Slashdot Mirror

← Back to Stories (view on slashdot.org)

Computer Viruses Cripple Colorado DMV

Posted by michael on from the browse-defensively dept.

Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."

4 of 394 comments (clear)

  1. As a Coloradoan... by Chagatai · · Score: 5, Informative
    I've been listening to local radio where they have been talking about this issue for the past couple of days. Apparently, according to the talk show hosts and call-in experts, the real issue is in the system that transfers the licenses to a company in Oregon for print out. Up until a few years ago, Colorado was one of those states that would laminate driver's licenses on the spot, much like a high school ID. Somewhere along the line they decided that these cards could easily be faked, so they started sending them to a company in another part of the country to be produced a la credit cards with "more robust security". Data currently cannot make it to this production company, so the production of cards has been backlogged by as much as 30 days in some cases. Local law enforcement has been told to be lenient on people with expired licenses in recent days due to these problems.

    Me? I'm just happy seeing my Colorado tax dollars at work.

    --
    --Chag
  2. Re:Linux is a virus risk! by mortonda · · Score: 4, Informative
    headquarters refused to allow me to connect my laptop to their network unless I could demonstrate that a reputable virus scanner was checking my machine at least daily.


    ClamAV


    ClamAV gets updated faster than the major AV companies, and some really neat matching algorithms match mutations before specific signatures are released. Very reputable.

  3. Re:Linux is a virus risk!... no, it isn't. by JohnnyNoSPAM · · Score: 3, Informative

    Actually, some might be able to argue that the LSB is in a way a monoculture. The LSB is good since it gives software vendors a common base rather than having to develop a package for different distributions. But, would the LSB also be an invitation to would-be virus writers? As Linux grows in popularity, we can expect to see more virus attempts. Of note, another reader said the McAfee has an antivirus for Linux. It is called McAfee LinuxShield. http://www.networkassociates.com/us/products/mcafe e/antivirus/fileserver/linuxshield.htm

    Another question is that as more and more users migrate from Windows, we they also be migrating the bad Internet practices that many of them have? On the whole, I believe that Linux users today tend to be more Internet savvy than users of Windows in that they are familiar with and regularly implement good Internet practices such as using a user account for every day purposes such as surfing the web and reading email vice using a root account or one with root access. That being said, if Windows users also migrate their bad habits, then Linux can be more vulnerable in that respect than it currently is. As we spread the word about Linux, then we should also be willing to teach them vice saying things like "RTFM".

    Linux by its UNIX-like nature, even if it were monoculture, is not nearly as susceptible to virus attacks as Windows. This is one of Linux's most valuable features.

    --
    Get some.
  4. Re:What the hell by jefftp · · Score: 4, Informative

    First, a firewall doesn't protect you from jack now-a-days. The perimeter is compromised and the enemy is every Windows XP machine.

    It's near impossible to keep a Windows network operational since MSBlast first hit the net. TCP port 445 is every network admins' favorite port--you need it somewhat open for users to get to file shares and it just so happens to be the favorite TCP port of every virus I've encountered over the last six months.

    Second, some kind of antivirus filter on the mail server protects you only from non-zero day exploits, and only those that travel through email. The same is true for antivirus software on the workstations.

    Fourth, you finally got one right, keeping systems updated with patches is the best way to actually avoid most virus/worms. The problem with that is finding an affordable patch management system and actually having someone in upper management who understands why such a system is essential. Usually it takes a massive network outage to get the message through.

    These people who run networks for $8/hr probably don't run networks with 250,000 users across 318 sites like I do. (If they do then they are either crazy or stupid.) When you get to some real numbers of users all your simple rules go out the window.

    One user installing an trojan can and will bring down the network. It's only through heavy-handed use of access-lists and static mac-address-table entries that my network has stayed up acceptably this week while our virus provider analysed three new worm variants.

    Patched workstations would have avoided the problems all together, but I just run the network here, I can't (yet) force the machines to be up to date on patches... come on 802.1x rollout.