Slashdot Mirror
Computer Viruses Cripple Colorado DMV
Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."
I'm sure the "fresh software" will be provided free of charge to the state...
Just great. Now I'll have to wait like, 4 hours to get a new picture!
There are removal tools out there guys. You don't actually *HAVE* to re-install it to remove an infection. Sounds like the CO DMV needs to hire someone who knows what they are doing!
Bored? Why not join a decent mess
have they considered Linux?
I should hope not! Don't you realize that Norton Anti-virus doesn't run on Linux? How would they protect themselves from these destructive viruses without every machine devoting a few hours each day to scanning for and eliminating viruses?
I suppose it's understandable that you overlooked this problem, though, I hadn't ever thought of it either until some security brainiacs at a client's headquarters refused to allow me to connect my laptop to their network unless I could demonstrate that a reputable virus scanner was checking my machine at least daily. I pointed out that my laptop runs Linux, and that there are no Linux viruses in the wild, but they made it clear that that doesn't matter -- any machine without a virus scanner is a risk to their uber-secure network.
I sure am glad they explained that to me...
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
How does the JPEG exploit affect the DMV? Are the lines so long because the agents are looking at pr0n all day long?
"I make people like me... WITH VIOLENCE!" - ATHF
The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?
Oh, brilliant idea. Why, they could have their entire statewide system gutted, upgraded to Linux, re-designed, re-written, tested, debugged, deployed, up and running in the time it takes Gentoo to boot!
Obliteracy: Words with explosions
No entity (person, company, or organization) has faced a more damaging enemy than their own mistakes, laziness, and incompetence. [aka. themselves]
Microsoft will be it's own downfall, it's already happening, and will only snowball.
This is probably example #1,542 of thousands to come.
Of course, thank god for the alternatives, without them, no one jumping ship would have anywhere else to go but the cold drink of water below.
It's frustrating to see people/companies/governments stung by things so simple to avoid, especially when one (me, IT people?) feels like the have the "answer" but no one is listening.
(It could be Linux, BeOS, Apple, who knows.... it all depends really)
To me it may be similar to the feeling a doctor has if/when they have a patient who refuses to stop a habit that will eventually kill them, despite being told so to the point of exhaustion.
I'm not sure anyone really WANTS to dislike Microsoft, but they make so many bad mistakes, spit out so many garbage products that it's hard not to. It only frustrates me even more when "users" stick up for them! They need to read "The inmates are running the asylum" and learn about dancing bears, and the other ideas within. Being a power user of bad software does not make you an expert, it makes you blind to the way things really should be.
Sigh.
and you think that because they have one glictch that they should just go off and switch to linux? Oh yeah, that will solve it.
You're a hater, you can read it in your style.
BTW, Firefox browser just had a recent flaw (prior to 1.0) so should I switch to I.E., or upgrade to Firefox 1.0? Your logic is swayed by your hatred towards Windows, as most others who will flame me for writing this.
Pr0n in governemnt?
The prince of Bel-Air installs it?
The pack Dentine in with the restore disks?
*rimshot*
Always going forward, 'cause we can't find reverse.
Read all about it! Systems not properly administered and patched may be hazardous to your network's health!
Read the story now, pictures at eleven.
"Ask not what your country can do for you." --John F. Kennedy
How many people bet the headline should have been that?
Alternate joke: Things have ground to a halt at the DMV? You mean it's been more than 5 minutes since the doors opened?
Blaze a trail to the New World
As if the wait wasn't long enough..I for one love standing in line or sitting in the oh so tastefully decorated DMV offices.. I wonder if they put this out there to explain a particularly brutal episode of Gov't incompetence.. But they did mention windows, didn't they..hmm
So many injustices..so little time..
We are all assuming the Colorado DMV runs Windows. They probably do. But no where in the articles is the name of the OS they run mentioned. Yesterday I searched Google news for the name of their OS, and no article mentioned it.
Mod down people who tell people how to mod in their sigs
The hack has effected all driver license photos.
:(
The goatse man now appears on all new licenses, effective today.
How about blocking all traffic from the DMV department to the internet? Why the hell do their license computers need to be on the net anyways? A local net to talk to your databases and internal email, sure. But internet access?
Weaselmancer
rediculous.
probably means re-installing Windows, but have they considered Linux?
BEGIN LINUX CONSIDERATION
Q) Does it have the custom software we need?
A) No
Q) Do we have the budget, time, or employees with the skill to write it?
A) No
END LINUX CONSIDERATION
Sorry guys, that's just how the real world works.
I don't need no instructions to know how to rock!!!!
What happened to good old fashionned mainframes + thin clients with monchrome screens...
They are issuing liscences, its not like they need anything speciale, windows like, to do that...
Anyways they would probably get better productivity out of this since there is no web access etc etc...
Even the suggestion that they should migrate to linux instead of flattening and reinstalling is premature, and horribly ignorant. A migration to another OS would take a company of that size months, and possibly years to do. Yes it would reduce the TCO, yes few viruses are written for it (so far), but to even suggest that linux would SOLVE their immediate problem is an idiotic proposal.
Cripes, set your zealotry aside and think.
Feed the need: Digitaladdiction.net
On the other hand, perhaps they have something prior to XP, and they just need an excuse to upgrade their web browsers. ;)
This tagline brought to you by 1500 monkeys in just under 17 years.
Now is not the time to upgrade the entire system to Linux it is time to patch and go. But it is a good time to consider if a full system upgrade should be done, when time is not so critical. An ill planned upgrade will squash the likelyhood of linux getting a good chance. Also it would require getting a good staff of IT guys that know linux and not a bunch of MCSE's.
However, that is not to say that they should not be considering Linux as a longer term solution to their problems...
Replace all the machines with Linux!! Then you are still open to the myriad of remote linux exploits... and instead of them just being one more tick in a zombie network that nobody really cares about, someone who's really looking for something will be in. On top of that you get to buy all new software for all of your programs (if there even is any) or hire someone to write all new apps in house (better keep that number handy, with every new release there's a chance it could break).
:)
I'm a firm believer in linux on the server (actually more towards fbsd myself) but it's not the end all be-all solution to all problems. And I re-iterate, when linux reaches critical mass you will start seeing viruses for it as well.
*disclaimer my grammar and or spelling may suck, deal
Has anyone though that there could be other problems as well. I bet there are ton of viruses out there targeting a piece of custom software for a DMV for a relatively small state (Population Wise). Well the first thing comes to mind is "Don't use windows you dumb asses" If you are spending the money to rewrite the software that only fails because the OS uses windows and the windows virus corrupt the application, you might as well switch to a sturdier infrastructure. Sure Linux is a better solution (Open BSD may be a better one in terms of security). But there are also things you can do and keep your windows infrastructure. Like proper firewall setting control, Not using Outlook and IE and replace with Mozilla (firefox, firebird). Run Anti-Virus software that automatically checks each file before it is open. But blaming the custom software is the last thing I would blame for the problem. There could be other reasons for switching the program (lack of support or poor support, other problems with the applications) if just because the program breaks because the OS is a virus, I would be really pissed off if I was the developer of this dependable software who programmed to the specs of the DMV and they only hate you and you probably loss business because their specs had you write a program in windows and Windows is the thing that is getting the virus.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Giving people that can't even administer a set of windows boxen properly a set of Linux boxen to administer is going to solve what problem, exactly?
I live in aurora colorado, and I had a court date this morning, and I was turned away because they couldn't access the DMV database. I was told to come back the next day, anyone have any idea how long until this will be resolved?
[Enter, Stage Left] Script Kiddie, a 13 year old white kid with glasses, walks through the door... black eye, obviously had the crap kicked out of him.
Mom: What happened, Jimmy?
SK: Well, I did this u1tra-l33t haxoring on the DMV, mom, but it turns out that some of the older kids didn't think it was so l33t when they couldn't get their licenses...
One glitch?! An entire government bureaucracy is shut down for nearly a week (and who knows how much longer) because numerous computers are crippled is hardly "one glitch."
And considering that the problem would not have occurred if Linux had been used, I'm not sure how you can say, "Oh yeah, that will solve it." Please explain that to me please!
And also please explain how a flaw found and fixed in Firefox has anything to do with Linux.
If someone says he and his monkey have nothing to hide, they almost certainly do.
Who to root for, the viruses or the DMV? A conundrum if there ever was one...
oh wait, concealed carry licenses don't appear to be affected...
I wonder if any of the work they do will involve teaching the DMV employees not to open up unknown attachments and other forms of "safer" internet use. All complaints about security holes and stuff aside, there's a good chance this mess started when someone opened an infected email.
Me? I'm just happy seeing my Colorado tax dollars at work.
--Chag
I guess the real question is, could people even tell.
The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?
Yeah, that's a great way to get things back up and running. Introduce a new OS. I'm sure everything will run smoothly after that. Comments like this dont do much to dispell the view that many have of linux proponents: a lack of a grip on the realities of IT.
While considering Linux would be wise, it should be considered a long term solution, not one that will get everybody up and running again. For now, if reinstallation is the best option, you put together a plan to train some people really quickly to do it and fan and and work 24/7 until it's done.
The Linux option should be brought up but not now, that's for the post-mortem meeting.
The reporter is a complete pussy.
Tens of thousands of Detroit drivers are without service, and the DMV rep says:
"People understand that we are living in a computer world."
Uh. The followup question should've been "why the f*** did you let a virus infect a critical computer system?"
In Soviet Russia, I ruled you
Would anyone actually notice the slowdown? This is the DMV after all.
"Somedays we don't let the lines move at all. We call those days weekdays."
yeah, if your proprietary software running on windows 9x/NT breaks due to a virus, the best thing to do is start a migration to linux... that will get you up an running. that is like a installing a sprinkler system in a burning building, sure you SHOULD have had it but it doesn't help to suggest it now.
Getting tired of hearing "have they considered Linux" every time a Windows exploit makes the news. While Linux is (arguably) architecturally more secure than Windows, all this really endorses is a variant of security through obscurity, and I thought "security through obscurity is bad" was mantra #2 around here. The greatest security advantage that Linux offers is that it is a relatively small target. When/If Linux is ever as widely deployed as Windows, it will be just as big a target, and probably just as commonly exploited.
He said something to the effect of ' ... my parents said give us a good reason why we need a computer ...' . Almost instantly, 3 people in the room said 'Where else would you install anti-virus software' .
Microsoft has a serious image problem right now, and it does not look like its going to get better any time soon.
All you touch and all you see is all your life will ever be
I'm sure someone in their organization has. Has the submitter considered the year or two (and LOTS of $$$) it would take to implement such a change?
"The Colorado DMV will be down until early 2006. We thank you for your patience."
Viruses are a universal problems with "computers". Ofcourse, that's to be expected when most people relate computers to Windows.
It's not a "computer world" you're living in, it's a "Windows world".
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
Therefore, the DMV's problem will not be solved.
Unscheduled downtime due to security vulnerabilities will continue to happen, from time to time.
The next pasture is always greener
The so-called convenience of having a standard OS with which most people are familiar coupled with concerns over the amount of money it would cost to convert to another OS are things to consider about migrating to a new system.
Unfortunately, Linux, BSD, and other alternatives still scare some upper management. If the cost of migrating + training is still a determining factor, then they should also weigh the risks of maintaining their current OS. That is, the cost of down time, man-hours to correct problems and get systems online as well as meet the needs of the public, and the cost of compromising controlled information such as privacy data.
How much damage will it take to consider a new system? How much money does a company or organization need to lose before the cost of migrating seems to be a viable option? How many compromises in security will it take? Microsoft's security exploits, among a host of other things, are well documented in daily news.
But, hey... Microsoft says that they deliver a better and more secure product. The news speaks louder than rhetoric. I recommend that open source community partners in that state contact their representation in a professional manner to help bring awareness that there are other options available.
Get some.
Have you considered what it costs to switch to Linux?
...
Finding/writing replacement software, ensuring hardware compatibility, finding competent admins, installing everything, retraining personel, working out issues,
Please correct me if I got my facts wrong.
...issue? Part of the problem with viruses beyond the fact that many OSes still ship with pretty lax security, is the way that PCs are actually implemented when put into a networked environment. The implementation is dictated by the policies of the organization. Too many organizations do not put enough thought into what users should and shouldn't be allowed to do at EVERY level of computer use. Some of this is due to the fact that these organizations can't afford a decent admin due to being underfunded. Another cause is that many of these orgs also think that computers should be a "set it and forget it" kind of thing.
So how can this be addressed? Probably the first thing to do is GET A DECENT ADMIN and IT staff. Since we are talking the BMV here, this means better funding for the BMV to attract a decent admin and IT staff who will demand more pay. Which means... that taxes will have to be increased. Which means that indirectly, the tax payers who vote down county levies are are responsible.
Another thing that can be done once you have a decent admin is to set up a very detailed policy about what users are and aren't allowed to do on a machine. This includes whether or not they can even access external resources on the web (No external web mail during work time, etc...). Regarding the channel of e-mail for mass mailing worms, all mail should be filtered through a virus scanning and spam filtering appliance like the Barracuda Networks Spam Firewall.
If the environment is such that it demands that users be able to access external web resources, a remote application server (with automatic virus protection) running on a separate network should be used for all external web browsing. If they are accessing an internal resource, they can use their local browser. This way if the app server gets hit with some kind of worm or virus, it won't infect their system as the only connection would be over X , RDP or Citrix ICA.
Is all of this a pain in the ass to both implement and live with? Most certainly. Will the users complain? Count on it. Will it buy you a lot more protection against the worms and viruses today? Yes. It's just a question of which environment is more of a pain in the ass for you. One where you are constantly dealing with users that are infecting their machines and taking down the network so that productivity grinds to a halt? Or one where users gripe for a bit about the new restrictions, but you have far fewer or no virus/worm incidents? The choice as they say, is up to the peoplpe with the power to rethink these things.
Un-news
Comment removed based on user account deletion
Or the next thing you know, some sick computer hacker will get in there and start sending tax bills to rich people.
God forbid some 'sick hacker' do such a thing.
Hey Mr. Anonymous:
The Microsoft problem is far more than this one incident and it's not about "hating." For most of us, it's quite far removed from being an emotional concern and more of a prediction of future and larger disasters.
Firstly, Microsoft's vision is a homogenus computing environment. That's DANGEROUS and every computer expert agrees on this point. What could be worse than a single bit of malware crippling more than 70% of all PCs and Workstations? Right! 100% being crippled by said malware. We've seen the lightning fast spread of some malware across the net at rates that are far too fast to remedy in time.
Heterogenus computing is simply dangerous ESPECIALLY when combined with Microsoft's history and handling of even current issues. They have to write an entirely new OS if they want a secure product since the Win32 message queue problem is inherent to the API in such a way that "patching" is impossible. Of course they could create a BSD variant kernel and then build their own "wine" to secure things AND maintain compatibility but their pride takes priority over stability and security.
And finally, you have to consider where Microsoft's core interests lie. There are still companies out there who prioritize customer satisfaction over profit, growth and domination but it's pretty obvious that Microsoft isn't one of them given their choice to abandon MSIE development for "legacy operating systems." Are they running out of money or is this another way to manipulate people onto XP? I don't think cost of development is the motive do you? Honestly?
It's not hate... it's fear.
I may be oversimplifying the problem, but why don't they go to OSS. Afterall, don't their software needs boil down to 1) relational database, 2) (small size) digital photography, 3) some internet connectivity to share info with the main database, and 4) word processing with mail-merge? OSS should have good software for all 4 functions. I don't see anything that they need that the rank-and-file can't run on a hardened linux variant. Once the system is setup properly, they can lock it down to prevent tampering - easier to do than on windows. The only downside I see is that they may miss MS Solitare and other PC games - maybe that's the holdup ;)
Yeah, glitch.. you know...
A minor malfunction, mishap, or technical problem; a snag: a computer glitch; a navigational glitch; a glitch in the negotiations.
An "Entire government bureaucracy" huh? Lets see...
Administration of a government chiefly through bureaus or departments staffed with nonelected officials.
The departments and their officials as a group: promised to reorganize the federal bureaucracy.
Management or administration marked by hierarchical authority among numerous offices and by fixed procedures: The new department head did not know much about bureaucracy.
The administrative structure of a large or complex organization: a midlevel manager in a corporate bureaucracy.
An administrative system in which the need or inclination to follow rigid or complex procedures impedes effective action: innovative ideas that get bogged down in red tape and bureaucracy.
I guess you could choose one of those to handle the "Drivers License section of the DMV" - I'll let you slide on that one, but you make it sound so much larger than it actually is. It's just the computer system which enables them to process the information, not the actual database, which I'm sure they don't let people "surf" on.
No, you tell me now using Linux would have prevented it. And no matter what you say, you'll be wrong. I know non-windows (not even the free-bee precious linux you so love) that have had malicious scripts run as sudo and root and completely take down a system, oh, but that's not called a virus because it doesn't fit the true definition, but you get the point.
Also, obviously you haven't even read the article yet, go read it, come back and re-read what I posted then you'll see the analogy (you do know what an analogy is don't you?)
For those who have more than half a brain, just because you have an incident, doesn't mean you throw out the whole thing (e.g. switching OSes and all the apps that you must get working on the new os) - hence my analogy to the Firefox bug (you don't just throw it out, and goto I.E. or Opera or whatever) you get it patched (e.g. you get the virus fixed, and kick the IT departments ass (or whoever) for allowing it to infect the system.
Detroit is nowhere near Colorado.
If God had had a computer it would have taken him 7 months to create the earth...if he even bothered to do it at all.
I went to renew my car registration this past year and while stting down at the counter with the clerk, I noticed a little yellow sticky on the lower part of her monitor:
[sticky]
Password
password
(all lowercase)
[/sticky]
Made me feel nice, warm, and fuzzy...next year, just renew it myself (now where is a yellow sticky when you need one?)
I suspect they will we continue to see and hear/read more about these type of incidents....I also believe we will start to see incidients at that related to non Windows based systems because
(a) as *nix/OSS is taking a deeper foothold in systems, more flaws are bound to show up
(b) MS will make sure that those incidents get reported to as many outlets as possible to show people that it's not just them.
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
my DMV doesn't have any windows. It's like a dank dark hole in the ground.
There is a mandate from the govornors office to be a MS-only shop. This goes back to the ties that Owens made with Bill Gates.
I prefer the "u" in honour as it seems to be missing these days.
Firstly, Microsoft's vision is a homogenus computing environment. That's DANGEROUS and every computer expert agrees on this point.
Luckily, computer experts generally don't run businesses. You're suggesting that instead of having everybody in an organization run the same software, that you should have multiple platforms, so you have to double or triple your IT bugdet to track security holes on MULTIPLE platforms, do MULTIPLE software rollouts, and hire several people just to deal with data translation between the platforms? Are you kidding?
You're simply promoting security through obscurity, and a very expensive method at that. That's probably the most boneheaded suggestion that I've heard, unless you happen to run a computer security company, and you need multiple platforms for testing.
I don't respond to AC's.
:D
This must be driving them crazy. I can't wait for Windows for Vehicles edition showing up in my next car. It could renew my plate online, without going to the registration office.
Those people could pack up and stop whining about our software.
It is time to fix the problem and start switching to
a system that can actually handle enterprise level transactions without the daily threat of being owned.
Linux may or may not be the immediate solution but it is damn sure the long term solution. Don't give me a bunch of lip about retraining this is a environment that should be under tight control but obviously is not.
Think, linux thin client architecture, you only get what the admin gives you. You want to issue a license you click the license icon on the gnome desktop that was placed there by the DMV administrator.
Got Code?
Thay can make your life a Living HELL!
||| I still can't believe Parkay's not butter.
No, it is not showing up in the wild, at least this has not been reported. PoC exploits are available but that is different from an exploit beeing detected in the wild: "in the wild" means that it is reported as beeing activley used. E.g. a virus which is actually infecting machines outside of lab environements. This would mean that it is only "in the wild" if at least one user was attacked with it.
you mean this ? :)
"Some days, kids, the software here doesn't work at all. We call those days WEEKDAYS."
(orig. quote from [Patty|Selma])
Intelligent Design: because MATH is HARD.
The reason we don't make a big deal out of the Linux exploits is that most of us have never seen any harm from them. Yet Windows, throughout its life, has been a constant hassle.
Does it really matter if someone targets one of the major distros? In terms of Linux, it's a major pain to write a virus because there is NO SOFTWARE MONOCULTURE IN LINUX.
Repeat that as many times as necessary.
Without monoculture, viruses have very little impact.
Laws are for people with no friends.
...I'm just happy to see Colorado tax dollars come here.
First, the inability for the DMV to give out licenses is clearly more than a "minor malfunction." Also, you said "one" glitch. Exactly how are multiple computers being infected "one" problem?
g =l h
Second, how would the use of Linux prevented it? The computers at the DMV were infected by viruses. Those viruses would not have impacted any machine running Linux. Accordingly, it is necessarily true, that if those machines were running Linux, the viruses would not have impacted the machines.
Third, you speculate that other means could have been used to impede those Linux machines. But you are speculating. There is no evidence what so ever that such "malicious scripts" came into play here. You could also argue that even if Linux was used a bomb could have blown up the entire DMV administration building, and you'd have exactly the same amount of evidence to back it up.
Fourth, you analogize that because Firefox has problems, that Linux may have problems. Heck, I'll analogize too. Merely because the BSA has shut down organizations before for using proprietary software, it could do the same to the DMV. Thus, to avoid being shut down by the BSA, everyone should switch to Linux and Open Source.
http://news.com.com/2008-1082_3-5065859.html?ta
To summarize: The machines were infected by a Windows only problem. Thus, not using Windows would have necessarily stopped the problem from occurring.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I for one welcome the immanent arrival of our Linux-virus writing overlords.
Their big challenge: how to port Internet Explorer, Outlook and Visual Basic to Linux and integrate them in such a way that Linux users can't remove the offending code, so there are huge holes to exploit, and built in distribution systems to make exploits into worldwide virus catastrophes.
Step 3: Profit!!
The greatest security advantage that Linux offers is that it is a relatively small target.
This is not really true.
The greatest security advantage that linux has is the fact that it is open source. When something from MS breaks, you have to wait until MS makes a fix.
[Patty and Selma on working at the DMV]
Patty: Some days, we don't let the line move at all.
Selma: Yeah, we call those weekdays.
... there are still government entities out there who are still using Monkeysoft [Microsoft] software?!? After the thousands of articles on the net explaining how bad and insecure MS software is?!? Hmm... that's hard to believe.
Oh well... if they had been running a Linux distro, this wouldn't have happened. Hopefully, they'll learn their lesson and dump Windows in the garbage where it belongs.
Long live Linux!!!
As much as I love not running MS software, the real problem is that they had insufficient backup systems in place. All systems die/fail/break/rust or whatever eventually, and all critical systems must have some sort of failover ability.
--jeff++
ipv6 is my vpn
Too funny, and true.
Unfortunately, I have had the opportunity in big government to be shouted down publicly, being told that they "are not funded for Security", which is why their routers were wide open and their systems unsecured.
Not lazy or incompetent admins (many were guilty of being intellectually lazy), but mostly the Scientists and Researchers simply *did not care* or understand the importance or cost of the public's data, or the cost to recover.
And still don't.
The absence of a monoculture also makes it hard for normal software vendors to make software for "linunx" instead of only for a select few or one major distro.
Which is better? No virii or no major software? If the "killer app" comes along and is only written for one or two distros then won't that be the beginning of a monoculture in linux?
And what about the mono framework?
Man! They should totally upgrade to Linux! There definitely aren't any image file exploits on Linux. Definitely. Definitely.
Hmmm, wonder if this group of experts will gladly re-install this fresh software directly into an unfirewalled network and patch from scratch. 'Cause you know, there's like an ethical 3 day non-hack period for "fresh software" where worms and viruses just will not attack new installs until they've been properly patched.
So yeah, "fresh software" is the answer. Unless of course by that they mean compiling a Gentoo build, which would probably go well along the lines of a DMV's cultural pace.
Oooooh, an MS-bash and a side jab at gentoo users! I'm bound to get killed for this. Best to resort to cowardice.
You can't READ or at least understand what you read, can you? Never once did I say that "malicious scripts were used" or any of this, pertaining to the DMV problem, I said that Linux has similar problems.
And to say....."To summarize: The machines were infected by a Windows only problem. Thus, not using Windows would have necessarily stopped the problem from occurring."......Tells me you've not been on the block long have you? Please tell me you don't have an IT job, beter yet, you're probably an IT MANAGER, which is worse, becaue you'd use this crap on us IT guys who actually understand this is simply not true.
Hi, I have this cool new web site I want you to goto Sally... Oh Okay, what is it? Its "www.killyourcomputer.com" --- oh no problem, I'm using Linux, nothing can tough me, I'm SUPER SALLY (well when I use my Linux box).... click click click...
yeah you're right dude, Linux is the Jesue Christ of the IT world, cannot sin, cannot do wrong and will save all poor little Windows users when something minor (yes MINOR because they lost ONE system) happened.
go back in your paper-pushing cave.
No, it's not security through obscurity -- far from it. Methinks you read too much into what I stated.
You're also making assumptions that everyone uses the Microsoft software model where every machine is a fat client. In my organization, we have a combination of fat (Windows) and thin clients. Heck, we have phone systems, Linux, MacOS (9 and X) and all sorts of applications running on all of them. I keep busy, surely, but I'm no more expensive than most of the one-trick ponies out there who graduated from the bar-tending school of MCSE paper printing.
All that money saved means all the money spent is wasted if the first chink in the network's armor is exploited before a chance to patch it was given. And now given that people who reveal security risks are target for prosecution, the odds are definitely higher that the information will be kept secret until it's too late more often.
May the next "code red" not hit your site any time soon.
Chances are real good that whatever software they use; real software mind you, not just MS Office, is NOT available under Linux.
This is my main beef with the "just switch to Linux" fanatics. Every type of business has their own specialized software, most of which these days is built to run on Windows because 90+ percent of pc's out there run Windows. Very few software vendors have the resources to build parallel versions for different OSes.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Being from CO., I can state without hesitation, that these people are better off WITHOUT the computers they have no clue how to use anyway.
I have a question, because I don't know the answer. How do you ghost all these machines with a new fresh clean copy of the OS and apps and still retain the data and know that the virus isn't still embedded in the data someplace? Seems like you'd still have to rely on a virus checker/remover, which may or may not find the problem.
I recently found this tool, it has helped me out with removing virii/malware. http://www.sysinternals.com/ntw2k/freeware/autorun s.shtml
----------
Why do I always get error code ura:A55h013?
They recently changed the name from "Division of Motor Vehicles" to "Motor Vehicle Services". Now they advertise that they're the epitome of efficency. And all thanks to a simple name change.
Diane Reimer, spokeswoman for the Department of Revenue's Motor Vehicle Business Group, said a team of about a dozen experts that has been working with the license system decided Tuesday that "fresh software" would be the best way to remedy the virus.
No details have been released about the virus, and the state has not yet disclosed how much the problem is costing taxpayers.
---
I always recommend a complete system wipe for any problems related to Windows. Re-partition, format, install. It cures Directx problems. It cures Service Pack problems. It cures virii. It cures spyware. It cures some asshat who just rooted your backdoor with his worm. Plus, I get some deterrance in there for other bastards who would ask me for my "opinion" of their problem.
If it only worked like that for physicians, we'd cure all our social woes. "Uh, yeah. Just reboot his ass and slap a new one in there."
And hell, what's the point in worrying about how much it costs. You sure as piss weren't worried about it back then, so why should you be now?
Switching to Linux, like anything else, boils down to a cost benefit decision. It may be possible to switch to a linux system and save money in the long run, but there are always obstacles to convincing the decision makers that this is so. Here are a few possible obstacles:
The last one is my biggest annoyance. I've run up against this wall so many times I've got a permanant dent in my skull.
The frequent cause of this situation is a long history of technical types who constantly pitch ideas to the non-technical managers that are full of gee-whiz stuff, but have no real monetary benefit. So the tech guy comes off looking like a clueless idiot and the leaders start to think that it might be safer to give a loaded gun to Charles Manson than to listen to anything the tech guys have to say about business planning.
So before you want to start making noise about how an organization should undertake some tech upgrade or project, please stop and think of it in business terms, or at least try to find someone who can do so and will help you. Those of us who have some business training are tired of being ignored out of habit because our predicessors couldn't put a coherent business plan together.
At least a windows virus on a linux server doesn't bring down that SERVER. Reloading/repairing a single desktop is much easier than doing the same for a server with 100+ users.
Rob
Hmmm...so that's why those damn lines are so long there. They're busy looking at JPEGs (pr0n).
http://www.lipservicemusic.com
The Road and Transit Authority in NSW Australia had a similar problem when they would suffer outages or slow downs caused by virus and worms. They were fed up with the outage and slow downs that they switch many servers and desktops over to Linux:
0 ,2000061744 ,39151723,00.htm
Viruses, MS vulnerabilities behind NSW RTA decision
The NSW Roads and Traffic Authority (RTA) has cited the intensive targeting of Microsoft products by malware writers as a key reason for shifting some customer-facing workers to Sun Microsystems' desktop products.
http://www.zdnet.com.au/news/security/
Assume you are the governmental official who has managed to screw up their computers to the point that you cannot issue new licenses. Isn't it possible that blaming the problem on a virus regardless of problem, might be the best face-saving maneuver?
Worser than the latest MS virus! Worser than the war in whoknowswhereistan! It's a crippling blow to all of geekdom!
BTW, Firefox browser just had a recent flaw (prior to 1.0) so should I switch to I.E., or upgrade to Firefox 1.0? Your logic is swayed by your hatred towards Windows, as most others who will flame me for writing this.
While the submitter's suggestion is indeed off base, you are unhinged. The fact that FireFox has ever had a security flaw makes it no different from IE? That's like saying the fact that {upscale neighborhood} has *ever* had a crime makes it no safer than Compton.
I think you are the "boneheaded" one here :)
The parent poster said nothing about heterogeneity within a single business. Rather, I think he was referring to the overall benefits of having multiple OS's out there in the broader world so that no single vulnerability would bring down too large a share of the world's systems. This is not security by obscurity; rather, it is security by redundancy (here at the OS design level) which is a well-established principle of security.
At the same time there are certainly cases where the benefits of security and reduncancy would outweigh the costs and complexity of heterogeneity -- the cost of "business interruption" often outweighs the cost of redundancy. Taking your thinking to its logical conclusion, no business would ever have a redundant data center, no house would have double locks on the doors, no person would ever waste time thinking of contingencies or backup plans, etc. Obviously, the right answer involves weighing the costs, benefits, and risks of investing in hardware/software redundancy and diversity.
Evolutionary diversity is a good thing in the natural world and is also a good think in the computer systems world. Without evolutionary diversity, one (biological) virus could wipe out an entire species. In fact, the original space shuttle had two completely different computer hardware systems with separately written computer code to ensure against a single hardware problem or software bug from taking down the shuttle.
The fact that Windoze is a closed system and that Micro$oft as a publicly-traded company is driven primarily by profits only aggravates the situation. The (near) monopoly position of Micro$oft further reduces the overall incentive to innovate and improve security/reliability. Borrowing from another biological principal, "survival of the fittest" doesn't exert much evolutionary pressure if there are no competitors and no threats to survival!
Please excuse my troll but I'm absolutely sick of /.er's constantly attacking Microsoft and expounding the virtues of Linux. Although I have no hard evidence to suggest the following, it is my conclusion based on my understanding of human nature. The reason that Linux virii don't run loose in the wild is people have no reason to create virii for Linux. 90% of people are on Microsoft systems (http://www.freerepublic.com/focus/f-news/999634/p osts) thus people with malicious intent scour microsoft products for exploits. Malware/Adware has become a big business and finding exploits helps to facilitate that business. Such a small percentage of people use Linux that there is no reason for people to find exploits, I sincerely doubt it has anything to do with them not being there.
This all being said, I have no problem with Linux. I tool around with it at home, but as an IT Professional I know it is NOT the solution to my companies problems. A great deal of software we use is not compatible with it and our clients software is not compatible with it either. Simply changing the Colorado DMV over to Linux would be a TERRIBLE solution. Although the OS would cost no money, the money it'd cost to build appropriate software, train employees and transfers all the systems over to the new systems would be ASTRONOMICAL.
Linux is great, but it's not the holy grail.
No, most people will flame you for your stunning lack of logic, and the fact that you use the word "hater".
- Jabber: shawn_willden@jabber.org
I'm 35, have been married for 13 years, have four children (3 yr boy, 6 yr boy, 9 yr girl, 11 yr boy) and an American upper middle class lifestyle, complete with SUV. I'm a professional software engineer of 14 years, currently employed by IBM. My specialties are cryptology, security, networking, embedded systems and OO. I used to be a cop in the USAF Reserves, spent two years living in southern Mexico as a Mormon missionary and have traveled extensively (excessively?) inside and outside the country, to nearly every region of the world. For fun I write software, read and write fiction, camp, hike, fish, hunt, SCUBA and snowboard. I use Debian Linux almost exclusively (I'm dabbling with Gentoo), booting Win2K in VMWare when absolutely necessary. Politically, I'm mostly Libertarian.Let's start from the beginning.
A poster argued that the DMV should switch to Linux. You argued that that would not have solved the problem.
Here is a fact: The viruses involved only affect Windows Machines.
Here is another fact: Those viruses would never have affected machines running Linux.
From those two facts, it necessarily follows, that means it is also a certain fact, that if those machines would have ran Linux, the problem would never have occurred.
You argue that "malicious scripts" could be used to bring down Linux. But, your argument is not based on any facts. You admit that malicious scripts were not used.
We could speculate about a million things, but that would not change the fact that the problem would not have occurred IF those machines were running Linux.
Sure Linux machines can be attacked, sure bombs can be exploded, sure we could all die from alien invasions... but all of that is just speculation.
When you have some FACTS that the problem would have occurred even if Linux was used, please provide them. But if you are going to keep speculating, I not going to waste my time responding.
If someone says he and his monkey have nothing to hide, they almost certainly do.
State of Colorado is strictly a Windows(TM) shop. I know this because we're in the middle of a software deal with them right now and they refused to consider our software for any platform other than Windows, and made a huge point of telling us that they're EOLing all their proprietary UNIX boxes and moving their functions to Windows.
They even know that many outside organizations that their systems interface with don't use Windows, but they view those shops as having irrational fear of Microsoft.
Anyone can feel free to disagree with them, but you have to admit it makes administration and architecture a lot more simple if you only have on OS vendor.
Someone is WRONG on the Internet!
obviously the IT person managing their information systems wasn't on top of the issue enough. If this person couldn't even handle something simple like keeping Windows systems 'virus free'... what makes you believe that they can quickly turn around a linux installation. Also, its quite likely that the place is running some custom applications for the business processes on top of windows... this would all have to be ported over to run in Linux. Plus training, Plus support, etc etc... the costs are too high for a situation where a 'quick fix' is needed. They may be able to look at Linux as a future option... but their most important task right now is to get what they had running back up and apply new policy that restricts how pcs are used on their network (use firefox, proper patching, AV software, etc).
Uhmm.. CoolWebSearch has so many variants now that NO spyware remover can do them all. I have one user who will need a total rebuild to get rid of it as NOTHING seems to clean it permanently (comes back within 24 hours).
It's only going to get worse. Never thought I'd start recommending Apple but under the current circumstances...
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
The presence of any virus at a DMV raises serious risks of identity theft through keystroke loggers, sniffers and god knows what else. If I lived in Colorado, I would apply for a replacement drivers license as soon as they get their sh*t together. Since that could take years based on the incompetence shown in the current situation, maybe it's time to establish residence in another state.
We are the 198 proof..
In response to some other comments, it should be obvious to all that in a crisis/recovery situation, you don't switch OS's or other major changes, so they should recover to whatever they are using now ... but long-term (if they are running Windows), they may want to consider Linux. And yea, there are other issues in terms of admin expertise/capability/etc. in terms of their ability to look at other solutions.
And finally, consider posting with a username, since The Incredible Hulk SMASHES Anonymous Cowards! ;-)
Hulk SMASH Celiac Disease
"Install linux".
.JPG, and .JPEG files at the firewall level. We ensured patches were updated to protect us, and we have a three week 'cooling off' before we reinstitute jpegs to have access to the network.
/.ers are happy to jump on the "Windows Sucks" bandwagon but when it's Linux... must be something else. I have respect for both OSes, but both have to be administered right to work to their effective levels.
Give me a break. Linux is great, but if the applications, databases, etc... run in a Windows environment it's going to be a HUGE undertaking (not to mention cost) to convert over to Linux.
The problem with Windows is, that it requires good sysadmins who keep on top of patches, on top of virus updates, implement firewalls properly at the internet edge, and lock down the domain to ensure that nobody can do anything stupid at their workstation. At my work, the second the JPEG vulnerability was found out about, we disabled
The Colorado DMV is just an example of poor system administration. This is not a Windows or Linux/Unix problem, it's a problem of idiocy. And if you are a stupid sysadmin, then Linux or Windows -- you are going to get nailed. It's just funny how when Windows gets nailed
The price is always right if someone else is paying.
I'm fairly sure he meant "homogenus computing environment" on a global scale, not business scale. Of course it makes sense to be homogenus within a company for exactly the reasons you presented.
But it becomes an issue when, for example, your state DMV (which processes hundreds of thousands of records holding all sorts of private and critical information) is running the same software as John Q Solitaire. There's no reason for that.
It's not security through obscurity, it's security through diversity... just like your house key won't open the neighbor's door. No single exploit should be able to expose ALL systems to risk.
=Smidge=
Monoculture has little to do with it. Macintosh is a monoculture and you don't see MacOS deployments getting hit like this.
A Pirate and a Puritan look the same on a balance sheet.
Colorado has an interesting system... They do not print licenses at the individual offices anymore. Entire process took around 10 minutes from door to door... Paid the $16, took eye exam, did fingerprint verification, and had my picture taken. Got a piece of paper indicating my license was renewed and recieved the actual license in the mail about 5 days later.
The problem with moving to linux is moving all of the data/software to linux. I somehow doubt that there is a linux software solution that has out of the box functionality that will meet the needs of a DMV. Using WINE or some other sort of software to run the existing software under linux raises questions about compaitibility/etc...
Many government operations type centers could utilize linux/openoffice to provide a fairly seamless transition, but the DMV requires lot of specialized functionality to operate. These systems will also have to interact with other existing systems in different areas of public service (Police, etc).
Granted, future software could be developed for doing license/title/etc registrations, renewals, etc... but that will incur cost even if it is built on a free platform such as linux.
They definately need to migrate the systems to a modern OS that is more secure/updated (In looking at the screen, it appeared they were using a WIN9X version)... But for the aforementioned reasons, it appears that linux would end up costing the same or more than migrating the existing systems to win2k or winxp continuing to using existing applications.
As a State of Colorado IT person, I can say that the departmental budgets in the state vary widely, from Departments that need the state to provide shared computing resources to large scale independant farms that are patched, firewalled, and ids'd to the hilt.
Of those, the DMV falls somewhere inbetween with a lot of mainframe (virus immune) resources, accessed by a bunch of w/32 (virus exposable) workstations, spread out over a LARGE geographical area, further, they were really hard hit when the tax funds left colorado after the Dot Com and Telco stuff went belly up.
So, it's your usual overworked, understaffed IT department, only more so over the last few days.
"Draco dormiens nunquam titillandus."
As opposed to joe consumer writing a fix? Seriously folks, that argument only works on paper. When an exploit shows up for a linux box, we all look to the vendor for a patch. How many people actually have the time to disect the exploit, examine the offending code (both in the exploit and the target) and then write and validate a patch? The only difference between Microsoft and all the other Vendors is that Microsoft is slow as hell about certain patches. Don't start spouting open source rhetoric.
... and yet no one noticed.
-m
From my experience, someone who solves PC problems by doing fresh installs solves PC problems by doing fresh installs regardless of the operating system. Linux may solve the virus problem for the moment but any future problem would probably be solved with a fresh install.
'Same speed C but faster'
With how difficult it is to patch Windows through Windows Update with an active internet connection (on a fresh install) without getting any intrusions you'd think Microsoft would have included some way to limit internet connections to their server only in some sort of "Safe Patch Mode".
I remember my days as an assistant to the Sysadmin at my high school. The sysadmin was a real jerk and often times clueless.
In addition to being one of the few people still using netscape 4 (this was after mozilla 1.0) this guy was certain that his 56k modem could exceed the 56k limit because he had ultra clean phone lines installed. I declined to ask him to explain that; opting instead to walk off in a daze muttering.
Photos.
Switching to Linux would send their TCO Skyrocketing! Does anyone think that TAX DOLLARS should be flushed by wasting money on LINUX?! They need to Get the facts!
(Ignore my sig, it's a paid promotion)
If this indeed is a virus/trojan/spyware//Microsoft Windows(TM) problem...
Why do DMV employees need internet access in the first place?
If they need email to communicate with other employees, 99.99999999% of it can be handled via an internel email network - no internet needed. _No one_ particularly needs an @co.dmv.gov email address.
Why does a DMV employee need IE connected to the internet? Short of "Internet" being part of it's name, there's no reason. Any "IE only" network applications they might be using should be on an "internal only" accessible network.
This is ridiculous - DMV/Govt. employees DO NOT need to have internet access to do thier jobs. Cut them off and save millions of taxpayer dollars.
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
They have said that people whose licences are coming up for renewal get a 30-day extention.
But, I don't know that airline workers everywhere know this - I think if your licence is up for renewal now you'd be smart to take some other form of ID with you when flying!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Actually, some might be able to argue that the LSB is in a way a monoculture. The LSB is good since it gives software vendors a common base rather than having to develop a package for different distributions. But, would the LSB also be an invitation to would-be virus writers? As Linux grows in popularity, we can expect to see more virus attempts. Of note, another reader said the McAfee has an antivirus for Linux. It is called McAfee LinuxShield. http://www.networkassociates.com/us/products/mcafe e/antivirus/fileserver/linuxshield.htm
Another question is that as more and more users migrate from Windows, we they also be migrating the bad Internet practices that many of them have? On the whole, I believe that Linux users today tend to be more Internet savvy than users of Windows in that they are familiar with and regularly implement good Internet practices such as using a user account for every day purposes such as surfing the web and reading email vice using a root account or one with root access. That being said, if Windows users also migrate their bad habits, then Linux can be more vulnerable in that respect than it currently is. As we spread the word about Linux, then we should also be willing to teach them vice saying things like "RTFM".
Linux by its UNIX-like nature, even if it were monoculture, is not nearly as susceptible to virus attacks as Windows. This is one of Linux's most valuable features.
Get some.
At my DMV the PCs are usually just using some dumb terminal telnet app to an old mainframe somewhere. It does seem like linux would be the way to go here. ... newer apps are mostly web and java based. /I don't use linux
that a good sysadmin can make even a Windows system shine. I know I do :)
The price is always right if someone else is paying.
Virginia had unusually lax license rules, and by and large the 9/11 hijackers took advantage of them. Rightly embarassed by this, Virginia has redone their licenses recently. Even if you just want your license renewed, you have to provide (at least for the first time) some seriously severe proof of ID -- a birth certificate or passport works. Even your old license doesn't qualify as a proof of ID at the DMV for the new one!
Anyway. So now Virginia has one of the most scrupulous license regimes in the country. But no, it doesn't have a magstripe. And no, I didn't have to provide a fingerprint. You're just full of it, it appears.
I know that at least the last time I renewed my license in person (1998 or 1999,) the Oregon DMV's terminals ran on OS/2. The back-end computers ran on something proprietary, and were constantly causing problems, which made the news.
On a barely-related note, a local conservative talk show host had a show where he was talking about the evil of Microsoft, and, even though I agreed with him on this point, I called in to be the only dissenting voice. He argued that MS was a monopoly, and I pointed out Apple and IBM, and he asked me to name one major organization that used IBM. I mentioned the DMV, and he goes "Well, that's the DMV, what do they know?" Totally dismissing all of my arguments because I used the DMV as an example. Since then, I haven't been able to stand most 'extremist' talk show hosts (including the extremist liberal ones.)
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Nah...the greatest advantage that Linux has is that no one uses it, so virus writers don't target it.
I could see the department pointing to this argument next time the budget is produced, but I don't buy it. The issue is not that they have insufficient resources to hire qualified IT staff, it is that they are too short sighted to see that a qualified staff will lead to lower costs in the long run.
I hope Colorado voters wonder why the department had enough money to mail out 30 day extensions to everyone; that cannot be innexpensive (even assuming 1/12th of registered vehicles). I am willing to bet that the department has also had major hardware upgrades in the last couple years. It is planning and working with what is available, not causing an uproar and trying to get more that we want our governments to be doing.
I can't go to my boss and say I need a raise because I don't know how to take care of my computer. Don't let your state ask you for a raise with that excuse.
I don't know what they're using now, but a couple of years ago I stood in line for renewal for two hours before they sent us all home with an IOU for our licenses becaused the computer that controlled the printers from the central office in Denver was down. I thought it was idiotic to set things up so everything could be done to update things in the system and you still couldn't get the things printed because control for that came from somewhere else. Someone's never heard of K.I.S.S.
For improper use of "begs the question".
-- $SIGNATURE
For some unknown reason the graphic artist running the iMac continues printing up page after page of 30-day extension stickers...
All while listening to iTunes...
> and if everyone would switch to Linux it would be as you state,
... the list goes on.
> a homogenus computing environment - which would be bad as well.
I disagree. Each distro is slightly different from the next in non-trivial ways. They have different packaging systems, they open different ports by default, they have different default web browsers, different default email clients
Individual companies, organizations and agencies can customize their OS so that it differs even more from the norm. They can simply, for instance, only open port 15395 and communicate through that port via ssh and nothing else. They can have only the tty programs installed, and no client software from which other Linux users might be getting viral infections. Heck, they could run Linux on ARM or PowerPC processors if they wanted to, and that would really make the x86-based Linux viruses less than irritants to them.
Linux is sort of more a *class* of operating systems, not a singular operating systems. Even better, it's similar to other POSIXish systems, so you could mix it with FreeBSD and OS X and Cygwin (interesting idea, that) and others, and you'd have similar methodologies all over the place, but you would not have a homogeneous environment.
But, yes, I agree that you can't just spontaneously shift large organizations across operating systems given the OS dependence of many programs. Still, this is the sort of thing that organizations really, really should think about when they're signing onto a platform in the first place -- use Java, use web apps, use stuff based on Qt or Perl or Python or maybe even ".NET". Use a centralized server for the applications and use the machines as a terminal, or squeeze the testicles of your supplier until they offer cross platform friendly applications.
When I write Linux applications, I write them in Perl and C++/Qt instead of C++/KDE. More often than not, after I fool around with an app, I can take it to work and just recompile it (or, in the case of Perl, run it straight away) on my Windows 2000 machine, or I could upload it to our FreeBSD server and run it on that. Holy crap, this sort of thing should be *natural* to programmers. I'm not all that experienced, and I can clearly see that this would really solve some major problems for consumers and clients.
--
-JC
http://www.jc-news.com/parse.cgi?coding/main
http://www.jc-news.com/coding/freedom/
Up until a few years ago, Colorado was one of those states that would laminate driver's licenses on the spot, much like a high school ID.
This is one of those damned if you do damned if you don't things.
Office issuance clearly has the advantage that the person gets the license immediately, as opposed to some piece of paper, which may or may not work as ID if the person needs it immediately. It doesn't give them a very good feeling.
Office issuance has the problem that the offices themselves are often not that hard to break into, and then people steal the printer, blank cards, hologram rolls, et cetera. Honestly, you can count on that happening within 2 weeks of a state introducing a new licensing system.
Central issuance has the advantage that the machines are harder to steal. Further, the sillyness of license fraud (see my signature for more details) means that we are going to faster upgrade cycles. States can just upgrade the central machines instead of putting new machines into each office (in Ohio that would be over 220 office.)
Problem? You need to have amazingly good auditing and security measures. Consider the fact that California issues all their licenses centrally and that, if you do the math, that means that they issue at least 25,000 a day. Someone with particularly good access could probably figure out a way of getting an extra 1000 out, and no one will notice the difference.
So fraud is easier with office issuance, but if you can do it with central issuance, you can really go to town.
I have no clue that the hell that writter for the Denver Post (or whatever) was saying in the Thursday article linked to on the Slashdot post was saying. It sounded like the all too common techno-bullshit that you hear these "H@ck3rz: @ l33t Thr3@t to @m3ric@" authors are saying these days. They talk to a few "script-kiddies" (aka. their IT guys) who talk the t@1k but are complete morons who think within the "boxen". Don't bother looking for that book title either, you will have an easier time finding a knowledged tech in a school district.
The greatest security advantage that Linux offers is that it is a relatively small target.
Yes, that's why there are so many exploits for Apache, and so few for IIS - because Apache has such a large market share, right?
Market segment has nothing to do with security.
They seem to be analyses that comprehend the exact time lapse that minimizes the licencing cost (just the time before you got to renew your Software Assurance subscription), and for sure this kind of "unplanned maintenance" has not been taken into account.
Well i guess they didn't upgrade to XP to be the most insecure you can be oh sorry, the most secure.
People have seen it coming for a long time.. MS is going down hill.. but it will take a while as they have 34 billion to waste first.
Then again why is microsoft one of the only companies that are not in the red..
Go figure eh.
Why don't they just plug in SkyNet? It'll eradicate the virus in under a minute.
your a dick - its not a migration
They have someone that knows what they are doing - hence they are reinstalling. Once a machine has been infected with a virus, you can't trust it. Erasing everything and starting over is the only way you can (mostly) trust it....
- No viruses.
- No Windows.
- No worms.
- No web surfing.
- ...
Of course, if you are trying to cut-and-paste between email and the database, this sort of advantage is quickly lost. Similarly, if you are going to try to locate something with Google and put it in the database that would be a problem as well. But, it would seem that the DMV wouldn't be doing much of that.The big downside, which was alluded to above, is there aren't many "mainframe terminals" (3270-type) around and just about everybody is doing emulation on a PC. This has the nasty effect of combining the PC disavantages with the mainframe disadvantages, but you still see systems implemented this way.
I guess another point is a 15" LCD monitor and a legacy-free PC probably draw less power than a mainframe terminal would. So, I wouldn't make a decision like that based on power consumption, and I certainly wouldn't crow about power consumption with what they are doing.
So, anybody know of a good TN3270 package for Linux?
+5, Don't be hating
OKEY I Know Windows has flaws but LINUX HAS FLAWS ALSO
4 09 _jpeg_tool.mspx
The problems with windows is its popularity
For bad windows administrators just follow the link in order to prevent problems okey
and please read the instructions just like a good Linux Administrators will do.
http://www.microsoft.com/security/bulletins/200
Easy!!!
adal_drake_wolf
is that it is a relatively small target.
Not true at all if all linux servers were attacked with something that worked most of the internet would be disabled. Due to a linux box been able to take at least 10 times the load of a windows box the full network could be disabled.
Number one Linux distos trys not annoy people by charging them more money than what they can afford. (You normal don't pirate linux stuff no reason to)
Pirate copys never normally get the patched so provide a welcome virus home.
Number two linux distros is prepared if required to completely distory and replace a defective package.(I could not see windows ever doing this one).
Number three most packages have a twin developed independ so a error on one is not in the other so defect can be by passed.
http://shit.slashdot.org/article.pl?sid=04/09/23/1 617242
ya, lets consider changing to a totally different OS, that may not be able to run any of the software used by the DMV day to day, that may not be able to access any of the DMV's huge databases just because there's a virus outage.
dumbass.
how bout we just revoke all licenses and let the drivers run wild for 6 months instead, the results will be the same.
George Bush + Linux = "I will not let information get in the way of the fight against Windows"
Indeed. As evidenced by this article, I'd say you are right...the world is a complicated place.
You seem to neglect, out of hand, the parent's idea - which I happen to think is a reasonably rational idea to consider. Why, exactly, does everyone at the DMV need e-mail, internet, streaming apps, etc?
...informitive my ass,
...reality is that people find MS OS's far easier to use, but it is up to the admin to make the network secure, not MS. (Most linux users apply security when they cfg the OS, but then, most linux users have a bit of a clue about security, most MS users don't, add that with the market share of desktops and you can see a reason most problems seem to be on MS OS's)
"These people who run networks for $8/hr probably don't run networks with 250,000 users across 318 sites like I do."
you cannot be an admin based on your post! You sound like one of the admin's $8/hr support techs...
"some kind of antivirus filter on the mail server protects you only from non-zero day exploits, and only those that travel through email. The same is true for antivirus software on the workstations."
(admin's know what software is used on thier email server(s)...)
Proper presentation and cost effective solutions are part of any Admins job, so if upper management isn't supportive of the network security team, then do a better job explaining the cost of downtime on productivity and incured cost of remote users losing potential clients/income, they can understand the allmighty $$$$$$$$$$$$$$$$$.
The admins are at fault if the systems workstations are comprimised, not the OS maker.
In case anyone thinks this is false, remove all the security you have in place, forget the firewall hardware or software, install your choice of linux or MS os's, and use only the defaults, then wait to see how long it takes untill your system is broken into (not some virus or BOH hack, a real intrusion from someone trying to get in without user help from an installed trojan), and I can assure you that any OS will be comprimised. Next reinstall the OS and actualy do the proper admin thing, and secure your network and OS, and wow, guess what, if you know how to secure the network and the OS then you WILL NOT have any issues...(this includes locking users out of installing anything, and closing any service that isn't needed, without admin approval, on linux or MS OS's).
Isn't it amazing that actualy securing the network and workstations, makes the OS choice a mute point. Just use the OS that supports the apps you have to use, and use proactive administration to keep the network safe and secure...
I have a WAN that has been up and running for the last four years with one intrusion, due to a mistake by an assistant admin that let a user install an untested application, (he was fired for this), and the only damage was 30 minutes of the workstation being down, while it was reimaged from the network.
It is a Windows 2000 network with the core being Windows 2003(recent upgrade to support Sharepoint services)a few NAS systems running linux(with antivirus on them) and XP pro workstations. 250 sites, 13000 workstations, with 1 problem related to intrusion in 4 years...any other failure was due to hardware...not bad for what most of slashdot calls a POS OS huh...(some ppl just refuse to RTFM when it comes to MS OS's, such a pity...) BTW, never, NEVER, put all your eggs in one basket. Split your network up into smaller domains, use trust relationships or subdomains, and run redundancy on servers. All basic stuff really...
Users don't complain about much other then some sites being blocked, owners love the 99.99% uptime (any downtime is after hours, and that is only for updates that need reboots. Linux also needs to be rebooted if the kernel is recompiled for updates, so none of the "linux never needs rebooted" crap). The exec's understand that administration means security of their data, so they don't argue about keeping the systems locked down (if users wanna listen to music, play games, or visit blocked sites, they are free to quit and go home and do so).
Secure the network, secure the OS's, and if you don't know how, hire or contract a person that knows how (avoid zeelots with mindsets that the OS is to blame, they don't know jacksquat compaired to the person that actual RTFM's and understands REAL WORLD security)...
At the very least, it could cause you a goodly delay - if they notice.
But expired identification just sounds like one of those flags that gets you the full body search.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I have just read through many of the comments posted to regarding the system outage at the Colorado DMV. Additionally, I closely read each of the articles in the Denver Post as I actually in the area. The article makes no mention of the operating system used by the DMV nor does it state which virus is causing the problem. Even with that small amount of information all of you have determine the problem must be related with the windows operating system. Have you every consider these possibilities: 1) the reporter did not understand what was being told to him and decided to describe it as a computer virus because that is sensational and will sell more papers; 2) The person who the reporter talked to is probably some type of public affairs officer who is non-technical and was told to say it was a virus; 3) There may be some type of internal system bug and the company that developed the code allow with the agency that paid for it does not want to reveal there incompetence and is creating a simple cover story to get it fixed before they are discovered.
Yes this could be a windows problem, but there is just not enough information in those articles to deduce that. Now unless one of you actually work there and knows the cause of the problem first hand why don't you all just shut up.
Install vmware on linux and run the applications in a virtual server. Take a snapshot when things are good and save it. When production gets infected then wipe out that virtual server and restore a clean one. Of course this would have to happen after cleaning up the other systems that are infected. Not an easy answer but posible.