Slashdot Mirror
Virus Knocks Out U.S. Visa Approval System
GillBates0 writes "According to this story and many others, the State Department's electronic system for checking every visa applicant for terrorist or criminal history failed worldwide late Tuesday because of a computer virus, leaving the U.S. government unable to issue visas. The virus crippled the department's Consular Lookout and Support System, known as CLASS, which contains, among others, names of at least 78,000 suspected terrorists. It was unclear which computer virus might have affected the system. But a separate message sent to embassies and consular offices late Tuesday warned that the Welchia virus had been detected in one facility. Welchia is an aggressive infection unleashed last month that exploits a software flaw in recent versions of Microsoft Windows."
1.) Use a firewall to block unnecessary access from the external network
2.) Patch Windows often
3.) Use anti-virus software and update the definitions often
I would have thought that the State Department would at least do these minimums (to keep its systems "safe from evil-doers"), but I guess you can't even expect that much from government work.
C:\>
As much the Slashdot community hates Windows and likes to dump on its flaws, I've realized one thing: Windows means jobs in the IT security sector. As a Network Security technician, my job is, among other things, to make sure the latest threat to Microsoft software doesn't bring down the entire infrastructure in the federal department where I work. At least twice a week, my office has a meeting where we discuss the latest Windows virus or exploit, organize a task force, and then do a system-wide deployment of the fix to some 2000+ clients. I like to think that as long as Microsoft keeps making, er, crappy software, and as long as we still have crackers writing virii and trojans, I don't have to worry about losing my job. If there was some magical "perfect" sofware that never needed fixing (note: there isn't) then we wouldn't need IT security professionals now, would we?
Why is such an important system run on Windows? This isn't an "MS sux0r5, install Linux" rant, they should use the proper systems for the job. If that tool is some open source stuff or closed source then so be it but you can't tell me that this database can only be run on Windows.
Of course "When your only tool is a hammer, every problem starts to look like a nail."
Trolling is a art,
Not allowing remote logins to something this important might be a good idea ^_^
It was cheaper to do without ? We all know how the budgets of gov departments are continually being slashed :)
How on earth does the government come up with a list of _78,000_ suspected terrorists? This is the type of indiscriminant prejudice that a seige mentality creates. This is a list of everyone who ever talked to anyone who ever talked to someone who might be a terrorist. In many ways these people's rights are now forfeit.
If the US government actually cared about human lives, it would be spending this type of attention on automobile safety (50k dead a year in US) or malaria (>1 million dead a year worldwide) or cancer (half a million dead in US per year). Compare this to "terrorism" which has claimed maybe 5000 lives in the past 30 years.
Instead we spend more on a "war on terror" in a year than has been spent in the entire history of cancer research.
-braddock
Shutting down a network on purpose is different from having it "fail" due to a virus.
Not by much, since both have the effect of putting a stake through the heart of user productivity for however long it takes to exorcise the virus from all the systems.
~Philly
First high level government agencies and departments suffer "apparent" virus attacks while running MS Windows...
Eventually MS will start pushing their Trusted Computing bullshit as the ultimate solution for blocking attacks on their own flawed products.
Oh and it will keep those nasty terrorist guys out too! Did we (MS) mention terrorists. Oh we did ok...
Not allowing remote logins to a national database used to approve visas all over the U.S. which is located in one spot? Do you see the problem?
Ultimate control hinders flexibility. If you want to fill out your application for a visa, send it by mail which will be handled by hundreds of people, to receive your visa which will be mailed to you, again handled by hundreds of people, rather than create a network which will allow someone to remotely access the information that they need in an environment more trusted than the U.S. mail system?
This is not your mom-n-pop accounting database, this is used all over the world. Eliminating remote access is not really an option.
Immediate term bashing aside
The reason open source is supposed to be better is that when lots more people (like 15% market share worth) run linux, then there will be more resources being used to update and error check open source software - theoretically. Comparing Linux with a small market share to windows with a large market share in terms of bugs is not appropriate, and considering the paid resources available (but maybe not used?) to Microsoft, it is amazing that open source even compares.
Not to knock Volunteers at all, but if every company who used open source in a major way paid for 1-2 full time programmers, which is a relatively small expense, maybe Linux would have an even better security track record. Microsoft can't get much bigger, and their software maintenance model has still proven itself unworthy.
Now I'm a big Linux supporter and all... but you're way off base here comparing Exchange to a Linux MTA... they're very different beasts.
Just to let you know, we use Exchange, and I think all we did about the virus e-mails was scratch our head and shrug. Never had a single e-mail borne infection...
Though that didn't stop a certain unnamed director from making us send a memo out explaining why people were getting weird e-mails and why the return address was wrong etc...
In THIS case, the article mentions Welchia... Which is NOT an e-mail virus, it's the RPC DCOM worm that tries to patch the Blaster hole. Is it still able to infect due to bad software? Absolutely! But it has NOTHING to do with e-mail or Exchange.
How would a bunch of Linux servers have helped them in this instance? If they're lax on patching Windows boxes, they'll be lax on patching Linux boxes too. Then they're just one OpenSSH exploit away from being out of commission anyway.
The only reason I can think of you being modded up is blind hatred for Microsoft. Hating MS is fine, but don't mark a post as 'Informative' that doesn't even know what they're talking about...
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
I find it interesting that W. and staff is pushing known insecure systems throughout the government. At the same time, they state that by putting in a firewall, a known insecucure system is as safe as *nix. But of course, in our government we have always had traitors, some who believe in a cause (such as the 2 airmen), and others who will simply take money to look the other way( or to change a final judgement) or to possibly just conenct a laptop into the network. There is no way to secure a computer network, even when not plugged into the internet. Our society is all too willing to accept an insecure system to be plugged into the network. Witness the nuke plant that was infected. It is almost certain that at this point, that a number of virus have been created by UBL that target US (and propably the world) systems to feed info back to them and quite probably to feed money back into their accounts. What Allah does not provide, then willing theives will.
W. et. push security and are having us give up liberties (supposedly temporary), but they are not willing to change their systems due to their pocketbooks.
Bad policies.
I prefer the "u" in honour as it seems to be missing these days.
I thought the U.S.A. P.A.T.R.I.O.T act made everyone in the US a suspected terrorist. That should read "300,000,000+ suspected terrorists".
Did you read that article on politechbot.com that they wouldn't let some guy wearing a little button that read "Suspected terrorist" fly on an airplane?
"History doesn't repeat itself, but it does rhyme." Mark Twain
Call it what it is: A Microsoft Windows virus. Maybe if the media keeps pointing out what us /.ers already know, the general public will get it through their heads that their choice of OS makes a difference.
I think that we have to remember that computing is still in its early childhood; Eventually software will become more secure. People often state that software is becoming less secure, but one has to remember that today's software is exposed to many more challenges and malicious influences than software 5 or 10 years ago. There are a finite amount of vulnerabilities in code. Once software is "mature" and no longer has new versions coming out every few years, those vulnerabilities will start to disappear. After the same piece of software has been in use for 20 or 50 years, then I suspect it will be quite secure. I do recognize that there will always be a human factor providing insecurity. The human factor, however, will not be the fault of the software.
Sorry human rights and the right to fair treatment below to EVERYBODY, regardless of citizenship.
We have accepted standards of treatment for people we are actively at war with. People who have no apparent hostile intent should get treated at least as well.
While I agree with you that there needs to be an accepted standard of treatment for terrorist actions, similar to the Geneva Accord for wartime, the sad fact is that such a standard does not, at this time, exist.
And these people aren't being treated unfairly; we're not letting them come to the United States without explaining terrorist connections. The United States doesn't belong to the world, it belongs to us, and we can say who we do and do not want to let in.
While I do feel that there should be some oversight over who gets put on this list and how they are selected, that the list should be made publicly available, and that there should be an appeal process to be taken off the list if necessary, none of those is an inalienable right.
I don't have a right to come into your home at any time I like. I can knock on your door and ask if I can come into your home. But if we don't really know each other, and you've seen me in the neighborhood a couple times with some known violent criminals, you would certainly think twice about inviting me in.
I don't see how the United States implementing a similar policy is any different.
I am disrespectful to dirt! Can you see that I am serious?!
78,000 out of an estimated 6 billion people on this planet, comes out to about 0.0013 % of the world's population. The government's 2001 statistics show that there was 1,063,732 new permanent immigrants entering the united states. Another report on visas issued (Table F) shows that in 2002, there were 13,230,001 temporary visas issued to foreigners to enter the united states. And thats just visas granted, not counts of applications. The raw data also shows the USA had a total of 27,907,139 visitors crossing our borders with visas in 2002.
So, from the numbers above, they have 78,000 applicants as suspect, which is roughly 0.28 % of all visitors. Not exactly a huge amount relative to the sheer number of people trying to get in.
Yes, I can believe a number that large. They could be ex-soldiers from suspect countries, foreign "students" registering in obscure american colleges for odd majors, maybe someone trying to get in with an H1-B who doesn't seem to match his job description, or anything that appears out of the ordinary when cross referenced with other security lists. Did our visa applicant recently travel from Iraq to North Korea, next to the USA? Flag him. Did our visa applicant happen to be in a particular Afghanistan town 2 years ago, when we know that other known terrorists were there at the same time frame? Flag him too.
There are thousands upon thousands of people trying to enter the united states every day, and our government has a monumental task to validate their reasons for entering. Obviously they are trying to research the histories of everyone to the best of their ability, which is why getting the different law enforcement agencies talking to each other was such an issue for the Bush administration. Some people say we're scrutinizing too much, but even more believe it's not enough. Thinking that we have secure borders is a fallacy the US public needs to wake up to and recognize how easy it is for individuals to slip in under false pretenses. We can't be isolationists, but we can certainly do a better job than we've done in the past.
Why dont the govt just demand better software? They are such a huge player that there would be a new market created just to sell secure software.
I dont buy this bullsh*t people keeps spreading that its impossible. It aint, just as you can build secure bridges and houses you can make software that is much more secure than todays crap.
There hasnt been a strong enough market for secure software and its up to the consumers and govts to start demand better software.
Even open source could use a kick in the but to get their act togheter.
Compare vsftpd to some other random ftpd and youll get my drift. Security is about design and not about being bugfree.
HTTP/1.1 400