Slashdot Mirror
German Ministry of Education Throws Away PCs For 190,000 € Due To Infection
An anonymous reader writes "German IT magazine Heise reports (original in German) that the Ministry of Education in Schwerin had a Conficker virus infection on 170 machines, that was dealt with by simply throwing them on the trash. Other German authorities have now decided that 'the approach taken is not up to the principle of efficiency and economy' and that the 187,300 Euro invested in this radical form of virus removal were inappropriate. The ministry had earlier estimated the cost of cleaning their desktops and servers by more conventional means to 130,000 Euro."
Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.
Forget about virus infections for the near future.
I thought their government ran on Linux. What happen?
What would be the mountains of garbage and how empty the purse in this country, if that would make anyone like that? Schwerin Ministry of Education made with 170 virus-infected computers, leaving them short shrift unceremoniously throw in the trash. The State Court of Mecklenburg-Vorpommern has carried out the initial purchase of 170 computers now reprimanded. "The approach taken is not up to the principle of efficiency and economy." € 187,300 cost of the new equipment and installation services to taxpayers.
The seemingly insurmountable pest, the computer of the teacher training institute (IQMV) in Schwerin, Rostock, Neubrandenburg and Greifswald was seized in September 2010, was the Conficker worm . In addition, the computer should have been more affected by some other viruses, such as the Ostsee-Zeitung reported first.
As the Court in its report criticizes for 2012, the Ministry of Education have had "no IT security concept" and established the new purchase with "faulty IT equipment". Further explanation and evidence remained the Ministry guilty. It "could [...] not state whether the IT systems of the IQMV were actually affected the extent mentioned above. Protocols of anti-virus software could only be provided for the location of Greifswald, despite repeated requests, which, however, no massive fund of was to remove viruses at the relevant time. "
In addition, the Department did not properly consider how costly cleaning the computer had actually been. The Ministry of Education guess the cost of cleaning initially to around 130,000 euros. The cost of 152,300 euros for an already registered for the fiscal years 2010/2011 published by new acquisition in a different light. The additional costs for installation were estimated at around 35,000 euros. Thus, the Ministry decided only to clean the affected server and otherwise replace all systems.
As the Court points out the country, the Ministry has now committed an IT security concept and develop "its supervisory task perceive so that an efficient and goal-oriented control and monitoring will be necessary." For since the Ministry has provided no "evidence of the actual damage and the causes for the occurrence of the damage," "should [...] be left open whether carried out by the complete replacement of the [computer] is a repetition of the damage is excluded http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&eotf=1&u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2FSchwerin-Virus-verseuchter-Rechner-Ab-auf-den-Muell-damit-1851718.html
If its 130,000 euros to fix a virus infection and 187300 to upgrade AND fix the virus infection, then you may as well upgrade.
The real problem here is the 130,000 euros to fix a virus infection.
In various school / university I was in the virus infection were dealt in either way :
1) ignore it
OR 2) buy a new machine give the old to the trash
I am not kidding you , I saw back in my day 12 PC desktop being sent to the trash because they had a variation of PONG virus on their HDD (that was DOS time).
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
What is this? 2008?
How much does that cost? One worker should be able to do a machine in ten minutes or so.
http://michaelsmith.id.au
Throwing the whole PC away ? What about simply replacing the harddisk ?
If that was not considered it sounds to me they need to "throw away" their IT department.
Either that, or there is more to the story. Like them throwing away old hardware and OS, to be replaced by something more current.
And there is more to the story: It was estimated, that the cleaning of the PCs would cost ~135,000 €, and a replacement, which was planned anyway, would be 190,000 €, thus they decided to replace early instead of spending the 135,000 € on the clean-up and throw the PCs away a year later.
Why not use this as a way to teach the kids how to install the OS from scratch?
"The only legitimate use of a computer is to play games." - Eugene Jarvis
Really?
If the infected computers were nearing their end of life, and the investment in cleaning them was not going to be paid back in the remaining lifespan, then disposing of them was probably a good decision.
I guess they simply multiplied the cost of virus removal with the number of machines. But it only takes once to find the source of the problem, the remaining 169 machines could've been fixed at minimal cost after that. And of course, it doesn't cost a cent to just wipe them all clean.
Tell us again about those naughty spendthrift PIGS?
Watch this Heartland Institute video
Yet the 'conventional' estimate was 760 euros per PC to fix it...
I think its one of these cases where they're locked into a service contract for the PC they bought, and its easier to bring forward an upgrade than let the service company rip them off. The translation says they'd almost fully depreciated the PCs anyway, so they were several years old anyway.
So now some party (no doubt connected to the service company) is kicking up a stink because they didn't get to rip them off.
But it looks like the right thing to do, if the alternative was to spend 130k euros and next year spend 190k euros to replace them, and you've only got 30k left of right off, then better to save the 100k and move the upgrade forward.
Oh, and warn your fellow government agencies against signing the rip-off maintenance contract.
The traditional art of Dumpster diving plus a Windows or a Linux install would have saved these machines from their fate. If they were scheduled for replacement, then I'm sure some charity or educational establishment could have benefited.
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
This happened in 2010.
Those were old computers.
They already had the money to buy replacements budgeted in their 2010/2011 budget.
So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.
The servers, who where not sheduled for replacement, were reimaged just fine.
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
Most don't work because the vulnerability has been fixed... years ago.
The most of the rest don't work because they are specialty items...
I think the rest of them are based on the "honor virus"...
"cost of cleaning their desktops and servers by more conventional means to 130,000 Euro"
Whoa, whoa, wait people, I'll clean them for half of that price and still be happy with it.
They'd need to look into more efficient "conventional means".
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
If the idiots are dumb enough to throw out new PCs because of a virus infection, they most certainly are too dumb to install anything but Windows
I don't think that they are dumb
Actually, they are smart
1. It ain't their money --- the money is from the gummint
2. By throwing the thing away they save all the effort to reformat the disk and to re-install the Windows OS, plus softwares
3. With the computer dumped, they will get to enjoy newer computers --- again, the money came from the gummint
Muchas Gracias, Señor Edward Snowden !
Now I know where our tech support department gets it's strategy from :)
Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
Dirty fucking frausdster. it is a worm, not a virus.
How hard would it be for them to combine some form of SOE imaging with Deep Freeze (Applied via MS' guide to apply same settings via GPO as Deep Freeze is not compatible with 7)? Resilient as fuck to viruses, can run what they need to and if you get a virus just remotely wipe.
There's only so many times you can lather, rinse and repeat in a given time period before someone points out that you're insane.
Some folks might think I'm saying switch to Linux instead of just creating a fresh patch of systems to be virused. Smarter folks would realize that VMs with automated image rollouts would be a much better (and even OS agnostic) investment in the long run.
Is that PC hitting public facing stuff, or does it allow users to bring their own data? Then it should be hosted via VM then unless you're focusing on 3D graphics applications.
Next time they do a Hardware upgrade, you just roll out the VMs again and save virtually all the "support" cost of the rollout. Pays for itself after one or two upgrades. Doubly so if you've got a nasty malware infection since you already have the re-imaging process in place. With hardware supported virtualization standard now, it's kind of dumb to even not be using it...
computers as well.
We dump people as they don't match certain, arbitrary criteria. So why should we treat machines any better?
Welcome to earth, welcome to reality.
cb
The ministry of education of the federal state Mecklenburg-Vorpommern acted in the illustrated way. Mecklenburg-Vorpommern is a small state in the north east of Germany. The central auditing authority of that state (Landesrechnungshof) recalculated the effort and determined that the cost of the early replacement due to a virus infection was too expensive considering the alternatives.
The German ministry of education is placed in Berlin (which is also a federal state having its own minitry of education) and called "Bundersministerium für Bildung und Forschung" (engl. Federal Ministry of Education and Research).
This is the second-wurst thing Germany has ever done!
...how often do we get to make fun of Germany for making a boneheaded decision regarding technology? I say we savor this one for years to come, as stories like this are a dime a dozen over in the States.
They should be dumb-slapped a 1000 times over for doing this.
We had a similar outbreak at one of our locations, same virus, similar amount of pc's. We fixed it by sending out 3 technicians with a bunch of USB's containing containing a fix (Malwarebytes or some other sort of light anti-vir-program). Had the place clean in a frigging day.
Ridiculousness aside, Conficker is a remarkable worm. It really is the kind of cartoon-portrayal of a virus that the general publics' conception of vira seems to be. Put in a usb, it jumps, connect anything it jumps. Only solution is disconnect everything, find an anti-virus program whose process the worm doesn't immediately terminate, and go about it manually. But STILL, 187.000 euro divided among 3 technicians for a days work, YES PLEASE.
If you quote this signature there'll be 72 copies of Windows ME waiting for you in Heaven.
Its school right? They have students right? While I don't think it would be good to go down the path of using what should be instructional hours to do maintenance on the school this one seems like there would be ways.
I have to assume there are some computer science, computing for business, personal business type courses where doing some operating system installs would be defensible as providing "useful background." So a couple class periods from those courses the students could be borrowed for the purpose. Then you have all the students serving detention who could also be allocated to this sort of work.
How much could it possible cost for a box of ~6GB usb thumbdrives, and Admin to dump a windows installer image with all the updates slip streamed, script out the installation of the whatever else they use ( they probably already have this from whatever their usual deployment method is and could simply adapt it ) and type up some instructions?
I am sure all of this could have been done and in less time at far lower cost than putting the contract out to bid. Let alone paying for the contract and waiting for the work to be done and machines delivered.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Pay network admins a fixed salary where OT isn't a bonus. Get them to work 12hr shifts to fix the computers by running a ghost image after format. Seriously, I've fixed hundreds of computers in 2-3 days before, it shouldn't cost that much to fix them.
1. Dig trench
2. Dump infected computers in trench
3. Shoot computers with machine guns
4. Cover computers with dirt
Problem solved.
Nuke it from orbit... It's the only way to be sure.
Actually given the IT admin at the school I went to, throwing out the computers would of been the better option. This guy was pretty clueless, it took him three months to figure out how to reload command.com on a machine and install Windows, someone did a del *.*
Article TLDR, but I assume it's typical goverment mentality against contractor leeching.
This sounds outrageous until you look at how much contracted companies charge government entities for services. I'm sure the 130K was quoted to bring the machiens back up to specs... wipe the units, reinstall the OS and apps and CERIFTY that the worm was no longer present. It's that last bit that allows the contractor to bilk money out of the government. It probably seemed reasonable to toss the machines since the cost quoted to "fix" it is nearly that of the cost of new machines. What they forget is the cost to simply wipe the drives and is all they should have considered.
After that, they have an empty slate and can get a much cheaper contractor to install the OS and configure the system.
This is one of the big benefits of a competent in house IT staff. ( which apparently they didn't have )
The part that throws me is the cost. 170 computers for 187,000 Euros. That's about $300,000 for 170 computers. Which means each computer cost $1,500. Seems awfully high. For that amount the school should be able to get two or three decent machines.
I work in a setting where I support hundred of people and machines. Alone. 130,000 EU to clean malware? I could clean them for nothing besides my salary. What gives? If the ministry have support staff, they should be doing their jobs by removing the malware. It's not like its rocket science. Even if you have to re-image a machine, it's free, since you already have paid for licenses. It's time that is being spent, and the IT staff have been paid for their jobs.
IT spending is a sham, it really is. The kickbacks, license costs (theft), and just in general ridiculousness of rampant IT spending. Federal law there and everywhere should stipulate the least expensive solution (including free) that will reasonably do the job. If the secretaries and others need to learn a new OS, that will be good for them to learn something new. I'm tired of hearing about the poor end users and how they cannot learn anything new. Where I work, we simply handed them MacBooks and IPads and took their PCs. Uproar? To be sure. Now, three months later? Calm. Everyone is fine. No loss of productivity.
Webconverger, or another appropriate LiveCD/LiveDVD - cost: media, support process: computer either needs reboot, plugging back in, hardware repaired, or user needs retrained. There are basically no other options.
What kind of incompentent admin's do they have, how can you get to a 130.000 euro costs for cleaning up a f-ing virus.. They should fire all those people at their spots, even a f-ing IT-student could solve the problem.. What kind of moronic IT-department do they have.. And you wonder why we commoners are angry at our so called leaders, if they waste our precious taxmoney on stuff like this.. Getting serious people to do the job would save billions in tax money, seeing how money is wasted, 130.000 euro for cleaning up a virus on 170 PC's... geesh... somebody really does get rich with all those kind of goverment contracts...
They should at least donate the machines to a cause.
Computers for underprivileged children.
Use them to fold for home.
Give them to me.
Computers are filled with flash memory: bios, network card firmware, HDD firmware, GPU card firmware, etc. Booting from clean media and formatting the HDD platters may not remove the virus. Any firmware can re-install itself to the diskdrive, either during or after the formatting or windows install.
The _only_ way to stop a virus is to not get infected. A polymorphic virus, possibly only existing in RAM while the computer is on, attached to some existing process, with higher system rights than virus scanners, is next to impossible to detect, let alone remove.
The U.S. Government does this kind of thing on a regular basis. I personally have watched as hundreds of sets of socket wrenches and electronic devices ie. boom boxes, portable T.V.s and other brand new objects were thrown into the ocean, when I asked WTF? I was told the tools were cheaper to replace than ship them from Norfolk VA. to Jacksonville FL. When I asked why the boom boxes etc.I was told they were purchased for the ships store at overseas retailers and the paperwork would have been prohibitive because of having not paid taxes overseas. DEEP SIXXED in International waters. MISSION ACCOMPLISHED!
The infection may be just the excuse they needed to upgrade. The cost of cleaning is probably just bullshit to push their argument.
...how often do we get to make fun of Germany for making a boneheaded decision regarding technology?
From the summary, scrapping the PCs cost 190,000 Euros, and removing the virus cost £130,000 Euros. Given that activities like virus removal tend to overrun, and that there is a chance if it being ineffective that is at most 60,000 Euros for a lower risk.
Also, they probably took the opportunity to replace the servers with newer hardware, delaying the next hardware refresh cycle. If so this could just be another (annoying) example of German efficiency
The only sane approach for untrained end users is virtual machines, either read-only or every night wiped away and restored from images on a server.
This for system and application, everything else is data and should be in a personal cloud where the mo**n can harm himself but not others, and communication with others should be allowed only through strictly controlled and very function limited channels.
Of course this is for L-users only, so the rest of the 1% of the population should keep using the system they prefer, store the data where they trust, don't forget backup, and stop litigating about what is the best system: if you are good at it the best system is what is best for what you have to do (you have to do some work, right?) otherwise no system is good!
it took him three months to figure out how to reload command.com
Fortunately, learning about damage-free hanging solutions from the makers of Scotch tape is a bit easier now.
I guess these guys never heard of imaging a machine via ghost, fog, etc...
German 3Sat.de television did a great story on how many Germans believe that people who buy used tech, especially Africans, must be burning them. Five studies ( posted here on /.) from organizations like Basel Convention Secretariat, IDC, USITC, etc. show that 85%-90% of used equipment purchased by Africans is reused in internet cafes, hospitals, and schools. But "Westerners" (in this case Germans) are so afraid of being accused of dumping they shred the equipment (forcing African geeks to buy in back alleys). This is just another example of a decade old defamation campaign about reuse.
A good organization serving as an "anti defamation league" for geeks of color http://www.fairtraderecycling.org/ has links to the 2011 German video, showing how German environmentalists would have kept the Green Revolution / Arab spring from ever happening.
Gently reply
Maybe try setting up Puppy Linux for your dad. Just boot to the CD/DVD, then add in Firefox, Flash, and graphics driver (it autodetects which one). Then save the settings and everything to a $10 USB stick. Once that's done, he can boot up, start Firefox, and browse anywhere without virus problems. It's really quite easy to set up and even easier to use. (I am typing this from Puppy Linux right now.)
all of your old apps from XP/Vista/7 will run on Windows 8
True, some applications designed for Windows break on Wine, but I also seem to remember some applications designed for Windows XP breaking on Windows Vista, Windows 7, or Windows 8.
Linux is not "like" Windows except in a vague way in that they both offer a GUI with icons that you can click on. [...] You've clearly never worked with end-users before or have been involved in enterprise IT.
How have end users in enterprise environments been taking to the Start Screen of Windows 8? How is it "like" the older versions of Windows that boot to the desktop?
Segregate infected PC's, and do fresh installs in a sandbox. If the PC's are of the same make/model (or at least a small number of makes/models) all you really need is a single image per type, patched up with AV, and then to redo the lot of them. Hopefully they'd have a volume license for the OS/software...
But seriously, for most people OS reinstall=like-new PC, depending on the hardware age. Certainly no need to just toss the PC in the bin unless it's got really old hardware.
People in threat waving around Fdisk and re-install media saying 'they could fix this
And just buying new machines solves those issues how?
I'd have cleaned those 170 machines for $100 each, plus roundtrip airfare to Germany and a place to stay for a couple of weeks.
Now that would explain why Germans had this "cash for clunkers" program where they mandated that EVERY committed car had to be physically destroyed, instead of being shipped to Africa, where it could still have worked 20+ years. This has always struck me as incredibly selfish and petty, like some young child which would destroy its used toys rather than give them to other children.
cpghost at Cordula's Web.
Someone in Germany who loves to look around trash dumps now has a really nice Beowulf cluster of these!
For 130,000€, I'll go over there right now and clean them all myself. Only 170 boxes so even if it takes a month, not really a problem eh.
Well, depending on tax law...
If the cost to replace is 190k, the cost to clean is 130k, and the machines are say, over 18 months old (i.e., book value depreciated by 50%), it is probably not worth cleaning them and just replacing with current hardware, OS, etc. Certainly of dubious value spending 60% plus of replacement cost in maintenance in any case.
If that sounds crazy - if you had a 30k car, and got slapped with a 20k service, you'd seriously consider fucking the car off, yes? Computers are no different.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
I could create a standard build of ANY OS, wipe and reload and still cost less that 2+ man years ($65,000/man year) effort. Assuming they are a model of German efficiency and they keep track of their software licenses, the software cost would have been $0 staying with the same OS. Whoever was running IT for that school should be fired. My .02.
The main purpose of that program (or selling point) was to get old dirty cars off the road; destruction of those cars was the point.
Democracy Now! - uncensored, anti-establishment news
I can re-image a couple hundred servers in a day or two, easily, and have done so many times. Apparently I'm working for the wrong employer, if I can make 130,000 Euros for two days' work somewhere else. If it's a bunch of different hardware spread across multiple geographic locations, it could take a few weeks to get all the infrastructure in place and do all the testing, but I'd still be willing to take 130,000 EUR/month for that kind of job.
I would've gladly gotten rid of their virus infection for 20k. Just run dban on all the PCs at the same time and then reinstall on all of them. Almost everything can be done simultaneously. Though it may take a little longer if not all the PCs use the same hardware, due to you having to find all the drivers required for each machine, in which case hire two or three other guys, also pay them 20k each and you are still paying less than 130k.
Seriously, it doesn't cost that much to fix this, it's just because they want to screw you over and get the most money possible. It seems to be a trend for governments to alway pay like 10 times more for something.
there are some device drivers that don't work as newer versions of Windows change the Device Driver interfaces, but there are usually newer versions of the device drivers anyway.
Unless the hardware manufacturer intentionally uses the incompatible driver model to force owners of otherwise perfectly working hardware to re-buy the hardware.
If they send the infected hardware to me, I will pull out my sanitary brushes and disinfectant, and will 'decontaminate' the machines. Its a dangerous business disinfecting machines like this (not unlike dealing with radioactive waste), so I will have to keep the hardware once sent to me. Its dangerous work, but I am willing to undertake it as a free service to them. Oh, and only send the newest machines, the old ones you can keep.
http://www.h-online.com/open/features/Comment-OpenOffice-s-Tale-of-Two-Cities-1760502.html
here i am like euh unemployed and unable to get like a job doing dishes in the land of no portunity while everyone from small business owners and up with €100k or more gets targeted by a eu government that will still need 11 billion more afterwards because even after stealing all that money they still cant pay the first-aid bills since they spent too much and in the meantime their politicians ASK FOR A RAISE, RIGHT ? ...
... THROW AWAY computers that are infected because (i guess they don't have an IT-department then or they consist of list-reading helpdeskjockeys with little or no knowledge of anything but telemarketing and looking good ?)
... so are you telling me one decent guy can't get that fixed by himself anyway ?
that's like the apex of political trustbuilding and economic efficiency for starters, so here i am jobless, and capabale of running a virus scanner
and those people euh like ehm
because they estimate the cost to have them cleaned is 130k ? ???? 130k for virus removal on pc's from just one ministry?
i have had some work in governent instances before and i always wondered how any firm succeeds in billing that large and here it is again 130k ??? that gets you like euh at least 10 people employed for a whole year
now i am used to making do and making happen, and making something out of nothing never having had a lot of american sitcom type family to back me up but there is in this country about 22% young people and in spain and greece a LOT more who have this like hate-like thing developing that feeds on stuff like this and no one can imagine WHY ?
Free speech was meant to be free for all... how can anyone grow up in a nanny state ?
They should just send them all to me. :)
Failing that, they should sell them to people of the state; since they are the ones who originally bought them with taxpayer monies. They could just tell people that they will have to re-install since the machines are infected, or I suppose one command: del c:\windows\*.* would take care of telling people about re-installing - they'd simply have to at that point.
1. It ain't their money --- the money is from the gummint
Which comes from where, exactly?
2. By throwing the thing away they save all the effort to reformat the disk and to re-install the Windows OS, plus softwares
Right, because manufacturing a new PC from scratch requires less energy than formatting a fucking hard drive.
3. With the computer dumped, they will get to enjoy newer computers --- again, the money came from the gummint
Which again, comes from where exactly?
Do us a favor, please: kill yourself.