Japan's XP migration solution: Remove network cable

Security problems solved the old-fashioned way...


A Japanese local government has come up with a rather unusual solution to the problem of Windows XP migration – keep the venerable OS but disconnect the remaining PCs running it from the internet.

In around a year’s time, April 8 2014 to be precise, Microsoft will end free support for the operating system which is still installed on around a third of machines in the Land of the Rising Sun.

This will mean an end to free security patches and fixes for knackered code – exposing organisations to a host of potential info-security risks.

However, with cost pressures to the fore, some prefectural governments are taking unusual steps to deal with the impending OS-ocalypse, according to Japanese paper Chunichi Shimbun (via RocketNews24).

Aichi prefectural government is planning to replace 7,200 of the 8,000 PCs running XP in fiscal 2013, but has decided to keep the remaining 800 even after the 8 April deadline.

In the prefecture’s Ichinomiya City, for example, a third of its XP machines (around 360) will be kept running but safe from harm by disconnecting them from the interwebs.

In Toyohashi City, Ethernet ports will apparently be taped up in case users forget that their machine is no longer allowed to reach a network.

The report didn’t specify whether IT teams in the region were also planning to tape up USB ports – although this would remove another potential channel of infection and data leakage, and isolate the legacy boxes even more from the rest of the office.

The cost of upgrading hardware and software appears to have taken its toll in other ways too.

In Gifu prefecture’s Takayama City, an IT bod told Chunichi that city officials would be forced to help out with the upgrades because outsourcing such tasks is a luxury they can no longer afford. ®


Other stories you might like

  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • US to help Japan make leading-edge 2nm chips, possibly by 2025
    Player Four has entered the game

    Japan is reportedly hoping to join the ranks of countries producing leading-edge 2nm chips as soon as 2025, and it's working with the US to make such ambitions a reality.

    Nikkei reported Wednesday that businesses from both countries will jointly research the design and manufacturing of such components for devices ranging from smartphones to servers as part of a "bilateral chip technology partnership" between America and Japan.

    The report arrives less than a month after US and Japanese leaders said they would collaborate on next-generation semiconductors as part of broader agreement that also calls for "protecting and promoting critical technologies, including through the use of export controls."

    Continue reading
  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading

Biting the hand that feeds IT © 1998–2022