Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trend Micro Bug Hits Several Important Computers

Posted by Zonk on from the disgruntled-travelers dept.

dmarx writes "The Japan Times reports that a bug in Trend Micro's antivirus software has caused the CPUs of several important computers, including those at East Japan Railway, to grind to a halt. A bug free version was released on noon Saturday." From the article: "Kyodo News experienced LAN access failure from around 8:20 a.m. to shortly before noon. The Asahi Shimbun and Yomiuri Shimbun also had trouble with their LANs at their Tokyo and Osaka bureaus, but the problems did not affect editing or printing of their evening editions."

15 of 221 comments (clear)

  1. Before the flury of obvios train crash jokes start by Anonymous Coward · · Score: 5, Informative

    That was East Japan Railway. The crash was on Japan Rail West.

  2. Sounds familiar. by bigtallmofo · · Score: 5, Interesting

    The buggy file slowed down computer performance substantially by making CPUs run at almost full capacity, the software company said.

    Sounds like every interactively-scanning antivirus program I've ever installed. I wonder, when Microsoft releases server benchmarks, if they run them with antivirus software running in the background? I think this would give a 10%-15% edge to operating systems that don't require such measures of protection.

    --
    I'm a big tall mofo.
    1. Re:Sounds familiar. by Will2k_is_here · · Score: 5, Funny

      No viruses on BeOS. Actually, no virus checkers either...

      No users either...

    2. Re:Sounds familiar. by cortana · · Score: 5, Funny

      Overall, sounds like the ideal server platform to admin. :)

    3. Re:Sounds familiar. by Anonymous Coward · · Score: 5, Informative

      The different he's talking about with PHP is using mod_php as opposed to php.exe. If Apache uses mod_php, it goes out and hits php4.dll just like your asp.dll. If it's not using mod_php, it's going out and executing "php.exe %1" every time you hit a PHP page, waiting for the result, then sending it to the browser. This is much slower than the DLL approach.

      You just need mod_php compiled in to Apache (the equivilent of ISAPI), *not* all of PHP, for this to work.

  3. I expect 100 posts like this. by muyuubyou · · Score: 5, Informative

    ... but in case you're wondering if this may have caused the derailment at Amagasaki, apparently it didn't. Amagasaki is located in western Japan (covered by JR-West).

    Still, the coincidence in time makes me wonder. I sure hope they don't use Windows in the train system I use... just read the EULA. My life is pretty "mission-critical" to me.

  4. Who's to blame by janek78 · · Score: 4, Insightful

    I suppose the manufacturer of the faulty software is not liable in any way. Would we buy say TV sets if their Terms of use said that they are in no way guaranteed to work for the purpose they were bought for, nor are they safe to use (like exploding randomly - It's time for the penguin on the top of the TV to explode).

    I understand software is a tad more complex than your average TV, but cars are not exactly simple either and they seem to work quite well (most of the time). Will we ever get software that just works or will we always have to buy something in the good faith that it will work, but if it does not, it is our tough luck?

    BTW, I hope slashdotting another japanese server won't cause much additional damage...

    1. Re:Who's to blame by Vo0k · · Score: 4, Informative

      Let me wake you up.
      Car manufacturers fight really hard to stop this from getting more of media attention, but modern cars are known to have SERIOUS software bugs. Just google car software bug or similar for stories and references - running 100MPH down a motorway and have the engine switched off, everything shut down (and even the steering wheel blocked), or having the central lock imprison you in the car, so you can't get out, or having random pieces of equipment (wipers, windows, chair adjustment) to start at random... These are real stories. Cars aren't what they used to be...

      --
      Anagram("United States of America") == "Dine out, taste a Mac, fries"
  5. New sales slogan by Alien+Being · · Score: 5, Funny

    With Trend Micro, viruses are the least of your worries.

  6. Bug free? by taobill · · Score: 4, Funny
    A bug free version was released on noon Saturday.

    They can prove that there are no bugs can they? That would be a neat trick.

    And what's "on noon"?

    How about: A fixed version was released at noon on Saturday.

  7. The problem with AV by Fished · · Score: 4, Insightful
    Antivirus checking is, by nature, an invasive procedure. Is it really surprising that these products have such a lousy reputation for impacting system stability?

    Oddly, my Solaris and/or Linux and/or OSX servers are able to get by without any sort of AV protection (other than promptly installing patches). And, oddly enough, they are more stable.

    Go figure. :)

    --
    "He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
  8. Antivirus software on mission critical computers? by mferrier · · Score: 5, Insightful

    Yet another example of why critical computer systems should be stripped down to the barebones tried-and-true software and isolated from any potential source of interference. This goes doubly for a system like this on which the local infrastructure depends!

  9. Auto Update of Antivirus IS a secuirty risk by csk_1975 · · Score: 4, Insightful

    There was a discussion about auto update of both definitions and scan engines being a security risk some time ago on Full Disclosure (I think it started as a Windows Update thread). This event just goes to show that software which auto updates should be used with caution and controls are required if its going to be used on critical systems, ie any updates need to be tested prior to roll out. Whether or not this can be viewed as a security incident is debatable, but software which downloads updates that cause a DOS are usually viewed as malicious. I wonder about the cruft like Plaxo (and all that other supposedly safe stuff) which download updates all the time, I can't stop it (not for technical reasons ;) but I'm just waiting for the day an auto downloaded update craps out some VP's laptop.

  10. We had the same problem by Xerxes1729 · · Score: 4, Insightful
    The same thing happened at my school this weekend. At the beginning of the year, ITS required that anyone with a Windows machine install this Trend Micro program and give them the password to an administrator account*. By "securing" all the Windows machines, network outages would be prevented. Ironic, eh? Those of us who use other OSs, of course, were unaffected. And best of all, when they sent out a notice about fixing the problem, they didn't explain what had happened - we had to wait for one of the students who works there to tell us.

    *They wanted me to give them my root password before they would turn on my network connection. I told the nice woman that if ITS expected me to trust them with my password, surely they would trust me with the password to one of the servers. She rolled her eyes and activated my connection.

  11. that's the problem by zogger · · Score: 4, Insightful

    They are starting to make the cars so complex that it drives the cost up significantly for initial purchase, and the repair costs get astronomical because it requires a specialist in most cases to *really* fix them, but they still only last a few years before they start to break down and become uneconomical for most people. Catch 22 now. Airplanes on the other hand have high initial cost, high repairs and maintenance costs, but are designed for decades of service, not just a few years. Where are the high tech safer cards with 20 year warranties? the cost has gone up tremendously compared to when I was a kid, yet they still seem to break as much and are much harder to work on for joe average.

    No easy choices for joe consumer and land transportation. It's not like you can go buy a brand new cheap car that isn't infested with all sorts of electronic stuff that isn't really necessary. It may be useful, but it's not exactly necessary. You can get older cars of course, but even then it's a high cost to restore them and in a lot of cases they have to be modified to pass emissions, which lowers their actual practicality value by introducing complexity. More stuff bolted on = more stuff to break, simple as that. I mean, new cars now cost what houses used to cost not that long ago, and they still drop in value the same as they always did, drive off the lot, whoops, several thousand gone, then it goes downhill from there. It's a cost/benefits/practicality issue that's quite complex, I don't think it can be really stated that cars are that much more of a deal now just because of all the electronic controls, which are consistently the number #1 consumer complaint with cars and repairs, the electronic control systems nowadays. Blackbox voodoo stuff that even the dealer factory trained guys have a hard time dealing with once they develop bugs.