[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20041022181906.6473.qmail@mail.securityfocus.com>
Date: Fri, 22 Oct 2004 14:34:55 -0400
From: "Richard M. Smith" <rms@...puterbytesman.com>
To: <bugtraq@...urityfocus.com>
Subject: Is Windows up to snuff for running our world?
Hi,
The Microsoft Windows operating system is increasingly being used in devices
which run our world. Some examples include cash registers, ATMs, electronic
voting machines, and factory control computers. But is the Windows
operating system really reliable and secure enough for these kinds of
applications? A small incidence at the Atlanta airport last May makes me
wonder.
I was flying home to Boston from Atlanta on Delta Airlines. When I got to
my gate at the Atlanta airport, I immediately noticed that there was a
Windows error alert box in the middle of the large display screen over the
gate door. I walked around the terminal and saw that many of the gate
display units had the same error alert box being displayed. In many cases,
the display units were no longer usable since the alert boxes covered up
critical information on the screens.
Here are some photos I took of the problem:
http://www.ComputerBytesMan.com/atlanta
The problem existed for at least 30 minutes, but no one from Delta seemed to
be interested in fixing it. I wanted to click the "Okay" button myself, but
I couldn't find a mouse. ;-)
I even recognized the software package that was failing at the Delta
terminal. It is a customer support package that a number of computer makers
ship with their home PC systems. This same software package was
pre-installed on my Sony laptop but I removed it after discovering that it
contained a number of ActiveX controls with serious security holes. These
security holes can potentially be used by a virus writer to take over a
Windows PC using simple script code.
The customer support software was failing because it couldn't find a
standard Microsoft ActiveX control which ships with Windows. My impression
is that the Windows operating system in control of a display unit had
somehow been corrupted. Ironically this customer support package is
designed to diagnose and fix these kinds of problems with home PCs. Why
Delta was running consumer-grade PCs for this application is bit hard for me
to fathom.
I sure that this is not the first time a Windows system has failed in a
dedicated application. If you have any interesting photos of similar
Windows failures, please send them along to rms@...puterbytesman.com.
Richard M. Smith
http://www.ComputerBytesMan.com
Links
Microsoft server crash nearly causes 800-plane pile-up
http://www.techworld.com/opsys/news/index.cfm?NewsID=2275
Car crazy: Microsoft in the driver's seat
http://tinyurl.com/6s24a
ATMs in peril from computer worms?
http://www.theregister.co.uk/2004/10/20/atm_viral_peril/
Shifting cyber threats menace factory floors
http://www.securityfocus.com/news/9671
Software vendors just don't "get" ActiveX security
http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/0043.html
Powered by blists - more mailing lists