German Ministry of Education Throws Away PCs For 190,000 € Due To Infection

An anonymous reader writes "German IT magazine Heise reports (original in German) that the Ministry of Education in Schwerin had a Conficker virus infection on 170 machines, that was dealt with by simply throwing them on the trash. Other German authorities have now decided that 'the approach taken is not up to the principle of efficiency and economy' and that the 187,300 Euro invested in this radical form of virus removal were inappropriate. The ministry had earlier estimated the cost of cleaning their desktops and servers by more conventional means to 130,000 Euro."

Far cheaper options

Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.

Forget about virus infections for the near future.

Re:Far cheaper options

[Cenan]

Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.

Forget about virus infections for the near future.

They already had licenses to the Windows installations so the cost equation would be the same, it only differs if you assume they would try to clean the infection and not simply install Windows after format c:

What the [admin's time] factor expands to is another thing, and hardly favors the GNU/Linux approach. If the idiots are dumb enough to throw out new PCs because of a virus infection, they most certainly are too dumb to install anything but Windows.

Re:Far cheaper options

[Pav]

Eh? For imaging use PXE with Partimage, or FAI (if you want a non-imaging solution better suited to non-standardised hardware). With Linux on the server side you can manage Windows AND Linux deployments, plus lots of other stuff (groupware, dns, dhcp, phone, netfiltering, filesharing, kerberos along with HEAPS of other stuff not as relevant to an educational context). If you want a GUI integrating all that just use GOsa or FusionDirectory or any number of other LDAP + service management front-ends. It's not like Germany and europe in general is short of that expertise - I know GOsa and FD are projects based in Germany and Belgium respectively.

Re:Far cheaper options

[Pav]

OPSI for windows deployments... forgot to mention that. It's also LDAP-integrated, though its own webUI is nice too.

Re:Far cheaper options

[BasilBrush]

Munich decided to do that in 2003. 10 years later, they're still working on the transition.

Re:Far cheaper options

There a more than 1200 Linux viruses

Liar. There's something like < 100 viruses of which maybe 5 have ever been seen in the wild...

ps. I doubt your secretary can tell which OS they're running in the first place. And it's completely irrelevant too since the workflow is the same.

Re:Far cheaper options

[Nerdfest]

Apparently the Ministry of Education in Schwerin did not, and they're still dealing with the consequences.

Re:Far cheaper options

[longk]

It really depends on the situation. Being Germany it's possible that all the average worker needs is SAPGUI, which doesn't really differently on Linux than it does on Windows.

Re:Far cheaper options

[Drakonblayde]

I'm sure a large part of the decision to toss em in the garbage was because someone wanted new gear. Can't forget about the political element to an IT infrastructure.

Re:Far cheaper options

[Pav]

Have you seen the work that came out of that? The GUI frontend to it all is called GOsa (although there's a fork called FusionDirectory which I prefer). The whole infrastructure is managed via LDAP plus RPC, and allows deployment of Linux and Windows (via FAI and OPSI respectively). There are also a multitude of plugins for managing a multitude of network services and LDAP stored info. I use it for managing DNS, DHCP, groupware (SOGo), web proxy + filtering (Squid), Samba, windows OS + software deployment (OPSI), Linux + software deployment (FAI), Debian/Ubuntu repo management, centralised logging (rSyslog)... and I'm currently looking into connecting it to Asterisk. There are TONS more plugins.

Re:Far cheaper options

[JaredOfEuropa]

It's equally crap on both, you mean. SAP's UI is Satan's sick joke on humanity.

Re:Far cheaper options

ps. I doubt your secretary can tell which OS they're running in the first place

Then you're an idiot. Just because someone doesn't understand technology doesn't mean they don't know when their menu items are in different places or when the nice obvious icon they had becomes some in-joke about Klingons.

Re:Far cheaper options

[Ash+Vince]

Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.

Forget about virus infections for the near future.

Of course the admins time probably adds up to about $300 per machine.

Seriously, I can completely believe this story because it would probably take someone at least an hour to clean the PC. It is also quite easy to believe that a government department or big company who outsourced their IT would be paying more per hour for technical staff than they would for a new PC.

This is especially true if you asked the IT outsourcing company to provide a cast iron assurance that the virus was removed with some sort of penalty clause if their was a reinfection. The quote you would get back would be prohibitively expensive because the any company with any sense would run a mile from providing such a ridiculous guarantee.

All of sudden what sounds like a 5 minute job to someone with some technical skills and has a 99% success rate has become such a headache to the bean counters that demanded a 100% success rate that they decide throwing the machines in the bin is actually cheaper. Of course this is ridiculous, but I have heard of things far more ridiculous when government middle management gets involved in IT decisions.

In public sector management you hardly ever get rewarded for things coming in under budget like you do in the private sector but you get torn to shreds if anything ever goes wrong so the whole thing ends up being ridiculously risk averse in the extreme.

Re:Far cheaper options

[AmiMoJo]

Depends how you count. Do you include worms that target software like Apache or SQL servers? Most people count worms that target the Windows Server equivalents as Windows viruses.

1200 is still high but there are plenty of viruses that affect Linux systems, even if they are not targeting the OS itself.

Re:Far cheaper options

[RabidReindeer]

ps. I doubt your secretary can tell which OS they're running in the first place

Then you're an idiot. Just because someone doesn't understand technology doesn't mean they don't know when their menu items are in different places or when the nice obvious icon they had becomes some in-joke about Klingons.

secretary: OK. so what do you mean that "this new ribbon bar is all you need"? Where'd my "print" menu go???

Re:Far cheaper options

[e70838]

According to my personal guinea pig, migration from windows to linux is easier than adoption of windows 8.

Re:Far cheaper options

[randomErr]

Weird thought: If you're going to take the time put Linux on the machine why not just get a clean image of Windows and re-image each drive. Just make a boot CD and image old drives.

Re:Far cheaper options

Yes, good option. Then, pay people to rewrite your applications so that they run under the flavor of GNU/Linux you have chosen. Oops, there went your 190,000 Euros (and a whole lot more). Or did you think that these people only use what comes with the OS and what is in "apt-get"? Remember, relatively nobody runs Linux so there isn't exactly a thriving marketplace for the same business apps that run today on Windows. Especially for those in-house line of business applications.

Re:Far cheaper options

[Henriok]

Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.

+ cost of education of the IT staff
+ cost of education of the users
+ cost of reduced productivity for the users and the IT staff until their competence rises to the before level.

Since they already had licenses for Windows, it'll cost nothing but time to re-install Windows. In that scenario, education of the users is zero, and there will be hardly no production loss for the users. There should be some money left to educate the IT staff to handle mitigate the virus threat on their chosen platform.

Re:Far cheaper options

First, i'm an advocate for linux. I keep trying to get my kids to move off windows and onto ubuntu (ok, at least its easy to use).

But he is right, you have grossly underestimated the complexity involved. There needs to be an infrastructure in place before you can do the migration as well as training for things to go smoothly.

Re:Far cheaper options

[mikes.song]

Don't attribute to negligence what is so obviously fraud.

Re:Far cheaper options

[tepples]

How many of your claimed costs of education and of reduced productivity would be any different on, say, Windows 8?

Re:Far cheaper options

[moronoxyd]

Do you make the same distinction when talking about Windows malware?
I doubt it.

Most people say 'virus' and mean 'any malware like viri, trojans, worms et. al.'.

Re:Far cheaper options

[omnichad]

Cost $0 + admins' time

The cost of fixing the problem was already $0 + admins' time. Unless you're not very bright and just throw out the machines.

Re:Far cheaper options

[mmcxii]

You may laugh but for as much as most AAs can't tell you a mainframe from a stick of RAM they certainly do know their way around the software that they've been using for over a decade. So as much as some of us like to pat ourselves on the back for being nerds and geeks, these people can make your head spin when it comes down to using your basic office suite apps. This isn't to say that they couldn't be retrained for another office suite but there would be training involved and their productivity would suffer from it for a while.

Re:Far cheaper options

[L4t3r4lu5]

Twist: Managing GUI plugins can only be done from the command line.

Re:Far cheaper options

[omnichad]

I think it's fair to call all self-propagating malware a virus. Especially since an executable blindly infecting other executables just isn't common anymore.

Re:Far cheaper options

[omnichad]

Why would you sit and stare at a computer while running virus removal tools. Move on to the next computer. This is a very common virus with pre-made tools available to remove it from several vendors. Just start it running on 100 computers at a time - just as fast as you can run and type.

All you have to do is get one computer fixed reliably. Then just make sure you do the same thing to the others. It's not like you have hundreds of totally unique infections.

Re:Far cheaper options

[Runaway1956]

Nonsense. Nuke from orbit, install Linux, and when the grunts come in, blame THEM for screwing up the machines. "Miss Marvel, what do you MEAN you can't find those reports? Didn't you save them to the server? Get on the server, and FIND THEM! No, no! Don't go crying at me - just get the job done!"

"Jenkins, I need the estimates for the gymnasium equipment ASAP. What do you mean your computer is different? Have you got a pornographic desktop AGAIN? No? So you got rid of that? Alright - get those estimates, I have a meeting with the School Board at ten o'clock! Don't make me come down there!"

Let the grunts figure it out. It's EDUCATION system, right? Let them act educated, or let them go home.

Re:Far cheaper options

[Runaway1956]

One of the neighbor kids is looking for a job right now. The boy ain't real bright in a lot of ways, but he knows his way around Linux. Let's put him on as a temp, if he works out, we can consider making him full time for ten dollars an hour. Yeah, he'll help Miss Klamath and Joe Bungler to figure out how to use all those cool new applications. Heck, the FBI has come around asking about him - he must be good!

Re:Far cheaper options

[Runaway1956]

1200 viruses? I think you're exaggerating. Maybe you're counting some variants of the same "virus" - like several times each. I don't know the exact number, to be honest. I do know that I was repairing damage due to exploits on Windows monthly. When I switched to Linux, I stopped repairing computers, until hardware broke.

How many millions of viruses are available for Windows now? So few virus writers support Linux . . . *sigh*

Here's a number that will blow your mind:

"At day’s end on April 12, for example, Symantec published the summary shown below, noting that its latest Virus Definitions file contained 17,702,868 separate signatures."

Don't take my word for it - read the article!
http://www.zdnet.com/blog/bott/the-malware-numbers-game-how-many-viruses-are-out-there/4783

Re:Far cheaper options

[walterbyrd]

> There a more than 1200 Linux viruses. That notion of yours is bullshit.

I have ran Linux as my primary desktop for over ten years, never run an anti-virus, never got infected.

> And you are forgetting costs to teach your average secretary how to use Linux + New Software licenses + migration costs.

Are you forgetting how radically different Win8 is from previous versions of windows? And, unlike iTunes or other proprietary garbage, there is no 79 page license you have to sign for Linux. As to migration costs, much of your old software will not run on Win8.

> You must be a teenager in Mom's basement if you think for a second that large scale environments can be migrated to Linux for free and everyone know how to use it. Bollocks.

I am not. I realize there are difficulties in switching from one environment to another. But sometimes it's worth it.

> Supported Linux like Red Hat actually costs money.

So don't use Red Hat. Lots of free linux distros out there.

Re:Far cheaper options

[amiga3D]

I'm not going to argue about the linux issue but what I don't get is why they can't simply reload the operating system? Is it that expensive to reinstall an OS that you've already paid for? I've installed windows and it's not that much harder than installing linux. I had to hunt down the drivers for the system on the manufacturer's website but that was about it and it rebooted several times then it was there. 130,000 euros for that?

Re:Far cheaper options

[amiga3D]

cleanmyPC.com

Sorry, could not resist.

Re:Far cheaper options

[mark-t]

5 have been in the wild, hmm?

I'm curious... which ones?

Re:Far cheaper options

Holy Stockholm syndrome.

Re:Far cheaper options

[jellomizer]

The systems may have already have windows license, so you can Install Windows so it still cost $0 + admin time.
The real issue is that they didn't have an appropriate administration of those systems where they could have cleaned them remotely.

Re:Far cheaper options

[mark-t]

I won't deny the fact that there are some applications for which no functional equivalent exists on Linux at all, but the number of them is not really very high Which applications are you thinking that they use which don't have a functional equivalent for Linux?

Re:Far cheaper options

[slashmydots]

You forgot run 5% of your software that you were running before

Re:Far cheaper options

[Reschekle]

This post shouldn't have been modded down. It is a valid argument. There are tons of business apps out there that won't run on Linux. Just because Linux has an OSS equivalent of something doesn't mean it is also equivalent in quality, support, or familiarity to the users who already have years of training invested in a particular tool.

There are some offices where Linux, one of the free office suites, and some of the various free apps out there would be adequate for the required workflow, and we do hear about those companies and governments when they switch to Linux.

However, to blindly proclaim that Linux is a drop-in replacement for Windows that will start saving you money immediately is quite ridiculous. If this was *really* the case then businesses would already be doing it en masse.

Re:Far cheaper options

[bigredradio]

Ballmer... is that you?

Re:Far cheaper options

[ktappe]

secretary: OK. so what do you mean that "this new ribbon bar is all you need"? Where'd my "print" menu go???

They have to ask that every time a new version of MS Office comes out anyway.

Re:Far cheaper options

Holy Stockholm syndrome.

How do you mean? First, you click File, Print (it is kind of funny to see Slashdotters talking about this being so difficult to find). Then up comes a print menu with instant preview of what you are about to print, and the most common print options. What specifically about that print menu get you to joke about Stockholm syndrome?

Re:Far cheaper options

[onyxruby]

Admin time always exceeds the cost of the computer, your a fool if you think the cost of the computer is the main cost of owning it. Your also forgetting the costs of training your users, decreased productivity during the learning curve, the costs of transitioning legacy system (unless your really lucky and they only used Office) as well as the impact to business from interoperability issues with partners. You also have licensing costs for new systems (just because it's Linux doesn't mean it's free - especially for business software) as well as the time to set up everything up. All of this assumes that you have don't have any requirements for Windows for a special application and /can/ do your transition.

Factor all of your costs together and you quickly exceed the costs of the licenses for Microsoft and similar vendors. If it was cost effective for businesses to transition from the Microsoft platform to Linux for desktops businesses would do it in a heartbeat. With very rare exception business has no loyalty to Microsoft, they are loyal only to the most cost effective way to do something. There are very good reasons why businesses that happily run Linux on as many servers as possible still run Microsoft for their desktop fleets. It is painfully obvious you have never actually had to work with something like this and are speaking out of your ass.

Re:Far cheaper options

[contrapunctus]

or, wait for it, control-p

Re:Far cheaper options

[Dishevel]

So don't use Red Hat. Lots of free linux distros out there.

Or do use Red Hat as it will still be cheaper.
If Windows were free I would still prefer Linux, just for the licensing.
All the different licensing takes up my time. Quite a bit of it.
With the crap I have to go through for viruses, licensing, updating, and basic windows problems I spend a lot of time that I would not have to with linux.
I have 3 Linux servers, 2 SCO Unix Servers, 2 Windows 2008 servers, 1 Windows 2003 Server, 34 Windows XP machines, 2 Vista Machines, 1 Windows 7 Machine, 1 Ubuntu PC and 4 Linux Mint PCs.
I know where my time is spent. I can tell you this. Migration on all but one of the XP machines is going straight to Mint. That one is running proprietary software and hardware and is only on the local network and behind a firewall with very strict rules. People will bitch a little. I have already moved a majority of the people off MS Office and onto either Libre Office or Open Office. I installed both and allowed the users to choose which one they like best. Most of them were good after 10 minutes of training on the basic differences. The power users are still on MS Office but I will win them over soon as well.
Now if I could only get rid of those soul sucking SCO 5 Unix machines my life would be soo much better.

Re:Far cheaper options

[RabidReindeer]

or, wait for it, control-p

Actually, that's what infuriated me about Office 2008. It removed "unused" items from the File menu, and Control-P wouldn't work reliably.

Re:Far cheaper options

[war4peace]

all of your old apps from XP/Vista/7 will run on Windows 8.

Are you sure?
Yeah, many do run, but at what cost. There's a plethora of software which can't integrate at all with the Metro (or whatever it's called) functionality. Amazingly, in the tiled UI you can't even read what time it is, only the date. If you want to use Yahoo Messenger, you have to drop to Desktop mode. Daemon Tools? Desktop mode. Avast antivirus? Yeah, Desktop mode. Chrome, Firefox, Opera? Ever-the-fucking-desktop-mode! This is valid for a vast majority of existing (and popular!) Windows applications. And it's been what, 6+ months since Windows 8 got live and most popular application makers have no plans to create tiled apps for Windows 8. So much for 100% compatibility.

Just as I hate having to use terminal on a Desktop Linux OS, I also hate having to drop to Desktop mode 10 times an hour to do the stuff I usually do. That makes the tiled side of Windows, no matter how colorful, useless and annoying. You switch to Desktop mode to use your browser, then back to Tiled mode to look for a setting, then back to Desktop mode to do this, then back to Tiled mode to check weather, then back... for fuck's sake. It's an OS with two GUIs. RE-TAR-DED.

It is just an evolution of the Windows product line, not a radical departure from it.

It is a half-baked piece of shit, and that comes from someone who used Windows since... well, 3.1 and tried hard to use Windows 8.

Re:Far cheaper options

[serviscope_minor]

Munich decided to do that in 2003. 10 years later, they're still working on the transition.

And many organisations are still stuck on Windows XP with apparently no plan or ability to switch in the near future despite EOL gone flying by and EOS approaching rapidly.

So what's your point other than that a massive infrastructure change is hard?

Re:Far cheaper options

[serviscope_minor]

It's equally crap on both, you mean. SAP's UI is Satan's sick joke on humanity.

I thought the main purpose of SAP was to provide Oracle's "solutions" with competition in the business space of "most poorly written software it's possible to spend very large amounts of money on".

Apparently there is a lot of money to be made in that space (who knew) but sadly you have no credibility for writing bad software until you can charge $10,000,000 and put 100 miscommunicating, ill qualified, badly paid and unmotivated solutions architects on the problem.

Sadly the little guy can't compete with quality like that.

Re:Far cheaper options

[serviscope_minor]

I have ran Linux as my primary desktop for over ten years, never run an anti-virus, never got infected.

Me too in fact BUY VIAGRA the general lack of software MAKE MONEY FROM HOME designed to wrest control FREE CAILIS of my computer and place it into the hands of CHEAP PRESCRIPTION DRUGS spammers and other con artists is GAMBLE ONLINE NOW a real boon.

Re:Far cheaper options

[BasilBrush]

And many organisations are still stuck on Windows XP with apparently no plan or ability to switch in the near future despite EOL gone flying by and EOS approaching rapidly.

But this is like an organisation that decided to transition to WinXP when it was new, and are still in the process.

So what's your point other than that a massive infrastructure change is hard?

There needs to be a point besides that very important one? People paint switching to Linux as if it's an easy option. It's not, it's and incredibly long and frustrating process. And most people will would wish they never started.

Re:Far cheaper options

[onyxruby]

The problem with that is that they are almost all variants of the same set of core viruses. Remember that it is in Symantec's interest to make it sound like the situation is dire as possible. I would imagine that if you got rid of the minor variants you would probably have under 100 viruses for Windows as well. Actual new viruses that are not simply variants of a existing virus are fairly rare.

Most windows viruses are created by taking an existing virus and editing it just slightly to avoid one of the existing signatures matching to it. Every time that happens your virus companies claim that their is a new virus, it really all boils down to marketing hype.

Re:Far cheaper options

[CannonballHead]

Why would you sit and stare at a computer while running virus removal tools.

Because they are paid by hour, duh. ;)

Re:Far cheaper options

[theexaptation]

You could just make an image and deploy it using MDT2010 and WDS (to PXE boot the installer) and could image the whole lot of them in a day after a weeks worth of prep.

Re:Far cheaper options

[number17]

There's a plethora of software which can't integrate at all with the Metro

Is there a piece of software which works on Window 7 but won't work on Windows 8? SAS 9.3 is currently the only one I know of and it has nothing to do with the start screen or Windows 8 apps. If the application is not a "Metro App" then it will create a shortcut do the desktop version. Whats not to get?

How did you ever manage to tell the difference between a spreadsheet and a word processor? Or do they just freak you out?

Re:Far cheaper options

[Runaway1956]

You already knew that - but did you read the article? That was my challenge to AC - those millions of Windows viruses can be reduced by an order of magnitude. Ditto for his claim of 1200 Linux claims. ;^)

Re:Far cheaper options

[KingMotley]

> I have ran Linux as my primary desktop for over ten years, never run an anti-virus, never got infected.
I have run Windows as my primary desktop for over 20 years, never run an anti-virus, never got infected.

> Are you forgetting how radically different Win8 is from previous versions of windows? And, unlike iTunes or other proprietary garbage, there is no 79 page license you have to sign for Linux. As to migration costs, much of your old software will not run on Win8.
Radically different? Seriously, put down the cool aid. Any Windows user can be moved to Win8 with about 30 seconds of training. Less if you install one of the Windows start menu programs, after which, most wouldn't be able to tell the difference other than the machine is "faster".

>I am not. I realize there are difficulties in switching from one environment to another. But sometimes it's worth it.
Yes, sometimes.

Re:Far cheaper options

[Dr.+Evil]

"Liar" means something too, and I'm not sure it means what you think it means.

... And worms have nothing to do with whether or not the code is interpreted or compiled.

Re:Far cheaper options

[xlsior]

never run an anti-virus, never got infected

That you know of.

Ignorance is bliss.

Re:Far cheaper options

[serviscope_minor]

But this is like an organisation that decided to transition to WinXP when it was new, and are still in the process.

Well, no.

XP debuted in 2001. Munich didn't even start discussing it until 2003. Votes were passed in mid 2004, and shortly after the project was halted for non technical reasons. They started planning in 2005 and then did a pilot test to see if it was worthwhile and feasible.

The actual migration started in 2006, the same year as Vista came out, at which point the migration started piecemeal at a few thousand PCs per year. Also, note that half of the migration (switching most PCs to openoffice, firefox and thunderbird which was where a large part of the difficulty lay) was completely finished in two and a half years. The entire process is now nearly complete (13,000 out of 14,000) and has saved apparently EUR 10e6.

So it's exactly like your example in that it's completely unlike it.

It's not, it's and incredibly long and frustrating process.

But you're painting it as if de-facto Windows is an easier option. The fact that so many people are stuck on XP despite being out of all but the last tenuous reaches of extended support indicates that switching in general is hard.

People are still using IE6 because switching is hard.

Once you have Windows XP embedded in your organisation, it is very, very hard to get rid of. Microsoft were so good at vendor lockin (see IE6) that they actually managed to shoot themselves in the foot and so successfully locked people into XP and IE6 that they've had hell's own job getting people to upgrade.

And most people will would wish they never started.

The example you picked was the LiMux transition. They've saved an estimated EUR 10e6 so far. If that's wishing you never started, then you have a very peculiar set of standards.

Re:Far cheaper options

[stenvar]

And you are forgetting costs to teach your average secretary how to use Linux + New Software licenses + migration costs.

To the "average secretary" or business drone, Windows is a complete mystery, and Windows 8 is a jarring change. Moving them onto a Linux desktop actually means they end up having an easier time (because Linux UIs are simpler and cleaner than Windows these days), and they will even feel more familiar with the UI.

Re:Far cheaper options

[painandgreed]

...never run an anti-virus, never got infected.

How would you even know?

Re:Far cheaper options

[K.+S.+Kyosuke]

Good luck finding a new maintainer for this cobbled together mess once you've left.

You'd replace it by the alternative cobbled-together mess by Microsoft? Since 1980's there hasn't been a system that isn't a cobbled-together mess. I believe it's called "postmodern software".

Re:Far cheaper options

[war4peace]

Are you too think to understand?
I didn't say "it doesn't work", I said "can't integrate at all with Metro". I even gave examples.
When I install Yahoo Messenger I want it to act just like the Windows Live Messenger, which shows as a nice tile and allows you to do stuff without dropping to Desktop mode all the time.
It's sad, really, that I have to explain it again and again, with different words, so that the less intelligent can get the idea.

Re:Far cheaper options

[Darinbob]

Or just reimage the machines from scratch.

Or sell the machines, there are bound to be organizations willing to buy them, reimage them, then resell or use.

Trashing them is just idiotic.

Re:Far cheaper options

[LostMyBeaver]

Cool! You found a way to remove that last burden of free software which is free IT services. I'm guessing you're volunteering to work for free and install Linux and train all the users and support them over the long term all for free?

AWESOME!

Re:Far cheaper options

[readingaccount]

I doubt it. 2007 was the one that introduced the ribbon; 2010 and 2013 have different colors but looks very, very similar overall to 2007 (particularly placement of buttons in the ribbon). 2010 introduced a File tab to replace the Office "orb" that apparently confused so many people, so that would have made things even easier I think.

Re:Far cheaper options

[jobdrb]

Funny, In which planet theses decisions are made based in pure Logic?
First, Windows are good for People and Companies that did support.
These people influence theirs users, they really did FUD.
I found many of that people working in Public and Private environment.
For example, I work in a public University in Brazil, some years ago I migrate all Office PC of my Department to Linux.
Result: Fall support calls. No Need to new Machines. Fast Machines.

Many departments after recurring problems with theirs machines,
(slowing, go to reinstal, return to work, get slow, go to reinstal),
start to thinking that they need a new machine.

They bought and left machines like Core 2 Duo with 2GB RAM,
which I get to my Department. Only in these month I got 4 PC.
Theres tens going to the trash that are perfect to work.
Sometimes when I go to another Department to get a PC left to go, I express my concerns
and show how fast are the computer that they throwing by using a USB with Linux.
Then I suggest to migrate. All that I migrate are totally satisfied.

Then you could ask, why there is not a large migration ?
Simple answer: Laziness of some IT people and their managers.

Re:Far cheaper options

[Ash+Vince]

Or just reimage the machines from scratch.

Or sell the machines, there are bound to be organizations willing to buy them, reimage them, then resell or use.

Trashing them is just idiotic.

They probably asked how much it would cost to securely remove all data from the hard disks with the same 100% cast iron guarantee and got a similar quote back from their outsourced IT as they did for cleaning the viruses off them.

As to reimaging the machines that is the sort of magic that only a techie would know about, not the clueless public servant middle manager who was tasked with the project.

Also, he would get the blame when one of the machines had a perfectly normal hardware failure in a year or so. If he buys he new machine he does not get blamed when it breaks in a similar time frame.

Of course none of this makes any sense whatsoever, it is a government job, it is not supposed to. That was my point. Anyone who doesn't understand should try watching the film Brasil.

Re: Far cheaper options

[JakeBurn]

Lol. Says every jackass who ignores the millions of people still using xp or who just switched to 7. I love when people act like every entity with 1000+ workstations are anywhere near giving a shit about new tech. The vast majority of people using computer at a desk are doing so at companies that probably don't have cloud anything on their 10 year plan.

Re:Far cheaper options

[Darinbob]

A techie should be the one in charge of purchasing and fixing things. What government agency honestly has a public servant middle manager as the computer systems expert? I can't even imagine the most dysfunctional government putting a bureaucrat as the help desk support or computer installer. That middle manager is going to hire some flunky to do the job.

This is also Germany. They have environmental laws about what goes in trash and what doesn't, EU regulations about disposal of electronic components, etc. Did they actually "trash" these machines, or did they send them back to the vendors, donate to charities, retain parts of maintenance, etc?

Re: Far cheaper options

[PCeye]

How is this a troll comment? If you're going to change the OS, there's a cost to training staff and to install the OS. Also, those PC's likely have a Windows license already, so the estimated costs are likely all IT services to restore all the machines.

Re:Far cheaper options

[Hognoxious]

I thought the main purpose of SAP was to provide Oracle's "solutions" with competition in the business space of "most poorly written software it's possible to spend very large amounts of money on".

If that's true those fiendishly cunning huns must have invented time travel. SAP was founded in 1972, Oracle in 1977 (and they were a database company first, the apps came a decade later).

Re:Far cheaper options

[cthulhu11]

Proof that separation of church and state is a good idea.

Re:Far cheaper options

[lefin1]

No shit!

Re:Far cheaper options

[Ash+Vince]

A techie should be the one in charge of purchasing and fixing things. What government agency honestly has a public servant middle manager as the computer systems expert?

If you are a decent techie you can earn far more working in the private sector than you can working in government. Also, it is tremendously frustrating working in the public sector if you are competent because of the utter retards you have surrounding you in the public sector. You also have to deal with people who go sick every other day and never get fired because their manager does not want to take the risk of screwing up firing someone and all the crazy european labour laws you have to follow in the process.

This is all quite annoying to most decent techies I know are pretty driven so the only people who stay in the public sector for longer than it takes to earn their first decent reference (that gets them the better paid private sector job) are the people who seem some benefit from it. The benefit is never financial so usually it is that they get to doss about all day and do fuck all.

Re: Far cheaper options

[Hognoxious]

Unless they were in storage for a year they weren't much older than they were when they got infected. But perhaps that period included the magic day when they switched from "working, but don't try cad or video editing on them" to "obsolete shite that'll be noticeably laggy even in a bash shell".

Germany?

I thought their government ran on Linux. What happen?

Re:Germany?

[DarkRat]

only in very few part of germany. Munich for example

Re:Germany?

[Luckyo]

A few cities. "Government" is not a single solid entity.

Re:Germany?

There a very few local municipals using Linux. Some are even moving away from Linux and back to Windows.
OSS is officially endorsed and favoured. But most of the stuff is still Windows.

Re:Germany?

[multi+io]

This "incident" happened in a state government (in the state of Mecklenburg-Vorpommern), not in the federal government.

Re:Germany?

[prefec2]

The original article is on the German federal state Mecklenburg-Vorpommern, which is a small state in the north east of Germany. It is not the central government in Berlin. I can understand if people find that confusing. However, there are 16 federal states. Every one of them has a ministry of education.

Furthermore, the German government replaced Windows for Linux in the Ministry of Foreign Affairs, but after the election of the present government, they changed it back, because they are conservative and neo-liberal and do not like this commie Linux stuff. Officially, they determined that the other Ministries were not able to share documentation, because the Ministry of Foreign Affairs used ODT and they used DOC. The fun fact here, ODT is mandatory for all government documentation (but obviously only on paper not in reality).

The Google translated article

[SternisheFan]

Schwerin: virus-infested computer? From the waste so ...

What would be the mountains of garbage and how empty the purse in this country, if that would make anyone like that? Schwerin Ministry of Education made with 170 virus-infected computers, leaving them short shrift unceremoniously throw in the trash. The State Court of Mecklenburg-Vorpommern has carried out the initial purchase of 170 computers now reprimanded. "The approach taken is not up to the principle of efficiency and economy." € 187,300 cost of the new equipment and installation services to taxpayers.

The seemingly insurmountable pest, the computer of the teacher training institute (IQMV) in Schwerin, Rostock, Neubrandenburg and Greifswald was seized in September 2010, was the Conficker worm . In addition, the computer should have been more affected by some other viruses, such as the Ostsee-Zeitung reported first.

As the Court in its report criticizes for 2012, the Ministry of Education have had "no IT security concept" and established the new purchase with "faulty IT equipment". Further explanation and evidence remained the Ministry guilty. It "could [...] not state whether the IT systems of the IQMV were actually affected the extent mentioned above. Protocols of anti-virus software could only be provided for the location of Greifswald, despite repeated requests, which, however, no massive fund of was to remove viruses at the relevant time. "

In addition, the Department did not properly consider how costly cleaning the computer had actually been. The Ministry of Education guess the cost of cleaning initially to around 130,000 euros. The cost of 152,300 euros for an already registered for the fiscal years 2010/2011 published by new acquisition in a different light. The additional costs for installation were estimated at around 35,000 euros. Thus, the Ministry decided only to clean the affected server and otherwise replace all systems.

As the Court points out the country, the Ministry has now committed an IT security concept and develop "its supervisory task perceive so that an efficient and goal-oriented control and monitoring will be necessary." For since the Ministry has provided no "evidence of the actual damage and the causes for the occurrence of the damage," "should [...] be left open whether carried out by the complete replacement of the [computer] is a repetition of the damage is excluded http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&eotf=1&u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2FSchwerin-Virus-verseuchter-Rechner-Ab-auf-den-Muell-damit-1851718.html

Re:The Google translated article

[stepdown]

That actually reads pretty well, we should pass Timothy's posts through Google Translate in future.

Money well spent

If its 130,000 euros to fix a virus infection and 187300 to upgrade AND fix the virus infection, then you may as well upgrade.

The real problem here is the 130,000 euros to fix a virus infection.

Re:Money well spent

[gl4ss]

If its 130,000 euros to fix a virus infection and 187300 to upgrade AND fix the virus infection, then you may as well upgrade.

The real problem here is the 130,000 euros to fix a virus infection.

yeah.. 130 000 for 170 computers. could have bought new computers with the "fix" money too.

Re:Money well spent

[gbjbaanb]

Conficker.... suddenly it becomes clear. I know an organisation that was infected, and they ended up spending 2 weeks with a Microsoft consultant to clear everything up. The problem is that it spreads too quickly, so when you clear a PC and move on to the next, it re-infects the first one. Silly old Microsoft.

So, if they upgraded their PCs too.... makes perfect sense. I wouldn't have binned the old ones though, I'd have wiped the HDDs and sold them or given them away.

Re:Money well spent

[AdmV0rl0n]

This thread is disappointing. So much hate. Hate leads to fear, and fear leads to the dark side.

Anyway. Conflicker. Nasty. Simple. Old. A clean up is not easy, but conflicker requires some bad baselines to be operating for it to get through and thrive. If you fix the baseline issues, the clean up can follow. A clean susyem thats updated properly isn't infectable via conflicker. So frankly a system sorted put back in should be fine. You'll obviously have to do this step by step and yes, there is a price. Most orgs this size have IT staff so I don't know how the figures are drawn up.

I also have to say, the clean up tools and detection tools mean attacking conflicker infection is on the easier end of security clean up. The story is sad because it seems to indicate ever present stupidity in public services. Advocates and supporters of public services need to understand that its not a ob creation scheme. If someone has a role or job, they must be competant. Trained. Skilled. People who are not have no place in it.

Re:Money well spent

[AdmV0rl0n]

No, conflicker has worm elements. So, the hard part of the clean up is not per se an individual machine. Its that you need to solve the baseline problems that allow conflicker to do its thing.

Re-installing 'stuff' won't make this go away. Doing it wrong just reinfects the machine.
So, as I said, what has to be done is the cause and baselines that allow conflicker to replicate have to be solved (harder part) - and then machines with good baselines go through clean up and go back on the network (easier part..)

http://support.microsoft.com/kb/962007
Any tech learning about conflicker can read about it, and start to understand what needs to be fixed. Patch, correct password weakenesses, stop autorun etc etc. Today, this is somewhat simple as a lot of tools and detection tools exist.

People in threat waving around Fdisk and re-install media saying 'they could fix this' - probably in fact are clueless and need to understand the problems involved. Conflicker breeds off poor security and bad baselines. Thats how it gets in. Thats how it replicates. Thats how it hangs around and re-infects.

Re:Money well spent

[AdmV0rl0n]

And how would that fix the problem - exactly?
Wipe - reinstall - re-infect. Well done. Do you like wasting your time and everyone else's?

Re:Money well spent

[AmiMoJo]

The problem is that it spreads too quickly, so when you clear a PC and move on to the next, it re-infects the first one.

Then the first one wasn't really fixed, was it? Microsoft released a patch that blocks re-infection so all you have to do download that and their Malicious Software Removal Tool to a CD, disconnect each machine from the network and run them in order. Problem solved.

The high cost is probably due the cost of certifying that the infection was removed and the PCs are safe to use with sensitive data again. Removal is trivial if somewhat time consuming.

Re:Money well spent

[Peter+Simpson]

Well, you could recycle the machines and get some kind of payment if they're subsequently sold. This is what the IT guys at my company do with old machines. The disks are wiped, reformatted and reloaded with a fresh copy of Windows (by the recycler), then the machines are cleaned up and resold in a storefront. We get a portion of the selling price (wither to keep or to donate) and the folks in the community get low cost machines.

Re:Money well spent

[SJHillman]

Or just, you know, unplugging the network cable of any machines not known to be clean until you're ready to take care of them. Downtime is still less than throwing them in the trash.

Re:Money well spent

[SJHillman]

We had an entire department insisting that one of their patch cables was infected and that it was infecting any PC was plugged into it because two different PCs got infected while (coincidentally) plugged into the same jack, several months apart. Maybe we should have removed the patch cable to prevent reinfection.

Re:Money well spent

[SJHillman]

I've been trying to get my company to do this. Most of the machines we throw out are higher end Core 2 Duos that just need Windows reinstalled (if that) to bring them back to optimal. Unfortunately, the Powers that Be have decreed they have to go in the bin for a recycling company to pick them up. The end result is that we pay someone to resell our PCs that we've already wiped and don't see a dime of.

Re:Money well spent

No matter what OS you use (considering the OS licence is already paid)... How can the format of the drive + reinstall for 170 machines cost 130k$

Quick estimate: IT guy is paid 100$/h (gross overestimate) and can reinstall 1 machine per hour (gross overestimate)... Total: 17k$

How the fuck do they estimate 10x that???

Re:Money well spent

[bickerdyke]

well... knowing the gouvernments worldwide a bit, those 13000 were probably the cost to get the malicious software removal kit certified and getting the permission to run it on oh-so-precious office machines....

Re:Money well spent

[avxo]

What's a gross underestimate is "reinstalling one machine per hour". Maybe if you're lucky and can do image-based deployments, where everything is already on the image and all you do is image it onto the drive. Then an hour per machine would be a realistic estimate.

But chances are they would have to install Windows separately on each machine, followed by the tedious process of downloading and waiting for update after update to install, then installing virus and security software, "productivity suites" and any other software that they need, each likely to have its own updates. Don't forget installing drivers for hardware, which may differ from machine to machine, setting up printers (local and network), mounting network shares, applying security policies, and so on and so forth.

So yeah... 1 machine per hour isn't a "gross overestimate". It's a gross understimate.

Re:Money well spent

1 machine per hour as gross underestimate is gross incompetence.

There should be an image or at least an install disk with all updates slipstreamed, and even manually you can do reinstall on 3-5 machines at once.

Re:Money well spent

[ImprovOmega]

I've built Windows XP install media with SP3 and all possible patches slipstreamed in (on DVD, but it still worked), then a supplemental CD with non-slippable updates (IE8, .NET, all that stuff). It's possible to install, offline, an XP machine with all updates applied to it in two reboots after the base install. Windows 7 is even easier since you just build a custom .wim file and replace the default install.wim with your custom one and bam. Nothing is unslippable in Win7.

Re:Money well spent

[mapsjanhere]

I don't know if you ever deployed Windows on more than one machine at a time, but my last upgrade from scratch roll-out of 25 machines to Win 7 and Office 2010 took 8h, half of which was dealing with 2 older machines with "compatibility issues" and with a legacy printer. Win XP took more running around and hitting the "restart" button for the updates, but the total time in front of a machine was still less than 15 min. For most machines the longest time was manually typing in the license codes. To me the real story is - how does any large institution get infected with a at the time two year old virus? Confiker was a 2008/2009 infection, this happened in 2010, and not even their servers were secured. But being a German Beamter immunizes you from any negative job action, and there are no merit raises, so why bother.

Re:Money well spent

[AdmV0rl0n]

Yeah, no infection. Sadly no working system either.

Fail. Go away.

Re:Money well spent

[Ziggitz]

We really need to know how they came up with that figure. If you have decently paid employees not able to work for 2-3 days while repaving those computers that could be a large chunk of that cost in terms of lost productivity. 3 days of 170 employees not working is almost 2 years of one employee not working. Then consider the age of the computers. For little over a third more of the cost to fix, they could get new computers, it could easily be worth it to upgrade to new computers if the original ones were old enough. The increased lifespan of new computers could alone justify the cost and the increased productivity from having up to date hardware only helps.

Re:Money well spent

[war4peace]

The problem is that it spreads too quickly, so when you clear a PC and move on to the next, it re-infects the first one. Silly old Microsoft.

This is arguably in the top 10 dumbest remarks of the month. And it's the end of the month, so pretty impressive achievement, my young Padawan.
If you're IT staff and that's what's happening to you when you clean up Conficker, you should just go plant a garden and let someone else get your job. You know, retire honorably before you get covered in ridicule.

Re:Money well spent

[war4peace]

Aww, you're fighting the Windows haters with an insightful post. Heroic, but ultimately not effective. It's like saying "milk is good" to the notmilk.com crowd.

Re:Money well spent

[war4peace]

And you have NOT? Oh my God! I bet that cable was squirming around and hissing for months.

Re:Money well spent

[war4peace]

Same here. We have a contract with a company which "destroys" our old machines after we get rid of them. By that I mean that actually they say they destroyed the machines, whereas in fact they probably resell them (or disassemble and resell the parts). Our company sees no dime.

Re:Money well spent

[WGFCrafty]

I believe the difficulty you ascribe to the removal task is unfounded. Especially the assertion that people HERE would have a hard time. Seriously, a bootable OS with an AV on it, and you've got the name-> google and BAM you know exactly what you're dealing with.

Most of us with non-technical friends have probably removed it once or twice years ago. Yet you say "most of you guys won't even have a clue, why you would have to read a Microsoft article! That requires mad skillz."

Re:Money well spent

[WGFCrafty]

I didn't know such a place exists. Who doesn't like milk and cookies, cereal, chai tea, chocolate milk? Man, fuck them. Y'know it's not like anyone is forcing them to drink milk. And cows like it because they get sore if they aren't milked. In fact, modern dairy farms have milking carousel so when the cows decide they need a milking, they hop on and get cleaned, and hop off when it's done. All they have to do is eat and socialize, Mooooooo.

Re:Money well spent

[roscocoltran]

The more I read about Windows administration the more I like my linux machines. You even give nicknames to virus ("Conficker"), just like it was the usual thing to discuss during coffee breaks. "Hey I got a Conficker this morning!" This news makes no sense at all unless the PC were totally broken in the first place, which has no link to the virus problem. Arguing more is like discussing if a missile destroyed the Pentagon or not

Re:Money well spent

[WGFCrafty]

Why can't you talk to your CTO or someone about destroying HDDs, reusing non -sensitive HDDs, and donating wiped PCs to a community college for students who can't afford home PCs. My psychology teacher did this with donated PCs, in fact he got my first computer, a 350 Mhz Dell Optiplex.

Re:Money well spent

[heson]

... followed by the tedious process of downloading and waiting for update after update to install, then installing virus and security software, "productivity suites" and any other software that they need, each likely to have its own updates...

Who the hell would do that if they got more than a few machines, update the frekkin image, then clone. Follow up with some polish.

Re:Money well spent

[Darinbob]

Yes, for 170 machines. That's 764 euros to fix the virus on one machine!! Or to replace it's over 1100 euros. Sounds like extremely high labor costs to me.

Re:Money well spent

[AdmV0rl0n]

I believe the difficulty you ascribe to the removal task is unfounded. Especially the assertion that people HERE would have a hard time. Seriously, a bootable OS with an AV on it, and you've got the name-> google and BAM you know exactly what you're dealing with.

Most of us with non-technical friends have probably removed it once or twice years ago. Yet you say "most of you guys won't even have a clue, why you would have to read a Microsoft article! That requires mad skillz."

OK, here is what I believe.
1. You're an idiot. There. I said it.
2. Go re-read my actual input. Then re-read it until you get it.
3. People HERE in the main - in this thread have talked bollocks. I think a level well below 50% have some idea of what they deal with, the rest are the idiot majority.
4. Cleaning up conflicker off a single machine re your none technical friends is totally irrelevant. And thats before I smash you over the head and point you at baselines. What the *fuck* is the point in walking round with your glorious bootable AV disk, when after you 'clean' it and turn on the re-infection takes place.

I would go into the facts that you have to quaratine and create a controlled environment, fix the base problems, and do the patching. The cleaning off the virus from individual machines is the easy part. The scale is the difficult part, not the removal from a box.

*I've worked large conflicker clean ups. Unless you have - shut your fucking cake hole.

Re:Money well spent

[SJHillman]

You have a firewall or IPS on every single PC? It's being reinfected from other machines within the organization (as in, the same LAN segment)

Re:Money well spent

[chilvence]

He does have a point, you can save time making custom windows images.

Except for the fact that on the other side of the fence, slipstreaming all the latest updates into an easy to use install image has been standard operating procedure pretty much the whole time...

Re:Money well spent

[ImprovOmega]

Well to give Microsoft a little credit, easy to use install images have been the norm since at least Windows Vista (around 2006). There's still no good reason why this wasn't the case with XP/2000 also though.

Happens more often than you think

[aepervius]

In various school / university I was in the virus infection were dealt in either way :
1) ignore it
OR 2) buy a new machine give the old to the trash

I am not kidding you , I saw back in my day 12 PC desktop being sent to the trash because they had a variation of PONG virus on their HDD (that was DOS time).

Conficker????

[miknix]

What is this? 2008?

Re:Conficker????

[symbolset]

Yesterday the Conficker Working Group saw 634 million HTTP hits on Conficker domains from 1.7 million unique IP addresses. This is seems to be a fairly static figure going on three years now.

Re:Conficker????

[RogueyWon]

Unfortunately, it's still very much alive and out there. The parents PC contracts it regularly (my dad has appalling security and browsing habits). A friend of mine (who I generally regard as more IT literate than I am) just spent a weekend cleaning an infection of it off his (fully-updated, Macafee-profected) Windows machine.

And now for a gratuitous side-rant:

The source of my friend's infection was apparently a minor video-hosting site carrying game-walkthroughs. On balance, I believe him on this, because I'd had warnings from AVG about such sites myself in the past.

The trend over the last few years has been for game-walkthroughs to shift from text-format to long sequences of videos. Personally, I hate, loathe and despise this trend from a convenience point of view (try searching 30 videos for how to find that pesky item you're missing, compared to doing a quick search on a text file). But it's had some other unpleasant side effects.

See by default, these videos go on youtube. Thing is, however, game publishers sometimes object to complete video walkthroughs of their games being hosted there and do DMCA takedowns. So the videos then crop up on less notable video-hosting sites. Many of which appear to be malware infested hellholes.

So the moral of my (horribly off-topic) side rant: video walkthroughs suck. They're difficult to search, they're inevitably narrated by some idiot called "Tad" who feels the need to say how stoned he is roughly every 30 seconds and - they're turning into a really horrible malware vector.

Re:Conficker????

[SgtChaireBourne]

Look at the stats. The old ones never really go away. They just get overshadowed by the newer ones. A little bit of trickery is also done with counting variants as separate malware. Anything to keep the stats down.

Re:Conficker????

[ildon]

People do video walkthroughs because they're easily monetizable. I can make a video for a game and put it up on Youtube and get ad partner money. If I write a text walkthrough and put it on GameFAQs I'm pretty sure I get exactly $0 forever. If I try to host it myself and put ads on my site, it's likely no one will ever read it because people will just go to Youtube, GameFAQs, or the game's wikia site if it's popular enough to have one.

It sucks, but that's how it is. Expect more video walkthroughs in the future.

Re:Conficker????

[Darinbob]

Videos of most everything suck. Except for maybe for sex education. I don't understand this trend to make everything trivial into a long boring video. Two paragraphs to describe the solution versus a 4 minute video. Usually a low quality video showing a guy typing in commands, while speaking the commands out loud, sometimes spelling out words because they know you can't read it. My only guess is that these idiots all think they can make some pocket change on youtube if they get enough views.

Re:Conficker????

[Darinbob]

Remember back when people did hobby stuff without expecting to get paid for it?

Re:Conficker????

[readingaccount]

Thing is, however, game publishers sometimes object to complete video walkthroughs of their games being hosted there and do DMCA takedowns.

I have yet to actually hear about that happening, but I'm not calling you a liar because honestly, I wouldn't be surprised at all to hear about this being commonplace. Shit, given the way a huge number of modern games play more like interactive movies than traditional games (what with everything needed to have cinematics and epic settings), modern games are actually well suited to being watched rather than played sometimes. It's cheaper too.

In any case, so long as sites like this (http://www.longplays.org/) continue to exist, it doesn't really matter what the publishers try - people will continue to make Let's Plays and full playthroughs because hell, it's better than piracy.

They can't rei-mage them with windows?

[MichaelSmith]

How much does that cost? One worker should be able to do a machine in ten minutes or so.

Re:They can't rei-mage them with windows?

[flyingfsck]

Yeah, but it is Germany. In order to do IT work on a PC, you need to have a plumber and an electrician on standby and you are not allowed to do more than one PC at the same time...

Re:They can't rei-mage them with windows?

[onyxruby]

I once had to have an electrician, welder, technician, security guard and maintenance worker all lined up to some diagnostics work. This was at a federal prison and they had bolted the computers to the desks and welded the bolts sealed to keep them from being used as weapons. This was back in the day of token ring and thin net and we had to swap out cards to find out which one was fried by a lightning strike.

Welder - Remove and restore the welds for the bolts.
Electrician - Unplug and plug in the thin net (it was a wire and thus required an electrician).
Maintenance Worker - Remove and restore the bolts to allow access inside the computers.
Technician - Work inside the computer.
Security Guard - It's a prison, the security guard was there to keep an eye on the tools more than the people.

Sadly, this isn't a joke and I really did need 5 people to perform the diagnosis. On the plus side since it was a prison I knew /exactly/ when the lightning bolt hit nearby and there was no guessing about how close it hit. I have absolutely no doubt that the cost of the workers and parts easily exceeded the cost of the computer.

Re:They can't rei-mage them with windows?

[MichaelSmith]

I managed the installation system for an air traffic control system and we could re-image UNIX on 200 machines and get everything: OS plus applications plus data working in 60 minutes.

Small correction

[Sique]

It's not the Ministry of Education of whole Germany, but of the german State of Mecklenburg, which threw away the PCs after a virus infection.

And there is more to the story: It was estimated, that the cleaning of the PCs would cost ~135,000 €, and a replacement, which was planned anyway, would be 190,000 €, thus they decided to replace early instead of spending the 135,000 € on the clean-up and throw the PCs away a year later.

Re:Small correction

[gl4ss]

well duh, the more to the story is that they got a quote for 800 euros / computer to fix the issue, an issue their admins/cio should have fixed while on the payroll..

800 would have been enough to buy new computers.

Re:Small correction

[blackraven14250]

That's making the assumption that they have the man-hour resources to clean up the infection themselves. Likely, they aren't well enough staffed to just divert the number of people needed to cleaning up the PCs in a reasonable amount of time.

Re:Small correction

[lightknight]

Still, 135K€ for cleaning a bunch of PCs...what did they do, piss off the resident BOFH? Did someone make a lewd comment to IT about their jobs being outsourced to the 'cloud' that week? 'Tis the kind of prices you pay after you insinuate that someone's parents were blood relations...to their face...and then proceed to draw them a diagram outlining family relationships to ensure that there's no chance of a misunderstanding.

Re:Small correction

[aliquis]

Back when I was at school we had this thing called Ghost ..

Re:Small correction

[Sique]

This. And they didn't have any disaster recovery planning or any kind of security concept in place. And this was the main reason why the Board of Audit chastised them: Not even after a big failure of IT infrastructure any planning to avoid similar situations in the future.

Re:Small correction

[aliquis]

And if the admins couldn't do it / couldn't do their work / sucked at it they could at least had done it once and then asked some pupils to do it for 10 euro / machine.

Re:Small correction

[antifoidulus]

Well considering their coat of arms they are probably used to getting trolled....

Re:Small correction

[aliquis]

And also back when I was at school it was needed because they got this thing called pupils ;D

Re:Small correction

[gl4ss]

That's making the assumption that they have the man-hour resources to clean up the infection themselves. Likely, they aren't well enough staffed to just divert the number of people needed to cleaning up the PCs in a reasonable amount of time.

they got some sort of cio on payroll. he's got all week for this. if he's unresourced for this, he could have bought the resources for a lot less than 800 euros per hour - even in germany. their staff is going to be spending the same time setting up the new computers as well.

Re:Small correction

[mvar]

They could just go out and announce a competition for cleaning these 170 PCs for a maximum amount of, i don't know, 80k? and let the underbidding company take the job. Oh, and 190k for 170 *desktop* computers!?!?! OMFG thats insane money, that's above 1000 euros per PC which lets you buy a high-end system with a descent graphics card. What will they be doing on these, play Crysis?

The cheap solution?

[Mad-Bassist]

Why not use this as a way to teach the kids how to install the OS from scratch?

It costs them over 750 Euros to reimage a PC?

[Chris+Mattern]

Really?

Depends on the age of the computers

If the infected computers were nearing their end of life, and the investment in cleaning them was not going to be paid back in the remaining lifespan, then disposing of them was probably a good decision.

You can't estimate this linearly

[Hentes]

I guess they simply multiplied the cost of virus removal with the number of machines. But it only takes once to find the source of the problem, the remaining 169 machines could've been fixed at minimal cost after that. And of course, it doesn't cost a cent to just wipe them all clean.

Re:You can't estimate this linearly

[MtHuurne]

Assuming generic medium skilled German IT guy's fully burdened cost is $168,000 USD/yr and that this level of effort will require a staffing change (both very good assumptions)

Let's say this medium skilled IT guy gets a €3000/month salary, that's €36,000/year. There will be other costs, but it won't come anywhere near the number you assumed. Also, dealing with malware is a standard task when managing Windows desktop PCs, no matter whether you blame it on market share or on Microsoft. So if it requires a staffing change, then they didn't have the right staff to begin with.

Assume 44 usable weeks a year, or 220 useable days, that's roughly 1 machine a day.

An admin responsible for over 100 desktops should have set up an infrastructure for re-imaging so that it doesn't take 1 day per machine. It's not exactly zero effort like the GP said: you'll still have to warn people that anything they saved on the local hard disk will be lost, for example, but the required effort is in the order of days, not months.

I wonder where that huge cost estimate came from. Did they need justification to buy the new PCs that they wanted for a while but couldn't get the budget for? Was someone really not looking forward to cleaning the PCs and therefore inflated the cost of doing so? Was it just a made-up number that no-one looked at critically? Because it sounds unlikely to me that the actual costs would be that high.

Re:You can't estimate this linearly

[malkavian]

$168k for a technician? Fully loaded in Europe, you're probably looking at about $40k for a full loading on tech resource necessary to diagnose and fix this kind of problem.
You don't necessarily need config control to do a fix, though that would likely entail one later on through the sysops and change control processes worked into the standard working day.
There are so many inconsistencies and erroneous assumptions in that post that it really did give me a chuckle.

Re:You can't estimate this linearly

[Hentes]

I don't know where exactly these machines were used in the German education system, but my high school did an automatic reimaging of most machines every midnight. So yes, it cost exactly zero. It's not magic, not outside the reach of a school, nor does it need lots of time and work when properly configured. But if remote reimaging isn't an option, you still don't have to do it one desktop at a time. Do it parallel, and it can be done in two weeks.
Warning people about their data should occur at the time of the virus detection, not at cleanup. It's the cost of the infection, replacing the machines would also make the old data unavailable.

Re:You can't estimate this linearly

[Hatta]

What? Set the machine to PXE boot. Boot a tiny linux distro that dds the Windows image to the hard disk. Restart all the machines. You're done.

Re:You can't estimate this linearly

[enigma48]

PC#1 complete. PC#54 (still infected) re-infects PC#1. Even if you turn them all off and only put them back on the network after they are wiped: are you sure you found *every* PC with the infection? Are you sure they won't get reinfected again (is your baseline immune to the infection vector?)

Being completely naive and giving them the benefit of the doubt: someone suggested they planned a replacement cycle anyway (so had a budget approved) with w7 machines already - this expensive fix may have bought them a year more on one-foot-in-the-grave hardware. We're also assuming they had the staff/skill to do the work (unlikely) or to oversee the contractors and have the skill to verify the contractors did the job 100% correctly (unlikely). Plus everyone has to sign up to the risk of "we should spend heaps and if this happens again or something similar happens we all look like morons.."

W7 may not have been immune to the infection but given everything I've read in this thread, I'm leaning more towards speeding up replacement as the simplest approach here. But looks terrible as a news headline.

Re:You can't estimate this linearly

[Hatta]

Patch the security hole on the Windows image.

Oh that's all right then

[Eunuchswear]

Tell us again about those naughty spendthrift PIGS?

Re:Oh that's all right then

[Luckyo]

Okay. They'd spend 1.350.000€ on cleaning, because the contractor cleaning those would happen to be a son-in-law of the chief of the agency and successfully charge for ten times the work. Then they'd spend the 190.000€ on new hardware a year later and throw the cleaned PCs out anyway, and pay another 1.000.000€ on consulting fees on how to buy these to the same company.

Welcome to corrupted as hell Southern Europe. This is pretty tame to stuff that actually happens there. Worth noting that Ireland is NOT in that basket.

Re:Oh that's all right then

[Bengie]

If the network was properly configured, general purpose computers would have been free to clean and faculty computers would have costed about 5min-15min of time.

Re:Oh that's all right then

[Eunuchswear]

Welcome to corrupted as hell Southern Europe. This is pretty tame to stuff that actually happens there. Worth noting that Ireland is NOT in that basket.

Oh?

http://www.transparency.org/news/pressrelease/20121205_ireland_suffers_sharpest_drop_on_corruption_perceptions_index

Re:Oh that's all right then

[Luckyo]

Ah, the "technological solution to human factor".

Good luck implementing it.

Re:Oh that's all right then

[Luckyo]

Those zeroes at the end. They mean nothing?

Re:Oh that's all right then

[Luckyo]

You're mistaking "relative" with "absolute".

Re:Oh that's all right then

[Luckyo]

Strange how northerners can work with each other without this corruption. Must be a conspiracy. Southerners are just victims in this!

Re:Oh that's all right then

[Eunuchswear]

According to the source Ireland (score 69) is slightly less corrupt than Spain (65) or Portugal (63).

I cannot see how you can claim "Ireland is NOT in that basket."

Re:Oh that's all right then

[Luckyo]

That's not "slightly". For comparison, the least corrupt countries in the world got the score of 90, whereas the most corrupt EU countries that do not have significant corrupting impact of the formerly communist culture scores 62. There is a huge uncrossable chasm between those, and yet the difference in points is only 28 Difference of even a few points suggests significant differences between levels of corruption. This is why TI itself was essentially forced to revise its scale from 1-10 to 1-100.

Otherwise you could claim that there isn't all that much difference between three least corrupt countries in the world and Ireland's state at its worst.

Then there's the nature of corruption. Ireland's problems are from significant financial impact of the crisis. Southern Europe has problems with deeply ingrained culture of corruption which is absent in Ireland. As a result we can expect Ireland to improve on the metric this year, while Southern Europe will likely keep on being where it is.

760 Euros per PC

Yet the 'conventional' estimate was 760 euros per PC to fix it...

I think its one of these cases where they're locked into a service contract for the PC they bought, and its easier to bring forward an upgrade than let the service company rip them off. The translation says they'd almost fully depreciated the PCs anyway, so they were several years old anyway.

So now some party (no doubt connected to the service company) is kicking up a stink because they didn't get to rip them off.

But it looks like the right thing to do, if the alternative was to spend 130k euros and next year spend 190k euros to replace them, and you've only got 30k left of right off, then better to save the 100k and move the upgrade forward.

Oh, and warn your fellow government agencies against signing the rip-off maintenance contract.

Re:760 Euros per PC

[tibit]

For half of that money I'd fucking take a first class plane trip to Germany, pay for my own hotel, and be done reimaging their PCs over a workweek. That includes deploying whatever they need deployed on those PCs, and leaving a solution in place to reimage them at will. And that's all being quite green when it comes to Windows administration. At work I really only do the minimum needed not to need to muck with it.

Re:760 Euros per PC

[Bengie]

I wonder how the estimated 760 euros when I've done similar things, which has taken less than 15min of my time. When I was in IT, an all out infection just meant a computer getting re-imaged, which I could start remotely.

Process to re-image a computer

1) Call end user, ask when they won't need their computer for 1 hour
2) Start re-image remotely
3) Restore data/setting/installed software, which was all automated and part of the re-image process

Most of my time was playing phone-tag with the end user to make sure everything was working.

Re:760 Euros per PC

[WGFCrafty]

I'd do it for a plane ticket first class and a guided tour of the city.

Damn

[maroberts]

Where are all the machines they threw away?

The traditional art of Dumpster diving plus a Windows or a Linux install would have saved these machines from their fate. If they were scheduled for replacement, then I'm sure some charity or educational establishment could have benefited.

Re:Damn

[Stolpskott]

Where are all the machines they threw away?

The traditional art of Dumpster diving plus a Windows or a Linux install would have saved these machines from their fate. If they were scheduled for replacement, then I'm sure some charity or educational establishment could have benefited.

There are many establishments which could have benefited here, but there are two issues with that - first, the machines would have to be sanitized so there is a guarantee that no confidential information is stored on them (90% of government IT disposals ignore that rule, but the Germans are actually among the best at following it); and second, I am pretty sure that the majority of recipient organisations would say "no thanks, we cannot handle the clean-up" if an organisation said "here you go, have 170 PCs that are infected with a virus, all you have to do is clean the virus off the system", either because the recipient organisation is lazy or because they are a charity/educational institution with little or no available IT expertise.

Re:Damn

[NJRoadfan]

It only takes a few minutes to wipe a hard drive. No organization is going to donate machines with a working OS install anyway.

Clarifications (due to rampant bullshit here)

[imsabbel]

This happened in 2010.
Those were old computers.
They already had the money to buy replacements budgeted in their 2010/2011 budget.

So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.

The servers, who where not sheduled for replacement, were reimaged just fine.

Re:Clarifications (due to rampant bullshit here)

[tibit]

I can't quite imagine a business of that size not having a system in place to reimage machines at will. At one place I work we have two dozen machines and I'm well underway in having them all PXE boot into an imager which then either boots the existing image from the hard drive or updates it prior to booting. Once I finish shaking down the test deployment on a few machines, it should be ready to go. Users have had roaming profiles for years now so that's not an issue.

Re:Clarifications (due to rampant bullshit here)

[Registered+Coward+v2]

This happened in 2010. Those were old computers. They already had the money to buy replacements budgeted in their 2010/2011 budget.

So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.

The servers, who where not sheduled for replacement, were reimaged just fine.

This happened in 2010. Those were old computers. They already had the money to buy replacements budgeted in their 2010/2011 budget.

So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.

The servers, who where not sheduled for replacement, were reimaged just fine.

How dare you inject reason and facts into a /. arguement? You're supposed to say Windoze Bad Linux Shiney Free and accuse anyone with a different view of being an MS shill or troll. Replacing rather than cleaning is the right thing to do, it would have been more fiscally irresponsible to clean and then replace, and no doubt under German law the old ones were recycled rather than just dumped in the trash.

given that reimaging would involve more than simply pushing out a new image but would need machines to be offline to avoid reinfection, there is also productivity losses and associated costs as well.

Re:Clarifications (due to rampant bullshit here)

[gl4ss]

that's not the problem.

the problem is that they didn't say that the 800 euros for a reimaging fee was bullshit.

Re:Clarifications (due to rampant bullshit here)

[hduff]

How dare you inject reason and facts into a /. arguement? You're supposed to say Windoze Bad Linux Shiney Free and accuse anyone with a different view of being an MS shill or troll.

You sound too reasonable. That has no place in a Slashdot discussion.

Re:Clarifications (due to rampant bullshit here)

Thanks for the sane info, but I'm not sure if the 30k increase can be be described as "a bit more", that is more than 20% increase in cost. Those numbers result in a cost of 176 euro per machine, what is huge, I can't believe we can't do a mass re-image of those for a tiny fraction of this cost.

Re:Clarifications (due to rampant bullshit here)

[jonr]

Ok. This changes the original quite a bit. But I should be getting used to /. sensational writings by now... *sigh*

Re:Clarifications (due to rampant bullshit here)

[Zeromous]

Depreciation of capital assets is what this is all about, but could they not have destroyed the harddrives and donated the equipment?

Re:Clarifications (due to rampant bullshit here)

[Meeni]

We do use quite a number of computers in our department, and reading that story I immediately thought amortization and depreciation cost. Our machines are budgeted for a fixed use term. Every 4 year, a machine is decommissioned and replaced by a new one (for a variety of reasons, ranging from bell curve reliability, obsolescence, end of maintenance contract, having to buy again all software that comes bundled with a new machine anyway, all reasons make it more cost effective to just replace the hardware rather that keep it until it breaks, which would cause disruption in work flow). When it is decommissioned, it ends up at the auction house, w/o a hard drive (they go to the crusher).

If we were to experience a massive, disruptive virus infection say 3 month before planned decommissioning, there would be no question that hiring more people to rush repair of current obsolete hardware makes no financial sense, whatsoever. Even if good practices for backup are in place, restoring all these machines in short order takes time and manpower. That means hiring on short order new people (or subcontracting, whatever, that's going to be expensive specialist hours), but more importantly, every hour where one of the 50 or more affected workers cannot use the computer is an hour where you pay people to do nothing, said otherwise, you have fixed cost and no work is done, yo are loosing money, and that may very well be accounted for in the 130k figure for the "repair" option.

Re:Clarifications (due to rampant bullshit here)

[Meeni]

Oh, and remember, subcontracting for state business is always a load of fun. You have to make a public call for work, have contractors bid, have your accountants respond to bids, and choose the lowest bidder (or risk having to justify your choice in court, personal liability for public funding abuse). Said otherwise, hiring subcontractors to rush a fix takes weeks, if not month of accounting procedures, or risk the accountants going to prison, and then you get the company that responded to the bid with the lowest price, usually somewhat ineffective.

And during all that time, no work can be done, and you pay all these workers seating in their chairs doing nothing while their work computer is being repaired. Who's wasting money now?

All 1200 don't work.

Most don't work because the vulnerability has been fixed... years ago.

The most of the rest don't work because they are specialty items...

I think the rest of them are based on the "honor virus"...

conventional means 130,000 Euro

[l3v1]

"cost of cleaning their desktops and servers by more conventional means to 130,000 Euro"

Whoa, whoa, wait people, I'll clean them for half of that price and still be happy with it.

They'd need to look into more efficient "conventional means".

They ain't dumb

[Taco+Cowboy]

If the idiots are dumb enough to throw out new PCs because of a virus infection, they most certainly are too dumb to install anything but Windows

I don't think that they are dumb

Actually, they are smart

1. It ain't their money --- the money is from the gummint

2. By throwing the thing away they save all the effort to reformat the disk and to re-install the Windows OS, plus softwares

3. With the computer dumped, they will get to enjoy newer computers --- again, the money came from the gummint

Re:They ain't dumb

[bfandreas]

Actually this is a story about stupidity.
They didn't have virus protection or anything security related. So the taxoffice watchdog told them to come forward with a security plan.

This is just as stupid as it sounds. I've not heard if they were close to a Windows 7 induced hardware upgrade cycle anyway. But there is absolutely no excuse for having no security whatsoever.

Re:They ain't dumb

[StoneyMahoney]

Not to mention that the 130k probably includes the cost of preventative action to stop this happening again. Much easier and quicker (therefore cheaper) to start from scratch with a new security baseline than try to impose one after the fact.

Got a client at the moment discovering the very same home truth right now with something rather less virulent that Conficker running wild on their network. That'll teach them how "optional" AV update subscriptions are.

Re:They ain't dumb

[Culture20]

If they wanted new computers, they could have dumped or wiped the HDDs then auctioned the computers instead of just throwing them away.

Re:They ain't dumb

[omnichad]

If they have that many PC's, why can't they just re-image them and restore from backup. If it involves much face time with each individual PC then you're doing it wrong.

Re:They ain't dumb

[Hunter+Shoptaw]

This. It gets me that they would throw out good PC's for a virus, much less not just nuke the drive and restore from an image.

Re:They ain't dumb

[silviuc]

Not to mention that using something like Clonezilla they can re-image the whole network of PCs provided through PXE (pixie) boot.

Seems that my country is not alone in employing the stupidest morons they can find for jobs in the departments/agencies/institutions that the state controls. Waste of money and waste of human resources in a time when unemployment for young people is soaring.

A damn shame.

Re:They ain't dumb

[war4peace]

Troll detected.

Re:They ain't dumb

[Capt.DrumkenBum]

Maybe after they dumped them, they called their buddy Fritz, and told him where they had been dumped. Fritz shows up with a van, loads up all those "garbage" computers... Craigslist here he comes. (Or whatever the German equivalent to craigslist is.)

Re:They ain't dumb

[Culture20]

FritzListe?

Re:They ain't dumb

[stenvar]

3. With the computer dumped, they will get to enjoy newer computers --- again, the money came from the gummint

And, more importantly, they'll be fully using their budget this year, allowing them to make an argument to have a budget increase next year. If they save money, their budget will be cut.

Re:They ain't dumb

[Skuld-Chan]

Use SCCM - I can have an entire collection of machines re-imaged with all their software/profile data and patches in under an hour.

Re:They ain't dumb

[bkmoore]

Fritz seiner Liste.

Re:They ain't dumb

[Hognoxious]

So the taxoffice watchdog told them to come forward with a security plan.

Zey voz just obeyink orders?

So thats where they got the idea

[Big+Hairy+Ian]

Now I know where our tech support department gets it's strategy from :)

Lather, Rinse, Repeat.

[VortexCortex]

There's only so many times you can lather, rinse and repeat in a given time period before someone points out that you're insane.

Some folks might think I'm saying switch to Linux instead of just creating a fresh patch of systems to be virused. Smarter folks would realize that VMs with automated image rollouts would be a much better (and even OS agnostic) investment in the long run.

Is that PC hitting public facing stuff, or does it allow users to bring their own data? Then it should be hosted via VM then unless you're focusing on 3D graphics applications.

Next time they do a Hardware upgrade, you just roll out the VMs again and save virtually all the "support" cost of the rollout. Pays for itself after one or two upgrades. Doubly so if you've got a nasty malware infection since you already have the re-imaging process in place. With hardware supported virtualization standard now, it's kind of dumb to even not be using it...

Not the German Ministry of Education

[prefec2]

The ministry of education of the federal state Mecklenburg-Vorpommern acted in the illustrated way. Mecklenburg-Vorpommern is a small state in the north east of Germany. The central auditing authority of that state (Landesrechnungshof) recalculated the effort and determined that the cost of the early replacement due to a virus infection was too expensive considering the alternatives.

The German ministry of education is placed in Berlin (which is also a federal state having its own minitry of education) and called "Bundersministerium für Bildung und Forschung" (engl. Federal Ministry of Education and Research).

On the bright side...

[Mystakaphoros]

...how often do we get to make fun of Germany for making a boneheaded decision regarding technology? I say we savor this one for years to come, as stories like this are a dime a dozen over in the States.

*epic facepalm*

[ZarathustraDK]

They should be dumb-slapped a 1000 times over for doing this.

We had a similar outbreak at one of our locations, same virus, similar amount of pc's. We fixed it by sending out 3 technicians with a bunch of USB's containing containing a fix (Malwarebytes or some other sort of light anti-vir-program). Had the place clean in a frigging day.

Ridiculousness aside, Conficker is a remarkable worm. It really is the kind of cartoon-portrayal of a virus that the general publics' conception of vira seems to be. Put in a usb, it jumps, connect anything it jumps. Only solution is disconnect everything, find an anti-virus program whose process the worm doesn't immediately terminate, and go about it manually. But STILL, 187.000 euro divided among 3 technicians for a days work, YES PLEASE.

I don't understand what the problem is

[DarkOx]

Its school right? They have students right? While I don't think it would be good to go down the path of using what should be instructional hours to do maintenance on the school this one seems like there would be ways.

I have to assume there are some computer science, computing for business, personal business type courses where doing some operating system installs would be defensible as providing "useful background." So a couple class periods from those courses the students could be borrowed for the purpose. Then you have all the students serving detention who could also be allocated to this sort of work.

How much could it possible cost for a box of ~6GB usb thumbdrives, and Admin to dump a windows installer image with all the updates slip streamed, script out the installation of the whatever else they use ( they probably already have this from whatever their usual deployment method is and could simply adapt it ) and type up some instructions?

I am sure all of this could have been done and in less time at far lower cost than putting the contract out to bid. Let alone paying for the contract and waiting for the work to be done and machines delivered.

Computer Culling

[seven+of+five]

1. Dig trench
2. Dump infected computers in trench
3. Shoot computers with machine guns
4. Cover computers with dirt

Problem solved.

Re:Computer Culling

[o'reor]

Ach, dis ist der proper Cherman way of dealing wiz it. (now mod me down to oblifion if you vill)

Re:Computer Culling

[metamatic]

A Final Solution to the computer virus problem!

Nuke it from orbit...

[fox171171]

Nuke it from orbit... It's the only way to be sure.

Interesting solution

[Murdoch5]

Actually given the IT admin at the school I went to, throwing out the computers would of been the better option. This guy was pretty clueless, it took him three months to figure out how to reload command.com on a machine and install Windows, someone did a del *.*

WTF

[SuperDre]

What kind of incompentent admin's do they have, how can you get to a 130.000 euro costs for cleaning up a f-ing virus.. They should fire all those people at their spots, even a f-ing IT-student could solve the problem.. What kind of moronic IT-department do they have.. And you wonder why we commoners are angry at our so called leaders, if they waste our precious taxmoney on stuff like this.. Getting serious people to do the job would save billions in tax money, seeing how money is wasted, 130.000 euro for cleaning up a virus on 170 PC's... geesh... somebody really does get rich with all those kind of goverment contracts...

US Military throws new tools overboard

[kn9sli001]

The U.S. Government does this kind of thing on a regular basis. I personally have watched as hundreds of sets of socket wrenches and electronic devices ie. boom boxes, portable T.V.s and other brand new objects were thrown into the ocean, when I asked WTF? I was told the tools were cheaper to replace than ship them from Norfolk VA. to Jacksonville FL. When I asked why the boom boxes etc.I was told they were purchased for the ships store at overseas retailers and the paperwork would have been prohibitive because of having not paid taxes overseas. DEEP SIXXED in International waters. MISSION ACCOMPLISHED!

Re:US Military throws new tools overboard

[dcw3]

Unless it was thirty plus years ago, I'm gonna call B.S. No Navy captain is going to risk his career on getting busted for throwing stuff overboard unless it's necessary to save the ship or someone's life.

Re:US Military throws new tools overboard

[kn9sli001]

Save your bullshit .1983 but don't delude yourself it's just following orders.

Re:US Military throws new tools overboard

[dcw3]

Link a single credible source that indicates dumping by the U.S. Navy in recent years? I googled, and couldn't find one that didn't rely only on speculation or "someone told me". You'd think that with around 300 ships, someone somewhere would have snapped a photo.

They just wanted new machines

[GuB-42]

The infection may be just the excuse they needed to upgrade. The cost of cleaning is probably just bullshit to push their argument.

Re:It's the only way to remove a virus.

[JDG1980]

Computers are filled with flash memory: bios, network card firmware, HDD firmware, GPU card firmware, etc. Booting from clean media and formatting the HDD platters may not remove the virus. Any firmware can re-install itself to the diskdrive, either during or after the formatting or windows install.

Most of these infection vectors are merely theoretical at this point. Sure, there may have been proofs-of-concept, but not much in the wild. After all, a firmware-targeting worm would probably only work with one particular kind of chipset, while a worm that exploits one of the ten thousand vulnerabilities in Flash or Java can infect almost any Windows box. Malware writers these days are in it for the $$$, not the lulz; they want the biggest ROI.

Anyway, the article (and summary) specifically states it was Conficker. That's just a Windows worm, and re-imaging the affected systems would fix it, no problem. If they need to recover data, then first boot from a LiveCD into a different OS and copy the required files to a flash drive or network share.

Maybe not so stupid

[Chrisq]

...how often do we get to make fun of Germany for making a boneheaded decision regarding technology?

From the summary, scrapping the PCs cost 190,000 Euros, and removing the virus cost £130,000 Euros. Given that activities like virus removal tend to overrun, and that there is a chance if it being ineffective that is at most 60,000 Euros for a lower risk.

Also, they probably took the opportunity to replace the servers with newer hardware, delaying the next hardware refresh cycle. If so this could just be another (annoying) example of German efficiency

Re:Maybe not so stupid

[Mystakaphoros]

i.e. even when the Germans are "stupid," they're really not very stupid about it. *sigh*

What command.com means nowadays

[tepples]

it took him three months to figure out how to reload command.com

Fortunately, learning about damage-free hanging solutions from the makers of Scotch tape is a bit easier now.

image anyone?

[jjbenz]

I guess these guys never heard of imaging a machine via ghost, fog, etc...

Re:Really ?

[omnichad]

That's just added cost to reformatting the hard drive. What are you, stupid?

"Fact": People who repair tech are "primitive"

[retroworks]

German 3Sat.de television did a great story on how many Germans believe that people who buy used tech, especially Africans, must be burning them. Five studies ( posted here on /.) from organizations like Basel Convention Secretariat, IDC, USITC, etc. show that 85%-90% of used equipment purchased by Africans is reused in internet cafes, hospitals, and schools. But "Westerners" (in this case Germans) are so afraid of being accused of dumping they shred the equipment (forcing African geeks to buy in back alleys). This is just another example of a decade old defamation campaign about reuse.

A good organization serving as an "anti defamation league" for geeks of color http://www.fairtraderecycling.org/ has links to the 2011 German video, showing how German environmentalists would have kept the Green Revolution / Arab spring from ever happening.

Start Screen

[tepples]

all of your old apps from XP/Vista/7 will run on Windows 8

True, some applications designed for Windows break on Wine, but I also seem to remember some applications designed for Windows XP breaking on Windows Vista, Windows 7, or Windows 8.

Linux is not "like" Windows except in a vague way in that they both offer a GUI with icons that you can click on. [...] You've clearly never worked with end-users before or have been involved in enterprise IT.

How have end users in enterprise environments been taking to the Start Screen of Windows 8? How is it "like" the older versions of Windows that boot to the desktop?

Re:Start Screen

[KingMotley]

True, some applications designed for Windows break on Wine, but I also seem to remember some applications designed for Windows XP breaking on Windows Vista, Windows 7, or Windows 8.

Very very few applications don't run on Windows 8, none of which are in the top 200 most popular ones. They tend to be the applications that try to hook in deep into the system to bypass or monitor system things, like anti-virus software (Which you better have a more recent version of than a 5 year old version anyway), disk defraggers, and there are some device drivers that don't work as newer versions of Windows change the Device Driver interfaces, but there are usually newer versions of the device drivers anyway.

OS reinstall

[phorm]

Segregate infected PC's, and do fresh installs in a sandbox. If the PC's are of the same make/model (or at least a small number of makes/models) all you really need is a single image per type, patched up with AV, and then to redo the lot of them. Hopefully they'd have a volume license for the OS/software...

But seriously, for most people OS reinstall=like-new PC, depending on the hardware age. Certainly no need to just toss the PC in the bin unless it's got really old hardware.

New machines

[phorm]

People in threat waving around Fdisk and re-install media saying 'they could fix this

And just buying new machines solves those issues how?

Re:New machines

[AdmV0rl0n]

Where did I advocate buying new machines?
I didn't.

But to answer you dubious point, new machines nominally don't have some (but not all of it is answered so simply, weak passwords for example remain a problem unless that is addressed..) the bad baselines.

Re:"Fact": People who repair tech are "primitive"

[cpghost]

Now that would explain why Germans had this "cash for clunkers" program where they mandated that EVERY committed car had to be physically destroyed, instead of being shipped to Africa, where it could still have worked 20+ years. This has always struck me as incredibly selfish and petty, like some young child which would destroy its used toys rather than give them to other children.

130000€ to clean them!

[DNX+Blandy]

For 130,000€, I'll go over there right now and clean them all myself. Only 170 boxes so even if it takes a month, not really a problem eh.

welll...

[smash]

Well, depending on tax law...

If the cost to replace is 190k, the cost to clean is 130k, and the machines are say, over 18 months old (i.e., book value depreciated by 50%), it is probably not worth cleaning them and just replacing with current hardware, OS, etc. Certainly of dubious value spending 60% plus of replacement cost in maintenance in any case.

If that sounds crazy - if you had a 30k car, and got slapped with a 20k service, you'd seriously consider fucking the car off, yes? Computers are no different.

Re:Puppy Linux

[RogueyWon]

Not happening. Too much of the software he uses - productivity and entertainment - is Windows only.

130,000 Euros for 170 boxes? WTF?

[FuegoFuerte]

I can re-image a couple hundred servers in a day or two, easily, and have done so many times. Apparently I'm working for the wrong employer, if I can make 130,000 Euros for two days' work somewhere else. If it's a bunch of different hardware spread across multiple geographic locations, it could take a few weeks to get all the infrastructure in place and do all the testing, but I'd still be willing to take 130,000 EUR/month for that kind of job.

Planned obsolescence

[tepples]

there are some device drivers that don't work as newer versions of Windows change the Device Driver interfaces, but there are usually newer versions of the device drivers anyway.

Unless the hardware manufacturer intentionally uses the incompatible driver model to force owners of otherwise perfectly working hardware to re-buy the hardware.

Dummköpfen! They could have sent them to Muni

[vandamme]

http://www.h-online.com/open/features/Comment-OpenOffice-s-Tale-of-Two-Cities-1760502.html

woaw woaw ... skjooz and also mee plz k thx

[KingBenny]

here i am like euh unemployed and unable to get like a job doing dishes in the land of no portunity while everyone from small business owners and up with €100k or more gets targeted by a eu government that will still need 11 billion more afterwards because even after stealing all that money they still cant pay the first-aid bills since they spent too much and in the meantime their politicians ASK FOR A RAISE, RIGHT ?
that's like the apex of political trustbuilding and economic efficiency for starters, so here i am jobless, and capabale of running a virus scanner ...
and those people euh like ehm ... THROW AWAY computers that are infected because (i guess they don't have an IT-department then or they consist of list-reading helpdeskjockeys with little or no knowledge of anything but telemarketing and looking good ?)
because they estimate the cost to have them cleaned is 130k ? ???? 130k for virus removal on pc's from just one ministry?
i have had some work in governent instances before and i always wondered how any firm succeeds in billing that large and here it is again 130k ??? that gets you like euh at least 10 people employed for a whole year ... so are you telling me one decent guy can't get that fixed by himself anyway ?
now i am used to making do and making happen, and making something out of nothing never having had a lot of american sitcom type family to back me up but there is in this country about 22% young people and in spain and greece a LOT more who have this like hate-like thing developing that feeds on stuff like this and no one can imagine WHY ?