Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Virus Shuts Down Australian Ambulance Dispatch Service

timothy posted more than 3 years ago | from the severe-spankings-called-for-in-certain-basements dept.

Australia 222

angry tapir writes "Computers which co-ordinate ambulances in NSW, Australia, are back online in three of the state's regions after a major virus forced staff to shut them down for more than 24 hours. The virus crept into the Ambulance Service of NSW's dispatch system, prompting staff to co-ordinate paramedics by telephone and handwritten notes. The cause and source of the virus are not yet known."

Sorry! There are no comments related to the filter you selected.

I know what caused it (3, Insightful)

Anonymous Coward | more than 3 years ago | (#35195520)

"The cause and source of the virus are not yet known."

I'm gonna take a guess at the cause: somebody decided to use a Microsoft product to control a critical system on which people's lives depend.

If a bank used an armored car made of cardboard to transport money, would you blame the inevitable robbers, or the bank?

Re:I know what caused it (0, Funny)

Anonymous Coward | more than 3 years ago | (#35195550)

This is a frigging medical facility and they can't handle a virus?!

Uh, I would be worried about my safety going to a place like that.

I'll hazard a guess and say the dispatchers either spent a lot of time with each other or maybe they all attend similar events? It wouldn't even have to be air-born in that case. If they're all sharing a room or whatever for doing dispatching then it would make sense that they get sick together.

Re:I know what caused it (5, Insightful)

gandhi_2 (1108023) | more than 3 years ago | (#35195588)

I'm gonna take a guess at the cause:

letting mission-critical systems be used by employees to surf facebook and download cute fonts and wallpaper.

Re:I know what caused it (2, Interesting)

Zancarius (414244) | more than 3 years ago | (#35195756)

I'm gonna take a guess at the cause:

letting mission-critical systems be used by employees to surf facebook and download cute fonts and wallpaper.

Most likely: Yes.

A friend of mine works non-emergency dispatch--not quite the same thing as an emergency service, of course--and I get the impression that their network admin has a mild case of brain damage. Apparently they're prohibited from using non-MSIE browsers. Period. End of story. If it's not MSIE, it doesn't belong on the machine. I don't know if their internal network or the sites (externally) they have to access require ActiveX, but in either case, having ActiveX and/or requiring MSIE only and putting in place policies that prohibit the use of more easily secured browsers* is just asking for trouble. I'd guess most Windows-based organizations, either by creed or contract, have similar policies.

* Yes, I realize that Firefox is susceptible to drive-by-installs with Flash or whatever. I also realize that MSIE can be locked down fairly tightly (exploits notwithstanding) but it often isn't. Here's the catch: Locking down IE requires 1) access to the configuration which may be disabled by the network admin and 2) the majority of Windows network admins probably have zero (0) clue how to lock down the browser. Furthermore, since only recently have organizations begun shifting away from MSIE6 (!), I don't think it's possible to claim that the majority of Windows networks for small companies are sufficiently locked down.

Re:I know what caused it (3, Funny)

micheas (231635) | more than 3 years ago | (#35195858)

When I briefly used windows 2003 I was surprised at how easy it was to lock down IE.

I was further surprised by the number of things that did not work when IE was locked down and security exceptions had to be added. (Quickbooks being the one that I remember, because it took a fair amount of searching to find out what the exact rule that was needed in order for it to work, most people seemed to just unlock IE, if the forum posts I was reading are any indication.

There seems to be a common attitude about system administration that if you run everything as Administrator, chmod -R 777 ./, disable SELinux, unlock IE, or run all your server process as the same user (here's looking at you Zimbra) you have fixed the problem, instead of realizing that you have done the equivalent of jumping out the 20th floor window because the ink jet printer is on fire. You're safe for the moment, but the inevitable consequence of your action is going to suck a lot more.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196606)

Yup, I needed to be able to write to a new folder on our server. Our IT guy's solution was to just me admin rights on the server.

"Errr, are you sure that's how it's supposed to done?"

Re:I know what caused it (5, Interesting)

antifoidulus (807088) | more than 3 years ago | (#35195986)

Here's the thing about locking down Windows, it has the most pointlessly complex, convoluted security policies you could ever imagine. Something as simple as the firewall can be changed in 3 THREE different places on XP(no idea about future versions), and the way they interact and overrule each other is completely non-obvious. Now compare this with iptables, one text file, just one, and it's a text file. Boom, you have a functioning firewall and if someone needs a port opened/closed, it's just a vi command and /etc/init.d iptables reload away. I swear Microsoft makes their products pointlessly complex in order to maximize the number of people who take the MSCE test.

Re:I know what caused it (3, Interesting)

rtb61 (674572) | more than 3 years ago | (#35196200)

More importantly with Linux you can create far more secure appliances. Where unnecessary services are completely removed and only what is required to run the appliance based server and workstations is installed and available on the installation software.

The dispatch machines need only handle bookings, dispatch, arrival, return etc. (database) and then pass that data to accounting, nothing else. With Linux it is fairly easy for a skilled person to create a custom appliance distribution, all without infringing copyright.

That is the biggest problem with windows the impossibility of creating completely custom installs with everything you didn't need, not just maybe, most likely, disabled but actually completely absent, on the machine and on installation software, all because go to jail copyright infringement.

Re:I know what caused it (-1)

Anonymous Coward | more than 3 years ago | (#35196412)

Here's the thing about locking down Windows, it has the most pointlessly complex, convoluted security policies you could ever imagine. Something as simple as the firewall can be changed in 3 THREE different places on XP(no idea about future versions), and the way they interact and overrule each other is completely non-obvious.

Yes, I remember 2001. Or are you talking about SP2 in 2004? Either way pops, nobody will argue that security wasn't a primary concern in early Windows versions or that their GUI implementation was great but come on... On a tech site I want to hear about apples to apples. not an ancient history lesson.

Re:I know what caused it (1)

mug funky (910186) | more than 3 years ago | (#35196110)

it's probably worse - considering this place would be running 24/7, one could easily believe that the computers were seldom rebooted, and patch tuesdays would sit in the queue for weeks until the machine finally crashed and had to be rebootled.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196336)

Dunno about that! For a period that was 'more than 24 hours' the machines would most probably have been rebooted on nearly a minute by minute basis! ;)

Re:I know what caused it (1)

WrongSizeGlass (838941) | more than 3 years ago | (#35195772)

I'm gonna take a guess at the cause:

letting mission-critical systems be used by employees to surf facebook and download cute fonts and wallpaper.

Oh, I'm sorry, but that was a good guess. We were looking for Stuxnet - it not only affects centrifuges but other spinning devices such as sirens and wheels on emergency vehicles. ;-)

Re:I know what caused it (2)

Tapewolf (1639955) | more than 3 years ago | (#35195664)

I'm gonna take a guess at the cause: somebody decided to use a Microsoft product to control a critical system on which people's lives depend.

Is that even allowed under the license agreement? I do remember Java always said it couldn't be used for ATC and nuclear power systems... doesn't Windows say something like that too?

Re:I know what caused it (0, Insightful)

Anonymous Coward | more than 3 years ago | (#35195702)

That just means they are not liable. You can still use Windows for it and it will work quite well, provided you don't do stupid things. Loading a virus on there is a stupid thing to do.

Windows is not the greatest problem to system security. Users are.

Re:I know what caused it (4, Insightful)

Bobakitoo (1814374) | more than 3 years ago | (#35195896)

Unfortunately we cannot get rid of the users. Using better softwares is the next best option.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195758)

Yes. Yes it does. Do you think ANYBODY reads that though or complies? Nope. And Microsoft doesn't care. It is simply a liability issue for why that clause is even in the EULA.

Re:I know what caused it (2)

confused one (671304) | more than 3 years ago | (#35195786)

There are U.S. Navy vessels that have Windows computers in their control systems. There are power plants with Windows computer in control systems. There are... I think you get the point.

Re:I know what caused it (3, Informative)

headhot (137860) | more than 3 years ago | (#35195914)

Yea, and at-least 2 of them were shutdown by windows crashes and were dead in the water, need a tow all the way back to port. The smart ship program started with an unix bases system until MS hired a retired admiral to loby for it.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196030)

Yeah, Microsoft is has it's dirty paws all over DoD systems and security suffers for it. They are very good at lobbying to get their garbage into otherwise top of the line stuff, and even more ironically the security policies are written such that they almost require stuff that adds no security but that no other OS does out of the box, such as a banner before you log in. They do this by hiring lobbyists and even worse promising jobs to high ranking officials after they retire. "You buy windows for the army and we will make sure you have a fancy job with a nice salary and 0 responsibility after you retire." Pathetic.

Windows did not stop Navy ships (2)

perpenso (1613749) | more than 3 years ago | (#35196626)

Yea, and at-least 2 of them were shutdown by windows crashes and were dead in the water, need a tow all the way back to port.

Thats urban myth. IIRC the original article that claimed that Windows was to blame was debunked. The original article was based primarily on speculation from a unix oriented developer who had not worked on the project and who was not on the ship. The publisher of the article backed away from it. The Navy officers who were on board at the time said it was the application software that controlled the propulsion system. The developers of this application software said it was their fault, although the software was a development version that did not contain the safeguards the production software would contain. Basically bad data was entered into a database, this was fed to the application that controlled propulsion, and this application failed. The operating system was not involved, it would have happened under unix too.

and a windows crash left a ship dead in the water (1)

Joe The Dragon (967727) | more than 3 years ago | (#35196150)

and a windows crash left a ship dead in the water.

windows for warships.

No, an *app* crash left a ship dead in the water (1)

perpenso (1613749) | more than 3 years ago | (#35196648)

and a windows crash left a ship dead in the water.

Actually the navy officers on board the ship at the time of the incident said it was not windows, rather it was an application that controlled propulsion. The developer of this software also admitted it was their software, although it was a development version not the production version that would have handled the fault more robustly. IIRC a speculative article by a unix advocate who was not involved in the project and who was not on the ship made the original claims against windows. Linux advocates ran with this early speculation and it has become urban legend.

Re:I know what caused it (2)

randallman (605329) | more than 3 years ago | (#35196396)

If for no other reason, it's a bad idea to use Windows (or any proprietary OS) because the functionality should be 100% reviewable. Black boxes are a really, really bad idea in critical systems.

Re:I know what caused it (0)

mr100percent (57156) | more than 3 years ago | (#35195696)

But Microsoft themselves said they have the most secure OS in history! And less bugs and security holes than Linux!

Re:I know what caused it (2)

flanktwo (1041494) | more than 3 years ago | (#35195934)

But Microsoft themselves said they have the most secure OS in history! And less bugs and security holes than Linux!

Yes! In fact, thanks to integer overflow they have a negative number of bugs and security holes!

Re:I know what caused it (1)

toxickitty (1758282) | more than 3 years ago | (#35196128)

Yes they do, unfortunately they also have 99% of the malware writers targeting them and 99% of their users clicking any shiny thing that pops up in their face.

Re:I know what caused it (1)

mr100percent (57156) | more than 3 years ago | (#35196676)

I wish I had added a /Sarcasm> tag

Re:I know what caused it (1)

mm_202 (1569029) | more than 3 years ago | (#35195746)

Couldn't agree more. How many must die before they learn!??

Nice analogy, btw.

Re:I know what caused it (1)

countertrolling (1585477) | more than 3 years ago | (#35196322)

All of them...

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195768)

> If a bank used an armored car made of cardboard to transport money

Using Microsoft-logic, the public would blame the armored car driver for getting shot rather than the real problem.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196554)

Well to be fair, he was driving in the worst part of town asking random people for directions.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195778)

What kinda hacker asshole goes after the ambulance dispatch. Police hq or crime and misconduct commission i can understand, traffic light control computers could be amusing, deleting the courts or a credit card company's data, hell yeah. But why emergency medical help?

Re:I know what caused it (3, Interesting)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35195840)

Odds are nobody "went after" them in any direct way. The viruses and worms you are most likely to run into in the wild are the ones that propagate either automatically, or through undiscriminating means like bugged ads injected into unscrupulous or incompetent 3rd-party ad networks.

It is certainly conceivable that somebody mounted a direct attack, the opportunity to cause some deaths with limited chance of repercussions is probably attractive to a few people; but the odds are much greater that some automated attack mechanism hit them without knowing anything more than that the OS and services running on those hosts were vulnerable...

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195892)

good point

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195788)

Don't get your hopes too high; from someone who's worked in the industry, nearly all dispatch centres are using Windows. Most of the CAD (CA Dispatch, not Design) systems running on it aren't wonderful and would be virus prone too, but fortunately it's such specialised software that nobody bothers.

Re:I know what caused it (1)

porl (932021) | more than 3 years ago | (#35196068)

Would it be a complex system to write though? I mean, beyond the 'all software is complex' type response, is it a complex system or just not an 'interesting' one?

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195866)

"The cause and source of the virus are not yet known."

I'm gonna take a guess at the cause: somebody decided to use a Microsoft product to control a critical system on which people's lives depend.

If a bank used an armored car made of cardboard to transport money, would you blame the inevitable robbers, or the bank?

Yeaaaa windows bashing! Ignorant faggot.

Re:I know what caused it (0)

XPeter (1429763) | more than 3 years ago | (#35195880)

You fuckers need to stop with the horrible MS virus jokes, it's old and untrue.

If Linux or OSX had 90% of the market, they'd be much worse off than Windows

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195988)

Especially osx cause the hackers could work out your exact hardware aswell.

Re:I know what caused it (1)

zippthorne (748122) | more than 3 years ago | (#35196118)

According to wikipedia, Linux has >60% of the server market. Is that parity enough for you to make comparisons with?

Re:I know what caused it (1)

0123456 (636235) | more than 3 years ago | (#35196134)

If Linux or OSX had 90% of the market, they'd be much worse off than Windows

[Citation Required]

Re:I know what caused it (1)

XPeter (1429763) | more than 3 years ago | (#35196296)

Re:I know what caused it (1)

GoochOwnsYou (1343661) | more than 3 years ago | (#35196546)

'Citation needed' was in reference to Linux would be much more virus prone than Windows. You may think that result by assuming popularity and not bad coding is responsible for Windows being as bad as it is, or assuming Linux coding is just as bad.

And those numbers for market share you got was OS and Web browser request to their site, Linux primarly runs on servers (and now mobile phones due to Android), very few people (and nobody should) have web browsers on a server (hey Microsoft, sorry I didn't see you there!).

Re:I know what caused it (1, Interesting)

geohump (782273) | more than 3 years ago | (#35196632)

On Monday February 14, @01:35AM. XPeter said:
> You fuckers need to stop with the horrible MS virus jokes, it's old and untrue.
> if Linux or OSX had 90% of the market, they'd be much worse off than Windows

XPeter
the idea that other operating systems are just as vulnerable as Windows, and would be as equally compromised if they were just "more popular" is incorrect. The problem comes down to an architectural design choice. Because Windows inherited its design from earlier versions of Windows, the ability for a subverted process to be used to gain an illegal privilege escalation is much easier on Windows than it is on many other operating systems, for example, Linux, UNIX, and BSD.

Here is an excellent article you can read about the differences :
http://linuxmafia.com/~rick/faq/index.php?page=virus [linuxmafia.com]

It was written by Rick Moen and does a good job of explaining all aspects of the issue, including what the status of "Linux virii** in the wild" are.
This article is fairly comprehensive and is pretty short considering how much ground gets covered. Unlike many Computer science texts, Its very readable and clear in straight forward English. Clear, concise and readable writing is just one of Rick's talents.

Rick has a collection of excellent articles on this and many other issues. Take a look and have yourself a good read.

**Note- Rick hates the word virii. Exactly why isn't quite clear. Part of the reason seems to be that although the word "virii" was clearly Latin and/or Greek inspired/influenced, it was never actually a Latin or a Greek word. And there seems to this notion floating around that unless a word was originally a word in Latin, that it can't become an English word. Thats completely untrue, of course. For example "google"*** was never a word in any language and is now a commonly used verb in English and other languages as well. Latin, being a dead language, cannot change, but English, can and does, and has new words added to it with great frequency. So I stick it in there once in a while just to gently needle him****. :-) [ My gosh, I hope he doesn't get infected with any virii, while I'm needling him. :-) ]

*** google, as a verb, nominated for word of the year in 2002, was also selected as the most useful verb of the year 2002. Sadly "google" wasn't added to large dictionaries (Oxford (OED), Merriam-Webster (MW) ) until 2006, years behind the actual date of usage adoption. Dictionaries are typically years or sometimes decades behind current usage. MW does note the first usage as a verb in 2001, five years before MW added it. Today linguists use Google's(TM) search engine, as well as others to determine when a word has come into usage.

**** All Linguistics texts, as well as many Linguistics books written about language formation and even those written specifically about English, agree that the only authoritative rule for whether something is a word or not, is usage. If multiple people use the same sound for the same meaning, then it is a word. Isn't that just bootyliscious?******

***** The motivation here is basic jealousy.... :-)

****** bootylicious: MW added in 2001/2, OED added in 2003

Re:I know what caused it (0)

drsmithy (35869) | more than 3 years ago | (#35196770)

Because Windows inherited its design from earlier versions of Windows, the ability for a subverted process to be used to gain an illegal privilege escalation is much easier on Windows than it is on many other operating systems, for example, Linux, UNIX, and BSD.

Windows "inherited its design" from VMS.

Here is an excellent article you can read about the differences :

I only had to read about a page down before finding something stupid:

"Here's the short version of the answer: No. If you simply never run untrusted executables while logged in as the root user (or equivalent), all the "virus checkers" in the world will be at best superfluous; at worst, downright harmful."

Rick has a collection of excellent articles on this and many other issues.

Rick apparently hasn't realised the world doesn't run on dumb terminals connected to centrally managed UNIX hosts any more.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35195886)

Almost certainly true. Despite having some notable names in F/OSS, Microsoft has managed to get itself deeply entrenched in Australian governement and business, and probably going backwards too. I work at a research institution, and properietary formats for official documents (and exchange for email) are becoming more widespread, despite the fact that the majority of researchers use linux systems for their work.

Re:I know what caused it (1)

Master Moose (1243274) | more than 3 years ago | (#35195958)

this is a bit off topic.

I am a government employee in New Zealand. (Health). I have worked for the country's largest bank and insurance companies.

When I got tot he hospital, I was astonished to find how lax computer security is. I can download and install software on any P.C I desire, and this is not just because I am an I.T staff member as anyone with network access has the same ability. (yes, I think I signed a piece of paper saying that I wouldn't)

In my time at the bank and insurance companies, things were locked down. Users had no access to their C drives. It has become a bit of a joke in the hospital how many viruses are actually floating around our systems.

With this and the Australian Ambulances, it goes to show you how much more money is valued than life in many places :)

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196276)

Anything else than Windows, and you drastically decreases your chances of infection. Easy. Strangely enough, I'm thinking Linux, FreeBSD, Unix, whatever.

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196334)

Car d'board.

=)

Re:I know what caused it (1)

cheekyjohnson (1873388) | more than 3 years ago | (#35196394)

If a bank used an armored car made of cardboard to transport money, would you blame the inevitable robbers, or the bank?

Both.

Re:I know what caused it (1)

noidentity (188756) | more than 3 years ago | (#35196460)

If a bank used an armored car made of cardboard to transport money, would you blame the inevitable robbers, or the bank?

I'd blame the robbers for stealing the money, and the bank for not securing it as I had hired them to do, since I know robbers exist and steal money. That said, it's not like banks are going around putting up money-dispensing kiosks that runs Windows [google.com] .

Re:I know what caused it (1)

CAIMLAS (41445) | more than 3 years ago | (#35196494)

Here's another, additive guess:

The hardware their mission-critical, lives-depend-on-seconds their 'server' ran on? It was probably something like a standalone server without redundant power supplies or disks. The system may have had redundant disks through software RAID. Odds are strong against the system having ECC RAM, or the hardware being on a maintenance plan. Odds are strong for the organization paying 5-10x as much for the 'certified' hardware than it cost the shitty vendor to build from their parts bin. In all likelihood, the system required a proprietary part or was designed in a fashion which would inhibit from working (at all) without a specific piece of hardware - which cost $10 at the time, but was only available from a single vendor, which has since gone out of business.

If I had a small sum of money for every variance of this I've seen, I'd be rich. It seems pretty much run of the mill in government and healthcare (ie anywhere that 'profit'/budget isn't a significant concern - "we'll just raise prices/taxes") for vendors to abuse some 'compliance' requirement, overlooking simple best practices for software and hardware. "We're SAS compliant! We're HIPAA compliant!" Yeah, well your product is still shit.

Re:I know what caused it (1)

RoFLKOPTr (1294290) | more than 3 years ago | (#35196518)

"The cause and source of the virus are not yet known."

I'm gonna take a guess at the cause: somebody decided to use a Microsoft product to control a critical system on which people's lives depend.

If a bank used an armored car made of cardboard to transport money, would you blame the inevitable robbers, or the bank?

It doesn't matter what OS you use. They're all susceptible to vulnerability when not properly managed by a competent administration staff.

If a bank used an armored car made of any material and failed to inspect it, maintain it, recognize its flaws, and reinforce it, would you blame the company that made the car, or the bank?

Re:I know what caused it (0)

Anonymous Coward | more than 3 years ago | (#35196722)

I'd agree with this 100%. Though there are more, they such probably still use IE6 and XP.

Fools. (1, Troll)

thatkid_2002 (1529917) | more than 3 years ago | (#35195576)

So my ambulance levy pays for my ambulance service to run on Windows? Effectively I have no ambulance service.

Re:Fools. (0)

Anonymous Coward | more than 3 years ago | (#35195650)

Well, this is NSW. With Keneally at the helm you know that you are going down one way or another.

Re:Fools. (3, Insightful)

c0lo (1497653) | more than 3 years ago | (#35195718)

Well, this is NSW. With Keneally at the helm you know that you are going down one way or another.

Funny thing, I'm not seeing the Liberal Party in NSW pushing the "Replace MS Windows with Linux" as a point on their electoral agenda. Can you please provide a link?

Re:Fools. (1, Flamebait)

mug funky (910186) | more than 3 years ago | (#35196158)

do. not. attempt. to. reason. with. a. Liberal. voter. ...or in fact anybody that votes just for the one party every election without bothering to find out who they're voting for.

it's not the fucking football. there's actually things at stake, but apathy has meant both sides get away with whatever they want and the result is the same each time.

the Greens would be just fine, but my dealings with them show a group of really nice people who would never expect to win and just want to do their part.

Re:Fools. (1)

c0lo (1497653) | more than 3 years ago | (#35196212)

the Greens would be just fine, but my dealings with them show a group of really nice people who would never expect to win and just want to do their part.

That's what I'd expect from every politician: stay true to their principles and do their job no matter if winning or not (guess it shows somehow my degree of idealism and naivety, but well, I'm not dead enough as yet).

Re:Fools. (2)

mug funky (910186) | more than 3 years ago | (#35196528)

that's my view too.

but do you expect idealism to ever win against greed and self-interest with a budget and a higher profile? and media outlets in their pocket?

i understand preferential voting and vote for change rather than mediocrity, but i know that at the end of the day i can only increase a percentage with the hope of influencing the guys that actually win.

and with the performance at the vic state election - Lib and ALP colluding to force the Greens out, i don't think even my meagre percentage game is going to have an effect.

i'll keep doing it anyway, but the only way to get power is to really WANT it. and those who really want power in most cases absolutely should not have it.

Re:Fools. (0, Troll)

Anonymous Coward | more than 3 years ago | (#35195760)

Nowhere is a Microsoft product mentioned (except here).

Yeah! (0)

Anonymous Coward | more than 3 years ago | (#35195610)

So I guess the dispatch service found that virus...
*Puts on sunglasses* ...is NSFW!

YEEEEEAAAAAAAHHHH!!!!!

Windows (3, Insightful)

sirsnork (530512) | more than 3 years ago | (#35195670)

I'll probably get modded to hell for this, but this isn't Microsoft's fault. Their IT staff is either incompetent, or their management is. Stopping Wdinwso from getting a virus isn't a diffucult proposition.

Install decent AV in it, keep the subscription up to date, done.

You can of course go much further and lock down the OS so it doesn't let removable devices connect etc, but unless this was more than a virus, simple AV would have solved it.

If only it was that easy.... (2, Insightful)

Anonymous Coward | more than 3 years ago | (#35195694)

....because it's not. Check an infected file on www.virustotal.com, and you'll see for yourself that at least a third won't detect the virus -- of course this always varies from virus to virus, rendering the 'one AV fits all' argument invalid... sadly.

Re:If only it was that easy.... (1)

0123456 (636235) | more than 3 years ago | (#35196130)

This is why I always install at least three different AV programs on any Windows PC.

Re:If only it was that easy.... (3, Insightful)

DeathElk (883654) | more than 3 years ago | (#35196284)

What a sad, sad situation.

Re:Windows (1, Insightful)

whoever57 (658626) | more than 3 years ago | (#35195742)

Install decent AV in it, keep the subscription up to date, done.

Hah, hah! While I won't argue with the proposition that it is possible to make Windows secure, the idea that installing AV is sufficient is laughable.

Show me the AV tool that catches 100% of viruses, including new viruses that have just been seen in the wild.

Re:Windows (1)

mug funky (910186) | more than 3 years ago | (#35196176)

norton catches a virus every time i boot up... it's a dll that makes my critical software run. i have to un-quarantine every single boot.

which makes me less likely to ever turn the machine off, which means security patches don't get installed, unless i get a crash or the power fails.

norton would store the exception, but it's GUI (sadly not the scanner itself) crashes in a runtime error on exiting and never bothers to save the exception.

i love norton. it's the best virus-simulator i've ever found.

Re:Windows (1)

pookemon (909195) | more than 3 years ago | (#35196214)

lol - install a decent AV and it'll catch and remove Norton every time...

Re:Windows (0)

Anonymous Coward | more than 3 years ago | (#35196488)

Is anything 100% guaranteed? Are you suggesting that because AV doesn't catch 100% of software, then it is a laughable idea to consider installing it?

Show me a backup system that protects 100% of data no matter what. There isn't one? Okay then I will not worry about backing up my data.

Show me a seat belt that saves lives 100% of the time. There isn't one? Okay then I will not wear a seat belt.

It is all about the numbers game - decreasing your chance to get burned - and if installing AV software lessens the chance, then why not install it?

Re:Windows (0)

Anonymous Coward | more than 3 years ago | (#35196646)

"Show me a seat belt that saves lives 100% of the time. There isn't one? Okay then I will not wear a seat belt."

Bad comparison. I don't know about your area, but here in Ohio, it's not as much a question about personal safety for not wearing a seat belt as it is preventing getting pulled over by the cops and getting a ticket...

That said, putting the belt on has been a habit since I started driving (and somewhat before), and it feels awkward to drive without it. I tend to move around much more side to side without it.

Re:Windows (1)

BenoitRen (998927) | more than 3 years ago | (#35195752)

Stopping Wdinwso from getting a virus isn't a diffucult proposition.

Install decent AV in it, keep the subscription up to date, done.

That doesn't stop Windows from getting a virus. It stops the virus from doing harm by detecting it before it can get to work. Once the virus is in, you've already lost

Re:Windows (1)

izomiac (815208) | more than 3 years ago | (#35196492)

Security is a process, not a product. There are no "decent" AV products, if by decent you mean will prevent a standard, internet-connected Windows computer from getting viruses/malware. Detection rates for zero-day attacks seems to be, at best, 62% [av-comparatives.org] . Installing an antivirus and thinking you're 100% protected against viruses is delusional.

Furthermore, these are ambulance dispatch computers. The operators are not your typical slashdotter that can spot potential malware and avoid installing it. They also, given the random nature of emergency medicine, have a lot of freetime in which they likely entertain themselves using these computers while waiting on someone to need an ambulance. I suppose one could have separate networks and computers for mission-critical applications, but is that really the best way to spend healthcare dollars?

Re:Windows (1)

CAIMLAS (41445) | more than 3 years ago | (#35196498)

By "decent AV" do you mean "AV which management will approve and is made by Symantec or McAfee" or "AV which doesn't fit the previous description"? Because the former may have even caused this, directly.

Re:Windows (0)

Anonymous Coward | more than 3 years ago | (#35196654)

Your joking about the AV software right? It's more likely the second thing you said, not properly locking down everything.
http://xkcd.com/463/

The cause and source of the virus are not yet know (0)

Anonymous Coward | more than 3 years ago | (#35195720)

Anyone stupid enough to use Microsoft crapware for mission-critical applications probably is also too stupid to figure out how it got infected.

Re:The cause and source of the virus are not yet k (2, Interesting)

Anonymous Coward | more than 3 years ago | (#35195932)

It's quite possible to set up an environment where Windows is safe for mission critical applications - but often users won't accept the limitations that have to be imposed. Things like no general web browsing at all (except to sites that host a business application), no removable media, no admin rights or ability to install software, email is filtered for viruses and limited to corporate emails and emails from business partners, no other email is delivered to agents.

I've worked in IT at a 100 seat call center with Windows machines, in 2 years, none of the agent computers have had virus problems (antivirus is installed, deep scans every week), but a handful of non-call center computers have had viral infections (because they don't have the same restrictions as the agent computers).

If.... (1)

joeytmann (664434) | more than 3 years ago | (#35195918)

Windows is such crapware, as so many of you think, why don't you guys all get together and write an emergency management system that runs on a Linux distro? Now I obviously don't know for sure, but it seems likely the reason they are using Windows is that their application is written that way. Take a way the need to use Windows before bitching and moaning about them using Windows.

Re:If.... (1)

Duradin (1261418) | more than 3 years ago | (#35195964)

I heard one's being worked on but they are trying to shave a few microseconds off the compile time for the built in .bf compiler and no one wants to make the UI.

Re:If.... (3, Informative)

Anonymous Coward | more than 3 years ago | (#35196140)

Windows is such crapware, as so many of you think, why don't you guys all get together and write an emergency management system that runs on a Linux distro? Now I obviously don't know for sure, but it seems likely the reason they are using Windows is that their application is written that way. Take a way the need to use Windows before bitching and moaning about them using Windows.

Presentation at this week's North Carolina GIS Conference

Open Source Computer-Aided-Dispatch – GIS at
Work in Emergency Response,” Arnie Shore,
Anne Arundel Co, MD

Looks like Arnie will be talking about this:

http://groups.google.com/group/alt.comp.opensource/browse_thread/thread/29ba12a929bd7bd3?pli=1

Re:If.... (1)

CAIMLAS (41445) | more than 3 years ago | (#35196512)

A big part of this is 'compliance testing'. It's hard (and expensive) to get a product approved for this-or-that "mission critical", regulated use.

Not only that, but you can guarantee the cogs of local government would make all-Linux (or whatever) locked-down workstations a no-go. Users would bitch, and that'd be the end of that: facebook would be available, "application" would be available, and so on - and it'd be all over. It doesn't matter which OS it's running on if there is no administration.

Re:If.... (0)

Anonymous Coward | more than 3 years ago | (#35196660)

Just because someone takes the time to write it, does not mean it will get used or the person deploying the system finds it. To be honest there is a lot of marketing money spent making sure that Microsoft, Apple (or fill in the blank here) are household names. Bill and and Ted's excellent management system may be technical superior, but then what? Who do they call for support?

           

Windows could have been used safely (1)

decora (1710862) | more than 3 years ago | (#35195930)

when i was an IT i had a system down where i had a 'restore partition' on every computer. i could reinstall 40 machines, with our special software already installed, in about 20 minutes, it would have scaled pretty damn well too because it used UDPCAST and a 'no centralization' network model, and yes it was heterogeneous hardware, using whatever that MS product is that can help you make disk images.

i believe that if you have your windows machines set up, with all your shitty proprietary software set up, and imaged, then it is possible to do windows pretty safely, so that even if a virus takes it out, you can be up and running in a very short while.

of course, everything depends on the shitty proprietary software sitting on top of windows. if it talks to a central database and leaves things screwed up if there is a client crash, then .. youre still hosed.

and... if the site has no IT person, instead just relying on various low bid contractors to come in at random and do stuff... i guess.. youre f@#$@#$ed in that case.

Even if you have Linux, and you had some proprietary piece of crap on top of it, that talked to 'the cloud', and somehow corrupted the cloud, youd have the same problem.

No silver bullets.

Re:Windows could have been used safely (1)

Anonymous Coward | more than 3 years ago | (#35195998)

Being able to re-image 40 PCs in 20 minutes is a good disaster recovery protection, but it's answering the wrong question.

Basically, it answers the question of "how can we get up & running again fastest if our systems get hosed?"

The *right* question is: "How can we prevent our systems from getting hosed in the first place?"

Now, I'll give you the fact that a power surge or some other disaster could hose *any* system, and, while the risk is very small, both MacOS and Linux have suffered from the occasional virus or other exploit. So you *need* the disaster recovery stuff in place.

But, seriously. Building mission-critical operations on top of an operating system known to be full of holes, with literally *millions* of viruses targeting it?

Probably not the best technology choice. Sad that the "best" technology is usually passed over in favour of "the one that the boss likes".

Re:Windows could have been used safely (1)

zippthorne (748122) | more than 3 years ago | (#35196152)

Close. But a better question would be, "How is this budget best allocated to minimize the chance of service discontinuities and mitigate the effects of any such downtime."

A simple system that you can re-start easily, and which fails in a way that doesn't corrupt the data may very well be superior solution to a complicated one which cuts the chance of downtime by 99%, but has major difficulties coming back online after an event. Your budget is always limited, and you want to make sure you optimize on the the thing you want, not just the thing you think you need to get the thing you want.

Political Beat Up (0)

Anonymous Coward | more than 3 years ago | (#35195950)

the only thing that "shut down the network" were the users being cautious because their "security software" detected "a threat" and well they are a critical service, and they did have a very well developed manual standby system which they are trained to use, and it's no biggie really, in fact they go to manual several times a year as it is just for maintenance and training purposes.

The virus wasn't necessarily even going to cause a problem with the system, perhaps it was just someone misunderstanding what a tracking cookie is.

The only flow on effect of this is that management have some extra expense on their hands to capture the weekend's manual records in their systems they use to decide how many people to fire or hire next year. oh and about a zillion wasted hours while management talk to the media about how everything's alright really.

Oh, and did anyone mention that there's a state government election in about 5 weeks?

Re:Political Beat Up (1)

0123456 (636235) | more than 3 years ago | (#35196124)

If they're a critical service, why are they running Windows?

Wait... (1)

kitsunewarlock (971818) | more than 3 years ago | (#35196006)

Again I must ask: why was the emergency response system connected to the world wide web in the first place? Was the virus specifically designed/targeted to attack them? Or was it installed through a physical medium? Either way, it seems like having a back-up system, ready to be up in only a few hours with frequent tests, would be something the group should look into.

they need to talk to other systems (1)

Joe The Dragon (967727) | more than 3 years ago | (#35196180)

They are just Dispatch they need incoming data and data on where they are sending the ambulances to after picking people up.

Re:they need to talk to other systems (1)

BrianRoach (614397) | more than 3 years ago | (#35196238)

Which doesn't require access to the internet. We have this thing called a VPN that pretty much solves that problem.

Ignoring that, you can just only allow access to the remote systems that are required for that data.

I'm constantly amazed that anyone allows any critical systems access to the internet.

Re:they need to talk to other systems (1)

ff1324 (783953) | more than 3 years ago | (#35196432)

Almost every CAD system utilizes the Internet for connectivity to mobile clients, messaging, mapping, data transfer, and other interconnections. Not every connection can be placed in a VPN. It's not that someone has failed by connection a critical system to the intertubes, its their failure to secure the systems connected to the intertubes.

What are the doctors doing? (0)

Anonymous Coward | more than 3 years ago | (#35196078)

Get vaccinated!
I didn't RTFA.

Worst Reporting Ever - a "creepy" virus? (1)

OzTech (524154) | more than 3 years ago | (#35196258)

A rather interesting choice of words in TFA: "The virus crept into"
Eek ! In all my years, I've never known a virus to "creep" anywhere. Once in a computer they usually jump about and whack the system senseless in a few microseconds. This must be one of those new super-viri we've been hearing about because the mental giants responsible for this system still have no idea as to the cause or source, according to TFA. Glad to know that calls to the 000 emergency number weren't affected, although for the unknown virus to lung out and infect a totally physically isolated network (Telstra) would have been pretty impressive.

The most depressing part of the entire article is that it was supposedly written by someone at "TechWorld.com.au". How on earth do these idiots get jobs, let alone keep them? If this really is the state of our technical media and specialists, then the country really has gone to hell in a hand-basket.

The fact that the numb-sculls responsible for this system still have jobs and the gaul to report, "we know nothing", is simply scandalous and an outrage. Still, that's what you get when you farm essential services out to private enterprise and only pay 6 times what it should cost to run.

The whole thing is a disgrace.

Where does it say Windows? (3, Insightful)

Vorghagen (1154761) | more than 3 years ago | (#35196428)

Almost every comment posted so far is bashing Microsoft or Windows for being an insecure OS but I can't find any mention of either in the article. It doesn't give any information about what kind of system the Ambulance Service was running.

Kill switch (0)

Anonymous Coward | more than 3 years ago | (#35196440)

If only they had a "kill switch" they could have disabled their network before it was disabled by a virus.

*sigh* (1)

paintballer1087 (910920) | more than 3 years ago | (#35196580)

Sysadmins need to realize that just because they have users or probably managers complaining "OMG, I can't get on Facebook and check my Farmville!!!" the users do not need access to anything but what is critical for the applications and uses required to do their jobs. When you start opening these holes, what do you expect?

Not the end of the world (1)

slimjim8094 (941042) | more than 3 years ago | (#35196612)

As an EMT for the past 4 years, most places are coordinated by telephone, (standard) radio, and handwritten notes. Including my agency. It works just fine.

For large cities or areas, CAD (computer-aided dispatch, in this context) is a fantastic tool - but they functioned without it probably as recently as a few years ago. Some of the dispatchers still working there, I'm sure, started out without a fancy CAD and are perfectly happy to keep track of everybody's location using Post-Its, a map, a notepad, and perhaps a whiteboard. I can personally vouch that it works, even for large places and dozens of ambulances.

In any case, any place doing serious work (which, I'm sure, includes NSW) has procedures for how to deal with outages. Things like trunking radio systems will fall-back to normal operation, but computer-based communications and dispatch equipment will not prevent communication. It'll be inconvenient, sure, but it'll work.

Should this have happened? Absolutely not. Whoever let a virus in is too fantastically stupid to ever work in IT again, especially a system so important. But if any patients died, or were inconvenienced more than nominally, there were much bigger problems with this organization than a virus - such as outright reliance on computer systems, or not enough training without them.

whoa !! (1)

Anonymous Coward | more than 3 years ago | (#35196740)

I personally support core critical infrastructure for one of the state based EMT organisations in australia.
I got a big shock hearing about the ambulance outage on the news, as I was not the active out of hours oncall dude, I started checking emails and phone, nothing. Then found out the issue was with another organisation in another state. whew!!

I have read some of the posts and find that quite a few are waay off the mark. I guess I would have posted the same 12 years ago when I was in my "linux rules, everything else sux" phase. Having spent most of my time at various organisations performing sys adm work I find my current situation to be the most interesting. It's easy to bash and talk about one particular tech being better than another, but let me tell you this - a state wide EMT service covering all services is a non-trivial service, its not just a pc or a bunch of pc's. - first of all its a secure, fault tolerant network protected by several firewalls that are so tight even the network admin who I consider very tight does not even allow ICMP between local subnets. Then there is a radio network that talks to other sites and vehicles, etc... As is the case in most of the industry all o/s software / hardware is commodity software / hardware with the main operational software being customised written for each client.

After all this there are the special interest groups that have control over certain parts of the production chain that keep the while service up and running. So basically there are many people involved. For example if I cocked up there would be many sets of eyes on my azz and many phone calls would be made. Luckily for me my error rate is very low.

The downtime for this service is a couple of minutes a month at the most, after this someone starts shelling out a large amount of cash.

This should give some the young'ns some perspective about how these type of services actually get delivered.

With regards to linux vs windowz etc. I see an O/s as a tool and just choose most suitable tool for that particular job.
nowdays I run just virtualised os images on a dual ssd macbook pro, no issues.

Boredom... (3, Interesting)

sigipickl (595932) | more than 3 years ago | (#35196742)

Having worked for many health care facilities over the years, including those with EMT/Ambulance staff, I can tell you that ambulance drivers and dispatchers suffer from periods of insane boredom while waiting for the next call to come in. During this downtime, they monkey with the PCs, browse some of the most pointless/inappropriate websites, and try plugging anything with an ethernet jack in to your network. The latter includes personal laptops, wireless access points and satellite/cable boxes. Solutions to this include 802.1x/NAP and even just getting the crews a DSL/Cable internet connection for their personal use. Like many things in I.T. (and life in general), the more you restrict someone's access to something they want, the more they will work against your efforts to restrict them.

In this case, I'll put my money on an outside computer being plugged in to the network.

I've never had to deal with I.T. in a fire station, but I can guess it's every bit as bad, if not worse.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?