And another quote from the article "Gamarue.I, a worm identified by Microsoft in 2012" which has documentation at Microsoft.com[1] and at some random site [2] saying "This threat tries to use the Windows Autorun function to spread via removable drives, such as USB flash drives." and "Worm:Win32/Gamarue.I copies four essential components from one location to another. These four components are the four files used in the attack: "desktop.ini," "~$wb.usbdrv," "usb drive (1gb).lnk" and "thumbs.db.""
Self-propagating it is, self-propagating over a network it doesn't seem to be. Is it more likely "A School in Bradford plugged an infected USB stick into laptops while setting them up, and disabling built-in antivirus in favour of some third-party less effective antivirus"?
I live in the UK and follow day to day news, government announcements,etc. This reads like something straight from the government's PR book. The pattern is always the same: it's small issue, nothing to worry about, we know what's going on( or about to find out).
Last week I was bored,so ended up testing so cold google exploits. There are endless numbers of educational institutions with systems so crap that it's hard to believe. It took 15 min to find confidential salary data, various documents, messages, etc. Interestingly enough, most were US schools. I can only imagine what people with skills could do, instead of just googling,like me.
You mean that's the PR you would hear from any organization, whether public or private. A lot of private companies would go one step further and just sue the reporter for damages.
I fail to see anything contradictory here. As an example, there's nothing contradictory about "a small outbreak of a highly contagious virus". Large outbreaks necessitate an initial small outbreak.
The contradiction if you want to call it that, is between the apparent importance of emphasizing (four times) the small number of infected systems, and the relative unimportance of that fact when talking about something that is self-copying.
In your example, that would consist of dwelling excessively on the small number of patients, and then burying the "highly contagious" part in a couple of semi-technical sentences near the end. Like we're all fretful hens who can't handle that information without significant preparatory plumage-smoothing.
The worm was identified by Microsoft in 2012. Computer viruses don’t naturally evolve to evade defences so hopefully if other computers are sufficiently updated and secured they won’t be vulnerable. But then again this is the it subdepartment of some random government department which acts via countless local authorities, academy trusts, and contractors while doing things in the way which is both most cheap and best at avoiding culpability for themselves.
Probably the messaging is, like all policies towards the poor and disadvantaged, well meaning, but those people who are most nannied by the state are, quite reasonably considering the way this always goes, less likely to trust the government’s statements. In this case presumably the DfE want to avoid parents pulling their children’s ability to get online school because of the latest government cock up.
Given that this is the BBC and not a technical source, I'd be more willing to write this off as the author having no idea what a self-propagating network worm's implications are.
This is quite common. Lots of small to medium IT teams have terrible security hygiene and awful image build and cloning processes.
I’m glad to see Microsoft at least attempted to take some of that away with things like autopilot which allow OEM builds to be customised just by signing into AD. It’s fairly easy to sidestep a lot of problems like this.
We were getting brand new pos terminals direct from the supplier with conficker installed ten years after conficker was news. When we pushed for a fix, machines started arriving with instructions to run a conficker removal tool before using them.
The title of this BBC article is a little broad in my opinion, the laptops in question were given out by schools in England. I'm not sure if it is common in England for "schools" and "the government" to be referred to in the same context, but to my knowledge the average school's IT department will differ drastically from a larger governmental organization's.
The government has commissioned a contractor to supply these to all the schools in England and it turns out they haven’t done it properly. I would not be surprised if the next thing we will find out is that the company that provided these laptops is owned by a friend or family member of whoever the politician is that’s in charge of this as our current government is incompetent and deeply corrupt.
It doesn't make sense to skimp on these devices. The amount of value that a £420 laptop could have provided is much greater than whatever this thing is.
It's like the boots quote from that disc world book. If it is cheap and crap you will buy it again and again. If it is expensive and good you'll keep it for a long time. Especially nowadays when Intel fails to improve performance of laptops.
> I would not be surprised if the next thing we will find out is that the company that provided these laptops is owned by a friend or family member of whoever the politician is that’s in charge of this as our current government is incompetent and deeply corrupt.
School IT department are definitely completlely separate from the "government", but the first content line of the article clearly states that it was found on devices sent to ths school, rather than by the school.
1) a handful of schools
2) a small number of devices
3) not widespread
4) a very small number of devices
5) self-propagating network worm