Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Microsoft United States

Virus Knocks Out U.S. Visa Approval System 439

GillBates0 writes "According to this story and many others, the State Department's electronic system for checking every visa applicant for terrorist or criminal history failed worldwide late Tuesday because of a computer virus, leaving the U.S. government unable to issue visas. The virus crippled the department's Consular Lookout and Support System, known as CLASS, which contains, among others, names of at least 78,000 suspected terrorists. It was unclear which computer virus might have affected the system. But a separate message sent to embassies and consular offices late Tuesday warned that the Welchia virus had been detected in one facility. Welchia is an aggressive infection unleashed last month that exploits a software flaw in recent versions of Microsoft Windows."
This discussion has been archived. No new comments can be posted.

Virus Knocks Out U.S. Visa Approval System

Comments Filter:
  • by setzman ( 541053 ) <stzman.stzmanple ... sandremoveit@org> on Wednesday September 24, 2003 @08:51AM (#7043219) Journal
    If they did, they would know they following:

    1.) Use a firewall to block unnecessary access from the external network
    2.) Patch Windows often
    3.) Use anti-virus software and update the definitions often

    I would have thought that the State Department would at least do these minimums (to keep its systems "safe from evil-doers"), but I guess you can't even expect that much from government work.

    • Don't be silly. If the DoS read /., everything would be running on OpenBSD and MySQL.
    • 2.) Patch Windows often

      Should be:

      2.) Use Linux.
      • That is not without its own problems. A certain secure shell comes to mind...

        The answer, whether it's windows, linux, unix, bsd, plan 9, or even a commodore 64, is patch early, patch often, test, and pray.
        • Not allowing remote logins to something this important might be a good idea ^_^
          • Not allowing remote logins to a national database used to approve visas all over the U.S. which is located in one spot? Do you see the problem?
            Ultimate control hinders flexibility. If you want to fill out your application for a visa, send it by mail which will be handled by hundreds of people, to receive your visa which will be mailed to you, again handled by hundreds of people, rather than create a network which will allow someone to remotely access the information that they need in an environment more t
        • by antiMStroll ( 664213 ) on Wednesday September 24, 2003 @10:01AM (#7044013)
          Congratulations, you win the MS/Godwin award for the first spurious comparison between an arcane, difficult OpenSSH exploit requiring manual application on a per-computer basis and detailed expertise, and a Windows plug-it-in-and-watch-it-die automatic worm vulnerability. I knew someone would rush to claim equivalency between such radically different apples and oranges but am surprised it's getting modded inside of a dozen first posts.
    • by PaulK ( 85154 ) on Wednesday September 24, 2003 @09:07AM (#7043399)
      At what point will the government and public at large decide that "enough is enough?" Do people have to die before someone takes this seriously?

      Day after day, example after example, the world is inundated with successful attacks.

      We can say, "Well, people are stupid... They should know not to click on attachments," The reality is though, that "1 in 7" users have problems with the power button.

      There is no future security in blaming the end user. It's high time that we look at the systems that allow this type of invasion, replace where necessary, and train the users accordingly.

      The talk of cost becomes irrelevant when recovery costs are totalled. Just wait for the first wrongful death suit revolving around an insecure system failure.

      If we insist that users are accountable, we must also demand that the corporate citizens are accountable.

      • iIt's high time that we look at the systems that allow this type of invasion,

        What systems don't allow this? Paid attention to the recent bugs in OSS apps? It is the "users" - read admin's responsibility to keep up with these things. No system is immune.
        • by Frater 219 ( 1455 ) on Wednesday September 24, 2003 @09:59AM (#7043980) Journal
          No system is immune.

          But systems are not equally buggy. I discuss this here. [slashdot.org] No design and no development method is perfect. However, it is incontrovertible that some designs and some development methods yield software that fails less often; that fails less severely; and that fails more recoverably. We can inspect systems' behavior and say that for particular purposes, certain software is better than others. We can say this on the basis of technical facts, not merely marketing claims and promises of "support" and "warranty". We can also say it on the basis of historical evidence -- some systems have failed more often and more severely than others.

          A Microsoft Exchange mail server stores users' mail in a binary database, in a proprietary format. A Postfix or Qmail mail server stores users' mail in text files in a simple directory structure. We can make a reasonable (and correct!) prediction that in case of failure, it is easier to recover the content of mail from a Postfix or Qmail system than from Exchange. And, indeed, this is borne out by the experience of administrators: a maildir can get into an inconsistent state, but it's much easier to recover it than to recover an Exchange mail database.

          (Note that I'm not describing frequency of failure, but rather severity. We can also make predictions about the former, of course ....)

          Security holes are, from an engineering standpoint, simply another kind of failure. We can look at design choices such as privilege separation and chrooting -- applications of the Principle of Least Privilege -- and say that some systems will fail worse than others. A program that can't access files outside of /home/myprog cannot scribble on the kernel in /boot/vmlinuz. A Web server that runs as Administrator on Windows 2000 has opportunities to fail worse than a Web server that runs as www-data on Solaris.

          Simply put, there exist objective facts about security design, just as there exist objective facts about, say, civil engineering. Why doesn't the city construct water mains out of balsa wood and bridges out of papier-mache? It simply doesn't work very well. :)

          • by EzInKy ( 115248 ) on Wednesday September 24, 2003 @11:08AM (#7044805)
            Simply put, there exist objective facts about security design, just as there exist objective facts about, say, civil engineering. Why doesn't the city construct water mains out of balsa wood and bridges out of papier-mache? It simply doesn't work very well. :)

            You bring up a good point here. Civil Engineers are licensed professionals who are held legally accountable to follow certain well known design standards. Software Engineers on the other hand are unlicensed and expected to ensure that their designs are not well known to anyone other than their employers.
          • A Microsoft Exchange mail server stores users' mail in a binary database, in a proprietary format. A Postfix or Qmail mail server stores users' mail in text files in a simple directory structure. We can make a reasonable (and correct!) prediction that in case of failure, it is easier to recover the content of mail from a Postfix or Qmail system than from Exchange. And, indeed, this is borne out by the experience of administrators: a maildir can get into an inconsistent state, but it's much easier to recover
      • The reality is though, that "1 in 7" users have problems with the power button.

        I once worked for an engineer who was very fond of quoting that, by definition, 50% of the population has an IQ below 100.

    • by Eric_Cartman_South_P ( 594330 ) on Wednesday September 24, 2003 @09:11AM (#7043452)
      You forgot...

      4.) vi is better than e-macs

      5.) In Soviet Russia, you attack Virus!

      6.) People should patch their boxes bec.#J^@ATDT[NO CARRIER]

      7.) Don't use FreeBSD because it's dead/dying.

      8.) Apple is awesome. But I can't afford one.

      9.) Imagine a Beowolf cluster of those!

      10.) Patents, RIAA, Spooks, Windoze, Verisign, Politician, Spalling Checkirs; all bad.

      11.) Ogg, Apple, *nix, RMS, EFF; all good.

      12.) ???

      13.) Profit!

      PS. Mod's, go away. I'm just having fun. Don't put it up or down you fu%#d2DHATDT[NO CARRIER]

    • by jaredcat ( 223478 ) on Wednesday September 24, 2003 @09:20AM (#7043548)
      >> 1.) Use a firewall to block unnecessary access from the external network

      Really this doesn't work as well as you'd think. If you have laptop users on your network, which nearly everyone does, its analagous to wearing a plastic bubble suit but having unprotected sex with strangers every weekday morning.

      My office has about 60 users in it and is protected by PIX firewalls and techdata's email virus scanner. We have about 20 Windows servers in our server room (this doesn't include the many dozens of servers running Linux or Solaris, or the machines at one of our 3 colo sites), and we patch them all about once a month. Office workstations are forced to patch themselves weekly through a distributed Windowsupdate. So yeah, this should be pretty safe, right?

      Well about 3 times per week some user brings in a laptop, plugs it in to the LAN, and we get some new worm running around the office LAN.
      • If you have laptop users on your network, which nearly everyone does, its analagous to wearing a plastic bubble suit but having unprotected sex with strangers every weekday morning.

        That explains why he's always smiling.

        On a serious note, how about either not allowing in laptops or mandatory auto-update on them before allowing them onto the network? Or perhaps keep them on their own node with anti-virus scanners between it and the main network?

    • by Xerithane ( 13482 ) <xerithane.nerdfarm@org> on Wednesday September 24, 2003 @09:30AM (#7043663) Homepage Journal
      1.) Use a firewall to block unnecessary access from the external network

      They probably do. Then a user VPNs in with an infected machine against policy, or brings a laptop in and plugs it in. This happens at my work, too.

      2.) Patch Windows often

      Define "often", please. It could be once a month, once a quarter. I'm sure they have change control plans.

      3.) Use anti-virus software and update the definitions often

      See above.

      I would have thought that the State Department would at least do these minimums (to keep its systems "safe from evil-doers"), but I guess you can't even expect that much from government work.

      No, it's just that it's easier to assume that you are smarter than them and assume you know their network and systems.
      • 3.) Use anti-virus software and update the definitions often

        Define "often", please. It could be once a month, once a quarter. I'm sure they have change control plans.


        I've been using Norton Corporate Edition on my networks quite successfully for some time now. A server is config'd to be the update server and all the clients are managed from it. You can push updates to all the clients either manually or schedule them to update automatically. You can even force clients that come on the network to accept
    • And block attachments that are prone to viruses for the love of God. pdf, yeah, it can get a virus due to acrobat .. but that's usually less broken than say, word and it's macro viruses, or microsoft lookout and it's vulnerabilities. So you'd at least filter all the extensions for attachments that aren't safe..
  • Windows Means Work (Score:5, Insightful)

    by akedia ( 665196 ) * on Wednesday September 24, 2003 @08:52AM (#7043223)
    As much the Slashdot community hates Windows and likes to dump on its flaws, I've realized one thing: Windows means jobs in the IT security sector. As a Network Security technician, my job is, among other things, to make sure the latest threat to Microsoft software doesn't bring down the entire infrastructure in the federal department where I work. At least twice a week, my office has a meeting where we discuss the latest Windows virus or exploit, organize a task force, and then do a system-wide deployment of the fix to some 2000+ clients. I like to think that as long as Microsoft keeps making, er, crappy software, and as long as we still have crackers writing virii and trojans, I don't have to worry about losing my job. If there was some magical "perfect" sofware that never needed fixing (note: there isn't) then we wouldn't need IT security professionals now, would we?
    • by Sevn ( 12012 ) on Wednesday September 24, 2003 @08:57AM (#7043294) Homepage Journal
      I see where you are coming from. The problem is, Windows also means WORK. And MONEY. and LOST PROFIT. and having a freaking stone tied around your neck. Actually, more like having a TICKING TIMEBOMB around your neck and you have no idea what the timer is set for. So from an employees standpoint, sure. Windows problems employ a hell of a lot of us. It's the companys that are getting royally screwed. And the ticking timebomb for us is when they suddenly wake up and realize that. At that point knowing another platform is going to come in mighty handy.
      • The software is bad enough; but the patch process is ridiculous.

        If you could patch non-kernel portions of the OS without rebooting, it would be a lot easier on the average Windows admin who has to argue for downtime with the internal customers.

        And while you're at it, let's not install every application in the OS every time.

      • I've about reached this point with the Swen worm [slashdot.org]. Since this past Saturday, about 80% of my email--home and office--is either the fake MS support announcement or message errors that tell me that my address was faked in trying to send Swen (got to be faked--I only run KMail on Linux). As my home email is dial-up (the pains of rural life) this is a real burden. Honest to God, are people really THAT STUPID? Until Microsloth can get it act together, we need to start blocking IE, Outlook, and Windows in gene
    • security professionals would still exist to protect users from their own stupidity.
    • by grub ( 11606 ) <slashdot@grub.net> on Wednesday September 24, 2003 @08:58AM (#7043303) Homepage Journal

      What you mean is "Windows Means Job Security".

      Think of it from the other side of the fence; if you weren't running Windows on every desktop you wouldn't need your 2+/week meetings to discuss the latest viruses and trojans.

      Of course that would mean your IT budgets would be cut and people laid off as your group became more productive with less.

      We can't have that now, can we?
    • > and then do a system-wide deployment of the fix to some 2000+ clients. I like to think
      > that as long as Microsoft keeps making, er, crappy software, and as long as we still
      > have crackers writing virii and trojans, I don't have to worry about losing my job.

      Shouldn't that be: "As long as windows keeps providing us with fixes to the exploits, I'll be ok. And as long as we can sweep the other problems under the rug, I don't have to worry about losing my job"
    • by Futurepower(R) ( 558542 ) on Wednesday September 24, 2003 @09:03AM (#7043358) Homepage

      From the parent comment: "... Microsoft keeps making, er, crappy software ..."

      I just want to say that I appreciate the tactfulness, sensitivity, restraint, and diplomacy of that remark.
    • by Morosoph ( 693565 ) on Wednesday September 24, 2003 @09:03AM (#7043365) Homepage Journal
      Time again to post an article on The Broken Windows [progress.org] fallacy.
      • by Morosoph ( 693565 )
        This [econlib.org] link is better.
      • Concur with link essay.
        In two words, the argument is "resource leveling".
        Specifically, business is a pile of cash, and these viruses spread the money around in the form of security jobs.
        Unfortunately, you've flattened you pile of cash, and productive things you could have done simply go wanting.
        Widening the scale, M$ itself is a right colossal pile of cash, and the rest of the world is tired of heaping money thereon.
        How many more episodes of "Virus of the Week" does Redmond think it can stand?
    • by Afty0r ( 263037 )
      I've realized one thing: Windows means jobs in the IT security sector.

      This is analogous to saying that poor house building regulations and standards means more jobs for builders, plasterers, repairmen, plumbers etc.

      It does mean more jobs, however more jobs != a good thing - you're using the wrong metrics.
    • So you're saying it makes wasteful jobs while the people performing these jobs could be doing something more productive?
    • With 3 OpenSSH patches + sendmail in that last week I'm sure UNIX peeps have been busy. Of course updates seems fewer than windows but it still keeps us all in work

      Rus
    • Murder means work too. Are you willing to die a few years early so detectives, attorneys, and judges can have jobs?

      I would really much rather design and build secure network systems than apply bandages to existing hopeless systems. If a system is available that resists viruses (like BSD or Linux), that might be a good place to start...

      Oh, wait, I do have that job! And I bet I am having more fun than you. One thing is certain, my employer is not flushing as much money down the toilet as yours.

      One day my j
  • Why why why? (Score:2, Insightful)

    by grub ( 11606 )

    Why is such an important system run on Windows? This isn't an "MS sux0r5, install Linux" rant, they should use the proper systems for the job. If that tool is some open source stuff or closed source then so be it but you can't tell me that this database can only be run on Windows.

    Of course "When your only tool is a hammer, every problem starts to look like a nail." ..
  • by MagerValp ( 246718 ) on Wednesday September 24, 2003 @08:53AM (#7043238) Homepage
    So now even terrorists using a fake name won't be able to get into the US!
    • by Dr Caleb ( 121505 ) on Wednesday September 24, 2003 @09:41AM (#7043772) Homepage Journal
      Only 78,000 suspected Terrorists?

      I thought the U.S.A. P.A.T.R.I.O.T act made everyone in the US a suspected terrorist. That should read "300,000,000+ suspected terrorists".

      Did you read that article [politechbot.com] on politechbot.com that they wouldn't let some guy wearing a little button that read "Suspected terrorist" fly on an airplane?

      • "Did you read that article on politechbot.com that they wouldn't let some guy wearing a little button that read "Suspected terrorist" fly on an airplane?"

        Some guy being John Gilmore:

        http://freetotravel.org/terrorist.html [freetotravel.org]

        You're right: there are 300 million suspected terrorists. But their names don't need to be stored - they took a hint from verisign, and just used a wildcard.

        Select * from americans where police_badge = NULL;
  • Priceless! (Score:4, Funny)

    by ncmusic ( 31531 ) on Wednesday September 24, 2003 @08:54AM (#7043243)
    Seems like there's a Mastercard joke in here somewhere.
  • by KFK - Wildcat ( 512842 ) on Wednesday September 24, 2003 @08:54AM (#7043252)
    And here I was thinking about all the new "Already approved VISA platinum card!" in my inbox...
  • I almost thought there was no online shopping at work for me today!
  • by Raindeer ( 104129 ) on Wednesday September 24, 2003 @08:54AM (#7043256) Homepage Journal
    Dang, just imagine how many people that is. Have they actually researched all those people? I am just baffled by the sheer number and really wonder how they came up with that list.

  • by jdreed1024 ( 443938 ) on Wednesday September 24, 2003 @08:59AM (#7043322)
    According to a CNN article [cnn.com], the State Department shut down the network to prevent the spread of the virus. It was down from noon until 9PM on Tuesday. Shutting down a network on purpose is different from having it "fail" due to a virus.
    • by phillymjs ( 234426 ) <slashdot.stango@org> on Wednesday September 24, 2003 @09:09AM (#7043427) Homepage Journal
      Shutting down a network on purpose is different from having it "fail" due to a virus.

      Not by much, since both have the effect of putting a stake through the heart of user productivity for however long it takes to exorcise the virus from all the systems.

      ~Philly
      • Not by much, since both have the effect of putting a stake through the heart of user productivity for however long it takes to exorcise the virus from all the systems.

        Uh..... If the network is shut down to prevent infection, then you have fewer PCs on which to do a full re-format and re-install of the OS. Even with a drive image, this takes a long time. This means more work for the IT folks. So even if you left the network up to let the visa-processing folks do their work, you'd be making more work fo

    • The analogy here is a military escort with orders to prevent somebody from falling into enemy hands having to shoot the person they were supposed to be protecting to foil a kidnapping. Yeah, the protected person didn't fall into enemy hands, but it isn't exactly successful protection and it's just as bad as if the enemy did the shooting...
  • by Anonymous Coward on Wednesday September 24, 2003 @09:01AM (#7043342)
    Some day soon there will be a class action lawsuit against M$ regarless of their 'Hold Harmless Agreement' in the EULA.

    And BTW, firwall WON'T in and of themselves stop this kind of attack. Sure firewalls are your first line of defense, but all it takes is someone that has a notebook that is infected from home, a business trip or somewhere ELSE to bring it as a 'trusted' device on your clean network and BOINK, you are infected internally.
    • You don't put users and the servers inside the same firewall... do you?
    • by phillymjs ( 234426 ) <slashdot.stango@org> on Wednesday September 24, 2003 @09:25AM (#7043605) Homepage Journal
      Some day soon there will be a class action lawsuit against M$ regarless of their 'Hold Harmless Agreement' in the EULA.

      Actually, Business Week had an article [businessweek.com] about that a couple days ago, which I submitted last night (it was rejected). The author closed with (paraphrasing) "Maybe it's time some big customers refused to buy software without some sort of guarantee."

      These last few worms and e-mail viruses seem to have become the collective last straw. The unwashed masses are finally beginning to grouse about buggy software-- the tide is slowly beginning to turn against onerous "no liability" EULAs coupled to expensive software that is critical to business.

      A few years ago, Microsoft was very quick to whine that any delay in the release of Windows 98 forced on them by the government would hurt the U.S. economy and/or bring about the end of the world as we know it. Well, what about all these businesses who have to eat the costs of cleanup and lost productivity every time there's another Windows worm? Nooooo, that doesn't hurt the economy at all, does it?

      ~Philly
  • Firewalls?? (Score:3, Interesting)

    by Kushy ( 225928 ) <kush AT marakush DOT com> on Wednesday September 24, 2003 @09:01AM (#7043345) Homepage
    What is a gov agency doing having open ports on their firewalls anyway?

    Honestly issuing visa's is just way to importiant to trust to a closed OS with known security flaws, with at least one major one a month.

    MS is so entrenched in the gov now that its kind of scary, that one day a order might come down to homeland security that some town is nothing but terrioriests and should be arrested, then taken to cuba. Meanwhile some hacker in the assend of the planet wiring a virus to gain entry to the gov systems is laughing his ass of at Ma and Pa being taken to a Marine base in another country.

    • Re:Firewalls?? (Score:3, Insightful)

      by cehbab ( 708550 )
      It was cheaper to do without ? We all know how the budgets of gov departments are continually being slashed :)
    • Re:Firewalls?? (Score:2, Interesting)

      by stratjakt ( 596332 )
      You're a dope.

      CLASS isn't an access database running on a windows server. It's running on big iron, probably Oracle, or perhaps not even a RDBMS at all, but a custom data store solution.

      Anyhow, the virus didnt take the system down. They took the system down to inspect the network.

      If one box on the network got r00t3d, then a r337 h4x0r could use it to query the system.

      This is just a bit of better-safe-than-sorry administration. It really has nothing to do with Windows, except a line about a completely
    • Since it was Welchia, my guess is that they *DID* have firewalls, and that the infection came in through a non-standard method.

      In so called mission-critical networks, you dont always push windows updates to all the systems: sometimes you just can't trust the patch. In these cases many network admins will toss up a strong firewall to protect the internal machines.

      But what happens when someone brings in their home laptop with a virus on it? Well... you bypass the firewall and expose the internal, unpatched
  • Windows (Score:3, Funny)

    by cybercuzco ( 100904 ) on Wednesday September 24, 2003 @09:04AM (#7043376) Homepage Journal
    Because remember, if you use Windows, the terrorists have already won. (its a feature, not a bug)
  • ... yesterday's cliche joke, today's sad reality.

    Why not have a PSA for this spammed out to the nation for a couple months?

    Though I suppose it could be disqualified as the advertised danger apparently actually exists.
  • The worm targets the DCOM RPC vulnerability [microsoft.com] and the WebDav vulnerability [microsoft.com] found [microsoft.com] in some of Microsoft Corp's products [microsoft.com]. It is expected to impact Microsoft Corp's [microsoft.com] IIS server [microsoft.com], Windows 2000 [microsoft.com], Windows NT [microsoft.com], and Windows XP [microsoft.com].
  • How on earth does the government come up with a list of _78,000_ suspected terrorists? This is the type of indiscriminant prejudice that a seige mentality creates. This is a list of everyone who ever talked to anyone who ever talked to someone who might be a terrorist. In many ways these people's rights are now forfeit.

    If the US government actually cared about human lives, it would be spending this type of attention on automobile safety (50k dead a year in US) or malaria (>1 million dead a year world
    • by suso ( 153703 ) on Wednesday September 24, 2003 @09:14AM (#7043487) Journal
      How? They just do a grep for names without vowels.
    • Paragraph 1: Answer is yes. Its people who talked to whoever. That's cool with me.

      Paragraph 2: Car Safety. Answer is people keep getting bigger and bigger vehicles. Plus that number is mostly people who shouldn't have been in the gene pool anyway. Malaria. Don't live in a jungle. Cancer. Too bad we all get it. Stop smoking, stop fucking, stop eating bad foods. Easy.

    • is only 0.001 percent of the world population. If you consider that "suspected terrorist" includes groups besides al Qaeda, such as some of the separatist movements in various parts of the world, 78,000 is not very many people. To put it another way, there are 191 nations in the UN, so this gives 408 people per country on average. I could believe there are 408 people who could be "suspected terrorists" in the US without putting on my tinfoil hat -- just think of groups like ELF, various right-wing militi
    • by ryanvm ( 247662 ) on Wednesday September 24, 2003 @09:40AM (#7043760)
      How on earth does the government come up with a list of _78,000_ suspected terrorists? This is the type of indiscriminant prejudice that a seige mentality creates.

      Ohp - now it's 78,001.
    • by ZoneGray ( 168419 ) on Wednesday September 24, 2003 @09:47AM (#7043847) Homepage
      >> Instead we spend more on a "war on terror" in a year than has been spent in the entire history of cancer research.

      Not even remotely true, unless you only count the money spent by the federal government. There are billions spent every day on cancer research by companies big and small, dwarfing what is spent chasing terrorists.

      It's like that year at the Oscars when all those wealthy actors stood up and complained that the US doesn't spend enough on the arts.

      Anyway, read the Preamble.... "in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity"

      No mention of curing cancer, or PBS documentaries, or midnight basketball, or time off from work to take your dog to the vet. Those things are all reasonable, but they're not the primary responsibility of government.

      Note, too, the difference in wording: "PROVIDE for the common defense, PROMOTE the general welfare."
  • microsoft (Score:2, Flamebait)

    by dcordeiro ( 703625 )
    Not trying to bash Microsoft but....

    I assumed that ppl who run critical services were not from that class of "Internet guys who just want to check their email and browse the web, and don't even know what a patch is".

    So, my question is: Why in hell does anybody uses a system that has a track record of so many bugs, virus, crashes, etc ?

    I see this more and more: A "breakthrough" is made by some stupid CEO in a companny and in a matter of weeks everything is run under windows. Why ? because it integrates be
    • Re:microsoft (Score:3, Informative)

      by stratjakt ( 596332 )
      They dont.

      Most government facilities I've been to use Windows on desktops, and big iron unix servers in the back rooms. Big mainframes that have been there since the early 80s.

      There's no way this system with close to 30 million names runs on SQL Server, MySQL, PostgreSQL or any other mid-classed database system.

      They shut off the network to make sure it was clean, because one infected terminal could potentially leak a whole lot of information to the wrong people.
    • So, my question is: Why in hell does anybody uses a system that has a track record of so many bugs, virus, crashes, etc ?

      well let's see, I assume you're referring to Linux? For bugs, OpenSSH has had what? 3 releases in a week to fix bugs? How bout that linux kernel that fscked your partitions on umounting, I'm sure the list goes on, but my point is, there ISN'T a system which doesn't have a track record of bugs.
  • by Anonymous Coward on Wednesday September 24, 2003 @09:12AM (#7043459)
    Evidently, the virus was patched/cleaned pretty quickly, and there was no real security risk, as in national security, because when the system is down, they simply do not issue visas. Most places they probably just told people to come back tomorrow.
    • That may be fine but in some parts of this planet, people must travel to another country to get their visa to the USA. My wife is an immigrant and had to do this. Come back tomorrow is easier said than done. She had to go to Poland and stay at a hotel. Stay another night at the hotel? What about her airline tickets to return home? There is a lot of expense if the attitude is simply "Come back tomorrow" and what if the problem still exists tomorrow?

      Doesn't the state department realize some people, oth
  • Trusted Computing (Score:2, Insightful)

    by webzombie ( 262030 )
    First high level government agencies and departments suffer "apparent" virus attacks while running MS Windows...

    Eventually MS will start pushing their Trusted Computing bullshit as the ultimate solution for blocking attacks on their own flawed products.

    Oh and it will keep those nasty terrorist guys out too! Did we (MS) mention terrorists. Oh we did ok...
  • by ubiquitin ( 28396 ) * on Wednesday September 24, 2003 @09:16AM (#7043499) Homepage Journal
    So who's responsible for IT security there? If they've outsourced IT security to Microsoft or Symantec, then it is well past time to fire them and put some linux or unix-based (low-cost high-availability) servers up. Ask any Linux sysadmin how they survived the last two months worth of email virus bombardments. Then ask a Microscrap Exchange administrator. Do some simple math on the time and therefore money involved with maintenance of these systems. Why is no-one outraged about the tax dollars being wasted on cleanup of Microsoft-platform based email viruses?
    • Now I'm a big Linux supporter and all... but you're way off base here comparing Exchange to a Linux MTA... they're very different beasts.

      Just to let you know, we use Exchange, and I think all we did about the virus e-mails was scratch our head and shrug. Never had a single e-mail borne infection...

      Though that didn't stop a certain unnamed director from making us send a memo out explaining why people were getting weird e-mails and why the return address was wrong etc...

      In THIS case, the article mentions W
  • by brain1 ( 699194 ) on Wednesday September 24, 2003 @09:18AM (#7043528)
    ...why governments like Germany, etc, etc, are switching to either Linux or Unix. Windows is just one big gaping security hole. Windows is insecure. It has evolved from a single-user simple desktop on top of DOS to what we have today without much thought to security except for an easily circumvented login.

    Unix (whatever your favorite flavor - Linux, Solaris, HPUX, even OSX etc, was designed from the ground up to work in a networked environment. That at least gives you a fighting chance of maintaining some level of security provided you or your MIS department set the system up right (like... dont use a default root password).

    If Microsoft wants to save their market share, they should start looking into a Unix-type OS. Either port BSD (they have anyway in their TCPIP stacks) or buy someone out (um, SCO maybe - or maybe I'm psychic?).

    Stop trying to push a derivitive of WinNT which came from MS OS/2 launched back in the late 80's.

    Sorry to rant on so much and restate the obvious, but geez. How many times before people wise up. Every time some script kiddie throws together some crap and unleashes it, corporations and governments get clobbered.

    Jail time for virus authors isnt going to solve the problem, it's time to attack it at the source: Windows.

  • I don't run Windows, but reading Symantec's description [symantec.com] of the Welchia virus sounds like it's at least trying to be helpful:
    • Attempts to download the DCOM RPC patch from Microsoft's Windows Update Web site, install it, and then reboot the computer.
    • Checks for active machines to infect by sending an ICMP echo request, or PING, which will result in increased ICMP traffic.
    • Attempts to remove W32.Blaster.Worm.

    I guess all that aggressive system patching is what brought down the visa system. At least no

  • monocultures suck (Score:3, Interesting)

    by evenprime ( 324363 ) on Wednesday September 24, 2003 @09:20AM (#7043547) Homepage Journal
    I know that a lot of /. readers are going to use this to say that they should have used linux. Some of the more security-astute will say that they should have used openbsd. The truth, however, is that picking operating system X or Y would not guarantee that something similar could not happen again. The way to avoid this in the future is to change the purchasing decision process for government contracts so they don't promote monocultures. In situations where you use a single type of platform, you are vulnerable to having a single type of bug shut down your enterprise. That's basically true of any OS.

    It would be a lot harder for stuff like this to happen if they would:
    • develop cross-platform applications
    • use a variety of platforms
    That doesn't replace having an adequate system in place for testing and installing the latest patches. It does, however, guarantee that slipping up and missing one patch won't stop you cold. It may slow your enterprise down, but stuff will still get done.
  • by Anonymous Coward
    What? They cracked the slashdot users file?
  • Before anyone mods me as a troll, let me say I prefer Linux to Windows these days. That being said, only one time in the article is Windows mentioned.

    It was unclear which computer virus might have affected the system. But a separate message sent to embassies and consular offices late Tuesday warned that the ``Welchia'' virus had been detected in one facility. Welchia is an aggressive infection unleashed last month that exploits a software flaw in recent versions of Microsoft Corp.'s Windows software.

    T
  • H1-B visas? If it does, then, well allright! Here's hoping it stays down a longggg time.
  • There's probably a joke here. Anyone know where?

  • Immediate term bashing aside

    The reason open source is supposed to be better is that when lots more people (like 15% market share worth) run linux, then there will be more resources being used to update and error check open source software - theoretically. Comparing Linux with a small market share to windows with a large market share in terms of bugs is not appropriate, and considering the paid resources available (but maybe not used?) to Microsoft, it is amazing that open source even compares.

    Not to k
  • Good grief. We need a 12 step program for sysadmins in critical locations to break their Windows addiction.
  • by FunWithHeadlines ( 644929 ) on Wednesday September 24, 2003 @09:48AM (#7043853) Homepage
    I'm getting sick of mainstream media equating Windows viruses with computer viruses. This was NOT a computer virus. Were any Linux machines at risk? No. Were any Macs at risk? No. How about mainframes? Nope. Those are all computers, and yet none of them were at risk from this virus. So it is inaccurate to call these things "computer" viruses.

    Call it what it is: A Microsoft Windows virus. Maybe if the media keeps pointing out what us /.ers already know, the general public will get it through their heads that their choice of OS makes a difference.

  • Why dont the govt just demand better software? They are such a huge player that there would be a new market created just to sell secure software.

    I dont buy this bullsh*t people keeps spreading that its impossible. It aint, just as you can build secure bridges and houses you can make software that is much more secure than todays crap.

    There hasnt been a strong enough market for secure software and its up to the consumers and govts to start demand better software.

    Even open source could use a kick in the but to get their act togheter.

    Compare vsftpd to some other random ftpd and youll get my drift. Security is about design and not about being bugfree.

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...