Slashdot Mirror
Computer Viruses Cripple Colorado DMV
Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."
There are removal tools out there guys. You don't actually *HAVE* to re-install it to remove an infection. Sounds like the CO DMV needs to hire someone who knows what they are doing!
Bored? Why not join a decent mess
No entity (person, company, or organization) has faced a more damaging enemy than their own mistakes, laziness, and incompetence. [aka. themselves]
Microsoft will be it's own downfall, it's already happening, and will only snowball.
This is probably example #1,542 of thousands to come.
Of course, thank god for the alternatives, without them, no one jumping ship would have anywhere else to go but the cold drink of water below.
It's frustrating to see people/companies/governments stung by things so simple to avoid, especially when one (me, IT people?) feels like the have the "answer" but no one is listening.
(It could be Linux, BeOS, Apple, who knows.... it all depends really)
To me it may be similar to the feeling a doctor has if/when they have a patient who refuses to stop a habit that will eventually kill them, despite being told so to the point of exhaustion.
I'm not sure anyone really WANTS to dislike Microsoft, but they make so many bad mistakes, spit out so many garbage products that it's hard not to. It only frustrates me even more when "users" stick up for them! They need to read "The inmates are running the asylum" and learn about dancing bears, and the other ideas within. Being a power user of bad software does not make you an expert, it makes you blind to the way things really should be.
Sigh.
and you think that because they have one glictch that they should just go off and switch to linux? Oh yeah, that will solve it.
You're a hater, you can read it in your style.
BTW, Firefox browser just had a recent flaw (prior to 1.0) so should I switch to I.E., or upgrade to Firefox 1.0? Your logic is swayed by your hatred towards Windows, as most others who will flame me for writing this.
Hmmm ... speculation, speculation.
Lets say they are running windows, and they don't have the expertise to secure it. What makes you (the submitter) think that they'll be able to run linux properly?
How about blocking all traffic from the DMV department to the internet? Why the hell do their license computers need to be on the net anyways? A local net to talk to your databases and internal email, sure. But internet access?
Weaselmancer
rediculous.
probably means re-installing Windows, but have they considered Linux?
BEGIN LINUX CONSIDERATION
Q) Does it have the custom software we need?
A) No
Q) Do we have the budget, time, or employees with the skill to write it?
A) No
END LINUX CONSIDERATION
Sorry guys, that's just how the real world works.
I don't need no instructions to know how to rock!!!!
What happened to good old fashionned mainframes + thin clients with monchrome screens...
They are issuing liscences, its not like they need anything speciale, windows like, to do that...
Anyways they would probably get better productivity out of this since there is no web access etc etc...
Even the suggestion that they should migrate to linux instead of flattening and reinstalling is premature, and horribly ignorant. A migration to another OS would take a company of that size months, and possibly years to do. Yes it would reduce the TCO, yes few viruses are written for it (so far), but to even suggest that linux would SOLVE their immediate problem is an idiotic proposal.
Cripes, set your zealotry aside and think.
Feed the need: Digitaladdiction.net
Now is not the time to upgrade the entire system to Linux it is time to patch and go. But it is a good time to consider if a full system upgrade should be done, when time is not so critical. An ill planned upgrade will squash the likelyhood of linux getting a good chance. Also it would require getting a good staff of IT guys that know linux and not a bunch of MCSE's.
Giving people that can't even administer a set of windows boxen properly a set of Linux boxen to administer is going to solve what problem, exactly?
As this article points out (http://www.vnunet.com/news/1155836) antivirus software in Linux is pretty rare. But it does exist, if for no other reason than to detect Windows viruses on Linux file servers. Also, as linux gets more popular, I think it's only a matter of time before we see a linux virus that targets one of the major distros.
One glitch?! An entire government bureaucracy is shut down for nearly a week (and who knows how much longer) because numerous computers are crippled is hardly "one glitch."
And considering that the problem would not have occurred if Linux had been used, I'm not sure how you can say, "Oh yeah, that will solve it." Please explain that to me please!
And also please explain how a flaw found and fixed in Firefox has anything to do with Linux.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I wonder if any of the work they do will involve teaching the DMV employees not to open up unknown attachments and other forms of "safer" internet use. All complaints about security holes and stuff aside, there's a good chance this mess started when someone opened an infected email.
I pointed out that my laptop runs Linux, and that there are no Linux viruses in the wild, but they made it clear that that doesn't matter -- any machine without a virus scanner is a risk to their uber-secure network.
Which, if you have a SAMBA share, is true.
"As system administrators move to Linux files servers they have a real problem to deal with since the Linux file server can store Windows-based viruses. Windows-based viruses can write to a Linux/Samba network share as easily as they can on a Microsoft Windows based network. System administrators must protect the Linux server from storing these viruses. The only way is through active antivirus defense on the Linux server itself."
The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?
Yeah, that's a great way to get things back up and running. Introduce a new OS. I'm sure everything will run smoothly after that. Comments like this dont do much to dispell the view that many have of linux proponents: a lack of a grip on the realities of IT.
While considering Linux would be wise, it should be considered a long term solution, not one that will get everybody up and running again. For now, if reinstallation is the best option, you put together a plan to train some people really quickly to do it and fan and and work 24/7 until it's done.
The Linux option should be brought up but not now, that's for the post-mortem meeting.
The reporter is a complete pussy.
Tens of thousands of Detroit drivers are without service, and the DMV rep says:
"People understand that we are living in a computer world."
Uh. The followup question should've been "why the f*** did you let a virus infect a critical computer system?"
In Soviet Russia, I ruled you
I'm sure someone in their organization has. Has the submitter considered the year or two (and LOTS of $$$) it would take to implement such a change?
"The Colorado DMV will be down until early 2006. We thank you for your patience."
Hey Mr. Anonymous:
The Microsoft problem is far more than this one incident and it's not about "hating." For most of us, it's quite far removed from being an emotional concern and more of a prediction of future and larger disasters.
Firstly, Microsoft's vision is a homogenus computing environment. That's DANGEROUS and every computer expert agrees on this point. What could be worse than a single bit of malware crippling more than 70% of all PCs and Workstations? Right! 100% being crippled by said malware. We've seen the lightning fast spread of some malware across the net at rates that are far too fast to remedy in time.
Heterogenus computing is simply dangerous ESPECIALLY when combined with Microsoft's history and handling of even current issues. They have to write an entirely new OS if they want a secure product since the Win32 message queue problem is inherent to the API in such a way that "patching" is impossible. Of course they could create a BSD variant kernel and then build their own "wine" to secure things AND maintain compatibility but their pride takes priority over stability and security.
And finally, you have to consider where Microsoft's core interests lie. There are still companies out there who prioritize customer satisfaction over profit, growth and domination but it's pretty obvious that Microsoft isn't one of them given their choice to abandon MSIE development for "legacy operating systems." Are they running out of money or is this another way to manipulate people onto XP? I don't think cost of development is the motive do you? Honestly?
It's not hate... it's fear.
ny machine without a virus scanner is a risk to their uber-secure network.
They're right, and you're wrong. It's a mindset like that that's gonna get you fucked over. "Oh, I run Linux, which is 100% bug and virus free. There's no *way* that I could have an insecurities on my box." You just keep telling youtself that. That and a tin foil hat will keep you safe. I really hope you're not in IT.
I don't respond to AC's.
First, the inability for the DMV to give out licenses is clearly more than a "minor malfunction." Also, you said "one" glitch. Exactly how are multiple computers being infected "one" problem?
g =l h
Second, how would the use of Linux prevented it? The computers at the DMV were infected by viruses. Those viruses would not have impacted any machine running Linux. Accordingly, it is necessarily true, that if those machines were running Linux, the viruses would not have impacted the machines.
Third, you speculate that other means could have been used to impede those Linux machines. But you are speculating. There is no evidence what so ever that such "malicious scripts" came into play here. You could also argue that even if Linux was used a bomb could have blown up the entire DMV administration building, and you'd have exactly the same amount of evidence to back it up.
Fourth, you analogize that because Firefox has problems, that Linux may have problems. Heck, I'll analogize too. Merely because the BSA has shut down organizations before for using proprietary software, it could do the same to the DMV. Thus, to avoid being shut down by the BSA, everyone should switch to Linux and Open Source.
http://news.com.com/2008-1082_3-5065859.html?ta
To summarize: The machines were infected by a Windows only problem. Thus, not using Windows would have necessarily stopped the problem from occurring.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I have a question, because I don't know the answer. How do you ghost all these machines with a new fresh clean copy of the OS and apps and still retain the data and know that the virus isn't still embedded in the data someplace? Seems like you'd still have to rely on a virus checker/remover, which may or may not find the problem.
And if they do run Linux, what makes you think that the existing software will run on Linux? Remember, the idea here is to get their existing service up and running as quickly as possible, not set up a platform for them to surf the web from instead of doing their actual work.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
Monoculture has little to do with it. Macintosh is a monoculture and you don't see MacOS deployments getting hit like this.
A Pirate and a Puritan look the same on a balance sheet.
DMV software isn't the sort of thing you find on the shelf at Best Buy. The state is probably using custom software that will only run on one platform. They probably either designed it themselves or paid a contractor to do so. Either way, no new charges should be accrued...this sort of thing would be included in a yearly maintenance contract. Rewriting the software in Linux wouldn't be an option and it's embarrassing that somebody would suggest it. It'd be like telling somebody with a sick dog that they should have bought a cat.
"Fresh software" probably means bringing down the whole network, reinstalling and patching all machine operating systems, and then reinstalling the software. This will not cost anything extra in terms of the software -- however, the process will surely be costly in terms of manpower (I'm sure the state doesn't employ enough IT staff for every DMV office) and the state will have to pay for it. My company has had, on occasion, requests to help our customers recover from viruses they did not properly protect themselves from. We charge a premium for this service, because 1) there's nobody else who knows how to do it well 2) we TELL them how to protect themselves, and they still don't do it.
So, in short: no, the "fresh software" won't cost them anything. Installing it, however, won't be cheap. And I'm guessing the state doesn't have a discretionary budget for this sort of thing, meaning something will be getting cut.
Hey freaks: now you're ju
If this indeed is a virus/trojan/spyware//Microsoft Windows(TM) problem...
Why do DMV employees need internet access in the first place?
If they need email to communicate with other employees, 99.99999999% of it can be handled via an internel email network - no internet needed. _No one_ particularly needs an @co.dmv.gov email address.
Why does a DMV employee need IE connected to the internet? Short of "Internet" being part of it's name, there's no reason. Any "IE only" network applications they might be using should be on an "internal only" accessible network.
This is ridiculous - DMV/Govt. employees DO NOT need to have internet access to do thier jobs. Cut them off and save millions of taxpayer dollars.
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
Up until a few years ago, Colorado was one of those states that would laminate driver's licenses on the spot, much like a high school ID.
This is one of those damned if you do damned if you don't things.
Office issuance clearly has the advantage that the person gets the license immediately, as opposed to some piece of paper, which may or may not work as ID if the person needs it immediately. It doesn't give them a very good feeling.
Office issuance has the problem that the offices themselves are often not that hard to break into, and then people steal the printer, blank cards, hologram rolls, et cetera. Honestly, you can count on that happening within 2 weeks of a state introducing a new licensing system.
Central issuance has the advantage that the machines are harder to steal. Further, the sillyness of license fraud (see my signature for more details) means that we are going to faster upgrade cycles. States can just upgrade the central machines instead of putting new machines into each office (in Ohio that would be over 220 office.)
Problem? You need to have amazingly good auditing and security measures. Consider the fact that California issues all their licenses centrally and that, if you do the math, that means that they issue at least 25,000 a day. Someone with particularly good access could probably figure out a way of getting an extra 1000 out, and no one will notice the difference.
So fraud is easier with office issuance, but if you can do it with central issuance, you can really go to town.
...informitive my ass,
...reality is that people find MS OS's far easier to use, but it is up to the admin to make the network secure, not MS. (Most linux users apply security when they cfg the OS, but then, most linux users have a bit of a clue about security, most MS users don't, add that with the market share of desktops and you can see a reason most problems seem to be on MS OS's)
"These people who run networks for $8/hr probably don't run networks with 250,000 users across 318 sites like I do."
you cannot be an admin based on your post! You sound like one of the admin's $8/hr support techs...
"some kind of antivirus filter on the mail server protects you only from non-zero day exploits, and only those that travel through email. The same is true for antivirus software on the workstations."
(admin's know what software is used on thier email server(s)...)
Proper presentation and cost effective solutions are part of any Admins job, so if upper management isn't supportive of the network security team, then do a better job explaining the cost of downtime on productivity and incured cost of remote users losing potential clients/income, they can understand the allmighty $$$$$$$$$$$$$$$$$.
The admins are at fault if the systems workstations are comprimised, not the OS maker.
In case anyone thinks this is false, remove all the security you have in place, forget the firewall hardware or software, install your choice of linux or MS os's, and use only the defaults, then wait to see how long it takes untill your system is broken into (not some virus or BOH hack, a real intrusion from someone trying to get in without user help from an installed trojan), and I can assure you that any OS will be comprimised. Next reinstall the OS and actualy do the proper admin thing, and secure your network and OS, and wow, guess what, if you know how to secure the network and the OS then you WILL NOT have any issues...(this includes locking users out of installing anything, and closing any service that isn't needed, without admin approval, on linux or MS OS's).
Isn't it amazing that actualy securing the network and workstations, makes the OS choice a mute point. Just use the OS that supports the apps you have to use, and use proactive administration to keep the network safe and secure...
I have a WAN that has been up and running for the last four years with one intrusion, due to a mistake by an assistant admin that let a user install an untested application, (he was fired for this), and the only damage was 30 minutes of the workstation being down, while it was reimaged from the network.
It is a Windows 2000 network with the core being Windows 2003(recent upgrade to support Sharepoint services)a few NAS systems running linux(with antivirus on them) and XP pro workstations. 250 sites, 13000 workstations, with 1 problem related to intrusion in 4 years...any other failure was due to hardware...not bad for what most of slashdot calls a POS OS huh...(some ppl just refuse to RTFM when it comes to MS OS's, such a pity...) BTW, never, NEVER, put all your eggs in one basket. Split your network up into smaller domains, use trust relationships or subdomains, and run redundancy on servers. All basic stuff really...
Users don't complain about much other then some sites being blocked, owners love the 99.99% uptime (any downtime is after hours, and that is only for updates that need reboots. Linux also needs to be rebooted if the kernel is recompiled for updates, so none of the "linux never needs rebooted" crap). The exec's understand that administration means security of their data, so they don't argue about keeping the systems locked down (if users wanna listen to music, play games, or visit blocked sites, they are free to quit and go home and do so).
Secure the network, secure the OS's, and if you don't know how, hire or contract a person that knows how (avoid zeelots with mindsets that the OS is to blame, they don't know jacksquat compaired to the person that actual RTFM's and understands REAL WORLD security)...