Slashdot Mirror
Trend Micro Bug Hits Several Important Computers
dmarx writes "The Japan Times reports that a bug in Trend Micro's antivirus software has caused the CPUs of several important computers, including those at East Japan Railway, to grind to a halt. A bug free version was released on noon Saturday." From the article: "Kyodo News experienced LAN access failure from around 8:20 a.m. to shortly before noon. The Asahi Shimbun and Yomiuri Shimbun also had trouble with their LANs at their Tokyo and Osaka bureaus, but the problems did not affect editing or printing of their evening editions."
The buggy file slowed down computer performance substantially by making CPUs run at almost full capacity, the software company said.
Sounds like every interactively-scanning antivirus program I've ever installed. I wonder, when Microsoft releases server benchmarks, if they run them with antivirus software running in the background? I think this would give a 10%-15% edge to operating systems that don't require such measures of protection.
I'm a big tall mofo.
Was this the issue with LPT$VPN.594?
The large bookseller I work for (think "Stables and Lords") got hit with that on Friday. All the XP machines (basically, the Manager's computers in the stores) and even a few of the XP computers in the Helpdesk (where I work) would lock up and freeze during boot.
Deleting the offending file fixed the issue.
Less market share. Windows is a much more apetizing market. Especially since most users wouldn't know if they had a trojan in the first place. How many people actually renew thier subscriptions with Norton or NA?
What I want to know is why do the computers controlling the train system in Japan need antivirus. Are they attached to the internet? Do they have disk drives? This system should have neither, I can understand the reason for a seperated system to be connected to the net for reporting train schedules and problems. But connecting a control system like that? Running it on windows? Silly. Thats worse than having antivirus on an ATM.
Software design is still a pretty young field of construction. Building construction has had more than 2 millenia to develop, while software design had about century (give or take a decade). In the early days (read: centuries) buildings were designed by rules of thumb. Only the last few centuries the real science of contruction was developed. (The metalurgical properties of steel wasn't researched until after WW2 when they figured out that welded ships couldn't handle the extreme cold of northern seas very well) In software design we're at the point where we're trying to come up with the science, but are still mostly using rules of thumb.
Given time software will reach a point where it's about as reliable as concrete buildings, but in the mean time we'll be stuck with the many kinds of blue screens.
RyanFenton, posting in the computerized cars for traffic control thread:
.computers.
I'd MUCH rather trust a reasonably engineered computerized system than the thousands of other drivers around me on my way about town.
I didn't post there, but my very first reaction on reading was:
"And just where the hell do propose to find one of those?"
This story illustrates my reaction. Imagine thousands of cars around you on your way about town that have suddenly lost all control.
Without the introduction of computers cars are actually not that complicated. They consist of a relatively few number of parts mechanically linked in such a way that any child can intuitively grasp their operation. You can teach yourself a fair amount of auto mechanics through entirely empirical methods, just sitting down with the device, taking it apart, putting it back togehter, and grasping how the whole thing works by such observation.
Nobody's going to write a virus checker that way, or a car control system. The computer is too complicated, consisting of billions of invisible "parts" whose operation is entirely abstracted from their function.
To the extent that cars are complicated these days, to the further extent that even formally trained mechanics cannot figure out what's wrong with them without plugging them into a computer, it is because they now contain. .
So refering to cars as an example of something that's complicated but reliable is not factual ( and I myself have found myself sitting by the side of the road with a mechanically sound car that refused to run because a control chip died), but also begs the question.
KFG
Exactly. This is just part of the cost of running Windows. Any serious TCO-analysis should include the cost to purchase, install and update anti-virus software on Windows.
Some weeks ago there was a news here about using 1 CPU just to run housekeeping software (AV, anti-spyware, firewall, and so on) and let the other for user's taks.
It seems it is not so bad idea after all (at least, for Windows users).
DNA in your Linux: DNALinux
I actually ran into this problem at a customer's site this weekend. They had Trend Micro AV and the computer was utterly crippled. It was like it had some utterly malicious virus on it gobbling up all the cpu time.
:-)
Using SysInternal's Process Explorer, I was ultimately able to see that a module (running as a part of the "system" process) called "TmXPflt.sys" was running 4 simultaneous threads each using about 25% of the CPU. Since the "system" process is given higher priority than all other processes, the system naturally slowed to a crawl.
I rebooted into safe mode and renamed this file and restarted. The system behaved like normal again. The file said it was a Trend Micro "XP Post Filter" (mail filter?) - After all that, I thought that it was particularly weird that I hadn't read about some problem from Trend Micro on a major news outlet (like Slashdot)
The operating system should really prevent this type of problem. The whole purpose of the OS is to mediate access to resources such as CPU. So if one process is able to monopolize the CPU and prevent other processes from getting CPU time, then the OS has failed to do its job. (I'm not sure Linux would do a better job or not -- I've seen cases where it had similar problems.)
Software sucks. Open Source sucks less.
Many computers need to have /RESET held low for a few would-be clock cycles after power-up, to allow the power rails to stabilize and the master oscillator to start. Usually this is done by a capacitor which slowly (comparatively) charges up to supply volatage; when it crosses a certain voltage, it releases /RESET (they're usually active-low), and the CPU can start.
All well and good...
If you've got a situation where the power rail drops suddenly, the capacitor on /RESET starts to discharge to the power rail. Enough, and it activates the /RESET line on the CPU. Even though the power drop wasn't enough to wipe out the CPU, it was able to trigger the power-on-RESET circuit. (The fix is to put a diode in the computer's power supply connection, so that the computer's power supply capacitors never try to bring the +12 rail back into spec.)
Another fun thing that can happen, though probably not in automotive circuits, is GND and Vcc inversion.
This used to happen a lot on Amigas with defective monitors; you'd get a high-voltage discharge in the monitor to the GND line, which would momentarily bring GND over Vcc, triggering a /RESET. The fix there is to separate shield ground from signal ground; or you could just go bankrupt.
Given the number of modern cars which, apparently, tell you not to jump-start, there is an awful lot lacking in modern automotive design. It's not hard to cope with a jump-start, you just have to not cut all those corners.
(My 1998 Subaru has no such warning; I've only heard about that warning from GM owners--I've never seen it myself.)
link Checkmark labs recently gave out an award to the company for its spyware product. Spyware, as you know, slows down computers and makes them difficult to use. Oh the irony!!!
The latest gadget news and reviews. www.absolutegadget.com