EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

02.15.11

When Windows Kills

Posted in Australia, Microsoft, Security, Windows at 12:51 pm by Dr. Roy Schestowitz

Ambulance

Summary: Australian emergency services had their own emergency (a downtime of over a day) due to Windows viruses; a lot more evidence from the news shows the uniqueness of Windows as far as insecurity goes

OVER the years we have gathered examples where Microsoft’s shoddy security cost lives, e.g. [1, 2, 3]. At one point we called it “Death by Microsoft Windows” and it appears to be happening again in Australia, whose government has shared a bed with Microsoft for many years (the OOXML fiasco is an example of that, but it is a month old by now [1, 2, 3, 4, 5]). According to IDG:

Computers which co-ordinate NSW’s ambulances are back online in three of the state’s regions after a major virus forced staff to shut them down for more than 24 hours.

The virus crept into the Ambulance Service of NSW’s dispatch system at 1pm (AEDT) on Saturday, prompting staff to co-ordinate paramedics by telephone and handwritten notes.

“Major virus,” eh? What do they mean by “major”? Viruses in this context are not physical beings. Surely a better term would be “Windows virus,” not “major virus,” right? “Windows, presumably,” writes Glyn Moody, “is this so wise when lives depend on it?”

The EFF points out that, based on Bruce Schneier’s analysis, the Microsoft updates are a potential flaw and there is a mention of “SCADA” too (covered in [1, 2, 3, 4, 5]).

We know the market pressure approach can work. Once Microsoft saw that the market would (at least threaten to) make purchasing decisions on the basis of security, we suddenly got the Secure Windows Initiative and Trustworthy Computing. A key security technique is keeping the heat on vendors.

There is also an operational problem. To get a handle on the state of security of important infrastructure, try a Google search for [ scada security ]. It turns up alarming reports of basic security problems in some of our nation’s most important systems. (“SCADA” stands for “supervisory control and data acquisition”, and is used generally to refer to industrial control systems for things like water purification, electricity, manufacturing, and so on.)

Somewhat related to this is the shocking news that the very notorious HBGary created Windows rootkits like “MAGENTA”, based on some new leaks:

In the new emails released by Anonymous we discover that HBGary Inc. may have been working on the development of a new type of Windows rootkit that was undetectable and almost impossible to remove.

There is also more about Stuxnet, which we last mentioned last night.

The Stuxnet worm repeatedly attacked five industrial plants inside Iran over a 10-month period, according to new data collected by researchers from antivirus firm Symantec.

Three of the undisclosed organizations were targeted once, one was hit twice and one was targeted three times, members of Symantec’s Security Response Team wrote in the report (PDF), which updates findings first released in September. The attacks took place in 12,000 separate infections in 2009 and 2010 and weren’t discovered until July.

Also in the news right now:

A report issued today warns IT professionals that cybercriminals are changing their tactics and, as a result, predicts there will be fresh banking trojans arriving in the wild.

The bi-annual report from M86 Security says that IT managers need to redouble their efforts to patch their IT systems, as next-generation malware is now on the way.

These new types of malware, says the company behind the report, are likely to include application code that takes advantage of social networking service users.

Notice the avoidance of words like “Microsoft” and “Windows”. It suits them well, it does not inform the readers though. Microsoft is one of the major causes of SPAM, owing to the number of botnets that get created by capitalising on Microsoft flaws. Nonetheless, the culprit from Redmond does some new marketing around E-mail ‘surveys’ that are probably intended to exploit Valentine’s Day. Business as usual, right?

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 20/4/2014: EFF FOSS, Easter Drone Strikes, Copyright Industry Fear of Google

    Links for the day



  2. Links 19/4/2014: Slow Easter News Day

    Links for the day



  3. Links 18/4/2014: New KDE, Kubuntu, and More

    Links for the day



  4. Some Perspective on Heartbleed®

    Our views on the whole Heartbleed® bonanza, which seems like partly a PR stunt (for multiple stakeholders)



  5. Microsoft is Leaving Windows -- Including Vista 8.1 -- Vulnerable to Non-Government Crackers, Not Only to NSA

    Microsoft makes it ever more evident that securing users of Windows is not at all a priority, and perhaps not even a desire



  6. Links 17/4/2014: Android RDP, New Ubuntu, RHEL 7 Milestone

    Links for the day



  7. Racing to 1984: Mass Surveillance, Cracking, 'Targeted' Assassinations, and Illegal Torture

    Links for the day



  8. More Microsoft Subsidies to Patent Troll Intellectual Ventures

    Microsoft hands money to Bill Gates' close friend who is the world's largest patent troll



  9. Aiding Microsoft Under the Disguise of 'Pro-FOSS'

    Not everything which is FOSS necessary becomes, by virtue of existence, a positive contribution, as we are constantly reminded by projects that help proprietary software and/or restrictions get a strong grip on FOSS



  10. Links 16/4/2014: Red Hat PR, Ubuntu LTS Imminent

    Links for the day



  11. Links 15/4/2014: Lots of PCLinuxOS Releases, Ukraine Updates

    Links for the day



  12. Apple and Microsoft Actively Lobbying Against Patent Reform in the US

    Apple and Microsoft are reportedly intervening/interfering with US law in order to ensure that the law is Free/libre software-hostile



  13. Lawsuit by Microsoft Shareholder Targets Fine for Crimes Rather Than the Crimes Themselves

    A new lawsuit by a Microsoft shareholder shows everything that's wrong with today's model of accountability, where those who are responsible for crimes are accused of not avoiding fines rather than committing the crimes



  14. Public Institutions Must Dump PRISM-Associated Software

    Another reminder that taxpayers-subsidised services should refuse, as a matter of principle, to pay anything for -- let alone deploy -- proprietary software with back doors



  15. GNU/Linux News: The Opportunities Amid XP EOL

    Links for the day



  16. Microsoft Gets Its Money's Worth From Xamarin: PlayStation 4 Now Polluted by Microsoft

    The Trojan horse of Microsoft, Xamarin, is pushing .NET into Microsoft's console competitor



  17. After Brendan Eich Comes Chris Beard

    Having removed Brendan Eich using bullying and blackmail tactics, his foes inside Mozilla achieved too little as we have yet another man (coming from inside Mozilla) acting as CEO



  18. Healthcare News: Free Software in Health, Humanitarian Causes

    Links for the day



  19. Links 14/4/2014: MakuluLinux, Many Games, More Privacy News and Pulitzer Prize for NSA Revelations

    Links for the day



  20. TechBytes Episode 87: Catching up With Surveillance (NSA, GCHQ et al.)

    The first audio episode in a very long time covers some of the latest happenings when it comes to privacy and, contrariwise, mass surveillance



  21. Server News: KVM, ElasticHosts, Other GNU/Linux Items, and Open Network Linux

    Links for the day



  22. Hardware News: Freedom, Modding, Hackability on the Rise

    Links for the day



  23. Distributions News: GNU/Linux Distros

    Links for the day



  24. GNOME News: Financial Issues, Mutter-Wayland, West Coast Summit, Community Participation

    Links for the day



  25. KDE News: Kubuntu at the Centre Again KDE Applications Updated

    Links for the day



  26. Techrights Rising

    Effective immediately, Techrights will do what it takes to bring back old volume and pace of publishing



  27. Links: Surveillance, Intervention, Torture and Drones

    Links for the day



  28. Mobile Linux Not Just Android: Jolla, WebOS, and Firefox OS News

    Links for the day



  29. Google's Linux Revolution: New Gains for Android, Chrome OS (GNU/Linux)

    Links for the day



  30. Free/Libre Databases News: MongoDB, NoSQL, and MySQL Branches/Forks

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts