02.11.09

Is Windows to Blame for Cracking of Federal Aviation Administration (FAA)?

Posted in Microsoft, Security, Vista, Vista 7, Windows at 11:17 am by Dr. Roy Schestowitz

Emergency person

SEVERAL MONTHS AGO we wrote about the disasters which the FAA had been experiencing, probably due to its reckless choice of Microsoft Windows. Now we’re witnessing planes that are being grounded due to similar problems (Microsoft denies this). But it may all be just be ‘small potatoes’ compared to a crack of this scale, which the Associated Press wrongly characterises as “hacking”.

Hackers broke into the Federal Aviation Administration’s computer system last week, accessing the names and Social Security numbers of 45,000 employees and retirees.

Wonderful.

TechDirt has meanwhile gotten around to commenting on related news.

Unpatched, Virus-Infected Windows To Blame For Grounded French Fighter Pilots And Halt To Traffic Arrests In Houston

Reader Calvin sends in two separate stories of government institutions who apparently failed to patch their Windows machines to protect against the Conficker virus — despite the patch being available for many months. First, Houston police have stopped arresting people with outstanding traffic warrants and shut down the municipal court system for a few days to try to deal with their computer systems being overrun by the virus.

Whether a person is troubled by use of Windows or not, the side effects appear not only in billing (damage is compensated for collectively) but also in people’s E-mail. This is made possible owing to massive Windows-based botnets.

Virus authors are attempting to hoodwink unwary and lovestruck internet users with malware that poses as Valentine’s Day-related games and email greetings.

The hacker tactic is a familiar companion to annual holidays, such as Christmas, New Year’s Day and Valentine’s Day. McAfee reports that the Valentine’s Day spam links to URLs pushing the Waledac Trojan, a strain of malware that has copied many of its techniques and features from the infamous Storm Trojan.

Another side effect of these turbulent experiences is being combated by a victim of the very same botnets which it fights, namely DNS. IDG published this report:

OpenDNS has added a feature to its Domain Name System (DNS) services to fight a widespread worm, with help from Russian security company Kaspersky Lab.

OpenDNS has its own network of DNS servers that translate domain names into IP (Internet Protocol) addresses so, for example, Web sites can be displayed in a browser. The company says its system is faster than using the DNS servers run by ISPs (Internet service providers) and provides better protection against phishing as well as other features such as Web content filtering.

As far as Microsoft is concerned, there is no solution to this (not even Vista 7) and some people are meanwhile dying. This is totally preventable because secure platforms like GNU/Linux exist and are readily available.

“[W]e’re not going to have products that are much more successful than Vista has been.”

Steve Ballmer

“David Smith commented that Gartner will not bash MS if MS chooses to slip Vista.”

Jamin Spilzer, Microsoft

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

7 Comments

  1. Needs Sunlight said,

    February 11, 2009 at 12:14 pm

    Gravatar

    When there was a major, cascading power outage on the east coast of the US, Windows was initially implicated. For about a day, as events unfolded, it looked every hour more and more like Windows was at the bottom. Suddenly all discussion and investigation appeared to stop and no further coverage of the cause was provided afterwards.

    So it’s not just now, during the recession that Gates has been putting salt on the wounds, he’s also been helping make the cuts, too.

  2. Ty said,

    February 11, 2009 at 10:23 pm

    Gravatar

    That reminds of of the less serious but similar story about my state government not allowing anyone in the government to go on Myspace or Facebook. NOT because it is a waste of time but because of an uptick in Windows viruses from the sites.

    So instead of recommending that staff and officials get Linux or even get some Macs so the officials can post on their myspace and facebook pages, the IT security dept just wholesale blocked those sites and others!

    Stupid in my opinion!

    Quote:

    “We realize that this may be an inconvenience and we apologize,” Office of Legislative Information Systems Director Michael Gaudiello wrote in a note to the affected parties. “But it is essential that the integrity of the Maryland General Assembly computer systems and facilities are protected.”

    http://www.baltimoresun.com/news/local/politics/bal-te.facebook07feb07,0,1339786.story

    “It puts the General Assembly in the Stone Age” Said Del. Christopher B. Shank (R-Washington).

    “This is like China” Said Sen. James C. Rosapepe (D-Prince George’s).

    http://mobile.washingtonpost.com/news.jsp?key=348270&rc=tech#___1__

    Sad. People don’t learn.

  3. Roy Schestowitz said,

    February 11, 2009 at 10:30 pm

    Gravatar

    For similar reasons, USB devices are banned in some places.

  4. Needs Sunlight said,

    February 12, 2009 at 5:50 am

    Gravatar

    USB devices are only present anyway because Windows got into the infrastructure and makes it impossible to have networked file sharing. So it’s back to good old sneakernet, this time instead of 5.25″ floppies or even 3.5″ floppies its a dog-leash around the neck with a cluster of USB sticks.

    It’s damage by M$ from multiple angles there.

    Ban M$ products, and penalize the turds that deployed them, and you clear up 99% of today’s security problems. Of course that will mean a greater problem from web 2.0, but throw away all useless client-side scripting, flash and flash-like animations and you will clean up that vector as well.

    For years everyone stayed away from client side scripting cause it sucked and was insecure. It still is both. Some say that the only reason web 2.0 is to compensate for the move away from the permeable M$ products and add holes.

  5. Roy Schestowitz said,

    February 12, 2009 at 6:35 am

    Gravatar

    What is “Web 2.0″ really?

  6. Ian said,

    February 12, 2009 at 1:00 pm

    Gravatar

    @Needs Sunlight

    Are you serious, or just goofing around?

    USB devices are only present anyway because Windows got into the infrastructure and makes it impossible to have networked file sharing.

    Have you ever heard of CIFS or SMB or Samba or Windows shares or NFS or FTP or NCP? You do understand that you can transfer files over a network between two Windows boxes or a Windows box and a Linux box..right?

    Ban M$ products, and penalize the turds that deployed them, and you clear up 99% of today’s security problems.

    That’s an ignorant comment. Does Microsoft have a good history with security? Not really. Will everyone switching to Linux suddenly make admins impervious to leaving services turned on or not configuring firewalls correctly? Don’t make the mistake of thinking Linux boxes don’t get rooted.

    Some say that the only reason web 2.0 is to compensate for the move away from the permeable M$ products and add holes.

    That doesn’t make any sense. Web 2.0 is nothing more than an evolution of web design. It’s not a Microsoft thing, it’s not a Novell thing, it’s not a Linux thing, it’s not even a Google thing.

    Look, you hate Microsoft. That’s fine. But don’t make things up.

  7. Roy Schestowitz said,

    February 12, 2009 at 1:28 pm

    Gravatar

    I think s/he was referring to escape from desktop-bound applications.

What Else is New


  1. IRC Proceedings: Friday, November 27, 2020

    IRC logs for Friday, November 27, 2020



  2. Links 27/11/2020: Jolla is 7, Diffoscope 162, MNT Reform Production

    Links for the day



  3. The Time Coronavirus Helped EPO Management Prevent Staff From Protesting and Going on Strike (March 26th)

    "In view of the spreading of the New Corona Virus, the planned General Assemblies have to be cancelled," the Staff Union of the European Patent Office (SUEPO) wrote in the wake of the crisis across Europe back in March (weeks ahead of a planned strike)



  4. Guarding Your Privacy With E2EE: Primer

    "As with all security, there is assumed risk no matter how careful you are. There are no security guarantees but that doesn't mean you shouldn't try."



  5. Links 27/11/2020: Systemd 247 and Cockpit 233

    Links for the day



  6. A Free Speech Deficit Harms Software Freedom

    Free software and Software Freedom cannot possibly succeed if we keep accepting or even just tolerating systematic censorship of opinionated people in our community; failing to speak out on this matter (for fear of supposedly offending someone, risking expulsion) is part of the problem — complicity by passivity



  7. Perception of Difficulty

    New poem by figosdev



  8. IRC Proceedings: Thursday, November 26, 2020

    IRC logs for Thursday, November 26, 2020



  9. Cartoon: After Gambling With Workers' Savings the EPO Can Do Real Estate

    New EPO cartoon from EPO insiders (the one on the right certainly looks a lot like António Campinos and the one on the left can be his EUIPO ‘import’ or Benoît Battistelli‘s INPI ‘import’)



  10. Free as in Freedom Should Not be Associated With Cost

    It's important to remind people that so-called 'free' services (Clown Computing, centralised spaces that 'farm' their so-called 'users') aren't really free; we need to advocate freedom or free-as-in-freedom alternatives



  11. [Meme] UPC's Pyrrhic Victory

    Contrary to what Team UPC says, what happened earlier today is hardly a breakthrough



  12. Many Thanks to Free Software, the Demise of Software Patents (in Europe and the US), and So Much More

    On a positive note we're heading into the end of November, one month before Boxing Day; we take stock of patent affairs that impact software developers



  13. Links 26/11/2020: PHP 8.0, Proxmox VE 6.3, UNIGINE 2.13

    Links for the day



  14. 29,000 Blog Posts and Recent Site Improvements

    Over 29,000 blog posts have been posted here, but more importantly we've made the site a lot more robust and resilient, accessible in more formats and protocols (while improving transparency, too)



  15. [Meme] Trump is Out. Now It's Time to Pressure the Biden Administration/Transition Team on Software Freedom Issues.

    The Biden transition is in motion and tentative appointments are underway, based on news reports (see our Daily Links); now is the time to put pressure, e.g. in the form of public backlash, to ensure it's not just another corporate presidency



  16. Boycott ZDNet Unless You Fancy Being Lied to

    ZDNet's Catalin Cimpanu continues to lead the way with misinformation and lies, basically doing whatever he was doing to land that job at ZDNet (after he had done the same elsewhere)



  17. The UPC and Unitary Patent Song

    On goes the UPC symphony, as the Unified Patent Court (UPC) is almost here, always coming "real soon!"



  18. Open Letter to the German Greens on UPC and Software Patents: Don’t Betray Your Voters and Your Promises, or You Will Regret it

    Dear Members of the German Greens in the Bundestag. By Benjamin HENRION.



  19. [Meme] One Step Away From Replacing Patent Examiners With 'Hey Hi' (AI)

    If it's not legal for 'Hey Hi' (AI) to get a patent, why should it be legal for patents to be granted by those who are invisible (and sometimes in de facto house arrest)?



  20. European Patent Office (EPO) Reduced to 'Justice Over the Telephone' and Decree by E-mail

    The EPO is trashing the EPC and everything that the Office was supposed to stand for, as it wrongly assumes demand for monopolies (typically from foreign corporations) comes before the rule of law and Europe's public interest



  21. Making Free Software Work for Users

    The latest reply to a non-developer concerned about software freedom; guest post by figosdev



  22. IRC Proceedings: Wednesday, November 25, 2020

    IRC logs for Wednesday, November 25, 2020



  23. Links 26/11/2020: AV Linux 2020.11.23 and Blender 2.91 Release

    Links for the day



  24. Links 25/11/2020: GamerOS and Biden Transition in Motion

    Links for the day



  25. An Orwellian December

    With December around the corner and states tightening the screws on the population (or employers on employees) at least we can look forward to spring



  26. The Non-Technical (or Lesser Technical) Software User That Wants Software Freedom

    Assuming that Free software should care about what users — not only developers — really want (and need) it’s important to understand how they view the current situation (with growing waves of corporate takeover and compromises, even expulsions)



  27. The European Patent Office Should be Run by Patent Examiners (Scientists), Not Politicians

    Europe would be better off (and patent quality much improved) had people with an actual grasp of science and reality were in charge of the EPO, not a money-chasing kakistocracy (which is what we have now)



  28. Member of the EPO's Boards of Appeal Explains Why VICOs (or ViCo/Video Conferences/Virtual 'Hearings') Are Not Suitable for Justice

    It's interesting to hear (or see/read) what people inside the EPO have to say about the "new normal" when they enjoy a certain level of anonymity (to avert retribution)



  29. Open Source Initiative (OSI) Co-founder Bruce Perens: Open Invention Network (OIN) is Protecting the Software Patent System From Reform and OSI Approves Faux 'Open' Licences (Openwashing)

    Richard Stallman was right about the OSI and the fake 'movement' that claims to have 'coined' the term "Open Source" (it wasn't a new term at all; it had been used in another context and the Free software community spoke of things like "Open Hardware" years earlier)



  30. IRC Proceedings: Tuesday, November 24, 2020

    IRC logs for Tuesday, November 24, 2020


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts