
NHSbuntu – an OS for the NHS [video] - rbanffy
https://nhsbuntu.org/
======
signal11
I do think running hospitals on Linux is a good idea. However just sticking a
skin over $YOUR_FAVORITE_DISTRO may not quite work. Hospitals have to work
with proprietary devices -- for example, retinal scanners etc, many of which
only have Windows drivers.

Also, while updating individual Linux systems is easy, patching Linux at scale
across the thousands of desktops in the NHS needs a proper, thought-out
patching strategy to eliminate breakage. You also need to consider -- in what
cadence do I actually evergreen old systems?

The NHS could easily have this problem with any OS -- the actual culprit being
a total lack of security-mindedness among the various NHS trusts' budget-
holders. They viewed IT Security as not worth spending upon and are paying the
price.

~~~
ageofwant
The NSH simply states that Linux drivers will be provided and supported by the
Vendor or no sale. This is not hard.

~~~
tempay
But what about the billions of pounds worth of existing equipment?

~~~
toyg
If it works with XP, chances are it will work with Wine or VirtualBox. Where
there is a will, there is a way.

 _But_ it would mean giving a huge F* YOU to established networks of parasi-
er, _vendors_ specialised in public sector tenders - Microsoft being the king
of them all.

------
setrofim_
It's nice to see something like this being proposed, but, the NHS probably
have a tonne of bespoke software running on top of Windows, all of which would
need to be ported. And given the fact that they don't have the funding to even
keep their existing systems patched and up-to-date, a full-on migration is out
of the question, unless the cash is raised...

~~~
merraksh
True, but it's a long- vs. short-term cash problem. The new system would cost
a lot in the first few years, but less on the long term as MS licenses won't
have to be paid.

~~~
UK-AL
NHS would need to pay someone for Linux desktop support. It's normally as
expensive as windows.

~~~
reacweb
I do not know how people can entertain this myth that linux support is as
expensive as windows. The stability of linux applications is incredible
compared with the brutal changes of windows (xp -> vista/7 -> 8 -> 10). Remote
administration is far more easier and deployment on many machines is trivial.
Machines rot is a lot slower, reducing the cost of machine replacement.

IMHO, the main cost is replacing the old window support guys by linux support
guys because people a rarely competent in both and erasing the windows way of
thinking is very difficult. The new team has to learn the specific needs and
manner of NHS. Once they have the same experience as the previous team, the
cost should melt.

~~~
UK-AL
It's nothing to do with the support guys. It's do with the support by the
vender.

When you deploy an os over something as large as the NHS, your going to hit a
few snags, perhaps at the code level. You will need somebody who you can phone
up, who will then go bug fix those issues.

Vendors like redhat have support licences that support this. And those
licences are still fairly expensive.

If NHS was going to deploy a Linux Distribution, they will have to bring a
Linux distribution vender onboard which would take the role Microsoft does
now.

------
pacharanero
Hi, I'm one of the founders of NHSbuntu. Thanks for making a thread on Hacker
News about us, we really feel like we've made it!

Just to reassure people who maybe think because of the timing of our launch
that we had something to do with the recent NHS Cyber Attacks, it was just an
unfortunate coincidence.

I'm an NHS doctor and the rest of the team are NHS tech specialists, including
a Technical Architect and a CIO. We've no interest in ransoming the NHS, but
we did want to disruptively highlight the non-Microsoft OS options available.

We know the name NHSbuntu is a bit stupid, for several reasons, but (for the
target audience) in 8 characters it does explain what we're trying to do
fairly concisely. Neither Canonical or the NHS Brand Police seem particularly
upset by it, so that's a good sign. Maybe in the future we'll have to change
to something more suitable.

Anyone wanting to get involved please join in at www.nhsbuntu.org (we have a
Slack team and a forum) - we are trying to build a team of contributors.

------
SimbaOnSteroids
Does this solve any of the problems that hospitals would have previously had,
according to other posters on HN, wherein updating software can render a piece
of equipment no longer having been tested properly/breaking the system because
of some reliance on some weird software implementation?

------
jhjasigyfe
I struggle to see how swapping to an open-source alternative to Windows will
effectively protect the NHS. Sure, this time it was a Windows exploit but it'd
be as easy to find and use a Linux exploit. Sure there's the fact that Windows
is vastly more popular, but telling everyone to switch to Linux? You've just
made that more popular and a more likely target.

I'm an advocate of open-source software, but lets not pretend it'll solve
everything.

Also, what about all the software they can't afford to replace? A lot of it is
bespoke, and it's written for Windows. Don't pretend they have the money to
port it. Their budget never will be the 350 million per week the public seems
so obsessed with.

Finally, this is just Ubuntu, right? What's all the NHS branding for? If
they're going to seriously consider it, surely they are going to look a bit
further than the shiny surface NHSbuntu provides them.

Conclusion: Yes, use open-source operating systems, but no, it doesn't fix
all, or sometimes even any, problems unless the code is thoroughly audited
(shout out OpenBSD).

------
davidgerard
Nice idea, but any links whatsoever to the NHS or permission to use their
logo? There's no sign of such yet on the site.

If you really want to do this, one thing you'll need is to make sure existing
vertical market software works perfectly in Wine - e.g. Informatica, which is
stupendously popular in England and Scotland and is officially supplied by NHS
Wales.

------
rashthedude
How long was this in the making and also it must have been very beneficial
that last weeks cyber attacks occurred?!

~~~
Vaanir
Well, around Jan 31st according to [1], more interesting details are listed in
a presentation made for SXSW [2]

[1] [https://nhsbuntu.org/nhsbuntu/2017/01/31/initial-
post/](https://nhsbuntu.org/nhsbuntu/2017/01/31/initial-post/) [2]
[https://nhsbuntu.org/nhsbuntu/2017/04/26/sxsw-show-and-
tell/](https://nhsbuntu.org/nhsbuntu/2017/04/26/sxsw-show-and-tell/)

------
sofaofthedamned
Look at what Scientific Linux did - as I recall, they didn't like the changes
that RHEL did (backend for OpenSSL) so they did their own respin.

THAT is what they need for the NHS, and any other industry that needs a really
long support period.

RHEL gives ~10 years support, the MRI scanners etc need at least 15. On top of
that, the customers also need guarantees that the vendors of the MRI scanners
or whatever will keep up with this.

So - no more of using whatever library you like, or php extension - it's a
case of - this is the base OS, build it on that.

This is a fuckup on so many levels - the vendors, the NHS for not giving a
shit, the government for not mandating an open solution. The one I can't
blame, for once, is Microsoft - they're supported XP for 13 years, thats
enough.

------
Sir_Cmpwn
Good on them for making it feel familiar, but stealing all those icons
straight up seems pretty risky.

------
sbuk
The video is slick-ish, but we've seen it before. How many healthcare
professionals (doctor, nurses etc.) were asked? Simply throwing a new OS at
the problem doesn't solve things without the end users input or without an
_real_ understanding of the issues that they and the sys admins face. Also,
the cost of hiring staff to maintain and manage is higher and retraining would
be a massive cost too. _" Just use linux[0]"_ is almost the same in this
instance as saying _" you're holding it wrong"_.

[0] It's really all the site and video say...

------
jhjasigyfe
On the Github page: © openhealthhub.org 2017

If you follow that address, you find this forum post:
[https://www.openhealthhub.org/t/welcome-to-
nhsbuntu/908](https://www.openhealthhub.org/t/welcome-to-nhsbuntu/908)

NHSbuntu was launched 20 days ago, before the recent attack.

------
Angostura
If you're going to try and create a project that attempts to persuade a public
sector procurer to make a major platform change, having a wacky Team page is
probably not the best way to go.

------
UK-AL
Does it have something that is at least as powerful as active directory?

If not, it's a no go for an organisation such as the NHS.

~~~
Sean1708
Active Directory works with Linux, I'm not sure how easy it is though.

~~~
UK-AL
It doesn't work very well with group policy.

~~~
reacweb
Trying to solve windows specific issues using windows solutions has a tendency
to not work very well. Once you get accustomed, administration of a linux park
is far easier. Try to avoid dependencies from these piles of crap.

~~~
UK-AL
But there isn't good alternative for client operating system. The best you can
do use devops tools, but you can tell they're really built for server
deployments.

~~~
rbanffy
Why do you think they don't work?

------
danvesma
its a very good idea – not a good name choice. Healthbuntu maybe at a push.

~~~
MayeulC
I would have argued that Deathbuntu sounds way better, but the name might be
inappropriate there...

On a more serious note, I agree that the name choice isn't particularly good,
but is *buntu really relevant? I get that it might appeal to the technical
minded people (and the creators probably belong to that category), or may
sound a bit familiar to the masses, but I don't see any reason for them to
keep this part of the name.

I would have named it after a drug or a scientist, I think.

The bottom line is that the name itself isn't very relevant. A good name would
be something easy to spell, and with a neutral conotation, not too hard to
remember, but without attracting too much attention, as this is supposed to be
just a tool.

------
m-j-fox
> Encrypted By Default

Just like NHS's Windows boxen.

------
cvoss
A quick whois lookup suggests the domain name was registered on April 26. This
is after we knew about EternalBlue and DoublePulsar, but suspiciously before
the May 12th onslaught of WannaCry at the NHS. Also, the domain status is
"serverTransferProhibited"
([https://icann.org/epp#serverTransferProhibited](https://icann.org/epp#serverTransferProhibited)).
Very interesting.

~~~
libeclipse
That is very interesting. I don't see anyone having a significant motive here.

Only thing I can think of is really, _really_ far-fetched. Someone who know
what was about to happen to the NHS inserted a backdoor into this distro, and
is now advertising it to them.

Yeah, I know. Probably not.

------
gwbas1c
What is the NHS?

Seriously, what is the NHS? Nothing defines the NHS, including the about page.

~~~
sleepychu
National Health Service (how most people receive healthcare in the UK). I
guess they're context blind because of the recent WanaCrypt infection they're
on the minds of the target audience of this joke? buisiness?

~~~
distances
They're right to expect the target audience to know what NHS is. NHS isn't any
less known than e.g. Obamacare, after all.

