| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: lcamtuf at ghettot.org (Michal Zalewski) Subject: Windoze almost managed to 200x repeat 9/11 On Fri, 24 Sep 2004, ASB wrote: > "The servers are timed to shut down after 49.7 days of use in order to > prevent a data overload, a union official told the LA Times." > > How you managed to read "OS failure" into this is rather astounding... The statement above, even though either cleverly disguised by the authorities, or mangled by the press, does ring a bell. It is not about applications eating up too much memory, hence requiring an occassional reboot, oh no. Windows 9x had a problem (fixed by Microsoft, by the way) that caused them to hang or crash after a jiffie counter in the kernel overflowed: http://support.microsoft.com/support/kb/articles/q216/6/41.asp It would happen precisely after 49.7 days. Coincidence? Not very likely. It seems that the system was running on unpatched Windows 95 or 98, and rather than deploying a patch, they came up with a maintenance procedure requiring a scheduled reboot every 30 days. This is one hell of a ridiculous idea, and any attempt to blame a failure on a technician who failed to reboot the box is really pushing it. It is not uncommon for telecommunications, medical, flight control, banking and other mission-critical applications to run on terribly ancient software (and with a clause that requires them NOT to be updated, because the software is not certified against those patches). In the end, the OS and decision-makers that implemented the system and established ill-conceived workarounds should split the blame. /mz
Powered by blists - more mailing lists