Slashdot Mirror
Virus Cost Estimate For 2001 Tops $10 Billion
Snootch writes: "CNN has a story on the costs of virii - they're absolutely collossal, and remember that the $10 billion figure is just *so far this year*...scary. The article gives a pretty good breakdown by virus, and while it says little else that the average /. reader won't know by now, it's an interesting read all the same. To quote Red Dwarf's Kryten, 'Smug Mode,' but I note that every single one mentioned in the article, bar one (Code Red), was a client-side Outlook virus ..."
"My other thought was this: Considering that according to the article, nearly half the money was spent cleaning infected systems out, then the virus-checker industry, and therefore the implications of Symantec's recent patent, are even bigger than I realised ... *gulp*" Of course, estimates like these are often made by people with vested interests in the effect such numbers have, and there are a lot of costs that are very tough to estimate accurately -- like sysadmin time.
Major companies are always major victims
What, me worry?
Yeah, totally... I still wonder how come nobody seems to realize that all this virus stuff could be avoided if they'd just start using free software? and that's only one of the advantages, man... It's a sad world :/
Linux Rulez!!!!!!!!!!!
How do missioncritical projects handle this kind of problems? That's nuclear stations, NASA and the like...
We're a unix shop of 60 employees. The cost to us for CodeRed was, um, $0. I saw the entries in the logs as part of normal maintenance but did nothing else.
Sircam cost about $50, which is the hour it took me to update the 4 Windows machines in our sales office. This figure might be a little low because I didn't include the cost of hitting the delete key. Oh, and I added a procmail recipe I downloaded, but this was something like 2 minutes worth of work.
Considering Code Red's favorite food, that's pretty much a clean sweep for Microsoft, isn't it?
I guess they do bring something to the total user experience that you can't get from anyone else.
Gotta run. A whole bunch of people hae sent me files they need my advice on.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Not to start up with the m$-bashing too early on, but frankly, let's be adults and admit it:
Most virus damage is caused by half-baked, slipshod, poorly-thought-out products put out by our friends in Redmond.
Period.
As a unix sysadmin working at a very large enterprise hosting facility, I can tell you this, first hand. The Windows team is constantly chasing after red worms, melissa, various IIS exploits, and every imaginible form of macro virus, while the Solaris team calmly applies regular patches from Sun.
I'd say for every single Solaris 8 box that gets pushed over or otherwise compromised due to a virus, there are *seriously* about 50 Windows boxes that need to be scanned/cleaned/reinstalled.
Again, not trying to start a religious war, but viruses are a microsoft byproduct. Not that Microsoft is a bad thing, mind you, but I think its safe to say that most of the viruses in the world wouldn't exist without a little help from poor quality control at microsoft.
"Beware of bugs in the above code; I have only proved it correct, not tried it." -- Donald Knuth
I'm not saying that MS should be ponying up billions for Outlook's defects (esp. since estimates of the value of "lost time" always seem to be generous; witness the costs of "being stuck in traffic" as being huge) but if there is some desire to reduce the widespread incidence of viruses, then there should be some mechanism, prefereably financial, for encouraging people not to create and sell vulnerable products.
It's psychosomatic. You need a lobotomy. I'll get a saw.
All your virii are belong to outlook =)
--chook
Lost productivity includes time spent by system users and support and helpdesk staff on virus issues that takes them away from their regular responsibilities
This sentence should read "arbitrary figure made up to inflate costs of viruses". What the hell are "regular responsibilities" if they don't include helping users get rid of viruses. We all know that viruses are annoying, cost a little bit of money, etc etc - but even if each and every computer ever affected by a virus this year was attended by a tech charging 50 bucks an hour (and who needs an hour to get rid of sircam?!), we're looking at a 3 billion dollar bill. Not 10 billion.
It's yet another hype article. Bring in a story queue which we can moderate, like Kuro5hin, because the newsworthy to nonsense ratio is worsening all the time.
btw, the plural of viruses is... well, I just wrote it. Look at the latin root of "virus" and you'll understand. Or just google for "virii" (34k hits) vs "viruses" (1.4m hits). Nuff said.
I think things are going to be worse. M$ systems are just too vulnerable to these virus problems.
Never forget how much money is gain by the anti-virus companies like McAffee, Norton, etc. Those companies may play behinde the scenes.
Beside, most viruses are made to hit just a certain group of people. Like M$ Outlook people. _The_ problem still is Micro$oft if you ask me, and not the bunch of students and other virus coders. They just use the weak M$ application to do their thing.
By the way, Code Red doesn't taste as good as the real stuff: plain old Mountain Dew.
42 + 1 = 42
the foot-and-mouth disease [satirewire.com]
The title says it all!!!
My feeling is that most of these are Microsoft-based worms because that is the most popular platform. (And perhaps the users are less concerned about computers than we are.) There have been plenty of exploitable holes in pine, for instance; it's just that not enough people use the same version of pine for a successful worm to be built around it.
I think perhaps this is an argument for diversity more than it is an argument against Microsoft.
It don't matter what OS you run, as long as your sensible. (with exception to the Servers, where IIS does seam to cock up quite nicly. ;-)
I don't open attachments from 'untrusted' people, hell I don't open attachments when I am not expecting them. If every one did that, VB/Outlook viruses would die.
I have no pity for those deliberately making & sending out virii... I say if they're legal send the FBI to their door right away and if they're not, fine their parents heavily.
Now of course I haven't been hit with a virus this year, and even if I am, I always have my iBook with OS X on it to use while I clean out any of my infected systems, but I still have no pity for those sending out virii getting what's coming to em from the FBI!
How are the costs determined for something like this? for example:
The costs from SirCam included an estimated $460 million spent on cleaning infected systems and $575 million for lost productivity.
If that 460 mil was actually paid to people for virus removal, and they'd normally be doing the work covered in the 575mil lost in productivity (but they've just switched tasks or whatever), then the actual loss is only 575 mil...
Yeah, sure... meanwhile you're dealing with BSOD's while I'm playing my super-kewl, stable Loki games on Linux! haha! :P
Linux Rulez!!!!!!!!!!!
if everyone started using Linux, it would have as many Virius as Windows.
Linux = small = not many people can see the point in attacking.
Here's the original report that CNN qouted, from computer economics
I have to say, I agree with the point about vested interests (and yes, this company has good reason to exagerate the claims). At least they are being honest about giving estimates - how many times have we heard about court cases where the prosecution charged a hacker with exactly $1,764,726,818.76 worth of damage [well, er, none actually - but you get the point!]?
Yes, $10 bill sounds like alot. However, this is from the same company:
Migraine headaches cost American businesses between $5.6 and $17.2 billion in lost work productivity a year...
They do not run toy operating systems where lives or really big money or risk is at stake.
I'm inclined to believe that the figure of $10 billion is little more than a wild guess. But since we're spending time trying to put a price on lost time and data, I have a different question along the same general lines:
Disregarding viral infections, how much money does American business lose annually to Windows crashing?
Schwab
Editor, A1-AAA AmeriCaptions
Lots of people use Linux, and there's no viruses. (btw, what's a "Virius" ??) That's because Linux is basically virus proof, just one of the benefits of using free and open software. Other OS's could learn a lot from Linux!
Linux Rulez!!!!!!!!!!!
I'm not going to say viruses don't cost money....
But I have little faith on the 'loss valuations' put forth like this.
If I have to disinfect all 50 computers in here over the course of a year, I'm not going to claim my company 'lost' any money, even though my time IS worth money. I would have been here, and been paid, regardless of the virus being here or not.
The same goes for cost valuations done because of website defacements 'cracking' etc.... they are rarely rooted in reality, but instead rooted in a numbers game to make it seem worse than it is.
Geez, you would think that on /. people would know that Sircam was not Outlook specific. I had a friend (who is rather computer illiterate) who doesn't even use outlook and stilll managed to spread the virus. Sircam doesnt just use the outlook address book for viruses, it looks through your temporary internet files for anything it seems like an email address (this is the reason why Tacoboy would whine like a sissyboy about the gigs of email he was gettign from sircam). Sircam require outlook to propogate, it had its own internal SMTp engine. Sircam was not outlook specific, merely windows specific. And i am sure that it would be really easy to make a port to linux (but i could be mistaken since i know jackshit about programming or unix). The true innovation of the sircam virus was its social engineering aspect. People are always curious to open documents, even if they know that it wasnt meant to be sent to them.
Hello? SirCam? It's an executable. It's mentioned in the article. It's a Windows executable, but it will happily infect people running Eudora on Windows, supposing of course that they are dumb.
It is another victory for the guys at Redmond, of course.
my old sig used to be funny, but then slashcode ate it and now it's not funny anymore
Devon
... with everyone else here. $10 billion? You've got to be kidding. I'm willing to believe that those loss estimates were more or less made up to account for the losses suffered in our happy little sluggish economy. Nothing more than something to tell the stockholders to divert their attention from the economic downturn the tech sector is experiencing.
/. was in my local hicktown paper. It's about time they cover a virus that affects us, the blue collar folk. If I had stock in these companies, then I'd care about Code Red. But I don't, so forgive me if I'm a mark for "common man" journalism.
On a personal note, it was nice to see that SirCam got some press. Since it came out, the only thing I've read about it aside from
Blog Prophyts - Right On, Man
I just want to say that this really boils down to MS Outlook's rediculous security model. I have been using Windows since Win95 and DOS before hand, I've NEVER installed a virus shield as I hate TSR's, and I've NEVER gotten one of these silly virus's. I've also NEVER installed Outlook on my machine. MS should be ashamed of itself, but at the same time, to say that Windows == Easy Virii Breading Ground is unfounded.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
Oh sorry, that was the pro-spam troll -- where is the pro-virus troll again?
What do you think it would cost to get people to stop saying "virii" and start using the proper plural of "virus," which is "viruses"?
People who are capable of making virus is just like everyone else who know how to use a knife. One can use the knife to kill or make good use of it. The choice is yours.
As for the case of outlook, VBScript can be very powerful esspecilly so with each newer version of office, when put to good use that is.
...have one reason and one reason only. Those in the appropriate industries like to have a lot of attention to these overblown cost estimates, so that the next time they're lobbying Congress for some law that will hand over more and more power over individual conputer users to "responsible" corporations, Congress will see the huge cost of not passing the legislation, and bang, we've got the next DMCA, or individual-restricting "internet security" law, or whatever.
I agree that viruses cost money. Time, productivity, equipment, and work is all lost when a virus hits your system. There are real losses. But these gigantic estimates that keep coming up -- Bullshit. They're estimates made by pegging every conceivable factor to one end of the scale. Have a security person on staff? Estimate that 100% of the cost of keeping that person on staff is due to "viruses," and add it into your cost estimate. Hell, I'm sure that they add in 100% of the time employees spend by the water cooler during a virus infection. "They can't work because there's a virus on their computer!" Of course, this assumes that when there is no virus, employees spend 0 time by the water cooler.
These estimates are probably less bullshit than the estimates that the RIAA, MPAA, BSA, and AAP come up with due to losses from piracy. I saw one in the paper, where you would have to assume that every illegal MP3 downloaded from the internet would have to then be passed on to 10 other people who would have definitely bought the CD, but did not because they received the free MP3. Obviously, a completely bullshit estimate, but there it is, Congress sees it, and no responsible person can then argue that we don't need laws to stop this economic hemorrhaging.
Note: I have no actual evidence to back up my conspiracy theory. But I do believe beyond a doubt that the cost estimates we read for these things are hugely overblown, and you do have to admit that such overestimating such cost estimates could potentially benefit those trying to provide positive spin for DMCA-like corporate-graft legislation.
-Rob
The correct plural for virus is either viri or viruses. Viruses is the English way to form the plural, and viri is the Latin way of doing it. Personally, I prefer the Latin way since it sounds more elegant.
vymths.com typically has debunkings of numbers like this.
It's definitely recommended reading for any geek. The introductory section is here.
I don't buy these numbers. These exorbitant figures are created from generous estimates of downtime, repair costs, and so forth. In addition, they take into consideration elements only tangentially related; I think that anybody with their Michael Shermer hat on can tell that a more serious inquiry than this is required.
(But, then again, this would be good fodder for anti-Microsoft arguments. Now how ethically responsible would that be?)
http://www.heise.de/tp/deutsch/inhalt/te/9419/1.ht ml (in german).
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
Including patching or AV software costs is rather dubious -- OSes need maintenance and their bugs/vulnerabilities fixed.
no I am not. I have not had a BSOD ONCE!
;-)
Win2K is _stable_ (not great, i'd love to be running a BeOS-a-like, but hey)
Win2X is poo.
it's quite simple.
playing my super-kewl, stable Loki games
While I play _new_ computer games... but hey
Insightful but Overrated Troll
These damage numbers are like the damages claimed in the "Hacker Crackdown" - somebody cracks into the phone company, copies one document, and gets nabbed for 'damages' to the tune of $80,000 - it later turns out that that figure included:
1. A technical writer had been hired to research and write the E911 Document. 200 hours of work, at $35 an hour, cost : $7,000. A Project Manager had overseen the technical writer. 200 hours, at $31 an hour, made: $6,200.
2. A week of typing had cost $721 dollars. A week of formatting had cost $721. A week of graphics formatting had cost $742.
3. Two days of editing cost $367. `
4. A box of order labels cost five dollars.
5. Preparing a purchase order for the Document, including typing and the obtaining of an authorizing signature from within the BellSouth bureaucracy, cost $129.
6. Printing cost $313. Mailing the Document to fifty people took fifty hours by a clerk, and cost $858.
7. Placing the Document in an index took two clerks an hour each, totalling $43.
Bureaucratic overhead alone, therefore, was alleged to have cost a whopping $17,099. According to Mr. Megahee, the typing of a twelve- page document had taken a full week. Writing it had taken five weeks, including an overseer who apparently did nothing else but watch the author for five weeks. Editing twelve pages had taken two days. Printing and mailing an electronic document (which was already available on the Southern Bell Data Network to any telco employee who needed it), had cost over a thousand dollars.
But this was just the beginning. There were also the hardware expenses. Eight hundred fifty dollars for a VT220 computer monitor. Thirty-one thousand dollars for a sophisticated VAXstation II computer. Six thousand dollars for a computer printer. Twenty-two thousand dollars for a copy of "Interleaf" software. Two thousand five hundred dollars for VMS software. All this to create the twelve-page Document.
So using the same rule, you can see these adjusters running around asking, "Was this PC infected by a virus last year?", "yes", "Ok, that's one $2000 PC and one $100 Outlook License, plus one hour labor, lets see, that comes to $2220 lost productivity, NEXT!".
try { do() || do_not(); } catch (JediException err) { yoda(err); }
95% of desktop use Windows.
(ok thats prob a bs number, but put Windows Vs Linux on the desktop (which is the biggest play ground for Viriis) and Windows (in the amount of users department) kicks linux, HARD!)
please note: As a server, or a geek os, I have nothing against Linux. I can install & run it. I just see very little point (as I do not use a server at home, and if I did, I'd be using BSD/Solaris, but hey...)
Insightful but Overrated Troll
wow, /. is poo... no edit button...
Win2X should read Win9X, as I am shure you can guess, but the simple minded, stupid buggers out there will compain about it for days.
You know the ones, the ones without arguments, or points, and have to compain about spelling/grammer/typos...
Insightful but Overrated Troll
Why is it that nobody seems to recall that right after Lovebug, /all/ the newspapers happily printed articles (presumably swallowed verbatim from MS) hailing the fact that Microsoft was improving Outlook and Outlook Express so as to prevent this happening again. What did they do? Hardwire it not to arbitrarily execute code in emails with 'I love you' in?!?!? And much more importantly, why did the entirely of the media fall for it? An 'everything's just dandy' mentality?
It's rather interesting watching slashbots make smug comments about "Microsoft worms" and "Outlook viruses" when the two most damaging worms that have occured this year could have appeared on any platform.
Code Red
The Code Red worm is a typical worm that exploits a buffer overflow just like the Morris Internet Worm and the Ramen worm before it. Either of the aformentioned worms could have done what code red did once they had 0wn3d the boxen, they just happened not to.
Heck, I've toyed with writing a proof of concept *nix verison of Code Red using wu-ftp vulnerabilities, rpc.statd vulnerabilities, telnetd vulnerabilities, sendmail vulnerabilities and even BIND vulnerabilities. Of course, I haven't gone much further than deciding what exploits to use and glancing at some source since I'm busy with school at the moment and more importantly I don't want to go to jail.
Sircam
The Sircam worm spread either through social engineering or across unprotected network shares. Neither of these requires Outlook. It didn't grab addresses out of the address book and instead grabbed them from the user's web cache. Sircam also didn't use the client mailer to mail itself out but instead included it's own mail program.
Thus all Sircam needed to spread was clueless users. This only thing Microsoft-y about this worm is that it ran on Windows.
All the above said, it is truly sad that on almost all popular platforms we are stil dealing with a 30 year old security problem whose causes and solutions have been known from probably before a sizable number of the slashdot population was born.
Hacker's version.
All viri are source code. All source code is free speech. Free speech is protected under the constitution. Therefore all viri are protected under the constitution.
DMCA version
Microsoft wrote the code that the virus creators used to kill the machines of the users that used the code that Microsoft wrote. Therefore Microsoft owns the viri.
** Pray for Mojo.exe **
Ummm yeah... I don't read german. Why don't you post stuff in english like the rest of the internet??
Linux Rulez!!!!!!!!!!!
Do you actually know any thing about either virusses, Linux OR Windows?
Would I be on slashdot if I didn't? Get real, man.
Linux Rulez!!!!!!!!!!!
btw, the plural of viruses is... well, I just wrote it. Look at the latin root of "virus" and you'll understand. Or just google for "virii" (34k hits) vs "viruses" (1.4m hits). Nuff said.
I'm not going to argue whether or not you're correct, but the way in which you've proven your correctness is pretty lame. All you've shown is which form is more popular, not more correct.
There's this saying you might have heard, "The masses are asses."
"And like that
someone point microsoft to this article and urge them to fix their total cost of ownership windows/linux comparsion page.
if everyone started using Linux, it would have as many Virius as Windows.
Nope. Technically spreading virii unintentionally like in M$ windows doesn't work in GNU/Linux due to [read/write] file permissions. Also, clicking on a malicious program compiled for Linux won't make any damage to the system since Linux is run from a users account, no way to infect system files because a computer virus needs write permission on system files to replicate. Also, on GNU/Linux system it is hard to spread a virus specific to certain e-mail applications like we are witnessing collosal spreading of Code Red for M$ web server, and other virii written for M$ Outlook, because there is no default email application in GNU/Linux distributions as it is M$ Outlook in M$windows.
The CNN article talks about virus and worm attacks (despite that some exploit security bugs) and their financial impact on companies. Why does this topic use the "bug" icon? So now /. editors have freedom to introduce new concepts to the term "bug", which generally refers to the software defects as in debug?
¦ ©® ±
I hate these so called 'reports' that don't even care to share their methodology for determining costs. I mean, it said that clean up costs include "x, y, z" and lost productivity inlcludes "a, b, c".... but what exactly was included, who did they interview and how did they come up with number of companies affected?? Also, does this include the cost of protecting computer systems (eg, with antivirus software) that don't get infected?
===> An eye for an eye makes everyone blind - MG
Bet you won't find these kinds of figures on Microsoft's TCO comparisons with Linux. :P
Best. Comment. Ever. Enjoy!
Following the lovebug attack, my university decided to block all lovebug messages from the students' mailboxes, e-mailing everybody about it.
So, I decided to ask a friend who actually got the worm to send it to me. I was quite surprised that it was sent OK.
A few weeks later, a student came to me with a strange problem. A message he sent bounced. I checked the bounce, and to my surprise, it was bounced due to server restrictions. I checked the message and it turned out to be a real love letter to that student's SO. It turned out that the filter they installed simply filters out any message with "I love you" in the subject.
Realizing this was the problem, I told the student to try a diffrent subject line, and then the message worked OK.
People do the strangest things...
Make even shorter URLs - 8LN.org
So does that mean Microsoft is going to foot the bill. It would be a nice little bit of PR...considering its all there fault. Maybe I'd start paying for their OS if it worked like an OS should (read linux, read BSD, real Solaris).
If MS REALLY wanted to make money, they'd buy a major Antivirus company so they could have their cake and eat it too!
First of all, I would like to know how these news stories keep coming up with monetary figures to represent mostly intangible concepts. Sure, there's a scientific way to go about it, but I know that I wasn't surveyed, so the results of such a process are at least flawed.
Secondly, I have three distinct and conflicting views about virii. Mostly, I find them a nuisance and a pain in the ass to deal with. I also find them entertaining. It's like a great big joke, we get to watch M$ hang its ass in the wind - and we get to see M$'s fervent supporters run around like headless chickens for a while. I also find virii to be a necessary part of our daily electronic lives.
That being said, the reason I find this article (and others like it) so disturbing is because we are seemingly paving the way for a whole new onslaught of legislation against computer virii. Let's be realistic: virii do -for free- what an entire industry fails to do with regularity - identify security holes. Almost 100% of the time, these holes are found in M$ products, which we all know are used by virtually every person in the online world. If virus writers didn't exploit these holes for their own entertainment, it would be much, much easier for malicious people to exploit these holes for their own gain and/or to the serious detriment of the victim.
Based on that, the only news in this article is found between the lines.
main(){char I,l,O[]={'-',1-1,0,(1<<5)-1,0+'-',-10-1,-10,11-0,
Anyway, your point is invalid - you make the assumptions that Windows system has no filesystem security, this is untrue of NT4 and 2000. And you assume that Linux users will actually take advantage of the file permissions inherent in the system - many users run their day to day sessions as root.
Do virus-related costs add up to the total cost of ownership? If so, how much would a Windows based-system cost? How much would a Linux/*BSD/Un*x based system cost?
It's just a BloJJ
Anyway, your point is invalid - you make the assumptions that Windows system has no filesystem security, this is untrue of NT4 and 2000.
M$ windows versions 3.1, 3.11, 95, 98 and ME, the most used M$ systems, have no protected system files.Well valid point.
And you assume that Linux users will actually take advantage of the file permissions inherent in the system - many users run their day to day sessions as root.
Only clueless newbies run GNU/Linux as root if they didn't read a warning during install process of GNU/Linux system. M$ virus rules. M$ outlook virus rules.
All those who learned the major arcane heiroglyphic of the CLI, saw the GUI as a threat to their elite geekyness, almost seeing it as a virus threatening their priveliged earning status. Configuring a Linux box should not be made too easy should it? But wait..... another virus awaits around the corner. Ready to infect the earnings of all GUI writers. Yes my friends, better than human speech recognition, yeah I know you don't believe me, well you are wrong. And whats more its been out for nearly two years, very strange, how silent the media has been about this speech recognition breakthrough. Unspoken middle class conspiricy maybe? Well go here then and see what you think. Once people can talk to their computers, I'm afraid the bottom will drop out of the market, a bad virus indeed!!
All of these articles that I have been reading lately discuss Code Red and Code Red II in the past tense. Its still out there folks and its still attacking systems. I just ran a scan of my log file for one of my systems and the following IPs attempted to attack the webserver (which is running Linux/Apache and doing just fine):
216.175.70.25 which attacked at 31/Aug/2001:04:16:29 PST
61.129.37.165 which attacked at 31/Aug/2001:10:47:55 PST
216.254.153.209 which attacked at 31/Aug/2001:13:58:40 PST
62.110.109.5 which attacked at 31/Aug/2001:14:01:40 PST
216.75.67.200 which attacked at 31/Aug/2001:14:25:52 PST
216.210.235.68 which attacked at 31/Aug/2001:14:32:04 PST
216.254.2.43 which attacked at 31/Aug/2001:19:13:21 PST
195.128.198.2 which attacked at 31/Aug/2001:20:40:38 PST
200.204.61.28 which attacked at 31/Aug/2001:21:09:45 PST
ip244.54.136.216.in-addr.arpa which attacked at 31/Aug/2001:22:30:24 PST
209.88.144.24 which attacked at 31/Aug/2001:22:52:19 PST
209.88.144.24 which attacked at 31/Aug/2001:22:53:36 PST
216.72.50.157 which attacked at 31/Aug/2001:22:54:32 PST
61.175.90.219 which attacked at 01/Sep/2001:01:18:38 PST
24.176.223.88 which attacked at 01/Sep/2001:01:25:49 PST
216.224.75.34 which attacked at 01/Sep/2001:01:49:07 PST
212.38.187.178 which attacked at 01/Sep/2001:02:45:22 PST
Now the number of attacks goes down on the weekenend and up during the week, which suggests that most of these addresses (if not all of them) are simply DHCP desktop boxes run by morons who are too stupid to download and install a patch that has been widely mentioned in the news. But the fact remains that this worm is out there and active on a ton of systems and should *not* be spoken of in the past tense.
Just my 0.45 Cents Canadian...
"The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
It's all a matter of what you choose to count. Is virus protection software a cost of viruses? How about the time your sysadmin spends keeping the protection up-to-date?
Let's now examine the cost to business of car crashes (I'm following the methodology of the experts - I guessed):
The car: $15,000
Medical costs: 20,000
Tow/cleanup/etc.: $200
Slowing traffic on the Bay Bridge and causing a 30 minute delay for the 100,000 people behind you: 50,000 man hours @ $20/hour: $1,000,000
Having to install seatbelts and airbags in 10,000,000 cars a year `cause a tiny fraction of them crash: $10 billion.
Installation of thousands of miles of guard rails plus breakaway sign and light poles, sand-buckets, etc.: Many billions more.
Nationwide deployment and maintenance of vehicle rescue equipment. More billions.
I could go on but we are already up to an absurd number. The real question is which of these are a cost of crashes and which are a cost of transportation. People crash cars or they break and crash in spite of the driver. Therefore the infrastructure must be built to recognize that fact - It's a cost of transportation.
If we include the cost of protection from threats (firewalls, security admins, virus protection) etc. as a cost of viruses rather than a cost of computing then we will have to start calculating the cost of doors, locks, the building security guard and such as a cost of crime rather than a cost of our lease.
HEHEHEHE
I think that virii cost more in terms of the hype they create. I spent more time explaning to my mom and friends that code red would not melt their harddrive and that they were free and clear.
:)
The time lost is real. I must have spent at least 16 work hours patching, researching and explaning to others in the office who "needed" to know. Thats about 500 dollars of lost money for my company.
Anyhow, check out my homepage for a graph of the code red hits my web server has taken
Jeremy
If our admin's hadn't spent 2-12 man weeks dealing with MS related security upgrades and crap over the past year, they might have gotten a VPN up and running, which would have meant the 120 odd employees could have put in a dozen or so extra hours of work from home, and those that dialed in without the VPN would have been able to use the VPN and work more effectively.
Lessee, 120 employees times 20 hours over the past year times $60 CDN per hour per employee, that's $144,000 just for the medium sized IT shop I work at.
Of course that's mostly opportunity cost. Not too much of it would have been billed directly to clients, but we would have produced better software with fewer bugs and more features. (Not to downplay the term opportunity cost, it is valid to worry about such things...)
ok, some very good points... but...
If it became as wide spread as Windows 1/2 the people out there would end up as Root. (or with root permisions, why log in to install software (remember NORMAL user...) Plus they are also the chance that a bug in the file system/print server,... will give a normal app r/w over everything.
email virii are due to daft-user-sendrom.
Anyone with 1/2 a brain cell should know not to open attachments unless you are expecting them (old version of outlook may have had the autorun.ini problem, but then old versions of Red Hat are not all that user friendly).
MS web server, I will not denay it's poo-ness, but if adv people started using Linux, someone would have fun with Apache.
Insightful but Overrated Troll
I consult at a major telephone and data services company. I remain anonymous to protect us both. The company is a Microsoft partner, and a very early adopter of Win2K. We sat smugly behind our corporate fire walls until CodeRed II slipped in on hibernating laptops from home, and from trusted partners and other corporate divisions.
Internally, there were no barriers to its spread amongst an amazing number of workstations running IIS without the users knowledge. Even developers involved in web server development did not realize that their workstations could be infected.
A botched software upgrade distribution, intended to protect against the worm, made some 5000 workstations unusable until individually repaired. Those of us whose workstations survived, faced delays due to the enormous flood of "ARP Who Has" messages as the infected machines scanned for new victims.
The scariest, and potentially, the most damaging problem was degraded service in the support network for the 911 emergency service in our metropolitan area.
> Only clueless newbies run GNU/Linux as root
Err... for Linux to become main stream (My your [G|g]og[dess[e]][s] help us all if it does) then it HAS to appeal to clueless newbies.
Plus why the f*** should you log in as root to install stuff... its not neaded for a desktop.
Insightful but Overrated Troll
Our local news: It seems that every time M$ releases a new OS they just dance around it. Its very funny. For example when winme came out, they danced around it like it was their god. Now it turns out its not 1/2 as stable as the previous 9x. They say: Oh well, Win2000 is better. But yet they failed to report CodeRed, and just ignored it so they won't 'scratch their little M$ god's name'. The average person is dumb. As 'geeks' most of us know that.
I'm no punk bitch !!!
Ok, this has to stop.
Comment removed based on user account deletion
Why is it we don't call this what it is ... a MICROSOFT virus problem that costs "$10 billion" per year?
Try it ... whenever you discuss a virus, prefix the virus name with MICROSOFT (e.g. Microsoft's Sircam Virus)
I believe Juanita
If 1/2 users log in as root, they'll have to directly execute a virus to infect a system. MS$ outlook virii are other storry, they are maybe written because M$ is widespread. Fun with Apache and fun with other daemons in Unices is nothing new, there were many such attempts, they have limited effect since they use bugs in software only, in *nix it's all about "if this" and "if that", however, in win 3.1, 3.11, 95, 98 and ME users are always "root", and this is the weakness which is mostly exploited in M$ systems. BTW, there is also binary incompatibility in *nix, there is no such damage as in M$ systems.
Your either a very poor troll, or an idiot. I can't quite tell. If I had to choose, I'd choose idiot.
Is it a new slash feature that non-logged in people don't get to see sigs? About three times now I have seen people comment on sigs that I can't see. Hrmm... if I was really motivated I could get myself an account and find out, but alas, too much hassle setting up a temp email box, and changing my settings to allow cookies etc.
As an experiment please do the following:
ghost your primary-box onto another box (aka secondary-box)
install virus software on secondary-box
report back results
reformat the secondary-box hard-drive so as remove every vestage of the virus scanner from the secondary box.
Why do I ask you to do this? A friend made the same claim. One day he sent me a file. McAfee said it was infected with "XYZstdBadSTDVirus" or something.
I called my friend and said "Dude ... you be infected"
The friend installed a virus scanner and discovered his system performance improved because of all the virused he started to clean off his system.
Funny thing is he thought he was quite the computer stud thinking A+ Certs would lead to riches, etc
I believe Juanita
So you think security is not important at all? That all people should just behave? Wow, we could all save a lot of time and trouble if we eliminated all locks--on our cars, houses, at work, on file cabinets holding classified information, etc. We should just rely on other people not to abuse that power and steal our stuff...
You're obviously living in a dream world.
> Only clueless newbies run GNU/Linux as root
I said "Only clueless newbies run GNU/Linux as root if they didn't read a warning during install process of GNU/Linux system." It is different. There is always a warning. Running Linux as user, not as root, is always the very first lesson on GNU/Linux.
Plus why the f*** should you log in as root to install stuff... its not neaded for a desktop.
I didn't say anything about installing desktop. BTW not all GNU/Linux distributions install GUI by defualt. For instance Debian GNU/Linux distribution installs only basic CLI system and ask if user wants more, for instance GUI environment before proceeding.
"Viruses" is correct, "virii" is not. Look it up in a dictionary if you don't believe me: http://www.dictionary.com/cgi-bin/dict.pl?term=vir us
Whom is a direct object. "To whom" is correct, "to who" is not.
In the same manner, saying "between you and I" is incorrect; "between you and me" is correct.
You'd never say "Give that to I," now would you?
Honestly, people, correct grammar is neither difficult nor time consuming. Hell, I went to a US High School and all this was taught in English class. What the hell is your excuse?
It doesn't mean much now, it's built for the future.
It seems to me that Windows has had many more serious security bugs than Linux. The design of Windows is poor, in my opinion, and the programming is sloppy.
Bush's education improvements were
MS web server, I will not denay it's poo-ness, but if adv people started using Linux, someone would have fun with Apache
Great post Jar-jar. Now learn how to talk Ee-nglush.
The cost in damages should only be counted if it constitues
A) Lost Time
B) Outsourced Work
Generally, neither of these things happened. The last virus that I know of that cost my former employer ANYTHING was the love bug, because it erased a large, backed up set of images. These were all restored within a day. The entire workforce merely asked for a copy from the backup server and got it. Nobody stopped working, the people who handled it were IT professionals wou would have been working anyways. I would estimate that perhaps 30 seconds of everybody's time was spent on it. So, 1/120th of hourly payrate at 15-40$/hourly for 500 people... Hrmm... No, only one wing got struck, make that 100 people.
Since we didn't spend any money that we wouldn't have been spending ALREADY, I would have to say that the cost was $0. There was also no downtime, so it didn't cost us any sales (that is if were were selling anything).
This is just companies who figured out that they don't make any money doing what they do who said, hrmmm. Oh yeah, our webserver got it, goodness, that's $5000 right there in damages, right? Downtime? Well, it slowed down a little, and I had to fix it by running virus scan. It cost me a trip to the coffee pot!
I wanna see new TCO figures with virus costs calculated in and then lets see if they even bother telling us about TCO anymore (wrt Linux,etc of course). Was one of their big arguments a few months ago, that TCO of MS products was actually lower than TCO of free software solutions. Haha.
I wish the mentally ill would not post to Slashdot.
I agree. Maybe you find the joke funny. Maybe you don't. But it is definitely on topic. If a comment could somehow be useful to someone else, but it isn't to you, don't moderate it.
This page explains in great detail why not:
http://language.perl.com/misc/virus.html
Additional support:
http://www.dictionary.com/cgi-bin/dict.pl?term=vir us
A search on Google for "viruses" turns up 1,480,000 hits.
A search on Google for "virii" turns up 38,200 hits.
Any technical literature written by professionals will NEVER EVER USE THE WORD VIRII! IT'S NOT A REAL WORD! The plural of "virus" is "viruses"!
http://www.mcafee.com - on the FRONT PAGE the word "viruses" is printed several times. "Virii" is not.
http://www.centralcommand.com - same deal.
I'm going to keep posting this on every virus story that comes up until everyone gets the damn hint!
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
When you consider the fact that Microsoft consistantly compromises security for usability, you can say the security of the windows platform is inherantly flawed. Now, just because it's flawed doesn't mean that windows systems cannot be secured to a reasonable degree, it just means that one must invest time/energy into securing the system, usually through 3rd party software and security patches gallore. The result of all of this is a giant user base, most of whom have no idea of how security can impact their usage, and a climate where 3rd party jobs are created to cope with a very usable and insecure system.
The fact that windows systems can be secure, but typically are not is the fault of microsoft, because of the way they've chosen to engineer and market their product. That is where the bug lies. This bug isn't a software bug. It's a bug in microsoft's design/engineering teams.
I won't be a judge of whether the $10 Billion is an accurate figure. Consider what wold happen if damages was awarded to MS victims? (excluding punitive damages):
Some Microsoft figures:
Annual Sales: $25 billion
Annual earnings before taxes: $11 billion
Profit: 7.7 Billion
This shows us that MS contributed approximately 0 dollars to the economy. That's what I call a well put together scam. If punitive damages were awarded, MS would soon be history, and Billy Boy would move from his mansion to some shelter.
While the lottery is a tax on the mathematically challenged, MS is a tax on the computer illiterati.
-- Another senseless waste of fine bytes.
... when you caught a cold. :)
You guys are fascinating. Viruses it is.
A scholarly discussion of Latin! That's one reason I like Slashdot. There is always someone who has interesting information.
Bush's education improvements were
Where's the good viruses? Every example I see exploits some sexual content or erases your hard disk or trashed your windows DLL's. How boring is that?!
I want to see viruses I'd be proud to infect myself with. Like a networked syphony virus. Infect a subnet (Typical at most computer labs or offices) and have them syncronize behind the scene then each computer takes the task of an interment and bingo: Mozart's 5th all through out the Computer Lab!
Second of all why not smart viruses. Say ones that can learn and adapt. Automatically update via the web. Ones that can attack Anti-virus software so it doesn't detect viruses (Like HIV) and infect your MFC libs so InstallSheild windows don't work. Basicaly why go for the whole hard disk. Where's the spice and fame in that?
A good example of a creative virus was an old Mac one I heard about. Every time you rebooted it would shrink the screen resolution by one pixel. So a year from the infection you'd be looking through a mini window just like back in the old Quake on 486 days.
My theory is viruses are designed to be molitios to continue the fear. So silly Magazine certified hill billies will panic and buy some anti-virus software. Ahhh see the connection? If I were a anti-virus company I bet I'd pay off some hacker accross seas under the table to write some mulitios virus and send over the vacine so I'd be the first to come up with an anti-virus.
Ahh the consperiousy reviels itself...
> SELECT * FROM brain_cells WHERE synaptic_rate > 0
0 row returned
So, you acutally lost revenue by not working for 3 hours? The project you were working on actualy was delayed 3 hours and this actually cost money?
If you are contracted out to others, and in this case, had to be retained that valuable time to clean up from Sircam, fine, that's a valid point.
Most places, though, have IT staff who are there to do such things.
10 billion is a lot? I haven't looked at the figures lately but I'm sure our world economy is north of 10 trillion a year. We should be fighting sneezing at work if we should care about this virus.
Besides, it could make us a lot of money. Simply fire all the people who click on the "infect me" icon. Consider it a free IQ test administered randomly.
Exactly. The latest Microsoft Internet Explorer "service pack" DISABLED another company's software (QuickTime). This kind of sneakiness makes upgrading impossible for the average user. You must be technically knowledgeable and well-informed to defend yourself against this kind of behavior.
Bush's education improvements were
You might never have one BSOD but you will have lots of other problems like your systems crawlin' to a halt after its been on for more than a week especially if you run some games in your server. Try running Half-Life CounterStrike on a Win2K Server...........
Truth nowadays is based upon the general consensus of the many
I keep seeing posts from you in this article, and they all suck. Do you EVER shut up?
Am I the only person to spot that the list referred to in the article (and the costs quoted) conclusively proves that there is no such thing as anti-virus/worm PREVENTION? There is now only cure.
G
"And the meaning of words; when they cease to function; when will it start worrying you?"
Shut the fuck up. Get those voices out of my head!!
Why does this topic use the "bug" icon?
Because viruses exploit bugs.
Social engineering viruses such as ILOVEYOU and SirCam result from the difficulty of telling an executable file from a document (as most users don't know what vbs, com, pif, and lnk are), which is a bug in Outlook Express, Eudora, Mozilla Mail, and most other popular mail clients for Windows. UNIX solves this problem rather easily by including a bit or three for 'x' permissions.
The fact that virus-spreading daemons can run undetected by the average user is a bug in the design of Windows's task manager.
In general, the lack of filesystem access restrictions, which implies that code executed as a user can fill or reformat the C:\ filesystem, is a bug in Windows 9x's design.
Will I retire or break 10K?
"Microsoft Flaws Cost Estimate For 2001 Tops $10 Billion" Oops.. That number would be a little too optimistic. Oh well. Try again next year.
No, it's a $10 billion/year Microsoft innovation. Microsoft created the whole antivirus industry when they decided to not have MS-DOS use the protection hardware in the 286 (and later the 386). Leaving the hardware accessible to user programs was known to be a bad idea ten years earlier.
Windows users can run a fake java-based webserver called Code Red Vigilante that uses the exploit to inform infected users that they've got it.
There's a apache script that works a lot like this, someone care to post the link?
What I found striking about this is that it wasn't
that long ago that a European report found that
the annual cost of spam was EU10B, or about $9.6B
in US dollars. In other words, according to two
very different sources spam is just as big a
problem as virii... When's the last time you saw
a major spam run reported on network TV?
At no point in this process does it rely on anything in Outlook that can be really called an "exploit", like a buffer overflow bug. Outlook itself is the exploit. The worm doesn't need to do anything that Microsoft hadn't planned for people to be able to do. There is only one step in this process that relies on human frailty. The rest of it is simple API calls to functionality that Bill and Co. decided to make available to executable email attachments. Outlook (anything that uses Microsoft's "Windows Scripting Host") is excellently designed to host worms and provide services to them as they infect a network.
Windows does give you a warning when you are about to open something that has executable content in it (HTML with JavaScript, Excel documents with VBA scripts, etc.). Microsoft has seen fit to cram executable content into so many different file types that every single attachment you ever open from anybody gives you this warning. It's like the boy who cried wolf. But this is the extent to Microsoft's approach to security. It doesn't stretch much further than the "hey, do you want me to run this?" dialog box (if they even give you that). They just don't take security seriously at all.
Now Microsoft is not full of stupid people. The decision to include executable content in emails must have raised alarm bells concerning security. They must have realized the vulnerable state they were putting everyone in. And how did they handle it? By reprogramming their OS and application suites to properly implement security and handle code from unknown sources with the appropriate level of caution? No, that would be too much work, and then people might complain that the security was getting in their way. So this is how they handle it: they put in a dozen lines of code that show you that little ubiquitous dialog box (unless you've checked "never show this dialog box again" on it before), and they extract a boolean from your confused and sorry ass. Then they branch there. If anything bad happens now, it's your fault.
The plural of box is not boxen, the plural of UNIX is not UNICES, and the plural of mongoose is not polygoose. jf
Nobody complains when people say "boxen" just for fun ... why should they complain when people say "virii" just for fun?
Certainly, I laugh at all those who say "virii" thinking it's the actual plural of virus--but similarly I laugh at all those who get their panties in a knot trying to correct those who lovingly and playfully use "virii" as a "playful distortion of language".
Please, do us all a favor and get a grip!
Dlugar
Computer Go: Writing Software to Play the Ancient Game of Go
When are retards going to realize that the word "virus" is not Latin, therefore "virii" is incorrect? The plural is "viruses," thank you very much.
Fags.
So I gotta ask, is Microsoft having a clean sweep in that report a result of their monopoly position with viruses? Or have they innovated in new ways to get infected?
That's true. And they have. You've mentioned the Ramen worm (which was actually more complex than Code Red - taking advantage of 3 exploits). There was li0n. And sadmind (spreading accross Solaris machines, then defacing IIS sites).
They're out there. There are plenty of Linux and Solaris servers to populate. Where's the big outcry and doom stories accompanying all the horrid damage done by these worms?
There are a few possible things happening here. Its possible these systems are better administered - set up and actively administered by knowledgable administrators. Its possible that these machines aren't deployed with everything possible running. Its also possible that these platforms are simply easier to secure and patch.
In any case, the smuggness isn't entirely out of place.
There are a *lot* of unix network daemons which are vulnerable, mainly because they tend to be written in C.
Relying on folklore to tell you which services you trust seems pretty sloppy to me; unless you've somehow guaranteed that your services are more secure than the ones listed, I say the worm writers will be the ones laughing.
nope.
My computer has NEVER crawed down, even when installing Oricale, MySQL (testing 'em both), Apache (don't trust IIS) and Tomcat (apache project, Java web server for Javalets) it ran fast (ok, as it was a test box it was not hit hard, but I AM USING IT AS A DESKTOP OS (I would use Solaris/BSD/Linux for a server)).
My computer does not have any rogue apps which I have to kill via cnl-alt-del.
And I run Half-Life dedicated servers on my machine most of the time! (well did, but I have moved and don't have my DSL line anymore)
I know... Why don't you try USING win2k instead of beleiving it to be shit as 9x was.
CS!
Insightful but Overrated Troll
The very fact that a .bat (which is supposed to be a text file and contain DOS commands) and a .pif (which should only contain a few preferences for launching other executables) can spread viruses since they are called the exactly same way as real executables is so stupid I can't even begin to understand why they did it.
This is as if perl would check a file it has received through the pipe ("/usr/bin/perl script.txt") and if it's not a real script, just launch it as an binary.
My computer has a virus. At some point, I installed a piece of software... during the process, another program was installed as well. The second program appears to be a back-orifice style program which possibly allows other people access to my files. I don't seem to be able to remove either piece of software. I can't uninstall the first program even if I wanted to and I can't simply delete the second. I have found the executable file, it's a file called msimn.exe. I have tried to delete it, but it comes straight back again. I've tried dropping in a replacement file with the same name, but that file get overwritten with the unwanted file.
My virus scanner doesn't seem to recognise it as a virus (I have updated my virus definition file so that its up-to-date).
While the behaviour of this program is not exactly covered by the term "virus" - it doesn't replicate by embedding its code "DNA" into other programs to reproduce. But having infected my machine, it then allows secondary "infections" to circulate. I think it's more like an abscess... an infected sore.
The name of the virus? Outlook Express. I don't want it. I can't delete it. I can't uninstall it.
How can I lance this boil?
return 0; }