IRS Using 13-Yr. Old Microsoft Software

Discussion in 'privacy general' started by wtsinnc, Jun 2, 2015.

  1. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    This in itself is not news, but this article expands on that theme and offers additional and more troubling information (example: See paragraph 4).
    This begs the questions;
    how many other government agencies are as vulnerable ?
    Has anyone lost their job because of this ? If not, why ?

    http://www.foxbusiness.com/personal-finance/2015/06/01/irs-running-13-yr-old-windows-xp-software/

    It doesn't matter how well a person secures personal information at their end if government agencies, banks, and commercial entities remain careless with that same information.
     
    Last edited: Jun 2, 2015
  2. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    489
    Location:
    Earth .... occasionally
    From what I have read , many ATMs are also running ancient software .... scary stuff !
     
  3. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    If they are using Xp embedded client software it is not so vulnerable. Xp embedded is flash rom based and is more like firmware. The core software can't be altered and nothing that happens while it is running survives a reboot.

    USPS is also using Xp. The whole hyped up upgrade culture is at odds with institutional stability. Government agencies typically work on 10-20 year cycles, not 6 month to 3 year upgrade cycles. Banks are a bit faster but they still don't like to completely change their systems that often.

    If they were smarter, they would use Linux so the enormous licensing costs would not be an issue when they need to upgrade.
     
  4. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,147
    Location:
    UK
    It's not that it's XP so much as they have no incentive to actually care that much. Fining government departments is pretty meaningless, and managers and employees have pretty much total immunity, particularly since they want to point at budget cuts in any case. Nor do the suppliers/software vendors have significant levels of liability (and my understanding is that current legislation post-Sony regarding hacking is trying to absolve them of even this).

    And then the poor old user is struggling to establish who is responsible and prove harm.

    Kind-of related, the Trade-in-services fast track agreement they're trying to slip in has provision to prevent nations from mandating open source software.
     
  5. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    By my personal experience, it's not only government.
    Less than two years ago, I was in a local bank and saw on a computer monitor the splash screen for Windows 2000.
    I was really glad that I was there to close my account.
     
  6. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    Cursory Googling shows that they're paying for extended support. (Not sure if the FOX article says so, frankly I'd rather not browse there.)

    But I'm not surprised at all, really. And from what I've seen in various offices it's not just a government thing.
     
  7. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    489
    Location:
    Earth .... occasionally
    My bolding above

    And what a fantastic money-spinner that has become for M$ !

    I got interested in this last year when I read how many government departments , financial institutions etc , all across the globe
    were paying for this ongoing support for operating systems that no longer had any "official" tech support.

    Trying to find even a " ball-park " figure for how much this support might cost proved pointless.

    It started me wondering if there was a dedicated support " team " ( or even just one person ) for each major customer.
    A large government department may have tens of thousands of PCs running an " obsolete" OS.
    In these difficult economic times the cost of building a new system from the ground up might make it impossible ( think Greece ! )
     
  8. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    This is a bit of serendipity. My work had me attend a training conference in state funding procedures for local communities. In attendance were several mayors and others in local and municipal governments. It was basically about public money for infrastructure. IT was not part of it per se but hardware would come under the infrastructure label. One of the things covered is what qualifies a project for funding. One of the qualifications is that the public money be for projects that have a lifespan of at least 10 years. That says it right there, there is a real culture clash here. Government money is spent with the expectation that the purchase will be for a 10 year minimum. This is state and local government. The federal government is even slower. That is totally at odds with the present update culture where hardware is obsolete after 10 years and where software gets updated on a monthly basis in some cases and OSes are old after 3 or 4 years.

    A few side notes. Bringing a laptop was mandatory. We were logging onto state government databases which were somewhat difficult to navigate and made with software that is probably as old as Xp. The wifi network we logged onto looked fairly well set up. I got around 80mbs with about 30 others logged on at the same time speed wise. We were on a subnet set up specifically for guests.
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    That's not how it works. You don't lose jobs over which software you lose - you lose jobs over data you lose.
    It's more important to have a stable and consistent platform than the latest fad.
    Mrk
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Also, retraining staff who have used Win XP for many years is a serious pain ;)

    Some of them haven't yet recovered from the switch from DOS to Win XP :eek:
     
  11. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    I somewhat agree with you Mrkvonic.
    People do not lose their job because of the software.
    -But-
    In this culture, they also don't lose their job over the data they lose.
    Or pretty much any other activity- except for whistle blowing.

    -But XP is not the real issue here-

    The real issue is that there is pretty much no accountability at any at any level of government for the loss of data or wasted dollars due to greed or incompetence.
    See how difficult it is to fire a government employee.
    http://www.myfoxdc.com/story/21815635/how-complicated-is-it-to-fire-a-federal-employee

    Some may not like or trust the source of this story, but it cannot be denied that departments and agencies within those department including but certainly not limited to the IRS, the Department of Commerce, the Department of Defense, the FBI, the U.S Secret Service, the Department of Justice, The Veteran's Administration, The Department of Energy (grants to bogus or known to fail alternative energy companies and concepts), HHS, and so many more have engaged in corrupt and often illegal activities. These activities and the massive waste resultant are the direct result of the culture of unaccountability which exists and actually sponsors as well as protects the criminal activities which have been ongoing in some cases throughout several decades and multiple administrations. Add to the above the worse than dismal record of the United States Congress to adequately investigate and punish the perpetrators because of conflicted interests. This is absolutely a culture which beckons to anyone seeking a career where real accomplishment is subservient to protection of the mother ship.

    There is no accountability, only the goal of self-preservation of the system, so an agency is allowed to spend hundreds of thousands of dollars on "conferences", "consultants", and "educational" and "training" seminars which usually require by design taxpayer paid first class travel to a resort location offering 5 star accommodations.
    -And after all of this "education" and "training', the problems continue unabated.
    Agency directors are given the authority to re-direct funding from one project to another with little oversight or expectation that any project will actually be completed at or under budget.
    -And the congressional oversight committees do the very same.

    I don't buy for one moment the theory that it is too difficult to learn a new operating system. We can never know for sure, but I strongly suspect the vast majority of government employees have something newer than XP on their personal computers and certainly something newer than XP on their tablets and smartphones.
    They can learn if they have to.
     
  12. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    Last time I looked, our local government was using an MSDOS database application inside of an Xp wrapper. I doubt that that's changed.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    MSDOS database? That is impressive!
     
  14. russ0408

    russ0408 Registered Member

    Joined:
    May 16, 2010
    Posts:
    28
    Location:
    On. Canada
    I read today In Softpedia I think it was ATM's may start using Linux as their system of choice.
     
Loading...