Houston Courts Shut Down By Malware 126
Conficker is still at it: dstates writes "The municipal courts of Houston were shut down yesterday after a computer virus spread through the courts' computer systems. The shutdown canceled hearings and suspended arrests for minor offenses and is expected to extend through Monday. The disruption affected many city departments, the Houston Emergency Center was briefly disconnected and police temporarily stopped making some arrests for minor offenses. The infection appears to be contained to 475 of the city's more than 16,000 computers, but officials are still investigating. Gray Hat Research, a technology security company, has been brought in on an emergency contract to eradicate the infection. In 2006, the City spent $10M to install a new computer system and bring the Courts online, but the system has been beset by multiple problems. After threatening litigation, the city reached a $5 million settlement with the original vendor, Maximus, and may seek another vendor."
Re:That would have been an interesting lawsuit (Score:3, Informative)
> IANAL
This is very clear.
> but I suspect defending yourself in court against the city (with the city representing
> the court) could be difficult.
Companies routinely litigate contract disputes with governments. This case would be heard in state court.
Re:Which OS was infested? I bet I can guess. (Score:5, Informative)
Windows, of course. It's what every single computer that I've seen in any court, jail, or police station in Houston (and Harris County, which Houston is in) runs.
And I've seen more than a few...
Interestingly, courts are pretty technical down here. The employees are still as dumb, but if you're in Houston City Jail, you don't even see a judge or talk to anyone in person (other than Johnny Law). The pre-trial personnel speak to you via a telephone or a speaker in the wall of the room, you don't even see their faces in the newer city jail. Both jails the judges are linked in on a high-resolution screen, whether it's your actual court (for City, not County) or just a probable cause arraignment (which, not surprisingly, never releases anyone, no matter how ridiculous the evidence is).
Harris County is technical in the court, but if you're just talking to your lawyer in the court holding cell, you don't even see the inside of a courtroom.
Of course, Fort Bend County (where I live) is so non-technical it's hilarious. I was jammed up in their system over Thanksgiving (no bonds or releases on holidays - I was in there for a damn class C misdemeanor, and sat 3 days), and got a visit from my father. The moron cops actually used their network closet as a holding tank for prisoners awaiting room in visitation. I was alone in there at one point, staring at a dusty Cisco router that was at least ten years old, plus what could only have been their video system (which looked even older). I was so tempted to just rearrange cables...until I thought about how long it might take them to find someone to fix it, and how that might effect my release (which was scheduled for the next day).
Of course, the plus side to my county is that judges actually see you face-to-face, and will release you if it's a bullshit case. Much preferable to a high-tech system with no justice at all.
Re:no arrests for minor offenses! (Score:3, Informative)
Class B Misdemeanor, IIRC (possession under 4 ounces is a class A, but anything under a an ounce is class B). That's pretty minor. You'll generally get 20 days (and each "day" is twelve hours, so by the time you get to court, you generally have 5 days racked up) or the option for probation (never, ever take probation - you're just setting yourself up for failure). Just take the jail time, unless you have to be at work, in which case you bond out, go work, and you'll probably get time served when you show up to court.
Note, this is not from personal experience. I haven't been arrested with pot since I was 14, right around the time I quit smoking that boring crap.
Re:Oops (Score:5, Informative)
Re:Do courts need computers? (Score:5, Informative)
Not true, at least for US Federal as well as many state and local courts.
Who have been using computers for twenty years to my certain knowledge.
Video tape depositions are routine.
Actually it's mostly based on the written word. It is the court record that matters, and that means what the stenographer keyed into her computer in addition to the orders signed by the judge and the documents filed by the parties.
Yes, as a matter of fact, it can be rather like that. And many Federal courts require that filings be made in electronic form. Here is a link [uscourts.gov].
Re:Inside Job! (Score:3, Informative)
A computer illiterate or budget conscious CEO or manager can also deliberately block upgrades to core systems that may require man-hours, hardware upgrades, or programmer time to test and integrate the upgrades despite known security risks, judged to be less dangerous than interfering with active services. I've had this happen, repeatedly, and try to be very careful to get my security concerns in writing in the hands of my manager, their manager, and an outside party so that I can establish that I've done my best and was blocked from doing the fixes before things broke.
It's hard on the admins when they're not permitted to to the fix. It's worse when some fool like the parent poster (not you Darkness, but your parent poster) insults you with 20/20 hindsight from thousands of miles away and no budget or other human limitations to deal with. Just try and pry free the money to get a registered SSL certificate so your company's users don't get used to randomly accepting SSL keys.
Re:Oops (Score:3, Informative)
I don't know if my comment will do any good, as what I am about to say has been said in every story about conficker/downadup here, but here goes.
It is actually not possible to disable autorun by normal means. Autorun always runs, by design (Microsoft is still claiming that this is not a misfeature). It still runs, parsing the autorun.inf and performing every action up until the running an executable or autoplaying.
Saying that the issue is "user driven" is technically accurate but woefully misleading. Autorun will dutifully follow any directives in autorun.inf before the final step, including changing the appearance of the icon, context menu, and double-click behavior. So yes, it is "user driven", in that a user performs an action, but it is misleading because the action (right-clicking or double-clicking on the drive icon) does not behave as the user expects (i.e., it installs malware).
Yes, there are now patches for the double-click and context menu vulns (since last July). But the insane behavior of parsing autorun.inf remains. The only way to truly stop autorun is the hack described by US-CERT (there was a /. article on the controversy recently). It's described here [wikipedia.org].
Summing up: it's broken, it's always been broken, and Microsoft says it's a feature.
Strangely enough, wikipedia has become a neat repository for knowledge about malware:
http://en.wikipedia.org/wiki/AutoRun [wikipedia.org]
http://en.wikipedia.org/wiki/Downadup [wikipedia.org]