Slashdot Mirror

← Back to Stories (view on slashdot.org)

Computer Viruses Cripple Colorado DMV

Posted by michael on from the browse-defensively dept.

Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."

14 of 394 comments (clear)

  1. Linux is a virus risk! by swillden · · Score: 5, Funny

    have they considered Linux?

    I should hope not! Don't you realize that Norton Anti-virus doesn't run on Linux? How would they protect themselves from these destructive viruses without every machine devoting a few hours each day to scanning for and eliminating viruses?

    I suppose it's understandable that you overlooked this problem, though, I hadn't ever thought of it either until some security brainiacs at a client's headquarters refused to allow me to connect my laptop to their network unless I could demonstrate that a reputable virus scanner was checking my machine at least daily. I pointed out that my laptop runs Linux, and that there are no Linux viruses in the wild, but they made it clear that that doesn't matter -- any machine without a virus scanner is a risk to their uber-secure network.

    I sure am glad they explained that to me...

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    1. Re:Linux is a virus risk! by mreed911 · · Score: 5, Insightful

      I pointed out that my laptop runs Linux, and that there are no Linux viruses in the wild, but they made it clear that that doesn't matter -- any machine without a virus scanner is a risk to their uber-secure network.

      Which, if you have a SAMBA share, is true.

      "As system administrators move to Linux files servers they have a real problem to deal with since the Linux file server can store Windows-based viruses. Windows-based viruses can write to a Linux/Samba network share as easily as they can on a Microsoft Windows based network. System administrators must protect the Linux server from storing these viruses. The only way is through active antivirus defense on the Linux server itself."

    2. Re:Linux is a virus risk! by DrCode · · Score: 5, Funny

      Write your own:

      #!/bin/bash
      echo Scanning...
      sleep 3s
      echo Scanning...
      sleep 3s
      echo System clean!

  2. ...what, exactly, would that do? by American+AC+in+Paris · · Score: 5, Funny
    Crippling the DMV? That's on par with outsmarting a bar stool.

    The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux?

    Oh, brilliant idea. Why, they could have their entire statewide system gutted, upgraded to Linux, re-designed, re-written, tested, debugged, deployed, up and running in the time it takes Gentoo to boot!

    --

    Obliteracy: Words with explosions

  3. Sure by stratjakt · · Score: 5, Insightful

    probably means re-installing Windows, but have they considered Linux?

    BEGIN LINUX CONSIDERATION

    Q) Does it have the custom software we need?

    A) No

    Q) Do we have the budget, time, or employees with the skill to write it?

    A) No

    END LINUX CONSIDERATION

    Sorry guys, that's just how the real world works.

    --
    I don't need no instructions to know how to rock!!!!
  4. Migrate to Linux? Are you kidding me? by Jailbrekr · · Score: 5, Insightful

    Even the suggestion that they should migrate to linux instead of flattening and reinstalling is premature, and horribly ignorant. A migration to another OS would take a company of that size months, and possibly years to do. Yes it would reduce the TCO, yes few viruses are written for it (so far), but to even suggest that linux would SOLVE their immediate problem is an idiotic proposal.

    Cripes, set your zealotry aside and think.

    --
    Feed the need: Digitaladdiction.net
  5. Patching the way to go by pyro101 · · Score: 5, Insightful

    Now is not the time to upgrade the entire system to Linux it is time to patch and go. But it is a good time to consider if a full system upgrade should be done, when time is not so critical. An ill planned upgrade will squash the likelyhood of linux getting a good chance. Also it would require getting a good staff of IT guys that know linux and not a bunch of MCSE's.

  6. Hm... by StevenHenderson · · Score: 5, Funny

    Who to root for, the viruses or the DMV? A conundrum if there ever was one...

  7. As a Coloradoan... by Chagatai · · Score: 5, Informative
    I've been listening to local radio where they have been talking about this issue for the past couple of days. Apparently, according to the talk show hosts and call-in experts, the real issue is in the system that transfers the licenses to a company in Oregon for print out. Up until a few years ago, Colorado was one of those states that would laminate driver's licenses on the spot, much like a high school ID. Somewhere along the line they decided that these cards could easily be faked, so they started sending them to a company in another part of the country to be produced a la credit cards with "more robust security". Data currently cannot make it to this production company, so the production of cards has been backlogged by as much as 30 days in some cases. Local law enforcement has been told to be lenient on people with expired licenses in recent days due to these problems.

    Me? I'm just happy seeing my Colorado tax dollars at work.

    --
    --Chag
  8. Worst computer related reporting...ever by gorbachev · · Score: 5, Insightful

    The reporter is a complete pussy.

    Tens of thousands of Detroit drivers are without service, and the DMV rep says:

    "People understand that we are living in a computer world."

    Uh. The followup question should've been "why the f*** did you let a virus infect a critical computer system?"

    --
    In Soviet Russia, I ruled you
  9. Viruses and Security: A tech issue or a policy... by Trolling4Dollars · · Score: 5, Interesting

    ...issue? Part of the problem with viruses beyond the fact that many OSes still ship with pretty lax security, is the way that PCs are actually implemented when put into a networked environment. The implementation is dictated by the policies of the organization. Too many organizations do not put enough thought into what users should and shouldn't be allowed to do at EVERY level of computer use. Some of this is due to the fact that these organizations can't afford a decent admin due to being underfunded. Another cause is that many of these orgs also think that computers should be a "set it and forget it" kind of thing.

    So how can this be addressed? Probably the first thing to do is GET A DECENT ADMIN and IT staff. Since we are talking the BMV here, this means better funding for the BMV to attract a decent admin and IT staff who will demand more pay. Which means... that taxes will have to be increased. Which means that indirectly, the tax payers who vote down county levies are are responsible.

    Another thing that can be done once you have a decent admin is to set up a very detailed policy about what users are and aren't allowed to do on a machine. This includes whether or not they can even access external resources on the web (No external web mail during work time, etc...). Regarding the channel of e-mail for mass mailing worms, all mail should be filtered through a virus scanning and spam filtering appliance like the Barracuda Networks Spam Firewall.

    If the environment is such that it demands that users be able to access external web resources, a remote application server (with automatic virus protection) running on a separate network should be used for all external web browsing. If they are accessing an internal resource, they can use their local browser. This way if the app server gets hit with some kind of worm or virus, it won't infect their system as the only connection would be over X , RDP or Citrix ICA.

    Is all of this a pain in the ass to both implement and live with? Most certainly. Will the users complain? Count on it. Will it buy you a lot more protection against the worms and viruses today? Yes. It's just a question of which environment is more of a pain in the ass for you. One where you are constantly dealing with users that are infecting their machines and taking down the network so that productivity grinds to a halt? Or one where users gripe for a bit about the new restrictions, but you have far fewer or no virus/worm incidents? The choice as they say, is up to the peoplpe with the power to rethink these things.

    --
    Un-news
  10. Re:What the hell by Anonymous Coward · · Score: 5, Insightful

    Just about any compromised Windows network is caused by a sysadmin who doesn't know how to properly run a network.
    First, a firewall will prevent most exploits. Second, some kind of antivirus filtering on the mail server. Third, an updated version of some form of antivirus software on workstations to prevent risk by mailer worms that don't get caught by the firewall. Fourth, keep systems updated.
    Is this so difficult for people to understand? If regular users switch to any other OS, you will still have problems with mailer-type viruses. As a result, you will need antivirus on any system that has one available.
    I know this flies in the face of a majority of slashdot readers, but just because you have placebo-effect OS security (for example, "I run Linux or UNIX, therefore, I don't need to worry about having a compromised system" despite not having patched it in a few years) doesn't mean that you shouldn't strive to further secure every system on your network.

    Now, I know of plenty of people that can keep a clean Windows network following the steps outlined. These people make as little as $8/hr. The CO DMV could have prevented this by hiring an intern, shelling out a couple hundred for some quality firewall software (Astaro Linux seems to be fairly easy to use yet secure) and an antivirus package to lock things down in a few days. Problem solved, no need for a full Linux desktop conversion here.
    Carry on.

  11. Re:What the hell by Darth_brooks · · Score: 5, Insightful

    It's fun to play armchair QB.

    Let's assume it's Sasser or blaster that's brought down the network. You'll have to go to each machine, run the removal tool to remove the virus, then patch the system so you don't get infected again. Wash rinse repeat for every infected machine on the on the system.

    Or, you can eliminate the hassle of going to each system by mulitcasting a patched, clean, and perhaps improved system image using Ghost or something similar. Hell you can do that from a central console and never even see the remote machines. Why dick around cleaning up a virus and patching a single box when you can push out a clean image to all the machines remote site?

    I'll wrestle with a virus when a machine absolutly can't be blown away. In an ideal world (where user files are on network drives and gumdrop fairys eat marmalade pies) that's never, but in reality it's once in a great while.

    Now, they may not have the pipe to push an image to all the remote locations, so they're probably stuck sending the lackeys out into the field. That's going to take considerably longer (say, a couple days), but it's a small price for knowing the job is done right, and you're not just fixing up an old home for the same virus.

    --
    There are some people that if they don't know, you can't tell 'em.
  12. Re:I'm sure... by dasmegabyte · · Score: 5, Insightful

    DMV software isn't the sort of thing you find on the shelf at Best Buy. The state is probably using custom software that will only run on one platform. They probably either designed it themselves or paid a contractor to do so. Either way, no new charges should be accrued...this sort of thing would be included in a yearly maintenance contract. Rewriting the software in Linux wouldn't be an option and it's embarrassing that somebody would suggest it. It'd be like telling somebody with a sick dog that they should have bought a cat.

    "Fresh software" probably means bringing down the whole network, reinstalling and patching all machine operating systems, and then reinstalling the software. This will not cost anything extra in terms of the software -- however, the process will surely be costly in terms of manpower (I'm sure the state doesn't employ enough IT staff for every DMV office) and the state will have to pay for it. My company has had, on occasion, requests to help our customers recover from viruses they did not properly protect themselves from. We charge a premium for this service, because 1) there's nobody else who knows how to do it well 2) we TELL them how to protect themselves, and they still don't do it.

    So, in short: no, the "fresh software" won't cost them anything. Installing it, however, won't be cheap. And I'm guessing the state doesn't have a discretionary budget for this sort of thing, meaning something will be getting cut.

    --
    Hey freaks: now you're ju