      1. PVecchi

        Re: Smartcard recognition, really?

        "The issue is with SmartCard authentication for specific roles which you can only do with Windows OS clients due the software provided by NHS Digital."

        I found myself in quite a few situations where the provider/vendor said their application/smart card reader works only with Windows, which turned into "I see you made it work perfectly but we don't support it" to then announcing that their tech team made a huge effort and now they support Linux as well. All in matter of days/weeks.

        I would not be surprised if within days there is a client working perfectly with NHS Digital software.

  55. Howard Hanek Bronze badge
    Childcatcher

    Not Really Open Source Is It?

    The lack of sharing of the code among the community will make this what? It would be great to make the code available to the worldwide medical community so we could improve heathcare globally.

    1. Doctor Syntax Silver badge

      Re: Not Really Open Source Is It?

      "It would be great to make the code available to the worldwide medical community so we could improve heathcare globally."

      Let's see. Where might we find it? Let's make a guess at www.nhsbuntu.org

      Oh, yes. That looks right.

      Now what happens if we click the Download now button...

    2. Adrian Midgley 1

      Re: Not Really Open Source Is It?

      Dumb......

  56. Sam Haine

    NHSbuntu and users with disabilities?

    How usable will NHSbuntu be for users who are visually impaired, hearing impaired or have limited use of their hands?

    1. PVecchi

      Re: NHSbuntu and users with disabilities?

      Haven't personally tested any accessibility features but as NHSBuntu carries on all the accessibility features built into Ubuntu I believe pretty much everything is covered.

      More info here: https://wiki.ubuntu.com/Accessibility/Links

  57. David Roberts Silver badge
    Windows

    Magical thinking?

    Ploughed my way through all this at last and it does seem to be 90% belief that Linux farts pixie dust and so the logistical problems that are stopping Windows version updates (known technology, established in house support) will just disappear as soon as Linux is offered.

    Also a lot of "well, obviously they did it wrong" which doesn't really help much. That doesn't change the existing problem of trying to do it right.

    I am old enough to forget most of the reasons that bespoke systems running various flavour of Unix died out and were replaced by generic Windows systems but I think the main one might have been that bespoke software ran on Windows on standard hardware which everyone knew and used.

    At the time if you wanted to sell a Unix box you had to have all the specialist software ported by the supplier then demonstrated to the customer.

    Or you could buy Windows and choose a package written in the USA (huge market so much better market place for software developers) and shop for a cheap hardware deal for PC compatibles.

    Where are they now? HP, Data General, NCR, Honeywell, {mumble} and others?

    Linux has changed that playing field a lot; you can now shop for commodity hardware and look for your favourite Linux distro but you still have to counter the enormous commercial driver to develop first (only) for Windows.

    So moving from Windows to Linux is possible.

    It may well have major long term benefits.

    However people posting here with experience of working within the NHS seem to be mainly in the "never happen" camp and it is quite possible that they know whereof they speak.

    The cost of change is huge, and people see Windows as familiar and low risk.

    Things are bad enough already in the NHS. I don't expect there is a massive appetite for a major upheaval in IT.

    Kudos to the people demonstrating that it can be done. Dedicated forward thinking enthusiasts. I wish them luck but I'm not going to be holding my breath.

    Oh, and IT in general has changed a lot. Dedicated IT specialists are replaced by outsourced support on a different and much cheaper continent. Traditional in house skills are slipping away. Loved by bean counters though. Not the most encouraging environment for a brave new strategy.

    1. Anonymous Coward
      Anonymous Coward

      Re: Magical thinking?

      The outsourcing of jobs has always been a bugbear of mine. The total amount paid out is lower, at initially at least, but for publicly funded entities, or corporations whose entire income is tied to a place, the outsourcing of jobs means unemployment, loss of taxable income, and perhaps most importantly loss of expertise. I'm not sure how it's allowed to take place, other than those who make the decisions are well paid to make sure decisions are made.

  58. Jonathan 27 Bronze badge

    If they treat it like they did the Windows solution, it will go off the rails. Ubuntu doesn't remain magically secure without updates. Could you imagine them running a version of Ubuntu that was contemporary with Windows XP now?

  59. Paul Chambers

    ...there is definitely a cost driver in favour of windows.

    ...which is that the windows environment is predicated on being a monitised platform, with paid for software. If you want to generate cost points at every level on IT (from software sales, through customisation, and out to support), and therefore pay staff, and build a business, then windows is the smart choice (as a supplier, the customer pays).

    If you want to set up something for yourself, at minimum expenditure, with the ability to source free tools, and stitch them together to solve real tasks, then GNU/Linux has an awful lot to offer. Particularly with it's superior non-crippled network and security options, and it's more resource efficient footprint on servers.

    I've constructed, deployed, maintained, and supported, both windows and *nix servers and networks. Neither does all the things that the other does, there are pro's and cons...but anyone who seriously thinks an open-source based network (servers and clients) are more expensive to run than a broadly equivalent windows network has been at the funny stuff.

    Lots of small understandable tools, that can be deployed as a consistent whole, to achieve specific tasks, that can be easily customised, and efficiently deployed (resources, cycles, memory footprint, networking), beat the hell out of any monolithic, labyrinthine, dependency riddled windows application that I've ever had the displeasure to have to try to fix.

    The point here is that the NHS is a large organisation, with a wide range of clinicians and other staff, and sod all chance of getting competent systems managers to every point of presence. It has a scale, and budget that should allow it to benefit from central provisioning, and maintenance. The customised, cut down, remotely maintained client-server model should be the best bet here (if with some local proxy/caching).

    Way easier to achieve something good in this paradigm with GNU/Linux than windows, in my view. Open source tools should be as functional, more transparent, and less costly - both up front, in development, and in support. The difference is that you need to put together a team to do it, because there are not the layers of profit that there is in the proprietary sector that pays for all the "supplier knows best" that you are allowed to purchase at a substantial markup, and then locked into.

  60. Gerryb

    All NHS PCs should do is validate the user and bring up their personal virtualised session. Not run much more than that. Doctors and nurses hot desk. I dare not think of the hours wasted logging back into windows (Unbuntu would not be much better) and then log back into the clinical systems at each station.

    One NHS machine I go takes 7 minutes to get back up on line. We should be able to put in our smart card, authenticate and pick up where we left off at the last terminal with our placeholders and programmes there. Pick up a virtualised session. If NHS Ubuntu aids that and hot desking I am in!

    1. HPCJohn

      Gerryb, this is entirely possible, and using smartcards too.

      It makes me weep that the NHS doesnt use thin clients and Virtual Desktops.

      Putting the windows vs Ubuntu bunfight aside for a minute,

      imagine that there are small devices, abotu the size of a paperback book or a pack of cards. These devices are secure, and are certified by the military. They are used by the thousands by trading desks in the City. If the MoD and the banks trust them... why not he NHS?

      The devices consume about as much power as a lightbulb, and can be obrained with fanless operation so they are safe in anaesthetic gas environments.

      The central IT departmen tof course has to maintain servers running virtual desktops, but this is a mature technology. the data never leaves the data centre. Patches can be applied centrally to the VDI images.

      Also USB ports on these devives ar elocked down - you cna only plug in recognised keyboards and mice. A USB stick carrying a virus or used to downloa dpatient data? Pffft. Does not work.

      These divices support smartcards and desktop roaming. So all you need to is put your smartcard in the slot. When you move aroudn the department you take the card to the next station and the desktop follows you.

      I knwo all this is possible with PCOIP zero clients, and I am sure Citrix also.

      1. PVecchi

        PCoIP and Citrix can do the job but as things progressed there are other technologies (yes OK vendors) that are way more efficient in delivering Linux and Windows virtualised desktop from the same infrastructure. I agree anyway that, especially during the transition period, is probably better to provide a NHSBuntu virtual desktop than replace the OS on the device (quite likely with BIOS/chipsets tailored to work only with Windows).

  61. Sirius Lee

    Oh, dear. The Linux desktop fantasists are out in force today. In this case the fantasised solution to not applying updates to Windows is to replace it with something that doesn't need forced updates.

    There are many organizations in the world that have has years long efforts to displace Windows. El Reg has reported on the city of Munich which after trying to use Linux for years has reverted back to Windows.

    If Linux were a silver bullet we would have been using it for years already. Its not. It has many significant problem when used in any context but especially in a desktop context. Linux kernel updates often require that applications are recompiled and Linus Torvalds has explicitly stated that backwards compatibility of the kernel is not ever on the card for Linux.

    For a the relatively small number of servers managed by a dedicated group of support specialists this may be acceptable and required re-testing and re-certification of apps an acceptable cost. But for a large fleet of end user computing devices it certainly is not.

    Plus it presumes that some group of hackers in Leeds has even the vaguest clue about the range of applications that are used across the NHS. The difficulties of implementing GP systems across the NHS should surely throw up some warning flags.

    But, I suppose, the managers who will ultimately sanction the notion of replacing Windows with some relatively untried Linux-based solution are the ones who also permitted the use of un-patched Windows in the first place.

    1. Doctor Syntax Silver badge

      "El Reg has reported on the city of Munich which after trying to use Linux for years has reverted back to Windows."

      I take it you haven't read the thread and seen the various replies to this bit of FUD.

      1. PVecchi

        And probably he hasn't read that most of the issues and costs Munich is having are related to maintaining legacy Windows systems that they cannot migrate neither to another version of Windows or upgraded to Linux as the vendor is not around any more.

        In the meantime WannaCry happened and LiMux techies have been seen going around smiling all the time.

  62. localzuk

    Moving the costs

    Like it or not, the pool of Linux savvy tech staff is smaller than the Windows pool. So, if you move everything away from Windows, you will end up with a few new costs:

    1. Retraining for existing staff

    2. Increased costs hiring new staff with the skills needed

    3. Reduced availability of specialists for the big/complex issues, and therefore increased consultancy costs

    So, yes, reducing dependence on Windows is a good thing, but it shouldn't be seen as just a way to cut costs.

    Investing in their staff is always a good thing though too!

  63. russmichaels

    A ridiculous nonsense click bait title and an article full of ignorance, probably on the part of NHS rather than the writer.

    This would be a great solution if it was being properly managed and maintained going forward. But sadly history and common sense say otherwise.

    Will moving to Linux same some money.

    OK so they will not have to pay for Windows licenses, but as we all know from previous articles, most of the current expenditure came from having to pay Microsoft for extended support for Windows XP.

    So they will save the ongoing license costs, but they then incur new costs for implementing and maintaining the new Linux systems and training everyone how to use them. So I think that saving will be lost in the first instance.

    Remember that the average NHS employee is not going to be very computer literate, and even struggles with Windows, but when Windows problems occur, there might be someone more computer illiterate around who can help. Once they have moved to Linux, that is out of the windows, there will not be a single person who will know what to do with Linux, and we know this because Linux is used on less than 2% of desktops (servers do not apply here, so calm down fanboys), so every issue will require a call to tech support, which will also incur a cost.

    Govt not keeping their IT systems up to date is a systematic problem, not just in the UK either. Moving to Linux is not going to miraculously change that. So unless they address the whole issue with maintaining systems and keeping them up to date, then they are still going to have the same issue. Sure they will have some added security through obscurity thanks to that <2% userbase, so won't have much malware to worry about. But once it becomes common knowledge that NHS is running on Linux, hackers and malware writers will likely make more efforts to target Linux, especially knowing that NHS are likely running an older version with known vulnerabilities.

    Granted this will probably take years, by which point the NHS bigwigs will have a false sense of security and will probably have adopted the old "We don't need to worry, Linux doesn;t get malware and is unhackable" attitude, so the whole OS maintenance and updates plans and procedures will be even worse than they were with Windows, maybe even non-existent, especially since nobody is telling them "you must update, it is not safe, your OS is end of life".

    Now we sit back and await the rantings form the Linux trolls who didn't read this properly and jumped to the conclusion that it was an attack on Linux rather than the govt's incompetence.

    1. Anonymous Coward
      Anonymous Coward

      >A ridiculous nonsense click bait title....

      A slight flaw in your argument, anyone can write and deploy patches for open source, only Microsoft can write patches and deploy for Windows. That is the critical difference between the two.

      Remember banks, COBOL and Y2K ?

    2. Doctor Syntax Silver badge

      "Remember that the average NHS employee is not going to be very computer literate"

      Neither are my even more elderly cousins who nevertheless have made the transition from Windows to Linux. That includes the one who got hit with ransomware on Windows. Her data was recovered with the aid of a Linux live CD and copied back to a new Linux partition on her PC and which she now uses exclusively. Are you saying NHS staff are less computer literate than an 80+ retired hairdresser?

      1. Charles 9 Silver badge

        HELL YES!

        Not to mention they have to be able to use more technical software (and sometimes even hardware--does your hairdresser have to interface with something like a patient monitor?).

  64. SkippyBing Silver badge

    'Electronic Patient Records (EPRs), which have a 20-year lifespan'

    Errr.... I was kind of hoping mine might last a bit longer than that.

    1. Doctor Syntax Silver badge

      Re: 'Electronic Patient Records (EPRs), which have a 20-year lifespan'

      "I was kind of hoping mine might last a bit longer than that."

      Hasn't anybody told you?

  65. Anonymous Coward
    Anonymous Coward

    History repeats itself

    Hmmm,

    Reminds me of the recently failed experiment in Munich where all the city computers moved to Linux, and guess what, 10 years later they announce that they are moving back to Windows!

    Open source makes it far to easy for maleficents to create backdoors that are not caught! (not saying that this is not possible in Windows but it is much more difficult for a perpetrator as they would to get the right person a job in the "windows team" before they can inject the code they need).

    Anyway time will tell but history has a habit of repeating itself!

    1. Anonymous Coward
      Anonymous Coward

      Re: History repeats itself

      Microsoft will be giving them the deal of the century as an incentive plus under the table incentives to finally nail this one.

      Open source makes it far to easy for maleficents to create backdoors that are not caught! (not saying that this is not possible in Windows but it is much more difficult for a perpetrator

      Once you have the master key to one Ford Focus you have them all, strength in ecodiversity or don't you follow biology much ?

      And closed source isn't full of backdoors ? There's more backdooring going on in closed source than in a Ron Jeremy blue movie.

    2. Doctor Syntax Silver badge

      Re: History repeats itself

      "not saying that this is not possible in Windows but it is much more difficult for a perpetrator as they would to get the right person a job in the "windows team" before they can inject the code they need"

      As you don't seem to have been reading the news recently I suggest you catch up. Google Wannacry or Shadow Brokers to get you started.

      1. Charles 9 Silver badge

        Re: History repeats itself

        I'll see your Wannacry and match you with Heartbleed and Shellshock. Just because you don't hear of Linux malware doesn't mean it doesn't exist or is being exploited (even by State agencies) without your knowledge.

  66. Anonymous Coward
    Anonymous Coward

    Work in the NHS

    I'd love to see a Linux replacement of the Windows crap I'm forced to use.

    Then I think of my colleagues who are incapable of replying to an email without using reply to all (Not an option that should exist without jumping through hoops) Every Time!

    Then I wonder how these people find the on switch for their computers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Work in the NHS

      "Then I wonder how these people find the on switch for their computers."

      They probably don't and just switch off their monitors every night thinking that's the switch.

  67. dbastianello

    Enough with the "in the hands of consultants" male cow excrament

    I've been in IT for 25 years and there are consultants on either side of the camp Open/Closed. Consultants can either be awesome or horrible. They can screw up open source or proprietary, I've seen it all over the years. So enough with this BS, Open source is the way forward for the future of humanity... imagine if we had copyrights/patents at the beginning of humanity, we'd still be fighting over who invented the stick, fire, the wheel... and still be living in caves.

    Open source is not so much about the code but more about the work (paid work) that can come of it. All companies seem to have no problems hiring (permanently or contract) graphic artists to create custom logos and designs but these same companies seem to have a hard time to wrap their heads around the concept of custom code. Ultimately competing companies operate roughly 80% the same which is why many of the open source code out there will do just fine. In that 80 % you have office work (documents, spread sheets, presentations, diagrams), research (web, pdf, calculations), entertainment (music, videos, gaming) ... all of these problems have been solved in open source and have been refined for many years now... we don't need the capital that proprietary companies required to get these ideas off the ground at the beginning. I still do see a place for closed source but that is in a very niche environment and not for the masses.

    The benefit of open source is in that 20% difference between competing companies, this is where open source will shine. Of course companies like Microsoft will come in and say we have a 2000.00 (CND) dollar a day "engineer" who will come in and help, but then Microsoft owns those changes even though they are for your company... governments (especially the technically idiotic Canadian government) are especially affected by this, tax payers pay government to make custom apps/systems which are then implemented and since they are hacking closed source they get problems (cause they don't know what's under the hood) which require a consultant from the proprietary vendor to come in and fix it. They report back to HQ of these changes and they will integrate the "feature" into the next release and sell it for profit to others... what a pile of BS that is.... as a tax payer I demand a discount from these proprietary vendors for taking tax payers money and profiting from it.

    At any rate stop trying to protect your job by saying open source is no panacea, you should be happy (especially if your a developer) since this will create more opportunity since no one owns open source and if one "consultancy" firm treats you like crap or pays you garbage you can just move onto the next until you find your cozy place. Stop thinking as far as tomorrow, think about a year or more from now.

    1. Anonymous Coward
      Anonymous Coward

      Re: Enough with the "in the hands of consultants" male cow excrament

      Well, the thing about custom logos and such is that there are two key reasons they're important. One, legal identity since you need something unique to register as a trademark or service mark, which leads to reason number two: a good logo sticks in people minds and helps people to identify you, and that can be crucial to a company. Like brown trucks with beige shields makes most people think UPS. Same psychology. Graphics are important because clients/customers see them.

      Code is all behind-the-scenes stuff. It's not like the customers or clients will see your code on a daily basis, unless they operate presentation equipment.

      As for ownership of code, that will always be complicated, especially if they're custom linchpin code. Usually, the company negotiates to make sure they own the code or at least the means to alter it if need be, but like a car, technology moves on and eventually things get too stale to upgrade or repair. Thing is, many firms don't put money aside for that eventuality, and investor pressure adds to the worries as many can't think long-term. As for support, that's a "your mileage may vary" thing. If the application is important enough to require an on-call technico, you have to plunk down, and so on.

      1. dbastianello

        Re: Enough with the "in the hands of consultants" male cow excrament

        Fair enough about the graphic designer but honestly it is to make a point... but I guess there are those who enjoy being devil's advocate instead of actually understanding the idea behind things. Thank you for your input though, I will more thoroughly think through my examples in future as to satiate this type of thinking and not "confuse" people with the actual reality of how and when consultants are called upon.

  68. Anonymous Coward
    Anonymous Coward

    Uggh, so much naivety

    'cannot migrate neither to another version of Windows or upgraded to Linux as the vendor is not around any more' Yep, and that will also apply to the NHS, perhap more so, as they dont have money to replace old capital equipment.

    WalmartBuntu? No.

    McDonaldsBuntu? No.

    ShellBuntu? No

    ExxonBuntu? No

    VolkswagenBuntu? No

    FoxconnBuntu? No

    NhsBuntu? Oh yes, absolutely, of course, it makes complete sense. For purely altruistic reasons, we all love a bit of FOSS on the side. Make money from it?, No, thats they other chaps, the evil vendors. Bad vendors! We are develpoers, we'll do it because we 'heart' the NHS. Current budget is Hundreds of billions you say? Right, well, thinking about it a bit more, we probably will have to charge you somethign for it.. might be quite a bit actually, less than the other evil vendors, of course, but yes, might cost a bit at the end of the day...

  69. IanMoore33

    deploying an app on C# or .net is the headache

    I suspect these apps are done on a Windows development so replacing the OS won't help

  70. RobMobility

    Why not use your smartphone as a PC instead?

    Samsung and Huawei offer dockable smartphone solutions which would enable 1 device to be used to access systems either via Android apps, Web Apps or VDi.

    These can shortly be extended to laptop capabilities.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019