LabVIEW

cancel
Showing results for 
Search instead for 
Did you mean: 

Silverlight Security Risk

We are close to up to date with Labview 2020 SP1.   Silverlight support ends next month(Oct 2021) and we can not run unsupported software.  It is a security risk.   I need to remove it NOW.   What is going to break?  I read that MAX will and that is not good.  What are my options?  We have a full SSP and will go that route is no quick answers here.

Thanks

Message 1 of 15
(1,323 Views)

Hi Bob,

 


@bobausttex wrote:

What are my options?  We have a full SSP


Talk to the Tech support!

Best regards,
GerdW


using LV2016/2019/2021 on Win10/11+cRIO, TestStand2016/2019
0 Kudos
Message 2 of 15
(1,305 Views)

I was poking around because of your post and it seems pretty murky.  I think NI owes us a sticky at the top of this forum explaining exactly what will happen.

Bill
CLD
(Mid-Level minion.)
My support system ensures that I don't look totally incompetent.
Proud to say that I've progressed beyond knowing just enough to be dangerous. I now know enough to know that I have no clue about anything at all.
Humble author of the CLAD Nugget.
Message 3 of 15
(1,304 Views)

@bobausttex wrote:

We are close to up to date with Labview 2020 SP1.   Silverlight support ends next month(Oct 2021) and we can not run unsupported software.  It is a security risk.   I need to remove it NOW.   What is going to break?  I read that MAX will and that is not good.  What are my options?  We have a full SSP and will go that route is no quick answers here.

Thanks


I think it's time for you to have a long talk with your IT department or whomever set this arbitrary rule.

 

In my company we have a lot of "corporate security policies" that we have to follow on our desktop workstations. For instance I can create an executable in LabVIEW but I CAN NOT run that executable on my desktop workstation. When they tried to force that on our lab computers we protested because that would mean we would be unable to do our jobs. 

 

In the end we worked out an agreement with corporate IT. We now have two classes of computers "workstations" that are connected to the corporate network and must adhere to all corporate security policies. We also have "lab computers" that are NOT allowed to ever connect to the corporate network. The Engineering department is responsible for all maintenance, troubleshooting, and etc. "Someone will hang" if any of them get infected with a virus or malware. We have a physically separate network that has it's own internet connection in the lab. But these lab computers are NOT connected to that network unless we need to download something. 

========================
=== Engineer Ambiguously ===
========================
0 Kudos
Message 4 of 15
(1,296 Views)

Our rules are set by a higher power.  One that does not negotiate the rules.

0 Kudos
Message 5 of 15
(1,290 Views)

@bobausttex wrote:

Our rules are set by a higher power.  One that does not negotiate the rules.


Then you can't do your job, end of story.

 

That should be enough to start negotiations. 

========================
=== Engineer Ambiguously ===
========================
Message 6 of 15
(1,288 Views)

@RTSLVU wrote:

@bobausttex wrote:

We are close to up to date with Labview 2020 SP1.   Silverlight support ends next month(Oct 2021) and we can not run unsupported software.  It is a security risk.   I need to remove it NOW.   What is going to break?  I read that MAX will and that is not good.  What are my options?  We have a full SSP and will go that route is no quick answers here.

Thanks


I think it's time for you to have a long talk with your IT department or whomever set this arbitrary rule.

 

In my company we have a lot of "corporate security policies" that we have to follow on our desktop workstations. For instance I can create an executable in LabVIEW but I CAN NOT run that executable on my desktop workstation. When they tried to force that on our lab computers we protested because that would mean we would be unable to do our jobs. 

 

In the end we worked out an agreement with corporate IT. We now have two classes of computers "workstations" that are connected to the corporate network and must adhere to all corporate security policies. We also have "lab computers" that are NOT allowed to ever connect to the corporate network. The Engineering department is responsible for all maintenance, troubleshooting, and etc. "Someone will hang" if any of them get infected with a virus or malware. We have a physically separate network that has it's own internet connection in the lab. But these lab computers are NOT connected to that network unless we need to download something. 


I don't think it's arbitrary.  Think about why Windows 7 is now a security risk.  Because it's (mostly) unsupported, it doesn't get most of the critical security updates.  The same thing goes for any unsupported software.  What if someone hacks Silverlight?  No support equals no security patch.

Bill
CLD
(Mid-Level minion.)
My support system ensures that I don't look totally incompetent.
Proud to say that I've progressed beyond knowing just enough to be dangerous. I now know enough to know that I have no clue about anything at all.
Humble author of the CLAD Nugget.
Message 7 of 15
(1,287 Views)

@billko wrote:


I don't think it's arbitrary.  Think about why Windows 7 is now a security risk.  Because it's (mostly) unsupported, it doesn't get most of the critical security updates.  The same thing goes for any unsupported software.  What if someone hacks Silverlight?  No support equals no security patch.


I have computers in our lab that still run Windows XP.

 

We DO NOT connect them to the internet.

 

Pretty simple and secure.

========================
=== Engineer Ambiguously ===
========================
0 Kudos
Message 8 of 15
(1,284 Views)

@RTSLVU wrote:

@bobausttex wrote:

Our rules are set by a higher power.  One that does not negotiate the rules.


Then you can't do your job, end of story.

 

That should be enough to start negotiations. 


Where I work, if we can make a case for it, requests of this nature are usually granted on a case-by-case basis.

Bill
CLD
(Mid-Level minion.)
My support system ensures that I don't look totally incompetent.
Proud to say that I've progressed beyond knowing just enough to be dangerous. I now know enough to know that I have no clue about anything at all.
Humble author of the CLAD Nugget.
0 Kudos
Message 9 of 15
(1,283 Views)

If we talk of obsolete and unsupported software, I know many semiconductor giants who still use 50+ year old iron ATE testers that have old CRT monitors (not even grayscale, monitor displays in green), I think they run some sort of DOS or UNIX.

 

I think NI may or may not have a fix for the Silverlight obsolescence but in the meantime, if the lab computers that you mention are of high importance for the company's operations than the security threat, they obviously have to provide an exception of some kind.

Santhosh
Soliton Technologies

New to the forum? Please read community guidelines and how to ask smart questions

Only two ways to appreciate someone who spent their free time to reply/answer your question - give them Kudos or mark their reply as the answer/solution.

Finding it hard to source NI hardware? Try NI Trading Post
0 Kudos
Message 10 of 15
(1,184 Views)