back to article Leaked memo says Conficker pwns Parliament

The House of Commons IT systems has reportedly been infected by the infamous Conficker superworm, which has previously infected millions of Windows PCs and affected the operation of hospitals, military and large corporate systems. Political blog Dizzy Thinks first reported that a memo (below) sent out to parliamentary IT …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Down

    WTF?

    "We therefore ask that if you are running a PC or portable computer not authorised to be on the Network that you take it off immediately."

    And which fucking idiot let them put unauthorised devices on the network in the first place?

    So not only are our MPs pretty much technically useless but the IT department that set their network up is a stupid as they are.

  2. Dane Pack
    Thumb Up

    Superb...

    "If you have an infected mobile device or USB key, please remove it until we clean the rest of the devices on the network, at which time you can use these devices and infect the network again."

  3. Anonymous Coward
    Thumb Down

    And there's more..

    On a sort of unrelated article on the BBC (about access to the Daily Sport being blocked on the Parliamentary Network) :

    "Guidance issued to all MPs in December 2007 warns MPs they have a duty to ensure the Parliamentary network is used properly "by themselves and their staff" and to avoid actions that "threaten the integrity of the system or bring it into disrepute"."

    Hmmm, I guess that the whole thing is a complete fuck up and maybe they should scrap it all and start again.

  4. Dr. Vesselin Bontchev
    IT Angle

    Is this for real?

    Now, I am not a native English-language speaker, but even I can see that the English language of this memo... well, leaves a bit to be desired.

    Also, "An additional characteristic of this virus is that for some types of files it can skip direct to the Network from a USB memory stick or other portable storage device (e.g. mp3 players) without hitting the virus checker software."? Duh, I guess they are using the wrong "virus checker software", then.

  5. This post has been deleted by its author

  6. Anonymous Coward
    Black Helicopters

    White House

    There you go Mr Bush. You can now account for all those "Missing Emails".

  7. adnim

    Incompetence

    Bear in mind this is a government system and due to the sensitivity/confidentiality of some of the data, I found the following excerpts from the leaked memo shocking to say the least.

    "We are unable to clean PCs and portable computers which are either not switched on or which are not authorised devices. We therefore ask that if you are running a PC or portable computer not authorised to be on the Network that you take it off immediately."

    They allow unauthorised harware to connect to the network! Anyone connecting unauthorised hardware to the network should be given a written warning. Any network ports on walls etc. that are not in use should be locked out at the switch or disconnected physically from the switch. All wireless access should be authorised by MAC address. If Internet access is desired for visitors it should be on a physically separate network

    "An additional characteristic of this virus is that for some types of files it can skip direct to the Network from a USB memory stick or other portable storage device (e.g. mp3 players) without hitting the virus checker software. We ask that for the time being you do not use memory sticks or any other portable storage devices on the Parliamentary Network."

    They allow staff to connect memory sticks and MP3 players to the PC's! All PC's should have USB/Firewire ports disabled in BIOS, physically disconnected where possible and the BIOS locked by password. The AV software should be configured to scan files transferred via USB (even if disabled) devices, and if it can't then someone chose the wrong AV product.

    Perhaps our government's IT dept don't take security seriously.

    Who ever drew up the security policy should be sacked. Unless of course security policy is in fact solid and just being ignored. In which case those who are supposed to enforce policy should be sacked.

  8. yossarianuk
    Linux

    stop wasting my money

    Dear Govt.

    PLEASE STOP SPENDING MY MONEY ON CRAP SOFTWARE - free is cheaper..

    regards

  9. Danger Mouse
    Paris Hilton

    WTF

    And the reason the IT Team at parliament can't disable access USB Storage devices automatically is?.

    Paris, because even she can't figure out why disabling usb storage devices is not a default policy?

  10. NB
    Linux

    bring on..

    the penguin! This would never have happened had they been running linux. Seriously, MS Windows is just not fit for purpose in any environment.

  11. Anonymous Coward
    Unhappy

    Eh?

    > We are unable to clean PCs and portable computers which are either not switched on or which are not authorised devices. We therefore ask that if you are running a PC or portable computer not authorised to be on the Network that you take it off immediately

    So they actually allow "unauthorised devices" to do anything on the network at all? FFS what bunch of clueless f***wits have our MPs chosen to run their IT?

    Any unauthorised device on our network gets firewalled into uselessness upon connection, closely followed up with a visit from a PFY after we've told him we're cutting his curry budget.

  12. Caffeine Junkie
    Thumb Down

    Clowns

    If a device isn't authorised then the network port should be blocked. Authorised machines should detect if unauthorised usb devices are attached and flag it with security.

    The company I work for does this and it's not tasked with running the country.

    Incompetent fools.

  13. Andy Livingstone

    Better clean-up needed

    It's not only their systems that are infested by worms. The whole place is full of them. Some elected, some not. Clear the whole damned place.

  14. Ray

    Dear oh Dear . . . When will we learn

    This after the build up with either turn out to be highly significant or a damp squibb.

    5 days and counting . . . and two lost to a weekend . . .

    Just the fact that MOD and Parliamentary systems are infected is enough even before the known activation date.

    Just adds to the appalling government data security and safety record.

    SECURITY SECURITY & SECURITY

    PROTECTION PROTECTION PROTECTION

    SAFETY SAFETY SAFETY

    Whenever we will learn before we are faced with a really big problem?

    Hopefully 1st April will pass without too much upset . . .

  15. David Pollard
    Thumb Up

    A result!

    Maybe this will prompt parliamentarians to think again about the proposed children's database, where plain reasoning so far seems to have failed.

  16. EnricoSuarve
    Black Helicopters

    Good job they don't do anything important

    So anyone can plug any device into the houses of commons network with no LAN access management, USB autorun is still enabled and encryption banned

    So basically a 5 year old could get onto the network at the heart of our government?

    You'd think that given the billions they are spending on pointless plastic cards they would splash out a few quid on basic network security in their own offices

    Black helicopter as apparently it wouldn't take a Clancy-esq raid to steal their information, just an out of date security pass and any old laptop should do it

  17. Anonymous Coward
    Linux

    signature for the non-A/V crowd?

    Is there a way to see if you are infected with Conficker if you don't have (current) A/V software installed? I'm in AC mode because my in-laws are the Windoze users, and they haven't updated their A/V in at least a year. I'd like to see if they are clean or not, but I don't have A/V myself because I'm an all-Linux shop.

    Somewhere I remember reading that various Linux-based live CDs had been spun as A/V scanners; pointers?

  18. Anonymous Coward
    Linux

    secure

    well maybe nows the time to remind our MPs of the benefits of Gnu/Linux

  19. Aortic Aneurysm

    No title required.

    Judging by this article, they just allow people to use un-authorised USB equipment and PC's? Bizarre!

  20. Anonymous Coward
    Anonymous Coward

    I

    I hope the virus is made by a justice minded citizen and all of the secret memos are published to wikileaks and that all of the government /police and secret services IT systems are destroyed leaving them to contemplate how stupid they were to rely on technology to fix all their problems instead of talented people and hard work.

    Also I hope some of those new made up rules will be lost too.

  21. Daveycoder
    Stop

    What concerns me here...

    ...is the line about MP3 players. Surly not a secure storage mechanism? Shouldn't these PCs be locked down a bit more than that?

  22. Dan
    Coat

    Nice...

    ...to see that unauthorised devices are to be kept off the network temporarily, so that once the entire environment is cleaned of the worm, some monumentally clueless head-in-the-clouds expense-abuser with a god complex can plug in his/her mp3 player and start the whole process all over again.

    Coat cos that's them rifling through my pockets for more cash to put in their trough.

  23. Anonymous Coward
    Flame

    Representatives of the Britards

    Given the cosy relationship between Microsoft and various government figures, what else are we to expect than an amateur IT shop with a policy of running Microsoft stuff plus the seemingly obligatory value-added trinkets like anti-virus software? I suppose the prevailing view is that such trinkets are an adequate protection for the infrastructure against the Representatives of the Britards running dirty software, presumably with full administrative privileges and an unguarded route to the network.

  24. Ken Hagan Gold badge

    Define "network"

    If I plug an unauthorised device into a wall socket, is it "on the network" for the purposes of this memo? At my illustrious place of employment, we have a wireless network so that our visitors can get onto thar interweb. Physically, there presumably is a path to the same set of wires as the rest of the company network. Logically, it's a different network. I see no reason to suppose the PICT don't have similar options and aren't using them.

    All you network admins really ought to bear in mind that the PICT folks have possibly the worst net-admin job in the country. It is clear from recent legislative proposals that their "customers" know jack shit about IT but you can bet they have strong opinions about being told what they can plug into the wall.

    So, before you sound off about how trivial it all is, tell us how *you* would secure a network that had to provide internet access and secure (parliament-only) services to a motley collection of machines running *any* OS that the MPs (and/or their over-enthusiastic assistants) wish to download, all whilst denied administrative access to the machines in question, since they almost certainly contain "privileged" material (at least, the MP thinks so). What's that? It's impossible? OK, well that's not as simple as you've been making out then, is it? You are of course free not to work there yourself, but that's no reason to slag off those who do.

  25. Anonymous Coward
    Anonymous Coward

    Fascist admin...

    While it's all well and good locking down hardware to the point where it's barely usable, there are a couple of points to consider.

    - The network is provided as a service to MP's and their staff. They aren't employees, they can't be sacked by an IT Nazi, they can't get written warnings, the police are even restricted in what they can get up to in an MP's office.

    - You can get anything by email, anyone else remember UUEncode?

  26. kain preacher

    @NB

    Please tell me you are not involved in IT security. So you are saying that he problem is Windows , and that allowing unauthorized devices on a network would have zero effect in as linux environment .

  27. Anonymous Coward
    Anonymous Coward

    All the ones bitching about unauthorised devices

    What do you expect from a network run by a PICT? All that is missing is the set of little fury animals to groove with it (any similarity with a certain Pink Floyd song is only in passing...)

  28. Slaytanic

    I'm surprised that you're surprised....

    While I agree that these computers should be locked up tighter than a nun's c*nt, just think about the reality of the situation. I could just imagine how many a situations like this could have happened.

    For example...

    MP luser - Hey, I want to bring in my computer from home and I want you to connect it to the network, also I want to be able to use my MP3 player on my office computer.

    IT staffer - Um, sorry sir, that's not allowed.

    MP luser - What did you just say to me?!?

    IT staffer - Um, that's it's...

    MP luser - do you like working here?

    IT staffer - Huh?

    MP luser - It was a simple question. I said do you like working here?

    IT staffer - Yes, I do sir.

    MP luser - Then you'll forget about what you think I'm not allowed to do and do what I told you to do! Better have it ready fast too. I want to transfer my Michael Bolton collection that my son downloaded for me from my MP3 player to my office computer before tea time.

    IT staffer - Yes sir...

  29. Anonymous Coward
    Anonymous Coward

    Misnomer

    The Parliament network is not a secure network like those imposed on civil servants. Attempts to provide universal ICT have been hamstrung by MPs and their researchers insiting that they have requirments to use non standard equipment and Parliament ICT staff can't or won't stand up to them, ie Macs, Vista etc, and mix up their own equipment, that of their constituency and that which is provided to them.

    It is not secure because MPs and their researchers don't get the background checks that civil servants do

  30. Anonymous Coward
    Linux

    Leaked memo says Conficker pwns Parliament

    "...Conficker pwns Parliament"

    Conflicker has to get in the queue after the US gov. and MS.

  31. DS
    Flame

    MS08-067

    http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

    Been available since Published: October 23, 2008

    Anyone thinking this does not need application, or hardline enforcement is an idiot and should be fired. Anyone not knowing what it is (and holding post in IT) should be fired. Anyone witless enough to do nothing, and let this thing burn needs to be fired.

    It's a windows RPC attack vector, it was from day zer0 worm-able and was ALWAYS going to be a worm, and everyone knew it.

    Nothing should be on the network with out it being applied.

    Anyone running the network/security not enforcing it should be fired.

    Any Person/MP breaking the security rules, principles, and policies should have access removed.

    Seeing as these assholes believe in taking away their citizens cars for not paying duty, they can suffer having their equipment crushed for placing the country's government network at risk, a far greater crime than Johnny sixpack not paying road tax.

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250

    Has been available for examination since 2008.

    Tool for helping cleaning up the huge mess that should never have existed

    http://www.bdtools.net/

    All that being said, expecting these cretins, who are the worst government in modern history, who dream up and scheme and implement destruction of everything worthwhile, while enacting their own 1984 programme, to know what they are actually doing, to know how to manage anything, or do anything the right way is our fault. These witless idiots need to be gone, and anyone supporting them, their antics, bullshit, lies, 'ID cards' and all the rest of their crap, and the sooner these type of things are fully published to show their utter witless, pointless, enormously wasteful stupdity, the better.

  32. Wortel
    Boffin

    @signature for the non-A/V crowd?

    ===

    By Anonymous Coward Posted Friday 27th March 2009 15:02 GMT

    Linux

    Is there a way to see if you are infected with Conficker if you don't have (current) A/V software installed? I'm in AC mode because my in-laws are the Windoze users, and they haven't updated their A/V in at least a year. I'd like to see if they are clean or not, but I don't have A/V myself because I'm an all-Linux shop.

    Somewhere I remember reading that various Linux-based live CDs had been spun as A/V scanners; pointers?

    ===

    Plenty of pointers if you google 'Linux Live CD Virus Scan'.

    Personally i've used Knoppicillin (Knoppix-based live cd with several scanners available, unfortunately there's no online source to get the disc from. It's spun once in a while and delivered with a magazine subscription to C't Magazine)

    And i've used Trinity Rescue Kit: http://trinityhome.org/Home/index.php?wpid=1&front_id=12

    Which also features multiple scanners. Both distros are also capable of online updates.

    If you don't feel like downloading yet another ISO, maybe this is useful:

    http://njlinux.blogspot.com/2008/01/virus-scan-windows-using-linux-live-cd.html

  33. N

    Incompetence

    On a biblical scale

    & a reflection of the complete utter shambles this pack of amateurs who 'run' the country are

  34. adnim
    Dead Vulture

    @AC:signature for the non-A/V crowd

    This might help

    http://trinityhome.org/Home/index.php?wpid=1&front_id=12

    Quote:

    "New features include a home brewed very powerful PC cloning tool, boot TRK from a TRK over PXE, more hardware support with kernel 2.6.26, completely rewritten winpass, another extra virusscan engine (Vexira), making a total of 5 scan engines, 2 rootkit detection utils and lots more utils and bugfixes. "

    I have not tried this yet but it looks good.

    Another place to look:

    http://www.livecdlist.com/

  35. Anonymous Coward
    Anonymous Coward

    Ummm OK

    The memo made "suggestions" and the language seems to indicate that the IT department of UK.gov are a bunch of spineless (and potentially clueless) morons. Really regardless of what environment I've been in (and yes I've worked government contracts) security policies were never a fucking SUGGESTION to anyone regardless of rank, status, position, etc etc. Those policies were policies across the board period full stop end of story no matter who you were. If this memo is indeed genuine then it explains everything regarding your governments inability to safeguard your data along with a whole host of IT related gaffes over the years.

    BTW as much as I hate to do it (and believe me I detest MS as much if not more than the next guy), however this memo indicates the issue is not one of the OS they are running. It's an issue of utterly moronic network/PC/server/user managment. Were they running an all Linux environment the IT staff probably would have every user system and server running as root with 'password' as the password.

    Now I've been reading El Reg for a long time and can attest to the fact that you lot have some really bright IT minded people on your side of the pond. So why does it appear that only brain dead ass kissers are in charge of all the government systems? Come on guys and gals time to step up and send in your CV's.

  36. Anonymous Coward
    Anonymous Coward

    The revenge of labour on the people of the UK

    has to stop :) If they cannot secure their own systems, they should not be trusted to hold data on anyone.

    Wake me up when the revolution gets into full swing.

  37. James
    Joke

    APRIL FOOLS!!!!

    It's all a big April fools joke, a message will pop up on all the computers saying Wiping Hard Drive........... and then go APRIL FOOLS!!!!! and uninstall it self. All without too much of a hitch.

  38. Anonymous Coward
    Anonymous Coward

    Huh?

    Why are you using non-words in your headlines that some of us have never heard of?

  39. Nigel
    Flame

    I blame MIcrosoft, again.

    Another bit of Microsoft stupidity, autorun.inf, which they are finally trying to kill off after a couple of decades of spreading viruses and malware.

    Microsoft is to secure software what the Pope is to safe sex.

  40. Anonymous Coward
    Stop

    Don't blame the techies.

    I worked in a government department once. All the IT staff knew what needed to be done to keep the system secure. The problem was management didn't want the hassle of telling people "No", so just told the IT crowd to shut up and do what the loosers wanted.

    There have been a lot of negative or derogatory comments about PICT. Several people have pointed out the nature of the IT setup at Parliament. It sounds like PICT are working in IT support hell. Give the support guys & gals a break. Instead, direct your anger at the managers who allow the situation to arise in the first place 'cause they refused to say "No"

    A/C - 'Cause I don't want to burn bridges

  41. Doug Bostrom

    Windows for Warships?

    How 'bout them nukular submarine thangs? All locked down? (Actually, does the UK actually have any boats not sitting with burned up turbines or other issues right now?)

  42. Anonymous Coward
    Thumb Up

    Oh Nooooo!

    Better ban viruses.

    Oh, and set up a database to track them all.

    Every virus must have an ID card. That'll stop them!

    And can we block their web site?

    Or maybe we could tax them?

  43. Anonymous Coward
    Flame

    Here's a thought...

    Push down a policy disabling autoruns on all drives for all systems. Something I've been trying to get my company to do for the last year or so. How hard is that? Bang---one vector of infection gone (unless someone is stupid enough to find the virus file on their flash drive and manually run it)

  44. David Ramsay
    Jobs Halo

    Use a Mac

    Well lets face it the solution is to ensure that MP's use Mac's.

    Totally impervious to current hacks and will also mean that IT staff in parliament are out of a job!

    Saves money in the long run 11

  45. Anonymous Coward
    Anonymous Coward

    Hardly a shock...

    TfL has been suffering because of it for months...

    But at least you can now give a knowing smile when you see the station display board go on the fritz.

    Anon, well the fact their IT is is running even worse than their buses on a snowy day is supposed to be a secret!

  46. Anonymous Coward
    Anonymous Coward

    MS08-067

    Perhaps they were slow to deploy this?

    Perhaps they have not even deployed it yet?

  47. Anonymous Coward
    Unhappy

    Have a look at the graphic here

    http://blogs.technet.com/mmpc/archive/2009/01/13/msrt-released-today-addressing-conficker-and-banload.aspx

    Are our Parliamentary machines so poorly protected?

    If they are - its unbelievable.

  48. DS
    Flame

    Push down a policy on autorun

    Problem is the prime attack vector is via RPC, and requires MS08-67 to be applied to block that.

    When examined, the MS suggestion on blocking autorun was found to be fallable and another patch has had to be issued to make a policy stopping autorun work as expected.

    I'll say it again, for simplicity.

    MS08-67 was one of those patches, that is a zero day biggy. One that everyone reads/takes notice, starts patching. Its not a maybe. Its not a do we, don't we, its a gold plated fix and patch NOW. And that was in oct 2008. Not deploying it, was not an option. It was never an option. Seeing companies go down to downadup and conflicker is simply amazing. People need firing.

    People need to be fired over this, just as people have always needed to be fired for handing out admin rights on windows boxes like confetti. THE largest problem with Windows is that its treated by every tom, dick, and harry like a playground, l want it like my home computer blah blah. And everyone persist with idocy like I want admin rights, and I don't need to patch and secure. Heads need to roll, and people need to put security first over giving everyone what they want.

    Any company where unpatched boxes are common, and where you get something like conflicker/downadup happening is a fire the head of IT incident, fire the Dirtector responsible for IT/security and compliance, and drag the board together and demand serious, ground up changes.

    Its time that in the case of public sector networks, this kind of negligence resulted in people being fired and cases brought for negligence against the senior management responsible.

  49. Charles King
    Paris Hilton

    Conficker = FAIL

    Is "slow for most of the week" the best you (or Conficker) can come up with?

    FAIL

    FAIL

    FAIL

    Doing a high-profile grafitto is the *very least* expected for any measure of acknowledgement, anything less is FAIL territory and means we can laugh at the dickhead who programmed Conficker. Good job on getting the media to spread the FUD though!!

    Paris, because she's weeping at how pathetic Conficker is.

  50. Goat Jam
    Linux

    @signature for the non-A/V crowd?

    I use the Trend Micro Housecall site for situations such as that. The site d'loads a Java or <shudder>ActiveX scan engine and does a full system check

  51. Anonymous Coward
    Anonymous Coward

    Security Policy and bosses

    To all those who think it is so easy to enforce security policy (and sack their bosses who don't comply) - you are deluded. Security policy is typically something that management like to think of as "having the boxes ticked" but they don't like to spend money on it and even less to actually take any responsibility. They will dump the responsibility on some idiot who will then be the scapegoat if anything bad happens - but they will not change their own behaviour. They believe that once firewalls or other security products have been purchased, they are like some kind of magical talisman and will ward off evil hackers as if by magic, with no further activity required. As far as management are concerned, security policies are inconvenient and slow projects down with no visible benefit. The idea that they as individuals have to follow organisation policies is alien - they think these only apply to the proles and that they are a law unto themselves, for the same reasons they believe they should have reserved parking and a separate canteen.

    Persoanlly, I welcome the recent trend in trojans targetting high-ranking individuals due to their ignorance and arrogance of IT security and high bank balances. I hope that people like the MPs who insist on flouting Parliament security policy get their bank accounts emptied and all their personal secrets published on the Internet.

  52. Tony Dunlop
    Stop

    gagging order

    When it comes to verbal communication, Parliamentarians (sometimes) manage to keep their lips sealed. What a shame they haven't a clue when it comes to IT security. According to the piece in PCpro on this story:

    > When asked to explain why outside PCs were allowed on the network, a parliament spokesman > helpfully told Channel 4: "I'm not authorised to answer why we can't answer the question."

  53. James O'Shea
    Black Helicopters

    borked

    How can they tell the difference from how it normally works?

    And... both my router at the office and the one at home have the ability to detect unknown MAC addresses and refuse to serve them. That feature is turned on at the office, but not at home. Yes, it's possible to spoof MAC addresses, but if we're up against that level of attack then we need heavier artillery than management at the office or me at home are likely to spring for... but which should be available to HM Gov. And, at the office, there are many, many, MANY RJ-45 wall sockets which are _not_ turned on, and which will not be turned on except on receipt of a written request... and which will be turned off again should the conditions change. And official machines have USB turned off and optical drives removed or blocked, with some exceptions (mine, for example. Yes, I'm special. You no like? Me no care.) Staff are not allowed to bring computers from home and attach to the company network unless there has been prior agreement Staff are not allowed to attach USB devices to machines on the network, except when there's been prior agreement. And, yes, that includes senior staff, including the boss. He's got to ask me first. (it's not like he's going to have a problem getting his machine approved, he is the boss, but he's got to get it on the list...) Everyone, that is, except me, as I'm the one who has to agree, and I agree with myself that my laptop should be able to access the network. It's called 'security'. Perhaps Parliament needs someone to enforce it. How much does such a position pay?

  54. bigfoot780
    Alert

    I wonder if Its the C variant

    If it is they'll want to clean the workstations by 1st April or it could get messy.

  55. Anonymous Coward
    Anonymous Coward

    Re: Iam Me

    "Now I've been reading El Reg for a long time and can attest to the fact that you lot have some really bright IT minded people on your side of the pond. So why does it appear that only brain dead ass kissers are in charge of all the government systems? Come on guys and gals time to step up and send in your CV's."

    While I agree some of the guys over here do know their stuff, if you were an MP wanting to do what you want to do, with as little interference from IT, would you hire a pushover IT guy? or a hard-arse my way or the high-way sys-admin?

    The way I see it, this country is doomed ... until the government goes too far, for the general public, not just us IT lot who can see it happening, then a civil war will errupt, because by then the gov't will have too much power, and a war will be the only way to take it back. I just hope it's long after I'm gone. The way this country treats it's citizens, I'll be damned if I'd give my life for it, now ... who's offering me asylum?

  56. Anonymous Coward
    Anonymous Coward

    @adnim

    >All wireless access should be authorised by MAC address.

    lol, good luck with that.

  57. Alien8n

    Paranoia

    As pointed out, MPs are not employees in the real sense of the word, in effect each MP is the senior management. I can't tell my boss that he can't plug his home laptop into our network, or download his latest photos onto our server, all I can do is tell him why he shouldn't do it. Same with the IT guys at Westminster. After you've been told "thanks, but I'm going to continue using my MP3 player at work no matter what you think" eventually even the most die hard BOFH is going to just turn round and say "fsck it, let them screw the network up and then we'll say we told you so".

    It's made harder as well by the fact that each MP will be storing stuff on their own laptops and USB drives purely on the basis that they know that those in power will be doing all they can to find out what they're doing. You really think GB isn't using every trick in the book to find out what David Cameron is planning? Having a list of all the questions the opposition is planning to ask at PMQ would be an absolute goldmine for him. Not to mention the other way around, how much political gain would be gained if the Conservatives gained access to all the emails that led up to the invasion of Iraq? It's no wonder that the average MP turns into a paranoid schizophrenic as soon as he gets elected.

  58. Paul

    @David Ramsay

    "Well lets face it the solution is to ensure that MP's use Mac's.

    Totally impervious to current hacks and will also mean that IT staff in parliament are out of a job!

    Saves money in the long run 11"

    Hahahahahahahahahahahahahahaaagagagasewerffwefno.... Ha...

    Please go to the top of the page.

    Search for pwn to own.

    Come back and say sorry for saying somthign so stupid/

  59. Dave Barnard

    @Paul

    Well, the first link says "Wanna see how to use Win 7 UAC to pwn a PC? Just press play..."

    More seriously, differences between OS X and Windows security are well explained here:

    http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

    OS X isn't perfect, but is undoubtedly built on more secure foundations.

    It means I can get on with doing work rather than having to constantly worry about security

    Dave

  60. Dr Patrick J R Harkin

    We are continuining to work with our third party partners

    Why do I hear that in the voice of GLaDOS?

  61. Anonymous Coward
    Anonymous Coward

    Love it

    The answer by all "IT Experts" is to completely lock down all usb access, lock the pcs down to make them nothing but useless paperweights.

    I know, lets get cars without wheels or engines as they *might* be dangerous.Never mind the fact that you *might* want to use it. Please god, sack these fuckwits.

  62. John Smith Gold badge
    Flame

    As Bruce Schneier put it.

    "In order to improve computer security, the CEO must care "

    So until Gordo's plastic is apparently used to buy a couple of grand's worth of fun at a Bratslava lap dancing club I anticipate this occurring again. And again.

    I'd written more but it's irrelevant without this happening first.

  63. Anonymous Coward
    Boffin

    Secure how secure.... not at all!!!

    Forget the viruses. Unsecured devices such home wireless routers without encryption are routinely conneted to the parliamentary network. Who needs a firewall if these devices are connected. No action was taken against the culprit and parliament remained as secure as a wet paper bag.

  64. Anonymous Coward
    Unhappy

    i work for PICT

    we work hard last week we manualy install patch and virus soware evry machines we cans find. we workd hard to cleaned the viruses from parliaments and think you commen ts are no good.

    what does you knows about working here or suppporting mombers of lords/commomns. They hard men to please.

    you no nothing about virus in hop.

  65. Anonymous Coward
    Anonymous Coward

    @AC 14:25

    Obviously the Indian Call centre responding here then.

  66. Anonymous Coward
    Pirate

    No wonder they are infected

    Connecting home wireless routers onto a LAN, I can't believe it! Talk about a bunch of monkeys!

    The entire IT management team should be sacked. Talk about lack of security, why have proxy's and firewalls when you can bypass this by connecting to a wireless router!

    As for the pict worker, have you never heard of SMS or deploying the patch via a login script?

    I can't believe in this day and age Parliament is sending out engineer to manually install AV and security patches. I am sure this isn't the last time you will be infected and I am fairly sure your system has already been infiltrated by Russia/China hackers.

    And to think this is the same government that wants to start a National ID database.....

  67. John Smith Gold badge
    Happy

    AC@14:11, AC@14:25, AC@21:34

    AC@14:11

    Glad to know that the cheapest kind of bandwidth you can get is still someone else's. And if people will run wireless routers without even bothering with encryption it always will be.

    AC@14:25

    My apologies. It seems the boys from Bratislava are already here.

    AC@21:34

    I think you should treat the Pict guys post with a large pinch of salt.

    Mind you this system does have some benefits. Any accidental discovery of any "inappropriate" content on an MPs PC can be met by "Our network was wide open. Anyone could have put that on there. I did not know that sharing my hard drive on the network was risky"

    Not that I am suggesting there *is* anything to find. But I'm sure any MP could find a lawyer who could argue this one. Given the number of MPs who are lawyers anyway the odds are they could do it themselves.

This topic is closed for new posts.

Other stories you might like