Slashdot Mirror


Computer Viruses Cripple Colorado DMV

Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."

26 of 394 comments (clear)

  1. What the hell by chrisopherpace · · Score: 4, Insightful

    There are removal tools out there guys. You don't actually *HAVE* to re-install it to remove an infection. Sounds like the CO DMV needs to hire someone who knows what they are doing!

    1. Re:What the hell by GigsVT · · Score: 3, Insightful

      The only way to be sure is to reinstall from trusted, read-only media.

      This isn't some LAN Party box, these are machines with access to millions of people's private data. It's not enough to be "pretty sure".

      I feel sorry for the company you work for, it sounds like they need to hire someone that knows what they are doing.

      --
      I've had enough abrasive sigs. Kittens are cute and fuzzy.
    2. Re:What the hell by Anonymous Coward · · Score: 5, Insightful

      Just about any compromised Windows network is caused by a sysadmin who doesn't know how to properly run a network.
      First, a firewall will prevent most exploits. Second, some kind of antivirus filtering on the mail server. Third, an updated version of some form of antivirus software on workstations to prevent risk by mailer worms that don't get caught by the firewall. Fourth, keep systems updated.
      Is this so difficult for people to understand? If regular users switch to any other OS, you will still have problems with mailer-type viruses. As a result, you will need antivirus on any system that has one available.
      I know this flies in the face of a majority of slashdot readers, but just because you have placebo-effect OS security (for example, "I run Linux or UNIX, therefore, I don't need to worry about having a compromised system" despite not having patched it in a few years) doesn't mean that you shouldn't strive to further secure every system on your network.

      Now, I know of plenty of people that can keep a clean Windows network following the steps outlined. These people make as little as $8/hr. The CO DMV could have prevented this by hiring an intern, shelling out a couple hundred for some quality firewall software (Astaro Linux seems to be fairly easy to use yet secure) and an antivirus package to lock things down in a few days. Problem solved, no need for a full Linux desktop conversion here.
      Carry on.

    3. Re:What the hell by Darth_brooks · · Score: 5, Insightful

      It's fun to play armchair QB.

      Let's assume it's Sasser or blaster that's brought down the network. You'll have to go to each machine, run the removal tool to remove the virus, then patch the system so you don't get infected again. Wash rinse repeat for every infected machine on the on the system.

      Or, you can eliminate the hassle of going to each system by mulitcasting a patched, clean, and perhaps improved system image using Ghost or something similar. Hell you can do that from a central console and never even see the remote machines. Why dick around cleaning up a virus and patching a single box when you can push out a clean image to all the machines remote site?

      I'll wrestle with a virus when a machine absolutly can't be blown away. In an ideal world (where user files are on network drives and gumdrop fairys eat marmalade pies) that's never, but in reality it's once in a great while.

      Now, they may not have the pipe to push an image to all the remote locations, so they're probably stuck sending the lackeys out into the field. That's going to take considerably longer (say, a couple days), but it's a small price for knowing the job is done right, and you're not just fixing up an old home for the same virus.

      --
      There are some people that if they don't know, you can't tell 'em.
    4. Re:What the hell by jd142 · · Score: 4, Insightful

      Unless they're wrong and it's not viruses that are causing the problem but ad and spyware that have infected IE, possibly even acting as local proxies. I've seen some of the nastier ones add their own proxy into the tcp/ip stack and cause all sorts of networking problems. Not to mention the normal problems of popups and redirects.

      Some of them are bad enough that there aren't any good removal tools. From http://www.scumware.com/apps/scumware.php/action:: view_article/article_id::1075329940/topic::Scumwar e,-Spyware,-Adware-&-Malware-Applications/ in regards to the CoolWebSearch malware:

      "Its growing complexity and the difficulty of removing the latest CoolWebSearch variants coupled with decreasing time available have culminated in the decision to stop updating CoolWebShredder."

      And there are others that are just as bad.

      Just because the paper calls it a virus doesn't necessarily make it so.

      A new image, with things like spybot, spywareguard and spyblaster on it should be deployed asap. And switch them all to Firefox.

  2. They are undoing their own future by skrysakj · · Score: 4, Insightful

    No entity (person, company, or organization) has faced a more damaging enemy than their own mistakes, laziness, and incompetence. [aka. themselves]

    Microsoft will be it's own downfall, it's already happening, and will only snowball.
    This is probably example #1,542 of thousands to come.

    Of course, thank god for the alternatives, without them, no one jumping ship would have anywhere else to go but the cold drink of water below.

    It's frustrating to see people/companies/governments stung by things so simple to avoid, especially when one (me, IT people?) feels like the have the "answer" but no one is listening.
    (It could be Linux, BeOS, Apple, who knows.... it all depends really)
    To me it may be similar to the feeling a doctor has if/when they have a patient who refuses to stop a habit that will eventually kill them, despite being told so to the point of exhaustion.

    I'm not sure anyone really WANTS to dislike Microsoft, but they make so many bad mistakes, spit out so many garbage products that it's hard not to. It only frustrates me even more when "users" stick up for them! They need to read "The inmates are running the asylum" and learn about dancing bears, and the other ideas within. Being a power user of bad software does not make you an expert, it makes you blind to the way things really should be.

    Sigh.

    1. Re:They are undoing their own future by Ancil · · Score: 4, Insightful

      It's frustrating to see people/companies/governments stung by things so simple to avoid, especially when one (me, IT people?) feels like the have the "answer" but no one is listening. (It could be Linux, BeOS, Apple, who knows.... it all depends really)
      Or, it could be keeping your Windows box up-to-date with security patches which were released months or even years ago.

      Why is it that when SSH or Linux has an exploit in the wild, everyone jumps in with "there's a patch out to fix it! Woot Open Source!!!"... But when an organization gets owned by Windows bugs which were fixed long ago, people on Slashdot blame Microsoft?

      Even the original poster falls into this trap -- the JPEG buffer overrun was fixed days ago, but you can be sure that lots of people will get "owned" because they ignore the required fixes. These people are somehow going to properly configure Linux and keep it up-to-date? Please. If they switched to Linux their root password would be "".

      You were right about the "simple to avoid", though.. Honestly, how difficult is it to let Automatic Updates keep your Windows box up-to-date? You don't even have to log in for it to work, for goodness sake.

  3. linux? Oh yeah, that will solve it. by Anonymous Coward · · Score: 3, Insightful

    and you think that because they have one glictch that they should just go off and switch to linux? Oh yeah, that will solve it.

    You're a hater, you can read it in your style.

    BTW, Firefox browser just had a recent flaw (prior to 1.0) so should I switch to I.E., or upgrade to Firefox 1.0? Your logic is swayed by your hatred towards Windows, as most others who will flame me for writing this.

  4. Here's a better idea by Weaselmancer · · Score: 4, Insightful

    How about blocking all traffic from the DMV department to the internet? Why the hell do their license computers need to be on the net anyways? A local net to talk to your databases and internal email, sure. But internet access?

    --
    Weaselmancer
    rediculous.
    1. Re:Here's a better idea by Weaselmancer · · Score: 4, Insightful

      True enough, you'd need to disable internet access, down your LAN, then wipe everyone's computer. After that, bring up your LAN - but keep internet disabled.

      As for email, host your own. One net connection goes to the LAN, and another goes to the internet. No gateway, and no web.

      And take a few antivirus steps, such as having the email server strip attachments and images from inbound mail. Run good antivirus software and all that.

      It's all basic IT stuff, really. Windows is vulnerable, users are usually fairly clueless...so prepare for it.

      Or...skip all of the above and get your apps running under WINE. ;^)

      --
      Weaselmancer
      rediculous.
  5. Sure by stratjakt · · Score: 5, Insightful

    probably means re-installing Windows, but have they considered Linux?

    BEGIN LINUX CONSIDERATION

    Q) Does it have the custom software we need?

    A) No

    Q) Do we have the budget, time, or employees with the skill to write it?

    A) No

    END LINUX CONSIDERATION

    Sorry guys, that's just how the real world works.

    --
    I don't need no instructions to know how to rock!!!!
    1. Re:Sure by ViolentGreen · · Score: 4, Insightful

      I think the time is the biggest issue here. Their systems are down, Even if software is available, they don't have the time or manpower to test and impliment their system on Linux.

      This is an emergancy situation. The best thing they can do is get their trusted system running again and then look for other options.

      --
      Not everything is analogous to cars. Car analogies rarely work.
  6. What happened to good old fashionned mainframes by Cyb3r · · Score: 3, Insightful

    What happened to good old fashionned mainframes + thin clients with monchrome screens...

    They are issuing liscences, its not like they need anything speciale, windows like, to do that...

    Anyways they would probably get better productivity out of this since there is no web access etc etc...

  7. Migrate to Linux? Are you kidding me? by Jailbrekr · · Score: 5, Insightful

    Even the suggestion that they should migrate to linux instead of flattening and reinstalling is premature, and horribly ignorant. A migration to another OS would take a company of that size months, and possibly years to do. Yes it would reduce the TCO, yes few viruses are written for it (so far), but to even suggest that linux would SOLVE their immediate problem is an idiotic proposal.

    Cripes, set your zealotry aside and think.

    --
    Feed the need: Digitaladdiction.net
  8. Patching the way to go by pyro101 · · Score: 5, Insightful

    Now is not the time to upgrade the entire system to Linux it is time to patch and go. But it is a good time to consider if a full system upgrade should be done, when time is not so critical. An ill planned upgrade will squash the likelyhood of linux getting a good chance. Also it would require getting a good staff of IT guys that know linux and not a bunch of MCSE's.

  9. Re:Linux is a virus risk! by spooky_nerd · · Score: 3, Insightful

    As this article points out (http://www.vnunet.com/news/1155836) antivirus software in Linux is pretty rare. But it does exist, if for no other reason than to detect Windows viruses on Linux file servers. Also, as linux gets more popular, I think it's only a matter of time before we see a linux virus that targets one of the major distros.

  10. Re:linux? Oh yeah, that will solve it. by Anita+Coney · · Score: 4, Insightful

    One glitch?! An entire government bureaucracy is shut down for nearly a week (and who knows how much longer) because numerous computers are crippled is hardly "one glitch."

    And considering that the problem would not have occurred if Linux had been used, I'm not sure how you can say, "Oh yeah, that will solve it." Please explain that to me please!

    And also please explain how a flaw found and fixed in Firefox has anything to do with Linux.

    --
    If someone says he and his monkey have nothing to hide, they almost certainly do.
  11. How about fresh employees? by dbleoslow · · Score: 3, Insightful

    I wonder if any of the work they do will involve teaching the DMV employees not to open up unknown attachments and other forms of "safer" internet use. All complaints about security holes and stuff aside, there's a good chance this mess started when someone opened an infected email.

  12. Re:Linux is a virus risk! by mreed911 · · Score: 5, Insightful
  13. solving this problem by rtphokie · · Score: 3, Insightful

    The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?

    Yeah, that's a great way to get things back up and running. Introduce a new OS. I'm sure everything will run smoothly after that. Comments like this dont do much to dispell the view that many have of linux proponents: a lack of a grip on the realities of IT.

    While considering Linux would be wise, it should be considered a long term solution, not one that will get everybody up and running again. For now, if reinstallation is the best option, you put together a plan to train some people really quickly to do it and fan and and work 24/7 until it's done.

    The Linux option should be brought up but not now, that's for the post-mortem meeting.

  14. Worst computer related reporting...ever by gorbachev · · Score: 5, Insightful

    The reporter is a complete pussy.

    Tens of thousands of Detroit drivers are without service, and the DMV rep says:

    "People understand that we are living in a computer world."

    Uh. The followup question should've been "why the f*** did you let a virus infect a critical computer system?"

    --
    In Soviet Russia, I ruled you
  15. "Have they considered..." by YrWrstNtmr · · Score: 4, Insightful
    ...but have they considered Linux?

    I'm sure someone in their organization has. Has the submitter considered the year or two (and LOTS of $$$) it would take to implement such a change?

    "The Colorado DMV will be down until early 2006. We thank you for your patience."

  16. Re:linux? Oh yeah, that will solve it. by erroneus · · Score: 4, Insightful

    Hey Mr. Anonymous:

    The Microsoft problem is far more than this one incident and it's not about "hating." For most of us, it's quite far removed from being an emotional concern and more of a prediction of future and larger disasters.

    Firstly, Microsoft's vision is a homogenus computing environment. That's DANGEROUS and every computer expert agrees on this point. What could be worse than a single bit of malware crippling more than 70% of all PCs and Workstations? Right! 100% being crippled by said malware. We've seen the lightning fast spread of some malware across the net at rates that are far too fast to remedy in time.

    Heterogenus computing is simply dangerous ESPECIALLY when combined with Microsoft's history and handling of even current issues. They have to write an entirely new OS if they want a secure product since the Win32 message queue problem is inherent to the API in such a way that "patching" is impossible. Of course they could create a BSD variant kernel and then build their own "wine" to secure things AND maintain compatibility but their pride takes priority over stability and security.

    And finally, you have to consider where Microsoft's core interests lie. There are still companies out there who prioritize customer satisfaction over profit, growth and domination but it's pretty obvious that Microsoft isn't one of them given their choice to abandon MSIE development for "legacy operating systems." Are they running out of money or is this another way to manipulate people onto XP? I don't think cost of development is the motive do you? Honestly?

    It's not hate... it's fear.

  17. Re:Linux is a virus risk! by DogDude · · Score: 3, Insightful

    ny machine without a virus scanner is a risk to their uber-secure network.

    They're right, and you're wrong. It's a mindset like that that's gonna get you fucked over. "Oh, I run Linux, which is 100% bug and virus free. There's no *way* that I could have an insecurities on my box." You just keep telling youtself that. That and a tin foil hat will keep you safe. I really hope you're not in IT.

    --
    I don't respond to AC's.
  18. Re:I'm sure... by shokk · · Score: 4, Insightful

    And if they do run Linux, what makes you think that the existing software will run on Linux? Remember, the idea here is to get their existing service up and running as quickly as possible, not set up a platform for them to surf the web from instead of doing their actual work.

    --
    "Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
  19. Re:I'm sure... by dasmegabyte · · Score: 5, Insightful

    DMV software isn't the sort of thing you find on the shelf at Best Buy. The state is probably using custom software that will only run on one platform. They probably either designed it themselves or paid a contractor to do so. Either way, no new charges should be accrued...this sort of thing would be included in a yearly maintenance contract. Rewriting the software in Linux wouldn't be an option and it's embarrassing that somebody would suggest it. It'd be like telling somebody with a sick dog that they should have bought a cat.

    "Fresh software" probably means bringing down the whole network, reinstalling and patching all machine operating systems, and then reinstalling the software. This will not cost anything extra in terms of the software -- however, the process will surely be costly in terms of manpower (I'm sure the state doesn't employ enough IT staff for every DMV office) and the state will have to pay for it. My company has had, on occasion, requests to help our customers recover from viruses they did not properly protect themselves from. We charge a premium for this service, because 1) there's nobody else who knows how to do it well 2) we TELL them how to protect themselves, and they still don't do it.

    So, in short: no, the "fresh software" won't cost them anything. Installing it, however, won't be cheap. And I'm guessing the state doesn't have a discretionary budget for this sort of thing, meaning something will be getting cut.

    --
    Hey freaks: now you're ju