Slashdot Mirror

← Back to Stories (view on slashdot.org)

Viruses: More Hype than Danger?

Posted by CmdrTaco on from the just-as-long-as-they-stay-out-of-my-inbox dept.

blankmange writes "CNN is carrying a story on how the big virus scares within the last year or so have been just that: scares, usually hyped by the media with software companies standing by to reap the profits. 'The market for computer security is booming as PC users become more aware of the need to protect themselves from worms and viruses. "Code Red" hit the headlines in July last year, with dire predictions that the PC worm would cripple the Internet. Yet in the end, Code Red didn't even make the year's virus Top 10.' PDAs are the next marketing target, along with cellphones."

16 of 419 comments (clear)

  1. Scares are enough by stoolpigeon · · Score: 4, Interesting

    People should be glad the vulnerabilities were not exploited to a greater extent and keep on working to keep things secure.

    If people broke into my house one night and left after defacing my home, but didn't take or destroy anything - I'd still be pretty upset. And if it was because I'd left the front door open- I would really think about closing it and installing a lock (or locking it if there was already one that I had just left unlocked).

    .

    --
    It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
  2. the really ubiquitous virii by kochsr · · Score: 2, Interesting

    yah without consulting the list of the "top ten" virii, i would say the ones that get passed by floppy and email via word and excel documents are probably actually the most common ones...
    not the ones that have been hyped.

    i remember the ones that used to be really ubiquitous in the DOS/win3.1 days were the boot sector virii... those things were everywhere! and they could be passed on by floppy

  3. Virus notifications are the real viruses by IanO · · Score: 2, Interesting

    I keep the virus software on my machines up to date and have never had any problems. What I find the most annoying is all the "There is a new virus that you need to know about... pass this along to everyone you know" emails. When a new virus hits CNN, there are more of these messages in my inbox than there is spam. On the other hand I've never had a virus emailed to me so maybe my informing these people of the need to use common sense and good virus software has helped :)

    --
    ------
    Objects in Mirror are Losing!
  4. did'nt hit as hard... by Anonymous Coward · · Score: 1, Interesting

    The comment says that Nimda didn't make the top 10.
    While true, the reason why it didn't is easy to find. It is _not_ because it was less virulent than the other viruses, but just because the target were hit by milder viruses beforehand and thus increased their level of protection. If Nimda had hit first, not only it would have been No 1 in the chart but it would be it by _far_, and also the internet _would_ have been cripled. After all, no connected Windows computer running IIS or outlook or file sharing would have been spared.

    Artaxerxes

  5. It doesn't work anyway by Deathlizard · · Score: 2, Interesting

    I would have to agree that most virus stories were overblown at best, but at least it gives Joe Consumer the Head's up when it comes to viruses. Unfortunatly no one seems to listen to them.

    For Example, I work at a university, and we have been recently blocking LAN ports form students that we find to be transmitting a virus. I have already had a loveletter and a klez come in today, and have had 22 nimda viruses come in over the past month. Im sure that theres more out on our network but we dont find out until their machine attempts to infect the server.

    Most of the machines have had either Norton on it but not updated to the latest defs, Mcafee activeshield, which is basicially useless, or Mcafee Virusscan that was either not updated becasue no one wants to fill out the 1 page form for it, or is version 4.0 or earlier, which has no def updates.

    Lately we've been pointing people to http://www.grisoft.com to get AVG for free from their site, and it helps, but im still getting machines in at a steady pace.

    Frankly, I dont think anybody cares if they get a virus until it forces them to format and reinstall, then it gets their attention.

    --
    In Soviet Russia, Trojan exploits YOU!
  6. Klez.H is not hype by The+Ape+With+No+Name · · Score: 3, Interesting

    It has crippled my workplace because it was not a "high-profile" virus and Norton did not ship defs for it early enough.

    --
    Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
  7. Re:Nimda by jobugeek · · Score: 2, Interesting

    Try sitting on AT&T's network. Our company webservers get probed atleast a dozen times a day from Nimba. 99% of them are addresses registered within AT&T.

    --
    I'm not drunk, I just have a speech impediment. And a stomach virus. And an inner ear infection.
  8. Re:Nimda is still fairly active/destructive by Anonymous Coward · · Score: 1, Interesting

    I have received a five-digit figure of those "scares" on a single account by now. SirCam, Klez, you name them. These aren't coming out of nowhere. Every single one of them comes from an infected machine, which for many worms means: backdoored machines. Free for anyone to take over (security is usually bad enough on systems which get infected, but the worms make them definite zombies, ready to add to the next DDoS attack, waiting to be abused as spam-relays or become hops in cracker-attacks. Hype my ass.

  9. Gotta love your obligatory pro-Linux statement by cscx · · Score: 3, Interesting

    Hmm, that's pretty funny cause when the worms hit, my IIS 4.0 box was immume and never affected. Since the web server responsibility was MINE, I made sure that IIS was secured... yeah that actually means "securing the box" (i.e., removing all script mappings, modules, etc that were not being actively used, securing the file ACLs, among other configuration changes). Yup, IIS was NEVER affected, therefore we were never hit. It still logs tons of hits per day from servers outside of the network as well.

    It's funny that I think of the same thing when I see Apache servers that are running everything up to and including mod_YourMom... people need a lesson in security... it doesn't matter if it's IIS or Apache or NT or Linux or Joe's OS.... it makes no difference. Security holes exist in every OS and configuration... it's just the job of the astute sysadmin to make sure that the holes are plugged before the box goes into production use.

  10. From the Future by Arandir · · Score: 3, Interesting

    In 2003, the news media reported on the Faux Flu. It was dangerous they said. It would kill old people and children. It would cause everyone else to spends weeks in the hospital. It had all sorts of nasty symptoms, which I won't describe here.

    The reporting was hyped all out of proportion. Every hour on the hour there was a public service announcement regarding it. Major troop movements in the Middle East were relegated to the back page in favor of reporting on some kid with a runny nose on page one.

    The public went into a panic. People went and got their flu shots. The covered their mouths and noses when the coughed or sneezed. They didn't go into work when they had the sniffles. They stopped french kissing with strangers.

    But there was no outbreak. A total of five people died of the Faux Flu. The people blamed the media for inciting panic. Newspaper subscriptions plummeted and Disney Megacorp had to sell off AOL/TW to stay afloat.

    Then the Fu Flu hit the next year. No one believed the media. No one took their flu shots. Sneezing in crowded train stations was considered hip and cool, a way of telling the doommongers to bugger off.

    And 1.3 billion people died.

    --
    A Government Is a Body of People, Usually Notably Ungoverned
  11. The virus ecosystem by Animats · · Score: 3, Interesting
    The anti-virus industry depends on the continued introduction of new viruses. This creates a strange synergy between anti-virus companies and virus creators.

    It's important to the revenue stream of the anti-virus companies that their products not work very well. Note how these things work. They mostly recognize known viruses. They don't generally stop improper behavior by all possibly-hostile content. Hence, constant upgrades are necessary. The initial version is usually free, just like a drug dealer.

    It doesn't have to be this way. Suppose, for example, that Mozilla rendered all pages and executed all downloaded content in a "jail" secured by the OS, one that could write to the window, receive input when it has the focus, and talk back to the sending server, but nothing else. This could work under FreeBSD as currently shipping; Linux may get there.

  12. Code Red virtually destroyed one major auto co... by Anonymous Coward · · Score: 1, Interesting

    At least one major automotive company was utterly crippled by Code Red for nearly a week. The systems administration at these plants are a joke, and they're all interconnected on the network.. So everything running IIS (which is just about everything as their standard custom OS install INCLUDES it) was infected.

    The servers I have control over in there (which need real web interfaces and therefore ran Apache) were, naturally, immune, but the access logs sometimes showed upwards of 80 hits a second trying to infect them, all from internal addresses. I estimate that over 75% of their systems were infected. Many still are.

    Oh, here's the fun part: it cripped them because the attack took out the wireless access points. The access points ran an internal web server for configuration, and it simply locked up the access point with one overlarge packet. Crunch. Eventually they disabled the access points web interfaces.

    At one point, as an interim measure, they setup the main routers to block all port 80 traffic. Period. Nothing that had port 80 in it was passed anywhere. This was simply to stop all their servers from crashing at all the plants due to the massive DoS attack caused by the infected boxes trying to infect others.

    So excuse me for laughing my arse off when I saw this article... ;)

  13. Re:Was the CNN author a Systems Administrator? by t0qer · · Score: 3, Interesting

    I got one last comment to all the asses who don't agree with me.

    You obviously don't have any respect for how much burden is layed on a sysadmin. You don't realize when the shit hits the fan we're the one's cleaning up your mess. You just don't know how dumb all those people with the "Chief" something in front of their title (CEO CIO CFO) really are.

    Corporate infrastructure would rot without us. We're the one's with the cell phones and pagers as a leash. You whine about how much we get paid? How many sales people are called down to the office at 2:00am because the people with the "Chief" in front of their title decided to pull an all nighter and need you there to show them how to minimize a window. We put in twice the work any of you morons do and we never get recognition for our work.

    We have to answer to every department within a company. You are constantly walking on pins and needles because if one person is somehow offended by you telling them they're #10 in the que they throw a political shit fit getting your ass in a sling for not working fast enough. Sometimes you're asked to do things un-ethical like spying on employees. (I had a CEO ask me to spy on one of the girls he was bangin in the office because he thought she was banging another "Chief" You see things like an entire company get purposefully run into the ground so the CEO can hide his dangeruos liason from his wife.

    I shouldn't worry about someone breaking 9 laptops in 3 months? You fucking ass, those were dell inspirions, at about 5k each that's 45k for some ditz bitch sales whore to make me work harder when all she had to do was carry it on. 45k COULD have bought another jr. admin. That's another thing too, you see shit like the "Chiefs" spending riduclous amounts of money on themselves and their butt buddies everything from top of the line laptops that will never fully be used to fancy dinners "Outside meetings"

    It is that stupid user thinking that money and IT resources just grow on tree's that atrributed at least %30 to the downfall of the dot coms. Yeah go break another 5k laptop you bitch.

  14. It's Michalangelo all over again! by bugg · · Score: 3, Interesting
    I believe that people *love* to hear about the next killer virus/worm that's out there. It's a sort of sick fascination with how easily one person can write something that spreads to thousands of computers that we rely on for so many important things. As someone who has had to disinfect dozens of computers and hundreds of floppies in previous employment, viruses are a headache, but they're also fascinating. It can be a rush to run f-prot and see what you'll find.

    Of course, things are different now. In the DOS heydey (including Windows pre-95), most viruses we re textbook viruses. Today, more of them should be defined as trojans and worms. There's no worm that you can see and say "well isn't that cute" as they all are quite damaging in terms of bandwith utilization. But there were/are many true viruses that are not damaging... or not damaging if caught in time. We all like fire, but nobody likes getting burned.

    Now, back to the subject. Michaelangelo. Back when it was news some ten (egads!) years ago, McAffe was warning everyone of the impending doom. That year there were many people who lost data, but nowhere near as large as some people had believed. To be fair to the AV experts at the time, most of them gave a range from the small to the abnormally large- but guess which figure reporters used to sell papers?

    So, life went on, and nobody was afraid about Michaelangelo anymore. Well, this poor sap was hit by it the *second* time it delivered it's payload (March 6th 1993). I lost of a lot of data that day, and boy was I surprised. Ironically, the data I miss the most is a copy of the virus itself. We all love fire, but we don't love getting burned.

    Studying the interesting viruses was, and is, a really educational and enjoyable thing to do. I do not encourage people to distribute viruses. It's a dick thing to do. But there are plenty out there, and they'll forever live in databases like VSUM and whatnot. The game of virus authors versus AV authors is largely over; but it's still neat to see how different viruses copied themselves, and even more interesting the cryptic lines of text that can so often be found in infected executables.

    Eddie lives...somewhere in time!
    This program was written in the city of Sofia (C) 1988-89 Dark Avenger.

    Call me a hopeless virus romantic (not the VD kind), but I still think that's cool.

    And holy crap, I just realized that the slashdot blackout already started. I apologize, didn't realize this before I typed this all up.

    --
    -bugg
  15. A Tough... by NorthDude · · Score: 1, Interesting

    Don't worry about me being paranoiac, I know I am but...

    When I was working at another company few years ago, my president was very fiendly and was enjoying teaching us "marketing" strategies. I found it interesting because it teached me at what levels big corporation are willing to brainwash you. One thing he explained me one day was that a common strategy was to "create the need". Well, we all know this strategy, but he explain me to what extend this could go sometimes. Some company would litteraly "create" you problems to further feed you with their main product. So, my point is this one:
    We know that AntiVirus company make a lot of advertisment for their product, they are big selling software and seems to be a lucrative market. Am I the only thinking that they may feed the market themself? It's so easy to put virus in circulation, anyone can... Would it not be tempting to them to "inject" a few once in a while and release a "security alert"? Then, letting the media go, the hype boosts itself and scares people enough to boost sales? I'm sure it happens...


    I shouldn't skip my medication anymore...

    --


    I'd rather be sailing...
  16. Depends on your opinion... by nologin · · Score: 3, Interesting

    If the past year's viruses were all hype, I have to wonder how serious a virus has to be before they actually claim them as dangerous.

    Thanks to SirCam, I personally received two documents from Fortune 500 companies (which were infected) with draft proposals for new products and the markets they were targetted for. I get to know the plans of a big company even before their CEO does.

    Thanks to CR/Nimda, I get to see at least 100 probes a day trying to get to my personal web server. On more active days, that number is more like 500. And this is now, over 8 months after the virus was at its peak.

    I know of at least a few administrators (that work at various companies) that had to put in about a week to get the "I love you" virus under control. And that virus didn't even have a nasty payload.

    Mind you, they could have been much worse. The simple fact is that most of these viruses were born from stupid bugs (which in most cases were simply overlooked) and hence were somewhat easier to fix.