Mastodawn

Windows 3.1 saves the day during CrowdStrike outage — Southwest Airlines scrapes by with archaic OS

https://lemm.ee/post/37572852

Windows 3.1 saves the day during CrowdStrike outage — Southwest Airlines scrapes by with archaic OS - lemm.ee

Southwest Airlines, the fourth largest airline in the US, is seemingly unaffected by the problematic CrowdStrike update that caused millions of computers to BSoD (Blue Screen of Death) because it used Windows 3.1. The CrowdStrike issue disrupted operations globally after a faulty update caused newer computers to freeze and stop working, with many prominent institutions, including airports and almost all US airlines, including United, Delta, and American Airlines, needing to stop flights. Windows 3.1, launched in 1992, is likely not getting any updates. So, when CrowdStrike pushed the faulty update to all its customers, Southwest wasn’t affected (because it didn’t receive an update to begin with). The airlines affected by the CrowdStrike update had to ground their fleets because many of their background systems refused to operate. These systems could include pilot and fleet scheduling, maintenance records, ticketing, etc. Thankfully, the lousy update did not affect aircraft systems, ensuring that everything airborne remained safe and were always in control of their pilots.

floofloof Jul 21, 2024

One X user suggested that the company switch to Windows XP—it’s also no longer updated, and it can run Windows 3.1 applications via compatibility mode.

Maybe that was a joke, but if anything that would reduce their security. Windows 3.1 and 95 are old enough that they can’t even run most stuff from the last two and a half decades, which probably protects them. XP is just new enough, and plenty old enough, to be very risky.

jabathekek Jul 21, 2024

Reminds me of an episode of Ghost in the Shell where a hacker in a hyper-advanced cyberised society was using floppy disks as a storage medium because they were so slow.

FaceDeer Jul 21, 2024

One of the background details I liked in Ghost in the Shell was how the high-end data analysts and programmers employed by the government did their work using cybernetic hands whose fingers could separate into dozens of smaller fingers to let them operate keyboards extremely quickly. They didn't use direct cybernetic links because that was a security vulnerability for their brains.

0x0 Jul 21, 2024

They’re also so old they were compiled without any modern instrumentation, e.g. stack canaries.

radivojevic Jul 21, 2024

This is both awesome and frightening for many reasons

Lost_My_Mind Jul 21, 2024

Windows 3.1? You fancy kids, and your modern operating systems! What’s wrong with Windows 1.0???

MrSoup Jul 21, 2024

Why not Quick and Dirty Operating System?

Crashumbc Jul 21, 2024

In before OS/2

Emerald (she/her)Jul 21, 2024

inb4 os/5

Blaster M Jul 21, 2024

This is the “can’t get a Word Document macro virus because I use the Corel WordPerfect Document type” kind of energy.

SpaceNoodle Jul 21, 2024

No, it doesn’t, because Corel didn’t buy WordPerfect until 1996.

Crashumbc Jul 21, 2024

I miss our Corel word perfect :(

Emerald (she/her)Jul 21, 2024

It still exists. You can use it

rhabarba Jul 21, 2024

Ah, nothing’s wrong with WordPerfect, honestly. Still better than Word.

areyouevenreal Jul 22, 2024

Does it run on Wine?

rhabarba Jul 22, 2024

WineHQ - WordPerfect

Open Source Software for running Windows applications on other operating systems.

Clbull Jul 22, 2024

Funny the page recommends OpenOffice when the entire FOSS community has moved on to LibreOffice in a middle-finger to Oracle.

Besides, OO and LO are shit. AbiWord is where it’s at.

rhabarba Jul 22, 2024

Who needs AbiWord when you can use WordTsar?

Yggstyle Jul 21, 2024

Best feature windows 3.1 has:

… it doesn’t pop up message telling you to upgrade to windows 11.

Entropywins Jul 21, 2024

Shhh don’t give microsoft any ideas

SkaveRat Jul 21, 2024

or add shitty AI tools without asking.

or constntly nag you to use their cloud storage

frunch Jul 21, 2024

Plus all them decks for solitaire!!!

Dave Jul 21, 2024

My windows 10 PC is telling me I don’t qualify for a free Windows 11 update, so I’ve got that going for me.

Mountain_Mike_420 Jul 21, 2024

Haha. I’ve got one of those too.

dalekcaan Jul 21, 2024

dalekcaan Jul 21, 2024

phoneymouse Jul 21, 2024

The fact that they’re running 3.1 is not something to be proud of. They’re probably extremely vulnerable to any other attack.

SpaceNoodle Jul 21, 2024

Quite the opposite.

Jagger2097 Jul 21, 2024

Please explain. I’ll make 🍿

RustyHeater Jul 21, 2024

Microsoft’s Wolverine for the TCP stack was not available until Windows 3.11. An argument could be made that these systems are defacto air-gapped as they cannot communicate with modern networking.

mosiacmango Jul 21, 2024

Youre assuming the article is using “windows 3.1” to mean the exact version of the OS, instead of just the proper name of the OS overall. That probally unlikley.

Since lacking a network stack tends to limit usability, unless the systems are intentionally air gapped they likely are on windows 3.1.1 or later. Based on Southwest extensively documented and decades long IT neglect that landed its current COO in front of Congress for a previous days long outage, i doubt the systems are intentionally airgapped, as that implies a working and well funded IT department.

Southwest cancels thousands more flights; U.S. government vows scrutiny

Southwest Airlines <a href="https://www.reuters.com/companies/LUV.N" target="_blank">(LUV.N)</a> came under fire from the U.S. government on Tuesday after it canceled thousands of flights, and its boss, Bob Jordan, said the low-cost carrier needed to upgrade its legacy airline systems.

Reuters

areyouevenreal Jul 22, 2024

Just because it doesn’t have TCP/IP doesn’t mean there isn’t networking. Networks existed before the Internet and its Internet Protocol after all. It wouldn’t be so much air gapped as so archaic that only the most targeted attacks would work, and only if there is an infected PC acting as an intermediate between the Internet and ye olde network. Chances are it was never connected to the modern Internet as the technologies just aren’t compatible.

Jagger2097 Jul 22, 2024

Old doesn’t mean secure. Those old systems have had decades since the last security patch. Even then computer security was barely a consideration for the developers.

areyouevenreal Jul 22, 2024

I am not saying it is, normally old systems are the least secure. The bit you’re not getting is that this system is almost certainly air gapped, just not by choice. It can’t work with modern networks. It can’t work with modern viruses. Any exploit a modern hacker would think to use probably doesn’t exist yet. It’s a bit like trying to break someone’s car by putting sugar in the fuel, except they ride a horse. Do you get it yet?

qisope Jul 21, 2024

Or, for your consideration, could it perhaps be because they don’t use crowdstrike?

KairuByte Jul 21, 2024

Yeah, what? 3.1 not getting updates has nothing to do with this. Software developed for 3.1 can still be updated. This article is just silly.

SSJMarx Jul 21, 2024

The interesting thing here is wondering why they never upgraded. Perhaps managing flights digitally just hasn’t changed much since the early nineties and they never needed anything else?

irinotecan Jul 21, 2024

Likely the same reason why banks and other financial institutions still use COBOL and Fortran code written in the 1970s or earlier on archaic mainframes: Top management decided at some point it was too expensive to rewrite everything from scratch in some modern language for modern hardware, so they just limp along with what they have.

A 16-bit app written for Windows 3.x would almost certainly have to be rewritten for modern, 64-bit Windows.

frunch Jul 21, 2024

While i figured the cost would be a factor, i just figured they were sticking with a system that works. If it serves their needs effectively and reliably, why change it?

Petter1 Jul 22, 2024

😂👌🏻nice edit

InFerNo Jul 21, 2024

It isn’t even a Windows update, but a software update.

xantoxis Jul 21, 2024

My Linux servers weren’t affected either. I think it’s because of Windows 3.1

Monument Jul 21, 2024

My wife shared this with me yesterday, but I didn’t see it:

Somebunny is gonna learn those things aren’t windows-based today!

Peffse Jul 21, 2024

Just yesterday I had that exact “Tech enthusiast vs tech worker” meme play out. I wanted a timer to control the electrical outlet for an aquarium bubbler. Saleswoman really wanted to sell me this “smart” controller with an app that can program the outlet.

Me:“What happens when the app stops working?”

(saleswoman is frantically flipping the box over for answers)

Her:“…maybe…it keeps the existing timer?”

Boomer Humor Doomergod Jul 21, 2024

I’ve got about six smart plugs that all stopped working because of lack of support. I am no longer interested in smart plugs.

Damage Jul 21, 2024

Shelly makes devices that are compatible with ESPHome and Tasmota, solving this problem.

Home - Shelly Cloud

Shelly Cloud

Monument Jul 21, 2024

For only way more time and money, you can buy a zigbee smart plug and a vendor agnostic zigbee hub flashed with FOSS, or you can buy a esp-based board, wire it up with a relay, and flash it with something like esphome.

Sure, it’s way more money and hours of work (cumulatively), but it won’t lose support!

5redie8 Jul 21, 2024

I just bought a bunch of TP Link equipment I knew was compatible and loaded up Home Assistant onto a Raspberry Pi. Best of both worlds

SyntaxError Jul 22, 2024

I bought some TP link Kasa plugs and a couple of years later when I wanted some more the Kasa brand was discontinued and replaced by Tapo in Sweden. Tapo and Kasa only work with their own separate app so I would have had to have two separate apps even though both were TP link. Never bought any more smart plugs.

5redie8 Jul 22, 2024

Aw man, that’s a shame! Kasa is still around in the US, I only got mine a couple months ago. They do seem to offer both, so I wonder if Kasa is on the way out here too

Boomer Humor Doomergod Jul 21, 2024

My old thermostat was basically two teaspoons of mercury that would expand and contract with the temperature to short out two leads. They didn’t let me keep it when I got a new one, but I got the dumbest one they had.

btaf45 Jul 22, 2024

I got a new HVAC and smart thermostat about a week ago. After researching, I decided to hook thermostat to wifi and download app. Mostly all the app does is duplicate the same functionality that the thermostat controls have. I find it handy to have a remote control for the thermostat.

OTOH I decided not to hook up a new washing machine to wifi and use app. It duplicated the functionality of the appliance controls also, but there was no point in having remove controls for a washing machine.

The critical thing is that an appliance needs to be fully functional without needing to use wifi and certainly not a phone app.

BlackAura Jul 21, 2024

Yeah what a badly written article, with awful takeaways.

noisefree Jul 21, 2024

I feel like every article out there is missing this and keeps blaming Windows Update vs an update pushed to a specific piece of software by a third-party developer. I get end-users not understanding how things work but tech writers should be more knowledgeable about the subject they write about for a living.

cmnybo Jul 21, 2024

Holy crap, they are serious. I though I was on [email protected] for a minute. I sure hope none of those computers are connected to the internet. There’s a massive number of vulnerabilities in windows 3.1 and windows 95.

krdo Jul 21, 2024

Windows 3.1 doesn’t even come with a TCP/IP stack. It’s actually pretty safe.

cmnybo Jul 21, 2024

As long as that’s the exact version they’re using. Windows for workgroups 3.11 has networking.

5redie8 Jul 21, 2024

Bold of you to assume any of the “experts” writing about this know what a TCP/IP stack is

Lumisal Jul 21, 2024

But how many people are looking for Windows 3.1 anything today?

Well I suppose now there might be more

Corgana Jul 21, 2024

The “source” is a tweet from a random dude, it’s almost certainly not true.