If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   The stupid: it burns. US Economic Development Agency physically destroys all of its computers to get rid of virus   (arstechnica.com) divider line 76
    More: Asinine, Department of Commerce, aid agency, mail server, desktop computers, virus, mice, Department of Homeland Security  
•       •       •

4159 clicks; posted to Geek » on 09 Jul 2013 at 1:02 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



76 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | » | Last | Show all
 
ZAZ [TotalFark]
2013-07-09 10:35:47 AM  
Destroying mice is the appropriate response to some attacks. This isn't the 1980s when mice had at most a dumb little microcontroller. They are now computers, and granted more trust by the system than the USB stick you picked up in the parking lot.
 
2013-07-09 10:43:41 AM  
Well, that's one way to guarantee you'll get all new modern systems for your agency.
 
2013-07-09 10:50:05 AM  

TuteTibiImperes: Well, that's one way to guarantee you'll get all new modern systems for your agency.


They deserve to be given typewriters and a telegraph machine.
 
2013-07-09 11:20:01 AM  

naughtyrev: TuteTibiImperes: Well, that's one way to guarantee you'll get all new modern systems for your agency.

They deserve to be given typewriters and a telegraph machine.


Too advanced. Clay tablets would be a better choice.
 
2013-07-09 11:23:33 AM  

ZAZ: Destroying mice is the appropriate response to some attacks. This isn't the 1980s when mice had at most a dumb little microcontroller. They are now computers, and granted more trust by the system than the USB stick you picked up in the parking lot.


Case in point

That said, this was still a stupid overreaction by a group of morans
 
2013-07-09 11:58:30 AM  
media.tumblr.com
 
2013-07-09 12:44:32 PM  
Well, it worked. What's the problem?
 
2013-07-09 12:57:52 PM  
Somehow I see a group of workers who have requested new computers for the last 10 years, only to be told that there was no money for upgrades.
 
das
2013-07-09 01:04:48 PM  
Your tax dollars at work.
 
2013-07-09 01:07:58 PM  
ajthompson.com.au
Pictured: The EDA's IT Department
 
2013-07-09 01:08:27 PM  
And if you believe that I got a bridge in Brooklyn to sell you.
 
2013-07-09 01:09:56 PM  
Yeah, but how's the elevator going to work now?

/Hunch hunch
 
2013-07-09 01:09:58 PM  

FlashHarry: [media.tumblr.com image 500x281]


D'Oh - the gif didn't load in your comment until the page reloaded.
 
2013-07-09 01:12:45 PM  
The EDA, however, responded by cutting its systems off from the rest of the world-disabling its enterprise e-mail system and leaving its regional offices no way of accessing centrally-held databases.

This isn't a bad first step, TEMPORARILY... Get off of any network to keep it from spreading to a machine you just cleaned. Smashing your equipment, though? Idiotic.

DammitIForgotMyLogin: ZAZ: Destroying mice is the appropriate response to some attacks. This isn't the 1980s when mice had at most a dumb little microcontroller. They are now computers, and granted more trust by the system than the USB stick you picked up in the parking lot.

Case in point

That said, this was still a stupid overreaction by a group of morans


Sure, someone did it, but they had to reprogram the chip AND install a flash drive into the body of the mouse, then repackage it. I somehow don't see this as being a viable attack strategy...
 
2013-07-09 01:14:33 PM  
I once had a Mormon boss that threw his computer away because somebody emailed him a titty picture.  The computer was 'contaminated' according to him.  Overreaction by technophobes is always fun
 
2013-07-09 01:15:04 PM  
$823,000 went to the security contractor for its investigation and advice

I want the job where I get paid $823,000 for running SpyBot / Avast on a couple of machines.
 
2013-07-09 01:17:05 PM  

Smeggy Smurf: I once had a Mormon boss that threw his computer away because somebody emailed him a titty picture.  The computer was 'contaminated' according to him.  Overreaction by technophobes is always fun


Sounds like an easy way to get free hardware. Email him a dirty pic, collect the computer from the trash
 
2013-07-09 01:18:08 PM  

Xexre: $823,000 went to the security contractor for its investigation and advice

I want the job where I get paid $823,000 for running SpyBot / Avast on a couple of machines.


I somehow doubt that they even did that.
 
2013-07-09 01:18:42 PM  

the_sidewinder: Smeggy Smurf: I once had a Mormon boss that threw his computer away because somebody emailed him a titty picture.  The computer was 'contaminated' according to him.  Overreaction by technophobes is always fun

Sounds like an easy way to get free hardware. Email him a dirty pic, collect the computer from the trash


iat was a Mac.  It wasn't worth the effort
 
2013-07-09 01:21:22 PM  
hogarthphotography.com

Please, I did that first. And I used an elevator shaft.

/Duh!
//YOU'RE NOT MY SUPERVISOR!!!!
///Who is my Supervisor?
 
2013-07-09 01:23:04 PM  
Look at it this way, the EDA just created $170,000 worth of demand in the hardware industry to replace all the stuff they destroyed.  That's economic development, right?
 
2013-07-09 01:28:20 PM  
Mikey1969:
Sure, someone did it, but they had to reprogram the chip AND install a flash drive into the body of the mouse, then repackage it. I somehow don't see this as being a viable attack strategy...

Just manufacture in China. Easy.
 
2013-07-09 01:30:44 PM  

Mikey1969: Sure, someone did it, but they had to reprogram the chip AND install a flash drive into the body of the mouse, then repackage it. I somehow don't see this as being a viable attack strategy...


Maybe the USEDA can afford exposure to that vector, but I guaran-damn-tee you that more important agencies (like the DoD) have planned for that and have policies (both software and written) forbidding that.

// I know this to be true, actually - I'm not allowed to plug anything not-approved into my government laptop
 
2013-07-09 01:32:44 PM  

ZAZ: Destroying mice is the appropriate response to some attacks. This isn't the 1980s when mice had at most a dumb little microcontroller. They are now computers, and granted more trust by the system than the USB stick you picked up in the parking lot.


Whilst true to a degree and possible, looking at the article the picture is of an old NEC CRT display. I think we're talking about at best PS/2 mice and at worst the absolute bargin bin 2+wheel crap that comes with a cheap Dell system (USB it may be but it's still little more than a PS/2 with a USB converter on the PCB).

All things considered the malware probably originated from a USB key or someone opening a file they probably shouldn't that arrived from a website they probably shouldn't of been visiting during work.

Hell the article itself is light on to the flavour of malware (it might be off in one of the further linked articles but I've not read them) so considering the age of that monitor.... we might be talking about a Word 97 macro virus on the rampage and not anything all that sophisticated.... or all that dangerous.
 
2013-07-09 01:33:44 PM  
gigasquidsoftware.com
 
2013-07-09 01:35:00 PM  
But understand this the current head of the NSA thinks that the government should take over the security of private sector networks because only THEY understand how to do it.

On the bright side, every time someone at your company downloads malware.....NEW PCs all around!
 
2013-07-09 01:36:21 PM  

pastorkius: [ajthompson.com.au image 400x251]
Pictured: The EDA's IT Department


Big chief say smash.  IT people go "more than my jobsworth not to" and smash it.

I'm not defending them just pointing out that a lot of the dumb shiat IT departments often get up to is because someone with way more authority than them mandated they do that really dumb thing.
 
2013-07-09 01:39:56 PM  
Contractors often don't price their services in terms of how much effort it takes but usually revert to some percentage of the total amount of money involved. For example a home remodeling contractor installing something new into a kitchen often charges labor at %50 of the cost of the object.

In other words the more expensive a change the more the contractors make so they have a vested interest in driving up costs.

I wished they named the contractors - they seem to have made out like bandits:

The total cost to the taxpayer of this incident was $2.7 million: $823,000 went to the security contractor for its investigation and advice, $1,061,000 for the acquisition of temporary infrastructure (requisitioned from the Census Bureau), $4,300 to destroy $170,500 in IT equipment, and $688,000 paid to contractors to assist in development a long-term response. Full recovery took close to a year.
 
2013-07-09 01:41:28 PM  

Vaneshi: Whilst true to a degree and possible, looking at the article the picture is of an old NEC CRT display. I think we're talking about at best PS/2 mice and at worst the absolute bargin bin 2+wheel crap that comes with a cheap Dell system (USB it may be but it's still little more than a PS/2 with a USB converter on the PCB).


An acquaintance of mine is an IRS auditor. Until 2011, the government-issued computer he carried was old enough that it had a Windows 98 CoA on it. He got a "new" one in 2012 that had been manufactured in 2003.

For all anyone knows this could have been a bunch of GS-5s going "Office Space" on hardware that should've been retired at the end of the Bush administration.
 
2013-07-09 01:41:32 PM  
Is the IT guy at this agency named Zorg, by any chance?

http://www.youtube.com/watch?v=krcNIWPkNzA
 
2013-07-09 01:43:22 PM  

naughtyrev: TuteTibiImperes: Well, that's one way to guarantee you'll get all new modern systems for your agency.

They deserve to be given typewriters and a telegraph machine.


Actually, that would probably work:

i47.tinypic.com
 
2013-07-09 01:50:03 PM  

Dr Dreidel: Mikey1969: Sure, someone did it, but they had to reprogram the chip AND install a flash drive into the body of the mouse, then repackage it. I somehow don't see this as being a viable attack strategy...

Maybe the USEDA can afford exposure to that vector, but I guaran-damn-tee you that more important agencies (like the DoD) have planned for that and have policies (both software and written) forbidding that.

// I know this to be true, actually - I'm not allowed to plug anything not-approved into my government laptop


I could see DOD being a little paranoid... I can also see them having a safe and secure way to acquire keyboards and mice, so that they would be clean and uninfected. It would surprise me to hear of a "secure" shift at Logitech where mice and keyboards are made under watch, and by people who have been cleared by a background check...
 
2013-07-09 01:58:19 PM  

Mikey1969: I could see DOD being a little paranoid


Yer not kiddin'. Their disposal techniques - incinerating any HD that ever touched a DoD system literally to ash AFTER magnetically destroying the contents seems like overkill to me - read like Dexter's evidence-disposal rules.
 
2013-07-09 02:06:14 PM  

TuteTibiImperes: Well, that's one way to guarantee you'll get all new modern systems for your agency.


A defense contractor I know does something very similar: When a machine has a virus, they destroy the hard drive and put a new one in it's place. With EFI replacing BIOS, they're considering getting rid of the whole computer.
 
2013-07-09 02:14:56 PM  
This wasn't stupidity.

Someone had something to hide that was going to get exposed during what would have been the ordinary PC clean-up effort, etc. This way shiat stays hid.

Problem solved!
 
2013-07-09 02:16:24 PM  
thehacktory.org
 
2013-07-09 02:17:59 PM  

Vaneshi: Whilst true to a degree and possible, looking at the article the picture is of an old NEC CRT display. I think we're talking about at best PS/2 mice and at worst the absolute bargin bin 2+wheel crap that comes with a cheap Dell system (USB it may be but it's still little more than a PS/2 with a USB converter on the PCB).


While I agree with your conclusion that most government agencies use old hardware the way you got to it.....

That is a stock image, you know that right?
 
2013-07-09 02:20:04 PM  

Smeggy Smurf: I once had a Mormon boss that threw his computer away because somebody emailed him a titty picture.  The computer was 'contaminated' according to him.  Overreaction by technophobes is always fun


Huh.  He must have learned about computers from Kirk Cameron.  Addicted to internet pr0n?  SMASH THE MONITOR!

http://www.youtube.com/watch?v=t89Hsem2LkI
 
2013-07-09 02:29:05 PM  

Mikey1969: I could see DOD being a little paranoid... I can also see them having a safe and secure way to acquire keyboards and mice, so that they would be clean and uninfected


If a USB drive were built into a keyboard or mouse, it would show up as a USB drive.

Secured systems won't mount unknown USB drives.
 
2013-07-09 02:30:18 PM  

Vaneshi: ZAZ: Destroying mice is the appropriate response to some attacks. This isn't the 1980s when mice had at most a dumb little microcontroller. They are now computers, and granted more trust by the system than the USB stick you picked up in the parking lot.

Whilst true to a degree and possible, looking at the article the picture is of an old NEC CRT display. I think we're talking about at best PS/2 mice and at worst the absolute bargin bin 2+wheel crap that comes with a cheap Dell system (USB it may be but it's still little more than a PS/2 with a USB converter on the PCB).

All things considered the malware probably originated from a USB key or someone opening a file they probably shouldn't that arrived from a website they probably shouldn't of been visiting during work.

Hell the article itself is light on to the flavour of malware (it might be off in one of the further linked articles but I've not read them) so considering the age of that monitor.... we might be talking about a Word 97 macro virus on the rampage and not anything all that sophisticated.... or all that dangerous.


Once click. That's all it would've taken you to figure out the image was a stock photo taken in 2008. Do you work for the EDA?
 
2013-07-09 02:34:17 PM  

Dr Dreidel: Mikey1969: I could see DOD being a little paranoid

Yer not kiddin'. Their disposal techniques - incinerating any HD that ever touched a DoD system literally to ash AFTER magnetically destroying the contents seems like overkill to me - read like Dexter's evidence-disposal rules.


I've got a good disposal technique... I just take hard drives out to the gun range when I go shooting. A few bullets through the platters usually ensures that no usable chains of data are really retrievable. Usually....

It's fun, too.  :-)
 
2013-07-09 02:43:49 PM  

Xexre: $823,000 went to the security contractor for its investigation and advice

I want the job where I get paid $823,000 for running SpyBot / Avast on a couple of machines.


Be fair, I'm sure he ran Malwarebytes once or twice, too... Then there's the sitting around waiting for the scans to finish. That orange soda doesn't pay for itself...
 
2013-07-09 02:47:04 PM  

Egoy3k: That is a stock image, you know that right?

theusercomponent: Once click. That's all it would've taken you to figure out the image was a stock photo taken in 2008. Do you work for the EDA?


I did consider the possibility but having dealt with government IT stuff in the past.... I heavily discounted it.  Until 2008 the machines used by the Department of Work and Pensions (a UK government thing that deals principally with benefits and claimants) staff were running Windows 3.11 with some Win9x thrown in for good measure.

What 'theusercomponent' has shown is he has failed at reading comprehension in an amusing manner, if I did not click and read TFA... how'd I know it was a picture of a smashed NEC brand CRT?  Huurrrr Duuurrr blocked.
 
2013-07-09 02:49:02 PM  
images.sodahead.com

Oh God! NOT MY CYBERS!
 
2013-07-09 02:50:15 PM  

Vaneshi: What 'theusercomponent' has shown is he has failed at reading comprehension in an amusing manner, if I did not click and read TFA... how'd I know it was a picture of a smashed NEC brand CRT? Huurrrr Duuurrr blocked


I think he was referring to the link under the image that goes to a flicker account....
 
2013-07-09 02:53:17 PM  
Remember those horrendous X10 popup ads? I had to get a new monitor when I got one of those stuck on my screen.
 
2013-07-09 03:03:07 PM  

Egoy3k: Vaneshi: Whilst true to a degree and possible, looking at the article the picture is of an old NEC CRT display. I think we're talking about at best PS/2 mice and at worst the absolute bargin bin 2+wheel crap that comes with a cheap Dell system (USB it may be but it's still little more than a PS/2 with a USB converter on the PCB).

While I agree with your conclusion that most government agencies use old hardware the way you got to it.....

That is a stock image, you know that right?


The sticker on the monitor says "ACID CD BURN".  Maybe they were telling us the proper technique for getting rid of a compromised computer.
 
2013-07-09 03:06:36 PM  

Egoy3k: I think he was referring to the link under the image that goes to a flicker account....


And I'd still of been dubious about it being stock and totally unrelated.  I know several departments where stuff like that is still being used.

He wanted to Huurrr Duuurrr, he Hurrr Duuurrr'd.  Just like every other 5 year old let on the internet when mommy is looking and daddy is too busy to shove his dick in him.
 
2013-07-09 03:08:17 PM  
ArkPanda:
The sticker on the monitor says "ACID CD BURN".  Maybe they were telling us the proper technique for getting rid of a compromised computer.


http://www.sonycreativesoftware.com/acidpro/io

Let me guess never heard of Ableton either.
 
2013-07-09 03:10:22 PM  

Dr Dreidel: Mikey1969: I could see DOD being a little paranoid

Yer not kiddin'. Their disposal techniques - incinerating any HD that ever touched a DoD system literally to ash AFTER magnetically destroying the contents seems like overkill to me - read like Dexter's evidence-disposal rules.


Gotta do the magnetic erasure first, so if the drive is stolen/lost on the way to the incinerator, there is less chance of data being retrievable.
 
Displayed 50 of 76 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report