
Victoria Police cancel hundreds of speeding fines after WannaCry virus attack - jaimex2
http://www.theage.com.au/victoria/victoria-police-cancel-hundreds-of-speeding-tickets-after-wannacry-virus-attack-20170623-gwx7na.html
======
mirekrusin
No mention that this security hole has been kept secret by US government and
leaked with devastating consequences around the world.

You can't imply that it's the sole customers' fault by saying that it's "the
easiest thing to do - update operating system" without mentioning NSA not
cooperating with Microsoft to patch the hole.

Many setups require certification which is void after modifications which may
include system updates so it's not "the easiest thing to do". It needs to go
through the certification process again.

Even without certification requirements it may not be as trivial as it looks
at first to "just update OS" on every device.

The "easiest thing to do" is for the government to report holes just like
everybody else does.

Isn't it kind of strange that the only ones that fail to report security
issues are a) criminals and b) government?

~~~
darawk
Why is a comment like this always at the top of one of these HN threads? Does
everyone here actually believe that the NSA shouldn't hoard vulnerabilities? I
find it hard to believe that people here would collectively be that naive and
simple-minded in their thinking. The NSA hoards vulnerabilities for the same
reason the military has guns. Because other countries have guns too. This is
too obvious a point to be lost on the readers here. So, i'm left wondering who
it is that's upvoting these things.

~~~
michaelt

      The NSA hoards vulnerabilities for the same reason
      the military has guns.
    

Vulnerabilities are fundamentally unlike guns.

Because vulnerabilities can be independently discovered or accidentally
released, then reproduced in vast quantities and used against the public and
civilian infrastructure of both us and our allies - largely with impunity.

If wannacry was a gun, it'd be a gun that fired backwards and sideways at the
same time as forwards, and you can't stop it firing once it's started, and
sometimes it starts firing on its own.

~~~
wfunction
Correct me if I'm wrong but WannaCry used vulnerabilities that already had
patches. How does reporting these vulnerabilities earlier instead of keeping
them fix this situation? You'd still have the problem of slow updates
regardless.

~~~
mirekrusin
Reporting them would trigger normal processes, Microsoft would have time to
work on patches during which time bad guys wouldn't be writing WannaCry.

Normally full disclosure happens after about 45 days (I'm not an expert, I
don't know exactly) but in special cases the time is extended.

This would probably be considered as a special case as Microsoft exceptionally
released updates to unsupported, old versions of Windows and the hole itself
was critical.

Please note that WannaCry hit in mid May - not that long time ago.

Shadow Brokers Group public disclosure of stolen tools from NSA happened in
April.

~~~
willstrafach
Microsoft pushed out fixes in March, so WannaCry occurred two months later.

There would have been even less time if this was indeed a security researcher
using a 30-45 day time period.

------
ams6110
Why do so many commercial embedded devices use Window OS, and generally old
versions like NT or XP?

Do vendors get a kickback from Microsoft to use Windows in systems that don't
even have a display?

Otherwise I don't see why they would license Windows instead of using a no-
cost BSD or Linux derived OS.

~~~
patcheudor
I have a oscilloscope which you can regularly find on eBay at a fairly high
price. It's an awesome scope that runs XP and will always run XP because the
vendor has moved on and no longer supports it. Given the age, it's unrealistic
to expect that if they would have used a BSD or Linux kernel that wouldn't be
vulnerable to any number of attacks. Thus, I would suggest the question isn't
why are manufacturers using Windows, but rather, how can we get to a point
where vendors either support their products for the anticipated life of the
device or allow end-users to upgrade the kernel and related packages
themselves?

------
fxlv
And what about having a firewall on the devices? I could understand slow
patching, crappy or processes and all. But if the cameras are networked, why
is there no firewall on them?

~~~
askvictor
They might not be networked; could have been infected while an operator was
collecting photos. But probably networked.

------
iDemonix
Every cloud has its silver lining.

~~~
mirimir
Indeed, that's too funny for words.

------
jaclaz
I am completely failing to see how Wannacry could have affected the operations
of those devices AND at the same time leave some data "good enough" to produce
the fines.

I presume that essentally it is a photo taking device that superimposes a
date/time and detected speed (and maybe also OCR's the license plate).

More or less three or four pieces of data:

1) picture

2) date/time

3) speed

4) (maybe) OCR'ed liense plate number

If any of these items were encrypted it would be evident, and the following
step (looking in a database for the ownere of the license plate number) would
have returned a null result.

The only way for this to actually work (creating a wrong fine) would be if
ONLY the license plate number was encrypted by Wannacry AND the encrypted
string matched another existing license plate number.

------
stonewhite
I wonder if it has infected any critical military infrastructure at US? and
any real way to know about it?

~~~
hueving
Critical military infrastructure isn't connected to the Internet, so it's
unlikely as part of this regular epidemic.

~~~
andai
[serious] wasn't the Internet basically invented to _support_ critical
military infrastructure? Or do their have their own parallel thing?

~~~
willstrafach
Not "parallel" but a few networks.

NIPR - Unclassified DoD internet plus powerful defensive capabilities when
traffic goes between the intranet and public internet.

SIPR - Private "internet" for military and defense contractors and such to
allow for handling SECRET and below. Dedicated circuits.

JWICS - Like SIPR but for TS and SCI channels.

Then other dedicated networks for international partnerships which run on
dedicated circuits and using sats.

------
King-Aaron
_Oh no_

------
warthogfiend
"I cancelled the fines because I think it's important the _pubic_ has 100 per
cent confidence in the system" [emphasis added]

o_O

~~~
danieltillett
The Age is giving the Graudian a run for its money. There is almost nobody
left working at Fairfax outside of management that was born last century.

