[beachstartup]

correlation doesn't imply causation.... except when someone selected windows, and then made 50 other moronic decisions also.

half the work done in this industry is just dealing with stupid decisions made by stupid people. i just accept this now.

[tluyben2]

But when Windows is chosen because it is easier to find coders who will 'remain within the budget' (cheapcheap) and cannot even make sure the virus scanner doesn't run during procedures or at all it goes a bit too far.

[Amezarak]

According to the article, it was the hospital IT that misconfigured the antivirus, not the application developers.

Is there some reason to believe this wouldn't occur on a Linux system? There are plenty of dumb IA requirements that antivirus be installed on Linux, too.

[zanny]

Hardware involved in heart surgery running a Linux system should have literally the bare minimum of software to run it. That means kernel, init, networks support (dhcpcd, systemd-networkd, if absolutely necessary samba, sshd, etc) and custom software running on top of that as nobody. Not some ~20GB of Microsoft crap driving the system to crash every couple days.

[Amezarak]

> Not some ~20GB of Microsoft crap driving the system to crash every couple days.

I agree the system should be running as few services and as little other third-party software as possible, but let's be fair. Since at least Windows 7 / 2008R2, particularly for an offline system, the OS is not going to crash unless there is a hardware problem. It's not clear the OS crashed even in the article - "the screen went black" (the application went black?) and they "had to reboot" doesn't give us enough information.

A modern Windows system, like a modern Linux or a modern FreeBSD, is stable and will stay up for as long as you need it to, unless as I said before, there is a hardware problem. (Or in the case of consumer Windows, you do an update.)

EDIT: According to the actual report, the OS was not rebooted, the application was. There was no Windows crash.

> On (b)(6) 2016, a customer reported to merge healthcare that, in the middle of a heart catheterization procedure, the hemo monitor pc lost communication with the hemo client and the hemo monitor went black. Information obtained from the customer indicated that there was a delay of about 5 minutes while the patient was sedated so that the application could be rebooted. It was found that anti-malware software was performing hourly scans. With merge hemo not presenting physiological data during treatment, there is a potential for a delay in care that results in harm to the patient. However, it was reported that the procedure was completed successfully once the application was rebooted.

[pdkl95]

"Cheaper" or "remain within the budget" doesn't excuse using inadequate parts that don't meet the design requirements.

Unfortunately, this total disregard for safety isn't just software anymore. When we stat skipping lessons that we've know for a looooooonng time (such as why a split bobbin is an important feature in a transformer[1]), we have evidence of a serious need for strongly enforced regulation.

[1] https://news.ycombinator.com/item?id=11474730

[tluyben2]

I know it doesn't, but unfortunately it is often how it works. More than I want to remember I have seen things like 'but lives depend on this!' or '100s of millions can get lost if this doesn't work!' and yet when the RFPs come back and something like InfoSys is chosen because big name and cheaper than experts in the field.

Edit;

> we have evidence of a serious need for strongly enforced regulation.

Better education? But I guess strongly enforced regulation will force companies to not go for the cheapest solutions they can get away with which in turn will require people with actual knowledge in the field which will require better education, somehow.

[pdkl95]

Better education is always a great idea. Unfortunately, regulation becomes a necessary fix for immediate problems.

Note that regulation is the nicer option; the other way to force people to get the necessary education is liability, which could get really ugly in the case of medical devices.

[tluyben2]

There have been 'predictions' in the past of software creators being made responsible for the software they write in a liability way. Which will get very messy indeed. And grind the software world to a halt. Regulation is the nicer option and definitely the more realistic option.

[makomk]

Sometimes it's all about tradeoffs. For example, a split bobbin is actually undesirable in most transformers because it reduces coupling between the windings, reducing the efficiency of the power supply. That's why if you look inside a better-quality power supply you'll often find that they have a split bobbin for the input common-mode choke and then a single bobbin with layered windings for the main transformer.

[dredmorbius]

Only half?

I mean this quite seriously: you're hugely underestimating. Possibly unaware.