Slashdot Mirror


Battle Creek, Michigan Settles Dispute with ORBZ

Peter Sachs, Esq. writes: "According to a press release that now appears on its official website, the City of Battle Creek, Michigan has 'settled"' its dispute with ORBZ.ORG. The City concluded that ORBZ.ORG had no criminal intent to cause the City harm by testing the 'open relay' status its server. In fact, the Assistant to the City Manager said, '...we recognize that [ORBZ.ORG] has done us a service. We are going to be taking a close look at our policies regarding Lotus security updates and how we can avoid the issue in general'"

5 of 259 comments (clear)

  1. Battle Creek and Kellogg's by asackett · · Score: 4, Funny

    My personal boycott of Kellogg's products continues at least until they repay Ian for his legal expenses incurred as a result of the need to defend against the city's stupidity.

    I understand that Kellogg's has nothing to do with the stupidity of the city, but they're the biggest taxpayer/employer in Battle Creek, and that's close enough for me. As an American, collateral damage means nothing to me!

    --

    Warning: This signature may offend some viewers.

  2. Also by NiftyNews · · Score: 5, Funny

    "The City concluded that ORBZ.ORG had no criminal intent to cause the City harm by testing the 'open relay' status its server.

    The City also announced that it really like to be capitalized when referred to. It also notes that the word "of" is still banned when referring to stories about The City.

  3. Score one for common sense, for a change. by phillymjs · · Score: 4, Funny

    Must be something in the air in Battle Creek. I don't know what Kellogg's is belching out of their smokestacks these days, but I wish the RIAA and MPAA assholes would get a whiff of it.

    ~Philly

  4. Nope, you missed it by hawk · · Score: 4, Funny
    "The City" is known to mean San Francisco by all educated persons. The *real* question is why SF is involved in this. Was it infiltrating Battle Creek? Having dealt with California agencies while practicing law in Nevada, and being aware of their imperial pretensions, I want to know (and so should the residents of Battle Creek!).


    :)


    hawk, watching for californians under his bed . . .

  5. What an embarrassment! by dcavanaugh · · Score: 4, Funny
    First, the writer [of the press release] describes spam as a "computer prank" instead of unsolicited commercial e-mail. The comment proves they don't know what spam is! Then we have the unmentioned IT person who somehow traced back the activity to ORBZ without realizing their Lotus server was a sitting duck for a DOS attack (intentional or not).

    Let me guess (based on pure speculation):
    • Lotus sever set up by the "consultant du jour", who handles support on a pay-as-you-go basis
    • City calls for support, consultant quickly scans the log & points finger to ORBZ
    • City mgmt. goes bezerk; legal dept. goes to DEFCON 1; unleashes nastygrams vs. ORBZ
    • ORBZ explains cluelessness involved in having unpatched Lotus server; makes consultant look like idiot
    • City finds new consultant; recommends upgrade to Linux+Sendmail+Amavis+Sophos

    There are always exceptions, but the average municipality is not stealing the top minds from NASA to run their IT operations. Every once in a while, I peruse IT job listings. When I see a huge list of unrelated requirements combined with a pitiful salary, it's usually (a) municipal gov't, (b) school systems (same thing), or (c) retail. Before I get flamed by an army of municipal IT workers, I will clarify this sweeping generality: Municipalities hire too few people, they overcommit their resources, and the salaries encourage turnover. Surely, any reasonably qualified sysadmin (certified or not) would have detected & fixed the Lotus vulnerability (even if after-the-fact). The press release tells a story that makes it look like they have no dedicated IT staff whatsoever. I could be wrong on this, but if they spent less on lawyers and more on IT, this problem would have been prevented or quickly resolved.

    According to Netcraft, the website at ci.battle-creek.mi.us is running "Microsoft-IIS/5.0 on Windows 2000." The prosecution rests. This Battle Creek operation must have been a real bundle of joy when they discovered the "Code Red" worm.