sábado, 14 de febrero de 2009

Conficker affected me... though I don't use Windows

Some years ago, I used to work for a pediatric hospital. It was a pretty cool environment to work in. People in the IT department made up a family... a dysfunctional one.. but a family, nevertheless (I know you still do, guys. Keep it up!). A happy environment where our work really made a difference.. in terms of saving lives.... even if not directly.

This hospital is mostly funded with public money (either from the country's central government or the state's government), and I believe it's probably one of the most efficient and pleasant hospitals (for workers and patients) in the country.

The hospital was built on proprietary software all around. OS (servers and desktops), databases, application development, groupware, etc etc etc. Back in time, when the decision had to be made about what software was going to be used when the hospital was to be opened up, FLOSS wasn't that "popular" in my country, XP hadn't been brought down on its knees by viruses over and over again and I certainly wasn't there to make a dent on that decision (I think that even I wasn't using FLOSS at the time... how things change). And probably using FLOSS would have been more of a geeky, freedom-loving decision than a "business" one.... even if on the long run (a veeery long run, probably), having used FLOSS instead would have paid off (which I'm sure it would if it had been chosen instead).

When I landed my job at the hospital (when it was almost 5 years old) and first arrived at IT and started installing my favorite distro at the time, I felt like in those old Apple advertisements where the Apple guy is surrounded by snoops trying to see what's going on with his computer. They were just drooling to see what was going on. Though some of them had either heard of FLOSS or had brief experiences with it, no one had taken it as their main platform for every day use the way I had. I had to explain a couple of misunderstanding about the development model, business models and so on. I guess we FLOSS supporters have had to deal with that every now and then. A couple of years later, I had managed to get GNU/Linux in a couple of servers, had trained people to use Knoppix for recovering purposes, had made a couple of amazing hacks to fix some special situations (recovery of a broken HP RAID5 comes to mind) and made sure people understood that there are options available and they didn't have to stick with whatever thing was coming out of Redmond. I quit almost two years ago to move to another country. And life goes on. The servers are still up and running, in case you are curious.

I hadn't thought about it for a while, but given the recent Conficker outbreak, I got to rethink of the whole thing again. Now.... there was something that bothered me A LOT.... and it still does (though I'm not working with them anymore, I still feel like I'm a part of the family). They are still developing applications in-house using proprietary frameworks tied to Windows. And here is why it bothers me: They have invested and continue to invest time (hence money.. public money, should I add) on getting themselves tied to one proprietary platform. Every line of code that they add up to their already enormous code stack is another line of code that ties them even tighter to Windows. And that's sad. What's done is done.. there's not much they can do about the code they have already written... but they could be changing the languages they use to develop their applications that could allow them to move to another platform if they so wished later on (doing it gradually). When I was about to leave, the head of development quit his job as well... and that would have been (probably) the best moment to make a push for multiplatform languages, but unfortunately I was quiting as well so there was no change in development frameworks.

It hurts me to see one organization that I care so much about tied to that security hole disguised as an operating system that's Windows. And even more that they still don't take the necessary measures to try to get out of that platform, even if it's one small step at a time. Conficker just reopened that small wound I carry with me.

2 comentarios:

  1. It's a shame that ignorance can cause so much pain and suffering, yet we see it every day. Microsoft doesn't help. If they would let their techs endorse free software tools, a lot of broken Windows servers and a lot of corrupted and lost data could be recovered faster and easier. The suffering is not just related to Windows. Practical, useful knowledge is a subset of what we call wisdom. Unfortunately, wisdom seems to be in short supply in business, healthcare, and not just in IT. Wisdom may be nonexistent in banking except for a few instances.

    ResponderEliminar
  2. I also write about Coficker, you can read it here:
    http://www.webupon.com/Security/April-Fools-Day-Worm.617545
    I guess we will all have to wait and see what happens on April Fools day.

    ResponderEliminar