Slashdot Mirror
Death To Virus Writers
davemie writes: "Looks like everyone is out to get the virus writers now!.
But it sure is funny when a friend double-clicks on that latest virus and sends everyone in the company a copy.
You get to slag him/her off for the rest of the week :-) 'Virus writers are the lowest form of life. AnchorDesk's David Coursey says we should put them out of their misery with a
quick, permanent solution. Why waste time and money with due process?' I spent a total of an hour and forty minutes on hold making two different calls to the ISP which serves my mail. Both times the polite phone reps I eventually reached were shocked to find that there was an Outlook-borne nastiness filling up customers' mailboxes.
If you want a real party, invite trolls too.
I left a DNA sample in the last virus I wrote. Boy, do I feel dumb.
The author makes the argument that, on the grounds that they perpetrate an economic crime of huge proportions, it's OK to kill virus writers.
By the same argument, would it be OK to kill off the lawyers, too?
What about MSCEs?
Actually, no, they're part of the metadata stored in the filesystem (along with creation/modification date, etc).
They are part of the resource fork.
That sounds like an intelligent way to do it. With this I imagine you can't confuse users by just putting a fake extension on the filename in the hopes that someone will click on it and run it.
Put virus writers and spammers into gladiator contests. Once they've whittled down to one surviving spammer or virus writer, shoot him.
--
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
Office XP goes even further than that. I was thrilled to find that the default installation completely blocks a lot of types of attachments, including exe's, vbscripts, etc. You can't even open them if you want to!
See that is exactly the wrong thing to do! I know what the hell I'm doing and I want the ability to save attachments if I want, regardless of extension!
Prevent me from running direct, I don't mind that. But preventing me from saving an attachment because of its extension? Come off it!
If you need to send an exe then put it in a zip file, not really that difficult to get around...
wrong answer. There is no technical reason to require such action. Sure you could do that. You could also avoid the problem by not using outlook. It's not really that difficult to get around...
The solution lies in either not allowing execution (but saves), proper sandboxing, or doing something like the old Thunderbyte days: heuristics!
- MAPI functions...check
- Addressbook access...check
- Unusual Recycle Bin access...check
There's enough there to raise a flag that this attachment may be doing something funky. Maybe let the user know that the program is going to access the email subsystem and let them make the choice.Viruses have just lost their mystique. I remember my Dad telling me about Michelangelo back in the 80's. I remember being so impressed that something so devilish and evil could really exist.
Actually Michelangelo wasn't all that ...evil... just thorough. It started wiping at 0,0,1 and kept going. If you caught it in time you could recover from it. I actually made a bit of money back then with a partition scanner program I wrote (I was 12-ish at the time and way into assembly and viruses).
Now a virus that intrigued me at the time... Whale.
Ah. In other words, "suck it up".
One *could* hold the view that viruses (virii?) are a sort of public service. They can be considered an attempt to discourage live data (i.e. shipping around executables and expecting the receiver to run it), to promote good backups, to practice safe computing (do I *really* want to click on this link?), and so on and so forth.
Considering the MicroSoft has, apparently, successfully trained the average user to accept buggy software (that crashes the system, demonstrates many security and privacy holes, etc.), it is reasonable to desire some sort of countermeasure for breaking such habits.
Pick One: http://www-rohan.sdsu.edu/~stremler/sigs/sigs.html (Note - disable Javascript first!)
Whoops, guess I read that wrong, but hey it seems to work anyway...
The revolution will NOT be televised.
Yup, and it would never make sense to write complicated elisp macros and store them in a document (you can do this, btw - the auto-execution is disabled, however).
Your opinion that scripting what is a glorified edtior is useless belies a complete lack of computing maturity.
--
a swimming pool without a fence around it, next
door to a public elementary school...
how do they manage to cost *you* time? They don't
cost me any of mine...
Anybody actually use the imbedded elisp code in Emacs for anything useful?
I doubt that Coursey actually made that paragraph up. It sounds as if he lifted it whole from some other rag, or maybe from a political pamphlet that somebody handed him in the elevator. But, as I skipped over this gush of babbling rhetoric, I ran head-on into that incomprehensible concluding phrase, "the occasional potentially innocent person."
I think that this is supposed to mean, "wrongly convicted person", but, if so, why not say so? "Potential" means, "not actual, but could become so", and the mind boggles imagining how someone could be "potentially innocent." This would have to mean, "currently guilty, but able or about to become innocent." I can understand going the other way, in that "I am potentially guilty of shooting David Coursey for propagating inane English, more dangerous in its way than any number of email viruses."
Hmph. The guy is just duckspeaking to fill a column. His words are strung together the way they are because he's heard them that way somewhere, not because they represent actual thoughts. Charity would allow a possibility that he does have actual thoughts to represent. However, I'm not that charitable.
I feel your pain, Mr. Vice President.
I can just see it now -- one Navy SEAL to another: "You mean we made it through BUD/S so we can snuff pimply-faced pencil-necked geek kids??"
"How many light bulbs does it take to change a person?" --BMcC-->
I can just see it: A "Special Presidential National Security Finding" or some such that gets virus writing equated with more conventionally understood varieties of terrorism. Somewhere, late one evening, four black-clad operators slip silently into a house, shoot the dog with a suppressed .22, and disable the house security system. Down the hall, in a bedroom, a teenage boy is working on uploading his latest bit of MS Word or Outlook hell. The plastic bag full of ether-soaked paper towels descends swiftly and soundlessly over his head.
His body is never found...
"How many light bulbs does it take to change a person?" --BMcC-->
I agree with 90% of what you're saying here. But I believe MS deserves special credit for the virus plagues we've seen.
Why? Because the vulnerability of MS machines to viruses is a direct result of business considerations colliding with technical/security ones, and the business considerations rolling over the others.
MS's whole schtick is to leverage dominance in one product to another. That's why they're so into integration. It just doesn't make any sense to have an email program automatically open a file that someone sends you -- at least not for many kinds of files. And it doesn't make sense to have complex vb macros in word processor documents.
Think about how much pain office macro viruses have caused, and how little benefit the average person gets from them. One user in 10,000 probably writes vb code to manipulate office documents. I'm not saying don't make word scriptable -- let people program it through COM. But that would put Delphi on an even footing with VB.
Despite the flames you read here, MS has some of the smartest tech people on the planet. Plenty of people inside of MS knew it was stupid to make an email system that would run programs that come in through the email. People outside of MS complained about it from the start. But the business logic won.
As far as I'm concerned, they don't get nearly enough grief for this stuff. It's different from a buffer overflow in IIS. That's an honest mistake, and you're right, there are plenty of those in Linux.
MS's decision making process about security is corrupt. You can see it in these macroviruses, and you can see it in their lame explanations for why they're pulling Java out of the OS. The security policy dances to the tune of the business logic people. They don't care about the billions it costs their customers.
I know they fixed the outlook hole. And I would even say that they have the right to leave java out, as long as OEMs have the freedom to put it in. (Whether or not they really do -- contract aside -- remains to be seen. If I were at Dell, I'd be afraid of po'ing MS, no matter what their press releases say.) They are getting better on security. After years of outlook viruses they plugged the hole -- for the small percentage of users smart enough to dl the patches.
Let's roast them for their real problems. Because when the press gets bad, they do respond, and that will make the world a better place. As everyone who uses the product knows, the MS-SQL Server story was BS, a cheap shot. This is proof that there are still plenty of fair shots to go around.
They do have this, however, you have to upgrade to Office Security Patch 1/1a, and then possibly apply Office Service Pack 2. However, most people never bother doing this, and their website doesn't exactly make it easy to obtain these (let alone figure out what exactly it is that you need).
The easiest way to update installations of Office 2000 and Office XP is to go to http://office.microsoft.com/ and click on Product Updates in the upper right hand corner.
It will scan your machine and tell you what updates you need to install, much like Windows Update does. It's a very handy tool, especially for those of us in IT, when we can't remember exactly what patches were put on which disk images...
---
When in danger or in doubt, run in circles, scream and shout. --Robert A. Heinlein
And those extensions are quite invisible, unless you use a special file utility to see/change them.
--
Or heaven forbid we could just use email for mail and ftp for file transfers
I always take this time to remember why when you are fighting a big fire you burn little fires to make a fire break.. it uses up all the fuel a big fire could use to cause mass destruction and helps steer it away from the important things. All these little hacks, viruses, and so forth are responsible for most the security improvements made and are offering at least some protection against massive netwar attacks and various other nasties.
The fact that many companies refuse to protect themselves even after many threats just goes to show how stupid they are and how much they deserve to be the grass that burns to protect the others. I never feel sorry for such idiots.
In the decade or more I've been online I've only had one machine catch a virus and that is because I had the urge to install a few thousand on one pc and see how they'd effect each other. In all the time I've been running networks only once did I have one get cracked and that was due to the companies refusal to change their method of doing things in order to be more secure.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
--
I hope we shall crush in its birth the aristocracy of our monied corporations
And I'd be a Libertarian, if they weren't all a bunch of tax-dodging professional whiners.
Berke Breathed
Who on earth would believe that in this day and age, after all the big viruses like Melissa and I Love You and Anna Kournikova and Naked Wife and I don't know what all, that got major media coverage . . .
. . . people would still be stupid enough to open files attached to an ungrammatical message from someone they didn't even know? I mean, what's up with that? Obviously, peole aren't getting the message. If they were getting the message, I would not have gotten at least two dozen random document files in my emailbox in the last few days, all of them asking for my advice. (I always reply, "My advice is to run a virus checker, and not to open any more strange attachments"--so far I haven't heard back from anyone; I wonder if the emails even get through?)
I mean . . . what can you say? I never got any I Love You emails. I get a new SirCam almost every time I check my email. If I were to draw a conclusion just from strength of numbers, I would have to guess that people are getting more stupid as time goes by!
Yes, it's easy to blame the virus writers; yes, it's easy to blame Microsoft for the security singularity that is Outlook. But none of these viruses would get very far at all if people would just use a little common sense about what files they opened! I mean, geez, I knew not to open strange files just from BBS days, before I even made it to the Internet. Why don't more people these days?
Sigh. I suppose I shouldn't be so surprised by this. I see enough rampant stupidity in my part time job as a K-Mart cashier already to realize the truth of that old George Carlin line. But it seems like every time I turn around, someone else is reminding me . . .
"You know how dumb the average person is? Well, by definition, half the entire population is even dumber than that!"
--
Editor Emeritus and Senior Writer, TeleRead.org
With all due respect, and not wishing to inspire a flamewar, I'd just like to advance my opinion.
I don't believe hidden extensions are acceptible in a windows environment.
hanzie
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
Why not just stop using Windows and/or (especially) Outlook? Keep trying to protect yourself against MS products, you have a life-long uphill battle ahead of you. Jeez, if you can't give up Windows, use Eudora. It works better than Outlook and it's reasonably safe.
I can't believe people are still willing to get hit with this kind of crap over and over and over...
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
That'd be a damn shame if she had no BUTT as you say... :)
It doesn't mean much now, it's built for the future.
Person(s) responsible for virus-writing should be held in jail for an amount of time to make them think twice about it. But actual killing is silly, but makes for humourous articles.
It doesn't mean much now, it's built for the future.
> I'm not sure viruses are any different -- we just need to secure our damned software.
Right. As someone pointed out yesterday, the federal idea about making software more secure is to fund an army of prosecutors. But what the heck do lawyers have to do with software security?
I suggest the opposite: legalize cracking. The h@x0rz would have a field day for about a month, but after that the world would be running (fairly) secure software, and sysadmins who don't have a clue will be sacking groceries.
--
Sheesh, evil *and* a jerk. -- Jade
I use MIMEDefang with Sophos antivirus for linux, and it works great. To keep the dat files up to date I subscribed to the new virus announce mailing list, and when procmail sees an email from Sophos, it downloads the new dat file.
It has stopped all of the Sircam mails that we have received here.
You would think that MS would have put in something to stop this by now. Maybe a "are you really sure?" "are you really really sure?" type nested dialog boxes...
Office XP goes even further than that. I was thrilled to find that the default installation completely blocks a lot of types of attachments, including exe's, vbscripts, etc. You can't even open them if you want to! The only way around it is to edit the registry. Now, don't get me wrong, I don't want the junior users editing the registry either, but at least it's a step in the right direction.
What's your damage, Heather?
Each word doc has a GUID attached with it. The author of the Melisa virus didn't remove his, making him very easy catch (same GUID on documents on his website)
I've never heard of anyone including an personal email address, though.
ReadThe ReflectionEngine, a cyberpunk style n
A corporate organization should have a more extensive virus solution than just protection on the client desktops.
I can assure you that the Norton AV Corporate Edition plugins for Exchange Server caught and quarantined quite a few messages in our site and those we manage. We've seen no evidence of infection on any of the PCs. I feel that anything less than virus scanning at every level you can afford is irresponsible in a corporate environment. For the example of mail server protection, programs exist for most major mail server software packages to handle this.
I know you want to say that this doesn't help the home user, and you're right...it doesn't. But, a locked-down corporate setup was your example.
"That's Tron. He fights for the Users."
AnchorDesk writer David Coursey probably also advocates that Ralph Nader shouldn't have gone after Ford about the Pinto, and instead should have written an article called "Death to Bad Drivers who Rear End People!"
Give me a break. It's not the virus writers that are the problem -- it's a shortcoming of the infrastructure in place that allows them to happen. We've got to focus on working to fix that, and it'll take time to do.
If the new Ford Focus has a remote keyless auto-starter that can crash and leave the car unstartable by any kid with an RC car controller, who's at fault then?
(For that matter, if someone started a chain letter telling people to first mail copies to 10 of their friends and then to pour a bag of sugar into their gas tank to reduce emissions, who's to blame then?)
"The first fact to face is that UNIX was not developed with security, in any realistic sense, in mind; this fact alone guarantees a vast number of holes. (Actually the same statement can be made with respect to most systems.)"
-- Dennis Ritchie, 1979
o/~ Join us now and share the software
I'm so scared I'm shaking in my jungle boots.
Best Slashdot Co
That's my story, and I'm sticking to it.
Best Slashdot Co
It is interesting to note that virii and trojans are a part of cyberwar. So a Presidential Finding sending out the assassins is not that far fetched.
Best Slashdot Co
From: NISA CIRT
Sent: Thursday, July 19, 2001 8:04 PM
Subject: CIRT ALERT: Web Traffic Limited to Military Sites Only
** Unclassified - For Official Use Only **
As of 1900 hours, 19 July 2001, the Joint Task Force-Computer Network
Operations (JTF-CNO) has ordered that the DoD gateways be disconnected
from the Internet on TCP port 80 (protocol http) from now until a time to
be announced. The reason for this outage is the proliferation of the Code
Red worm.
All traffic between military installations will continue without
interruption. However, access to domains other than *.mil will be
limited. This restriction means that connections through a commercial
ISP, such as AOL or Earthlink, will not be available. Your military
organizations web-based Outlook will not be accessible from a commercial
ISP. Furthermore, if you are connecting from your office, you will not be
able to access *.com, *.net or other non-mil domains.
Any questions regarding this outage should be directed to the agency or
service CERT or JTFCND.
** Unclassified - For Official Use Only **
Best Slashdot Co
Not even
Instead, death after a year of torture. Recorded on film, and shown to teenagers on the first day we give them access to Visual Basic. Sorta like driver's ed class.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Winmodems, scanners, and funky all-in-one printer type things still are lacking in Linux. Quicken still rules the personal finance manager market -- GNUcash may be getting up there in the straight accounting category, but it can't connect to E*trade to download information, show as many nice graphs, etc. If quicken was fully ported to linux it'd bring linux significantly closer to the desktop market. Games would help alot too, but I understand that there are many more technical issues there.
Viruses have just lost their mystique. I remember my Dad telling me about Michelangelo back in the 80's. I remember being so impressed that something so devilish and evil could really exist.
I suppose that's why I became a programmer.
No, wait. It was for the babes.
Freakin script kiddiez.
Attention deficit disorder is a complicated issue, spanning several major... HEY LET'S GO RIDE BIKES!
"It's like having a pharmaceutical company releasing a plague so that they can sell you medicine."
About 15 years ago I worked for a company that
"fixed" cable TV boxes. One branch of the company modded boxes after exploits where found and the
other branch made and released exploits into communities. It's a real profitable business
model.
AdFuel
Someone always has to be first. If the first 42 don't post and/or get killed, you are the first and you will get killed. Sorry, it was nice to know you.
This sig under construction. Please check back later.
--
150 Opening BINARY mode data connection for slashdot.sig (129323052 bytes).
This is about as idiotic a reply as any I've ever read here. This is akin to saying that a thief isn't responsible for stealing because your house isn't protected well enough, and gee, he really needed that 20th TV.
The fact that security holes exist in software is NOT the problem, unethical, destructive criminal behavior IS the problem. Virus writers are responsible for their choice to inflict the results of their actions on millions of potential victims, causing millions of dollars in lost work time to companies (owned and staffed by people, this raises the price of the goods and services YOU pay for) and governments (paid for by YOUR taxes, raising the cost of our already very expensive government).
Virus writers ARE THIEVES on a much grander scale than the amateur who breaks into your house and takes your TV. It just isn't as personal a violation. The tendency to off-load the blame for bad (in this case criminal) behavior onto society (in this case the authors of non-secure software) is one of the most wrong headed notions of our time.
d4,...,Nf3, or maybe I should use a Ratfaced Mcdougal?
Sadly though, I have co-workers who whould write a sentence similiar to that line.
The DMCA bans distribution of TPM circumvention devices absolutely, without regard to knowledge or intent. It treats circumvention devices on par with stolen property in this regard. Since Sircam forwards one file off of your computer it circumvents login and read permissions that control access to a copyrighted work.
Thus everyone who executes (falls victim) to the sircam virus is guilty of a 1201(b) violation for distributing circumvention devices.
Obviously anyone who receives the trojan email has a cause of action, but actually anyone who uses the TPM in questions does too. That is, everyone who uses a computer that is susceptible to sircam can sue anyone who fell victim to it (in addition to the person who wrote it).
Anybody know anyone at the MPAA, RIAA, or Adobe that got hit?
Yup, I agree. Poor quality, low budget humor, stealing badly from Swift's writings, glossed over some political commentary on the death penalty. Must be nice to have such a big audience to bitch to, most of us just have coworkers and family.
Don't get me wrong, I appreciate lots of humor, including a lot of bad movies and such. I have a soft spot for a lot of bad movies and books. But this one didn't even evoke a grin, just a disgusted shake of the head.
http://thechubbyferret.net - Ferret pictures and informative links.
Don't kill the virus writers. Kill the people responsible for writing "productivity" software that can be easily exploited by the virus writers......
Feed the need: Digitaladdiction.net
Hmm.. senseless crimes? Hah.
:D
Things like random acts of violence are senseless crimes, right?
Ever seen a hurricane? tornado? flood? lightning?
I think our primary target should be nature. Virus writers can come second!
--TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
Only if you truely believe every word MS utters, in which case I'd say you need to be put out of your misery.
Interested in weather forecasting?
Don't joke about it. In the UK, virus writing is already defined as terrorism because it is an action "designed to interfere with or seriously disrupt an electronic system". Studying viruses is also terrorism, since "a person commits an offence if he collects or makes a record of information of a kind likely to be useful to a person committing or preparing an act of terrorism, or he possesses a document or record containing information of this kind". By downloading an article about the SirCam virus into your browser's cache, you may have inadvertently committed an act of terrorism. But don't worry, the police won't bother to arrest you unless you do something to piss them off. Better keep your head down from now on, terrorist.
--
The witticism of concern would be more accurate, though perhaps less funny, if it read:
"You know how dumb the median person is? Well, by definition, half the entire population is even dumber than that!"
If the following were a distribution of IQs:
200 200 200 5
the average is: 151.25
and only 1/4, rather than 1/2, of the persons are dumber than the average.
You would think that Norton AntiVirus 2001 7.0 would filter it as well. After all, that's what it's designed to do.
.DOC Word file that you know he's been working on, and he's usually too busy to check his spelling and grammar for every quick note. Your NAV scanner clearly checks it (there is an animated system tray icon that shows it working.) So you open it...
Yet, if you have a look at Symantec's Discussion Forums you will see many NAV2001 users complain that their e-mail scanner does not pick up SirCam attachments. Detaching those same attachments and running a manual scan of them then does find SirCam. Thois has been an issue since day 1 of SirCam (six days now) and Symantec still has yet to acknowledge it.
So you're a corporate user. You have a locked-down image with hidden extensions. Your NAV templates are up-to-date. E-mail scanning is active. You receive an e-mail from your boss with the title and attachment as a
Sometimes it's not always the user's fault.
-- Insert witty one-liner here. --
I don't want to get this thread too off topic but the practise of extension-hiding has come up recently on a lot of Mac boards. Apparently Apple's MacOS 10.1 (due in September) has an option to turn off filename extensions. Why they're doing this I don't know (it has cause so many problems in the Windows world) but if anybody here is all concerned about this you may want to send Apple some feedback.
- j
The last thing in the world I want is Linux/BSD/Mac OS to become the mainstream operating system of choice. With Microsoft ruling the roost, I will never be poor. Instead of punishing these virus/worm writers and the script kiddies, I would like to erect a monument to praise their work. Without them, I would be destitute.
Strange women lying in ponds distributing swords is no basis for a system of government.
Q: Why do you use Linux?
A: It does not run Outlook.
Should be a requirement for a reliable OS, really :)
Never ascribe to malice that which is adequately explained by incompetence.
Why do you insist that? The plural of "virus" is, and has always been, "viruses". Check any (respectable :)) dictionary or pathology papers that discuss viruses. People think that the plural of "virus" is "virii" only because some clever 12-year old asshole fifteen years ago went, "Hey, radius becomes radii, therefore virus becomes virii!"
Neglecting, of course, the fact that English is a fucked-up language and we do not always use Latin pluralization for words. Even IF the plural of "virus" was Latinized, it would be "viri", as follows:
Singular: radi-US
Plural: radi-I, hence radii
Singular: vir-US
plural: vir-I, hence viri
The "us" becomes an "i", not "ii". However this is irrelevant because the plural of "virus" is "viruses". Claiming that any word that ends in "us" pluralizes to "i" (or "ii" for those who missed my previous point) is disingenuous. "Bus" does not become "bi" or "bii" (it's "buses"); the plurals of "plus" and "minus" are not "pli" or "plii" or "mini" or "minii" (they're "pluses" and "minuses").
I'm sick to death of people perpetuating this stupid fallacy of language. And don't give me that "common usage" bullshit; the only people who say "virii" are undereducated computer neophytes. </RANT>
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
You're incorrect. The plural of virus is not "viri", even though that would be the correct pluralization if "virus" used Latin pluralization. But it does not. Every dictionary I've looked in that has a plural listed for "virus", listed "viruses" as that plural. Not one listed "virii".
This page explains, again, all about the plural of "virus", telling us (among other things) that in Latin, "viri" was NOT a proper plural of "virus":
http://language.perl.com/misc/virus.html
So, next time you feel like pulling something out of your ass, how about making sure it's shit and not linguistics?
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
"Folks, we are going to make you a whole lot of money."
In a past life I worked for an MSP. Woe! The shame!
Anything is possible given time and money.
Or what if MS tries to convince the public that Linux is a primary hacker tool, and gets it declared illegal. They already have been making noises about it being communist and un-American. If you think the notion of the police breaking in your door to confiscate your Linux system is preposterous, try growing a couple pot plants in your living room.
ummm, and this person if criticizing the writer of the virus? Guess someone needs some gooder spellchecking software.
What is, of course, the bigger crime, is that more posters are not punished for comments that are undeserving of a Score of 2. Posters that automatically post at the 2 level should be punished by moderators for failing to provide any humor, insight, or whatever, but the moderators are only able to penalize posters for being OFFTOPIC, FLAMEBAIT, or TROLLing.
Of course, I'll get OFFTOPIC or FLAMEBAIT for this li'l puppy, because it has nothing to do with the larger discussion, namely, "Death to Virus Writers".
You may not get anything from insurance... cough cough... but I think if the person who took the car is caught they're still prosecuted against. The WHOLE problem is exactly what you said... not only are you suppose to buy the car, you're suppose to PROTECT it. Shouldn't it be enough to actually OWN it? In a perfect world... yeah... but our judicial system sucks... after spending some time over in Saudi Arabia, where if you steal you lose body parts... the risk of stealing is too great, here you get the slap on your hand. You don't know how amazed I was to walk the streets in Saudi Arabia and have gold out in the open on tables with the owners not even worried that it could be stolen... that's the way it should be... stricker laws only hurt the ones who are breaking them.
What? That's like saying... she was wearing a short skirt, she had that rape coming... And the thing of leaving the door open.. you could also say... we'll you didn't have enough security on that door, you only had 5 padlocks on it... that's easy enough for a burgular/hacker to get thru. The thing is this... it isn't their property... so they shouldn't be messing with other people's stuff. Hell, if we went with your logic... I could train a monkey to just go and open unlocked windows... steal everything and it's all fine because the window wasn't locked. Damn... no matter what.. IT ISN'T THEIR PROPERTY... NO IFs ANDs or BUTTs!
Is a virus that starts some second process on your computer actually so much worse than a website that pops up hammer-the-gopher adds?
I don't have a problem with the viruses, I can avoid them. It's sites like the authors that start new advertising popups for every page I visit that bothers me.
How is this not a virus? It's just not persisted.
So, can we kill these guys too? Please???
Wouldnt this mean wed have to Kill Linus? After all, Mundie says that the GPL is a "viral" Liscense. Logically, everyone who writes under the GPL is writing viruses, and therefore, a witch! Throw her into the pond! ::shakes head:: sorry, MP flashback.
Tempting as it might be to go after the virus writers when something like this happens, the real problem is the buggy insecure code which lets it happen in the first place.
I'm not just picking on Microsoft - open-source projects have had their fair share of security holes as well.
But the fact is that Outlook, ISS, and various other products didn't even have security as an afterthought, it was just no thought at all. The charge shouldn't be "kill the virus writers", it should be "stop buying unsecure software".
After all, if you left your front door open for a week, and someone made off with your stereo, I'd argue that you had it coming. I'm not sure viruses are any different -- we just need to secure our damned software.
ZFS: because love is never having to say fsck
This is a message that needs to get out more ... in fact, it's really a question of being a good netizen ... and it's also the reason my e-mail client is set to send out plain-text mail, ONLY. I don't know what client my correspondents use, so I assume they are using Outlook ... sending the mail as plain-text at least stops Melissa-type autoruns ...
... she is a programmer, and was VERY embarrassed when I told her what she'd done ...
I remember a time (back in my pre-exclusively-Linux days) when a friend sent me an e-mail that was infected with an autorun version of Happy99.exe
Do not meddle in the affairs of sysadmins,
utter rubbish
The attachments are downloaded and saved, you just can't open them in outlook.
Stupid is as stupid dies.
He is preaching for clearing the gene pool and asks for bombing universities and killing hackers instead of retarded adults who even commited some serious crimes. This seems to me like a good contribution to Darwin theory.
If programs would be read like poetry, most programmers would be Vogons.
And why do not kill the admis that deploy such OS anywhere where its infection based on core insecurity of the operating system can cause economic harm?
If programs would be read like poetry, most programmers would be Vogons.
Maybe this has something to do with why the company went tits up... ahhh Darwin!
You're using her as bait, Master!
A classic example of the cart not knowing how to pull the horse. I'd rather kill the writers of that filthy email client, who in their infinite wisdom decided that putting VBScript and attachment autorun on it was a Good Thing
I can assure you that the Norton AV Corporate Edition plugins for Exchange Server caught and quarantined quite a few messages in our site and those we manage. We've seen no evidence of infection on any of the PCs.
That might be a false sense of security you've got there...
Our NAV Gateway has been letting copies through on a random basis, trapping only about 10% of the virus', and Symantec has admitted they know about this problem to us, on the phone.
So, don't be so sure you're protected.
As a precaution, we've limited our attachment sizes to 64K, this seems to stop 100% of the virii...
Goofy, Geeky Gifts and More!
Thois has been an issue since day 1 of SirCam (six days now) and Symantec still has yet to acknowledge it.
Not true.
They may not have acknowledged it on the forum, but on the phone with them yesterday they told me they knew about the problem and were working to fix it.
In the meantime, we have limited our attachment sizes to 64K, which will not allow the Worm to be transtitted by email.
Goofy, Geeky Gifts and More!
As was mentioned in another aticle on Slashdot the other day in the comments (forget which article it was attachd to): Let the virus writers stay uncreative.
Really... you don't want this to turn into a challenge. Let things stay this easy to write; you'll only end up infecting the people silly enough to double-click random binaries from their Outlook client.
There's no good reason that they can't implement some really creative worm that would work cross-platform and cross-client. Yes, it would be hard but you don't want a worm running out, downloading C compilers for the specific platform, compile worm, link itself, run as a background process, and go on finding hosts around it to infect. Make the bugger look for common Linux services holes, email it self to people in your inbox who run Outlook (Just look at the message headers)... infect an IIS webserver nearby, begin propogating... then unleash some unholy attack to DoS networks everywhere.
Nope... I'd rather we just left it nice and easy for them to write a trojan that's Win32 only, and requires human intervention to activate it.
My my! Our little timothy spent an hour and forty minutes on the phone! SHEESH! That certainly does warrant taking someone's life. I mean, just think- I bet there were people who had to spend *ghasp* 3 HOURS! on the phone! Someone's gotta tell me why this guy isn't dead already! Let me at 'em! Man, I had to wait in line at the store the otherday- anyone want to join me in a mob lynching?!
Working toward a usable PDA environment in the spirit of Newton OS: Dynapad
I subscribed to Anchordesk back before David Coursey took over. At that point it was a reasonable publication that had some neat tips and such.
David Coursey writes his Anchordesk stuff every day with lots of extremely pro-MS and dummied down PC tips. He thinks PCs only run Windows, so you can tell his grand intelligence. With the way he talks about it, I'd swear he used to be a Mac user (Mac vs. PC) who was then brainwashed by MS to talk about PCs.
Anyway, I don't generally have any problems with receiving viruses. My friends aren't that dumb. Most use webmail, Eudora, or Linux. I have Outlook because I've used it in an office situation, but I'm not really interested in the latest fake pic of Anna Kournikova or whatever.
Can we shoot idiots like David Coursey and his friends instead? Running a computer is NOT like taking an SAT (which isn't hard either).
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
I remember back in the days when I first started messing with computers. A virus back then was a nasty piece of work that lived on an EXE file or in the boot sector of the disk. It jumped from program to program, or disk to disk, and could wreak all sorts of havok to the unsuspecting person. They were tiny bits of code with a purpose, engineered especially for the job at hand. It didn't matter what mail program you were running. Some of the things attacked on the first read of the infected disk in the floppy drive. While a certain level of gullibility was required, it certainly took a lot less dumbness to pass a virus around (don't have updated AV software and pass an infected file on disk or over a network).
Nowadays, most of the virus attacks are merely variations of the same thing. Hide an attachement in email and let it do its damage by mailing itself to the world via a particular mail program. They even make kits for people to download to mutate these worms (I hesitate to put them in the same context as the virus of old). It takes no programming skill to make one, and requires such a high level of ignorance on the recipient's part. There's no glory in it.
"Look at me, I fooled a bunch of ignorant MS users into spreading my hacked version of ILOVEYOU with a header of Britney Spears on it"
Yeah, real cool. That's why everyone calls them "kiddies". You want real respect, make a boot virus or something like that. Something that doesn't require the user to be a total technophobe to spread. Then you might get an ooh or an ahh.
Electronic Frontier Foundation for online civil rights information
Actually the penelties can be very high(to high in some cases, but thats foranother time). However getting caught is where the difficulty lies.
The Kruger Dunning explains most post on
What a pointless piece. We're all frustrated about how quickly virii can waste time and money, abetted by dumb users, but death? Silly and obnoxious. It's not like many virus writers are that different from your average hacker: they are not gang raping babies, or beating up old ladies for their social security cheques. They are writing code! Granted, it's the code equivalent of spray painting obscenities on public buildings, or slashing people's tires in the parking lot, but I seriously doubt a computer virus , trojan or worm has ever caused a death or serious bodily injury (I don't count bruised fists from pounding on desks, or pulled-out hair here). It's vandalism, just of a type that's very hard to police and prosecute.
Freedom: "I won't!"
Usualy by going to a antivirus site(like symatec or mcafee) you can get fixes for a lot of viruses. They usualy reccomending only downloading from that site, and if you do not get it from their site, to signature verify it. If they don't have a program for it, they will at least have removal instructions.
Seems like a good way to get rid of not just the virus, but your friends, too. No, they won't be dead, but they sure won't be talking to you again. :)
If you need to send an exe then put it in a zip file, not really that difficult to get around...
It's been said by many many times: Linux makes an excellent antivirus tool. Why? Well, because...it's Linux.
What kind of logic is this??? Linux (like any OS) is susceptable to virii. It's just that the people writing the malicious code are designing their app to work on MS Outlook because it's a common mail client. If there was a growing TREND towards the use of another mail cleint, they'd find the exploitables of said client and write their code to accomodate the exploitables.
How about taking it a step further and having you Linux box scan all incoming e-mail for virisus? See Amavis and others.
Platform aside - whether you're using Linux/BSD/*NIX, NT or Netware... whatever... proactivity of the network admin is the key. A proactive admin would have scanners in place and have libraries updated on a frequent basis to help stop these incidents from happening.
Unfortunately, most companies will not give money to a budget for a PROACTIVE network admin... but they're the first to CRY when their PC's been whiped out...
It's all about knowing your operating environs and being proactive... not about just putting linux on an old PII and using it as a mailserver. If an admin doesn't know squat about Linux and puts an "out of the box" Redhat w/Qmail install online - they'll have more problems to worry about than a virus.
[Connection closed by foreign host]
Nah, it would say:
"We are ordering free pizza tomorrow in the break room. Click on the link to confirm."
Nothing gets folks like free pizza...
mrgoat
'Hail Eris, baby, hail Eris...pfffffffttt.' *cough* 'Yeah.'
I know it cant acount for every situation but if people would just put some thought into the design of their mail clients and operating systems then there wouldnt be much these virus's could do. If you dont give random applications the ability to screw up your system then you dont really even need a virus scanner. That is why i run a real Operating system (and a real distribution of it for that mater SLACKWARE!!!!!!! (sorry i jsut had to use this chance to shamelessly promote my favorite distro))
I do not think that there are no security holes in my system. But i do know that there has been an atempt to make it secure. I also know if that i was to download something that contained malicious code and then run it there would be a lot less it could do than if i was running windows. I also know that it would be a lot harder to write something that i wouldnt know was being run.
My OS may be far from invincible but as we have seen the OS that requires lots of support does sell more copies.
Funny how this article comes up with a wonderfully informative popup for an X10 camera. I vote death to popup hosters!
Speeding never killed anyone. Stopping did.
Dude, the ISS is the International Space Station.
... right?
I think you meant IIS - Internet Information Server. In fact, I'm sure that's what you meant, er, uh,
RUN FOR THE HILLS! THE SPACE STATION IS CRASHING WITH MUTANT VIRUSES ON BOARD!
AAAARAARRRRGGGGGGHHHHH!
Well, sometimes that makes me wonder is who writing most of these viruses and how much they get paid.
@>-,-`-- Kandy Neko
At least I know which friends I will not accept disks or files from. ;o)
The file type/creator codes are certainly NOT stored in the filename. They are part of the resource fork.
Outlook 2002 is so strict now, that remotely syncing a palm pilot is really hard to do. You have to accept a number of "do you want to do this" type messages, when before you could go on vacation and dialup to sync your palm, now someone has to be at the machine to accept the sync. This is a big pain in the ass.
The fact that ".exe" can not be opened is a good thing for the general idiot MS Office users, but to the advanced user it is a little too much.
Here.
While not a "virus", that worm did provide a great amount of entertainment. Stupid people should not be allowed to use computers. But if that was so, Microsoft would still be writing code for Amigas.
--
--
#nohup cat
If you look at the logic of the article, it talks about the hours and money lost by the viri (even deleting the email costs money). Now if you think that time and money are reasons to kill, then /. should be removed from the 'net. Think about it. The millions of nerds that spend hours reading it at work. That's some serious time and money. Economic tragedy? Nahh....
--
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
They do nested confirmation dialogs with Win32 installation programs. It shouldn't be too hard to implement the same thing for other protections! Just make sure that at least one of the boxes defaults to "NO" or "CANCEL"!
Ignoring the controversial subject on whether blocking executable attachments is a good idea, I have to say the way that they implemented the "Object Guard" on the Outlook API is pretty lame.
You get this message that "Some unspecified program is trying access your address book" prompt, whether it's a VBScript virus or you are trying to use routing features from MS Excel etc. Meaning there is no way to have trusted code which actualy does office automation features without annoying the users to hell and just giving them another prompt to ignore. I figure the Virus Writer club will be back to their old tricks of sending Word or Excel-based viruses pretty quickly.
Not that it really matters -- The only think that "Melissa" and ilk prove is that a 12 year old can write a mail worm without warezing a copy of VisualBasic. It's not like reading the address book off disk or sending mail directly using MAPI or even the winsock is too difficult for the advanced 14 year old.
When I hear the word 'innovation', I reach for my pistol.
Oddly, though, with this SirCam outbreak, I find more of my wrath landing on those who help spread the stupid thing. Every single one of the hundreds of emails I have received thanks to SirCam resulted from some otherwise intelligent person being incredibly negligent about network security. I have spent significant amounts of my own time paying for their lack of caution.
I have taken to sending a standard reply to each person from whom I receive SirCam, pointing out that connecting to the net without proper precautions in place is both silly and rude. I'm hoping to trigger a shame response that will motivate people to think about security enough to avoid being so rude again.
If we can foster a culture in which abetting the spread of a virus or worm though lax security is considered a serious social faux pas, we may have be able to contain them better. People are motivated by considerations of power, prestige, and group acceptance; push those buttons properly, and you can sculpt behavior as you will.
--
When all you have is a hammer, everything looks like a skull.
Note to you: POP is for recieving e-mails port 110 while SMTP is for sending outgoing mail port 25 just thought you should get terms right when u rant
That doesn't make them suffer, we should force virus writers (at least those that release them) to work tech support at AOL!
Windows is a virus. It infects everything. I wonder what this means for Bill Gates?
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Which is part of the problem. People who sell folks on bad solutions because it also spells job security
;-)
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
You think its bad now, Just wait, I have been looking at the asp.net stuff, and C#...wow the nastiness that stuff is going to introduce when XP hits along with this stuff. But don't worry, M$ took out Java becuase it could spread Virus's. I believe though that more fault lies in people and companies that are not running proper virus protection, and don't have proper policies. Half the nastiness that gets in most companies could be stopped if the companies would just have the servers scan for viruses and delete the attachments that are infected before they reached the users. Still further they would be stopped by enforced Virus protection on the desktop. The biggest purveyor of Viruses that is almost unstoppable is the people that have Outlook setup to grab their email from thier ISP. Our servers, and most virus protection never have a chance to look at that mail before they click on that infected document. SHUT OFF the DAMN SMTP port don't let anyone retreive mail from anywhere but the approved company servers. Don't een get me started on the Hotmail/Yahoo, webmail menace, they should get sued if they let a known virus reach your mailbox.
Power Corrupts,Absolute Power Corrupts Absolutely, leaving one person(group)in charge is absolutely corrupt.
I think the funniest thing is when people on the same LAN feel they have to attach files to email rather than sending a link to where the file is on a public drive.
Seriously, I like the notion. But I think it is mildly impractical to try and figure out an FTP scheme that is as flexible and user-friendly that would be ultimately any more secure than using email with attachments. You know the first thing every user would want is an "autofetch attachments" or "single click attachment fetch" option, and they'd all be downloading and opening the virus/worm/trojan anyway.
I'd say give general computer education time for the public to get to a basic, solid bedrock of how this stuff all works and the next generation coming up will make things like not opening attachments from strangers seem like second nature.
I do not have a signature
The only program that deserves instant death is mass mailers anyways I would rather deal with a nasty virus every once in awhile than spam every god damn day...
An Education is the Font of All Liberty
If it wasn't for viruses, all of my company's networking guys would have no clients to service. Faulty software and insecure networks are the bread and butter of the industry.
Actually, I thought it would be funnier the lower the number. But I have no exp. first posting.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
is the same punishment strong enough for first posters?
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
I remember exactly where I was the day of the Michelangelo virus (March 6, 1992).
I was in 8th grade. A classmate and I were working on an extra credit project for Computer Literacy class during study hall. The junior high school had a lab of Apple ][es for Computer Literacy students to use. However there was a class using it during our study hall, so we had to use an extra Apple ][e that was on a cart in the closet of the principal's office. We wheeled the thing out of the closet and plugged it in. As we booted the computer, the vice principal walked out of his office and said "Whoa! What do you think you're doing? The MICHELANGELO VIRUS is today!" made us unplug the thing, put it away, and go back to study hall.
What's a sig?
Sorry, but there's a big difference between exploiting an obscure buffer overflow vulnerability and writing some simple VBS code which gets auto-executed by Outlook.
This is like someone making fun of a car that has no doorlocks and is constantly robbed, and someone else replying that Wells Fargo armored cars are just as vulnerable because you can open them up with some shaped-charge explosives (after you knock the vehicle on its side by ramming it with a tractor-trailer).
Don't bother killing the writers. Just the people who work in your company who really think that their friends would write them mail with " Hi Friend I need you help" as a subject line.
--The space between my ears was intentionally left blank--
I love the smell of Karma in the morning
Maybe next time I'll pppppreview oh well.....
Like when someone attaches a 113MB PowerPoint Slide show from a pppppublic drive and sends it to half the company, all of witch have access to the original file. Then 47 people save the file to their user folders. Then the person that sent the E-Mail bitches about E-Mail running slowly!!!!
No what is funny is a month later when every version is diffrent and every one thinks the server isn't saving files anymore.....
It's been said by many many times: Linux makes an excellent antivirus tool. Why? Well, because...it's Linux. But really, because of it's immunity to viruses in the first place. (Let's ignore the spread of things like ramen as they work differently than Outlook Transmitted Diseases (OTDs))
/dev/null automatically. If the user can't run it in the first place...
Linux as you mail server? Check out Enhancing E-Mail Security With Procmail to send this nasty crap to
How about taking it a step further and having you Linux box scan all incoming e-mail for virisus? See Amavis and others
If you're using Linux as your file server, invest in some linux based antivirus software. Let linux scan away at your uses Windows files and keep them virus free using an OS they can't infect in the first place.
If you're a network admin, and you don't take counter measures from preventing your users from infecting themselves and others, your a part of the problem as the virus writer. Educate your users, use counter measure that prevent your users from getting the virus in the first place, etc. etc. etc.
I'm going to go back in my box and will think within the limits of my box: MS Sucks Linux Good I read too much Slashdot.
Sentinels anyone? Joke today, annoying Slashdot rhetoric tommorrow.
How many virus writers go on to live normal, productive lives? How many never write another virus?
(Ah, to heck with it. Kill 'em all and let DoS sort 'em out!)
Tim
Hi! How are you?
I send you this goatse.cx link in order to have your advice
See you later. Thanks
Attachment 1: http://www.goatse.cx
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
From the article:
Perhaps if we let a certain former Texas governor order the killing of virus writers, he might refrain from killing retarded adults, people who committed their crimes as juveniles...
The real kicker here is that most of the viruses out there have been created by... you guessed it... juveniles.
They're juvenile in mind if not in body at least...
There's a reason we call these people 'script kiddies'. Steve Gibson, of grc.org fame beleives that the k1dd3s DOS'ing his site are no older than 12 or 13. I would imagine that most of the people who downloaded this virus creation kit are just about as old.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
The REAL VIRUS is unlimited root access in Windows 95/98/ME.
... which, by the way, is soon to make an unwelcome comeback to a wider audience in XP.
Don't encourage anyone to make viruses, genius. You need to get a grip, and write a program that actually does something other than make mayhem. Like hack Tribes 2, and make all of the players look like Kournikova.
I don't care what y'all argue. Virus may have Latin origin, but so do many other words that don't follow latin rules. If that was true, why don't we all just speak Latin and get it over with. Truthfully, we need a common place to where generally accepted pronunciations and meanings can be found. I look to Webster's for this, which has never let me down, but they are all pretty similar if not the same. If Webster's says "viruses", than by God, so do I.
It may be safer from virusES, but it's still exploitable. It's foolish to think Slackware, or any other distro for that matter, can be designed to resist all software attacks. Do you honesty think you can't be cracked? Why don't all Linux distro makers design theirs to be invincible? Do they like the money made from support calls, perhaps? I would think an invincible OS would sell more copies than an OS that requires lots of support.
I think Spammers are much more needy of death then virus writers. I rarely get a virus in my inbox and if I do I think the nakedgirl.jpg.doc.bat extention is a dead ringer not to d/l it:) Besides I have been ummune to most of these "viruses" becuase if I have to use a WIN PC I use netscpae anyway, and use Pine or Netscape on my Solari or Linux boxes. Nykon
"It's better to be a pirate then join the Navy"
funny, most people think that about journalists....
You would think that MS would have put in something to stop this by now. Maybe a "are you really sure?" "are you really really sure?" type nested dialog boxes... :-D
I'll stop writing viruses, okay? Just don't yell at me any more. Alex
A winner is you!
What happens when some nut actually goes out and kills some virus writer and sites that article as the reason why he did it...???
Seems to me in this day and age when commericial entities can be held responsible at least in part for criminal acts based on their content, that this article even made it past the editor.
--
______
______
Once: you're a philosopher. Twice: a pervert.
many virus writers are dumb enough to put their e-mail in the stupid code.
Screw 3...
Dont kill the virus writers... kill BILL!!! He came up with the non-user all root Desktop. If windows were only like linux (user permisions)there is no way in earth that my stupid, stupid, stupid sister could open a virus and actually do any damage with it...
The REAL VIRUS is unlimited root access in Windows 95/98/ME.-- Dennis Ritchie, 1979
That's the big difference between all non-MS operating systems and MS. The whole damn world knows that systems are insecure, and that safeguards must be taken, not only to avoid known exploits, but to be prepared for future exploits. MS shows no remorse or shame every time they're caught with their pants down. Microsoft attitude to security is the same as their attitude to bugs in general. If it sells, why bother fixing it?
I can guarantee you all that Microsoft will continue to ignore security. Untill the day when the computer security industry (antivirus software, firewalls, etc.) is so big that Microsoft decides to corner that market. What a sweet deal that will be for them. It's like having a pharmaceutical company releasing a plague so that they can sell you medicine.
-- Another senseless waste of fine bytes.
Don't go after the virus writers? The real problem is the buggy and insecure code? You don't think maybe the real problem is the little asshole writing a virus to screw up my mail or web server do you? I simply feel that if you write a virus and put it out there to spread and cause as much trouble as it can then you pretty much need to be shot in the back of the head and dumped into a large, unmarked, grave with the bodies of your fellow turds. Of course I also think that snipers with night vision could put an end to the graphiti problems in major cities too but then that's just me.
Appended to the end of comments you post. 120 chars.
I know this is a humor piece, but still...
There is a large tendency to over-regulate computers as it is (DMCA, etc.). The last thing anyone (sane) would want to do is give the over-regulation MORE power. Think of all the recent cases (DeCSS, Dmitry Sklyarov, etc.)... you do NOT want the people who thought stuff like this illegal to have the power of the death penalty in their hands.
______________________________________
______________________________________
Ever notice how fast Windows runs? Neither did I...
Use the virus writers to make the spammers lives miserable. Instead of making worms that just send themselves to everyone in the victim's address book, make them do that AND send mail to domains in the Realtime Black Hole List or something. This could be fun and useful. Or maybe even a worm that uses Dialpad to call spammers at home from everyone's computers. It could be really useful.
~The Moron
~The Moron
I am a certified moron. This Slashdot account will be forever dormant.
If email virii would kill off gullible fools, the virii would have no means by which to replicate, and the problem would be solved. Virus writers could then turn to more intellectually challenging activities, such as writing improved kernels.
... then check this out.
The World's Best Music!