Slashdot Mirror
Pro-Linux Mail Trojan Running Around
Xeno noted a story making the rounds about a Pro Linux Virus. Well, they're calling it a vrisu, but its a trojan. Its a flash thingee embedded in emails. It mails itself, and then renames zips and jpegs to have have a Pro-Linux message. Very bad advocacy, but when I turn off Dad Mode, I gotta laugh about it.
Read that as `big-indian` for a moment! Amusing!
I think it's this thing called Windows, I heard about it when playing XBill. It seems to take over your computer and spit out the word "Microsoft" all over the place. Microsoft gave a half answer to it, called FORMAT.EXE and even there own version of FDISK, but they also encourage people not to use it.
Have you read my journal today?
What does encrypting te meat have to do with the DMCA?
The Technonaut
Thanks for the info on ESR, that has nothing to do with the subject. On robes, note that they are worn by judges, clerics and academitians. Whatever!
Only during ceremonies or official duties. I don't recall there being a history of, nor official use of, long flowing robes in computer science and/or engineering. And least, not in the last 300 years.
As for it being irrelevant -- no, it's not irrelevant. The point demonstrated is that zealots don't necessarily follow logic or clear thinking when pushing their position on other people. This includes ESR -- though he's not even in the same league of fruitloops as RSM.
What have you done with your life, Simon Cookie? Your homepage, dripping with sappy poetry and a copyright notice(!), does not show much.
Plenty, thanks. The copyright notice is because -- guess what? -- the site is copyright to me. That includes all articles posted therein, and all the material on it. If you want more details, I'm afraid you'd have to ask me privately. Let's put it this way; I've done a lot more at my tender age of 25 years than most people have done by age 40.
Simon
Coming soon - pyrogyra
i don't know that i'd trust every 'real' linux user to have half a brain, but it's entirely possible that you are essentially correct. it's a time honored political tradition to slap a few of your opponents stickers on car windows so that they are difficult to remove...which is pretty much what this sounds like to me.
"The things we wizards have to put up with."--Jethro Bodine
So?
This is intended to fix the security holes of people who are completely clueless...people dumb enough to run something from an unknown source. People with any common sense wouldn't trust the "benign virus" they received to be a benign virus. They, however, also would not accept a real virus, so their computers aren't the ones that need fixing. People without common sense would run the benign virus or a real virus, which is the whole point. And whether or not a benign virus is created is unlikely to affect the number of viruses those users receive, and they aren't likely to pay enough attention to news about viruses to realize there is a benign virus out there. (If they paid attention to news about viruses, they would not run a supposedly benign program without absolutely knowing it was benign, and there is no problem. Any conscientious news program mentioning there was a benign virus would also warn not to believe that was what you received.)
I assume that you aren't trying to argue that this provides people important code to work with to create viruses. That code is already out there. In fact, this virus would likely be constructed using known code that any cracker can alrady access.
So... affects the intended targets
no increased threat to anyone
Your suggestion would be effective initially, but within a matter of weeks some script kiddie (or more likely, several dozen) would just create a lookalike "trojan", even including a helpful or educational disclaimer, but with a malicious payload. The original benign "trojan" would not only be disregarded and avoided, its creator might even be blamed for the script kiddie's version.
You have to remember the whole principle trojans operate on: masquerade as something helpful and then do something harmful. This principle will work even on another trojan.
-The One God of Smilies =)
"Never put off for tomorrow what can be avoided altogether"
For as long as Windows allows .exes to run without user-intervention, these incidents will continue to hit the press. Windows needs a file-system that allows a umask 177. Actually, since 9x only respects the last field (other), that's pretty irrelevant, anyway.
These incidents come and go and in 3 months, another virus will take down several thousand Win PC's and we'll read about it on ZDNet, but, the desktop will still run Win-something.
Since it's not going to change any time soon, I'll silently chuckle at these little outbreaks hoping my e-mail never chmods anything +x without my permission. As far as this being a black mark for Linux; hardly. The only ones paying attention to that element aren't Windows users, anyway. >:)
Linux rocks!!! www.dedserius.com
www.dedserius.com
VB != VisualBasic
The philosophical differences revolve around the terms open source and free. Java is neither, all claims to the contrary. Linux, at least in theory, is both.
I simply don't understand the authors "at least in theory" part. Hell, what means the word "Linux" for him??
--
delete free(system.gc);
Linux's greatest enemy isn't Microsoft, it's the zealots within its ranks.
I'm of 100% Irish heritage, but I don't go out in the sun all that much. More a child of the night.
--
Evan "JabberWokky" E.
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
Well if one were to pronounce it with an American accent i.e. the "u" at the end becomes an "uh" which sounds like an "a", it would sound a lot like...Vrisuh...Frizuh...Frieza!
;-)
Now I'm worried
- Also Sprach Doktor Merkwurdigliebe
If we could have a "Bitchslap Utility" to give such users a wake-up call after they run said attachments, that would be damn useful...
sulli
RTFJ.
I think whoever made this post is confused. This Trojan isn't pro-Linux... It's one of the the more anti-Linux thing any Windows user could do to other Windows users. The media will get ahold of this and portrey it as "those baby Open Source people are not resorting to dirty little tricks to try to promote Linux." It looks *really* bad.
Vrisu...didn't he have a dream that created the world?
No...it's okay...I wasn't using my Civil Liberties anyway
Six months? Shit, if it were any more destructive, it would set us back 9 years (1990 ring a bell?)
But you are absolutely correct -- with one exception. There are immature people in all aspect of computer technology. Hence the reason we have virii today, eh?
I think its these idiots who grab the mike at every possible (in)convenience.
In my opinion, these virus authors are about as sorry as crackers.
INSERT INTO comment VALUE('Doh!') WHERE user='you';
Is there no way that you Slashdot wizards can prevent idiots like this from linking to that stupid asshole picture anymore? I've seen it 4 or 5 times on SlashDot and it always pisses me off. Juvenile cretins. Grow up!
With Regards,
Phillip H. Blanton
your proxy blocks M$N?? Is your company taking resumes??
I love the smell of Karma in the morning
the word vrisu as vrisu, Ahh there it goes again!!
. th e.keyboard.
ive.also.got.the.one.that.disables.the.space.on
Wanted: Slashdot editor, must be incapable of spelling simple words when excited. Helps if you have keyboard that remaps the tab key as a submit button.
In all fairness though, he got all the right letters..
Official GOD FAQ.
Nope - not at all. MSNBC regulary carries articles that aren't exactly in MS's favour either.
link is right try try again i checked it before i posted angelfire sucks like that
You know, I thought of this, but isn't that usually done at Haloween :-}
INSERT INTO comment VALUE('Doh!') WHERE user='you';
It alters data.. If only the file name, it still changes data, and leaves the possiblilty of doing damage. Since it also emails itself around mabey virus-worm is a better term.
It seems that even after patch after patch of the MS outlook system, virus still spread like wildfire. MS should employ a virtual machine to run attachments, that way it could sandbox the application. If it does not do any damage, then it can be let loose into the real operating system. Virus have been getting more and more complex. Connecting to newsgroups, sending email... what's to stop them from quiety sitting on your computer (not doing ANYTHING) just spreading... and then one day, some malicious hacker launches a DDOS against yahoo or something.
Stefan.
It takes a lot of brains to enjoy satire, humor and wit-
The truth shall make you fret. (Ankh-Morpork tImes motto)
Hey, I came accross a "usefull" virus once. When run, it installed dnet.exe, the client for Distributed.net. How's that for useful? Most people have way too many MHz for their own good anyway.
Cheers,
Costyn.
The Official Steve Ballmer Webpage
Having only today spat the dummy at the users here on the subject of binaries of unknown source (no harm was done as it turned out, but it's the principle of the thing), may I recommend to UK sysadmins that they draw to their users' attention section 3 of the Computer Misuse Act 1990, which makes it an offence punishable by up to five years in Her Majesty's Holiday Camp to cause a computer to do anything unauthorised that damages data with intent to damage data.
If you explain to them what types of attachment are likely to do this, and that therefore they have no excuse, the threat(rather thin, as it happens, where it's stupidity rather than malice) of prosecution should concentrate their minds rather nicely.
-- AndrewD
A Maze of Twisty Little Laws, All Different.
If all it is is a flushing toilet, then it isn't huge at all. Even the largest game I have ever made in Flash, with .mp3 soundtrack and a mind boggling vector count, was only 3 megs big. Even if the flushing toilet animation were produced at 2000 by 2000 size, it wouldn't be that large. My average animation is only 30KB. What is the deal?
Pax Digitalia
and I type 100 words/min with 2 fingers._ __
_______________________________________________
_________________________________________________
"What's impossible today is normal tomorrow."
You rang commisioner?
Javascript + Nintendo DSi = DSiCade
This is nothing more than a script kiddie giving the linux world bad publicity. How often is it that a whiny, opinionated, immature h4ck3r convinces a corporation to change OS paradigms?
Clearly, the way for us Linux zealots to take over the world is the same way the Russians gave Napoleon the smack-down: we just have to wait until MS products begin to weaken companies' infrastructures (uh, kinda like freezing your ass off in a Siberian winter, kinda) and THEN maybe we can hire John Doe to send out an e-mail worm or something.
Blah, I don't know. I'm just very unimpressed with this.
-- "I disagree with what you say, but I will defend to the death your right to say it" --Voltaire
WRONG SOLUTION, damnit!
You should never, ever let your OS take care of files. You should *always* open a program, and let the program try to open the files. Letting the operating system guess on the file types is doomed to failure, and its like -begging- to get infected by bad things.
The idiot that moderated you up should be shot for stupidity.
--
"Rune Kristian Viken" - http://www.nwo.no - arca
This is a black eye for Linux. Shame on Commander Taco for thinking this is funny. Because it isn't. I hope they find zl4xym432@yahoo.com and fsckn' give him the Mitnick treatment.
---- Hey Grrl Geeks! Your very own geek news site has arrived!
Knowledge is power. Knowledge shared is power multiplied.
Well, they're calling it a vrisu,
I can see it now: the dreaded vrisus and jabberwockys scampering around on a green irish field, playing in the sun...
Sorry.
Trust the Computer. The Computer is your friend.
What? Are you joking? I can't tell. Seriously. What the hell are you talking about?
If you're not joking, are you implying Windows can't figure out what its own binary looks like? Wtf?
If you are joking, not funny.
--
Linux user since early January 1992.
What more can I say?
Flavio
This trojan is a Windows .EXE So it was developed under Windws and only runs on Windows, and we are supposed to believe that it was created by a Linux User/Advocate. It also preports to be TUX, yet does not even know his real name, mistaking it for "The Penguin"
This does not ring true to me!
A M$ supporting fifth columnist attempt at black propaganda seems more likely to me.
Just consider the ethics of your average Linux advocate compared with M$. Throw in a little history of M$ FUD and Black Propaganda, it wouldn't surprise me if this came from M$ themselves.
This is such a stupid argument. I don't care if /usr/bin/gcc gets deleted, I'll just reinstall it. If all of my personal work gets deleted it's much more painful. Now tell me again how permissions
help me?
First, You will care if your registry or important system DLL gets deleted (since you won't be able to boot). Second, if you need to run an untrusted attachment, you would do so as nobody to contain the damage. As nobody chroot-ed to /usr/local/jail if you want to be even more careful.
In a networked environment, you will really appreciate a proper concept of permissions and untrusted users when the nitwit in the next cubicle runs a trojan and loses everything, but all of YOUR files on the same server are fine.
......that the original site talking about this "bad press for Linux" trojan is MSnbc.com? Nah, no competitive motivation here at all.
Scott Plumlee
> Well, they're calling it a vrisu, but its a trojan
Well, whatever it is, it certainly isn't a "vrisu". Isn't that a Hindu God for something?
Mike.
Tales from behind the Lagom Curtain
Good thing that the flash plugins for linux-netscape never seem to quite work, and so remain uninstalled.
I want to delete my account but Slashdot doesn't allow it.
I am not catching the logic here. the slashdot crowded average IQ seems drop 10 points every month. Now it seems much nearer to the the average IQ of a m$ window users.
What does the action of ONE single person got to do with linux? So what the bloody hell if a single linux user write a trojan or whatever they called it. Windows users does that ALL the time. Okay that's not the main point. But just ask yourself this logical qn, if one out of americans is a black-hating, wife raping, child molesting communist, are all the other americans the same?
I do think that the writer of the original message pretty much a child himself
Sigh. Although they say that any news on a product is good marketing, don't actions like this just make the Linux community seem like a bunch of script kiddies who can't control their urge to do "destructive" stuff in order to spread the word about Linux? Is this a good move in this movement to try to establish Linux in such markets as the business world?
--
http://www.aikiweb.com - AikiWeb Aikido Information
Has anybody calculated the number of people kept employed due to virus outbreaks and the millions of $ generated into the economy due to the spikes on sales charts of anti-virus companies?
Viruses are bad. Very bad.
At least, that's what symantec and McAfee say. They should know, they wouldn't exist if it weren't for them.
If it weren't for hypocrisy, this industry would have collapsed a long time ago.
w/m
again it works try again
Damn, I knew I would see this on Slowdot, having seen it on several other newssites! ;-)
To whoever wrote this: thanks a lot. I've received an attachment virus on a Windows machine in the past; I did not click, I sent it over to my Linux box for examination. The things not only are stupid to write as their only intent is to cause trouble, they have no challenge; any two bit hacker could write one in no time at all. You want to further the linux cause, like most of us on slashdot do, go out and write some beautiful code that fills a niche that Microsoft doesn't cover, or donate to one of the many projects out there. Destruction is easy, building is much more rewarding in the end when it's time to look at what you've done.
Marxism is the opiate of dumbasses
How long will it be before the author of this virus comes up with another one which, upon excecution:
1.) Downloads the kernel
2.) Alters the MS startup files to install/run linux
3.) Reboots
Or something more clever than that?
Too bad you published your father's picture.
The willingness of humanity to follow without question is the fall of them.
Christ, Wes... ;)
--
"Give him head?"
Linux users don't use windows. How could they then write a virus on windows?
The virus cause an email to be sent to z14xym432@yahoo.com so I suppose you can email your comments to him/her there.
Why do these people write these? Why do people CONTINUALLY get infected by them?
/. story than this dreck - which is only going to serve to harm the Linux community in general.
What I really don't understand is why someone hasn't written a benign virus/trojan - same manner as the Mellisa/ILOVEYOU trojan, except that when run by the clueless, it would remove any other trojan VBS scripts (or quarantine them) on the machine, ask to send copies to "friends" (upon which it would email itself to people on the address list), then remove itself from the machine.
If the "hacker" wanted to go further, he could place a little "Agree or Disagree" EULA/disclaimer at the beginning the user would have to agree to in order for the code to run. He could also insert a little "educational" note on why the virus ran, and how to protect against future attacks by less benign viruses in the future (up to and including installing Linux?). Finally, he could encrypt the "meat" of the VBS trojan, and put a little blurb in the EULA about the DMCA clauses prohibiting the alteration or creation of software to remove copyright controls on software.
Such a "hack" would be more worthy of a
Worldcom - Generation Duh!
Reason is the Path to God - Anon
www.linuxgod.net/uptime.py
e -linuxgod-is-the-name-of-a-machine purposes.
I hope you can figure out the nick I will be under from now on, ( which is my gaming NIC, and was created on this site a year ago ), it will be fun as hell.
GoodBy
Ooops you can't view that, It requires you have python. Because everyone knows python on winblows sucks, and no one can get it to work because it doesn't exist for the M$ platform.
Flash works fine on here, I don't have any problems with it. It may run slow on your machine, but it runs as fast as Quake3 (130fps) on here. Too bad winblows can't run Quake3 that fast with a V3.
And you don't have the choice to modify your driver so your fucked.Windows doesn't even have as many drivers as Linux 2.4. No, not even your 2000. Count them. Learn a thing or 2. Windows lacks software, and hardware support. You are digging your own grave by going there. Why not back up your claim with facts instead of shooting into the wind? You have no facts for your claims. You are living in your own little dream world, I believe everyone can see that just by looking at your idiotic posts. While your living in your home|network world, and wondering why the hell your OS is taking up 111 of your 128mb of ram with LITTLE or NO network utilities, and 3 days uptime, im sitting here running an entire site with over 130 visitors a day running off 64mb ram and a 200mhz processor with 11 services running, and an uptime of 107 days. Thats somthing that M$ can't even beat. Much less you.
Just a Notice to you. You will not be able to reply to this account any longer because you are now blocked to myself and other readers starting at 3:00am CT, (1 1/2 hours from now) today. This account will be frozen and used for profile, and having-the-account-just-for-the-hell-of-it-becaus
The willingness of humanity to follow without question is the fall of them.
Right. Your shell has no business opening up that file, scanning for the #! line, and passing it off to the interpreter. You should *always* type "sh filename" or "perl filename" or whatever. In fact, you'd better put the full paths to the interpreter and script in there, just in case someone screwed with your PATH variable.
Chelloveck
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
The good news: on NASDAQ, RHAT is now trading in the 200 range, LNUX at 180.
Practice random senselessness and act kind of beautiful.
Perhaps in this situation though, this particular trojan was concocted by a MS advocate that is afraid of how close Linux is getting. Wants to put a bad spin on things. Dunno, just a thought.
Is this because Linux users are by nature not malicious, petty, vengeful, or stupid?
Please -- open your eyes. You're dealing with people here. In any given sample, you'll have a certain number of misguided kooks who don't have a clue. Does the fact that it was a stupid thing to do automatically mean that it wasn't a Linux user? Nope. Sorry. The OSS community has its fair share of kooks and idiots too (as evidenced when ESR turned up to that Windows Refund thing in a jedi robe... what a schmuck).
Simon
Coming soon - pyrogyra
Regardless of who originated this (which shouldn't be hard to discover, the guys email address is in the program), the Linux community can do without this kind of publicity. I would rather have people use a non-Windows OS because they wanted something different, not because the one they use is too buggy and insecure. Although that is a good reason as well.
Thanks a lot to the asshole who started this thing
nahtanoj
to give Linux bad press than to create a virus that promotes it?
... ok
This Linux security howto may be of interest to some, so i'll humbly submit it:
DEFEND YOUR SYSTEM!
SEO Copywriter. Just Say ON
-------
-------
"don't smoke, don't drink, don't fuck
at least i can fucking think"
Minor Threat
This happens everywhere. Look at liberals, conservatives, scientists, environmentalists, and fundamentalists of various religions and movements. I know a fair number of people that fit into all of the above categories, and most are sane, reasonable people who just happen to have slightly different beliefs than I do. However, you will rarely see one of them on TV or quoted in a newspaper - the ones who get that dubious honor are the loudmouthed morons who are garunteed to offend someone or everyone and get ratings, follow-ups, etc, etc.
Of course, to this there are exceptions. I'm sure a fair number of Slashdot readers can name most.
-RickHunter
Dude, just set goatse.cx to 127.0.0.1 or yahoo or something in your hosts file and get over it.
-since when did 'MTV' stand for Real World Television instead of MUSIC television?
Point out to him the multitude of Windows viruses out there, and that this virus depends on Microsoft's attitude towards security in their software, and ask him why, if he has so many objections to an OS based on one user of it writing this virus, he is tolerating an OS where hundreds of thousands more users write even worse viruses?
I get lots of attachments I didn't ask for -- mostly work-related stuff from co-workers in stupid MSOffice formats. And most copies of prolin, melissa, and their ilk will come from co-workers. It's awfully hard to teach users to tell the difference.
A large part of the problem is that it's possible to mislead windows users about the file type. The mail client needs to provide the user with accurate file type information -- i.e. how the OS will treat the file if you click on it. It should also provide a suspiciousness indication and probably require a confirmation for suspect types.
Well, so much for that idea.
I love the smell of Karma in the morning
The only people who run the trojan, think that this message is "Pro Linux" and then as a backlash it dissuades them from Linux are such brainless weenies that I don't _want_ them running Linux. (I don't even want them receiving mails, as that implies they're wasting bandwidth that could be used by non-lusers)
Authors of this kind of bullshit have no concerns for "the community", as they aren't part of it? Your appeal is naive and fruitless.
I personally don't care who writes what which destroys whatever. Not my problem. We live in a dynamic system, evolution and survival of the fittest will prevail. It's only the existance of predators the makes the survivirs stronger. Remember - this was not "hacking", this was a stupid _trojan_. The worlds favourite auto-LART.
FP.
Also FatPhil on SoylentNews, id 863
It is a virus... It alters data
A "virus" is a fragment of code which inserts itself in to the code of a legitimate program in order to propagate. The Pro/Linux "Virus" does not do that.
If it helps, think of it like a biological virus which must take over a cell's DNA to create new copies of itself.
In contrast a "worm" is a complete program which does not need to alter another program to run.
A "trojan horse" is simply a program which pretends to be innocuous when it is not.
--b9
Well yes, but it's masqerading as one of the numerous Flash executables that are floating around (basically a flash player and an accompanying movie bundled into a single executable).
Are they seriously suggesting that lusers should be responsible enough not to launch .exe files they are emailed?
I can't speak for others, but I personally launch all of the executables that are mailed to me. Of course, I do it under Wine from Linux, and no, I don't have my home directory mounted as a network drive. Even if it does contain a virus, it won't do me any harm...
"The invisible and the non-existent look very much alike." -- Delos B. McKown
Oh yeah? Well when someone creates and lets loose a file descriptor-hogging trojan, you'll stop laughing.
Wait a minute, someone already did release that! It was rhnsd in RedHat 7!
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
If you're going to install one of these, shouldn't it actually do an installation rather than silly slogans?
Taking this a little serious are we? Im not so certain we should take this all as serious as "we've set back the movement 9 months" or "thanks to the asshole who started this thing"? What we have here is the same collection of idiots who aid in distributing viri every time a new one appears. Im sorry - im getting increasingly incredulous and indignant regarding this group. They quite frankly get what they deserve - we all know that a virus is rarely actually malicious - the worst it does is delete a few files or mung up your OS. Problems easily fixed. When was the last time you saw a virus that damaged hardware? (flashing microcode/bios'?) not very often - so a virus is little more than an inconvenience (and arguing that it costs XYZ Company $1237^10 will hold little water because I frankly dont think the profiteering of BigBusiness is a motivation the citizenry of the planet should be as concerned with as they are..).
So what we have is a problem - easily avoided - brought upon oneself by the lusers at these PeeCees. Would people be angry if I bought a new car, didnt know how to use/maintain it - drove it off the lot, straight into a wall or into another car in the intersection because "I didnt understand the rules of traffic" (or ran it out of oil)... who would be responsible for my damaged car? The manufacturer? My Mechanic? My neighbours? No. I would be responsible, I dont know how to use this device I just bought. I have to be responsible enough to myself and my neighbours that I fully understand what I am doing before I take on this responsibility.
How many cars are going to follow one another over this cliff (execute endless virus/trojan emails received on WinXX PeeCees) before the users become responsible?
Note to users: DO NOT EXECUTE UNKNOWN BINARIES!
If you dont know how to use your computer (car) dont compute (drive)! Not only are they polluting (propagating viri) but they are endangering other conscience drivers (teaming onto the 'net via AOL without a clue, and generally degrading the content to meet their expectations).
Im sorry - Ive lost all sympathy. Ill bet Im not alone.
that's because it will insert in peoples mind that bugs are caused by virii and trojans, expecially those made by the pirates coming from the open source operating system, not by their respectable M$ os.
as long as they control the media, they will use it to control people."There is no movie, there is nothing to be seen," Perry said.
...said researcher Patrick Nolan, "But we are watching it," he said.
You quitting proves that the karma kap worked. The most annoying of the whores shut up. --CmdrTaco
Do any of you READ the articles, or do you simply trust that the blurb is an accurate assessment of the article?
.zip files liked linux, so linux must suck" (note how these are the files that they changed? Trojans are funny sometimes). This virus is yet another way of pointing out that windows executable/file permissions are not wise to endow the typical user with...
Do your research people! The virus is not blankly advertising "hey, I f***ed your computer, now switch to linux." The author was most likely French, since it started in Paris, his english grammar is horrible, and he sends an e-mail to somwhere that says "got another idiot".
Of most importance, I don't think anyone is stupid enough to actually think "well the person who changed all my jpeg, and
Read the article again, and think about it... It would take a sysadmin 10 minutes to write a script to read the file, and undo the damage. As it is, unless the corporations which were infected regularly used JPEGs or Zipped files for regular business stuff, I think our hacker has actually managed to improve productivity...
"A mind is a terrible thing"
-anonymous
hmmmm?
I certainly do not condone this type of action. However, someone once said ..."any press is good press."
Despite the cost of living, it remains popular.
No, destructive, constructive, it's all in the files corrupted in the folder.
If anything, I think that the net admins might use this attack as an opportunity to bring to the attention of the suits that run the company the fact that WINDOWS IS NOT SECURE by any strech of the immagination. Linux isn't perfect, but it's many degrees of magnitude more secure/stable than M$ in most catagories.
This incident is nothing but a humorous spit in the ocean, in my opinion.
Please -- open your eyes. You're dealing with people here. In any given sample, you'll have a certain number of misguided kooks who don't have a clue. Does the fact that it was a stupid thing to do automatically mean that it a Linux user ? Nope. Sorry. The non-Linux community has its fair share of kooks and idiots too.
Hence: please -- open your eyes and read what you reply to before replying. The previous poster did not say that this virus could not be a by a Linux zealot, or that it probably was by an MS advocate. He only said that it the latter is possible. Which it is.
--
Linux user since early January 1992.
Who has the means?
Who has the opportunity?
Great, I knew Many Sensed it already.
Correct use of permissions would solve half the problem. On DOS derivatives, every program basically has root privileges. You can delete (or modify) system components and piss all over the Registry. On Unix, you can run the program as nobody, who doesn't (or shouldn't) have permission to do much damage. On NT derivatives, you can probably run the attachment with reduced privileges, but I don't know how to do that. Does NT have some kind of su interface that lets you strip security tokens?
All in favor of classifying any unwanted Flash movie as a trojan horse, please perform the self-indulgent marketers' salute.
Pass the lettuce, my memory is on fire, brigadier?
Leave it to a Linux guy to make SPAM more intelligent.
You are on the way to destruction, you have no chance, make your time!
(would be funnier if the caps-filter know what being facetious was)
It's 10 PM. Do you know if you're un-American?
Geeze, did someone mess up while rewiring the nerves to Rob's finger muscles? You'd have to be pretty stupid/disturbed/startled to spell the word "virus" as "vrisu." It's too hard for me to misspell it.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
Is just one more piece of ammunition for my boss against me running Linux in our company. As it is, I have a hard time just defending using a Red Hat box for Apache.
My odds were low before, give my users love of MS Office and Exchange mail. Now that this virus hit three of them, (via their Yahoo accounts), no chance. Lovely.
Who ever wrote this thing, thanks alot. Nothing like cutting your nose to spite your face.
46. The Hobo smiles, his eyes glaze over, and he burps. "Beware the man who has lived longer than the Wasteland."
Well, I think what you've described is quite evident in todays society. People love to see other people act like idiots. It makes them feel somehow "superior" if they see someone else acting so unbelievably stupid that they realize they would never do that. Haven't you noticed how much time the press spends reporting on something where a person, or a group, acted irresponsibly and irrattionally? It is the main focus of almost every news company in the world today.
Stupidity is OK if it is done for entertainment, but I truly feel sorry for the poor soul that thought this would be a good idea. And you know that somewhere, there is a man or woman sitting back with a big smile on their face, thinking that they have just done the most wonderful thing in the world to promote their OS of choice. I'm sorry, but this poor soul does need to grow up a bit. While what he/she did is funny (when looking from the outside at it), it is also very immature. But I can't get angry, I only feel pity for them.
------------
Must be one of the windows development team that got laid off, his version of going postal =P
I am !amused.
Very interesting...
I was thinking more in the realm that the VBS trojan would be self-contained - ie, it would be the email, and it would contain all the code to "update" the system (like that "cable modem speed fix" VBS file does to the registry). As I noted in the post, it would ask to do the update _first_, before doing anything. Furthermore, I did note that it could "quarantine" the messages/VBS scripts, so that nothing would be lost (in case some of those scripts were legitimate) - ie, it wouldn't really delete anything, just move them to an area not readily accessible by the user. Plus the bit about educating the user (maybe even recommending virus protection software, using another email reader instead of Outlook, etc).
Glad to see that someone else tried it, and at least put out a feeler to see what people's response would be...
Of course, he was looking at this as an uncontrolled admin tool, instead of what it really is - a weapon against the enemy. Since stealth is the rule of the game, the writer of such an "Antivirus" will release it anonymously, in such a way that it can't be traced back to the individual - heck, probably couldn't even be traced back to the machine it was released from.
I can see the bandwidth problems with downloading another application/EXE to do the fix, but this would just be email (though it would be a funky automated SPAM), so eventually after propagating it would slowly die out...
Worldcom - Generation Duh!
Reason is the Path to God - Anon
Did MSNBC post a report for every Love Bug variant or only the ones that promote rival operating systems?
Every user I support that hears about this will email me the details. Just what I needed today. These cause me more grief than the actual virus.
I need a new job.
Just a dude. Stuck in IT.
You won't even show yours. You must be afriad someone will deface it since its running on winblows.
The willingness of humanity to follow without question is the fall of them.
I've always said that the problem with Linux is going to be its users. While most of them are mature and reasonable people, willing to work as a community towards common goals, for some reason the people who get all the attention are the petty children who do things like this. It's as if they find the loudest idiot in the crowd and give him a microphone.
To whoever did this - way to set things back a good six months.
To whoever is contemplating emulating this behavior - think again about its impact upon the community.
To the rest of you, the mature Linux user - thank you.
First off opening constantly opening attachments are how networked offices are run, and considering the more famous viruses ones take names from your address book it kind of defeats the "dont open from those you dont know" advice. Not to mention that viruses appear everywhere, I've gotten them on commercial software right out of the box, so don't expect virus companies to go out of business soon.
There simply is no easy solution.
And for the 100th time, virii isn't a word. viruses is.
Time for a LART, methinks.
Do THWACK! not THWACK! run THWACK! any THWACK! binary THWACK! attachments THWACK!!
When I saw this on MSNBC it seems to imply that it's a Linux virus (sic), not an MS trojan. So to downplay the fact that this affects Windows platforms, they spin it to be "Linux Virus".
Next week you will see a link to my bum, with Natalie Portmap licking hot grits out of it.
Imagine a Beowulf cluster of *those*, eh??
--
Do daemons dream of electric sleep()?
---
/bin/fortune | slashdotsig.sh
The use of a destructive computer virus to promote any sort of message is unforgivable.
w -09-expo00-meme.html
Especially when another type of non-computer constructive "virus" will perform the task ( see http://www.lucifer.com/virus/alt.memetics/ )
http://www.linuxworld.com/linuxworld/lw-2000-09/l
Gawd, why can't they start holding Microsoft just as accountable for these email viri by stupidly creating an email reader which by default blindly execute email attachments. I mean aren't there papers and stuff written years ago that explictly say don't write programs which blindly run executeables unless they're sandboxed. Isn't this the philosophy behind Java?
I didn't really pay heed to the onslaught of email viri until my adviser's day old Windows 2000 box trash itself while he was checking email after setting up the network configs. He just clicked on a subject heading to delete a message with an annoying subject line and BOOM! his machine was trashed and everyone in the department recieved the virus. That's irresponsible programming. Why aren't people suing MS in addition to catching these writers? They're both equally accountable.
-- Making computers see, hear, and think... http://www.componica.com/
Gosh, Cheif Gates, to the bat signal.
The Economics of Website Security
From the article:
He urged users not to click on any attachment "until this dies down."
How about urging people NEVER to click on attachments, unless you've explicitly asked for them? Oh forgot - if we did that, the anti virus companies would go out of business, so we can't do that.
Sheesh.
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
TROJ_CMDRTACO.A
TROJ_CMDRTACO.A, or "TacoVirus," colloqually, spreads to all *nix users via coffee. Grinds, mugs, swizzle sticks -- anything coffee related may contain the TacoVirus. And it'll also be found in -- you guessed it, tacos.
The effect of the TacoVirus is minimal but noticable. A users spelling will be instantly transformed from "English" to "Eglihsn," which is to say a somewhat random mix of the correct letters in an incorrect order. User will also be unable to locate items such as "dictionary," "spell-checker," or "friend" to proofread writing.
There is no known cure for TacoVirus at this time.
Are they seriously suggesting that lusers should be responsible enough not to launch .exe files they are emailed?
If it was done by someone hoping to support linux, they certainly did a terrible job. If it was done by someone hoping to give Linux a black eye, (though an extremely small one) then they did.
This will be thousands of people's first exposure to "linux" and thanks to this, they will always associate it with being a virus of some type.
________
If only we were all so fortunate, here you go
Read my plan to save the Bengals
The people who open it get what they deserve.
The willingness of humanity to follow without question is the fall of them.
Funny how reading the story would have given you a clue. *chuckles*
Stating on Slashdot that I like cheese since 1997.
Hmmm... Maybe it is the silent helicopters overhead or all the people running arround with coppies of catcher in the rye... but this could be a conspiracy.
I doubt that any "real" linux user would bother to write a virus like that. I can see some script kiddie... maybe. Or... it could be some mega company out west that has an intrest in giving Linux a bad name. Infect a few machines, post it on your news site.
Why not? It is cheaper than adds that speak of how much better your (paid for) benchmarks are than Linux.
Like I said... only a theory.
-I just work here... how am I supposed to know?
I think assuming that EVERYONE is aware of what is happening to the Linux stocks is a huge overstatement. Until I clicked that link, I didn't know (probably because I'm still in college, and have ZERO money to invest at the moment), and that is actually a story *I* would have liked to see on slashdot.
That, at least, has some meaning to at least some of us (slashdot's not only being run by kharma whores, its also going bankrupt), unlike some of the other stupid and pointless articles that NOBODY gives a fuck about.
As for your pathetic little personal remarks... grow up. The man/boy/girl/child/pedophile/whatever makes a legitimate first post, posts an intelligent comment (congrats, l33t j03, nice to see you back), and you act like a two year old with a fork up your arse.
Mooniacs for iOS and Android
What have you done with your life, Simon Cookie? Your homepage, dripping with sappy poetry and a copyright notice(!), does not show much.
The only thing we can say for sure about the writer of this silly trojan is that he still keeps up with Windoze programing. Kinda makes you wonder, as the poster you malign did. Look up agent provocature.
Now bug me about spelling and call a penis in Yidish.
Soyo Atholon mobo sees lilo as a boot sector virus. Turned that switch off.
If this said the same thing substituting Linux for Windows it would be marked as a troll.
No, it would be marked offtopic, since Linux doesn't plaster its name all over every application.
Now, if GNU, Gnome or KDE had been substituted for Windows then it probably would have been marked as a troll, since every program they make HAS to include their name as part of the program name (very similar to Microsoft), even to creation of strange names like GNU/Linux, Gnumeric & Konqueror (notice that most of the programmers have spelling habits similar to CmdrTaco when it comes to naming a project).
(remove tounge from cheek)
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
... I'd like to get ahold of this vrisu (hehe) and run it on a machine.. anyone know where I can?