Bonum Certa Men Certa

When Windows Kills

Ambulance



Summary: Australian emergency services had their own emergency (a downtime of over a day) due to Windows viruses; a lot more evidence from the news shows the uniqueness of Windows as far as insecurity goes

OVER the years we have gathered examples where Microsoft's shoddy security cost lives, e.g. [1, 2, 3]. At one point we called it "Death by Microsoft Windows" and it appears to be happening again in Australia, whose government has shared a bed with Microsoft for many years (the OOXML fiasco is an example of that, but it is a month old by now [1, 2, 3, 4, 5]). According to IDG:



Computers which co-ordinate NSW's ambulances are back online in three of the state's regions after a major virus forced staff to shut them down for more than 24 hours.

The virus crept into the Ambulance Service of NSW's dispatch system at 1pm (AEDT) on Saturday, prompting staff to co-ordinate paramedics by telephone and handwritten notes.


"Major virus," eh? What do they mean by "major"? Viruses in this context are not physical beings. Surely a better term would be "Windows virus," not "major virus," right? "Windows, presumably," writes Glyn Moody, "is this so wise when lives depend on it?"

The EFF points out that, based on Bruce Schneier's analysis, the Microsoft updates are a potential flaw and there is a mention of “SCADA” too (covered in [1, 2, 3, 4, 5]).

We know the market pressure approach can work. Once Microsoft saw that the market would (at least threaten to) make purchasing decisions on the basis of security, we suddenly got the Secure Windows Initiative and Trustworthy Computing. A key security technique is keeping the heat on vendors.

There is also an operational problem. To get a handle on the state of security of important infrastructure, try a Google search for [ scada security ]. It turns up alarming reports of basic security problems in some of our nation’s most important systems. (“SCADA” stands for “supervisory control and data acquisition”, and is used generally to refer to industrial control systems for things like water purification, electricity, manufacturing, and so on.)


Somewhat related to this is the shocking news that the very notorious HBGary created Windows rootkits like “MAGENTA”, based on some new leaks:

In the new emails released by Anonymous we discover that HBGary Inc. may have been working on the development of a new type of Windows rootkit that was undetectable and almost impossible to remove.


There is also more about Stuxnet, which we last mentioned last night.

The Stuxnet worm repeatedly attacked five industrial plants inside Iran over a 10-month period, according to new data collected by researchers from antivirus firm Symantec.

Three of the undisclosed organizations were targeted once, one was hit twice and one was targeted three times, members of Symantec's Security Response Team wrote in the report (PDF), which updates findings first released in September. The attacks took place in 12,000 separate infections in 2009 and 2010 and weren't discovered until July.


Also in the news right now:

A report issued today warns IT professionals that cybercriminals are changing their tactics and, as a result, predicts there will be fresh banking trojans arriving in the wild.

The bi-annual report from M86 Security says that IT managers need to redouble their efforts to patch their IT systems, as next-generation malware is now on the way.

These new types of malware, says the company behind the report, are likely to include application code that takes advantage of social networking service users.


Notice the avoidance of words like "Microsoft" and "Windows". It suits them well, it does not inform the readers though. Microsoft is one of the major causes of SPAM, owing to the number of botnets that get created by capitalising on Microsoft flaws. Nonetheless, the culprit from Redmond does some new marketing around E-mail 'surveys' that are probably intended to exploit Valentine's Day. Business as usual, right?

Recent Techrights' Posts

Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo
Reprinted with permission from disguised.work
Martina Ferrari & Debian, DebConf room list: who sleeps with who?
Reprinted with permission from Daniel Pocock
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux)
Lives are at stake
Links 23/04/2024: US Doubles Down on Patent Obviousness, North Korea Practices Nuclear Conflict
Links for the day
Stardust Nightclub Tragedy, Unlawful killing, Censorship & Debian Scapegoating
Reprinted with permission from Daniel Pocock
 
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed
Links for the day
Sexism processing travel reimbursement
Reprinted with permission from disguised.work
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These)
Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks
Reprinted with permission from disguised.work
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches)
Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations
Links for the day
Meike Reichle & Debian Dating
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024
IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model
Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT)
The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team
Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?
Reprinted with permission from Daniel Pocock
Detecting suspicious transactions in the Wikimedia grants process
Reprinted with permission from Daniel Pocock
Gunnar Wolf & Debian Modern Slavery punishments
Reprinted with permission from Daniel Pocock
On DebConf and Debian 'Bedroom Nepotism' (Connected to Canonical, Red Hat, and Google)
Why the public must know suppressed facts (which women themselves are voicing concerns about; some men muzzle them to save face)
Several Years After Vista 11 Came Out Few People in Africa Use It, Its Relative Share Declines (People Delete It and Move to BSD/GNU/Linux?)
These trends are worth discussing
Canonical, Ubuntu & Debian DebConf19 Diversity Girls email
Reprinted with permission from disguised.work
Links 23/04/2024: Escalations Around Poland, Microsoft Shares Dumped
Links for the day
Gemini Links 23/04/2024: Offline PSP Media Player and OpenBSD on ThinkPad
Links for the day
Amaya Rodrigo Sastre, Holger Levsen & Debian DebConf6 fight
Reprinted with permission from disguised.work
DebConf8: who slept with who? Rooming list leaked
Reprinted with permission from disguised.work
Bruce Perens & Debian: swiping the Open Source trademark
Reprinted with permission from disguised.work
Ean Schuessler & Debian SPI OSI trademark disputes
Reprinted with permission from disguised.work
Windows in Sudan: From 99.15% to 2.12%
With conflict in Sudan, plus the occasional escalation/s, buying a laptop with Vista 11 isn't a high priority
Anatomy of a Cancel Mob Campaign
how they go about
[Meme] The 'Cancel Culture' and Its 'Hit List'
organisers are being contacted by the 'cancel mob'
Richard Stallman's Next Public Talk is on Friday, 17:30 in Córdoba (Spain), FSF Cannot Mention It
Any attempt to marginalise founders isn't unprecedented as a strategy
IRC Proceedings: Monday, April 22, 2024
IRC logs for Monday, April 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Don't trust me. Trust the voters.
Reprinted with permission from Daniel Pocock
Chris Lamb & Debian demanded Ubuntu censor my blog
Reprinted with permission from disguised.work
Ean Schuessler, Branden Robinson & Debian SPI accounting crisis
Reprinted with permission from disguised.work
William Lee Irwin III, Michael Schultheiss & Debian, Oracle, Russian kernel scandal
Reprinted with permission from disguised.work
Microsoft's Windows Down to 8% in Afghanistan According to statCounter Data
in Vietnam Windows is at 8%, in Iraq 4.9%, Syria 3.7%, and Yemen 2.2%
[Meme] Only Criminals Would Want to Use Printers?
The EPO's war on paper
EPO: We and Microsoft Will Spy on Everything (No Physical Copies)
The letter is dated last Thursday
Links 22/04/2024: Windows Getting Worse, Oligarch-Owned Media Attacking Assange Again
Links for the day
Links 21/04/2024: LINUX Unplugged and 'Screen Time' as the New Tobacco
Links for the day
Gemini Links 22/04/2024: Health Issues and Online Documentation
Links for the day
What Fake News or Botspew From Microsoft Looks Like... (Also: Techrights to Invest 500 Billion in Datacentres by 2050!)
Sededin Dedovic (if that's a real name) does Microsoft stenography
Stefano Maffulli's (and Microsoft's) Openwashing Slant Initiative (OSI) Report Was Finalised a Few Months Ago, Revealing Only 3% of the Money Comes From Members/People
Microsoft's role remains prominent (for OSI to help the attack on the GPL and constantly engage in promotion of proprietary GitHub)
[Meme] Master Engineer, But Only They Can Say It
One can conclude that "inclusive language" is a community-hostile trolling campaign
[Meme] It Takes Three to Grant a Monopoly, Or... Injunction Against Staff Representatives
Quality control
[Video] EPO's "Heart of Staff Rep" Has a Heartless New Rant
The wordplay is just for fun
An Unfortunate Miscalculation Of Capital
Reprinted with permission from Andy Farnell
[Video] Online Brigade Demands That the Person Who Started GNU/Linux is Denied Public Speaking (and Why FSF Cannot Mention His Speeches)
So basically the attack on RMS did not stop; even when he's ill with cancer the cancel culture will try to cancel him, preventing him from talking (or be heard) about what he started in 1983
Online Brigade Demands That the Person Who Made Nix Leaves Nix for Not Censoring People 'Enough'
Trying to 'nix' the founder over alleged "safety" of so-called 'minorities'
[Video] Inauthentic Sites and Our Upcoming Publications
In the future, at least in the short term, we'll continue to highlight Debian issues
List of Debian Suicides & Accidents
Reprinted with permission from disguised.work
Jens Schmalzing & Debian: rooftop fall, inaccurately described as accident
Reprinted with permission from disguised.work
[Teaser] EPO Leaks About EPO Leaks
Yo dawg!
On Wednesday IBM Announces 'Results' (Partial; Bad Parts Offloaded Later) and Red Hat Has Layoffs Anniversary
There's still expectation that Red Hat will make more staff cuts
IBM: We Are No Longer Pro-Nazi (Not Anymore)
Historically, IBM has had a nazi problem
Bad faith: attacking a volunteer at a time of grief, disrespect for the sanctity of human life
Reprinted with permission from Daniel Pocock
Bad faith: how many Debian Developers really committed suicide?
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, April 21, 2024
IRC logs for Sunday, April 21, 2024
A History of Frivolous Filings and Heavy Drug Use
So the militant was psychotic due to copious amounts of marijuana
Bad faith: suicide, stigma and tarnishing
Reprinted with permission from Daniel Pocock
UDRP Legitimate interests: EU whistleblower directive, workplace health & safety concerns
Reprinted with permission from Daniel Pocock