Comment by jiggawatts
17 hours ago
I love how this leaks out the fact that the DHS is running production databases on operating systems that are months away from end of extended support.
Windows Server has 5 years of mainstream support, 5 years of extended support, and then an extra 3 years paid Extended Security Updates (ESU) support. For 2012 and 2012 R2 that ends in October 2026.
The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
> The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
I'm not going to say the wages are fine but the issue is likely not to be the competence of the IT staff, but rather the overbearing IT management processes the U.S. Federal government uses. "Enterprise change management" processes separate from the already-long cybersecurity review processes can add weeks or even months to system updates.
In that kind of construct, you optimize for fewer but larger changes and then it's no surprise to see that there's no time in the project update schedule to update the OS in addition to making all the other long-overdue library / middleware / application changes that also are pending once a change finally can be made.
I wonder how foreign governments do it? Better or worse
They hire US-based technology companies who fail in the exact same way.
(rare exception: Gov.uk government digital services; while they're not used for all projects, they are exactly the sort of committed and competent public servants we need more of)
It can be quite politically valuable to kick the can to the next administration.
The day-to-day operation of large government bureaucracies is surprisingly immune to elections. The same people stay in the same job for decades, the "churn" only happens at the highest levels, and even those positions tend to outlast changes in the current political party in charge.
Did you not see what happened in the last year to federal workers?
3 replies →
It’s a contractor to the DHS, but I’m not sure that makes it worse or better.
That's normal in big bureaucracies. I've worked on systems nobody wanted to breath around because nothing could be fixed.
To be fair, this transpired last year, so they actually had one year and some months before losing extended support.
That said, they should have migrated it years ago.