Trojan-Infected Computer Linked To 2008 Spanair Crash

An anonymous reader writes "Two years ago, Spanair flight JK-5022 crashed shortly after takeoff in Madrid, killing 154 of its 172 passengers and crew. El Pais online newspaper reports that the ground computer responsible for triggering an alarm after three failures are reported in a plane failed to do so. The computer was infected with trojans (Google translation of Spanish original)."

Mission Critical

If there ever was a computer that needed to be kept running this was it! WTF - I think some managers need to get investigated.

Re:Mission Critical

[NotBornYesterday]

The computer, located at the headquarters of the airline in Palma de Mallorca, emits an alarm signal on the monitor when you register three similar technical problems in the same device

Pardon me if something got lost in translation, but why the hell was was there not a computer on board that could have registered a series of failures and alerted the crew? It seems that would have been useful information for them to have.

Re:Mission Critical

[DougF]

Hate to rain on the IT parade here, but the investigation revealed that the aircrew had the aircraft on "in-flight" mode, leading to erroneous indications (forcing the first abort), and then excluding the no flaps/no slats pre-takeoff configuration error warning. The crew also called for the flaps/slats settings to be proper without actually checking them. In effect, they were able to defeat three separate safety measures to prevent exactly this kind of mishap from happening.

It does not appear that an infection of the mainframe maintenance computer is anything more than a side note in this particular mishap. It may, however, be something for airline maintenance personnel to be aware of to prevent future incidents.

The real question is why the aircrew are allowed to override a weight-on-wheels (WOW) sensor, when that is primary used for troubleshooting by ground crews. Putting the aircraft into "flight" mode while on the ground requires special attention to actions/procedures (as in when a USAF F-4 shot up a maintenance truck when the WOW switch was in override and the weapons crew performed an ops check on the gun system--ops check good, BTW).

Re:Mission Critical

[tuxgeek]

A computer controlling in-flight operations infected with trojans translates to a computer running MS windows. Why the fuck would anyone even think of this? This is like building a suspension bridge using legos and 6 year olds doing the assembly.

So when I fly, is my life really dependent on a tinker toy OS? That's fucked up! Someone should be beaten to death for this idea.

Re:Mission Critical

[mhajicek]

You mean that scene in "Jewel of the Nile" wasn't realistic?

Re:Mission Critical

[DougF]

Maybe I wasn't clear, the mainframe in maintenance has nothing to do directly with inflight operations. The computers on board are completely independent of those in the maintenance system. Now, if there are wireless connections, allowing the maintenance mainframe and the aircraft to share information, it MAY be possible for a virus to gain access to the aircraft, but I am pretty sure this has not happened yet, possibly to the security in place, or possibly no one has really tried to infect an aircraft with a virus.

Indirectly, the maintenance mainframe's failure to alert on related system faults MAY be a factor in future mishaps, but it does not appear that the infected mainframe had anything to do with this one.

Re:Mission Critical

[LWATCDR]

Honestly Windows 7 and XP are not tinker toy OSs. They are not Windows 98 folks. In fact that are not terrible OSs at all.
Most "security" problems I have seen are caused by User IQ errors more than anything.
For an embedded system that you are not going to let your kids surf the net on it isn't too bad.
I would rather see something like QNX, Solaris, AIX, VMS, OpenBSD or even Linux used for this kind of system but Windows does have good development tools, lots of developers, and runs on the vast majority of COTS hardware.
Trust me at some point there will be enough Linux users that a good number of them will be dumb enough to run an attachment found on their email.

Re:Mission Critical

[DougF]

Correct, for exactly that reason...

Re:Mission Critical

A computer controlling in-flight operations infected with trojans translates to a computer running MS windows. Why the fuck would anyone even think of this? This is like building a suspension bridge using legos and 6 year olds doing the assembly.

So when I fly, is my life really dependent on a tinker toy OS? That's fucked up! Someone should be beaten to death for this idea.

Reading comprehension = fail.

Re:Mission Critical

[blair1q]

You're confusing mission critical for safety critical.

Re:Mission Critical

[NotBornYesterday]

Thanks for the excellent info.

And the building-a-better-idiot arms race continues ...

Re:Mission Critical

[davester666]

I would say it's stupid for any computer that is interconnected with any 'controller' computer on a plane/train/automobile/bicycle to run an operating system that is commonly hacked by script kiddies as well as targeted hacks.

I would say there are two main groups of hackers:
1) group wants to control X computers, for whatever purpose, and for that, they target any Windows machine [running XP/Vista/7].
2) group wants to control computers doing X [flying, running power plants, serving data for the Navy, etc]

No matter what OS you choose, group 2 will always be there trying to hack you, and you have to actively thwart them. They are sophisticated, but there are a limited number of them that are targeting you in particular.

Group 1 is ONLY there if you are running Windows. Sure, there are some port scanners for ssh trying random names/passwords and attacks on various server software bits [apache/php/mysql/etc] if you run a *nix variant, but you automatically exclude wide-scale, random, actively changing/updating hacks just by choosing to NOT to use a variant of Windows.

Re:Mission Critical

[AmiMoJo]

It's also worth pointing out that the critical aircraft systems do not run on ordinary x86 PC hardware. Most of them are embedded systems for a start.

Even if the maintenance computer was running an unpactched XP and somehow got infected it is doubtful that any of the aircraft systems could become infected too. The virus would have to target them specifically and would require access to them to develop.

Re:Mission Critical

[LWATCDR]

Except this was just a simple database program that keeps track of problems. It is not a flight control system. And if you know what you are doing XP is actually not that insecure. It sure isn't so insecure that I would worry about running this program on it.

Re:Mission Critical

[dextermanas]

Except that you can't just run a random attachment without giving it execute rights first. Also, shell scripts by default open with a text editor (when launched from within Firefox). Say you decide to package your binary malware in an installer - which format would you choose? .deb? .rpm? .txz? What about all the dependencies needed (to do anything useful), if you add them how large would the file be then? You could go for shared libraries, but there's no guarantee that the target's system has the required versions installed. Heck, it's a challenge to install even legit third-party programs (those which aren't available on your distro's repo) due to dependency hell. Besides, the installer on most distros come with sufficient warnings/prompts before the package can be installed. Thanks to the fragmentation within the Linux community, it won't be feasible for a malware writer to bother packaging for different distros / versions / configurations. I'm not saying that it can't be done, I'm saying that if it is done, it has to be a very specific, targeted attack.

Shit.

[fuzzyfuzzyfungus]

Holy Safety-critical system running Windows and apparently not adequately air-gapped, batman!

Re:Shit.

Windows (and all Microshit in general) should be strictly forbidden in every safety-critical application.

I put the blame on governments for not having done it so far. And in the media and taxpayers, for not pressing for it.

MS is evil, but there will always be evil people. It is the fault of the rest for not fighting tirelessly against them.

Re:Shit.

We run critical stuff on Windows, they don't have access to the Internet. Deal with it.

Re:Shit.

[TheRaven64]

The Internet is not the only source of infection. What about removable media, removable drives, or other machines on a private network that can connect to either the Internet or removable media? Perimeter defences are part of good security, but they are not the whole of it.

Re:Shit.

[LordLimecat]

Arent there OSes designed specifically for mission critical applications out there, for just this kind of thing? Doesnt the list NOT include off-the-shelf OSes like Windows and OSX?

Re:Shit.

[Dunbal]

they don't have access to the Internet.

      Hopefully they don't have access to USB keyrings, flash drives, thumb drives and CD/DVD ROMS that have access to the internet, either...

Re:Shit.

[fuzzyfuzzyfungus]

I'm not sure that banning Windows by name would be of too much use. A quick trip down the router aisle at any computer store will show you more degenerate abuses of embedded linux and VXworks than you care to think about, and I'm told that things don't get better nearly as fast as you would hope as prices rise in other industry segments.

Anyone, though, using Windows in an environment where it could trivially be infected(ie. internet connected or contractors doing flash drive upgrades) really needs to be shown the door, yesterday. I'm also not sure why there would be "a" computer responsible for raising the alarm. Commodity x86 gear is pretty reliable for what you pay; but it isn't that reliable. If the safety of one or more 100 million+ aircraft, and everybody on board, is at stake, why are there not multiple systems, all independently capable of raising the alarm?

Re:Shit.

wxworks

Re:Shit.

Then you are at risk of a serious incident. Not having access to the internet greatly reduces the probability of it, but it is still unacceptable for many reasons. Even more so than having another OS AND access to the Internet.

Your decission-maker is morally liable if something bad happens. And even if the probability is lowered for not having access to the Internet, the consequences if something happens will be equally serious.

Re:Shit.

[Pojut]

If the safety of one or more 100 million+ aircraft, and everybody on board, is at stake, why are there not multiple systems, all independently capable of raising the alarm?

You're talking about an industry who would likely charge passengers for use of the bathroom, if they could get away with it. Why do you think there aren't multiple systems?

Re:Shit.

They use foppys disks

Re:Shit.

I suggest baning Microsoft altogether.

Re:Shit.

[JamesP]

We run critical stuff on Windows, they don't have access to the Internet. Deal with it.

Well, no. It's you who has to deal with it.

good luck

Re:Shit.

[Charliemopps]

We had to secure a computer at a company I worked at years ago. The IT department claimed it was secure (they had put Norton AV and firewall on it) I laughed when the owner of the company told me about it. He asked if I could do better. I put the computer in a metal drawer, locked it, drilled a hole in the back for the cables to come out and handed him the key. "There, now it's secure." He thought I was kidding until I pointed out the USB ports and drive bays.

Re:Shit.

[AlecC]

Except that this was not really a mission critical system - it was a fault logging system in the maintenance department. So far as one can tell from a machine-translated popular article, it was meant to log if a single aircraft had a number of different faults logged close together, because faults at different stations might not otherwise get correlated. As such, it is basically an IT system with response requirements in minutes, not a real time system with fault tolerance requirements. One of the systems which failed might have been a warning system which would have warned the pilots of the mistake which cause the crash.

Re:Shit.

[TheHonch]

Did you remove the networkcable too?

Re:Shit.

[skyride]

Well its either had a hand in causing the deaths of 154 people, and therefore was a mission critical system. Or it wasn't a mission critical system and the entire article is just a load of sensationalist garbage.

Re:Shit.

[AHuxley]

Think of it as: The boss person for the "mission critical applications" area was given a nice long lunch and presented with some back of the napkin math just before an upgrade.
The savings in hardware and software over aspects of a traditional OS was amazing... and thats how an off-the-shelf OS could get into mission critical area.
Marketing has its lists of areas to wine, dine, seduce and penetrate.

Re:Shit.

[jimicus]

There are, but they don't guarantee that the person writing the code that runs on them is any smarter than the office cheese plant.

Re:Shit.

[freedom_india]

HEY! Why do you blame taxpayers for it? We don't have any say in how our Government spends our money. e.g., waging wars based on lies. if i don't support the war, can i avoid paying that portion of it in my tax? NOOOO.. So why blame us for the stupidity of the Government?

Re:Shit.

[tibit]

Those mission-critical-designed-for OSes are, unfortunately, likely to be secure by obscurity. Something like vxWorks or QNX is not a big enough target for malware writers or blackhats, but I'm quite sure those platforms are full of holes simply because they are not very exposed. I'd say that linux, perhaps with realtime extensions, would be a somewhat better platform -- it's exposed way more, and most of the holes have been patched.

Re:Shit.

[3vi1]

Do you really think Governments are going to ban Windows?

The more likely result, if we make all non-technical people aware of this particular instance: Government legislature that says *all* computers must use TPC such that they can only run programs that are created by authorized entities and signed with certs.

This is a one-way ticket to the cessation of all innovation in the field of computing.

We shouldn't even give time to this here.

Re:Shit.

[Vectormatic]

i think MS also disclaims any responsability, that should tell you enough about windows' fitness for mission-critical stuff

regardless of law, putting any mission critical system (especially when lives depend on it) on a windows machine should be chargeable with criminal negligance, and in this case, manslaughter

Re:Shit.

Because government regulation == bad!

Re:Shit.

[oldspewey]

No, but he wrapped it in tinfoil.

Re:Shit.

[Bemopolis]

Two words: Blowout. Preventer.

Re:Shit.

I suggest a sharp, swift slap to the back of the head for people who can't spell properly.

Re:Shit.

[Rob+Riggs]

Did you remove the networkcable too?

No can do, my friend. Anti-virus software is useless without a network connection to keep the virus definitions up to date.

Re:Shit.

[AlecC]

There is no evidence - yet - that it had a hand in causing the accident. By your analysis, the booking system which allows a terrorist to book on a flight also has a hand in the accident. But, if it had worked, the plane might have been grounded for reasons which might be totally unrelated to the accident.

This is a third line system, looking for patterns of faults to allow preventive maintenance. If we make those too expensive, people will simply not implement such preventive systems.

Re:Shit.

"There, now it's secure." He thought I was kidding until I pointed out the USB ports and drive bays.

It's funny because it's true:

I have some friend in IT-maintenance jobs for the government. (intalling PCs, troubleshooting, ...)
Because they had an internal firewall and everybody has a conventional phoneline, someone in the tax-office (yes, those were people who process your taxes) found he could plug in the phone into his onboard 56k-modem and do whatever he wanted online.

After tedious virus removal over the entire departments (they all thought it was a neato trick) the guy just glued 56K-modem connectors into the PCs. The virus-rush was over.

Re:Shit.

[asmith.atx]

and then heat killed it.. but srlsy - the most secure server in the world is powered off and locked behind a closed door

Re:Shit.

[gad_zuki!]

Or you could have simply disabled USB or unpluged them from the motherboard. Now you've got heat issues to worry about.

Re:Shit.

wine, dine, seduce and penetrate.

Sounds like more of a life motto to me...

Re:Shit.

[ultranova]

I'd say that linux, perhaps with realtime extensions, would be a somewhat better platform -- it's exposed way more, and most of the holes have been patched.

Does ground control really need realtime scheduling? It's basically a glorified traffick light system with cameras (radards). It doesn't really matter if it makes a decision a microsecond sooner or later, or even a whole second.

Anyway, a simple and efficient solution would be to run several parallel system on different OSes, and rise an alarm if they disagree.

Re:Shit.

As an embedded software engineer I have seen this time and time again. Most embedded operating systems are far more secure against this type of threat than even the most hardened COTS platform.

But PHB's who work on this stuff read PC Magazine and think that all of a sudden they get a BSEE from that. Sigh.

Re:Shit.

[ultranova]

We run critical stuff on Windows, they don't have access to the Internet. Deal with it.

This gives the term "crash and burn" a whole new meaning.

Re:Shit.

[eldiabloencarne]

So why blame us for the stupidity of the Government?

I don't exactly know how to explain it, but there is a process in many countries that operate with the consent of the governed for deciding who runs the government. The word escapes me at the moment

Re:Shit.

[Idbar]

You're talking about an industry who would likely charge passengers for use of the bathroom, if they could get away with it.

And why would they blame their own, if it's easier to blame it on the OS?

Re:Shit.

[Ellis+D.+Tripp]

But if you don't have a network connection (and the machine is physically secured to protect the USB ports and removable media drives), then you don't NEED anti-virus software. Without a means for a virus to get onto the machine, it should be perfectly safe.

Having a live network connection only for the purpose of updating an unnecessary AV package provides a route of infection in itself. Unless the machine needs a network connection for another reason, then it shouldn't be connected to a network.

I maintain several Windows (and DOS) boxes which are used for stand-alone machine controls, and none of them have ever had a problem with virus infections (despite complete lack of AV software), because there is no way for a virus to get onto them. The front panel USB and floppy/CD ports are disabled (physically unplugged inside the machines), and the rear panel USB ports are filled with epoxy glue. If I need to update software, I just open the box, and plug the cables in as needed.

Re:Shit.

[drsmithy]

This is a one-way ticket to the cessation of all innovation in the field of computing.

Rubbish.

Re:Shit.

We had to secure a computer at a company I worked at years ago. The IT department claimed it was secure (they had put Norton AV and firewall on it) I laughed when the owner of the company told me about it. He asked if I could do better. I put the computer in a metal drawer, locked it, drilled a hole in the back for the cables to come out and handed him the key. "There, now it's secure." He thought I was kidding until I pointed out the USB ports and drive bays.

An hour later the computer melted...

Re:Shit.

[Twillerror]

I'm not sure about Norton, but Symantec AV has gone beyond simple virus stuff for a while now.

Using Symantec we didn't block USB entirely, but it is possible. It did block the standard USB type attacks though. When USB drives where plugged in the system logged all activity including files and sent them up to the central server.

Better than a drawer would have been a nice server rack...of course physical security is important. Someone could steal the drive and modify it and then put it back in. But I would think if the machine auto locked and users didn't have root/administrator access it would harder for these types of attacks.

Also, if your USB cable is coming out the back couldn't someone hijack that?

The new firewalls block incoming worms versus just blocking ips and ports like a traditional firewall.

But at the end of the day most of these attacks happen because of lack of a firewall and not patching the machines. For devices like the article it should be tested regularly, monitored, and even rebuilt from time to time for good measure...lifes are at stake.

I wish MS's firewall would be smart enough to block all traffic unless from servers. Does Joe and Janes machines at work really ever need to talk to one another. In fact I'd block traffic from the same subnet most of the time in a business setting.

Re:Shit.

[Dishevel]

Not a ground control computer. A computer that is not within the aircraft. Dose not fly. Therefore a "Computer on the ground."

Re:Shit.

[C0vardeAn0nim0]

banning a particular vendor in many countries would constitute discrimination.

ok, maybe i'm generalizing by saying "many", but here in brasil you bet this is the case. IANAL, but both my brother and sister are, my roommate's girlfriend is and a software engineer in the company i work also have a law degree, so if you want, i can check with them.

try to imagine this scenario:

1) brasil's govt bans MSFT products by name
2) MSFT sues on grounds of discrimination
3) ...
4) PROFIT!!!

if there ever was a case where the "profit" meme fitted, is this.

now, there's an indirect approach. since transportation and other industries that have the potential to affect the lives of thousands/millions are usually regulated, the mission critical systems that keep them running can be too.

the government can simply create such an iron-clad specification (that involves handing the full source code of everything), that MSFT would never be able to comply.

and wouldn't be able to sue on grounds of discrimination, specially if stuff like opensolaris, openBSD and linux passes the approval process. in case of a lawsuit, the government would simply point all the comapnies capable of following the standard and ask for dismissal.

Re:Shit.

[Dishevel]

they don't have access to the Internet.

Hopefully they don't have access to USB keyrings, flash drives, thumb drives and CD/DVD ROMS that have access to the internet, either...

USB keyrings, flash drives (same thing), thumb drives (Same thing again).

Do you just type things to make your post look longer so that people will have the belief implanted into their head that you are not dumb.

Re:Shit.

What is wrong with you? Microsoft is a huge faceless corporation. You speak as if Microsoft is killing all your children.
I do agree that Windows should not be used for safety critical applications though.

Re:Shit.

[interval1066]

"We run critical stuff on Windows..."

I think you're the ones who'll be "dealing with it".

Re:Shit.

[dkf]

You're talking about an industry who would likely charge passengers for use of the bathroom, if they could get away with it.

That's not regulation, that's cost minimization. (A free toilet is significantly cheaper than cleaning up after the alternative...)

Re:Shit.

[Xiaran]

I worked for many years in the security industry. We had to do this to prevent security guards turning off the machine when they alarmed as it would interrupt their naps. Probably the best story I heard about a secure room was in Australian Defence. A contractor was installing a secure door to make a secure room(where you store your import and documents and hard disks after hours). Once completed a senior military guy comes down and is really impressed by this thick steel door with massive bolts etc. The contractor said its pretty good, but he reckoned he could get inside within 10 seconds. The military guys cannot believe it and bets the guy $100 he cant do it. They lock the door and the contractor then proceeds to go to the side of the secure room and put his foot thru the plaster board panelling, kicking out a large chunk and allowing him to crawl into the room in about 5 seconds.

Re:Shit.

[interval1066]

"We run critical stuff on Windows"

Just that statement alone is comedy gold.

Re:Shit.

Then it overheated and died.

Re:Shit.

[Muad'Dave]

I don't know - if 'baning' means 'to declare something a bane on society' then I'm all for it.

Re:Shit.

[Bert64]

So you mandate requirements that a general purpose os cannot satisfy...

You should always have minimal systems anyway, especially on critical machines, and its difficult if not impossible to strip windows down without breaking it... Things like the browser and media player that come by default, unnecessary libraries like directx etc (mostly for gaming),

Re:Shit.

Right. We should all use Ubuntu and OS X. I'm sure Canonical and Apple would be more than happy to accept liability for any damage caused by users installing malware onto the respective operating systems.

Re:Shit.

[repetty]

We run critical stuff on Windows, they don't have access to the Internet. Deal with it.

You're very cavalier with other people's welfare. Looks to me like 154 dead people had to do that very thing.

Re:Shit.

[abigsmurf]

Yeah because Linux is totally 100% immune to malware and never ever crashes!

If they couldn't properly isolate a mission critical windows system, guess what? They almost certainly wouldn't be able to properly secure a Linux or OSX system either. Relying on the small amount of Linux based malware for security? That sounds an awful lot like security by obscurity to me. Relying on the rights system? There's plenty that you could do without admin rights that would potential suppress or interfere with an alarm.

Re:Shit.

[AB3A]

Agreed. Here is one example.

VxWorks is like the Microsoft of the embedded device industry. It is extremely popular. Embedded systems in general are not regularly patched because they're EMBEDDED. People often don't even know they're there.

The real problem isn't VxWorks versus Linux, however. I can just about guarantee that if you were to use a five year old linux kernel, you'd find just as many security flaws as you might with VxWorks. The real problem is that the OS never gets patched.

I need every one of you to understand this: Patching embedded systems like you patch an office computer will get you fired and possibly even prosecuted. These systems were carefully certified and validated by some people who were supposed to know what they were doing. When you introduce new code and then say "this ought to work" you are taking that design responsibility in to your own hands. Unless you too have that background and authority to change this stuff, you would be wise to leave it alone and call someone who does.

The phrase "This ought to work" is a very tired and sick joke where I work.

Re:Shit.

[SpzToid]

Actually two, operational blowout preventers were called for in the regulatory specifications. Turns out the single blowout preventer had no battery juice available. The system is supposed to work, by the batteries closing the hole automatically when detection of the control monitoring software fails. But if the batteries to the sole preventer don't have the juice when needed, bad things can happen. Someone thought the costs vs. risks were negligible, so they settled for less.

Re:Shit.

[GameboyRMH]

I didn't even notice he said that until you pointed it out. My brain just subconsciously de-duplicated all the redundant stuff.

Re:Shit.

[sjames]

Obviously, simply not connecting to the internet isn't good enough.

Re:Shit.

[Jeremy+Erwin]

See, this is why government oversight is so expensive. Regulations have to written for morons and swindlers. Here's the US Government standard.

1) Class A Vaults.

(a) Reinforced Concrete. The wall, floor, and ceiling will be a minimum thickness of eight inches of reinforced concrete. The concrete mixture will have a comprehensive strength rating of a least 3,000 psi. Reinforcement will be accomplished with steel reinforcing rods, a minimum of 5/8 inches in diameter, positioned centrally and spaced horizontally and vertically 6 inches on center; rods will be tied or welded at the intersections. The reinforcing is to be anchored into the ceiling and floor to a minimum depth of one-half the thickness of the adjoining member.

(b) Modular. Modular panel wall, floor, and ceiling components, manufactured of intrusion-resistant material, intended for assembly at the place of use, and capable of being disassembled and relocated meeting Underwriters Laboratories, Inc. (UL) standards are approved for vault construction.

(c) Steel-lined. Vaults may be constructed of steel alloy-type, such as U.S. Steel T-1, having characteristics of high-yield tensile strength or normal structural steel with a minimum thickness of 1/4 inch. The metal plates are to be continuously welded to load-bearing steel members of a thickness equal to that of the plates. If the load-bearing steel members are being placed in a continuous floor and ceiling of reinforced concrete, they must be firmly affixed to a depth of one-half the thickness of the floor and ceiling. If the floor and/or ceiling construction are less than six inches of reinforced concrete, a steel liner is to be constructed the same as the walls to form the floor and ceiling of the vault. Seams where the steel plates meet horizontally and vertically are to be continuously welded together.

(2) Class B Vaults.

(a) Monolithic Concrete. The wall, floor, and ceiling will be a minimum thickness of four inches of monolithic concrete.

(b) Masonry Units. The wall will be brick, concrete block, or other masonry units not less than eight inches thick. The wall will extend to the underside of the roof slab above (from the true floor to the true ceiling). Hollow masonry units shall be the vertical-cell type (load bearing) filled with concrete and metal reinforcement bars. The floor and ceiling must be of a thickness determined by structural requirements, but not less than four inches of monolithic concrete construction.

(3) Class C Vaults. The floor and ceiling must be of a thickness determined by structural requirements, but not less than four inches of monolithic concrete construction. Walls must be not less than eight inches thick concrete block or hollow-clay tile or other masonry units. The wall will extend to the underside of the roof slab above (from the true floor to the true ceiling).

source

Re:Shit.

[Dishevel]

I was probably being a bit harsh about it. I just hate uppity who lord their "intelligence" over us with their many words. All the while hoping nobody notices that the words they use have no meaning. Guy should become a politician.

Re:Shit.

[zombieChan51]

But LinuxIsPerfect(TM)

Re:Shit.

[Nadaka]

Windows is not a real time OS, how can you justify using it for real time applications?

Even without the issue of mal-ware mucking stuff up, it isn't suitable for use in an air traffic control system, but then again neither is linux.

Re:Shit.

[sjames]

Considering that 154 people died because this system did not issue the warning it was supposed to, I would say it most certainly IS a mission critical system, it just isn't treated as one.

Of course, it sounds like the whole thing was a tragedy of errors. The pilot should have seen that slats and flaps were in the wrong position, the computer in question should have flagged the plane for grounding, the on board computer should have raised the alarm. There should have been maintenance records independent of the computer that should have raised the flag on pre-flight. Not one of those things happened and people died as a result.

I would call it a comedy of errors except that it's hard to call 154 deaths a comedy.

Re:Shit.

DUDE!!! And here I thought that I was the only person with DVD ROMs that can access the interwebs...

Re:Shit.

[Ohrion]

exactly what I was thinking.

Re:Shit.

[sjames]

Or access to any computer that does have access to the internet or external storage.

Re:Shit.

[scribblej]

It's odd to me how easily you write off a system that caused the death of ~150 people as "not really ... mission critical."

Re:Shit.

[Xiaran]

Thank you for bringing up horrible memories of having to go through pages and pages of such documents to make sure we were compliant :) It's good to know that it is a universal constant that applies in the US as much as anywhere else.

Re:Shit.

RyanAir is planning on charging £1 per trip to te bathroom in the near future, coin-op style...

Re:Shit.

[WindBourne]

Actually, Linux IS suitable for ATC. And in fact, is used in a number of applications. There are several versions with DO-178B rating, so that it can be used in FAA, Medical and Military applications as well. At one of the jobs that I worked at, the Windows FanBois called MS and tried to push them to get the 178B rating. WHen MS did not know what Do-178B was, they asked for these guys to call them back in a week. Apparently on the next call, MS told them that there was ZERO chance of having Do-178B within the next 20 years. Why? Far to difficult to make it happen with any of the versions, or upcoming versions of Windows.

SO, you are correct that WIndows should NOT be used ANYWHERE in the FAA, Medical, or Military apps. HOWEVER, you are dead wrong on the use of Linux there.

Re:Shit.

[digitig]

I've worked on a few safety critical aviation systems (it's my job), and in the ones I've worked on the users of them don't have physical access to the computers. They're typically designed to boot straight into the dedicated custom application software, with no access to the OS. The people who do have access to the computers have to be licensed to do so, and none of them is going to go putting anything unauthorised into the USB port because there's simply no point -- these are dedicated machines with dedicated IO devices that would make for a terrible user expericnce. That, and they'd get fired.

So how did trojans end up on this computer? Well, as far as I can see it was not classed as a safety critical computer, and was almost certainly isolated from the networks that the safety critical ones use. Once you get the risk of a catasrophe down to a certain level then any further protection systems, although they are nice to have, you can be more relaxed about.

The relevant rules for safety management of aviation ground systems that the Spanish are subject to are freely available on the internet.

Re:Shit.

how long did it take to overheat?

Re:Shit.

[RAMMS+EIN]

``Those mission-critical-designed-for OSes are, unfortunately, likely to be secure by obscurity.''

I wouldn't be so sure. Security or lack thereof is mostly the result of culture and process. Mission-critical systems operate under vastly different dynamics than popular desktop systems like Windows.

If you think about what sells Windows systems, part of that is wowing would-be buyers with eye candy and gimmicky features. Support for lots of hardware is important. Support for and performance of the latest games is important. It gets sold even though it is widely known and expected to contain security holes and does not offer real-time guarantees. It's a large system with plenty of faults in it. Systems deployed in safety-critical and/or realtime settings are pretty much the exact opposite of that: they're usually small systems, built to perform a specific task on specific hardware. No eye candy, no gimmicks, no support for the webcam you bought from the guy on the corner of the street, no game APIs, etc. etc. This alone eliminates many of the holes. Add to that developers who know and care about safety, security, and real-time, and rigorous testing and even formal verification, and you will end up with a vastly different product.

Re:Shit.

Marketing has its lists of areas to . . . penetrate.

Are you saying that marketing people are whores?

Re:Shit.

[jd]

LynxOS is the only Linux derivative (that I know of) that is FAA-approved for use on aviation-related hardware. It is actually DO-178B certified, which is damn impressive for a general-purpose OS. Since there are Common Criteria level 5 (EAL5) tests available for Linux, it is presumably possible to produce a system that is FAA-certified and EAL5-compliant. Finally, the question of whether something could suppress or interfere with an alarm. That rather depends on exactly what has been included in LynxOS, as patching the kernel would negate the certification. However, ON CONDITION THAT something approximating hard realtime exists, it should be impossible for anything to interfere with activity by, say, polluting the scheduler. Equally, you would need Mandatory Access Controls. I don't think any of the implementations for Linux support true memory separation, but they do support enough controls that each process could be running in minimum privilege. Capabilities then allows you to eliminate services that nothing needs. Finally, you would ALSO need the system to have all of the fixes/patches necessary to be Carrier Grade-certified. (Yes, Carrier Grade Linux does exist.) That doesn't mean it'll never crash, but a 5Ns guarantee is not bad going.

Now, for your second point that if they couldn't secure Windows, they couldn't secure anything else -- in this case, you are completely correct. They didn't take even the most basic of precautions. As such, even the best security in the world (an Orange Book A1-class OS, for example) wouldn't be worth a whole lot. It would be like putting a nuclear bunker door in a doorway when the walls are missing. However, Linux does have the capacity to be used in such systems reliably and safely.

Re:Shit.

[Beelzebud]

Honestly if you're worried with local tampering, then no OS in the world is going to be secure at that site...

Re:Shit.

[digitig]

They are at risk of a serious incident whatever they run on: zero risk is unattainable. Their moral (and likely legal) responsibility is to assess that risk and ensure that it is adequately managed and is at a tolerable level. A lot depends on how easy it is to tell when something has gone wrong and what recovery is available if it does go wrong. Without knowing the system, seeing that risk assessment, knowing what failure modes are significant, knowing how significant they are and knowing what is done about them, you have know way at all of knowing whether the risk is "unacceptable" or not.

Re:Shit.

[rickb928]

Work with me here. This is complicated.

Someone posted:

"That's not regulation, that's cost minimization. (A free toilet is significantly cheaper than cleaning up after the alternative...)"

Flight safety and maintenance are not cost issues per se. For an airline with a clue, they are about maximizing profit and reducing inefficiency.

If a plane crashes due to maintenance issues, you have these consequences:

- Lost revenue. Passengers will be wanting refunds. The aircraft is not available for future flights, which will reduce revenue. Many airlines don't have capacity problems today, so this is not a big issue for them right now. Others however are sensitive to equipment availability.

- Inefficiency. It's generally cheaper to maintain the equipment than it is to replace it, insurance and spare equipment notwithstanding.

- Lost business. Perceptions of poor maintenance can lead to public image issues and potentially lost revenue. This is very hard to recover from. Note that the industry as a whole agrees to avoid taking advantage of competitors' safety issues to gain market share. Sharks apparently also do not eat each other, except in dire circumstances.

This particular incident is , at the root of it, not much different than a credit-card data disclosure, or dropping the bakcup tapes down the stairs, or failing to submit a bid because the computer crashed due to some malware. With the salient exception that people died. More reason to have redundant systems, backup manual processes, and even more rigorous IT security practices. We might, just might, see an effort by the FAA and aircraft manufacturers to require airlines and other operators to take aditional steps to secure their critical ground systems.

???

Re:Shit.

[DougF]

The latter is the more correct statement. The investigation determined that the aircrew overrode a weight-on-wheels sensor, allowing the aircraft to think it was in "flight" mode while on the ground. In effect, the aircrew defeated three separate safety measures to cause this mishap. The IT problem with the maintenance mainframe may be something to consider to prevent future accidents, but it appears it had little/no effect on this one.

Re:Shit.

[digitig]

As such, it is basically an IT system with response requirements in minutes

More likely hours or days.

Re:Shit.

[TheTurtlesMoves]

This is pretty much par for the course for fatal air accidents. One thing going wrong is almost never enough.

Re:Shit.

[painandgreed]

Of course, it sounds like the whole thing was a tragedy of errors.

Airplane crashes like this one always are. It is very rare that any one thing causes an airplane to crash. It's almost always multiple things going wrong all at the same time to cause it to happen. Pilot does something wrong after getting a mistaken order from the control tower and is hit by a freak wind. ANy one of those thing probably wouldn't cause a plane to crash and checking out each one when it happens and correcting them is a reason planes spend so much time on the ground and not taking off on time. This particular computer in TFA isn't the thing that caused the plane to crash, it is something that records the data from all the other systems that are mission critical.

Re:Shit.

"caused" != "failed to prevent"

You also failed to prevent this.

Re:Shit.

[IorDMUX]

Seriously? He was an employee. They asked him to do a job. He got the tools he needed and did it.

How did "destroying someone else's property" get modded insightful? It is not like he did this to his grandfather's oaken desk; rather, he converted a company computer desk into something more secure, as he was asked to do.

Re:Shit.

[Sot32]

Did you remove the networkcable too?

No can do, my friend. Anti-virus software is useless without a network connection to keep the virus definitions up to date.

I just update them using the USB ports and drive bays.

Re:Shit.

[digitig]

The world is not that black and white. Firstly it looks as if the claim is that the machine failed to prevent the deaths, not caused the deaths. It's an important difference. Secondly there's the question of what other systems were in place, what was the intended role of this system in preventing such occurences, and what weight was placed on this role.

To take an analogy, imagine somebody drowns in a public swimming pool. The lifeguard fails to save them, and all the other swimmers fail to save them. The lifeguard is clearly "mission critical", and we will whant to know what went wrong. But what about all the other swimmers? On your logic, it seems they "had a hand in" failing to save him and so were "mission critical". Do you believe that everybody should be required to hold a lifesaving certificate before being allowed to enter a pool?

Re:Shit.

[yurtinus]

...Because that's not its design. From my understanding of the google translation, it is a maintenance system designed to log faults. Calling it the cause of the accident while ignoring the pilot errors and numerous safety overrides is horribly counterproductive.

Re:Shit.

[yurtinus]

No... what's three steps worse than a whore, though? Marketing people are somewhere past there.

Re:Shit.

[Vectormatic]

Linux and OSX arent the only other options, for mision critical software there are plenty of other OSes out there

Re:Shit.

[yurtinus]

You're thinking of this from an IT perspective, not an embedded systems perspective. Mission critical systems are typically not designed to be hardened against hackers. They are designed to be extremely fault tolerant, deterministic, and allow the application run on them to be in complete control of the hardware. Realtime extensions for Linux come close and work pretty well for a lot of applications that require real-time scheduling, but not all.

Malware writers and blackhats don't really factor into it unless you're connected to external networks. If you do, there are a whole host of things you need to plan for. In general though, when it comes to a properly designed mission critical system - worrying about network vulnerabilities to your RTOS is like worrying about trojans on your coffee maker.

Re:Shit.

I hate Microsoft as much as any good card carrying Linux user but I think that Microsoft is not the evil entity here, it is the writers of the trojans and viruses. I hope they all go to some awful hell.

Re:Shit.

[Acer500]

We had a case recently where there was an odd source of infection on a supposedly secure PC... seems the user was more tech-savvy than most, and purchased a 3G USB modem and then proceeded to spread spyware all over the place with his browsing (to be fair he had an extremely boring job but...)

Re:Shit.

[jbengt]

I don't know why you think this demonstrates any particular excess expense of government. It is no more complex or restrictive than any of hundreds of private sector construction specifications and design criteria that I have read.

Re:Shit.

[X0563511]

The problem with that route is that it's obvious it was done.

If you wanted to get in and out with little evidence that anything happened, putting your foot through the wall is NOT the way to go about doing it.

Re:Shit.

Thing is, there is a difference between "mission critical: if it breaks, the company loses a few million dollars" and "missions critical: if it breaks hundreds of people will die". Nobody cares about the former. If you run the latter on Windows then I will be screaming to have your ass thrown in jail when (not if) people die. Deal with it.

Re:Shit.

The plane's instruments were in flight mode rather than ground mode which why air temperature sensors were triggered and flap setting alarms and slat setting alarms were not triggered. The systems therefore operated properly for their electronic settings but improperly as far as their actual situation of taking off from the ground rather than already being at high altitude.

The pilots engaged in a recital of the checklist but not a verification of the check list items prior to reply. (Sort of a "Lets Eat" followed by a "Yes, Let's Eat" but no one actually looks at the table to see that the waitress has indeed brought the plates of food and put them on the table).

Takeoff without flaps and slats is a clearly significant error and it was not detected by automatic alarm systems because such systems are not supposed to sound alarms at high altitude. The troublesome external air temperature probe is not supposed to sound alarms on the ground, but it kept sounding alarms because the instruments were in high altitude mode.

Systems operated properly. Pilots did not.

Re:Shit.

[blair1q]

Was it Norton TinFoil, McAfee TinFoil, Symantec TinFoil Protection*, or Kaspersky Internet Security Tinfoil?

Personally, I think if you don't have all four checking up on each other, you're just asking for trouble.

Of course, you won't have any cores left that aren't pegged 24/7, but eternal vigilance is the price of freedom.

* - comes with a free hat

Re:Shit.

[balbus000]

Take your pick.

Re:Shit.

[blair1q]

You kidding?

It's only a page long.

It's a marvel of specification efficiency.

I can't write 10 lines of code without dealing with 10,000 pages of software standards.

I think I'll switch to installing vaults on everything.

Re:Shit.

[blair1q]

If you care about security on those OSes, you don't rely on the software to be secure. You physically secure it and enforce strict rules on installation of software and connection of the device to open networks. And if the rules aren't strictly followed, you presume it's compromised and wipe it and start over. Same deal as for classified information. It's not about what the executable can or can't do if infection is attempted, it's about keeping the environment sterile.

Re:Shit.

[Jeremy+Erwin]

tip of the iceberg. Strictly speaking, what I cited wasn't a specification, but a section of a security manual. Had the grandparent's "senior military guy" read a similar document prepared by his government, he would have known what was wrong. The real specs often cite other specs, and the whole thing has to be certified by a inspector, in any case.

If the material to be stored in the vault was deemed to be TS/SCI, there's a whole layer of bureaucracy that comes with it.

Re:Shit.

[sjames]

There seems to be some disagreement as to what mode it was in, but one wonders why it would willingly go into flight mode with zero airspeed, gear down and locked and presumably the contact sensors indicating they were on the ground.

Other reports claim that the pitot heater had been triggered inappropriately on days prior to the crash and so the breaker was turned off which also killed the configuration warning.

Re:Shit.

[blair1q]

Actually, yes, since this ground computer was responsible for alerting staff on the ground to an aircraft with possibly compromised safety, and since the aircraft was on a schedule to do something inherently unsafe, the ground computer is responsible for completing a behavior before a timed event occurs. Therefore, the computer is a real-time system. As are the humans responsible for seeing the alert and cancelling the flight, the peopel responsible for informing the flight crew to abort the flight.

The flight crew would not be real-time, in this particular behavior, since they don't actually have to take off on a set schedule, as long as air-traffic control is keeping other scheduled aircraft off their runway while they dawdle. But this throws a wrench into the real-timeness of the rest of the loop: what if the crew try to take off early?

Having to deal with behavioral requirements like this, and a few hundred other simultaneous requirements, in a safety-critical situation, will separate the engineers from the haxx0rs.

Re:Shit.

[blair1q]

Let me be a bit more clear about this:

No, those OSes are not secure. Quite the opposite. Almost all of them are very primitive, and have wide-open memory models that allow anything to run, allow anything running to touch any location in memory, and don't log a thing about it. More recent versions of them may have memory partitioning and privileged-user-only modes, but don't bet on the more recent versions being used even on brand new projects.

The innate vulnerabilities to coding errors presented by this openness are alleviated by performing exhaustive (and expensive) testing of every function in the system to be sure it does what it's supposed to, and exhaustive (and expensive) testing of the system to be sure it does what's required of it, and exhaustive (and expensive) evaluation of the requirements to be sure they cover all of the safety-critical and mission-critical possiblities.

And then you still get gomers on the flight deck disabling safety alerts on a poorly maintained aircraft and executives in the airline HQ giving them a wink and a nod for it while looking all stern (or waving a bulging envelope) at regulator visits.

Re:Shit.

[blair1q]

I haven't actually used it (I know people who have), but I've looked at the brochures and I don't think the certified version of LynxOS is as General Purpose as you might think. It is based on a Linux kernel, though, and you're right, if they haven't totally gutted that kernel, that means they did an Ungodly Fuckload of work to get it validated. Ten years ago we were predicting there wasn't enough money printed to certify an inet stack for flight. Someone must have hooked into post-9/11 sales memes to get the jack to squeeze a Linux kernel through the eye of the FAA's needle.

Re:Shit.

[BitZtream]

154 people died because of 3 violations of safety protocol by the aircrew themselves overriding things they shouldn't have overridden ... the very things that were telling them the aircraft was not safe to fly.

When your smoke detector goes off, and you just unplug the battery and go back to bed without bothering to notice your house is in fact on fire, its not the smoke detectors fault you died.

The aircrew essientially pulled the batteries out of 3 smoke detectors that were going off, and you're trying to say the fact that the 4th one was broken is REALLY the problem?

3 OTHER RED FLAGS WERE RAISED THAT THEY OPENLY IGNORED, IN FACT DISABLED AFTER THEY RAISED THE FLAGS.

THAT is why people die in airline crashes. 9 times out of 10 its because some fucker was in a hurry and didn't think the safety rules applied to him. This is one of those times.

Re:Shit.

[xenapan]

salesmen, car salesmen, lawyers?

Re:Shit.

[C0vardeAn0nim0]

no. i didn't say we _DO_ mandate, but we could mandate if necessary a standard that only an opensource general OS can satisfy. or a proprietary OS, as long as the vendor hands the code to a government body responsible for auditing it, speacully in what regards to security.

i remember some talk about the US military considering banning windows, then balmer himself ordered MSFT to come up with a hardened windows XP that passes the pentagon's requirements.

i'm not talking about banning windows, i'm just saying that governments should THREAT banning it. nothing brings a private company to it's best game than the threat of losing government sales.

Re:Shit.

[HereIAmJH]

Except that this was not really a mission critical system - it was a fault logging system in the maintenance department.

From the articles I have read the flight crew missed the flaps and slats on the take-off checklist. And the airplane's warning system was either non-functional or ignored. Both of those should have been sufficient to prevent the crash. A report last year said that human error contributed to the crash. The pilot and copilot died for this sin.

But a Reg article today says that the airline computer collected warnings and had the ability to stop the flight if there were too many warnings.

If the airlines' central computer was working properly a take-off after three warnings would not have been allowed, thereby averting the tragedy.

That puts the system in a flight control position making it a critical system. Also, businesses don't install these kinds of systems if the on-plane systems are sufficient. They are generally created to address a deficiency found by a regulating body.

One other point. The system that contains aircraft maintenance logs is a critical system even if it never communicates with a single aircraft since without it the planes could start falling out of the air or the airline could be shut down by a regulatory body. It's just not a flight critical system.

Re:Shit.

[yurtinus]

Shit... I suppose we can put them just above the lawyers.

Re:Shit.

[thegarbz]

And thus yet another slashdot reader shows an astounding display of ignorance. Let's ban windows and then hold hand and sing merrily as our systems are now "secure".

It's not the fault of windows. It's not the fault of the government. It's simply the fault of the system administrator not adequately locking down the windows machines. So we got computers with windows running the critical operator displays at our oil refinery, does that mean we're all going to die tomorrow? No. The computers are locked down. They don't even have mouse and keyboard so standard inputs don't work. The cases are under a bench under lock and key so you can forget a USB key introducing a trojen. They are connected to network which can't pull in data through a firewall, instead can only push data to a dedicated machine on the next network which is then polled by any applications needing said data.

But hey let's pretend that simply dumping an unpatched linux box on the operator's bench with direct connection to the outside world will more more secure.


Knowing our operators I estimate the first kernel panic to occur 72 hours after install.

Re:Shit.

[HR]

This is a one-way ticket to the cessation of all innovation in the field of computing.

Innovation in any industry typically doesn't occur in the context of mission-critical systems. Bleeding-edge, experimental techniques only make their way into these sorts of highly-regulated environments after they have been thoroughly researched and tested in a context that doesn't involve catastrophic losses in the event of a failure. I can't believe you even raised this point.

Re:Shit.

[Xiaran]

You are correct that we do have the same thing in Australia. But I suspect no one is spared from idiocy, uniformed or otherwise. I forgot to add that the story told to me was from a friend of the guy that did this. He had actually raised concerns that there was no point in installing such a door but was ignored. The upshot of it was there was no ramifications for him and they did eventually get their secure room(I assume horribly over budget).

Re:Shit.

How do you define 'server'? Is my laptop running Ubuntu a server? What about the HTPC in my livingroom? My Mac Mini at work (which runs a full webserver capable of testing my webapps on)?

I really don't see a distinction.

As for Joe and Janes machines talking to each other, it depends on your apps. It's a waste of bandwidth and server resources to NOT have them talk to each other if you are doing things like lots of file transfer or VoIP

Re:Shit.

[toddestan]

It doesn't even take marketing, the bean counters are enough. Embedded computers can be expensive, especially if you require lots of processing power or storage. PCs are cheap. Software development costs are also often cheaper on Windows than embedded hardware too.

Re:Shit.

This is wrong and stupid for a number of reasons:

-The machine should never have been connected to a network without a firewall, or connected to the internet at all.
-Nobody should have been using the machine in a manner that ever exposes it to malware.

In other words, don't play fucking Farmville on it and close the ports, and the machine will work fine.

Oh and another thing: I noticed that ever since I quit buying cheap hardware and started plugging it into a UPS, I never have software problems. Maybe it wasn't Windows 98 fucking up, maybe it was the $29 power supply and the PC Chips motherboard?

What operating system was used?

[sa666_666]

Just wondering what operating system those computers used, and how they contracted a virus from the outside network (when they probably shouldn't have been connected at all)??

Re:What operating system was used?

[TheKidWho]

I take it you've never worked with real people before?

Re:What operating system was used?

[mseeger]

Because humans are humans. Possible chain of events: "Hmmm. I want to surf in the internet but have no PC. But wait, there is our maintenance PC. If i install iTunes on it and connect it to my iPhone, i may surf during work. Hurray! I can even download the hot pics of my favorite celebrity to which i received a link from these chinese guy."

Re:What operating system was used?

You call them thumb drives, we call them dick drives; they spread disease, screw everything they come in contact with, and leave you in a sticky situation.

Re:What operating system was used?

In Spain there's no regulation on High-Risks Computers usage and responsability, so anybody with no preparation at all can be in charge of "those computer things"...
Most computer scientist and engineers (and I'm one of them) are flying away to foreign countries, in which engineers seems to have more social recognition.

Re:What operating system was used?

[Buggz]

The operating system really isn't the issue here, failure to isolate the system is. I've set up several windows systems inside a double firewall which in turn are set up with a VPN to whatever the systems needed to communicate with, and nothing else. Those did exactly what they needed to do because nothing else would get in or out. That a mission critical system gets infected at all points to a serious flaw somewhere, a goddamned alarm system shouldn't need any active usb-ports nor any access to the internet besides an encrypted line to whoever is supposed to receive the alarm and respond. I hope this is viewed as a criminal case, someone did an absolutely horrendous job or didn't do it at all and 154 people lost their lives because of it.

Re:What operating system was used?

[Buggz]

Disclaimer: rant based solely on the summary and a bit of pure speculation. I, of course, didn't read TFA.

Re:What operating system was used?

[mcgrew]

Are you new to computing? How many Mac or Linux or BSD users do you know who have ever gotten a trojan infection?

Re:What operating system was used?

[LordLimecat]

Its STILL not a high-availabilty OS, and should not be treated as such. Windows can be great for normal business use when properly set up, but it isnt designed for mission critical stuff-- if your graphical shell can bring down the OS, its probably not a good candidate for that kind of thing.

Re:What operating system was used?

Could you give me a list of these countries? I'd love to find one!

Re:What operating system was used?

[AnonymousClown]

I can even download the hot pics of my favorite celebrity to which i received a link from these chinese guy."

You don't even need to get a link from a Chinese guy. Just searching for your favorite celeb will get you infected.

I got hit with that fake "Virus on the PC" warning and "scanner" by looking for Christina Hendricks photos. I even got it from a hobby electronics blog site once.

It didn't get too far because I run under a user account on XP.

Re:What operating system was used?

[Buggz]

I agree, but any chain is as strong as the weakest link. The safest OS in the world can't handle sheer stupidity or ignorance, or if it does it's basically useless for anything.

Re:What operating system was used?

Any country in which you are not payed 12000€ a year when working as an engineer, whilst any other occupation has a minimum salary of 30k€/year.

Re:What operating system was used?

Evidently you have a really small dick.

Re:What operating system was used?

[AlecC]

Except, as far as I can see, the function of this system is to collect fault logs from all the places the planes might fly to, and correlate them. I.e. central to its primary function is network communications of some sort. Now, they could run a private network over their entire operation range (most of Europe, I would guess), but that would would be prohibitively expensive for what is basically a third-line support function. So I bet they used the internet. Of course, they could have run a locked VPN over the Internet, which would have been better. But I cannot see top security being applied to what is essentially an office system.

Re:What operating system was used?

[oldspewey]

This is why I only follow unpopular celebrities.

Re:What operating system was used?

[tiksi]

Many. But most linux infections I've seen were specifically targeted at that system. A clueless user on linux is still a clueless user that will install and run things as root with moderate SE

Re:What operating system was used?

[geekoid]

Linux infections? How about some examples instead of your logical fallacy?

Re:What operating system was used?

[SchroedingersCat]

Never seen a rooted linux box? Now get off my loan!

Re:What operating system was used?

[mcgrew]

Sure, a Linux box can get rooted, but I've never seen one, and I've installed Linux on friends' computers when I got tired of reinstalling Windows for them after the thing slows to a crawl from malware. Once Linux was on it, they never got infected again.

Of course, to be victim of a trojan you have to know how to install a program ;)

Re:What operating system was used?

[Bert64]

While that's true, a properly configured embedded OS is far less likely to encourage poor behaviour...
Windows boxes almost always have a web browser and various other things installed, encouraging users to actually use them.

An embedded box won't have anything like that, it probably won't even have a GUI and if it does its likely to be a specific one for whatever the device is meant to do and not give you any other functionality.

Re:What operating system was used?

[JargonScott]

Security through others' obscurity doesn't work.

Re:What operating system was used?

[scribblej]

I'd just like to point out that I've successfully trojaned both Mac OSX and my own (fully-patched!) Ubuntu 10.04 machines with clever use of the Metasploit framework. It's not hard, you don't need any knowledge of what you're doing beyond what's in the metasploit tutorials, a script-kiddie could do it. It took me only a few hours of reading the tutorials and only a few MINUTES of using the tools.

I've also seen PRODUCTION BSD servers rootkitted at a previous job. I'm positive it was due to admin incompetence, but it does happen.

So if you were hoping the answer to your question was "none," it's not.

I'm just responding to what you said, though -- don't misunderstand me and think I'd suggest using some other OS.

Re:What operating system was used?

[Beelzebud]

Didn't the Apache Foundation have one of their main machines that host the web server get a trojan, which compromised the machine?

Re:What operating system was used?

[Beelzebud]

Ok here you go.

http://threatpost.com/en_us/blogs/apache-foundation-hit-targeted-xss-attack-041310

Re:What operating system was used?

[BitZtream]

So which OS do you suggest? Don't you dare say Linux because I've seen X take down every OS I've ever used it on at one point or another.

Re:What operating system was used?

[RabbitWho]

It kind of reminds me about what someone said about the new anti-virus systems in voting machines. "It's like compulsory condoms for preschool teachers. Of course it's better than the alternative, but someone somewhere is doing their job horribly horribly wrong."

Re:What operating system was used?

[thegarbz]

Nope, windows boxes installed by system admins who don't have a clue how to properly lock down the system have web browsers and other things installed.

We run windows for mission critical system where I work. Operators have so limited access to them they don't even have a normal keyboard. You can forget opening up a web browser as the operators can't even get out of the graphic application, let alone open up an internet browser.

Right next to them they have a fully open computer connected to the company's business network. They can fuck with that as much as they want. In this way you also take out any desire to screw with control machines.

Re:What operating system was used?

[hitmark]

well, luckily one can run linux without X. No such luck with windows.

still, i am unsure how much we are talking "take down" as if forced reboot. It could also be that xorg, or whatever basically locked the display hardware. Still, KMS should remove much of the issue.

Re:What operating system was used?

[toddestan]

I remember back when putting an unpatched Redhat system on the internet meant that you would get owned in a matter of minutes, much like Windows XP was. This was back in the Redhat 6.2 days, nearly a decade ago.

Now get off my lawn!

The pilots were incompetent

[GaryOlson]

At the bottom of the article, it states the computer system did not alarm when the pilots failed to use the flaps properly on takeoff. That pilot should have had his license revoked.

Re:The pilots were incompetent

[Sockatume]

Undoubtedly, however there are meant to be safety nets against pilot incompetence. If such a system was compromised (as noted in a comment below, this is slightly dubious) then that error is partly responsibility for the incident.

Re:The pilots were incompetent

[Trent+Hawkins]

is this going to be another one of those Toyota things, where they recall the carpets (or OS in this case) call NASA and several million dollars later find out that the driver is a moron?

Re:The pilots were incompetent

[Pojut]

From the Wikipedia page (emphasis mine):

"On 17 August 2009, CIAIAC released an interim report on the incident [21]. The interim report confirmed the preliminary report's conclusion that the crash was caused by an attempt to take off with the flaps and slats retracted, which constituted an improper configuration, and noted that safeguards that should have prevented the crash failed to do so. The cockpit recordings revealed that the pilots omitted the "set and check the flap/slat lever and lights" item in the After Start checklist. In the Takeoff Imminent verification checklist the copilot just repeats the flaps and slats correct values without actually checking them, as shown by the physical evidence."

Daayum.

Re:The pilots were incompetent

[Zocalo]

The pilots kind of revoked their own licenses. Permanently. All of the crew perished in the crash.

The thing that bugs me is that flight systems on passenger jets are multiply redundant and their are strict rules about what can and can't be done when there is a system failure. For instance there are usually at least three autopilot systems, and if only one is indicating a fault then the flight crew has to perform all flight operations manually. WTF happened with regulatory control that didn't enforce that this kind of redundancy and human oversight applied to critical systems on the ground as well?

Re:The pilots were incompetent

That pilot should have had his license revoked.

Well, nobody in the crew will fly anymore, since they all died: http://en.wikipedia.org/wiki/Spanair_Flight_5022#Casualties

Re:The pilots were incompetent

[Amouth]

i Think he died with a lot of the other people on the plane

Re:The pilots were incompetent

[nedlohs]

Being dead does that automatically anyway.

Re:The pilots were incompetent

[Pojut]

The pilots kind of revoked their own licenses. Permanently. All of the crew perished in the crash.

"It's just been revoked!"
"Peter, that line doesn't work here."
"Oh. Uh...I'll have what she's having!"

Re:The pilots were incompetent

[gstoddart]

WTF happened with regulatory control that didn't enforce that this kind of redundancy and human oversight applied to critical systems on the ground as well?

If I understand the garbled translation, I think that the airline failed to enter into their computers in a timely manner that there had been existing problems ...

A deficiency of that computer is joined also by the fact that Spanair took about 24 hours to score in the computer failures of its planes , according to the judge admitted two mechanics from the airline. Spanair took about 24 hours to score in the computer failures of its planes . This is not a trivial matter, and expected the flight JK 5022 Madrid Barajas would not have taken off if its share on the computer had been a day.

Essentially, a compounding of human error and a virus-ridden computer prevented the whole redundant system from working correctly. Basically, if you break screw up enough of the steps along the way, your redundant system doesn't have enough information to be of any use.

Though, honestly, I find the translation from Spanish to be really difficult to follow in some places, so I could be way off on my interpretation of some of it.

Re:The pilots were incompetent

[Keebler71]

That isn't how I read the article... the trojans were infecting a central maintenance computer back at maintenance headquarters and would have absolutely no idea of the flap status during the take-off. The issues are completely unrelated. While it is interesting that such an important computer (saftey-wise) was so infected, from the wikipedia article and the accident investigation report, it doesn't seem that maintenance had anything to do with the crash at all. This is a simple case of pilot error. The pilot and co-pilot did not complete their take-off checklists having omitted placing the flaps in the take-off position. This is backed up by the voice recorder (they could be heard skipping over this step) and from the data recorders which record the positions of all the control surfaces. The ongoing lawsuits in spain likely have more to do with finding more people to sue than actually accepting what really happened that tragic day.

Re:The pilots were incompetent

[AB3A]

I say this as an experienced instrument rated private pilot myself and as an engineer of control systems involving safety and high energy systems:

It's easy to sit in an office chair, look back at this behavior, and think my gosh, how stupid is that?

Stupid happens to the best of us. If you can look at yourself in the mirror and say that you've never made a mistake while driving, you either haven't been driving for long, or you're damned good at deluding yourself.

It's no different with pilots. We train and train to avoid accidents. We have learned a great deal about how to avoid making terrible mistakes like this. However, at some point, the automation has to stop trying to warn people of each and every silly thing and get out of the way so that they can do their job. Too many alarms results in alarm fatigue which causes people to ignore what the alarm is trying to say.

The margin for error in airliners is slim. If most people knew how close to the performance envelope they were when they fly, they'd probably never board an airliner again. And yet, pilots manage to fly these things at this performance level every single day. Yes, this was a screw-up. There was supposed to be warning horns to let them know that this situation was present.

Even with random failures, there is a certain likelihood that these failures will converge on a single system and cause a dangerous situation to emerge. There was no one failure point here. The warning failed, and the repair system that was supposed to catch those warning horn failures didn't work, and the pilots forgot to deploy the flaps and slats properly.

Had any one of these things in the chain been caught in time, this would have been an uneventful flight. That is what real safety looks like.

Its an MD82

[MichaelSmith]

wiki link

Beyond the translated Spanish article I can't find anything else about this idea of an alerting system being infected with malware. Typically such systems are simple, embedded and not interfaced in ways which could cause them to run software they are not meant to.

This bit from wikipedia is interesting:

The MD-80 Advanced was to incorporate the advanced flight deck of the MD-88, including a choice of reference systems, with an inertial reference system as standard fitting and optional attitude-heading equipment. It was to be equipped with an electronic flight instrument system (EFIS), an optional second flight management system (FMS), light emitting diode (LED) dot matrix electronic engine and system displays. A Honeywell windshear computer and provision for an optional traffic-alert and collision avoidance system (TCAS) were also to be included. A new interior would have a 12% increase in overhead baggage space and stowage compartment lights that come on when the door opens, as well as new video system featuring drop-down LCD monitors above.[4]

link

Apparently this upgrade got dropped in 1991, so the system still in use must be pretty low tech.

Re:Its an MD82

[J-1000]

Of course, as you know, there are plenty of viruses still floating around on floppy disks.

Re:Its an MD82

[UnknowingFool]

The summary is a bit misleading. The computer on the plane does not appear to be infected. What was infected was a warning control system computer at Spainair headquarters that monitored and recorded the planes. If I'm reading the article right, a component on the plane (it says "device" so it may not be a computer) failed at least twice before the flight took off. Since the central computer was infected with Trojans, it was not adequately recording nor triggering an alert that should have grounded that plane.

Re:Its an MD82

[ryanov]

The MD-82 flight deck is still relatively low-tech, though more high-teck than a 1960's DC-9.

http://cdn-www.airliners.net/aviation-photos/photos/4/0/9/1750904.jpg

The MD-88 flight deck is more of a modern glass cockpit:

http://cdn-www.airliners.net/aviation-photos/photos/8/5/2/0911258.jpg

However, windshear computers and TCAS, if I'm not mistaken, were installed on nearly all modern aircraft some time ago, regardless of the status of that particular upgrade. Just because MDD didn't add those things as part of the MD-80 Advanced (which incidentally would have been delivered after this aircraft anyway, so would have had no bearing unless it were upgraded) doesn't mean they weren't since added.

Re:Windows?

[FTWinston]

Read TFA:

the ground computer

(my emphasis) So no, not the plane. But mission control :S

Re:Windows?

[WrongSizeGlass]

No, but this computer was running the old version of Flight Simulator.

Re:Windows?

[FTWinston]

TFS, I mean. Not even TFA. /facepalm

What?

[miffo.swe]

Who puts Windows on anything even remotely mission critical? If you could blame someone, it should be the person deciding that.

Re:What?

[Dexy]

It doesn't say anything about Windows in TFA.

Re:What?

[McNihil]

"Who puts Windows on anything even remotely mission critical?"

ooooh! I know I know I know... waving hand frenetically HIGH in the air

"Clueless idiots!"

Re:What?

[AlecC]

Then it comes down to your definition of "mission critical". This was an office-base maintenance support system which should, but did not, have warned that this aircraft was logging a lot of faults close together. If it had worked, the aircraft would probably have been grounded to investigate the cluster of faults (three in two days). Now, the actual cause of the accident seems to be that the pilots made a stupid mistake, and a system which supposed to tell them that they had done so failed to work. There is no direct connection between that system failure and the others, but they might all have been symptomatic of some general fault which might have been discovered had the aircraft been grounded. The infected data logging system was pretty far from the flight line. Do you insist that all such systems are upgraded to the much more expensive mission-critical status? If so, it might result in the systems simply not existing: they would become too expensive for their perceived benefit.

Re:What?

[Missing.Matter]

Where was it indicated that the computers were running Windows?

Re:What?

[Yvanhoe]

Question : would you also hang the various salesmen who argue with "Microsoft(tm) Facts(tm)" that Windows is the most secure OS out there and that it is adequate for mission critical tasks ?

Re:What?

[miffo.swe]

It doesnt need to, we all knew the moment there was talk about a trojan.

Re:What?

That would be the boss, who upon hearing about Linux, insisted on using windows as its what he used when he went to management/business school, and he doesn't want to learn anything new, and besides, since he's in charge of IT, he can make any decision he wants, and IT can figure it out. That's what they are paid for. When crap comes rolling downhill for this blunder, the IT people similarly are to be blamed for the problem. Happens every day, in every industry. Similarly, the microsoft guy will give the boss a break on licensing if all the computers have windows installed. Either microsoft can offer the guy a kickback, or because his budget expense is now less, his boss will give him a raise. Only after disaster, will questions be asked, microsoft will point to disclaimers about not being mission critical, and the boss can fire IT. Windows users can jump up and down about "oh, if Linux were as popular, it would have more viruses too", and its a straw man argument because they certainly are not going to adopt LInux any time soon, but the fact rests, nevertheless, that as of right now, Linux doesn't have the virus/malware problem windows has, and is therefore more secure. From my point of view, it hasn't had that problem for the last decade and a half, but upon saying it, the straw men come out once again. They make their argument based on supposition. Its fallacious.

Re:What?

[thegarbz]

Who puts Windows on anything even remotely mission critical?

Any fully competent admin who knows how to lock down a system. Here's a way to do it for a truly mission critical computer requiring operators working on it:

- Proper network design ensures viruses don't enter via the network. Heck add an airgap if you can. - Proper physical design ensures that people can't plug in USB sticks. In our case it means people don't even have normal keyboards and mice, and as such are very limited in what they can achieve. - Proper management ensures that only a select few people have the ability to do anything on that computer. (password policies, key management (physical keys to the cabinet housing the computer that is). - Finally put a second computer next to the first. Don't lock it down, attach it to the net and all of a sudden you'll realise people don't try and mess with the mission critical one. That covers your attack vectors, now the only thing left is to ensure the system remains stable. That's where testing comes in, and this is required even if you don't run Windows. Any competent admin can manage a windows machine with years of uptime on it.

Complimentary 7 point Slashdot troll guide...

[vistapwns]

Here is your complimentary guide to trolling this story: 1. Pretend only windows can get infected with trojans. 2. If you can't do 1. adequately, then pretend Windows is some how easier to infect with trojans than other OSes. 3. Accuse anyone who disagrees with you of being paid off. 4. Make thoughtless absolutists statements like Windows has no security model, and is not a networking OS. 5. Mention chair throwing as proof that MS personnel are unstable, but never mention wife murdering linux developers. 6. Repeat other MS bashers without researching what they're saying. 7. Mention "640k ought to be enough for anyone" as much as possible without giving thought to the brain dead simple idea that MS had nothing to do with the addressable memory limit of the 8086. Following this guide is sure to get you modded up and liked by many other slashdotters, so be sure to follow it closely!

Re:Complimentary 7 point Slashdot troll guide...

[LordLimecat]

Problem with your rebuttal: Whether or not other systems can get trojans, you should NOT be using Windows for anything that needs 100% uptime to guarentee safety of human lives, plain and simple. If the entire system can be locked up and made responsive by userland apps, then it isnt qualified to be responsible for the safety of human lives.

Re:Complimentary 7 point Slashdot troll guide...

[rolfc]

Actually, number 2 is not trolling. Windows is the only OS that support driveby.infections without interaction with the user. So it is easier to infect.

Re:Complimentary 7 point Slashdot troll guide...

[vistapwns]

How so? A flaw in flash, for instance is going to leave you open to a drive-by on any OS with any browser. Simple fact. If you mean across the network attacks on services/daemons listening to ports, then the answer is no Windows is not susceptible to those kinds of attacks either, not since XP SP2 enabled the firewall by default. Unfortunately it's possible you are talking about something altogether different, that's the problem with the windows bashers, they are never specific, they just throw out ambigious damning unfounded generalizations over and over again...

Re:Complimentary 7 point Slashdot troll guide...

[realityimpaired]

In response to your point 2, Windows *is* easier to infect than other operating systems. But that has little to do with the level of security/privileges in the OS these days (Win 7 is a *huge* step forward as compared to, say, Windows 95, where you could bypass a login screen by hitting ESC). More, the reason Windows is easier to infect is because of market share.

Most virus infections still rely on good old social engineering: they e-mail themselves as an attachment to a user, and the user has to unwittingly open it, infecting their system. Such methods are entirely possible in *any* operating system, given an appropriately clueless user. With more people using the operating system, it stands to reason that there's going to be more clueless people using the operating system. Most of the reason that Linux is more secure is because of its obscurity, making it not really worth targeting. But if you follow the security bulletins, then you know damned well that there are viruses/rootkits for Linux and for OS/X out in the wild today.

Re:Complimentary 7 point Slashdot troll guide...

...the reason Windows is easier to infect is because of market share.

That's just one of the misconceptions windows fan bois use to console themselves. The truth is that Windows is utterly inferior in matters of security. Otherwise, you'd have to expect at least a half-dozen or so active viruses for Linux and OS X in the wild. But no, there's not a single one. Not. A. Single. One.
But go ahead and whine about how unfairly maligned windows is. Twit.

Re:Complimentary 7 point Slashdot troll guide...

[at_slashdot]

That's complete BS, I'm not even going to bother to refute your points, because they are nothing more than a red herring, it's not even important why, the fact itself is important, there are half of million of pieces of malware for Windows and almost none for Linux (and no actively spreading virus as far as I know).

If you choose your neighborhood would you go for a war ridden zone or for Malibu? Sure, Malibu is just as vulnerable, actually it has less defenses than Kabul... it can *potentially* become worse, but it isn't now.

Re:Complimentary 7 point Slashdot troll guide...

[rolfc]

Then maybe you could give me an example of a driveby infection on Linux or OsX.

Re:Complimentary 7 point Slashdot troll guide...

[geekoid]

Windows is easier. It's a byproduct of sloppy architecture.

It doesn't mean the others can't be compromised, but it's a fallacy to assume all OS's can be infected with the same level of difficulty.

Re:Complimentary 7 point Slashdot troll guide...

[Stradenko]

https://launchpad.net/bugs/+bugs?field.searchtext=remote+code+execution&search=Search+Bug+Reports&field.scope=all&field.scope.target=
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1252
http://news.softpedia.com/news/Critical-Vulnerability-Silently-Patched-in-Linux-Kernel-152678.shtml
http://projects.info-pull.com/moab/MOAB-20-01-2007.html
http://projects.info-pull.com/moab/MOAB-14-01-2007.html
http://projects.info-pull.com/moab/MOAB-01-01-2007.html
http://projects.info-pull.com/moab/MOAB-01-01-2007.html

Re:Complimentary 7 point Slashdot troll guide...

[Paradise+Pete]

2. If you can't do 1. adequately, then pretend Windows is some how easier to infect with trojans than other OSes.

I won't pretend that, but I will speculate that people who use Windows are generally easier to fool into running a trojan.

Re:Complimentary 7 point Slashdot troll guide...

[rolfc]

I said driveby infection, not vulnerabilities

Re:Complimentary 7 point Slashdot troll guide...

[realityimpaired]

And like most Linux users, you're fooling yourself into believing that you're safe simply because you're using Linux. The only way you're going to be safe is if you actually practice safe computing, and that's OS independent. You can be an idiot and get yourself screwed over regardless of what OS you're running. There is some security in obscurity, but if there were a billion Linux installations in the world today, then I would lay odds there'd be a hell of a lot more viruses floating around for it: virus-writing isn't about "hey look what I can do" any more, it's a business, and people make millions, if not billions of dollars from it. It doesn't make business sense to write a virus for an operating system that has less than 1% of the global desktop market. If the shares were reversed, then there'd be a big fucking bull's eye on Linux instead of Windows, and people would still be getting owned for their stupidity.

Personally, I prefer using the right tool for the job, rather than simply holding loyalty to a specific OS. I don't delude myself into thinking that I'm safe regardless of what OS I'm running, and if an OS is capable of doing what I want it to do, and I don't feel like I'm constantly wrestling with it to beat it into submission, then I'll use it. For some of what I do, that means I have Linux and/or BSD installed. For other things, that means I have Windows installed. Believe it or not, there are actually a few things that it does better than anybody else.

Re:Complimentary 7 point Slashdot troll guide...

[at_slashdot]

"you're fooling yourself"

How come you know what I think beside what I wrote? Interesting, you invented a mind reading device?

Re:Complimentary 7 point Slashdot troll guide...

[Archangel+Michael]

the 640K limit wasn't the problem. The actual problem was that the 640K were on the lower bounds of addressable memory (1024k), and not the upper bounds. The reserved 384k that was the upper bound memory was for bios, video, and hardware addressing. Since it was reserved, it was off limits to application/OS memory without doing tricks (QEMM etc). HAD the designers put the 640k on the upper bounds, and the reserved on the lower bounds, and a couple other "minor" design choices, there would have been no limits or need for any reserve, even if they couldn't program full functionality into the 8086 to start.

THE reason they put the 640k on the lower bounds was it was simpler to start counting addresses from 0 than say 384. Additionally, it wasn't MS' design problem it was IBM's PC division (almost rogue unit), as it was setup on Hardware, not in the OS itself. The OS was limited by design of the HW specs.

Re:Complimentary 7 point Slashdot troll guide...

[MuValas]

OS X seems to have it's share of security problems:

http://news.techworld.com/security/1798/mac-os-x-security-myth-exposed/

Re:Complimentary 7 point Slashdot troll guide...

He forgot # 8: When a news article mentions a computer fault without going into specific details, assume it must have been Windows, because every other OS is of course perfect.

Re:Complimentary 7 point Slashdot troll guide...

[RESPAWN]

And I would postulate that people running OSX are even easier to fool into running a trojan. Good thing for them, OSX isn't a very large target for trojan writers.

Re:Complimentary 7 point Slashdot troll guide...

[Beelzebud]

http://threatpost.com/en_us/blogs/apache-foundation-hit-targeted-xss-attack-041310

Re:Complimentary 7 point Slashdot troll guide...

[smcdow]

Are you trying to tell us that you don't know the difference between an operating system and a web server software package? [*]

[*] Apache also runs on on Windows

Re:Complimentary 7 point Slashdot troll guide...

[bruthasj]

8. Write a trolling guide.

Re:Complimentary 7 point Slashdot troll guide...

[yurtinus]

Problem with the entire summary and discussion - When your non-critical maintenance machine fails to report the errors given by the upstream systems (and subsequently overridden or ignored), you should NOT be blaming the OS or trojans on that machine. If you forget something, five people tell you you forgot something and you ignore them, the sixth person shouldn't take the blame for not saying anything.

Re:Complimentary 7 point Slashdot troll guide...

[toadlife]

Your original claim was that, "Windows is the only OS that support driveby.infections without interaction with the user".

All major desktop OSs run software (flash, adobe reader, safari, firefox) that regularly feature vulnerabilities, that if targeted, would allow for drive-by infections without interaction with the user. Given that fact, all major desktop OSs support drive-by infections without interaction with the user.

Re:Complimentary 7 point Slashdot troll guide...

[toadlife]

That's just one of the misconceptions windows fan bois use to console themselves.

No. It's what those of us who understand what security is and isn't know.

The truth is that Windows is utterly inferior in matters of security.

Just saying it does make it true.

Windows is less safe, but it is not because of some architectural difference between it and other operating systems.

Re:Complimentary 7 point Slashdot troll guide...

[Fredde87]

So what systems are 100% safe in userland? Or have you already forgotten about the recent Linux kernel fix which solved the problem where any X.org GUI application (like a Trojan) could escalate its own privilege to root? http://it.slashdot.org/story/10/08/18/1534258/Linux-Xorg-Critical-Security-Flaw-Silently-Patched?from=rss

Re:Complimentary 7 point Slashdot troll guide...

[LWATCDR]

Well the problem with your rebuttal is.
The system that was infected was not mission critical. It was a simple form+database app. Might have even been written in Visual Basic or FoxPro.
What it does is the mechanics enter in problems and if too many flags are registered on a plane it puts up a warning to ground the plane until the cause is found.
A handy check but not mission critical since the pilot and the ground crew shouldn't need a machine to tell them that.
Also the problem was the ground crews where not entering the data in a timely manner because the PC was too slow.
They are blaming that in the trojans but again not the cause of the crash.
What we have here is a simple database app that was running slow so it got ignored. Not really a system that needs "100%" uptime PS nothing is 100% usually people talk about five nines of reliability. 99.999% That is the goal for high availability systems like telecom. For mission critical systems in aviation you have redundant systems.
This system was not even a high availably system. It was little more than book keeping and didn't cause the crash at all.

Re:Complimentary 7 point Slashdot troll guide...

[thegarbz]

Actually many OS's can. They simply won't because no one could be arsed writing a virus that spreads to 5 computers and then gets no further because they can't see the next computer with the same attack vector. Just look at the very long list of patches that come out for various linux programs, look at the slashdot stories over the last few days about root escalation to see how everyone's pet OS can have issues.

An OS that can be infected with ease is a by product of sloppy administration. A windows machine, not connected to a network, without physical access to USB, CDROM, or heck even removing the keyboard and replacing it with a customised control panel, where the user has rights to open up one dedicated application only, is far more secure than a computer with any other OS that is simply plonked in place ready to use.

Also if you're worried about people screwing with it put a second computer not locked down, directly connected to the net beside it, and people won't even bother trying. Windows is only easier to compromise because every idiot with MCP certification calls themselves a competent admin.

Re:Complimentary 7 point Slashdot troll guide...

[rolfc]

Well, I asked for an example of an drive-by infection on Linux or OS X. I am still waiting.

The original post claimed that it isn't easier to infect Windows, i claimed the contrary. The fact is that we see drive-by infections on windows all the time.

If other OS's was equally insecure, we would see attacks directed to them as well. Vulnerabilities are there, but we don't see drive-by infections. So if you can give an example of a drive-by infection on Linux or OS X, I would concede. If you can't give such an example, you should concede that you are wrong.

Re:Complimentary 7 point Slashdot troll guide...

douche...

Not surprised

[Mainframes+ROCK!]

The microcomputer world is an open sewer. Always has been, always will be.

There will come a day

[linzeal]

When someone's malicious Trojan, Virus or other Malicious Coding will be used as evidence in a murder/manslaughter trial; however, what is needed, is a day when any seriously incompetent bit of code on a vital system should have the potential to be used in criminal court. I'm an Mechanical Engineer and I have to have a certification and insurance even as a contractor, why should I have to spend 1000's of dollars a year doing so I can work on building the mechanical systems of the plane when the programmers involved in avionic hardware don't? It would be like having licensing requirements for all doctors involving the body except Psychologists and Brain Surgeons.

Re:There will come a day

[AlecC]

This was not avionic hardware. This was an office based fault logging computer.

Re:There will come a day

[bjk002]

There are plenty of Certs for programmers, just as there are plenty of Certs for engineers.

That makes no real difference as a Cert is a piece of paper, and in the end no real reflection on the quality of work that can be or will be performed by an individual at any point in time. Even the best programmer or engineer in the world can have a bad day.

The answer is NOT in Certs. The answer is in proper regression and systems testing, code and design reviews, and consistent QA. All of that is expensive, which is why it is rarely if ever done correctly.

Re:There will come a day

[ultranova]

I'm an Mechanical Engineer and I have to have a certification and insurance even as a contractor, why should I have to spend 1000's of dollars a year doing so I can work on building the mechanical systems of the plane when the programmers involved in avionic hardware don't?

As an engineer you can assume that the laws of physics underlaying your work don't change, but as a programmer you can not.

Modern microprocessors contain close to a billion (1,000,000,000) transistors. It's simply impossible to guarantee that such a complex system works correctly in all circustances, and that's before we're talking about the correctness of software itself. If you have electronics in the system, it's going to contain bugs, period. The only question is: do unexpected conditions cause it to fail silently (as happened here), or does it make alarms blare, allowing humans to bypass or reset the faulty component?

Of course none of this means that you should hire the cheapest Visual Basic experts to program critical systems, but you have to take into account that no matter how careful the programmer is, things can and will fail.

Re:There will come a day

[Bobb+Sledd]

Pretty good post, but I have to mark off points because you didn't use a car analogy.

Re:Windows?

[LordLimecat]

Or possibly TSA?

A result of employee loafing

[hessian]

1970s:

"I'm sorry, our computers are down." (Reality: our employees are playing NET TREK and DUNGEON on a Friday afternoon.)

2000s:

"I'm sorry, our computer has a trojan." (Reality: our employees finally found an "unused" machine to surf porn, got loaded up with Russian malware, and now it's nobody's fault.)

Re:A result of employee loafing

I call bullshit on this one. I have yet to hear about a trojan that causes updates on a database to be delayed by 24 hours. This is simply a case of the techies' procrastination having dire consequences. They're just passing the buck, and some unsuspecting sysadmin is about to get his ass on a sling.

IIRC, the technicians detected the issue which caused the catastrophe (a heat probe which was detecting overheating on some part of the plane, which would cause the plane to be grounded) and decided to put some ice bags on it to "fix the issue". Even the pilots were discussing that (the black box audio from the cockpit was leaked last year, and it's kind of funny, except for the 152 stiffs). This, I assure you as a Spaniard, is the typical Spanish fuck-up in its "way over budget" version. These bastards and their boss should really consider getting into politics, they'd fit right in.

I guess someone needs to update Wikipedia...

[qwerty8ytrewq]

The list, by cause does not mention virus, trojan, hacking or any thing similar as a cause for an airline crash, although it reads like a contributing factor in the article, rather than a primary cause.

(Damn pilot error.... how long till the AI's can fly planes? oh wait, they can).

Nothing to do with the plane

[Kupfernigk]

This is an aggregating computer at SpanAir HQ which is supposed to record aircraft alerts and notify when too many of them happen too close together. Its only connection with the on-board computer is that somehow it receives the alerts from it. Its OS is unstated. It is not a mission-critical system, it is a decision-support system. Even so, someone looks to have been careless.

Whoever modded up the above post - you've missed the point. There may have been a fault in the on-board management system - or human error failing to heed a warning - but nothing in TFA suggests that malware was in any way involved on the flight deck.

So, when...

[Titan1080]

Does the 'War on Trojanists', begin? But seriously, someone wrote that virus. That means that someone, somewhere (probably Estonia), is guilty of killing 154 people.

Re:So, when...

[heitikender]

Very interesting to hear, how you came to that conclusion.

Re:So, when...

Does the 'War on Trojanists', begin?

These guys are gonna be upset if that happens

Re:So, when...

[velja27]

Come one we all know that Greeks made the trojan horse, and by that logic we should charge them with the responsibility of those unfourtunate people that died in that plane crash. Or even better, start a propaganda about how the maker of the trojan horse moved to somewhere in Middle East, for example Iran, and go there to ``do`` justice upon them.

Re:So, when...

[Arthur+Grumbine]

Very interesting to hear, how you came to that conclusion.

I just knew Shatner posted on /.

Summary needs a bit of clarification

[ptbarnett]

The infected computer was one being used by mechanics to enter maintenance log entries. According to the article, an alert is supposed to be raised if three failures in the same part or subsystem occurred. If I understand the broken English correctly, they would have taken the plane out of service had the maintenance log entry been completed before the plane attempted to take off.

But, the problem that was supposed to be logged was reportedly an overheated pitot tube. That was not the cause of the crash: the report says that the pilots did not set the flaps correctly and a warning alarm did not go off. This was not related to the problem with the computer being used by mechanics.

The article appears to be trying to link two independent events: a separate problem with the plane and an error by the pilots. Or maybe it's just the broken English translation.

Re:Summary needs a bit of clarification

01. The computer emits an alarm signal when three similar technical problems are registered in the same device ..

02. The Spanair plane accumulating three incidents, which were not registered in time on the computer ..

03. An internal company report, dated the day of the accident, indicates that the monitor was contaminated with "Trojans." ..

04. Spanair took about 24 hours to score in the computer failures of its planes ..

05. When employees tried to open the computer to write these three incidents realized that the monitor was useless by the invasion of Trojans. By then, the ship had crashed ..

06. The aircraft has an alarm that warns the driver if you forget to turn those fins. That day, the alarm did not ring.

Re:Summary needs a bit of clarification

Spanish is my mother tongue, so maybe I can shed more light after reading the original article:

The procedures of Spanair are to log incidences right away whenever they are detected. Three accumulated incidences and the plane is grounded.

Two incidences had been found the day before the crash. One incidence was detected on the same day of the crash.

However, the technicians did not enter the incidences into the system right away, because the system was too slow (assumedly due to the malware)

The system did not trigger any alarm on the same day because the incidences had not been entered by the technicians. The plane was deemed airworthy, and then the accident happened due to the multiple causes described elsewhere.

Re:Summary needs a bit of clarification

[Registered+Coward+v2]

The infected computer was one being used by mechanics to enter maintenance log entries. According to the article, an alert is supposed to be raised if three failures in the same part or subsystem occurred. If I understand the broken English correctly, they would have taken the plane out of service had the maintenance log entry been completed before the plane attempted to take off.

But, the problem that was supposed to be logged was reportedly an overheated pitot tube. That was not the cause of the crash: the report says that the pilots did not set the flaps correctly and a warning alarm did not go off. This was not related to the problem with the computer being used by mechanics.

The article appears to be trying to link two independent events: a separate problem with the plane and an error by the pilots. Or maybe it's just the broken English translation.

Very true - the accident appears to have been the result of a series of crew errors that lead to an improper takeoff condition:

From Wikipedia: On 17 August 2009, CIAIAC released an interim report on the incident [21]. The interim report confirmed the preliminary report's conclusion that the crash was caused by an attempt to take off with the flaps and slats retracted, which constituted an improper configuration, and noted that safeguards that should have prevented the crash failed to do so. The cockpit recordings revealed that the pilots omitted the "set and check the flap/slat lever and lights" item in the After Start checklist. In the Takeoff Imminent verification checklist the copilot just repeats the flaps and slats correct values without actually checking them, as shown by the physical evidence. All three safety barriers provided to avoid the takeoff in an inappropriate configuration were defeated: the configuration checklist, the confirm and verify checklist, and aircraft warning system (TOWS).

Had they not made a series of compounding errors the flight probably would have been uneventful; it appears the deactivated systems was not related to the crash. It may be that some other systems were improperly set - ground vs flight mode - which caused problems and may have contributed to the accident; but none are related to the maintenance computer. Should the plane have been grounded due to an early problem? Maybe; but that may not have prevented the errors that lead to the crash.

We'll never know what the pilots were thinking; but having aborted one takeoff they may have assumed, intentionally or not, that they systems were set for takeoff and did a cursory check as a result; I've seen that happen in other industries where checklists are used. You interrupt the expected course of actions and people simply pick up where they left off, without assuring the systems were properly set for operation.

Re:Summary needs a bit of clarification

[asadodetira]

This case is interesting because from the legal perspective it is of interest to find responsibilities for the accident. The malware did not cause the crash but it interfered with the logging protocols. The technicians will be probably held responsible for not taking measures such as manually checking printed logs, if the computer failed.

Re:Summary needs a bit of clarification

Not entirely correct: that error, which was not directly related to the crash, would have been the third known fault with the plane. According to their safety guidelines the plane would then have been grounded, but the computer in charge of these "3 strikes" alerts was unusably slow when the mechanics tried to input the third flaw, so they just shrugged it off.

As you say, though, it was pilot error in the end, so we may never know whether switching planes would have solved anything.

Re:Summary needs a bit of clarification

1. The overheated pitot tube IS RELATED to the accident. It is so in two ways.

On one hand, it caused the aircraft to return to stand. The resultant delay has created pressure on the crew (although of course it shouldn't), as evidenced by the leaked voice recordings.

On the other hand, the cause of the overheating has been diagnosed (after the accident) to an intermittent failure of a relais. This fault has set the aircraft into flight mode instead of ground mode, and so the pitot was heated (as usual during flight). It is that very same reason that prevented the flaps/slats warning to go off! The aircraft systems were in flight mode, thus no alarm.

Interpreting the hint given by pitot problem, and correcting the relais might have helped remind the crew of the incorrect flaps/slats configuration.

2. Of course you are right that the currently discussed TROJAN issue is less related. A proper fault log certainly helps to recognize the intermittent nature of a fault.

Re:Summary needs a bit of clarification

Oh, that's interesting, as the LAPA accident in Argentina had a similar cause (Though the alarm DID go off in that one, the crew just ignored it)

your company has to be nuts....

To have a critical system run windows.

Honestly, Why do companies keep going for the lowest bidder that cuts corners hard and uses windows for anything critical? It's even in the Windows EULA that you are NOT to use windows for anything mission critical where lives are at stake.

Re:your company has to be nuts....

[AlecC]

Have you read the article? How "mission critical" is the home-base fault logging system?

Re:your company has to be nuts....

[GameboyRMH]

The fault logging system that monitors the history of parts on airliners that are currently in service? Oh I bet it's not that important...

Re:Windows?

Those damn TLAs!

Anonymous Coward

I am a Spanish Software Engineer, and the problem here not is Windows
running on the critical systems, or malware, the real problem is that the
Computer Engineering's Jobs (Critical...) don't have to be occuped by an engineer.

to sum up, the proffesion is not regulated!

or just an excuse?

[frovingslosh]

Maybe the computer was infested with trojans, although no evidence is offered to support this, not even the names. If it was, that still doesn't say that the trojans caused the problem. After all, the computer must have been running well enough even with the infestation to seem to be working. I'm inclined to think that trojans may just be a way to not really address the real problem.

Re:or just an excuse?

[AlecC]

The computer certainly did not cause the problem, since it was in the maintenance base hundreds of miles away. it may, however, have failed to pass on an alert that would have resulted in the system which did cause the problem being checked.

Pandora's flight box

[Drakkenmensch]

This opens a new legal can of worms - if a trojan or virus is found to be resposible (at least partially) of a plane crash, can the creator fo this virus be held legally liable for the crew and passenger deaths?

Re:Pandora's flight box

[IndustrialComplex]

This opens a new legal can of worms - if a trojan or virus is found to be resposible (at least partially) of a plane crash, can the creator fo this virus be held legally liable for the crew and passenger deaths?

I don't see why not. It might be hard to prove murder, but negligent homicide should be fairly easy to show. Reckless endangerment should be damned near an automatic conviction if you can prove that the person released the virus even if it DIDN'T hurt anyone.

The same way you can be cited for unsafe driving even if no crash occured.

This has boinged my BS meter

[CaptSlaq]

So this computer has not been "sending notifications in a timely manner"? This summary smells, but its what I gathered from the article. Can a native speaker put up a good translation of this? If this is the case, it's a case of a broken PROCESS, as the mechanic(s) should have some sort of secondary mechanism to flag trouble and say "this isn't safe".

From what little I've read, the computer is a scapegoat and indicative of several failings in the system.

Re:This has boinged my BS meter

[McNihil]

Exactly my thoughts... there wasn't anyone willing to take the blame or rather in this case they were most likely dead and the authorities weren't able to convincingly put the blame on someone that is dead without their defense. That's ok... pointing fingers is never a cool thing to do BUT to say that it was a computer glitch is more than a little arrogant against the people who are still alive and have been effected by the tragedy. It permeates an aura of a botched investigation and reeks of underhanded and ulterior motives where the authorities can now say that Virus/Worms/Trojans indeed can kill people and put a hefty criminal charges on infractions and their perpetrators. This happens all the time when there is nobody that can own-up... the nefarious mofo's will take any and all advantage to hoist control over the populace.

Re:This has boinged my BS meter

[AlecC]

This computer IS the secondary, or even tertiary, system. The computer was intended to log when one aircraft had a number of faults in the same system very close together, which might be indicative of some underlying system failure. Such a burst of faults (three in two days) occurred in this case, which should have resulted in the plane being grounded - but the mechanics who found the third fault could not log on to this system, which was for some reason down.

Re:Windows?

[MrShaggy]

Kind of brings a sad new meaning to 'BSOD'

Re:Windows?

[Abstrackt]

Or possibly TSA?

In America, TSA reads you.

Swiss cheese

[Fzz]

The crash of an airliner these days is rarely due to a single cause. There's a saying in the industry that a crash occurs when the holes in the Swiss cheese happen to line up. This appears to have been the case with this particular crash.

• The direct cause was that the pilots attempted to take off without setting take-off flaps.
• They were rushing because they'd had a technical issue, and returned to the terminal after previously taxiing to the runway and completing the take-off checks. So they accidentally skipped the critical check that the flaps were deployed when they lined up to take off the second time.
• There's a take-off configuration alarm that is supposed to alert the pilots, but it wasn't working.
• It wasn't working because the engineer removed the circuit breaker that powered it, in order to turn off a stuck heater on a pitot tube that was due to a malfunctioning switch.
• This particular fault had been noted on previous flights, so should have flagged a warning on the airline's fault monitoring system.
• The fault monitoring system had a trojan.

Yup, the holes in the cheese certainly lined up that day. None of these, by itself, would have caused the crash.

Re:Swiss cheese

I'd like, just once, that when a perfect storm as they call it happen like that, instead of play blameshift and saveasscape ending up with everyone not guilty, to have all of them indicted for their part in the scenario. all of them:

the one that designed the system so that he could be infected by a virus
his supervisor
the it staff not noticing the virus
their supervisors
the pilots (were they alive)
the engineer replacing the faulty breaker

etc. etc. etc.

Re:Swiss cheese

[Kitten+Killer]

Instead of indicting everyone under the sun, let's do something to fix it instead of tossing people in jail. Many people contributed a little, like Murder on the Orient Express. In the end, the ultimate responsibility rested on the Pilot-in-Command who paid the price for his mistakes. Let's learn from it instead.

1. Revise procedures so that the PNF (Pilot-Not-Flying) visually confirms the flap & slats indicator instead of just reading it to the PF (Pilot Flying)

2. Design future systems such that the take-off config warning isn't on the same circuit breaker as the Total-Air-Temp sensor. (I'm a recreational pilot, not an engineer, so I don't know if there's a valid reason for them to be on the same circuit.) Also, have an EICAS warning when the take-off-config alarm is disabled.

3. Have the engineers remind the pilots / placard the cockpit to remind them that the take-off-config alarm is disabled.

4. Flapless take-off attempts leading to accidents are not a new thing to airplanes. Further training seems to be required, especially as the small aircraft we all initially learn in will take off without flaps.

Re:Swiss cheese

[xtracto]

the one that designed the system so that he could be infected by a virus

Well... then blame Microsoft and Bill gates. Because the problem in the computer with the virus was in a NORMAL PC running Windows and with a standard Trojan.

the it staff not noticing the virus
their supervisors

Completely agree.

the pilots (were they alive)

I don't agree. The pilot even returned to check something that was wrong in the airplane, which was fixed by the mechanics. They did everything they thought to make the flight safe (shit, considering THEY where going in that flight).

the engineer replacing the faulty breaker

Maybe...maybe not... the guy looked at the problem and replaced the problematic part. However it seems there was another problem which should have been REPORTED IN THE MONITOR COMPUTER but as it was not, he could not have guessed.

Re:Swiss cheese

[joshier]

Looks like most of the causes were due to being rushed. It confuses me that people complain about these services which, if rushed, are life-threatening. An example, my friends brother was rushing to get home quick in his car. He was over tired and it was at night with icy roads. As you can guess he crashed and took out a persons garden wall, luckily he didn't die and had minor injuries. However, his aim was to get from A to B faster by a couple minutes by driving quicker - this then caused him to have around a 16 hour delay by staying in a hospital over night. Ironic.

Re:Swiss cheese

[cronius]

Amazing stuff. When you put it like it almost seems "meant to be" ("what are the odds" etc).

I've seen a lot of disaster shows on national geographics, and my conclusion is the same: Accidents (in aviation) very rarely happen because of one single event, it's always a chain of small events that together cause the (mayor) accident.

What I think is a good lesson from that is that people involved in anything remotely security related has to be taught to be completely nazi about what they do, as if they're always the final defence before an accident. Because if just a single person never slips on the tiny details, mayor disasters might actually be avoided (on that guys shift at least).

It's all about the details. Never rush the details.

Re:Swiss cheese

[lamer01]

it boils down to human error. If I were ever a commercial pilot, I would double/triple check my flaps at take off and before landing regardless of what my checklists & idiot lights say. It's such a crucial step that I would be anal about it.

Re:Swiss cheese

[steve6534]

Exactly right. This sounds exactly like Northwest 255 years ago on the same type of MD-80 where the take off warning system failed to alarm when flaps were not extended - http://en.wikipedia.org/wiki/Northwest_Airlines_Flight_255

Re:Swiss cheese

[SmilingBoy]

Just wanted to write this post myself :) One more comment:

• It wasn't working because the engineer removed the circuit breaker that powered it, in order to turn off a stuck heater on a pitot tube that was due to a malfunctioning switch.

Additionally, noone seemed to have been aware that the circuit breaker for the pitot tube heater had other important functions. The pilots were only advised that they should not fly in icing conditions as the pitot tube heater would not be working. This was not considered a problem as no icing conditions were expected anyway.

Had the engineer been aware of the other functions of the circuit breaker, he would probably have notified the pilots that the plane's take-off configuration warning system would not have worked.

Re:Swiss cheese

Very interesting and very sad at the same time. Murphy's law and Chaos theory rolled up into 1. Or are they same? I don't know. What's interesting to me is that there was a chance that the plane could've been grounded for the indirect cause. Yet it was the indirect cause that caused the direct cause. Kind of spooky. It's like saying no matter what you could've done to prevent the crash it would've still happened. It brings to mind quantum mechanics and the theory of parallel universes. Not that I'm an expert in any of that stuff, but I like Science in general. RIP to all the passengers that died on Spanair Flight JK-5022.

Re:Swiss cheese

[tgv]

This line of reasoning leads us nowhere. You explain "cause #1" as the result of a number of other events. They will in turn have other causes, etc., etc. This is going towards "the stuck heater got stuck because dust had accumulated; dust had accumulated because the filter was malfunctioning; the filter was malfunctioning because someone overlooked it; that person overlooked it because his telephone rang; his telephone rang because he needed to contact the office; he needed to contact the office because someone had gotten sick and he needed to do a weekend shift; the other person became sick because ...". In short, nowhere, because someone getting sick doesn't cause planes to crash.

But reducing it to multiple causes doesn't mean prevention of one of them wouldn't have helped. If the analysis was correct, the absence of the trojan would have prevented the crash. So the story still stands, and it's something to consider, not to shrug off.

Re:Swiss cheese

[GameboyRMH]

# There's a take-off configuration alarm that is supposed to alert the pilots, but it wasn't working.

# It wasn't working because the engineer removed the circuit breaker that powered it, in order to turn off a stuck heater on a pitot tube that was due to a malfunctioning switch.

This reminds me of one of my cars.

- The AC idle compensator's frozen up so don't turn on the AC while stopped and in neutral without giving it extra gas or the engine shuts down.

- High beams are dead, don't switch to them or you'll just be turning all your lights off.

- Keep your hand on the shifter when going into 5th or it might pop out.

- Engine's worn to hell so fill it with 25W-60.

- The right rear wheel upright is defective, has to be set for maximum toe-in to keep it going straight.

- The front left brake caliper's kinda sticky, remember it'll lock up first.

- Don't take the electrical tape off the wiper fluid tank, that's what's covering the cracks.

- That gatorade bottle under the hood is an oil catch can. Just empty it out if it fills up.

- 1st speed on the cabin fan's dead. Choose another speed.

- Left side of the instrument cluster doesn't light up. Just remember how much gas you have at night and guess how fast you're going if it's under 100.

- You can't see shit out of the back 'cuz the tint's old. Open the door or roll down a window and stick your head out.

- The keyhole in the trunk's no good, open it from inside.

- The fuel door gives trouble to open on hot days. Just pull it really hard a few times.

- If fuel flow seems a bit restricted it's because a piece of a filler nozzle broke off and fell down there. Just take your time filling it up.

- The driver side sun visor's broken so I took it out. Can't find a replacement, wear sunglasses.

- The trunk leaks like a sieve. Don't put anything back there you don't want to get wet and remember to spare tire compartment for water every now and then.

- Also the back left glass leaks at the top now, but the water escapes through the rust hole at the front edge of the back-left wheel well, so it all works out.

- The front quarter panels fill up with leaves and dirt near the door hinge. Scrape them out with a twig every now and then.

I wish I was kidding...about any of this...but hey it's either this or I pay too much for some electro-nannied jellybean while I save up for my dream car.

Re:Swiss cheese

it's the market. you can't regulate it without a push on the economic forces behind.

toss people in jail, specially the ones up in the chain of command/control and not only the simple perpetrators (why in hell we have supervisors if supervisors are never responsible for their subordinates) - tossing people in jail is enough of a force to push the market to create self regulations and supervisor to force their subordinates to comply

and they want to have networked auto drive cars

[Joe+The+Dragon]

and they want to have networked auto drive cars some day as well.

I hope that the windows based car navigation and sound system is not hooked to the drive part at all or even better no windows at all.

Re:and they want to have networked auto drive cars

[ground.zero.612]

and they want to have networked auto drive cars some day as well.

I hope that the windows based car navigation and sound system is not hooked to the drive part at all or even better no windows at all.

I would find it very difficult to navigate in a car lacking windows.

the problem was

No, the crash wasn't caused by the computer: the problem should have been avoided by the information logged in that computer system. But it wasn't available.

Our lives do depend on computer systems.

No Cause and Effect Alleged

[anorlunda]

The Spanish article cited in the summary does not allege any cause-and-effect relationship between the computer, the trojans, and the crash.

Nearly all crash investigations reveal factoids that cause suspicion and which invite people to jump to conclusions. Sometimes, the premature public debate on such issues cause emotional harm to victims, their families and other people involved.

I realize that I'm pissing into the wind to raise this topic. I's human nature to gossip. Slashdot is no different than any other public forum in this regard. It just frustrates me to see this happen again and again.

Re:No Cause and Effect Alleged

[xtracto]

The article does mention that IF the computer had been in good state (without trojans) then it would have informed that the plane had THREE failures of the same kind, preventing it from taking off.

Of course it all comes up to complete airline negligence and control. As the article said, each failure took 24 hours in being registered.

After reading this article I am convinced I will never fly with this Airline.

One thing that is important to note is that the trojans were NOT in the plane itself, but in a standard PC somewhere in Palma de Mallorca.

Catch-22

[PolygamousRanchKid+]

That pilot should have had his license revoked.

Well, I think the crash took care of that.

Unless the pilot was Captain Orr from Catch-22 . . . then he and all the other passengers would be frolicking in Sweden for the rest of the war . . .

Accident?

[jesterpaul]

Wow. I thought Trojans were supposed to prevent "accidents."

Re:Accident?

[ArsenneLupin]

No, occasionally they burst... Always check the use-by date and don't use petrol-based lube.

War?

[Archtech]

This news puts Trojans in a new light. Taking over PCs to run scams is one thing; causing the deaths of 154 people is entirely different. Every top law enforcement agency and intelligence organization should be working to track down all of those responsible - from the guys who wrote the Trojans to the managers who allowed them to contaminate their computers, and very possibly those who wrote the vulnerable software and those who sold it for such a safety-critical application.

I shall be interested to see whether this case gets the same level of attention from the CIA, etc., as the Lockerbie crash. The latter killed 270 people (including some on the ground), but that's just because there were more passengers on that particular flight. The essential crime - the destruction of an airliner and most, or all, on board - is the same. Are we about to see a "war on malware" from the White House and the Pentagon?

Re:War?

[AlecC]

This was an office-based logging computer in the maintenance department, logging faults reported from outstations.There is no evidence yet that it caused the deaths. However, had it been working, it would have grounded the aircraft, and the pilots would not have had the chance to make the mistake which killed them and their passengers. The primary fault was pilot error.

Re:War?

[Archtech]

The primary fault was pilot error.

I understand that. Nevertheless, as you yourself admit, without the computer error the plane would not have crashed and the people would not have died.

If a traffic light gets jammed at green while the lights pointing the other way continue to cycle, I might drive through and cause a crash. The primary fault would be mine, as the light being at green does not absolve me from the responsibility of checking that it is safe to proceed. However, the traffic light failure would certainly contribute to the accident.

Re:War?

[miffo.swe]

I would much rather see software manufacturers be put under the same exact terms as auto makers. Make it expensive to fail and disregard any Q&A and the problem will fix itself.

Right now the cost of shipping a faulty product is zero in the software market. The only cost is a public relations one and that can be successfully mitigated by hiring oodles of PR firms instead of fixing the real problem.

The criminals will always be there so the only solution that has any effect in the long term is making the systems more resillient to attacks.

Ugh

[jav1231]

Between this and hospital computers rebooting themselves after auto-updating how can people defend Windows in critical operations? At the very least run embedded WIndows or something more specialized. Though, yes, I admit I'd rather see them not run Windows at all.

Re:Ugh

Main thing here is not wether Windoze yes or not. Main thing here is about security and regulation. This is all about.

Re:Ugh

[Robert+Zenz]

No, the main problem is a generation of Admins which think that it is a good thing to use an Operating System which was intended for the 'dumb' desktop user, and not servers.

Re:Ugh

[LinuxIsGarbage]

Even better would be if people didn't half ass engineer their system. Hospital computers autorebooting causes a problem? Disable it and manage reboots for updates some other way. Relatively critical system? Lock it down. No web surfing access, no external drives, no unapproved binaries etc.

Re:Ugh

[jav1231]

Except in Windows they're called:
Programs
Program Files
Applications
Application Files

My stuff (as in, "I think I installed too much stuff on my computer and I'm running out of memory)
My icons
The thing, you know, that I click when I need to do so-and-so

See post #33313394 above.

More than just revoked...

That pilot should have had his license revoked.

I think you'll find that his license was indeed "revoked"... by Darwin himself.
Unfortunately over 150 other people paid the price as well.

not alleged, but implied

[frovingslosh]

You are right, this is never alleged. But it is implied and they clearly want people to take the false impression by what is said and not said. Otherwise, it is a completely pointless thing to say. I would be like going out of your way to point out that the computer had a CRT screen and not an LCD screen. If there is no cause and effect (and I also believe there is not in this case), why make the statement?

Re:not alleged, but implied

[ArsenneLupin]

I would be like going out of your way to point out that the computer had a CRT screen and not an LCD screen.

Not really comparable. You don't (usually) catch trojans or virii via your screen.

The OS and browser, on the other hand, is a different matter and I'd say it is relevant.

If somebody dies of lung cancer, it is relevant to say whether he smoked or not, but speaking of the color of the wallpaper in his living room is not. (Ok ok... I mean its original color, not that dirty yellow tinge that it may have acquired over the years :-) )

The pilots were human

I wouldn't say that they were incompetent since I'm 100 % sure that they knew how to use flaps but simply forgot to set them since they're human.

As an aviation enthusiast that has read lots of accident investigation reports, I can assure you that most accidents have simple causes like that. Crews are very stressed to stay on schedule and it's human to then resort to bad practices - they start going through checklists early just to make it on time and are interrupted by something and then forget where they left off.

Now, I'm absolutely sure that despite many people perceiving it as scary, all pilot functions will be completely automated sooner rather than later. And I'm also convinced that it will improve safety significantly since even if you were to accept every conspiracy theory about Airbus computer flaws as true, the very same automation has already made more would be accidents to mere incidents. The best example is an Emirates A330 taking of from Johannesburg. The flight crew had miscalculated Vr (the speed at which to rotate on take-off) but the computer detected that the aircraft didn't lift and prevented further rotation (and a consequent stall) until the aircraft had sufficient airspeed. Obviously that didn't make the news so apart from enthusiasts like me, nobody cares but if 300 passengers had died it would've been a different story. Or alternatively one can also note that Turkish Airlines 1951 would never have happened to an Airbus since the more sophisticated computer would've noticed the discrepancy between the two altimeters.

And since I have a rather firm stance on these computer vs. pilot issues, I might add that Boeing has also finally seen the light with the 787 by programming in essentially the same protections as Airbus had for over two decades already. What perplexes me, though, is that some people have thought that the 777 as Boeing's first FBW somehow was immune from software bugs just because it isn't programmed to override the pilot yet relies on a shitload of code to emulate hydraulic controls to be familiar for pilots. Personally, I'm not worried at all about software bugs, though, since knowing the development practices at both Airbus and Boeing, I'd say that they are purely hypothetical anyway.

Partial Translation (non-google)

[xtracto]

The central processor of the Spanair company in which airplane failures were logged was contaminated with malicious computer programs when the accident of flight JK 5022 was produced, two years ago.

The computer, situated in the airline headquarters in Palma de Mallorca emits an alarm signal in the monitor when it registers three similar technical problems in the same devcie. The plane that crashed in Barajas two years ago - 154 of their 172 occupants died - accumulated three incidents, which where not timely registered in the computer.

An internal memo of the company, dated the same day as the accident, indicates that the monitor [computer] was contaminated with "trojans". These malicious programs can provoke damage and facilitate attacks from computer hackers. Precisely, the association of the accident victims, has asked the judge, Juan David Pérez, to ask Spanair all the annotations registered in that computer in the dates before and after the accident. The magistrate has just ordered the airline to provide such data.

The previous defect adds to the fact that Spanair took 24 hours to annotate plane failures in the computer, according to the airline mechanical servicemen.

This is not a trivial issue, because presumably, the flight JK 5022 would have not taken off had its logs in the computer being up to date. The alarm should had been set off, given that the plane registered two failures before the accident in August 19th and one in the same day in August 20th. It was this last incident the one that motivated the flight commander to return from the head of the runway, after detecting that a probe had overheated and without justification. It is the mechanics who have the obligation to communicate to Spanair in Palma each failure just at the time when it is detected. In this case, when the employees tried to open the computer to log these three incidents, they realized that the monitor was unusable due to the trojans invasion. At that time, the airplane had crashed.

no windows based os not the car windows

[Joe+The+Dragon]

and they want to have networked auto drive cars some day as well.

I hope that the windows based car navigation and sound system is not hooked to the drive part at all or even better no windows at all.

I would find it very difficult to navigate in a car lacking windows.

no windows based os not the car windows

Re:no windows based os not the car windows

[ground.zero.612]

whoosh!

Totaly lack of concern for those that died

[Biggseye]

It totally amazes me, the almost total lack of concern for those that perished in this crash. With few exceptions the consensus is that Windows is to blame or he lack of a redundant system is to blame, or the airline is to blame, or the aircraft, or the government, or anyone or anything other than the creators of this Trojan. IF and I say if cause there is no direct proof or actual allegations in the article, this trojan had ever 1/10 of 1 percent of the blame then you all should be calling for the head of whoever wrote this damn bug. It seems to me that as a group, the people here on slashdot are more concerned about a minor flaw in a the latest release of a game then they are about nasty bits of vicious code that may have, even in a small way, contributed to the death of 154 people. Your priorities sadden this old man.

El Pais?

[ArsenneLupin]

Does anybody have a link to this event from a more credible source?

NOT mission critical

[colinnwn]

Say it with me people. This management reporting computer that had the trojan was not mission critical. It was on the ground, received alerts on discrepancies from the airplanes for later review, but did not affect the operation of the aircraft in any way.

Re:Windows?

[Z00L00K]

In any case the malware author could be charged with 154 cases of second degree murder. Or will it be mass murder?

It would be interesting to see that in court.

Just need a super cable

[Ripit]

Pop one of these AKDL1's on it, and the machine is immune to trojans.

Re:Just need a super cable

[Ohrion]

Lol! Wish I had mod points today. :)

The semiconductor industry is ga-ga for windows

I work at a large semiconductor company, and tons of the extremely expensive, high-tech, and possibly dangerous fabrication tools run windows. Why? I have no fucking idea. Yes, we have had them get viruses and scrap thousands/millions of dollars of material. Yes, plenty of them are still running windows 98 or something because the closed-source software running on them cannot be upgraded. No, I don't understand how an army of otherwise smart and forward thinking engineers and managers ends up using bad, locked-in, closed source desktop operating systems in a 24/7 production environment. Who knows, maybe political wrangling from MS (semiconductor industry/computer industry).

Windows?

[zombieChan51]

Where the hell do people see windows in this article? I've read it three times seeing no mention of windows. Do you people hate windows so much that you see it everywhere.

Re:Windows?

[halowolf]

And I would dearly love to see it in court. However I would imagine it would fit more under manslaughter rather than common law type murder, as I would imagine the trojan writer wasn't out to kill people. Though I would imagine you could argue malice is involved in writing trojans. I'm not a lawyer so don't take notice of anything I say. Though going by the poorly translated article there was more going on then just the trojans, the trojan computer may of been more of a contributing factor rather than the primary reason for the crash, due to reasons stated in the article.

Re:Windows?

Oh, you mean Microsoft Excel ?

Translation of article

[hggs]

The damage control computer of Spanair aircraft had a virus

The central computer of Spanair, which recorded failures of aircraft was contaminated with malicious software when, two years ago today, Flight JK 5022 crashed. The computer, located at the headquarters of the airline in Palma de Mallorca, emits an alarm signal on its monitor when it registers three similar technical problems in the same device (plane). The plane that crashed at Barajas two years ago today -killing 154 of its 172 occupants- had already accumulated three incidents, which were not registered in time on the computer.

The summary (legal documentation), with two defendants, now occupies 46 volumes and nearly 12,000 pages

An internal document of the company, dated the day of the accident, indicates that the monitor was contaminated, "with trojans." These malicious programs can cause damage and facilitate attacks by hackers. Indeed, the association of victims of the crash has intervened in the case, and asked the investigating judge, Juan David Perez, to ask Spanair for all the pertaining entries in that computer on the days before and after the incident. The judge has just given an order in which it ordered the airline to provide this data.

Besides the stated virus on the computer, it has been added that Spanair took about 24 hours to input data about failures of its planes in the computer, according to declarations made by two mechanics from the airline in front of a judge. This is not a trivial matter, specially since flight JK 5022 would not have taken off from Barajas Airport in Madrid had its data been on the computer that day. It would have triggered the alarm, two incidents (deficiencies) had been spotted the day before the accident, August 19 and a third on the 20th, the latter defect was what motivated the flight to return from the runway, when the commander determined that a tube had overheated without justification. The mechanics are required to notify Spanair in Palma de Mallorca each defect immediately after detecting it. In this case, when employees tried to input the information on the computer to write these three incidents, they noticed that the monitor was useless due to the invasion of Trojans. By then, the plane had crashed.

The summary of this accident occupies about 12,000 pages. At the moment there are two defendants who are Spanair technicians. The judge is still waiting for the experts he appointed to report on the causes of the accident. A first analysis of the Commission of Inquiry into Accidents and Incidents of Civil Aviation (CIAIAC) revealed that the cause of the catastrophe was that the pilots forgot to turn on takeoff flaps and slaps, which are some small spoilers on the wings that help the vessel to rise. The aircraft has an alarm that warns the driver if you forget to turn on those fins. That day, the alarm did not sound (go off). The judge investigates whether there is a relationship between the failure of the alarm and the defects detected on the plane before the accident.

--
Did I just say that?

Made up story

[vorlich]

Not quite making top of the news anywhere apart from tech sites scrapes of slashdot (or vice versa), 'cos any budding Kelvin McKenzie can call the investigation team up and ask them if it is true. The only source is an newspaper. Legal buck passing strategy. A hint: no mention of any real files or names, but lots of mentions of ground crew and pilot error.
You decide!

Re:Windows?

[Mister+Whirly]

But not TWA - they suck.

One step guide to Windows trolls

[SuperKendall]

(1) Pretend like the reality of tens of thousands of Windows trojans and viruses existing does not exist, when other platforms have only a handful.

Bull

[nnull]

This article is bull****.

There is nothing in the article suggesting that malware was involved on the flight deck. Slashdot fail.

"On 17 August 2009, CIAIAC released an interim report on the incident. The interim report confirmed the preliminary report's conclusion that the crash was caused by an attempt to take off with the flaps and slats retracted, which constituted an improper configuration, and noted that safeguards that should have prevented the crash failed to do so. The cockpit recordings revealed that the pilots omitted the "set and check the flap/slat lever and lights" item in the After Start checklist. In the Takeoff Imminent verification checklist the copilot just repeats the flaps and slats correct values without actually checking them, as shown by the physical evidence. All three safety barriers provided to avoid the takeoff in an inappropriate configuration were defeated: the configuration checklist, the confirm and verify checklist, and aircraft warning system (TOWS). The report also made a number of safety recommendations intended to prevent incidents like this from happening again."

As stated, it was the co-pilots fault for claiming the flaps and slats were extended without actually checking them.

Hawaii Five-0, alive & well

From the google translation:
"The summary, with two defendants, now occupies 46 volumes and nearly 12,000 pages"

gives new meaning to "Book 'em, Dano", no?

Thank you.

[bjk002]

I got nearly 2/3 the way through the comments before I saw blamed laid at the feet of those responsible.

The Microsoft OS does not come preloaded with Trojans in so far as I am aware.

Blame the guy who wrote the Trojan? - Definitely!
Blame the PHB who put a less secure OS on a mission critical machine? - Debatable.
Blame the OS manufacture when the product is used in ways never intended? - Sorry, can't see it.

Legal ramifications for virus coders??

[dbeckwitt]

I'm surprised that nobody (in website dedicated to techies) has questioned the legal actions that might be taken against the Virus coder(s). If a crash can be linked directly back to the infected computer(s), is it possible for the coder to be charged with 154 counts of manslaughter? Something to think about before you write your next virus Slashdotters...

Newsworhty...

[bjk002]

"The summary is a bit misleading."

On Slashdot?!@!? Surely you jest...

You acknowledge that Software is not designed...

[travisb828]

You acknowledge that Software is not designed, licensed or intended for use in the design, construction, operation or maintenance of any nuclear facility.

http://www.java.com/en/download/license.jsp

I really like that part of the Java EULA.

Even if the infected computer did directly cause the crash of the plane, Microsoft should put something similar in their EULA. Having this kind of disclaimer will remind people that they probably shouldn't use Windows in a system that may have lives depending on it. Its about using the right tool for the right job.

Re:Shit... But, its a joke.

[Yakasha]

Mod + Interesting? I'm not sure what is funnier: the joke, you missing the joke, or the slashdot modders missing that you missed the joke.

Re:Windows?

[cowboy76Spain]

I think more of the IT staff/management that allowed this to happen in a critical system (I do not know if staff was incompetent or management did not allow a apropiate solution to be implemented because "it just works".

I'm a mechanic and this scares me

I am a mechanic and this scares the crap out of me. I work on CRJ200/700/900 and all the computers are interconnected and networked in there. Now I don't have a clear idea of how they all work together, if they use TCP/IP or what, but I do know that there are multiple system that all connect to the Maintenance Data Computer MDC, and almost all system report data to this MDC. Now we then take a laptop (running windows XP, and definitely not hardened in anyway), and connect the computer straight to the aircraft. It would be very very very easy to get a virus or something on all these aircraft within a very short period of time. Scary!

Propositional Logic

[jafac]

Yes, but which ONE condition was the NECESSARY condition (in conjunction with all others) that allowed the whole set of conditions to cause the crash?

Had the computer not been infected, the maintenance crew would have entered the data per their procedural spec, the alert would have flagged the plane, and presumably, repairs would have been recommended and implemented prior to further flights.

Cascade failure is more complex to analyze - and when you're swinging a dead cat around trying to hit One Blameable Cause, the other conditions tend to muddy the waters. But the presence of the computer trojan is the root-cause.

Actually - the root-cause is probably; lack of adequate design robustness for preserving operational status of the maintenance logging computer and/or alternate effective maintenance logging operations procedures (ie. backup plan when the computer is down?).

This maintenance system was supposed to "have the pilot's back" - for when the pilot's lack of expertise in the strange functions of the electrical system caused a fatal condition.

I've got a car that runs critical engine fuel mixture data off a common power supply with the brake-light switch. A fault in the brake-light switch can actually cause the engine's electrical control system to fail in various ways, or misreport errors. (and vice-versa. . . faults in the fuel pump connector can also cause the brake lights to simply not light when you press the pedal). How the fuck is a driver supposed to know that? You get pulled over for not having brake lights (or rear-ended) - and if you happen to be a car nerd, you can look this trivia up online on enthusiast forums. But the manufacturer didn't even know about these conditions when the car was built, or even up until 5 years later.

And there was also a recall, because the brake light switches were defective.
I know, that literally hundreds of enthusiasts were netted by the dealer for bogus repairs, replacement turbos, replacement fuel pumps, new engines, repairs on relatively new cars, for thousands, sometimes tens of thousands of dollars, caused by bogus error codes, caused by a faulty brake light switch. Did anybody ever get rear-ended and killed because of this? Who knows?

I only know this because I'm a car nerd. thousands of other drivers were clueless. Because of this bizarre design flaw, and cascade failure with varying symptoms.

The manufacturer's answer was to replace the defective, malfunctioning brake light switches in a recall. (often, dealer service departments installed these recall switches incorrectly, resulting in even more crazy car behavior). This fix did not address the deeper problem of power routing through that switch. This design was changed in the '07 model year.

I'd say that pulling the heater fuse, disables the set flaps alarm, is also a terrible design flaw - even if it's well documented for the maintenance guys - even if there's a maintenance procedure that *should* flag it; because the pilot can still pull that fuse, and fuck himself and all passengers, without knowing. This little bit of design trivia is beyond the knowledge realm of a pilot. Pilots are supposed to really know, in detail, how their planes work. But that's just bizarre unexpected behavior, and within the realm of a maintenance specialist. (or plane-nerd).

Even so - there is a single root-cause for this crash.

so...

[Entropy98]

Does this mean the trojan writer can be tried for murder?
 
--
  Windows Media Codec