Comment by kube-system
6 days ago
These things are not as trivial as you think they are when that computer is connected to industrial equipment that costs millions of dollars, you have no test environment, the original vendor no longer exists, and any failure or downtime at best will cause millions in financial losses, and at worst will maim or kill people.
The best option in these cases is to isolate the system from external networks to keep it secured and keep operating until the organization can afford a major capital expenditure to replace everything.
I work in automotive for OEMs and I've seen this at many factories. They still need to switch, because their technical issues are a supply chain risk for me. I don't want to hear that a batch is bad because they did abominable things to the software they were given. That's happened. I don't want to find out that they had a system die or get hacked and now things are shut down until some eBay seller mails replacements. Seen that. So on and so forth.
I ran out of patience years ago for the inevitable results of letting an unaccountable third party own decision-making on your critical systems. I'd much rather have that argument when the CEOs aren't breathing down our necks.
My experience on this topic is mostly with regulated industries like healthcare and critical infrastructure. It was probably less of a headache because the only solution was to properly maintain what you had or buy something new. Nobody was fucking around with the software or they would have gone to prison.
> These things are not as trivial as you think they are when that computer is connected to industrial equipment that costs millions of dollars, you have no test environment, the original vendor no longer exists, and any failure or downtime at best will cause millions in financial losses, and at worst will maim or kill people.
> you have no test environment
That can be solved.
> the original vendor no longer exists
Even more reason that your company needs to upgrade.
> That computer is connected to industrial equipment that costs millions of dollars ... any failure or downtime at best will cause millions in financial losses
I heard a minute of downtime on an oil rig costs millions in financial losses.
So a fuck-up is extremely expensive. Nothing new to me. I've also worked in industries where a fuck-up can cost lives. That's also extremely expensive.
Trust me, there are software engineers and hardware engineers who know your pains and aren't afraid of how difficult you think this stuff is. Yes it's difficult, no it's not impossible. And it's a lot cheaper than you think if it's done right.
Why would you take a working system and replace it with one that introduces an entirely new set of bugs and issues that needs to be ironed out? Who benefits in that scenario beside support getting paid by the hour?
In my experience working in manufacturing almost always far more important things to be worked on, especially since either way you have to setup the windows machine because production needs to be back up today.
> Trust me, there are software engineers and hardware engineers who know your pains and aren't afraid of how difficult you think this stuff is.
If you think I’m describing a software engineering problem, I don’t think you understand what I’m saying.
Sure, you can do anything with infinite time and money, but those can be quite prohibitive where the limitations are tens of millions of dollars and/or a years of regulatory hurdles.
I’ll give you an easy example:
I have maintained multimillion dollar surgical equipment that ran outdated versions of Windows. Even if you were an expert in all the required disciplines, You can’t change the software on the thing without recertifying the system, which is more expensive than buying a new one. (Not to mention that the organizations that use these devices aren’t credentialed to even begin that process) The only viable solution is to maintain it to the original specifications and implement appropriate security precautions until the useful end of life. There is literally no other workable scenario that isn’t laughably ridiculous.