Academia, Windows XP, and Cyber Susceptibility

Blood, when it is separated by density and size, is actually beautiful.  Using an Oncoquick column, which optimizes circulating tumor cell collection, you can clearly see the layers: red blood cells filling the bottom, lymphocytes and (hopefully for me, but hopefully not for the patient) tumor cells in the middle gradient, and finally plasma and platelets skimming the surface in their yellow lipid glory.

2014-12-10 13.06.11

Blood separated in an Oncoquick column by density and size. The porous barrier (white) allows RBCs to slip through but keeps the bulkier cells above.

After harvesting the blue interphase for circulating tumor cells, I had to separate the tumor cells from the other cells that might be floating in the mix.  To do this, I used a process called fluorescence-activated cell sorting, or FACS.  This meant tagging my cells with fluorescent antibodies, then sending them through a gigantic machine one by one, where each would be flashed with light to see what antibodies were on them, then sorted into their appropriate populations.  This is a powerful tool that many scientists use to collect a specific type of cell.

Given the sensitivity of such a machine (it’s sorting single cells after all), as well as the sheer expense (upwards of $120,000, plus a trained technician to operate), you might imagine my surprise when I noticed the software running the machine WAS RUN ON WINDOWS XP.

That’s right.  Good ol’ XP, the longest running operating system Microsoft made, which is no longer supported.  That means computers running XP are more susceptible to malware and hackers, or, as Network World, a tech site put it:

When Microsoft stops supporting XP criminals will keep on finding new ways to exploit the operating system. The list of unpatched exploits will grow and grow to the point that compromising XP machines will be elementary for hackers. Data on XP machines will be at risk. XP machines on networks will become launch pads for internal attacks against better supported machines. They could easily be recruited into botnets to launch coordinated DDoS attacks or massive spamming.

The thing is, the FACS machine’s computer is not an anomaly, but a trend.  Everywhere you look in academia, the software running our most tried and true machines are running Windows XP, or even older!  The computer running my gel doc uses Windows 95!

"I've been trying to send an email for the past 10 years."

“I just got my AIM account!”

We do this because as scientists we adore reliability and replication.  It’s more than the maxim If it ain’t broke, don’t fix it; it’s more of “if it yields the same results every time THEN FOR THE LOVE OF GOD DON’T CHANGE ANYTHING!”  It’s hard enough to get two Western blots to give the same result using the same parameters, and if you go messing with something like software, which is often way beyond biologists’ ken, whole projects can go belly-up.

But what does this mean for us scientists? In the short-term, maybe nothing.  But think about this: many research labs are closely connected to hospitals which have sensitive patient information, or are running clinical trials themselves, which may have incredibly sensitive information.  When you are running computers with XP that are connected to an intranet, such as the Partners network used here in Longwood, the whole network is at greater risk because of those antiquated machines.  Thus, for patient privacy alone, updating the operating systems in research labs should be imperative.

There’s one problem though: most software that runs on XP won’t run on other operating systems.  So if you upgrade your OS, you may be left with a $150,000 FACS machine that you can’t use!  While bioinformatics may be booming, the software used to run our expensive equipment is usually developed by the companies selling it, and boy do they make the price tag reflect that.  The lack of opensource or inexpensive software for specialized laboratory equipment operation may end up bringing about a major cyber-security disaster.

Now, this is not nearly as dire a situation as our nuclear program using floppy disks, but it does not take a genius to realize that hospital networked computers should be running secure operating systems.  The sooner we take action, both as individual researchers and as a scientific community, the better.


One thought on “Academia, Windows XP, and Cyber Susceptibility

  1. “If it ain’t broke, don’t fix it”- everywhere 😀 !!! we are also on XP, thats why no intra or internet is connected with the machines..use CD or USB to transfer data :/

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s