08.24.10

Gemini version available ♊︎

What Spanair Crash and BP Disaster Have in Common: Microsoft Windows in Alarm Systems

Posted in Microsoft, Security, Windows at 1:08 pm by Dr. Roy Schestowitz

Deepwater Horizon oil spill

Summary: The alarm system mentioned in yesterday’s post almost definitely ran Windows, just like the one which failed BP and helped cause the Deepwater Horizon disaster

YESTERDAY we wrote about the Spanair disaster, noting that it was almost certainly Windows’ fault. The alarm system did not work, so it had nothing to do with heavy workloads. Based on this new article which we found, it seems like the alerting software used Windows as an underlying platform, so no wonder it got knocked down by malware. In many ways, this is similar to what happened to BP some months ago. The alarm system, which was intended to prevent such major disasters that end up killing animals, people, and leaking over a million barrels of oil into the ocean, was a Windows-only application and it went into blue screens of death [1, 2, 3, 4].

According to today’s news, “Hacking toolkit publishes DLL hijacking exploit” [via]

The appearance Monday of exploit code for the DLL loading issue that reportedly affects hundreds of Windows applications means hackers will probably start hammering on PCs shortly, security experts argued.

“Once it makes it into Metasploit, it doesn’t take much more to execute an attack,” said Andrew Storms, director of security operations for nCircle Security. “The hard part has already been done for [hackers].”

How long will it take for all alarm systems to abandon Microsoft Windows? Those who put Windows on such mission-critical systems should probably be prosecuted, if not for manslaughter then for willful negligence that caused many deaths. It’s not as though Microsoft’s poor security record is unknown, despite Microsoft hiding the full extent of this problem.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

  1. twitter said,

    August 24, 2010 at 11:20 pm

    Gravatar

    Here’s more implicating Microsoft in the Deepwater Horizon disaster.

    “Winslow said he tried several times to use remotely operated vehicles — unmanned submarines — to execute a “hot stab,” in which the underwater robots plug hydraulics on the blowout preventer on the sea floor to try to force it to close off the top of the well. Winslow said he was sent directions and schematics, but his e-mail couldn’t handle the size of the computer files and he wasn’t able to look at several of them.”

    While not quite the smoking gun that the bypassed BSoD alarm system, this is significant if the “hot stab” attempts were ongoing before the rig sank. It might be that the blowout preventer could have worked before the sinking sent chunks of pipe through it. There are credible reports of damage to the preventer before hand that made the later efforts fruitless, but we will never know because BP’s email and file sharing system were completely inadequate as are most big dumb company setups where Windows rules the desktop.

    Every free software distribution overcomes these problems. OpenSSH, rsync and clients like grsync and konqueror make file transfer trivial and secure. Every free software distribution also comes with a wide range of excellent mail clients and servers. Finally, in a free software world, there’s little need to cap the size of email transfers, unless you have some kind of neolithic administration that worries more about “IP egress” than getting the job done …. that goes hand in hand with Microsoft deployment, no surprise.

DecorWhat Else is New


  1. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  2. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  3. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  4. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  5. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  6. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  7. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software



  8. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.



  9. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work



  10. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it



  11. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day



  12. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype



  13. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  14. Unmasking AI

    A guest article by Andy Farnell



  15. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  16. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  17. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  18. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)



  19. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan



  20. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)



  21. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)



  22. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023



  23. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape



  24. Geminispace Approaching Another Growth Milestone (2,300 Active Capsules)

    The expansion of Geminispace is worth noting again because another milestone is approached, flirted with, or will be surpassed this coming weekend



  25. [Meme] Cannot Get a Phone to Work... in 2022

    Sirius ‘Open Source’ wasted hours of workers’ time just testing the phone after it had moved to a defective system of Google (proprietary); instead of a rollback (back to Asterisk) the company doubled down on the faulty system and the phones still didn’t work properly, resulting in missing calls and angst (the company just blamed the workers who all along rejected this new system)



  26. [Meme] Modern Phones

    Sirius ‘Open Source’ is mistaking “modern” for better; insecurity and a lack of tech savvy typically leads to that



  27. The ISO Delusion: Sirius Corporation Demonstrates a Lack of Understanding of Security and Privacy

    Sirius ‘Open Source’, emboldened by ISO ‘paperwork’ (certification), lost sight of what it truly takes to run a business securely, mistaking worthless gadgets for “advancement” while compelling staff to sign a new contract in a hurry (prior contract-signing scandals notwithstanding)



  28. Links 26/01/2023: LibreOffice 7.4.5 and Ubuntu Pro Offers

    Links for the day



  29. Links 26/01/2023: GNU poke 3.0 and PipeWire 0.3.65

    Links for the day



  30. IRC Proceedings: Wednesday, January 25, 2023

    IRC logs for Wednesday, January 25, 2023


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts