[Beowulf] Wired article about Go machine
Robert G. Brown
rgb at phy.duke.edu
Thu Mar 26 10:01:02 PDT 2009
On Thu, 26 Mar 2009, Tim Cutts wrote:
> On 26 Mar 2009, at 2:42 pm, Robert G. Brown wrote:
>> Um, I don't believe that this is the case, and I say this as a semi-pro
>> consultant in health care.
> I don't know about hospital software, but it's certainly the case for some
> DNA sequencer instruments. Our ABI 3700 capillary sequencers have Windows
> machines attached for the data collection. ABI explicitly forbid us from
> either patching Windows, or from installing antivirus software. Doing so
> would drop us off support.
> Consequently, all those machines are on their own strongly firewalled network
> where hopefully they can't get infected, and if they are, the infections
> can't get back out again. At least, not easily.
That I'll believe, although there you're not dealing with the
government, you're dealing with a vendor, and the price you pay to
secure the machines is exactly what you stated -- put the system(s) in a
box and pray.
There are also quite possibly legal liability issues -- those are common
reasons for a policy like this on the part of a vendor. (Legal) risk
management is far more likely to be dictating policy than government
edict, and you'll often see very different strategies for that
management depending on whether it is IT dominated or lawyer dominated.
IT people want to patch and test but stay current, lawyers want CYA and
no change. The latter often don't UNDERSTAND the arguments for staying
current and patching holes -- they only understand "certification",
which they interpret as "they get sued if we have a problem, not us".
Truthfully, this is one reason a lot of people stay with MS, in spite of
their abysmal track record with security. They're so bad, they provide
an automatic "it's not our fault" escape clause, and the company is so
big that they have deep pockets should they get sued due to a
contratemps and they make the lawyers feel all warm and fuzzy because
how'd they get so big if their systems weren't reliable? Twenty years
ago it was "Nobody ever got fired for buying IBM", same argument. Red
Hat has been working hard at providing at least the illusion of a
similar level of stability and risk assumptions, and of course in
general they have a much easier time of actually delivering.
> The Wellcome Trust Sanger Institute is operated by Genome ResearchLimited, a
> charity registered in England with number 1021457 and acompany registered in
> England with number 2742969, whose registeredoffice is 215 Euston Road,
> London, NW1 2BE.
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb at phy.duke.edu
More information about the Beowulf