Hoping to finally upgrade a computer system so weak that China managed to steal security records on 22 million Americans over more than a year of undetected hacking, Obama is asking for $19 billion in cyber security improvements as part of his final annual budget.

The funding — $5 billion more than what we currently spend — will largely go to an improvement of the “legacy” computer systems too outdated to deal with modern cyber attacks, along with a lot of frankly basic safety measures that should already be in place, like having two-factor identification across the board. Your office probably already has that in place if you try and check your work email on a strange computer. The money will also go to creating the position of a Chief Information Security officer who can oversee the changes.

“We have a broad surface area of old, outdated technology that’s hard to secure, expensive to operate and, on top of all that, the skill sets needed to maintain those systems are disappearing rather rapidly,” U.S. chief information security officer Tony Scott told reporters during a conference call Monday.

Cyber security upgrades were a theme in Obama’s 2008 campaign and he’s consistently spoken out about the problem, like this speech at Stanford last year. Assuming the budget is passed, these would be the most sweeping security changes he’s enacted yet, showing that the outgoing president is going to try his best to not become a “lame duck” in 2016.

This lag in tech updates may be one of the reasons why China seems to have such an easy time hacking into our defense systems. How embarrassing is it to see a Chinese army operating weapons and robots that seem to have been built with our own stolen plans?

Optimistic White House officials are selling a cybersecurity initiative as something that should have bipartisan support, but, even if the funds are approved, swapping out all those systems is a huge undertaking. As of 2012, the Government Accountability Office estimated that federal agencies spent as much as 70 percent of their IT budgets maintaining these expensive and outdated “legacy systems,” and little seems to have changed in the last four years.

Even without naming legacy systems we can make an educated guess as to what software they’re talking about replacing. The Navy has a $30 million contract to keep its systems running on Windows XP, and that’s a 15-year-old, now-zombie operating system that Microsoft stopped supporting in 2014. Then there was the 2013 push to finally move the Army’s email from Microsoft Outlook to Gmail. You really don’t want to see — hint: floppy disks — what our nuclear missile silos are running on, but at least they could probably handle a game of [Oregon Trail.](https://en.wikipedia.org/wiki/TheOregon_Trail(video_game) Probably.