Slashdot Mirror
Computer Viruses Cripple Colorado DMV
Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."
I'm sure the "fresh software" will be provided free of charge to the state...
Just great. Now I'll have to wait like, 4 hours to get a new picture!
There are removal tools out there guys. You don't actually *HAVE* to re-install it to remove an infection. Sounds like the CO DMV needs to hire someone who knows what they are doing!
Bored? Why not join a decent mess
have they considered Linux?
I should hope not! Don't you realize that Norton Anti-virus doesn't run on Linux? How would they protect themselves from these destructive viruses without every machine devoting a few hours each day to scanning for and eliminating viruses?
I suppose it's understandable that you overlooked this problem, though, I hadn't ever thought of it either until some security brainiacs at a client's headquarters refused to allow me to connect my laptop to their network unless I could demonstrate that a reputable virus scanner was checking my machine at least daily. I pointed out that my laptop runs Linux, and that there are no Linux viruses in the wild, but they made it clear that that doesn't matter -- any machine without a virus scanner is a risk to their uber-secure network.
I sure am glad they explained that to me...
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
How does the JPEG exploit affect the DMV? Are the lines so long because the agents are looking at pr0n all day long?
"I make people like me... WITH VIOLENCE!" - ATHF
The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?
Oh, brilliant idea. Why, they could have their entire statewide system gutted, upgraded to Linux, re-designed, re-written, tested, debugged, deployed, up and running in the time it takes Gentoo to boot!
Obliteracy: Words with explosions
No entity (person, company, or organization) has faced a more damaging enemy than their own mistakes, laziness, and incompetence. [aka. themselves]
Microsoft will be it's own downfall, it's already happening, and will only snowball.
This is probably example #1,542 of thousands to come.
Of course, thank god for the alternatives, without them, no one jumping ship would have anywhere else to go but the cold drink of water below.
It's frustrating to see people/companies/governments stung by things so simple to avoid, especially when one (me, IT people?) feels like the have the "answer" but no one is listening.
(It could be Linux, BeOS, Apple, who knows.... it all depends really)
To me it may be similar to the feeling a doctor has if/when they have a patient who refuses to stop a habit that will eventually kill them, despite being told so to the point of exhaustion.
I'm not sure anyone really WANTS to dislike Microsoft, but they make so many bad mistakes, spit out so many garbage products that it's hard not to. It only frustrates me even more when "users" stick up for them! They need to read "The inmates are running the asylum" and learn about dancing bears, and the other ideas within. Being a power user of bad software does not make you an expert, it makes you blind to the way things really should be.
Sigh.
and you think that because they have one glictch that they should just go off and switch to linux? Oh yeah, that will solve it.
You're a hater, you can read it in your style.
BTW, Firefox browser just had a recent flaw (prior to 1.0) so should I switch to I.E., or upgrade to Firefox 1.0? Your logic is swayed by your hatred towards Windows, as most others who will flame me for writing this.
Pr0n in governemnt?
The prince of Bel-Air installs it?
The pack Dentine in with the restore disks?
*rimshot*
Always going forward, 'cause we can't find reverse.
How many people bet the headline should have been that?
Alternate joke: Things have ground to a halt at the DMV? You mean it's been more than 5 minutes since the doors opened?
Blaze a trail to the New World
How about blocking all traffic from the DMV department to the internet? Why the hell do their license computers need to be on the net anyways? A local net to talk to your databases and internal email, sure. But internet access?
Weaselmancer
rediculous.
probably means re-installing Windows, but have they considered Linux?
BEGIN LINUX CONSIDERATION
Q) Does it have the custom software we need?
A) No
Q) Do we have the budget, time, or employees with the skill to write it?
A) No
END LINUX CONSIDERATION
Sorry guys, that's just how the real world works.
I don't need no instructions to know how to rock!!!!
What happened to good old fashionned mainframes + thin clients with monchrome screens...
They are issuing liscences, its not like they need anything speciale, windows like, to do that...
Anyways they would probably get better productivity out of this since there is no web access etc etc...
Even the suggestion that they should migrate to linux instead of flattening and reinstalling is premature, and horribly ignorant. A migration to another OS would take a company of that size months, and possibly years to do. Yes it would reduce the TCO, yes few viruses are written for it (so far), but to even suggest that linux would SOLVE their immediate problem is an idiotic proposal.
Cripes, set your zealotry aside and think.
Feed the need: Digitaladdiction.net
Now is not the time to upgrade the entire system to Linux it is time to patch and go. But it is a good time to consider if a full system upgrade should be done, when time is not so critical. An ill planned upgrade will squash the likelyhood of linux getting a good chance. Also it would require getting a good staff of IT guys that know linux and not a bunch of MCSE's.
One glitch?! An entire government bureaucracy is shut down for nearly a week (and who knows how much longer) because numerous computers are crippled is hardly "one glitch."
And considering that the problem would not have occurred if Linux had been used, I'm not sure how you can say, "Oh yeah, that will solve it." Please explain that to me please!
And also please explain how a flaw found and fixed in Firefox has anything to do with Linux.
If someone says he and his monkey have nothing to hide, they almost certainly do.
Who to root for, the viruses or the DMV? A conundrum if there ever was one...
I wonder if any of the work they do will involve teaching the DMV employees not to open up unknown attachments and other forms of "safer" internet use. All complaints about security holes and stuff aside, there's a good chance this mess started when someone opened an infected email.
Me? I'm just happy seeing my Colorado tax dollars at work.
--Chag
The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?
Yeah, that's a great way to get things back up and running. Introduce a new OS. I'm sure everything will run smoothly after that. Comments like this dont do much to dispell the view that many have of linux proponents: a lack of a grip on the realities of IT.
While considering Linux would be wise, it should be considered a long term solution, not one that will get everybody up and running again. For now, if reinstallation is the best option, you put together a plan to train some people really quickly to do it and fan and and work 24/7 until it's done.
The Linux option should be brought up but not now, that's for the post-mortem meeting.
The reporter is a complete pussy.
Tens of thousands of Detroit drivers are without service, and the DMV rep says:
"People understand that we are living in a computer world."
Uh. The followup question should've been "why the f*** did you let a virus infect a critical computer system?"
In Soviet Russia, I ruled you
Would anyone actually notice the slowdown? This is the DMV after all.
"Somedays we don't let the lines move at all. We call those days weekdays."
He said something to the effect of ' ... my parents said give us a good reason why we need a computer ...' . Almost instantly, 3 people in the room said 'Where else would you install anti-virus software' .
Microsoft has a serious image problem right now, and it does not look like its going to get better any time soon.
All you touch and all you see is all your life will ever be
I'm sure someone in their organization has. Has the submitter considered the year or two (and LOTS of $$$) it would take to implement such a change?
"The Colorado DMV will be down until early 2006. We thank you for your patience."
Viruses are a universal problems with "computers". Ofcourse, that's to be expected when most people relate computers to Windows.
It's not a "computer world" you're living in, it's a "Windows world".
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
The so-called convenience of having a standard OS with which most people are familiar coupled with concerns over the amount of money it would cost to convert to another OS are things to consider about migrating to a new system.
Unfortunately, Linux, BSD, and other alternatives still scare some upper management. If the cost of migrating + training is still a determining factor, then they should also weigh the risks of maintaining their current OS. That is, the cost of down time, man-hours to correct problems and get systems online as well as meet the needs of the public, and the cost of compromising controlled information such as privacy data.
How much damage will it take to consider a new system? How much money does a company or organization need to lose before the cost of migrating seems to be a viable option? How many compromises in security will it take? Microsoft's security exploits, among a host of other things, are well documented in daily news.
But, hey... Microsoft says that they deliver a better and more secure product. The news speaks louder than rhetoric. I recommend that open source community partners in that state contact their representation in a professional manner to help bring awareness that there are other options available.
Get some.
...issue? Part of the problem with viruses beyond the fact that many OSes still ship with pretty lax security, is the way that PCs are actually implemented when put into a networked environment. The implementation is dictated by the policies of the organization. Too many organizations do not put enough thought into what users should and shouldn't be allowed to do at EVERY level of computer use. Some of this is due to the fact that these organizations can't afford a decent admin due to being underfunded. Another cause is that many of these orgs also think that computers should be a "set it and forget it" kind of thing.
So how can this be addressed? Probably the first thing to do is GET A DECENT ADMIN and IT staff. Since we are talking the BMV here, this means better funding for the BMV to attract a decent admin and IT staff who will demand more pay. Which means... that taxes will have to be increased. Which means that indirectly, the tax payers who vote down county levies are are responsible.
Another thing that can be done once you have a decent admin is to set up a very detailed policy about what users are and aren't allowed to do on a machine. This includes whether or not they can even access external resources on the web (No external web mail during work time, etc...). Regarding the channel of e-mail for mass mailing worms, all mail should be filtered through a virus scanning and spam filtering appliance like the Barracuda Networks Spam Firewall.
If the environment is such that it demands that users be able to access external web resources, a remote application server (with automatic virus protection) running on a separate network should be used for all external web browsing. If they are accessing an internal resource, they can use their local browser. This way if the app server gets hit with some kind of worm or virus, it won't infect their system as the only connection would be over X , RDP or Citrix ICA.
Is all of this a pain in the ass to both implement and live with? Most certainly. Will the users complain? Count on it. Will it buy you a lot more protection against the worms and viruses today? Yes. It's just a question of which environment is more of a pain in the ass for you. One where you are constantly dealing with users that are infecting their machines and taking down the network so that productivity grinds to a halt? Or one where users gripe for a bit about the new restrictions, but you have far fewer or no virus/worm incidents? The choice as they say, is up to the peoplpe with the power to rethink these things.
Un-news
Or the next thing you know, some sick computer hacker will get in there and start sending tax bills to rich people.
God forbid some 'sick hacker' do such a thing.
Hey Mr. Anonymous:
The Microsoft problem is far more than this one incident and it's not about "hating." For most of us, it's quite far removed from being an emotional concern and more of a prediction of future and larger disasters.
Firstly, Microsoft's vision is a homogenus computing environment. That's DANGEROUS and every computer expert agrees on this point. What could be worse than a single bit of malware crippling more than 70% of all PCs and Workstations? Right! 100% being crippled by said malware. We've seen the lightning fast spread of some malware across the net at rates that are far too fast to remedy in time.
Heterogenus computing is simply dangerous ESPECIALLY when combined with Microsoft's history and handling of even current issues. They have to write an entirely new OS if they want a secure product since the Win32 message queue problem is inherent to the API in such a way that "patching" is impossible. Of course they could create a BSD variant kernel and then build their own "wine" to secure things AND maintain compatibility but their pride takes priority over stability and security.
And finally, you have to consider where Microsoft's core interests lie. There are still companies out there who prioritize customer satisfaction over profit, growth and domination but it's pretty obvious that Microsoft isn't one of them given their choice to abandon MSIE development for "legacy operating systems." Are they running out of money or is this another way to manipulate people onto XP? I don't think cost of development is the motive do you? Honestly?
It's not hate... it's fear.
I may be oversimplifying the problem, but why don't they go to OSS. Afterall, don't their software needs boil down to 1) relational database, 2) (small size) digital photography, 3) some internet connectivity to share info with the main database, and 4) word processing with mail-merge? OSS should have good software for all 4 functions. I don't see anything that they need that the rank-and-file can't run on a hardened linux variant. Once the system is setup properly, they can lock it down to prevent tampering - easier to do than on windows. The only downside I see is that they may miss MS Solitare and other PC games - maybe that's the holdup ;)
I went to renew my car registration this past year and while stting down at the counter with the clerk, I noticed a little yellow sticky on the lower part of her monitor:
[sticky]
Password
password
(all lowercase)
[/sticky]
Made me feel nice, warm, and fuzzy...next year, just renew it myself (now where is a yellow sticky when you need one?)
I suspect they will we continue to see and hear/read more about these type of incidents....I also believe we will start to see incidients at that related to non Windows based systems because
(a) as *nix/OSS is taking a deeper foothold in systems, more flaws are bound to show up
(b) MS will make sure that those incidents get reported to as many outlets as possible to show people that it's not just them.
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
...I'm just happy to see Colorado tax dollars come here.
First, the inability for the DMV to give out licenses is clearly more than a "minor malfunction." Also, you said "one" glitch. Exactly how are multiple computers being infected "one" problem?
g =l h
Second, how would the use of Linux prevented it? The computers at the DMV were infected by viruses. Those viruses would not have impacted any machine running Linux. Accordingly, it is necessarily true, that if those machines were running Linux, the viruses would not have impacted the machines.
Third, you speculate that other means could have been used to impede those Linux machines. But you are speculating. There is no evidence what so ever that such "malicious scripts" came into play here. You could also argue that even if Linux was used a bomb could have blown up the entire DMV administration building, and you'd have exactly the same amount of evidence to back it up.
Fourth, you analogize that because Firefox has problems, that Linux may have problems. Heck, I'll analogize too. Merely because the BSA has shut down organizations before for using proprietary software, it could do the same to the DMV. Thus, to avoid being shut down by the BSA, everyone should switch to Linux and Open Source.
http://news.com.com/2008-1082_3-5065859.html?ta
To summarize: The machines were infected by a Windows only problem. Thus, not using Windows would have necessarily stopped the problem from occurring.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I for one welcome the immanent arrival of our Linux-virus writing overlords.
Their big challenge: how to port Internet Explorer, Outlook and Visual Basic to Linux and integrate them in such a way that Linux users can't remove the offending code, so there are huge holes to exploit, and built in distribution systems to make exploits into worldwide virus catastrophes.
Step 3: Profit!!
[Patty and Selma on working at the DMV]
Patty: Some days, we don't let the line move at all.
Selma: Yeah, we call those weekdays.
I have a question, because I don't know the answer. How do you ghost all these machines with a new fresh clean copy of the OS and apps and still retain the data and know that the virus isn't still embedded in the data someplace? Seems like you'd still have to rely on a virus checker/remover, which may or may not find the problem.
I recently found this tool, it has helped me out with removing virii/malware. http://www.sysinternals.com/ntw2k/freeware/autorun s.shtml
----------
Why do I always get error code ura:A55h013?
In response to some other comments, it should be obvious to all that in a crisis/recovery situation, you don't switch OS's or other major changes, so they should recover to whatever they are using now ... but long-term (if they are running Windows), they may want to consider Linux. And yea, there are other issues in terms of admin expertise/capability/etc. in terms of their ability to look at other solutions.
And finally, consider posting with a username, since The Incredible Hulk SMASHES Anonymous Cowards! ;-)
Hulk SMASH Celiac Disease
Monoculture has little to do with it. Macintosh is a monoculture and you don't see MacOS deployments getting hit like this.
A Pirate and a Puritan look the same on a balance sheet.
If this indeed is a virus/trojan/spyware//Microsoft Windows(TM) problem...
Why do DMV employees need internet access in the first place?
If they need email to communicate with other employees, 99.99999999% of it can be handled via an internel email network - no internet needed. _No one_ particularly needs an @co.dmv.gov email address.
Why does a DMV employee need IE connected to the internet? Short of "Internet" being part of it's name, there's no reason. Any "IE only" network applications they might be using should be on an "internal only" accessible network.
This is ridiculous - DMV/Govt. employees DO NOT need to have internet access to do thier jobs. Cut them off and save millions of taxpayer dollars.
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
Actually, some might be able to argue that the LSB is in a way a monoculture. The LSB is good since it gives software vendors a common base rather than having to develop a package for different distributions. But, would the LSB also be an invitation to would-be virus writers? As Linux grows in popularity, we can expect to see more virus attempts. Of note, another reader said the McAfee has an antivirus for Linux. It is called McAfee LinuxShield. http://www.networkassociates.com/us/products/mcafe e/antivirus/fileserver/linuxshield.htm
Another question is that as more and more users migrate from Windows, we they also be migrating the bad Internet practices that many of them have? On the whole, I believe that Linux users today tend to be more Internet savvy than users of Windows in that they are familiar with and regularly implement good Internet practices such as using a user account for every day purposes such as surfing the web and reading email vice using a root account or one with root access. That being said, if Windows users also migrate their bad habits, then Linux can be more vulnerable in that respect than it currently is. As we spread the word about Linux, then we should also be willing to teach them vice saying things like "RTFM".
Linux by its UNIX-like nature, even if it were monoculture, is not nearly as susceptible to virus attacks as Windows. This is one of Linux's most valuable features.
Get some.
Up until a few years ago, Colorado was one of those states that would laminate driver's licenses on the spot, much like a high school ID.
This is one of those damned if you do damned if you don't things.
Office issuance clearly has the advantage that the person gets the license immediately, as opposed to some piece of paper, which may or may not work as ID if the person needs it immediately. It doesn't give them a very good feeling.
Office issuance has the problem that the offices themselves are often not that hard to break into, and then people steal the printer, blank cards, hologram rolls, et cetera. Honestly, you can count on that happening within 2 weeks of a state introducing a new licensing system.
Central issuance has the advantage that the machines are harder to steal. Further, the sillyness of license fraud (see my signature for more details) means that we are going to faster upgrade cycles. States can just upgrade the central machines instead of putting new machines into each office (in Ohio that would be over 220 office.)
Problem? You need to have amazingly good auditing and security measures. Consider the fact that California issues all their licenses centrally and that, if you do the math, that means that they issue at least 25,000 a day. Someone with particularly good access could probably figure out a way of getting an extra 1000 out, and no one will notice the difference.
So fraud is easier with office issuance, but if you can do it with central issuance, you can really go to town.
The greatest security advantage that Linux offers is that it is a relatively small target.
Yes, that's why there are so many exploits for Apache, and so few for IIS - because Apache has such a large market share, right?
Market segment has nothing to do with security.
I belive many states used OS/2 for Driver License systems until quite recently. I have personal knowledge my own agency (Tennessee Department of Safety) did. Polaroid's one of the leading vendors in ID cards, and their systems in the ninties were build around OS/2 and LU 6.2 over SDLC. Which made sense given legacy IBM mainframes and SDLC networks.
Oh, and they were also typically maxed out on interfaces, with cameras, SCSI-based ID printers, signature capture devices -- so much stuff and so many drivers loaded into memory that Windows 3.1 or Windows 95 would curl up and die.
These systems were typically planned to have a 5 year life cycle, and may have been streatched out further given the usual government procurement follies for their replacements.