German Ministry of Education Throws Away PCs For 190,000 € Due To Infection

← Back to Stories (view on slashdot.org)

German Ministry of Education Throws Away PCs For 190,000 € Due To Infection

Posted by Unknown on Monday April 29, 2013 @09:07PM from the burn-it-with-fire dept.

An anonymous reader writes "German IT magazine Heise reports (original in German) that the Ministry of Education in Schwerin had a Conficker virus infection on 170 machines, that was dealt with by simply throwing them on the trash. Other German authorities have now decided that 'the approach taken is not up to the principle of efficiency and economy' and that the 187,300 Euro invested in this radical form of virus removal were inappropriate. The ministry had earlier estimated the cost of cleaning their desktops and servers by more conventional means to 130,000 Euro."

39 of 347 comments (clear)

Min score:

Reason:

Sort:

Far cheaper options by Anonymous Coward · 2013-04-29 21:12 · Score: 4, Insightful

Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.
Forget about virus infections for the near future.
1. Re:Far cheaper options by Cenan · 2013-04-29 21:25 · Score: 4, Insightful
  
  Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.
  Forget about virus infections for the near future.
  They already had licenses to the Windows installations so the cost equation would be the same, it only differs if you assume they would try to clean the infection and not simply install Windows after format c:
  What the [admin's time] factor expands to is another thing, and hardly favors the GNU/Linux approach. If the idiots are dumb enough to throw out new PCs because of a virus infection, they most certainly are too dumb to install anything but Windows.
  
  --
  ... whatever ...
2. Re:Far cheaper options by Anonymous Coward · 2013-04-29 22:02 · Score: 5, Informative
  
  There a more than 1200 Linux viruses
  Liar. There's something like < 100 viruses of which maybe 5 have ever been seen in the wild...
  ps. I doubt your secretary can tell which OS they're running in the first place. And it's completely irrelevant too since the workflow is the same.
3. Re:Far cheaper options by Nerdfest · 2013-04-29 22:03 · Score: 4, Insightful
  
  Apparently the Ministry of Education in Schwerin did not, and they're still dealing with the consequences.
4. Re:Far cheaper options by longk · 2013-04-29 22:06 · Score: 3, Insightful
  
  It really depends on the situation. Being Germany it's possible that all the average worker needs is SAPGUI, which doesn't really differently on Linux than it does on Windows.
5. Re:Far cheaper options by Drakonblayde · 2013-04-29 22:09 · Score: 4, Insightful
  
  I'm sure a large part of the decision to toss em in the garbage was because someone wanted new gear. Can't forget about the political element to an IT infrastructure.
6. Re:Far cheaper options by Pav · 2013-04-29 22:17 · Score: 5, Interesting
  
  Have you seen the work that came out of that? The GUI frontend to it all is called GOsa (although there's a fork called FusionDirectory which I prefer). The whole infrastructure is managed via LDAP plus RPC, and allows deployment of Linux and Windows (via FAI and OPSI respectively). There are also a multitude of plugins for managing a multitude of network services and LDAP stored info. I use it for managing DNS, DHCP, groupware (SOGo), web proxy + filtering (Squid), Samba, windows OS + software deployment (OPSI), Linux + software deployment (FAI), Debian/Ubuntu repo management, centralised logging (rSyslog)... and I'm currently looking into connecting it to Asterisk. There are TONS more plugins.
7. Re:Far cheaper options by JaredOfEuropa · 2013-04-29 22:35 · Score: 4, Insightful
  
  It's equally crap on both, you mean. SAP's UI is Satan's sick joke on humanity.
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
8. Re:Far cheaper options by Anonymous Coward · 2013-04-29 22:45 · Score: 3, Funny
  
  ps. I doubt your secretary can tell which OS they're running in the first place
  Then you're an idiot. Just because someone doesn't understand technology doesn't mean they don't know when their menu items are in different places or when the nice obvious icon they had becomes some in-joke about Klingons.
9. Re:Far cheaper options by Ash+Vince · 2013-04-29 23:29 · Score: 4, Insightful
  
  Install Linux. Cost $0 + admins' time -- almost certainly less than trying to remove and clean infected systems.
  Forget about virus infections for the near future.
  Of course the admins time probably adds up to about $300 per machine.
  Seriously, I can completely believe this story because it would probably take someone at least an hour to clean the PC. It is also quite easy to believe that a government department or big company who outsourced their IT would be paying more per hour for technical staff than they would for a new PC.
  This is especially true if you asked the IT outsourcing company to provide a cast iron assurance that the virus was removed with some sort of penalty clause if their was a reinfection. The quote you would get back would be prohibitively expensive because the any company with any sense would run a mile from providing such a ridiculous guarantee.
  All of sudden what sounds like a 5 minute job to someone with some technical skills and has a 99% success rate has become such a headache to the bean counters that demanded a 100% success rate that they decide throwing the machines in the bin is actually cheaper. Of course this is ridiculous, but I have heard of things far more ridiculous when government middle management gets involved in IT decisions.
  In public sector management you hardly ever get rewarded for things coming in under budget like you do in the private sector but you get torn to shreds if anything ever goes wrong so the whole thing ends up being ridiculously risk averse in the extreme.
  
  --
  I dont read /. to RTFA, I read /. to offend people in ignorance.
10. Re:Far cheaper options by RabidReindeer · 2013-04-29 23:31 · Score: 5, Insightful
  
  ps. I doubt your secretary can tell which OS they're running in the first place
  Then you're an idiot. Just because someone doesn't understand technology doesn't mean they don't know when their menu items are in different places or when the nice obvious icon they had becomes some in-joke about Klingons.
  secretary: OK. so what do you mean that "this new ribbon bar is all you need"? Where'd my "print" menu go???
11. Re:Far cheaper options by tepples · 2013-04-30 01:13 · Score: 3, Insightful
  
  How many of your claimed costs of education and of reduced productivity would be any different on, say, Windows 8?
12. Re:Far cheaper options by omnichad · 2013-04-30 01:28 · Score: 3, Interesting
  
  Why would you sit and stare at a computer while running virus removal tools. Move on to the next computer. This is a very common virus with pre-made tools available to remove it from several vendors. Just start it running on 100 computers at a time - just as fast as you can run and type.
  All you have to do is get one computer fixed reliably. Then just make sure you do the same thing to the others. It's not like you have hundreds of totally unique infections.
13. Re:Far cheaper options by Runaway1956 · 2013-04-30 01:40 · Score: 5, Informative
  
  1200 viruses? I think you're exaggerating. Maybe you're counting some variants of the same "virus" - like several times each. I don't know the exact number, to be honest. I do know that I was repairing damage due to exploits on Windows monthly. When I switched to Linux, I stopped repairing computers, until hardware broke.
  How many millions of viruses are available for Windows now? So few virus writers support Linux . . . *sigh*
  Here's a number that will blow your mind:
  "At day’s end on April 12, for example, Symantec published the summary shown below, noting that its latest Virus Definitions file contained 17,702,868 separate signatures."
  Don't take my word for it - read the article!
  http://www.zdnet.com/blog/bott/the-malware-numbers-game-how-many-viruses-are-out-there/4783
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
14. Re:Far cheaper options by RabidReindeer · 2013-04-30 03:30 · Score: 3, Informative
  
  or, wait for it, control-p
  Actually, that's what infuriated me about Office 2008. It removed "unused" items from the File menu, and Control-P wouldn't work reliably.
15. Re:Far cheaper options by war4peace · 2013-04-30 03:41 · Score: 3, Insightful
  
  all of your old apps from XP/Vista/7 will run on Windows 8.
  Are you sure?
  Yeah, many do run, but at what cost. There's a plethora of software which can't integrate at all with the Metro (or whatever it's called) functionality. Amazingly, in the tiled UI you can't even read what time it is, only the date. If you want to use Yahoo Messenger, you have to drop to Desktop mode. Daemon Tools? Desktop mode. Avast antivirus? Yeah, Desktop mode. Chrome, Firefox, Opera? Ever-the-fucking-desktop-mode! This is valid for a vast majority of existing (and popular!) Windows applications. And it's been what, 6+ months since Windows 8 got live and most popular application makers have no plans to create tiled apps for Windows 8. So much for 100% compatibility.
  Just as I hate having to use terminal on a Desktop Linux OS, I also hate having to drop to Desktop mode 10 times an hour to do the stuff I usually do. That makes the tiled side of Windows, no matter how colorful, useless and annoying. You switch to Desktop mode to use your browser, then back to Tiled mode to look for a setting, then back to Desktop mode to do this, then back to Tiled mode to check weather, then back... for fuck's sake. It's an OS with two GUIs. RE-TAR-DED.
  
  It is just an evolution of the Windows product line, not a radical departure from it.
  It is a half-baked piece of shit, and that comes from someone who used Windows since... well, 3.1 and tried hard to use Windows 8.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
The Google translated article by SternisheFan · 2013-04-29 21:16 · Score: 4, Informative

Schwerin: virus-infested computer? From the waste so ...
What would be the mountains of garbage and how empty the purse in this country, if that would make anyone like that? Schwerin Ministry of Education made with 170 virus-infected computers, leaving them short shrift unceremoniously throw in the trash. The State Court of Mecklenburg-Vorpommern has carried out the initial purchase of 170 computers now reprimanded. "The approach taken is not up to the principle of efficiency and economy." € 187,300 cost of the new equipment and installation services to taxpayers.
The seemingly insurmountable pest, the computer of the teacher training institute (IQMV) in Schwerin, Rostock, Neubrandenburg and Greifswald was seized in September 2010, was the Conficker worm . In addition, the computer should have been more affected by some other viruses, such as the Ostsee-Zeitung reported first.
As the Court in its report criticizes for 2012, the Ministry of Education have had "no IT security concept" and established the new purchase with "faulty IT equipment". Further explanation and evidence remained the Ministry guilty. It "could [...] not state whether the IT systems of the IQMV were actually affected the extent mentioned above. Protocols of anti-virus software could only be provided for the location of Greifswald, despite repeated requests, which, however, no massive fund of was to remove viruses at the relevant time. "
In addition, the Department did not properly consider how costly cleaning the computer had actually been. The Ministry of Education guess the cost of cleaning initially to around 130,000 euros. The cost of 152,300 euros for an already registered for the fiscal years 2010/2011 published by new acquisition in a different light. The additional costs for installation were estimated at around 35,000 euros. Thus, the Ministry decided only to clean the affected server and otherwise replace all systems.
As the Court points out the country, the Ministry has now committed an IT security concept and develop "its supervisory task perceive so that an efficient and goal-oriented control and monitoring will be necessary." For since the Ministry has provided no "evidence of the actual damage and the causes for the occurrence of the damage," "should [...] be left open whether carried out by the complete replacement of the [computer] is a repetition of the damage is excluded http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&eotf=1&u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2FSchwerin-Virus-verseuchter-Rechner-Ab-auf-den-Muell-damit-1851718.html
1. Re:The Google translated article by stepdown · 2013-04-29 22:12 · Score: 5, Funny
  
  That actually reads pretty well, we should pass Timothy's posts through Google Translate in future.
Money well spent by Anonymous Coward · 2013-04-29 21:22 · Score: 5, Insightful

If its 130,000 euros to fix a virus infection and 187300 to upgrade AND fix the virus infection, then you may as well upgrade.
The real problem here is the 130,000 euros to fix a virus infection.
1. Re:Money well spent by gbjbaanb · 2013-04-29 22:02 · Score: 5, Interesting
  
  Conficker.... suddenly it becomes clear. I know an organisation that was infected, and they ended up spending 2 weeks with a Microsoft consultant to clear everything up. The problem is that it spreads too quickly, so when you clear a PC and move on to the next, it re-infects the first one. Silly old Microsoft.
  So, if they upgraded their PCs too.... makes perfect sense. I wouldn't have binned the old ones though, I'd have wiped the HDDs and sold them or given them away.
2. Re:Money well spent by AdmV0rl0n · 2013-04-29 22:15 · Score: 3, Interesting
  
  This thread is disappointing. So much hate. Hate leads to fear, and fear leads to the dark side.
  Anyway. Conflicker. Nasty. Simple. Old. A clean up is not easy, but conflicker requires some bad baselines to be operating for it to get through and thrive. If you fix the baseline issues, the clean up can follow. A clean susyem thats updated properly isn't infectable via conflicker. So frankly a system sorted put back in should be fine. You'll obviously have to do this step by step and yes, there is a price. Most orgs this size have IT staff so I don't know how the figures are drawn up.
  I also have to say, the clean up tools and detection tools mean attacking conflicker infection is on the easier end of security clean up. The story is sad because it seems to indicate ever present stupidity in public services. Advocates and supporters of public services need to understand that its not a ob creation scheme. If someone has a role or job, they must be competant. Trained. Skilled. People who are not have no place in it.
  
  --
  We`re all equal .. Just some of us are less equal than others.
3. Re:Money well spent by AdmV0rl0n · 2013-04-29 22:44 · Score: 3, Interesting
  
  No, conflicker has worm elements. So, the hard part of the clean up is not per se an individual machine. Its that you need to solve the baseline problems that allow conflicker to do its thing.
  Re-installing 'stuff' won't make this go away. Doing it wrong just reinfects the machine.
  So, as I said, what has to be done is the cause and baselines that allow conflicker to replicate have to be solved (harder part) - and then machines with good baselines go through clean up and go back on the network (easier part..)
  http://support.microsoft.com/kb/962007
  Any tech learning about conflicker can read about it, and start to understand what needs to be fixed. Patch, correct password weakenesses, stop autorun etc etc. Today, this is somewhat simple as a lot of tools and detection tools exist.
  People in threat waving around Fdisk and re-install media saying 'they could fix this' - probably in fact are clueless and need to understand the problems involved. Conflicker breeds off poor security and bad baselines. Thats how it gets in. Thats how it replicates. Thats how it hangs around and re-infects.
  
  --
  We`re all equal .. Just some of us are less equal than others.
4. Re:Money well spent by AmiMoJo · 2013-04-29 23:25 · Score: 4, Informative
  
  The problem is that it spreads too quickly, so when you clear a PC and move on to the next, it re-infects the first one.
  Then the first one wasn't really fixed, was it? Microsoft released a patch that blocks re-infection so all you have to do download that and their Malicious Software Removal Tool to a CD, disconnect each machine from the network and run them in order. Problem solved.
  The high cost is probably due the cost of certifying that the infection was removed and the PCs are safe to use with sensitive data again. Removal is trivial if somewhat time consuming.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
5. Re:Money well spent by Anonymous Coward · 2013-04-30 00:45 · Score: 4, Insightful
  
  No matter what OS you use (considering the OS licence is already paid)... How can the format of the drive + reinstall for 170 machines cost 130k$
  Quick estimate: IT guy is paid 100$/h (gross overestimate) and can reinstall 1 machine per hour (gross overestimate)... Total: 17k$
  How the fuck do they estimate 10x that???
Small correction by Sique · 2013-04-29 21:29 · Score: 5, Informative

It's not the Ministry of Education of whole Germany, but of the german State of Mecklenburg, which threw away the PCs after a virus infection.
And there is more to the story: It was estimated, that the cleaning of the PCs would cost ~135,000 €, and a replacement, which was planned anyway, would be 190,000 €, thus they decided to replace early instead of spending the 135,000 € on the clean-up and throw the PCs away a year later.

--
.sig: Sique *sigh*
The cheap solution? by Mad-Bassist · 2013-04-29 21:31 · Score: 4, Insightful

Why not use this as a way to teach the kids how to install the OS from scratch?

--
"The only legitimate use of a computer is to play games." - Eugene Jarvis
760 Euros per PC by Anonymous Coward · 2013-04-29 21:45 · Score: 3, Insightful

Yet the 'conventional' estimate was 760 euros per PC to fix it...
I think its one of these cases where they're locked into a service contract for the PC they bought, and its easier to bring forward an upgrade than let the service company rip them off. The translation says they'd almost fully depreciated the PCs anyway, so they were several years old anyway.
So now some party (no doubt connected to the service company) is kicking up a stink because they didn't get to rip them off.
But it looks like the right thing to do, if the alternative was to spend 130k euros and next year spend 190k euros to replace them, and you've only got 30k left of right off, then better to save the 100k and move the upgrade forward.
Oh, and warn your fellow government agencies against signing the rip-off maintenance contract.
1. Re:760 Euros per PC by tibit · 2013-04-29 22:11 · Score: 3, Interesting
  
  For half of that money I'd fucking take a first class plane trip to Germany, pay for my own hotel, and be done reimaging their PCs over a workweek. That includes deploying whatever they need deployed on those PCs, and leaving a solution in place to reimage them at will. And that's all being quite green when it comes to Windows administration. At work I really only do the minimum needed not to need to muck with it.
  
  --
  A successful API design takes a mixture of software design and pedagogy.
Clarifications (due to rampant bullshit here) by imsabbel · 2013-04-29 21:59 · Score: 5, Informative

This happened in 2010.
Those were old computers.
They already had the money to buy replacements budgeted in their 2010/2011 budget.
So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.
The servers, who where not sheduled for replacement, were reimaged just fine.

--
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
1. Re:Clarifications (due to rampant bullshit here) by Registered+Coward+v2 · 2013-04-29 22:53 · Score: 3, Funny
  
  This happened in 2010. Those were old computers. They already had the money to buy replacements budgeted in their 2010/2011 budget.
  So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.
  The servers, who where not sheduled for replacement, were reimaged just fine.
  
  This happened in 2010. Those were old computers. They already had the money to buy replacements budgeted in their 2010/2011 budget.
  So they had to decide to pull the effort the reimage everything for a couple of months, or just buy the new ones early. Buying the new ones early did cost a bit more (30k for all of them), but less then a cleaning would have cost.
  The servers, who where not sheduled for replacement, were reimaged just fine.
  How dare you inject reason and facts into a /. arguement? You're supposed to say Windoze Bad Linux Shiney Free and accuse anyone with a different view of being an MS shill or troll. Replacing rather than cleaning is the right thing to do, it would have been more fiscally irresponsible to clean and then replace, and no doubt under German law the old ones were recycled rather than just dumped in the trash.
  given that reimaging would involve more than simply pushing out a new image but would need machines to be offline to avoid reinfection, there is also productivity losses and associated costs as well.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
They ain't dumb by Taco+Cowboy · 2013-04-29 22:01 · Score: 5, Insightful

If the idiots are dumb enough to throw out new PCs because of a virus infection, they most certainly are too dumb to install anything but Windows

I don't think that they are dumb
Actually, they are smart
1. It ain't their money --- the money is from the gummint
2. By throwing the thing away they save all the effort to reformat the disk and to re-install the Windows OS, plus softwares
3. With the computer dumped, they will get to enjoy newer computers --- again, the money came from the gummint

--
Muchas Gracias, Señor Edward Snowden !
1. Re:They ain't dumb by bfandreas · 2013-04-29 22:53 · Score: 3, Insightful
  
  Actually this is a story about stupidity.
  They didn't have virus protection or anything security related. So the taxoffice watchdog told them to come forward with a security plan.
  
  This is just as stupid as it sounds. I've not heard if they were close to a Windows 7 induced hardware upgrade cycle anyway. But there is absolutely no excuse for having no security whatsoever.
  
  --
  20 minutes into the future
2. Re:They ain't dumb by Culture20 · 2013-04-30 00:16 · Score: 3, Insightful
  
  If they wanted new computers, they could have dumped or wiped the HDDs then auctioned the computers instead of just throwing them away.
3. Re:They ain't dumb by silviuc · 2013-04-30 02:09 · Score: 3, Interesting
  
  Not to mention that using something like Clonezilla they can re-image the whole network of PCs provided through PXE (pixie) boot.
  
  Seems that my country is not alone in employing the stupidest morons they can find for jobs in the departments/agencies/institutions that the state controls. Waste of money and waste of human resources in a time when unemployment for young people is soaring.
  
  A damn shame.
Re:Conficker???? by symbolset · 2013-04-29 22:08 · Score: 4, Interesting

Yesterday the Conficker Working Group saw 634 million HTTP hits on Conficker domains from 1.7 million unique IP addresses. This is seems to be a fairly static figure going on three years now.

--
Help stamp out iliturcy.
Re:They can't rei-mage them with windows? by flyingfsck · 2013-04-29 22:20 · Score: 4, Funny

Yeah, but it is Germany. In order to do IT work on a PC, you need to have a plumber and an electrician on standby and you are not allowed to do more than one PC at the same time...

--
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Re:Conficker???? by RogueyWon · 2013-04-29 22:29 · Score: 5, Informative

Unfortunately, it's still very much alive and out there. The parents PC contracts it regularly (my dad has appalling security and browsing habits). A friend of mine (who I generally regard as more IT literate than I am) just spent a weekend cleaning an infection of it off his (fully-updated, Macafee-profected) Windows machine.
And now for a gratuitous side-rant:
The source of my friend's infection was apparently a minor video-hosting site carrying game-walkthroughs. On balance, I believe him on this, because I'd had warnings from AVG about such sites myself in the past.
The trend over the last few years has been for game-walkthroughs to shift from text-format to long sequences of videos. Personally, I hate, loathe and despise this trend from a convenience point of view (try searching 30 videos for how to find that pesky item you're missing, compared to doing a quick search on a text file). But it's had some other unpleasant side effects.
See by default, these videos go on youtube. Thing is, however, game publishers sometimes object to complete video walkthroughs of their games being hosted there and do DMCA takedowns. So the videos then crop up on less notable video-hosting sites. Many of which appear to be malware infested hellholes.
So the moral of my (horribly off-topic) side rant: video walkthroughs suck. They're difficult to search, they're inevitably narrated by some idiot called "Tad" who feels the need to say how stoned he is roughly every 30 seconds and - they're turning into a really horrible malware vector.
Re:Germany? by prefec2 · 2013-04-29 23:25 · Score: 4, Informative

The original article is on the German federal state Mecklenburg-Vorpommern, which is a small state in the north east of Germany. It is not the central government in Berlin. I can understand if people find that confusing. However, there are 16 federal states. Every one of them has a ministry of education.
Furthermore, the German government replaced Windows for Linux in the Ministry of Foreign Affairs, but after the election of the present government, they changed it back, because they are conservative and neo-liberal and do not like this commie Linux stuff. Officially, they determined that the other Ministries were not able to share documentation, because the Ministry of Foreign Affairs used ODT and they used DOC. The fun fact here, ODT is mandatory for all government documentation (but obviously only on paper not in reality).
On the bright side... by Mystakaphoros · 2013-04-29 23:40 · Score: 3, Funny

...how often do we get to make fun of Germany for making a boneheaded decision regarding technology? I say we savor this one for years to come, as stories like this are a dime a dozen over in the States.