| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Oct 2004 14:34:55 -0400 From: "Richard M. Smith" <rms@...puterbytesman.com> To: <bugtraq@...urityfocus.com> Subject: Is Windows up to snuff for running our world? Hi, The Microsoft Windows operating system is increasingly being used in devices which run our world. Some examples include cash registers, ATMs, electronic voting machines, and factory control computers. But is the Windows operating system really reliable and secure enough for these kinds of applications? A small incidence at the Atlanta airport last May makes me wonder. I was flying home to Boston from Atlanta on Delta Airlines. When I got to my gate at the Atlanta airport, I immediately noticed that there was a Windows error alert box in the middle of the large display screen over the gate door. I walked around the terminal and saw that many of the gate display units had the same error alert box being displayed. In many cases, the display units were no longer usable since the alert boxes covered up critical information on the screens. Here are some photos I took of the problem: http://www.ComputerBytesMan.com/atlanta The problem existed for at least 30 minutes, but no one from Delta seemed to be interested in fixing it. I wanted to click the "Okay" button myself, but I couldn't find a mouse. ;-) I even recognized the software package that was failing at the Delta terminal. It is a customer support package that a number of computer makers ship with their home PC systems. This same software package was pre-installed on my Sony laptop but I removed it after discovering that it contained a number of ActiveX controls with serious security holes. These security holes can potentially be used by a virus writer to take over a Windows PC using simple script code. The customer support software was failing because it couldn't find a standard Microsoft ActiveX control which ships with Windows. My impression is that the Windows operating system in control of a display unit had somehow been corrupted. Ironically this customer support package is designed to diagnose and fix these kinds of problems with home PCs. Why Delta was running consumer-grade PCs for this application is bit hard for me to fathom. I sure that this is not the first time a Windows system has failed in a dedicated application. If you have any interesting photos of similar Windows failures, please send them along to rms@...puterbytesman.com. Richard M. Smith http://www.ComputerBytesMan.com Links Microsoft server crash nearly causes 800-plane pile-up http://www.techworld.com/opsys/news/index.cfm?NewsID=2275 Car crazy: Microsoft in the driver's seat http://tinyurl.com/6s24a ATMs in peril from computer worms? http://www.theregister.co.uk/2004/10/20/atm_viral_peril/ Shifting cyber threats menace factory floors http://www.securityfocus.com/news/9671 Software vendors just don't "get" ActiveX security http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/0043.html
Powered by blists - more mailing lists