Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI, US Marshals Hit By Virus

Posted by Soulskill on from the nothing-tommy-lee-jones-can't-handle dept.

Norsefire writes "The FBI and US Marshals were forced to shut down part of their computer network after being hit by a 'mystery virus.' FBI spokesman Mike Kortan said, 'We are evaluating a network issue on our external, unclassified network that's affecting several government agencies.' Nikki Credic, spokeswoman for the US Marshals, said that no data has been compromised but the type of virus and its origin is unknown."

156 comments

  1. They should use macs by Anonymous Coward · · Score: 0

    Although it is the FBI. Maybe they are use macs and we just don't know it.

    1. Re:They should use macs by psnyder · · Score: 5, Funny

      They DO use Macs. And Dell. They were shown VERY CLEARLY inside FBI headquarters during season 7 of 24.

    2. Re:They should use macs by sopssa · · Score: 3, Informative

      Mac is in no way less vulnareble than Windows, specially in targeted attacks. It seems most people have been brainwashed quite good. Yes, the amount of malware for mac's is lower than Windows, but so is mac userbase. However there are many OSX malware circumventing already and it seems to be just going up.

      And no, not all malware require root to run. They can easily run under your user account aswell and still steal lots of data, passwords and keylog etc. If they require root, then social engineering attack will get past most users as they happily enter their root password.

    3. Re:They should use macs by clang_jangle · · Score: 3, Insightful

      Yes, the amount of malware for mac's is lower than Windows...

      Correct, zero is a tad less than ~ninety-three thousand.

      ...but so is mac userbase

      Considering that UNIX-like systems are ubiquitous in the server world (and OS X is a UNIX-variant), that is a really lame argument.

      However there are many OSX malware circumventing already and it seems to be just going up

      [citation needed]

      --
      Caveat Utilitor
    4. Re:They should use macs by erroneus · · Score: 2, Insightful

      This should be modded up.

      Generally, I also recommend Mac for brain-dead users whose computers I don't want to fix every 3 days. There is simply less chance of such problems... randomly. Most exploits target Windows and MSIE, simple as that. But that is only GENERALLY...randomly...blindly.

      More and more, we are seeing targeted attacks. The targetted attack is most successful when the contents of the network are known. So get one machine compromised (advanced scout), survey the network to see what's out there, then plan the real attack. There are abundant attacks for Mac and even Linux. In the event of targeted attacks, all bets are off. "Reputation" for security only serves the attacker because the defences of the machines will likely be lower on those machines considered "more secure."

    5. Re:They should use macs by Anonymous Coward · · Score: 4, Informative

      93,000?
      That's a mighty low estimate.

    6. Re:They should use macs by sopssa · · Score: 3, Informative

      http://news.cnet.com/8301-13579_3-9808489-37.html
      http://www.tuaw.com/2008/11/21/new-mac-os-x-malware-osx_lamzev-a/
      http://www.f-secure.com/v-descs/trojan_osx_dnschanger.shtml
      http://www.f-secure.com/v-descs/inqtana_a.shtml
      http://blogs.zdnet.com/security/?p=2418

      to begin with a few.

    7. Re:They should use macs by sopssa · · Score: 4, Insightful

      Also, most mac users think and they're told that theres no malware and they're secure, so they have the mentality of "nothing can hit me" and even tho theres a few mac av's, almost noone runs them.

      Hell, there's botnets running inside _routers_. What makes it think that mac is somehow some bulletproof solution. You dont need root to send spam or ddos either.

      Mac is also a standardized os, so its a lot easier to make malware for it than the tons of different linux os's. And its already true, but because of this mentality Apple and Mac users have given to everyone, they think they're safe. It's really stupid from Apple's part, because the problem keeps just rising and one day it gets hit badly and no one has prepared because of their assumptions.

    8. Re:They should use macs by clang_jangle · · Score: 4, Insightful

      Trojans can run on any OS, once the user is tricked into installing them. IOW,they're extremely easy to avoid. However, viruses are only found in the wild on Windows systems. And only Windows can be infected by simply visiting a web site.

      --
      Caveat Utilitor
    9. Re:They should use macs by CarpetShark · · Score: 1

      Although it is the FBI. Maybe they are use macs and we just don't know it.

      Last I heard, the FBI was embarrassingly under-tech'd. They probably use paper and pencil a lot of the time.

    10. Re:They should use macs by CarpetShark · · Score: 1, Redundant

      Which, of course, is because Dell and Apple are sponsoring the show. This has been happening for years; Amiga used to sponsor the Neighbors soap, and so people had Amigas on the show. They went with Macs later, probably because they got better/alternate sponsorship from Apple then.

    11. Re:They should use macs by Anonymous Coward · · Score: 0

      Funny that Linux people have exactly the same mentality.

      We'll see in a couple of years when Joe sixpacks with Ubuntu meet Jane with Kubuntu.

    12. Re:They should use macs by Anonymous Coward · · Score: 0

      *whoosh*

    13. Re:They should use macs by mark-t · · Score: 3, Informative

      The reason windows systems are more vulnerable than Unix-like OS's is because in Windows, the default status of the computer is that the end user is running an administrator-type account, with full privileges to install new system software and replace drivers. In a properly administrated Unix system, only a few root-level processes are running, and the logged-in user does _not_ constantly have access to such privileges except when they are specifically requested by the user, and only then within the process that the end user specifically escalated privileges on. This leaves social engineering as the only real means by which a unix-type of machine is liable to be compromised, and avoiding that is also a matter of maintaining established sound system-administration practices.

      Of course, maintaining such practices on windows systems would cause a significant (HUGE, even) drop in viruses on that platform as well (possibly even to the point that a resident virus scanner could be considered wasteful, and regular on-demand checks for compromises alone would likely be adequate). However, most windows users simply are not interested in learning how to be sysadmins, so the problem remains.

      --
      File under 'M' for 'Manic ranting'
    14. Re:They should use macs by DrgnDancer · · Score: 2, Insightful

      Every example in your list is a social engineering trojan. They all require the user to literally INSTALL the malware and enter their admin password to do it. No system can defend against that. There are proof of concept viruses and worms on the Mac, but pretty much everything in wild is a trojan and requires significant user intervention to work. That's hardly fair. Of course stupid Mac users are still stupid users. That doesn't make the system itself less secure. I'm not one of the "OMG, it's completely secure!" fanbois. There are definitely holes in OS X, and Apple has not always been quick to fix them. The fact remains, however, that their are virtually no Mac viruses or worms in the wild (for the proper, security profession, definitions of "virus" or "worm").

      --
      I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
    15. Re:They should use macs by Anonymous Coward · · Score: 0

      Meh -- the winboiz just need some comforting lies to reassure themselves -- that's how it is when people insist on sticking with stupid choices.

    16. Re:They should use macs by clang_jangle · · Score: 1

      Actually, Apple has pretty much led the way in how to make becoming your own sysadmin dead easy. The problem has been that MS makes backwards compatability a priority -- and also, possibly they have decided that insecure systems are ultimately more profitable. I've never heard of a Mac user buying a new machine because the old one was a year old and too slow to be useable. But that's a common scenario for non-geek windows users, which means a lot more profit for MS and the OEMs.

      --
      Caveat Utilitor
    17. Re:They should use macs by mail2345 · · Score: 1

      This is a military organization under attack. Why not just have explanations about social engineering, and have punishments for those who fall for the regular fake social engineering tests?

    18. Re:They should use macs by gmuslera · · Score: 1

      "Lower" in this context is like saying that the ocean is wet.

      Mac (and linux, bsd, and probably the rest) are not invulnerable to malware, specially if you count what is run by the user. But the ladder you must climb (both in social and software engineering) is far higher for those cases than for the average windows installation, where the culture teaches you to install/run things from open internet without even worrying if there is a source that could be checked and is pretty documented how easy is to get into, and already there are plenty of "bad boys" doing nasty and complex stuff for it (conficker et al)

    19. Re:They should use macs by Antique+Geekmeister · · Score: 1

      No, that's the FBI Computer Crime Center, and only because they got upgraded from chalkboards.

    20. Re:They should use macs by Antique+Geekmeister · · Score: 1

      Oh, my, yes.

      Linux and UNIX are not immune: the Morris Worm proved that in 1988, and many of the flaws it revealed about people using bad passwords and not doing security updates remain true today in most personal and corporate environments. I just had a lot of fun explaining to a corporate partner that they _will not_ run VMware ESX in the exposed network network because it is RHEL 3 based, and VMWare basically refuses to provide access to RedHat registration to get updates or install necessary tools to manage the system as a member of a managed environment. So kiss realistic security on any ESX server goodbye. Tripwire? nmap? What do you need those for? You paid VMware good money for this, yo udon't need to manage these systems!

      But the ridiculous joke that is providing security for the HR and purchasing departments of any serious bureaucracy (and believe me, the FBI has a _massive_ bureaucracy) is itself a nightmare. Couple that with slapping civil servants in the head to stop having their secretaries with the boss's personal passwords, and the bosses having to have everyone's passwords as a matter of policy, and you have a nightmare waiting to happen. The FBI may have the "FBI Computer Security Center", but have you ever tried to deal with those bozos to actually report a computer crime? They're like a Delhi call center but with American caccents. They have neither the competence nor the authority to actually do anything about day to day crimes: they are a giant, expensive department to soak up federal money and absorb complaints and do _nothing_ about crime.

      Has anyone, ever, actually had the FBI provide anything resembling help with a computer crime? Hands up, please, anyone who's actually gotten help from those red-nosed Bozo the clowns with badges in actually securing a system or convicting anyone of a theft of data or a breakin?

    21. Re:They should use macs by Crazyswedishguy · · Score: 1
      I'm not saying there is no malware for Macs, but of the 5 you listed, only one of them is really *decently* hidden, the last one that can be found in a pirated copy of iWork 09.
      All the others require the user to either accept a transfer or installation and in several cases even type in his root password. And for the one that came in the pirated iWork 09 installer, you're downloading pirated software - not the most trusted sources, imho.

      To quote one of the articles (the second one you listed):

      This is not a virus, and users must actually launch the app for it to install its payload. [...] Many Mac OS X-based malware seems to be similar in nature, requiring users to actually launch the installer and give it permission to install the payload. Unlike Windows-based malware, you shouldn't need to install any anti-malware apps to annoy you and slow down your Mac. Just make sure to follow the basic rules of Internet safety -- don't install applications that aren't legitimate or visit Web sites that you don't trust.

      Sure, there is malware for Macs, but there are a lot fewer things that automatically install when you open an email or visit a website.

      --
      This space up for sale.
    22. Re:They should use macs by Anonymous Coward · · Score: 0

      The reason windows systems are more vulnerable than Unix-like OS's is because in Windows, the default status of the computer is that the end user is running an administrator-type account, with full privileges to install new system software and replace drivers.

      This was addressed with the release of Vista. Even though the first user defaults to a member of the Administrators group it runs with standard privileges until elevated through UAC.

    23. Re:They should use macs by santiagodraco · · Score: 1

      Random stats for the win.

      I guess Symantec and McAfee should shut down their Mac operations since Macs are so safe. I wonder why they even try to sell antivirus software for Macs in the first place seeing how they are immune from attack!

    24. Re:They should use macs by TheSpoom · · Score: 2, Insightful

      While I agree with the general principle that *nix OSes (including Macs) are more secure than Windows, viruses are just as possible on other operating systems.

      That said, the government could save shit-tons in licensing fees by switching to a free OS like Ubuntu, and they wouldn't have to worry about something like this happening nearly so often.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
    25. Re:They should use macs by Anonymous Coward · · Score: 0

      FYI, the only legit reason to use AV on the Mac is to protect any winputers on your network. And the FOSS clamav is the only one actually worth using for that, as symantec and mcafee are only good for consuming excessive CPU cycles.

    26. Re:They should use macs by Anonymous Coward · · Score: 0

      This was addressed with the release of Vista. Even though the first user defaults to a member of the Administrators group it runs with standard privileges until elevated through UAC.

      Which of course, has proven itself totally foolproof.

    27. Re:They should use macs by BrokenHalo · · Score: 1

      The claim that Mac/Linux/*nix are all as vulnerable as Windows is specious. Every one of the exploits previously mentioned depends on the stupidity, gullibility or laziness of the user, not on the insecurity of the system.

      Microsoft shills and astroturfers can bleat all they want, but Windows systems are simply rotten to the core when it comes to security. I'm not claiming that *nix (including OS X) systems will always be 100% immune to malware, but at least they do a good job of keeping casual exploits out of the works.

      Whereas in Windows, attempting to continually patch holes in something that was initially designed as a single-user system to make it safer in a networked world is always going to be problematic.

      Whatever else we may think about Apple, they made a sound, pragmatic decision when they threw out the old OS 9 architecture and replaced it with what is essentially a BSD-like system with their own work on top to make it pretty. Unix, by its very nature, is actually quite hard to crack if sensible operating defaults are followed.

    28. Re:They should use macs by Anonymous Coward · · Score: 0

      The biggest difference is that Mac users don't use so much pirated software. Often simply because there are no cracks of the software they need.

      Cracked software is a huge vector for virus spreading, but is under reported as people don't want to admit using it.

    29. Re:They should use macs by Venik · · Score: 1

      The smaller number of exploits targeting Mac does make it a more secure platform, even if a big reason for that is a smaller user base. As far as I am aware, there are only three Macs in existence: a laptop owned by my boss, my idiot cousin's G5, and the one I've seen on House. I am sure there a few I am missing.

      But I agree with your point regarding targeted attacks. If you ask the so-called Unix geeks on Slashdot if Unix platforms are susceptible to, say, Internet worms or other malware, I am certain a high percentage will be quite literally foaming at the mouth trying to convince you that Unix is invulnerable to such attacks.

    30. Re:They should use macs by sopssa · · Score: 1

      You seem to forget here that most of the exploits now a days are from third party programs. These exploits are just aswell possible on mac/linux once the userbase is just there. Some windows services have been exploitable, but thats because like 90-95% of desktop computers use Windows, so its better idea to try to find exploits on them. However aswell as Windows, both Mac's and Linuxes have had their share of exploits to third party programs.

      Whatever else we may think about Apple, they made a sound, pragmatic decision when they threw out the old OS 9 architecture and replaced it with what is essentially a BSD-like system with their own work on top to make it pretty. Unix, by its very nature, is actually quite hard to crack if sensible operating defaults are followed.

      Most malware work just enough good when run under user account aswell. You do not need root access to most of the functions they do.

      For example the recently hugely exploited Adobe PDF reader exploits would work quite aswell on Mac's. You seem to be blaiming OS's instead of the third party programs. Mac and Linux will have just as much malware as soon as its profitable enough for the malware authors.

    31. Re:They should use macs by rhook · · Score: 1

      http://www.tuaw.com/2008/11/21/new-mac-os-x-malware-osx_lamzev-a/

    32. Re:They should use macs by shanx24 · · Score: 1

      Not true. Install "Little Snitch" and you'll have full knowledge of what program is trying to call home. Anyway root access (or even user's password) is asked for only when installing something new, so even the dumbest Mac user will know when not to enter a password for an known program.

      --
      As I said, I don't repeat myself.
    33. Re:They should use macs by sopssa · · Score: 1

      So comes along one of those many fake websites that say 'you need to update your codec to watch this video'. User thinks its a new codec installed = your new program. Lots of malware seem to have changed to social engineering tactics instead of just trying to exploit some hole, and lots of users seem to fall to those.

    34. Re:They should use macs by cyber-vandal · · Score: 1

      And then they'd have to pay shit tons to VMWare or Citrix so that they'd have some way of running all the Win32-only stuff they depend on and still end up paying for Windows licences. Ubuntu is not a drop in replacement for Windows just because Open Office can read and write .DOC and .XLS files.

    35. Re:They should use macs by dkf · · Score: 1

      And only Windows can be infected by simply visiting a web site.

      Apparently not. Unless Apple have fixed it in the last 48 hours, there's an open serious issue on Macs in relation to Java. OTOH, it's unclear how prevalent the exploits for this are in the wild; things that stay in the lab aren't stuff to panic over.

      Alas, it seems that Win-targeted exploits are fairly common. But let's not pile on unwarranted FUD...

      --
      "Little does he know, but there is no 'I' in 'Idiot'!"
    36. Re:They should use macs by CarpetShark · · Score: 1

      Idiot. You don't have to miss the point of something to take the topic further anyway. It's called conversation. You should try learning it sometime.

    37. Re:They should use macs by TheSpoom · · Score: 1

      What Win32-only stuff? My guess is you mean internal apps that are coded to only be read through IE, in which case, they can run IE on Ubuntu through various means. If you legitimately mean apps coded strictly for Win32, I doubt there are that many, and likely they can run through Wine without any trouble.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
    38. Re:They should use macs by cyber-vandal · · Score: 1

      You doubt there are that many? What planet do you live on? And they can run through WINE without any trouble? Again what planet do you live on?

    39. Re:They should use macs by TheRaven64 · · Score: 1

      Perhaps you missed the pwn-to-own competition, where exploits that allowed remote attacker to execute arbitrary code on Linux and OS X were demonstrated? The user only needed to visit a URL with their browser to be exploited. Or maybe you missed the Linux SCTP vulnerability, which gives remote attackers the ability to execute arbitrary code as root if the machine is running anything that uses SCTP.

      --
      I am TheRaven on Soylent News
    40. Re:They should use macs by TheRaven64 · · Score: 1

      That vulnerability also affected Linux and was unpatched for about three months after being first discovered there (six months after it was fixed on Linux, it's still open on OS X). Linux has also had a very nasty vulnerability in the SCTP part of the network stack recently. If you're running anything that uses SCTP, a maliciously-crafted packet can cause arbitrary code execution in the kernel, which is almost as compromised as it's possible to be.

      --
      I am TheRaven on Soylent News
    41. Re:They should use macs by TheSpoom · · Score: 1

      Ah, so you don't have any actual evidence.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
    42. Re:They should use macs by intheshelter · · Score: 1

      Malware? Yes. Viruses or worms? No.

      These are all trojans. The problem is not the OS, it's the user giving EXPLICIT PERMISSION to install the malware. No OS can protect against that. Talk about making mountains out of molehills. Nice list of FUD you compiled there.

    43. Re:They should use macs by intheshelter · · Score: 1

      Good point. The obvious reason is money. Macs are a rising market, and an untapped one by the scare peddlers. So, they routinely send our some prognostication in the form of a press release saying that any day now a deadly Mac virus will be released that will kill all your loved ones. How else are they going to scare up business on a platform that has no need of their snake oil?

  2. I thought they blamed DrudgeReport by Anonymous Coward · · Score: 0

    Wasn't last week's news cycle that the Justice Department was hit by a virus that was claimed to come from an ad on DrudgeReport?

    It cou

  3. We have to hit back and hit back HARD by Anonymous Coward · · Score: 2, Funny

    You wanna know how you do it? Here's how, they hit you with a virus, you pull a gun. He sends one of your servers to the IT department, you send one of his to the morgue. That's the Chicago way, and that's how you get Capone! Now do you want to do that? Are you ready to do that?

    1. Re:We have to hit back and hit back HARD by Anonymous Coward · · Score: 0

      The time for talking is over. Now call it extreme if you like, but I propose we hit it hard and we hit it fast with a major and I mean major leaflet campaign.

    2. Re:We have to hit back and hit back HARD by icannotthinkofaname · · Score: 1

      He sends one of your servers to the IT department, you send one of his to the morgue.

      *exploits bad wording*

      What good does it do to send one of his servers to the morgue? Aren't morgues designed to handle people who get shot, not computers?

      --
      Let q be a radix > 1. I am in ur base-q, killing 10 d00ds.
  4. Terminator opening weekend by Anonymous Coward · · Score: 0, Offtopic

    This is not a coincidence, skynet is obviously behind this.

    1. Re:Terminator opening weekend by ImYourVirus · · Score: 0, Redundant

      Might first thoughts exactly, skynet...

      --
      Why is common sense called that if it's not common?
  5. The are requesting a hard-target search... by Anonymous Coward · · Score: 0

    ...of every gas station, residence, warehouse, farmhouse, henhouse, and Dr. House.

  6. Linux... by Darkness404 · · Score: 1, Insightful

    Why doesn't the government switch to Linux already? Sure, you can get a Linux virus, but to get one it takes work. On the other hand merely browsing a site in IE can give you viruses in Windows.

    --
    Taxation is legalized theft, no more, no less.
    1. Re:Linux... by Darkness404 · · Score: 4, Interesting

      How many people have gotten a virus from surfing a site using Linux? Very, very, very, few, to non existent. Sure, Linux is vulnerable but it isn't targeted, the diversity in distros, kernel versions, browsers, etc. help keep the target moving. About the only way to get a virus, in the wild is to download and explicitly install a virus or a trojan.

      --
      Taxation is legalized theft, no more, no less.
    2. Re:Linux... by ElKry · · Score: 1

      Of course, the USA government choosing a Linux distro would not make Linux more vulnerable, and its sourcecode more scrutinized at all.

    3. Re:Linux... by santax · · Score: 2, Interesting

      Don't get me wrong, I love linux, Debian-fanboy for many a year. Everyday I have to run apt-get update && apt-get upgrade to keep my system secure. Not everyday it is a possible remote exploit, but there is always some security related bug to fix. Linux may have a better implementation to keep those risks from escalating quickly compared to windows, but I would not run nation-critical apps on it. Not at this point in time. I would look at Openbsd. And saying that, I noticed a lot of comments about openssh lately on fulldisclosure... And another major factor is economics. MS won't take to kindly to people switching on them. And that really is something to take with you when deciding to switch. There is a lot on stake. And there is a lot to lobby for. Linux doesn't lobby, openbsd even less. I don't see Theo explaining to them why they should switch to openbsd and if he did... they would probably tazer the crap out of him. Opensource and especially OpenBSD has a lot going for it when it comes to security, but there is nobody out there who really understands,that you need a lobby to make it happen. And goverments need things like 'support'... Ever asked a question on the openbsd-mailinglist? Without being flamed?

    4. Re:Linux... by Darkness404 · · Score: 1

      Who said they had to choose one? Just create your own. As long as you aren't distributing or selling it, you are free to keep the source to yourself.

      --
      Taxation is legalized theft, no more, no less.
    5. Re:Linux... by ElKry · · Score: 1

      Step 1: Ditch a closed-source product Step 2: Choose a better open-source alternative Step 3: Close the source.

      Did you even think that before posting it?

    6. Re:Linux... by Krneki · · Score: 2, Insightful

      They are too lazy to learn a new desktop.

      They rather get infected every now and then. After all it's your money they are spending.

      --
      Love many, trust a few, do harm to none.
    7. Re:Linux... by TubeSteak · · Score: 2, Insightful

      Sure, Linux is vulnerable but it isn't targeted, the diversity in distros, kernel versions, browsers, etc. help keep the target moving.

      1. If the Government switches to Linux, there will not be a diversity in distros, kernel versions, browsers, etc.
      2. Assume that, like the current windows installation, there will be gaping security holes due to mismanagement and misconfiguration.
      3. The US government is an awfully big target and if they switch, you will see significant, concentrated effort on exploiting whatever distro and apps the Feds chooses.

      --
      [Fuck Beta]
      o0t!
    8. Re:Linux... by Norsefire · · Score: 3, Insightful

      Step 1: Ditch a closed-source product notorious for exploits and viruses
      Step 2: Choose a better open-source alternative notorious for its security and stability
      Step 3: close the source

    9. Re:Linux... by wh1pp3t · · Score: 1

      Large organizations and especially the government would disable sudo sysadmin_command for users (so, no apt-get/aptitude/etc..); furthermore, patches are tested prior to deployment; which happens on a scheduled basis. We all know how dynamic IT project management is...
      They (IT) would have to work closely with a vendor, such as RedHat or Novell to manage patch rollouts.

      Good bye quick and timely security updates.

    10. Re:Linux... by Anonymous Coward · · Score: 0

      Agreed.

      OpenBSD is very solid, well-designed and secure operating system. Linux does not come to even close with these criteria.

      Yet I do not use it because I can not take the community. OpenBSD would have done so much, so much better without the hostile attitude and the general asshattery that plagues the whole community.

    11. Re:Linux... by Animaether · · Score: 4, Insightful

      Step 4: watch a lower ranking employee click on the HappyFunTime executable in their mail
      Step 5: Priceless.

    12. Re:Linux... by psnyder · · Score: 2, Informative
      You mean like SELinux?

      SELinux Background

      Researchers in the National Information Assurance Research Laboratory of the National Security Agency (NSA) worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on Type Enforcement, a mechanism first developed for the LOCK system. The NSA and SCC developed two Mach-based prototypes of the architecture: DTMach and DTOS. The NSA and SCC then worked with the University of Utah's Flux research group to transfer the architecture to the Fluke research operating system. During this transfer, the architecture was enhanced to provide better support for dynamic security policies. This enhanced architecture was named Flask. The NSA integrated the Flask architecture into the Linux® operating system to transfer the technology to a larger developer and user community. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solarisâ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.

    13. Re:Linux... by Antique+Geekmeister · · Score: 1

      Because of two key applications. Microsoft Word, which many bureaucrats throughout the world but especially in civil services use to write their paperwork. And Microsoft Exchange, which although it is a security issue is widely deployed and has a pretty good calendar function.

    14. Re:Linux... by DrgnDancer · · Score: 1

      Yes, but as far as I can tell the only thing SELinux accomplishes is to make the Operating system virtually useless as anything other than a desktop. The first thing most admins I know do upon installing a new server is disable SELinux. It's possible (possible) to use SELinux on a server, but it usually requires days of tweaking settings, and winds up eliminating a good part of the benefit of the hardening.

      --
      I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
    15. Re:Linux... by Anonymous Coward · · Score: 0

      But at least we can conclude: Move away from Windows!

    16. Re:Linux... by chill · · Score: 1

      Then contract the NSA to train a bunch of people to properly configure SE Linux with targeted policies.

      Develop targeted policies for the various government departments and offices. Create proper images so machines are correctly locked down from the install.

      It isn't *hard* to configure systems to be secure, it is unpopular and time consuming. Apply the same logic used with firewalls -- default deny -- and you're much further along the path of secure computing. That is, explicitly allow only needed binaries to run and deny all others. In certain environments, such as law enforcement, this should be a bit easier than others.

      I've done this. It is very unpopular and always fun to explain why people are not allowed to plug their iPod, camera or other gadget into their office PC. No, you can't download the software to automatically change your cursor, screensaver or desktop wallpaper. Etc.

      --
      Learning HOW to think is more important than learning WHAT to think.
    17. Re:Linux... by Anonymous Coward · · Score: 0

      Because the government is too stupid to use anything other than windows.

      Not troll/flamebait, it's just the truth.

    18. Re:Linux... by DrgnDancer · · Score: 3, Interesting

      Especially 2. I work for a government contractor. The amount of stupid pointless shit we have to do in the name of "security" while leaving HUGE GAPING HOLES untouched just hurts my head. It's like our security policy is designed by ADD addled five year olds. They read about something in a magazine and think "Oh, shiny!" They quickly write some insane, over the top, policy to "solve" the "problem" and keep reading the magazine. It's great assuming that the article covers all possible security problems ever, or that it contained actual solutions instead of stuff that kinda sounds like it ought to fix a problem.

      The latest brainstorm is that we are switching to 12 character passwords which change every 60 days. This is almost certain to result in:

      a) People forgetting their passwords, requiring continuous password resets
      b) People writing down their impossible to remember, constantly changing, password
      c) Both (a) and (b)

      Meanwhile, we still have a number of systems that use rsh (No, not Kerberized rsh, the plain 30 year old version with .rlogin files.). Granted this is an isolated network, with no Internet access at all. We're not likely to be attacked by outside entities. But if you trust the users of the isolated network enough to assume that they are not going to take advantage of the multiple and well published rsh vulnerabilities, why don't you trust them enough to assume that they are not running password crackers?

      --
      I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
    19. Re:Linux... by thatkid_2002 · · Score: 1

      BSD would be too hard and expensive to implement. Why not a commercial distro with SELinux to make sure it is an extremely hard nut to crack? I think that would be the best way to spend tax-payer monies.

      There is many consultants and support vendors for Linux and many people to create and run the systems. Linux admins are generally much more aware of how systems work so with good admins, enterprise grade distro and SELinux I think Linux can run "nation-critical" systems just fine... Just as long as you don't install Adobe Flash

      9 times out of 10 issues like these usually can be attributed to lazy Windows admins.

    20. Re:Linux... by Thad+Zurich · · Score: 1

      Lawyers. The government does not really recognize the concept of FOSS, only "COTS" and "GOTS". If the government didn't write it, then the lawyers insist on having a vendor to sue, even if that vendor can disclaim all liability, and/or limit remedies to "refund of purchase price". The number of government-operated facilities capable of GOTSifying FOSS is relatively limited, and doing so is not part of their mission. Finally, there is no political incentive to do this (quite the reverse, thanks to vendor lobbying).

    21. Re:Linux... by mrmeval · · Score: 1

      Geektas are too elitist to design a comfortable desktop for people switching from winodws. If it all "Just worked" like windows no one would give a fuck in a locked down environment. Same look and feel, same hot keys in every app.

      FUCKING CUT AND PASTE THAT FUCKING WORKS.

      --
      I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
    22. Re:Linux... by Niten · · Score: 2, Interesting

      Everyday I have to run apt-get update && apt-get upgrade to keep my system secure. Not everyday it is a possible remote exploit, but there is always some security related bug to fix. Linux may have a better implementation to keep those risks from escalating quickly compared to windows, but I would not run nation-critical apps on it. Not at this point in time.

      I think you're making the classic mistake of equating the number of patches seen with the actual number, and severity, of vulnerabilities. Of course Debian gets more patches more often than Windows: the Debian security team sends out fixes for security vulnerabilities as soon as they're discovered, rather than leaving users exposed by waiting up to a month and fixing (some, but often not all) of the most critical known vulnerabilities in monthly roll-ups. And of course Debian sees more patches, when nearly all of the desktop applications on a Debian system are handled by apt; Windows Update only takes care of patching the operating system itself.

      So when it comes to a question of which operating system to run sensitive government services on, patch counting is worse than useless. Things that are worth considering are the tractibility of the system's security model, and exploit mitigation techniques or fine-grained mechanisms for least-privilege, such as SELinux.

    23. Re:Linux... by xous · · Score: 1

      Just because the system administrators you know are incompetent does not mean the feature is useless.

      I'm not saying writing good SELinux policies is easy but most if not all are already written for you by people that know what they are doing.

    24. Re:Linux... by Krneki · · Score: 1

      I give you that, but surely the security issues outweighs the comfort of the users. At least for critical systems like this one.

      --
      Love many, trust a few, do harm to none.
    25. Re:Linux... by mrmeval · · Score: 1

      I've complained about cut and paste for more than a decade. It's not been fixed, it's never been fixed and I'm sure it won't be fixed.

      Linux is secure. All the crap you see is overlay and that does not much effect security. Linux has so many security tools that you have to work to create an insecure system.

      I let a friend use Ubuntu the "zOMG KILLAH OS", they're now running Pista. The Luddites will never come to a Linux desktop unless you cater to them. No one gets that and they piss themselves when you suggest it.

      Your comment BTW is the calmest I've seen on this in a long time. Thanks. :)

      --
      I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
    26. Re:Linux... by azrider · · Score: 0

      Linux may have a better implementation to keep those risks from escalating quickly compared to windows, but I would not run nation-critical apps on it. Not at this point in time.

      But you would on Windows?????

      --
      And ye shall know the truth, and the truth shall make you free.
      John 8:32(King James Version)
    27. Re:Linux... by TheRaven64 · · Score: 1

      How many have? I don't know. How many could have? Any that had a JVM installed and the Java plugin. Or were running one of the several vulnerable versions for FireFox that have been released in the last year. Or who didn't even need to click anything and just happened to be on a network where someone used the SCTP vulnerability from last month that allowed remote, kernel-privileged, arbitrary-code execution.

      --
      I am TheRaven on Soylent News
    28. Re:Linux... by ion.simon.c · · Score: 1

      Twelve character passwords?! That's fucking crazy.

      I've spent the past few minutes trying to come up with a rationale for long-ass passwords that get transmitted in plaintext over the wire, but am utterly unable to...

      Here are my thoughts:

      * Given that you have an isolated network, your machines are probably in a reasonably secure building.
      * Folks who aren't employees are probably escorted around by someone who's involved with building security.
      * Given that "untrusted" "visitors" are escorted, there wouldn't be much of a chance for them to try to guess a system password or stick an inline packet sniffer on a wall jack, so these policies aren't written to protect against them.

      * Given that you express concern about rsh's unencrypted nature, this probably means that you don't use anything like IPSec.
      * If you don't use IPSec, you probably don't encrypt your systems' harddisks.
      * I also bet that you have CD/DVD burners on your isolated network. :)

      Do you -at least- search visitors before they leave the building to be certain that they haven't nicked a harddrive?
      If so, do you search your employees as well? :)

    29. Re:Linux... by Darkness404 · · Score: 1

      ...But they haven't. Its like saying that a meteor from the sky could come down at any moment, crash through your roof right on your head killing you at the moment. You can find past meteors that could have done it, but its unlikely and hasn't happened. Same thing with a Linux vulnerability. Sure they *do* happen, the point is, its very unlikely a site would capitalize on them infecting a box with malware. No system is 100% secure, however Linux is about the most secure by default you can get from non-human attackers. Once you have a competent hacker attempting to breach the system though, you are dead meat unless you have carefully controlled policies. But most people, even the government's most common threat isn't Joe Hacker but rather Drive-By-Download.b.exe.

      --
      Taxation is legalized theft, no more, no less.
    30. Re:Linux... by Anonymous Coward · · Score: 0

      Pardon me? Here's my challenge - I run Ubuntu 8.10 and my browser is Firefox, I want to see a url that I can go to and have it show me the last line of my /etc/shadow file, I'll throw in $20 US if it can give the plaintext password that's hidden there.

      Linux has low security in only one area, physical security, if I have access to the box, I can almost certainly read any file on it or install any software, but other than that, good luck.

    31. Re:Linux... by Anonymous Coward · · Score: 0

      The summary indicated this only affected their external, unclassified networks. This is why they have separated networks. Yeah, they'll probably be overtime involved in the cleanup, and someone will get a black mark in their file. It may give the FBI some real incentive to look into this. I hope when they catch the individual that launched the virus that they're in US jurisdiction, and it's someone that belongs in prison, not some idiot script kiddie,because they'll likely set an example with this case.

    32. Re:Linux... by theaceoffire · · Score: 1

      If they are using linux, the worst they can do is hose their local settings and local files, not the files/settings of the whole network.

      Just don't give them admin rights, and you are good.

      --
      I steal signatures. This one used to be yours.
    33. Re:Linux... by Animaether · · Score: 1

      does your user work with important documents? Now they're hosed.
      does your user work with other people using a shared network resource? Now those are hosed.
      ( yes, I'm sure they keep backups. But do they keep live, instant backups? )
      does your user use e-mail? Great, that machine is now a spam service zombie.
      does your user have access to the internet at large? Now that machine is part of a DDoS network, too. In addition, those important documents just got sent do the hoodlums' stashing place.

      Congratulations on having a more difficult - if not impossible - to access root account, thus preventing problems with any other accounts on the machine, let alone some manner of domain-wide issue, but you can still be well and truly f'ed even in a lowly user account.
      That's not to say steps 1, 2 and maybe 3, aren't good steps to take... but they do nothing against the most common attack vector of all time: users doing stuff they shouldn't do, and can't be prevented from doing technologically because it would prevent them from doing what they -need- to do.

      This argument's been had before and others have explained all this far more eloquently than I can, so just search around / on slashdot.

  7. the net by Anonymous Coward · · Score: 0

    the net is becoming self aware... quick, write down the internet in the notebook.

  8. Sensitive networks should be treated as such by davidwr · · Score: 5, Interesting

    More and more, sensitive corporate and government networks will need to be isolated or at least mostly isolated from non-sensitive networks and the Internet.

    They may not need an air gap but they will need to be isolated enough to prevent general problems like viruses.

    They also need to be run with the philosophy of "every other machine or user on my network could become compromised (infected or bribed) at any time."

    A couple of possible solutions:
    *Give employees 2 computers with a KVM, one for surfing the web and access to non-secure data, one to access secure data.
    *Give employees a multi-homed, ROM+read-only-USB-stick-for-configuration-data-boot "thin client" that's stripped down and hardened, with no copy-and-paste, no network bridging, and other designed way for one remote server to influence the other. Then have them connect to different servers on different networks for different needs.

    If your security requirements are extreme, use an air gap.

    In either case, don't forget to take countermeasures against human idiocy, ignorance, and bribery/blackmail.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:Sensitive networks should be treated as such by mbone · · Score: 1

      Security regs in the USG mandate this sort of stuff for Classified information.

    2. Re:Sensitive networks should be treated as such by Anonymous Coward · · Score: 0

      Generally, I recommend Mac for brain-dead users whose computers I don't want to fix every 3 days. There is simply less chance of such problems... randomly. Most exploits target Windows and MSIE, simple as that. More and more, we are seeing targeted attacks. The targetted attack is most successful when the contents of the network are known. So get one machine compromised (advanced scout), survey the network to see what's out there, then plan the real attack. There are abundant attacks for Mac and even Linux. In the event of targeted attacks, all bets are off. "Reputation" for security only serves the attacker because the defences of the machines will likely be lower on those machines considered "more secure."

    3. Re:Sensitive networks should be treated as such by Anonymous Coward · · Score: 0

      They do have very similar practices like the ones you mentioned above at the NSA

    4. Re:Sensitive networks should be treated as such by Anonymous Coward · · Score: 0

      Blah blah. So much horseshit. Just get rid of fucking Windows you fucking twit.

    5. Re:Sensitive networks should be treated as such by Anonymous Coward · · Score: 0

      It is pretty sad that my office computers are more secure than 99% of all government agencies. When will they learn that all the firewalls and programs in the world will not stop hackers.
      The only thing that is 100% secure is the combination of biometric authorization and encryption. You cannot duplicate a live beating fingerprint combined with 256 AES encryption.
      The system we bought at www.bsgi-usa.com also eliminates the possibility that any malware can be uploaded to any server or desktop as it requires an authorized biometric signature logon.

  9. US Marshals! by schmidt349 · · Score: 1

    What I want from each and every one of you is a hard-target search of every JPEG, MPEG, EXE, PXE, hard drive, flash drive and floppy drive in that area. Firewalls go up on every computer. Your fugitive's name is Neeris. Go get him.

  10. Bold claim by Daimanta · · Score: 4, Insightful

    "said that no data has been compromised but the type of virus and its origin is unknown."

    How do they know that there was no data compromised if they don't even know the type of the virus?

    --
    Knowledge is power. Knowledge shared is power lost.
    1. Re:Bold claim by maxume · · Score: 2, Insightful

      Perhaps the network is reasonably self contained?

      The article says they shut down internet access, but it doesn't really make it clear if the computers in question have any connection to the internet or not.

      --
      Nerd rage is the funniest rage.
    2. Re:Bold claim by Psyborgue · · Score: 2, Insightful

      How do they know it's even a virus. "virus" is often a silly excuse for "embarrassing human error".

    3. Re:Bold claim by Anonymous Coward · · Score: 0

      Perhaps the machines with data that could be compromised have an access log that can't be without direct physical access.

    4. Re:Bold claim by Celeste+R · · Score: 1

      Compromised can mean various things, according to the context. Flexible English is wonderful, isn't it?

      In the mental context of a person who deals with valuable data (like criminal scenes and such), compromised data is missing data. And what would you know, the FBI and the US Marshal's offices both deal with valuable data.

      In the mental context of say... a spy, compromised data is known (copied) data. The FBI isn't a spy agency, and the US Marshal's office isn't either, even if they can be secretive.

      I personally would opt to use the word 'compromised' in a manner that would give people the closest idea to the truth, and not in a vague manner that could be the next misunderstanding.

      Granted I'm biased because I've seen a lot of spy and police movies... but what do you know, even government agents could use an English lesson!

      --
      There are no perfect answers, only the right questions. More questions at http://foresightandhindsight.blogspot.com/
    5. Re:Bold claim by grahamd0 · · Score: 2, Informative

      The FBI isn't a spy agency...

      Actually, they are. The FBI is largely responsible for intelligence gathering and counter-intelligence within the US.

      http://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation

    6. Re:Bold claim by Anonymous Coward · · Score: 0

      Because they say they know.

      1984 Being unrolled before our eyes ladies and gentlemen. Obedience is Freedom

    7. Re:Bold claim by Thad+Zurich · · Score: 2, Insightful

      There would seem to be a high probability that such a network is monitored by one or more IPS' that log and archive all outbound packets. If the time of infection can be established, then it should be possible to estimate the amount of exfiltrated data.

    8. Re:Bold claim by noidentity · · Score: 1

      So basically, "We aren't aware of any compromised data, so we're assuming there are none. Also, we don't know the type of virus or its origin, so we're likewise assuming it has no type and came from nowhere."

    9. Re:Bold claim by MobileTatsu-NJG · · Score: 2, Interesting

      How do they know that there was no data compromised if they don't even know the type of the virus?

      For the same reason that if I got a virus, none of your data would be comporomised. Seperate network, like it said in the summary. :P

      --

      "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

    10. Re:Bold claim by Anonymous Coward · · Score: 0

      No data was compromised because it was on their unclassified network. I'm sure since its unclassified, No classified data or information is stored on that network....

  11. quick! by papabob · · Score: 1

    We need to start looking for destroyed helicopters in order to find John McLane!!

  12. Maybe they recently bought some new computers? by sk999 · · Score: 2, Informative
    "Malware found on brand new Windows netbook"

    http://www.itbusiness.ca/it/client/en/home/news.asp?id=53225

    1. Re:Maybe they recently bought some new computers? by ImYourVirus · · Score: 1, Funny

      Yeah it's called windows *laughs*

      --
      Why is common sense called that if it's not common?
    2. Re:Maybe they recently bought some new computers? by Anonymous Coward · · Score: 1, Insightful

      If they aren't dropping their own image on new computers they get, there's something wrong with their IT department.

  13. DGHFJ by Anonymous Coward · · Score: 0

    nice RTICLE --

  14. How do they know ? by mbone · · Score: 3, Interesting

    The spokeswoman said :

    "no data has been compromised but the type of virus and its origin is unknown"

    That is an extraordinary statement. How would they know ?

    If I was head of IT there I would assume that that was not true. Even if there was a completely different computer system for any sensitive information, data has a way of leaking to where it shouldn't be. Of thousands of people, not one put notes or passwords or whatever on the insecure side of the line ?

    Regardless of what they tell the press, I hope that internally they are assuming that this is a breach, and acting accordingly.

    1. Re:How do they know ? by Celeste+R · · Score: 1

      Compromised data isn't always copied data; sometimes it's missing data.

      To someone who forgot some of the meaning of their college English lessons, they may have also forgotten there's a difference between the two.

      --
      There are no perfect answers, only the right questions. More questions at http://foresightandhindsight.blogspot.com/
    2. Re:How do they know ? by tendrousbeastie · · Score: 3, Insightful

      Well exactly. What their spokeperson says doesn't necessarily have any correlation to what their head of IT thinks.

      The spokesperson's job is to put the best spin on things. Saying "We lost loads of public data" would not be doing their job well.

    3. Re:How do they know ? by moderatorrater · · Score: 1

      What their spokeperson says doesn't necessarily have any correlation to what their head of IT thinks.

      From my experience, what the PR people say is correlated with what the IT people think. However, the correlation is negative.

    4. Re:How do they know ? by rhook · · Score: 1

      How do you lose "public" data? The classified stuff is what you need to worry about.

  15. UNIX email virus by Gary+W.+Longsine · · Score: 4, Funny

    Please copy this file to your hard drive, decompress it, untar it, chmod it, and place an entry in the root crontab... so I can have your advice.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
    1. Re:UNIX email virus by TheLink · · Score: 1

      Nah just save it as "dancing_pigs" and then run: perl dancing_pigs

      While most users will jump through hoops to see dancing pigs/bunnies, if you make it easier, more of them will do it.

      --
    2. Re:UNIX email virus by Ian+Alexander · · Score: 3, Funny

      Wow! I don't even have to compile it from source?

    3. Re:UNIX email virus by cenc · · Score: 1

      Or recompile the module for my kernel.

      --
      Living in Chile
  16. Tommy Lee Jones by Anonymous Coward · · Score: 0

    Tagged tommyleejones. :)

  17. LOL!... Re:Bold claim by Anonymous Coward · · Score: 0

    Don't tickle yourself because they don't know what's missing yet. Just waiting to hear the screams in the next few days when they do. Something tells me this is directly related to the recent Virginia medical record fiasco, and more importantly the governments complete ignorance of the incident in light of the Obama administration pushing the private healthcare industry into government mandated electronic records (only to be supplied by GE, whom financed Obama's compaign).

    On a broader note: Seriously, you didn't think people would be upset by any form government oppresion? Common people, wake up.

  18. Typical Bold Claim, Scenario A14 by Gary+W.+Longsine · · Score: 5, Insightful

    This claim is made by nearly every spokesperson for any major organization which is forced to disclose a malware attack to the public. In nearly every case the claim cannot be substantiated. Run of the mill malware often scans hard drives and uploads data to remote servers over encrypted connections. Most organizations have no way of knowing if these even happened. They don't know how long they have been infected. They don't know if the attack is directed at them, specifically (and thus might be smarter about hiding its activity). These folk really don't know yet what the extent of the damage is. The stock line should be, "we don't know", not, "nothing bad happened". Something bad happened -- malware got on your network and spread. That much is clear.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
  19. classified vs sensitive by davidwr · · Score: 3, Interesting

    True, US-government-classified material does have to be regulated.

    But what about the human resource database of the United States Postal Service, with its employee birth dates and social security numbers? What about the customer database at American Airlines, with its juicy collection of credit card numbers? What about your medical insurer, which may have lots of information about your or your children's health you don't want entering the public domain? What about the bank teller whose terminal let's her do almost anything with people's money?

    It's probably a bad idea to let computers which have access to that kind of data, particularly write-access, to access the Internet or an unsecured network unless absolutely necessary to do the job. Sometimes, you have to allow such access if you are going to allow certain services, like allowing people to order products or services with credit cards from home, or do home banking. However, at least in these cases you can limit the potential damage to what that customer is allowed to access. If you allow people with wholesale access to sensitive databases to "work from home," give them a separate, secure computer that runs on an isolated LAN at the person's house, tunnel everything over a VPN, and block all non-VPN traffic except that needed to establish the VPN. Better yet, give them a separate real connection straight back to the corporate glass tower, bypassing the Internet entirely. Even better yet, don't let them work from home.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  20. There's a name for that virus by davidwr · · Score: 3, Funny

    It's known as the "fastlead" virus, and it's frequently game over if you get infected.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  21. The government should retaliate in force by David+Gerard · · Score: 3, Funny

    US Air Force General Kevin Chilton, head of US Strategic Command, has said that attacks on the United States via the Internet could merit a conventional military response.

    "I don't think you take anything off the table. We're particularly looking toward one group in Seattle."

    The Seattle-based insurgent group is thought to have seeded American government and military computers with millions of copies of malware that allows attackers easy access to any data stored on the computer, or indeed to take complete control of the computer and use it for their own ends as part of a massive "botnet" to mount further attacks. The malware, "Windows," makes securing a computer running it almost impossible.

    "Turning Seattle into a glass crater would only be undertaken strictly as the minimum required surgical military action," emphasised Chilton, "and not in any way out of twenty-five years' bitter resentment and frustration at computing machinery."

    Chilton stressed that members of the US military must begin to think of their computers as the front lines. "Do you realize that in addition to adding Windows to computers, why, there are studies underway to Windowsize salt, flour, fruit juices, soup, sugar, milk ... ice cream. Ice cream, Mandrake, children's ice cream! I can no longer sit back and allow Windows infiltration, Windows indoctrination, Windows subversion and the international enterprise licensing conspiracy to sap and impurify all of our precious bodily fluids!"

    The Obama administration is currently reviewing the United States' cyberspace defense policy. "We're considering all options thoroughly," said the President, closing his MacBook and looking lingeringly at the red button on his desk.

    --
    http://rocknerd.co.uk
    1. Re:The government should retaliate in force by Anonymous Coward · · Score: 0

      God, your blogspam gets funnier and funnier every day.

  22. Linux is not the ultimate in security by davidwr · · Score: 1, Insightful

    Well, maybe some hardened versions but not the run of the mill version.

    If you want hardened computing, you want:

    *A hardened network, with hardened human access
    *A hardened computer, with hardened human access
    *A hardened OS or one that comes pre-hardened by design. SELinux, OpenBSD, some specialty flavors of MS-Windows, some small/embeded-systems OSes, some Unix-style OSes, and some mainframe-type OSes qualify
    *Hardened sofware all the way around
    *People who are trained in security in general and trained how to use the computer properly and how to spot people who are trying to compromise it or the network

    Do you really want hardened computing?

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:Linux is not the ultimate in security by Mashiki · · Score: 1

      You seemed to have forgotten something: You don't want it connected to the internet.

      --
      Om, nomnomnom...
  23. Am I completely paranoid by Psyborgue · · Score: 1

    Or does this sound like a cheap stunt to cook up funding for "cyber warface" and somesuch. Virus my butt... Some idiot probably tripped over a server power cord, sent half the FBI down, and now the bozos in charge are trying to use it as an excuse to get more taxpayer cash.

  24. What, really? by Anonymous Coward · · Score: 0

    There is absolutely no tag for this article saying "haha" or anything similar?
    Shocking /., shocking.

  25. Sure some mysterious virus. by PieceofLavalamp · · Score: 2, Insightful

    Sure some mysterious unknown virus. Or Someone broke/deleted something and didn't know how to fix it. I mean would you want to tell the FBI you broke their computers?

  26. Merely a virus? It could be worse, much worse. by hoarier · · Score: 1

    This is sounding more and more like Plan Nine from User Space.

  27. In other news... by toby · · Score: 3, Interesting

    700,000 desktops in the US Army are going to be upgraded to Vista.

    --
    you had me at #!
  28. Any comments from the WHO on this topic ? by dottedBrain · · Score: 1

    Any known vaccines ? And what is the fatality rate ?

  29. Dangerous!!! by kkandnathan · · Score: 0, Troll

    so many virus !!! no Internet would be not much danger . http://www.nowgoal.com/17.shtml

  30. multilevel security by Anonymous Coward · · Score: 1, Interesting

    *Give employees 2 computers with a KVM, one for surfing the web and access to non-secure data, one to access secure data.

    Or use one operating system that allows different levels of security on one system, with different applications each running at different levels, and with access to variously segmented networks spanning from unclassified to top secret:

    http://en.wikipedia.org/wiki/Trusted_Solaris

    It's called multi-level security, and the DoD already uses it.

    1. Re:multilevel security by Anonymous Coward · · Score: 0

      except multi-level security doesn't do shit when the system is compromised... oh, such as the case of a computer virus. Unless the hardware is designed with that in mind, no OS in the world can get around that.

  31. FBI, US Marshals Hit By Virus by captnbmoore · · Score: 0, Flamebait

    That's why it's called the swine flu

    --
    The Navy Motto "IF it ain't broke Fix It" "A day is wasted if you don't learn something new"
  32. Hmmm Cui Bono or could be the sibling rivalry... by Phizzle · · Score: 1

    Check with the lads at the CIA.

    --
    I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
  33. virus and the urinals by juggledean · · Score: 1

    somehow this seems related to the urine candid camera post earlier today

  34. Libel by Anonymous Coward · · Score: 1, Funny

    They're the government, they're not supposed to lie.

  35. Houston's Hobby Airport by WED+Fan · · Score: 2, Funny

    Maybe the virus writer is a disgruntled Pisser that didn't like DHS invading his personal pee space during a lay over in Houston?

    --
    Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
  36. Simple Solution by omb · · Score: 1

    __STOP__ USING WINDOWS, and don't allow users to get root.

  37. No I didn't :) by davidwr · · Score: 1

    A hardened network, with hardened human access

    Show me a hardened network connected to the Internet and I'll show you a self-contradiction.

    I get your point though: If you are connected to the Internet, there's an upper limit on how secure you can be.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  38. I wonder if... by Mark_in_Brazil · · Score: 1

    I wonder if Microsoft and some of the organizations it has hired to produce Total Cost of Ownership (TCO) reports take things like this into account.

    If we're betting, I'll take "no."

    --
    "It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
  39. They do this everytime by Anonymous Coward · · Score: 0

    Stalled legislation anyone

  40. DCS 1000, dood!!! by sgt_doom · · Score: 1

    Dood, these people are the FBI -- they know EVERYTHING (DCS 1000, plus gruvy software by number one intel contractor, S.A.I.C.). Also, I have the same false positives whenever I download porn, too......

  41. Hmmm...... Border Patrol too????? by phageman · · Score: 1

    Maybe coincidence, maybe not. I happened to be crossing the border back into the U.S. from Niagara Falls on Thursday afternoon when the Customs and Border Patrol computers at the entry port started to randomly shut down. It took over two hours of waiting for them to finally call the ATF to run our passports. Lo and behold, the FBI system was their backup! This is the side-effect of inter-agency connectivity: if you CAN successfully launch an attack, you can take down EVERYBODY.

  42. Double Whooosh by Anonymous Coward · · Score: 0

    *whoosh*

  43. Re: Triple Whooosh by CarpetShark · · Score: 1

    *whoosh*

    See? I can do it too. Are we done yet, or would you like to play at 2-year-olds some more?

  44. Hardware by davidwr · · Score: 1

    If you hardware doesn't give you the tools to implement layered security, you don't have layered security.

    Even the lowly 80286 chip offered memory protection and privileged APIs.

    In the mainframe world, "escaping" from a virtual machine and taking over the supervisor process was hard and absent bugs, should be impossible. Ditto breaking out of a Windows/VMWare/etc, Java, or other virtual machine.

    It's worth repeating: In a system with layers like the grandparent post mentioned, either you have good security, or you don't have layered security or any security at all.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  45. Who else wnats to use wondows? by Anonymous Coward · · Score: 0

    Damn! How long are they going to use that win32crap all over the critical networks? They wanted it - that got it!