What is Digg?Sponsored by HTC
Who knows you better than your phone? view!
youtube.com - See you from the perspective of your phone.
133 Comments
- buddamus, on 10/05/2009, -4/+134Sudo power Australia
- blastcube, on 10/05/2009, -12/+85What the hell are we doing running our power systems on Windows!
Down with Microsoft for mission critical systems. The only thing Windows should be used for is gaming. - Ziriux, on 10/05/2009, -4/+74Yup, that's Linux, most people don't know but the OS can be build for about anything if you got the right tools and minds.
- boxxa, on 10/05/2009, -1/+65Who the hell connects their power grid monitoring computers to the internet....
Most companies that deal with critical systems have their own private network not connected to the internet just because of this reason. - kaashar, on 10/05/2009, -14/+75Wait a min here...
Network not segregated? Check.
Virus protection not updated since at least February? Check.
Internet access on machines with no need for it? Check.
Linux is the touted as the hero for sysadmin incompetence? Check.
If the same system had been hot swapped with a netbook running Win 7 it would have been a non-article.
The morale of the story? If you completely screw up designing and maintaining your network Linux is the answer for you! - nxusername, on 10/05/2009, -6/+57They should really isolate these critical systems. No internet = no viruses/hacking/etc.
- Montey, on 10/05/2009, -0/+31Part of the problem I have encountered as a consultant when securing utilities, such as power, water and gas providers, is that SCADA engineers earnestly believe that their systems are robust, can not be compromised and as such the SCADA engineers will actively stonewall any security program undertaken by the organisation.
I have been in numerous situations where I have attempted to make recommendations regarding the adequate segregation of control networks used by such utilities to their executives only to have them defer to the misinformed recommendations of their SCADA engineers who say everything is fine and their SCADA systems and associated networks can't be controlled or affected by external influences.
Well, I guess they were wrong huh. Unfortunately nothing is likely to change in the control systems area until some control networks administrators & managers start losing their jobs because of such infections. Somewhere there is likely at least one security consultant shaking his head at Integral and saying to himself, "Tsk! Tsk! Tsk! I told you this could happen!" - pwr4, on 10/05/2009, -6/+36There is NO REASON for Windows to be running any mission critical systems for anything to do with the electric grid. It is a consumer operating system.
- Montey, on 10/05/2009, -1/+28This is not correct. The Internet is not the sole source of viruses or even hacking.
I know of numerous infections, and even hacking penetrations, that have been achieved using a USB key as the intra-network transport system. Such control networks need to be more than isolated from low-security networks, they need to put in place rules that require that nothing enters the network & systems except by audited media (i.e. vendor provided application CDROMs from which a check-sum is provided by the vendor) or via the human hand.
Until such control networks are totally disconnected from all external, non-audited, transports of data they will present a risk to critical community infrastructure. - acknotSW, on 10/05/2009, -6/+33Down with any general purpose OS for mission critical applications.
- 47f0, on 10/05/2009, -1/+28Uhhm - gee, you mean Linux is a hobbyist system like the one that powers Google? Or maybe a hobbyist system that has NSA certification? Perhaps you meant a hobbyist system that powers the majority of the nation's supercomputers - used for things like nuclear simulations. Or no doubt you meant a hobbyist system that powers vastly more of the Internet than any MS platform.
That kind of hobbyist system? - Cerin, on 10/05/2009, -4/+31The general motto for most Linux apps is "if it's not secure out of the box, it's not secure". If Windows requires heavy third-party modifications in order to be secure and stable, then it's not secure or stable.
- darthweder, on 10/05/2009, -14/+40Sounds like it was less Windows fault and more the fault of the IT Admin for not updating windows and the virus software, as usual.
- darthweder, on 10/05/2009, -4/+30Well, you see, Windows and Linux are different operating systems. They are radically different and it is incredibly hard to program a virus that can infect more than one operating system. Although I have to say Linux is MUCH better at keeping out viruses without anti-virus software than Windows is.
- Cerin, on 10/05/2009, -0/+23"it's a hobbyist operating system"
I think NASA, Google, the U.S. military, and a host of other organizations that use Linux for mission critical systems would disagree with that statement. - 47f0, on 10/05/2009, -6/+28All the posts explaining how Windows is wonderful and these incompetent idiots just don't know how to mutter the proper incantations to keep a windows box on life support.
You can not make a Windows box as secure and stable as a Linux box - and this isn't cheerleading for Linux,or hating on Bill Gates, it's the fact that you have zero control over the contents of any proprietary OS. Windows always has, and always will, suffer from "kitchen sink" syndrome - which is actually, kind of great for a desktop machine. For a general purpose desktop machine, all the goodies should just "be there" and Windows does a great job of that.
But these weren't really desktop machines, were they? They were special-purpose machines, with limited functionality, and that's exactly when you should start thinking about an operating system that lets you pare it down to the bare requirements.
Is Windows code worse than Linux code? Well, who knows - you can't see Windows code - the window to the code is closed and shuttered.
But let's say Windows is just as competent as Linux - you still drag in a huge amount of code that is not only irrelevant to the mission, but is actually detrimental. More features inevitably equals more bugs, and more security problems.
Windows on the desktop? Cool. Windows for running your Tivo, or router? Not the best choice, and it wasn't the best choice in this case either. - HPMNick, on 10/05/2009, -3/+23I can't believe credit is being given to the support staff for switching to Linux. They should all be fired, but not because they used Linux..
As said in the article, the critical portion of their network was not segregated... they had inadequate security in place... and to top it all off, this infections spreads by writing to write enabled file shares. I don't even want to contemplate why such critical servers were downloading and running executables on write enabled network file shares. That is nuts!
Its also very strange that these machines were only using X-Windows, but from within Windows. It seems like the perfect environment to be using VMWare if you really need to use Windows for this sole purpose (this way a restore or rollback is easy).
These guys really have no business running a Microsoft based network... On the positive side, the diluted IT field leaves plenty of opportunities for us competent professionals.. - jsffive, on 10/05/2009, -4/+23Or... the moral of the story could be that, if you don't want to waste a lot of time, resources, and money chasing after the newest anti virus definitions, and continuously sweating virus infections, just to run a terminal, linux is the answer for you!
- richi, on 10/05/2009, -5/+24Wot! No AV? Nice going, Bruce.
- explodingzebras, on 10/05/2009, -0/+19i think Red Hat and Novell would disagree.
Win server 2008 is just a serverised desktop OS, it still has a desktop, that you can't remove. - miket, on 10/05/2009, -1/+17linux doesnt have the market share, huh? maybe not in the home user market, but most of us use linux indirectly without ever knowing! in fact, i would not doubt if all of us did in some way
- charlietuna, on 10/05/2009, -1/+17Actually the more widely used an OS is, the more likely bugs will be found. Your point is more applicable perhaps to the use of Real Time Operating systems for more deterministic system response.
http://en.wikipedia.org/wiki/Real-time_operating_s ... - miket, on 10/05/2009, -0/+16you're going to call someone retarded but use "r u" instead of are you? what?
- inactive, on 10/05/2009, -13/+28Someone should be fired for not using Linux in the first place.
- Spinzy, on 10/05/2009, -6/+20most people are idiots. : ].
- HPMNick, on 10/05/2009, -8/+20Windows can be very secure and stable, but a lot of changes need to be implemented. You can't leave a Windows machine in its standard out of the box configuration.
In this case, where individuals have very limited duties, a simple software restriction policy would probably have prevented this. You'd just have to deny all exectuables except those that you needed to perform your work duties.
Obviously, these jokers had no controls in place. Its one thing if your environment doesn't require super high security... then its not the end of the world if you are lax on security. In this case, every single possible measure should've been taken to secure these machines (to an anal-retentive extent).
This was IT incompetence at its best. - joe7845, on 10/05/2009, -2/+13"Windows can be very secure and stable,"
Exactly. Just don't connect it to the internet and don't install any software in it. - jsffive, on 10/05/2009, -1/+12I've been using linux for about five years now. I install an antivirus program on my computer once a year, scan the files, and then uninstall after it finds no viruses.
There's no way I would do that with a Windows system.
Linux is more secure. It's that simple. - archiesteel, on 10/05/2009, -0/+11"BS. Linux just doesn't have the market share to be a target yet."
No, but Linux/UNIX servers are more attractive targets for criminal hackers than Windows boxes. Financial servers, infrastructure...heck, just a little less than half of the world's web servers run on Linux!
Let's face it, malware *is* a big problem for Windows OSes. While malware could *theoretically* target Linux computers, in the actual world it almost never happens. Therefore, *right now*, malware is a Windows problem almost exclusively. - HPMNick, on 10/05/2009, -0/+10I don't know if you realize this, but Ubuntu requires to be patched pretty regularly too. This is not necessarily a bad thing. Security flaws are found for all OSes all the time.
If your Linux distro isn't prompting you for security updates on a semi-regular basis, then you are probably insecure. - chadsmith729, on 10/05/2009, -7/+17Great story! Why would the power grid be working solely on Windows? No redundancy even in-case things fail.
- MWeather, on 10/05/2009, -0/+10"It is notoriously harder to write viruses for Linux than for Windows."
That's probably why there's never been a Linux virus in the wild. But of course it's not Windows' fault it's so easy to write Windows viruses.
God forbid we blame security holes in the OS on the OS. - Redzin, on 10/05/2009, -1/+11Those who buried you are too optimistic...
- archiesteel, on 10/05/2009, -0/+10It is notoriously harder to write viruses for Linux than for Windows.
- fwertz, on 10/06/2009, -0/+10bash: Sudo: command not found
- bubbadigg, on 10/05/2009, -0/+9Moral of story.... several IT professionals looking for work in Australia ...
LOL - inactive, on 10/05/2009, -1/+10Linux is actually much easier to support on large desktop installs, and one of the main reasons is because they don't use it at home. They tend to not screw around as much.
Cisco, IBM, Sony all have large Linux based desktop installations because you can support thousands of machines with just 1 or 2 people, and they will be bored.
What actually ends up happening is that you have more hardware issues than software issues. Most if the time is spent getting broken PCs, replacing them with working ones, and fixing the old ones. (usually hard drive) When the user's data is on a network drive and they can't write to the local drive, they can also log into any machine at the company and see their desktop and data.
One way we solved the issue of people not being used to it:
1. A short training class.
2. A Wiki with step by step instructions on lots of stuff as well as movies. A lot of the power users actually wrote much of the wiki's on their own.
We switched to open office and use that everywhere internally, even the few windows/mac users. Email web based for the most part (google mail) and any r-tard can work that, and firefox for web browsing. All other apps are internal and written using Qt, which compiles on Linux, Mac, and Windows or run through a web interface. - RaulMuadDib, on 10/05/2009, -1/+9Linux is not an OS, linux is a kernel
@explodingzebrasexplodingzebras, you can install the core version without the desktop - 3242130193, on 10/05/2009, -1/+9darth: That's not a very good reason. If your general workforce isn't capable of using different environments, then they're not very good. I suppose our education system is to blame, and that's what you get for making introductory technology literacy courses be taught in Windows. But in any case, when choosing between security and user-friendliness... I think the latter's easier to deal with than the former, especially in critical situations like this. Regardless, if you absolutely have to use Windows, use a VM if possible - you can't trust Redmond to keep you safe.
On a side note, can't think of any reason why my above post is being buried unless you're an MS apologist/shill. - replaysMike, on 10/05/2009, -2/+10Thats what you get for downloading pr0n at work.
- eanbowman, on 10/05/2009, -0/+7It was running on Solaris servers apparently.
The problem here is all the terminals were unmaintained Windows boxes for some reason. All they needed to have was an X-Windows client but I guess they figured giving each user a fully functional Windows box with a Windows x-term client is what they needed.
It was probably a cost saving measure as I'm sure buying all Sun workstations scared some people from both a cost and learning-curve perspective. People are scared by anything not familiar on the screen.
They could easily have made them locked down Linux boxes to start with or they could have bought thin clients which have no opportunity at all for infection. - RaulMuadDib, on 10/05/2009, -0/+6My minds hurt
- 47f0, on 10/05/2009, -1/+6Well, Raul, technically, you're absolutely correct - Linux was the missing kernel piece of the GNU system, created separately by Mr. Torvalds.
I have a similar argument with friends who drag out their grills and call the results "barbecue". Barbecue, of course is low, slow indirect smoking.
And not all tissues are "Kleenex", nor are all copiers "Xeroxes"
Still, I suppose we must at times yield to common usage, and for the majority of people out there Linux is whatever was on the CD they downloaded, or got on the cover of a computing magazine.
But grilling is still not barbecue, dammit! - regeya, on 10/05/2009, -0/+5To be fair, if the other posters had bothered to RTFA, they'd have seen this:
'However insecurity consultants who have looked at the Integral Energy network said that there was often "ineffective segregation" or "more typically none at all" between the the company's general use IT network and its supposedly separate, secure network that monitors and controls the electrical power infrastructure.'
And yeah, Windows is partially insecure by design--as one of their managers once said, they could make a totally secure Windows, but nobody would buy it.
Back in my college days I worked at a retail store. We'll leave the name of the place anonymous, 'k? My last year there, they replaced their aging POS system. The old system was powered by two IBM PC XTs, and the registers connected to them for price lookup. The old machines were replaced by two IBM NetVistas running NT4. The newer system was nightmarishly slow. That was likely implementation, but how bad do you have to screw up a POS system to be outclassed by a couple of XTs? - MonkeyFarts, on 10/05/2009, -0/+5Australia, Austria. What's the difference, besides, oh, 8,000 miles?
- RaulMuadDib, on 10/05/2009, -2/+7In short, Windows sucks!
- AdmiralAcbar, on 10/05/2009, -2/+7Thanks Bruce. Hey, have you seen Bruce?
- HPMNick, on 10/05/2009, -0/+4Every day I'm amazed at how many people are in the IT field and have little or no knowledge of the equipment they are in control of. I don't necessarily blame them though... Corporations want to hire cheap labor, and they aren't willing to fork out real money for the people with enough experience.
I think the other half of the problem is that its too easy to "fake" your level of knowledge to non-computer types (i.e. management). Normal people have no way of knowing whether the supposed technical people are just blowing smoke up their ass or not.
The IT field is in a very sad state of affairs because of all of this... - archiesteel, on 10/05/2009, -0/+4Linux isn't marginalized. Half of the world's web servers run on Linux. Google's huge server farms are Linux-based.
Just because it doesn't have a 90% share of the desktop market (rather hovering between 2 and 4%) doesn't mean it's marginalized in the grand scheme of things... - bradleyland, on 10/05/2009, -1/+5Running Windows has nothing to do with redundancy.
-
Show 51 - 100 of 135 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is