|Home » Industry Watch » Heroes Banquet
So nice when people help do the job.
Australian giant supermarket chain Coles got hit by the McAfee bug: 10% of their POS checkout terminals in South Australia and Western Australia had to be shut down.
Why McAfee products can't distinguish between user and system files and offer users an option is not known. Sidestepping user approval to summarily hose even an infected system is sophomoric.
Although leading security experts have totally dissed the value of antivirus, the number of Windows computers worldwide running McAfee's brand of the poison is still staggering. Declan McCullagh's article for CNET made it to ZDNet Australia earlier in the week. Declan has an original way of explaining things to laypersons.
'The update effectively confused the PC's immune system, causing it to attack legitimate operating system processes in the same way that some diseases can cause the human immune system to turn inward.'
Declan also mentions that 8000 of the 25000 computers at the University of Michigan medical school were knocked out, that the police in Lexington went back to writing reports by hand, that prisons canceled planned visitations, and that McAfee's site collapsed under the traffic surge. And he deemed the temporary manual fix to require 'a modest amount of technical ability'.
Coles got hit with 1100 of their point of sale checkout terminals knocked out by the 'bug' - a staggering figure when one realises the super-chain run Windows XP on ten thousand such terminals and when one realises someone somewhere at/for Coles must have spent time researching the purchase - and still completely missed the security issue.
'It's affected our point of sale registers', said Jim Cooper of Coles. 'We had about 1100 registers affected, about 10% of the registers across the country.'
Asked whether Coles would charge McAfee for time wasted reversing the gaffe, Cooper responded:
'We'll be having conversations with McAfee at some point down the track, but we're just focused on one thing at a time at the moment.'
'Our guys have been battling to rectify it in the stores all morning. So we did have as many as 18 stores in WA predominately closed for a period of time over there this morning and that was basically because they either didn't have any registers that were functioning or they didn't have enough for the store to be able to operate properly.'
Cooper admitted he'd ever seen such a widespread outage at the company.
'We've had issues where there's been a technical glitch where it's affected stores. It's often more commonly a power outage or a surge or something along those lines. But it's not been anything on this sort of scale before in our recollection.'
Time for the comments. And the Microsoft fanboys, trolls, and shills. Over at Krebs on Security they continually downplay all the exploits and the revenue leaks, studiously avoiding mention of Windows and aggressively discussing everything else such as fourteen factor authentication, no longer doing online banking, disconnecting from the Internet, going back to wax candles and wood stoves - anything but give up Windows. The system every security guru in the world's condemned years ago.
One was bound to turn up at ZDNet Australia. Here's 'Dermott'.
'Honestly though, this wasn't a Windows issue. It was a McAfee issue.'
Oh whoa. But before one can call foul, there's a followup. Here's 'Microfish'.
'@dermott - Of course this is a Windows issue - if they were running some form of *nix they wouldn't be running an anti-virus program AND the system would be locked down, since *nix is designed around limited rights for regular users. Sure any and all software can be cracked for malicious purposes but the fact is that Windows is the most susceptible to ACTUAL malware seen in the wild (by an EXTREMELY large margin) and therefore should be LAST on the list of choices to run the POS system for a multi-billion dollar retail company.
'And as for the 'time to update' comment: we are not talking about your home computer here. Real businesses need POS machines to run 100% reliably for many years. They don't need to be sucked in to the same old turd-polishing MSFT ploys to extract more dollars from the entire planet by forcing everyone to buy their latest 'better' product. Cash registers don't need Aero glass to calculate your grocery bill.'
So nice when people help do the job.
ZDNet Australia: Coles close stores due to McAfee bug