thank you for your openness and honesty …
my view is that @ the top levels the provision of health IT by the NHS is currently being run too much like an academic “exercise”
and not enough like a sustainable business that puts the health and safety of it’s users/customers/consumers/owners blah blah blah first … there is nothing wrong with a “free for all” approach but I suspect the majority of people who are currently working within the entire NHS structure are better equipped to use Microsoft than anything else.

So I’d love to pilot something like this, but we don’t have the skills in house to do so. And if we outsource, the commercial market for support isn’t stable enough to risk running anything.

I know MS licensing is complex, so I could also be wrong, but Microsoft’s own guidance on VDI is that a VDA license is required for any device which is accessing a Windows VDI desktop. PCs are only covered if you have software assurance.

The Windows 7 Pro OEM license allows you to run one copy of Windows 7 locally in a VM, but you’re still having to buy PCs with a copy of Windows.

It’s not possible to avoid paying for a license if you wish to use Windows in some capacity.

The NHSbuntu approach uses virtualisation running LOCALLY on the workstation. This uses a local windows 7 VM. Alternatively, the desktop image could be run remotely. Use ovirt and spice products from Redhat.

Bye-bye VDE licences…..

Yes, it’s not specifically about Windows vs Linux. But, as I’ve explained elsewhere in these comment, the models employed by the Linux community and Microsoft couldn’t be more different, and that’s important. Yes, MS has substantially improved its security practices in the past decade. However, it was starting from an abysmally low bar. The open source world, with its signed package repositories (we had that 15 years ago) and the massive advantage of having the *whole* ecosystem managed on distribution servers was making MS look *very* bad, with its massive everything-and-the-kitchen sink monthly patches and its users’ habit of installing software from any old place, it’s had a LOT of catching up to do. Still, MS is motivated by profit. It introduces security patches along with “money-making” initiatives like ads on the desktop… It makes it hard for most people to differentiate between security and functionality patches. That makes it fundamentally different from Linux, which is 100% focused on solving problems to achieve technical correctness – there is *no* profit motive. I think that’s enough reason to actually prefer the Linux model over the Microsoft model.

“In the Linux world, though, no one as an interest in downplaying or burying vulnerabilities”.

So we will all be one happy family contributing the open source “panacea” including the CIA, hackers and criminal cyber gangs?

The benefits of switching to linux in this context are marginal and vastly out weighed by the cost of change. The fact that much of the NHS simply won’t function on linux and if we started today in 10 years we’ll still have Microsoft (probably XP too), will not resolve the issue.

In fact now we’ve got an even bigger landscape to manage and secure.

Given the basic failures that allowed this to happen I can’t see that being a pretty picture.

This isn’t about Microsoft/Linux, it’s about effective security management. Your OS choice is a small part of this.

As big as the WannaCry out break was there was still a significant majority unaffected by it and using Microsoft Windows.

Everyone else is just looking for excuses / something to do.

Help us to help you and others?
What is the name of the software you use?