US Government Is Spending Billions On Old Tech That Barely Works

[HardOCP News]

A new report from the Government Accountability Office found that the government spends billions on maintaining really old tech. Personally, I find it hard to believe that our government would be as wasteful as this. Normally they are very good about managing our tax dollars and making sure the system runs as efficiently and effectively as possible.

A system used by the Justice Dept. to monitor security and custody levels and inmate population information still uses COBOL, a programming language that dates back to the post-World War era. A system that tracks incidents involving hazardous materials used by the Transport Dept. is more than four decades old. A number of servers at Homeland Security still run Windows Server 2003, which hasn't been supported for almost a year, but these servers won't be transitioned to federal systems until 2018 because of backwards-compatibility issues. And, a nuclear weapons coordination system used by the Defense Dept. is still running on an IBM Series/1 computer -- a machine that dates back to the 1970s and uses 8-inch floppy disks.

 

[EODetroit]

Most of this isn't a problem. Last thing I want is for them to run the nukes on Windows 10.

 

[Benzino]

Security through obscurity.
EDIT: At least with the floppy discs. Server 2003 is a no-no.

 

[Dekar12]

No surprise here, they paid MS a bunch of money to continue Windows XP support for them as well.

It has to be a nightmare to try and update or move any type of these systems onto newer platforms.

 

[Skripka]

The funny thing is...this is paraded around like it is news.

But every year the same story is recycled. John Oliver did a 15-minute bit on the nuclear weapons end 2 years ago.

 

[Monkey God]

I dont care as long as it works. You want nuclear weapons control systems running on fucking android in the cloud or some shit?

 

[natos]

I dont care as long as it works. You want nuclear weapons control systems running on fucking android in the cloud or some shit?

Why not, Tony Stark does it??

 

[Skripka]

I dont care as long as it works. You want nuclear weapons control systems running on fucking android in the cloud or some shit?

And you can't hack it. Hell, the nuclear weapons are controlled with IBM System/1 units AFAIK. Those critters not only don't have an ethernet port, or a USB port....they don't even run an OS 99% of people have heard of before (EDX or RPS IIRC).

 

[coreyb3]

As for the military and homeland security systems running on antiquated hardware and software... It still works, and it will works for years to come, because it is actually reliable. Also... they are pretty secure, especially the stuff that matters (classified systems) because they are air gapped and in secure areas. Everyone would complain even more if the systems were updated because it would cost BILLIONS more (not to mention years) to update all of the systems and re-engineering them to work on current tech. The biggest threat isn't that the USG still uses XP or server 2003... it is the insider threat, and windows 10 and server 2012 won't fix that.

 

[Dead Parrot]

Most of this isn't a problem. Last thing I want is for them to run the nukes on Windows 10.

Norad Controller #4 "Sir, we have a report of several missiles being launched from North Korea"
Norad Commander "Get me a confirmation from our Satellites."
Satellite Control "Sir, that system is currently offline due to OS updates and a virus scan."
Norad Commander "Which IDIOT scheduled that!"
Satellite Control "Its an automatic feature of the OS sir!"

The rest of the day goes downhill from this.

 

[ryno9100]

Can confirm

Source:
Worked in the school system and have lots of friends in the government work.

 

[Mugato]

No surprise here, they paid MS a bunch of money to continue Windows XP support for them as well.

It has to be a nightmare to try and update or move any type of these systems onto newer platforms.

It can be, but honestly it is the user base. I have seen SO many times where something has been done the same way for 15 years and the old stodgy manager will not upgrade, even if it means saving thousands of dollars a month and making it digital. Case in point; X payroll manager prints out 1000 pages for review, then copies them for another person, then scans them back in to a folder when signed. Packages them up and files them, taking hours. Implementation was to create digital approval and automatic routing. Implemented, payroll manager refuses! to use new system stating inefficiency, even though it was proven to save X hours a week...a week! When forced to adopt the new system, she cites harassment and tech manager/consultant is fired. Still on old system to this day. Oh, that was like 7 years ago.

 

[Skripka]

It can be, but honestly it is the user base. I have seen SO many times where something has been done the same way for 15 years and the old stodgy manager will not upgrade, even if it means saving thousands of dollars a month and making it digital. Case in point; X payroll manager prints out 1000 pages for review, then copies them for another person, then scans them back in to a folder when signed. Packages them up and files them, taking hours. Implementation was to create digital approval and automatic routing. Implemented, payroll manager refuses! to use new system stating inefficiency, even though it was proven to save X hours a week...a week! When forced to adopt the new system, she cites harassment and tech manager/consultant is fired. Still on old system to this day. Oh, that was like 7 years ago.

Even if the manager IS on board it can be a nightmare.

At work we went from a paper-system for employees to file certain documents to an easy-to-use online system. Seriously, it is like buying anything online. All the old farts needed hour-long over-telephone hand holding sessions walking them through the process. Repeatedly.

It is so insane that computers became magical technology inside of a generation. Where people went form understanding and learning them....to having their jaws drop that you can find something that is the first hit on Google or make PayPal work.

 

[dgingeri]

At my last company, over 6 years, 2010 to 2016, we collected tens of millions from Federal government support contracts for a piece of software that the Maryland Budget Office had been using with their Solaris 9 machines that we hadn't modified since 2003. We were collecting support contract money and spending absolutely nothing on the actual development. It was just free money. Only one person in the entire company even knew anything about the program.

Yet, despite $12 million per year of free money in support contracts from it, they only gave any significant raises to about a dozen people per year. I went three years without a raise of more than 1.5%, one of those years I had no raise whatsoever. That destroyed morale all over the company. Every new product we'd develop would be into a market that was already saturated with competitors, so we'd never make any money on it, and it just got worse with every single product.

 

[Criticalhitkoala]

Well technically they probably spend a lot on a workforce that was long ago made obsolete

 

[Burticus]

Virtualized that ancient crap. 1 esxi cluster could run the entire defense dept.

 

[Skripka]

Virtualized that ancient crap. 1 esxi cluster could run the entire defense dept.

And then to break in, you'd only have to compromise 1 system. Further, being newer hardware it would only take a knowingly or unknowingly infected USB stick.

 

[Burticus]

And then to break in, you'd only have to compromise 1 system. Further, being newer hardware it would only take a knowingly or unknowingly infected USB stick.

You still leave the current physical and air gap security in place, I'm just talking about getting rid of 50 year old hardware..... Also hardened UCS systems don't have accessible USB or physical access.

 

[-Dragon-]

Do I want nukes running on hardware so simple that an engineer can easily trace the circuit paths who's code is so small it can easily be audited at the assembly level? I think that might be ok.

 

[gamerk2]

I'm speaking here as someone who has to maintain this tech (In my case, a Windows 3.1 PC, and a VAX/VMS workstation):

"Gimmie Money"

The issue is this: Yes, everyone knows this tech will eventually be replaced, but at the end of the day, if your department gets $10 Million a year from Congress, maintaining the status quo costs $10k, and replacing/validating a new system costs $1 Million, guess what? Your not wasting 10% of a years budget replacing something that works.

This is the same reason why states keep using cheap concrete on their roads while spending a ton of money to keep patching up all the holes; the good stuff lasts 5x as long and is much cheaper long term, but theres no room in the yearly budget to cover the initial cost.

Point being: Are you willing to pay more taxes to replace working IT systems? Because based on what everyone says come election time, the answer is always a resounding NO!

 

[B00nie]

Norad Controller #4 "Sir, we have a report of several missiles being launched from North Korea"
Norad Commander "Get me a confirmation from our Satellites."
Satellite Control "Sir, that system is currently offline due to OS updates and a virus scan."
Norad Commander "Which IDIOT scheduled that!"
Satellite Control "Its an automatic feature of the OS sir!"

The rest of the day goes downhill from this.

Uh, only a moron uses Windows for anything mission critical. There are far, far better alternatives.

 

[dgingeri]

And then to break in, you'd only have to compromise 1 system. Further, being newer hardware it would only take a knowingly or unknowingly infected USB stick.

You really don't know how ESXi works, do you? That would be impossible.

 

[NoOther]

There are many reasons to use older systems, mainly like many have said there are budget concerns and if the system works, why change it? Unless there is some great security or support concern involving the older hardware/software, there is not really a need to update it. In addition to this, in a number of government organizations programs need to go through accreditation processes to be able to use the systems in an operational capacity. Many times newer hardware/software has no official accreditation status which makes the process far more difficult. If you already have an accredited system, why go through the trouble of upgrading it and having to go through the entire accreditation process again. Often times people do not realize what all is involved in getting these systems up and running, much less maintaining or upgrading with all the regulations that are in place to even use them.

The real concern about how government does IT shouldn't be how much it spends on old tech, but how it pays for programs to design new solutions. Oftentimes your program is required to spend the entire allotment of hardware upfront at the start of a program before the program has even really determined whether that hardware will be the right fit for the solution. So then the program is stuck trying to match a solution to hardware that isn't optimal to that solution. But if you don't spend that money right away and instead save some of the money to try to do the program correctly, you won't get any money the next year in the budget...

Virtualized that ancient crap. 1 esxi cluster could run the entire defense dept.

Considering the defense department is larger than most fortune 500 companies (EDIT: over 3.2 million employees), that wouldn't be possible. Also, the defense department actually runs 1000s of ESXi clusters in various formats among other more modern solutions. While there are many ancient systems in the dept of defense there are also many cutting edge systems as well.

Uh, only a moron uses Windows for anything mission critical. There are far, far better alternatives.

Actually, quite untrue, there are many mission critical systems that use Windows and for very good reasons. There is far more direct support for windows applications than there are for other OS's and there are far more ports for certain applications on Windows than there are for other systems. Also the cost to design the program for a different OS usually exceeds what is allotted for the budget, so they remain on Windows.

 

[dgingeri]

Uh, only a moron uses Windows for anything mission critical. There are far, far better alternatives.

Windows 2012r2 is far more secure than any version of Linux on x86. In addition, the automatic updates can be set to only check for updates, check and download updates, or do a fully automated install. The biggest security problem, and stability problem, with Windows is the user. With a server, there is nobody at the console to web surf to a compromised site or download an email attachment, or at least there shouldn't be. (Anyone using a production server as a workstation ought to be smacked, hard.)

the only systems more secure are using a different processor architecture, such as HP-UX (Itanium) or AIX (IBM Power series).

 

[TwistedAegis]

Two party system with one party constantly trying to sabotage the other, shocking it's inefficient. In some ways, it's actually designed to be that way...dictatorships are awfully efficient.

 

[BillNutz]

I dont care as long as it works. You want nuclear weapons control systems running on fucking android in the cloud or some shit?

Nuclear Weapon System SaaS

 

[TwistedAegis]

C'mon man it's the crowd economy now! Forget some elitist egg-heads in the military and politics launching nukes; we should make an app that we just vote on it via facebook or something.

 

[Skripka]

C'mon man it's the crowd economy now! Forget some elitist egg-heads in the military and politics launching nukes; we should make an app that we just vote on it via facebook or something.

By popular vote, the app name would probably be Nukey McNukeFace.

 

[bugleyman]

Hmmm....so, because some people think government is wasteful, they starve of it the resources needed to update its systems, then they turn around and point to outdated systems as evidence the government is wasteful? I know, let's drown it in a bathtub! Anarchy for all (except rich people)!

And here I thought this was a tech website, not a conservative blog.

 

[lcpiper]

No surprise here, they paid MS a bunch of money to continue Windows XP support for them as well.

It has to be a nightmare to try and update or move any type of these systems onto newer platforms.

It's not just that.

There are many systems in the world that talk to other systems that are not so easy to update, like 20 year old satellites. Not only do they have to make sure they don't mess with their ability to manage the distant systems, they also can not afford any downtime, none. I interviewed for such a company a few years back and not only are they way back there when it comes to running older systems they also spend a great deal of time before they even apply a patch running it against simulators and such before it ever get's pushed live. Some things you just down mess around with, no cowboy stuff.

 

[auntjemima]

It's not just that.

There are many systems in the world that talk to other systems that are not so easy to update, like 20 year old satellites. Not only do they have to make sure they don't mess with their ability to manage the distant systems, they also can not afford any downtime, none. I interviewed for such a company a few years back and not only are they way back there when it comes to running older systems they also spend a great deal of time before they even apply a patch running it against simulators and such before it ever get's pushed live. Some things you just down mess around with, no cowboy stuff.

Do you think you and I will ever have a baby?

 

[undermined]

untimate case of it it aint broke don't fix it

replacing it all with new technology wouldn't be better necessarily but it might cost a lot more than keeping the old stuff working.

 

[zazzn]

Honestly it's probably safer running the nukes on the IBM series 1 than upgrading to the system we run now which are virtually swiss cheese.

 

[lcpiper]

Do you think you and I will ever have a baby?

Are you fertile?

 

[auntjemima]

Are you fertile?

Almost too much so...

 

[lcpiper]

Yea OK

 

[stefan231]

Thousands of Living Vets Declared Dead, Lose Benefits

Thousands of Living Vets Declared Dead, Lose Benefits

"The VA has made the error more than 4,000 times over a half-decade because of employee mistakes or erroneous cross-checking of data by the department’s computers, among other reasons, according to correspondence between the VA and the office of Rep. David Jolly (R., Fla.) reviewed by The Wall Street Journal. The VA has changed its procedures to address the issue, but it isn’t yet clear whether the new system is working."

 

[steakman1971]

A client we are working with recently demanded that our web project support IE6. It's for a public facing web site for a government agency. Do they really think the public is going to be using IE6?

 

[lcpiper]

Not sure how this is pertinent but 4,000 wrong in five years from over 400,000 that actually die every year comes to what %? that's 4,000 / 5 years = 800 a year so it's something like .002% error rate. Actually it's less if you add the 800 a year to the 400,000 a year actual deaths. It's one of those "sucks to be you things" but at least you are alive to complain about it and get it fixed.

 

[lcpiper]

A client we are working with recently demanded that our web project support IE6. It's for a public facing web site for a government agency. Do they really think the public is going to be using IE6?

If the government agency's service that the website supports is for government or DoD employees, then yes. That's because they frequently access such things from government systems and actually control which browser is being used. Public facing doesn't always translate to "for the public".

Then again, IE6 is going back a long ways. I'm on a government system and it is much more current than that.