EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.09.09

U.S. Federal Aviation Administration (Windows Shop) Gets Cracked Again

Posted in Microsoft, Security, Windows at 6:34 am by Dr. Roy Schestowitz

Loading

Corollary: People may start caring about computer security not when businesses become less productive but when disaster eventually strikes

WE’VE already shown that the U.S. Federal Aviation Administration (FAA) is relying on a great deal of Windows [1, 2], so it’s not surprising to find it getting cracked again. From the news:

i. FAA admits problems with hackers

According to CNET, the US Federal Aviation Administration has admitted that hackers have broken into the air traffic control mission-support systems several times in recent years. In one case they managed to become ‘insiders’ to the network.

ii. Report: Hackers broke into FAA air traffic control systems

Hackers have broken into the air traffic control mission-support systems of the U.S. Federal Aviation Administration several times in recent years, according to an Inspector General report sent to the FAA this week.

Also in the news in recent days:

i. Researchers Release Bootkit Code Targeting Windows 7

Dubbed Vbootkit 2.0, the software was first presented by researchers Vipin Kumar and Nitin Kumar at the Hack In The Box security conference in Dubai in April. At the conference, the two researchers demonstrated how attackers could circumvent security features implemented in the kernel and gain control over Windows 7 (x64).

ii. Microsoft to patch ‘critical’ PowerPoint hole

Microsoft plans to patch a hole in its PowerPoint presentation program, the company said in an advanced bulletin that was notable because it contained only a single update.

iii. Botnet master hits the kill switch, takes down 100,000 PCs

Those behind the Zeus botnet recently decided to press the big red button, bluescreening 100,000 computers around the globe. Security experts aren’t sure why yet, although they have some ideas.

iv. Windows and Viruses – Made for each other

This is the screenshot of the cnet’s download.com which shows the most popular downloads for windows. The first five positions are taken by anti-virus software :-). Sadly there is no ‘Linux’ download section but ‘Mac’ has a place.

v. Microsoft ‘fixes’ its malware problem

Computerworld has an Microsoft WGA/WAT spokesman quoted as saying: “When we went out and talked to customers, we found that activation was the concept that resonated most strongly with them”.

The quote ends there, but may have ended: “…Like memories of the first time they were kicked in the groin.”

In any case, Microsoft’s draconian licensing enforcement ‘technology’ is malware by its own definition. And it’s forced on the user through EULAs of questionable legality.

There is no advantage to it for the user, only advantages for Microsoft. And renaming it won’t make it more attractive to users or any more palatable.

Maybe someday, smart users will stop buying software products that have a built-in remote off switch.

Name changes never resolve problems, except for perceptual problems.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. Needs Sunlight said,

    May 9, 2009 at 7:11 am

    Gravatar

    Keep in mind, the FAA knows better and has experienced at least one Windows- based shutdown of the World’s eighth largest economy:

    http://www.techworld.com/opsys/news/index.cfm?newsid=2275

    http://www.securityfocus.com/news/9729

    http://www.ccsce.com/pdf/Numbers_CA_Rank.pdf

    FWIW, California is ranked just behind Italy.

    Roy Schestowitz Reply:

    Yes, it’s a Windows problem.

    The Los Angeles Times reported that the outage was the result of a worker neglecting to perform a monthly reset of a Windows-based control system, resulting in its automatic shutdown after 49.7 days of operation. A backup system also failed.

    Microsoft server crash nearly causes 800-plane pile-up

    twitter Reply:

    The FAA has made some tennative moves away from M$, but apparently has not made the jump to sanity. In 2006, they moved some servers to Red Hat. In 2007 they said no to Vista and considered dumping Windows completely for GNU/Linux. The FAA’s CIO, David Bowen, was quoted at the time about “business case” and problems with compatibility and continued availability of XP rather than security and freedom. He mentions security here but OS is not part of the discussion. A sane discussion would be about getting Windows out of airports entirely because a single compromised machine can do a lot of damage. Every airport I visit has M$ junk prominently placed, often with big error messages displayed instead of information. The FAA has the authority to fix this and should.

    When reading these stories, it is difficult to know if the incompetence comes from the reporter or the FAA. Bowen’s background is in economics and business which is decried, somewhat unfairly here. An older CV is published here. No mention of computing languages or development is made, which may be why it has taken him so long to see the value of free software despite managing so many computers over the last 25 years. He has a guilty hand in the health care mess, having come from Blue Shield. Still, we know how well managed most of the press is when it comes to M$ trash. It is no more surprising to find smears against anyone in power who considers moving to GNU/Linux than it is to find complete incompetents in power. At this point, competent people not only realize what a security disaster Windows is, they realize how it is designed to never properly interact with other systems. Competent people do what Lowes did, they migrate completely away and do so at once. Bowes has indicated he thinks this way, but it is impossible to tell through the reporting that I have found.

  2. ricardo nunes said,

    May 9, 2009 at 7:43 am

    Gravatar

    OSOR – The Swiss company Skysoft has started development of Albatross, a set of open source applications for air traffic controllers. The project’s website was unveiled on 16 March.

    The software will be published under a GNU Public Licence. The company has not yet decided which version of the GPL will be used.
    http://www.osor.eu/news/company-opens-development-airport-traffic-management-software

  3. Al said,

    May 12, 2009 at 1:54 am

    Gravatar

    It is the incompetence of the security and administration that causes theese problems everys single time. And you people think running open source is a good idea for these morons?? If they can not properly administer a Windows environment how the hell do you expect them to to deal with Linux or Unix??? Please tell me?? So the Windows bashing may be all well and good but let’s get the facts strait in any one of the cases like this you had incompetent people as the cause.. When a competent staff and sound policy is in place Windows is just as secure as Linux! Is it much more expensive? Yes … Does it offer the freedom? No…. But do not blame Windows for complete incompetence!!!!

    Hey we are talking about government here so incompetence is a given!!!

    Think about it the FAA is bueracracy and the follow the government model…

    Spend way more than neccessary… Hire any moron that is related or a friend the let them give their moron friends and relatives jobs… Next pay them entirely to much for doing far to little … After that let them take off whenever they want, throw in double time and a half holiday pay for every holiday possible…. Then when it goes wrong blame the taxypayers and corporations!!!

    Yet so many seem to embrace this idea shouting while they rob us blind knowing our taxes are going sky high in the future no matter what you make and yet we shout YES WE CAN…

    Give in to the Obama/Gates (General Electric,NBC,Microsoft) connection….

    Roy Schestowitz Reply:

    NBC ‘news’ is a wholly separate issue. :-)

What Else is New


  1. Microsoft Windows Unsafe at Any Speed, by Design

    More timely reminders that Windows is simply not designed to be secure, irrespective of version, status of patching, etc.



  2. After Moonlight Dies and Even Microsoft Abandons Silverlight, the Abusive Monopolist Keeps Pushing for Other Microsoft Lock-in, Injecting OOXML Traps Into Free Software (Moodle)

    Despite a long history of Microsoft formats being proven guarantee of digital obsolescence, Moodle allows itself to become Microsoft prey and a Trojan horse for OOXML in classrooms (for children)



  3. Links 4/7/2015: Mostly (Geo)Political Catchup

    Links for the day



  4. Links 3/7/2015: KDE Applications 15.04.3, Ubuntu-Flavored Compute Stick

    Links for the day



  5. Patent Lawyers and Their Firms, Still Desperate to Protect the Status Quo, Manipulate the Media

    Patent lawyers are besieged by gradual tightening of patent scope and recklessly fight back (e.g. by saturating the media) to secure their revenue sources, derived from (and at the expense of) actual scientists and true market producers



  6. Amid Controversy, Political Scrutiny and Increased Media Pressure Željko Topić and Benoît Battistelli Allegedly Cancel Today's Trip to Zagreb (Croatia) Where Topić Faces Many Criminal Charges

    The Croatian press comments on the recent declaration from the Council of Europe and Topić's not-so-sterling status in his home country, where he is wanted for alleged crimes



  7. Microsoft Gradually Embraces, Extends, Extinguishes Linux Foundation as a Foundation of GNU/Linux

    By liaising with (or hijacking) existing members of the Linux Foundation, as well as by paying the Linux Foundation, Microsoft turns the Linux Foundation into somewhat of a Windows advocacy group



  8. Microsoft India Still Lobbies and Lies About Free Software in Order to Knock Down Policy That Favours Free Software

    Microsoft continues to bully Indian politicians who merely 'dare' to prefer software that India can modify, maintain, extend, audit, etc.



  9. Patent Lawyers and Corporate Media Nervous About New Patents Barrier/Reality (Less Patents on Software and Business Methods)

    The rich and the powerful, as well as their lawyers (whose job is to protect their money and power by means of government-enforced monopoly), carry on whining after the Alice case, in which many abstract patents were essentially ruled -- by extension -- invalid



  10. Translation of Pierre-Yves Le Borgn' Speech Against EPO Management and New Parliamentarian Interventions

    More political fire targeting the EPO's management, adding up to over 100 parliamentarians by now



  11. Links 2/7/2015: KDE Plasma 5.3.2, antiX 15

    Links for the day



  12. Links 1/7/2015: OpenDaylight Lithium, OpenMandriva Lx 2014.2

    Links for the day



  13. Munich Press, Münchner Merkur, Slams the Munich-based EPO

    Pressure on Benoît Battistelli to leave (or be fired) grows as the cronies whom he filled his office with have become a huge public embarrassment to the decades-old European Patent Office



  14. The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

    Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software



  15. National Insecurity and Blackmail, Courtesy of Microsoft

    British members of parliament (MPs) outsourced their communication to the number one PRISM company and they are paying the price for it; The US Navy's systems continue to be unbelievably insecure (Windows XP), despite access to the world's biggest nuclear arsenal



  16. Microsoft Keeps Shrinking

    As the era of shrink-wrapped software comes to an end so does Microsoft, whose effort to become a 'cloud' company with online operations has been miserable at best



  17. They 'R' Coming: More Microsoft Money for the Linux Foundation

    The problem with having Microsoft in a Linux Foundation initiative, the R Consortium



  18. Speculations About the EPO's Possible Role in DDOS Attacks

    Readers' views on who might be behind the attacks on this site amid confirmation that it's on the 'targets' list of the EPO



  19. Links 30/6/2015: Linux Mint 17.2, OpenMandriva

    Links for the day



  20. Techrights Confirmed as a Target of EPO Surveillance, With Help From Control Risks Group (CRG)

    Unveiling the cloak of secrecy from long-term surveillance by the European Patent Office (EPO) and a London-based mercenary it hired, bypassing the law



  21. Google's Fight to Keep APIs Free is Lost, Let's Hope Google Continues Fighting

    SCOTUS refuses to rule that APIs cannot be considered copyright-'protected', despite common sense and despite Java (which the case is about) being Free/libre software



  22. Patent Trolls in the Post-Alice World

    A round-up of news about patent trolls in the United States, some of whom are are doing well and some of them not as well



  23. DDOS Attacks Against Techrights

    Information about some of the most recent DDOS attacks against this Web site and the steps to be taken next



  24. The Patent System Not What it Used to be, Large Corporations and Patent Lawyers the Principal Beneficiaries

    A look at some recent patent stories and what can be deduced from them, based on statistics and trends



  25. After Intervention by the Council of Europe Comes a Detailed Summary of the Situation in the European Patent Office (EPO)





  26. IRC Proceedings: May 31st - June 27th, 2015

    Many IRC logs



  27. Links 28/6/2015: Manjaro Linux Cinnamon 0.8.13, VectorLinux 7.1

    Links for the day



  28. Williamson v. Citrix Online (at CAFC) Reinforces Alice v. CLS Bank (at SCOTUS) in Crushing Software Patents

    More patent news from the United States, again serving to indicate that software patents over there are getting weak (harder to defend in court or acquire from the patent office)



  29. Proskauer Rose LLP is Cherry-Picking Cases to Make Software Patents Seem Eligible Despite Alice v. CLS Bank

    Naming and shaming those who are trying to reshape the consensus despite a rather consistent pattern of software patents being rejected



  30. IAM Biased: How IAM 'Magazine' Glorifies Patent Stockpiling

    A look at the bias of one of the most overzealous sites for and by patent lawyers


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts