Visual Studio .Net: Now with more Viruses

News.com breaks the story (and 8000 readers submit) that Microsoft distributed Nimda-infected copies of Visual Studio .Net in Korea. I don't even know what to say here; nothing seems adequate, except to point out that "trustworthy computing" does not seem to have had any effect whatsoever. News.com just updated their story to point out that it probably won't infect the people who installed Visual Studio .Net, but it's still a rather nasty faux pas for a company that's supposed to be cleaning up its act.

So....

[Jacer]

Did McAfee or Norton give this press release?

Re:So....

[rector]

In fact, the virus was found by a Microsoft employee manualy without any special software.

Re:So....

[hiei]

It's on the dresser, next to the keys! I've told you a million times!

Favorite. talk show. ever.

Re:So....

[Monoman]

The Onion? :-)

What... the... hell....

[aetherspoon]

I mean, come on, anyone ELSE see this as similar to when the Cult of the Dead Cow released Back Oriface 2000 with CIH preinstalled? :)

Seriously, before any of the "OH ITZ M$, THY SUXX!!!1111" posts come out, lets be honest. Any company can make that mistake. It takes a special moron in Quality Assurance to release that one.

I have to ask though... what would YOU do if you were MS in this case?

they should sort of borrow oracle's motto.

[overbom]

"breakable"

or maybe that doesn't quite say it. Hmmm, what am I trying to get at.

"trivially breakable"

It only infects one file that's never referenced by the system, and there are all sorts of unlikelihoods that prevent this from being executed. Still, bad press is bad press. :-)

Re:they should sort of borrow oracle's motto.

[Waffle+Iron]

How about "broken"?

Re:they should sort of borrow oracle's motto.

[overbom]

I'm not sure that 'broken' fits with their philosophy. Remember, it's the fault of sysadmins for not applying the requisite patches/fixes for Windows systems.

I think 'trivially breakable' is much more apt for that reason -- it teeters precipitously on 'broken', and correctly implies that the slightest push will push it into worthlessness. :-)

mike

Re:they should sort of borrow oracle's motto.

[1010011010]

It only infects one file that's never referenced by the system

So nice of them to include a useless, unneeded file in their package.

way to go

[TheKubrix]

If they only had been using a Walmart Lindows box......

Sue 'em

[frovingslosh]

The guy who wrote that virus should sue Microsoft for distributing it without his permission. We're talking about theft of intellectual property here!

Re:Sue 'em

[rector]

If he sued them he could get quite a bit of money taking into account the scale of the distribution. The virus was evenm poste4d on the MS website!

Re:Sue 'em

[MrSkunk]

The virus was evenm poste4d on the MS website!

To mash a simpsons quote:
"The fingers you have used to [type] are too fat. To obtain a special dialing wand, please mash the key[board] with your palm now"

No that snpp.com uses google as there search engine, simpsons quotes are soooo easy to find.

Perhaps not accidently

[BrainInAJar]

Seriously. Wasn't ms getting angry at that area for it's lax piracy laws? I'm not sure about korea, but think about it. You want to punish software pirates, and local governments don't want you to. What better way than to give them a virus?

Re:Perhaps not accidently

[SoCalChris]

Thats one of the stupid things I've ever heard in my life. Yeah, punish the software pirates by distributing a virus to the people who are legally buying the software! Why don't you pull your head out of your butt and think for half a second before you start saying stupid stuff just so you can jump on the anti-MS bandwagon.

Re:Perhaps not accidently

[scott1853]

They already gave them .NET, how far do you expect MS to go?

Re:Perhaps not accidently

[SteelX]

how far do you expect MS to go?

Well that depends. Since MS is the one taking us for a ride, it depends on where we want to go today.

Re:Perhaps not accidently

[scott1853]

No, it's "where do you want to go today". MS doesn't want to take that ride with you.

Re:Perhaps not accidently

[data_the_android]

pirates would have had a virus free copy before vs.net was released here. this wouldnt affect them at all

Re:Perhaps not accidently

[daf00masta]

havent you heard of Windows ME? :P

Re:Virus day?

[goldspider]

They must have realized how well it's worked for McAfee and Symantec and decided to give it a go themselves :)

And yet...

And yet they still argue that "theoretically" open source is the bigger security threat.

For the love of God, vote Nader.

Re:And yet...

[scott1853]

I bought a shrink wrapped Mandrake distro a year or two ago and it was 4 CDs. You really think they burned the master and then said, "ok, let's check every single file that we're sending out".

Re:And yet...

[Maserati]

Yes.

I really do expect them to fire up NortonAV and scan every single file on the disk, and every archive. THEN they can hand it off to manufacturing.

I haven't seen a virus on a shrinkwrapped product since the early 90s. Back then, when I was in software retail, we saw 2-3 games a year with a virus on one of the floppies. Bad thing to do to your customers (never mind broken .bat installers and so forth). I'm pretty certain that we never heard from any of those publishers again.

Honestly, how long does it take to virus scan a CD ? Not the disk image, but the actual burned master in a CD-ROM drive ? In a fast drive (24x or up) it's not that long. And right now every Windows developer in Korea has been sent a virus. What if they do that to a state where it is a criminal offence to distribute a virus ? I'll be quiet now, maybe somebody at RandomeSoftwareHouse will go to jail over sloppy QA. That'll be the Day !

It's a feature!

[gatekeep]

Hell, nimda is a better feature than that stupid paperclip thing!

Microsoft should be applauded for this

[Saint+Aardvark]

They...um...made sure that it was a quality worm that went out the door.

None of your shoddy open-source crap here, no sir!

Re:Microsoft should be applauded for this

[Amazing+Quantum+Man]

I hope that worm wasn't GPL'ed!

After all, that would mean that MS would have to distribute the source to VS.NET!

Hey... now there's an idea :-)

Re:Microsoft should be applauded for this

[tlhf]

Yep.

You obviously did forget the sarcasm tags.

Re:Microsoft should be applauded for this

[juliao]

I hope that worm wasn't GPL'ed!
After all, that would mean that MS would have to distribute the source to VS.NET!

Well, quoting from the GPL:

In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.

No, they wouldn't have to release the source to vs.nyet. And if they did, what would you want it for?

virus??

[hikeran]

I'ts not a virus/spyware.. it's a feature that enhances your web experience.

Re:virus??

[chris_mahan]

Actually it could be:

We're so confident our product is secure, we're including this free virus for you to test with.

JK of course. Doh.

People like viruses

[anthony_dipierro]

If Microsoft products weren't filled with bugs, they wouldn't be Microsoft, now would they? Microsoft is supposed to be a source for buggy virus-filled software. If they sanded off all the rough edges, their products would cease being products that I would want to use. Microsoft has been running its company for how many years now? If you don't like their products, don't buy them! Life is too damn short to worry about bugs in Microsoft software!

Re:People like viruses

[kollivier]

Have you considered a job with Microsoft's advertising department?

Re:People like viruses

[anthony_dipierro]

No, I stole all my ideas from Taco.

A great new marketing line for Microsoft.

[Restil]

"You probably won't get any viruses from installing our software!"

-Restil

even better

[Srin+Tuar]

"breakable"

or maybe that doesn't quite say it. Hmmm, what am I trying to get at.

"trivially breakable"

In this case, "broken" is what your looking for.

But this is Impossible!

he added, it's almost impossible to get the worm to execute on computers with Visual Studio .Net installed

How did this get infected in the first place?

Re:But this is Impossible!

[Ashran]

You dont have to install it to translate it!
Dont comment on something you didnt read.

Re:But this is Impossible!

[cicho]

Of course you have to install it, because you have to TEST it. Thoroughly. In fact, typical tests of localized software packages entail _numerous_ install/uninstall cycles. We're talking a large codebase, lots of text, lots of testcases, lots of localization issues to fix, _lots_ of new builds to test. In some phases of the testing, you'll install and uninstall the package a few times a day. It takes weeks, sometimes months.

Re:But this is Impossible!

[Ashran]

Do you really think the text is contained in the source code? I really dont think thats the case, they are most likely some text files or something similiar.

Re:But this is Impossible!

[cicho]

Resource files. You still have to (re-)build the software (at least parts of it), using the resource files, to test the translation. During the testing phase this can be done on a daily basis.

Of course the exaxt logistics of the process depend on the software house, vendor, etc. Builds can be compiled on site, or, in some cases, are farmed out to the vendor who's providing the translation. (I work for such vendors and have been involved in translating and testing)

Where's the foot?

[andy@petdance.com]

Why is this under the BillBorg icon, and not the Monty Python "it's funny!" foot?

Re:Where's the foot?

[Shagg]

I think we need a new topic icon. The MP foot squashing the MS Borg.

Re:Where's the foot?

[macdaddy357]

This isn't funny if your system gets infected, but it's a great laugh if someone you don't like gets infected! Send your enemies M$ visual studio as a "gift." Happy Holidays, Sucka!

Re:Where's the foot?

[Yuan-Lung]

Like this? =)

Re:Where's the foot?

[getter_85]

was this animated with an M$ product?

j/k, spend more than five minutes with that and I'll support the use of it

Sample code?

[SirKron]

Oh, when I read this first I thought that Microsoft was distributing the Nimda code as one of thier sample projects. That would be cool, a virus creation wizard. This reminds me of the story a while back about someone modifying a virus to check for security holes so the could be filled.

Not entirely Microsoft's fault

[1000101]

The "third party" that translated the software into Korean had something to do with the problem.

Re:Not entirely Microsoft's fault

Umm... who's name is on the discs? Who's job is it to ensure their quality. Yeah. It's their fault.

Re:Not entirely Microsoft's fault

[scott1853]

When you say "something", you must mean "everything". Of course I guess you could blame MS for making the system that got infected when the third-party was using it to translate MS's software.

Re:Not entirely Microsoft's fault

[chef_raekwon]

oh, right.
the box probably doesnt even have Microsoft's name on it. It has the third party tranlators name on it....
hmmmmmm.

Re:Not entirely Microsoft's fault

[timeOday]

So how do we tell "Genuine Microsoft Quality Products" from "Shoddy Software Created By Third Parties And Put Out By Microsoft"? Is the hologram a different color or something?

Re:Not entirely Microsoft's fault

[MrFredBloggs]

If they`re ok with making money from it, dont you think they should earn that money by acting responsibly?
Or is it just...
"Hey, it compiles!"
"Cool, burn it onto a CD, stick it in the post and lets get out of here!"

Re:Not entirely Microsoft's fault

[Jason+Earl]

That's a load of hooey. Microsoft's customers didn't ask them to use a third party to translate the files, nor did they purchase the product from the third party. If Microsoft can't even handle the elementary security step of scanning the product for viruses before putting it on a CD, how do you even know that the mysterious third party isn't replacing important DLLs with DLLs that are functionally equivalent but have a hidden backdoor.

Clearly Microsoft isn't really checking these files. Which means that when Microsoft says "Trustworthy computing" what they are really saying is that you should trust them, and all of their "third party" allies despite the fact that they have a horrific track record.

Re:Not entirely Microsoft's fault

[WarpedMind]

I would not be surprised if this "third party" wasn't a sub-siderary, like Microsoft Korea.

Off-shore companies are good for things other than hiding profits.

Re:Not entirely Microsoft's fault

[malfunct]

If you buy the US English version of the product you can be well assured that it came out of MS directly. The internationalized versions are often run through a third party for translations because face it, MS knows how to make software, not how to write in korean.

Re:Not entirely Microsoft's fault

[chris_mahan]

[This post contains language you might find offensive]

Isn't Microsoft entirely in control of selecting the vendor (the translation/locatization company)?
Would Microsoft be liable if the translator had said: Fuck you and You Eat Dog Now in the manual? Of course.

Another silly analogy. My VW beetle was assembled in Mexico. Do you think VW says: "Oh, sorry, those damn mexicans screwed up?" when I have a problem with my car? No. They say: "We're sorry, and we'll fix it right away at no charge".

They don't even mention the outsanding factory workers south of our border. They just take it like men and deal with it responsibly.

That's why I prefer VW service over Microsoft's.

Re:Not entirely Microsoft's fault

[MoogMan]

Yes, the hologram is a different colour, but the one that we all see is the "Shoddy Software Created By Third Parties And Put Out By Microsoft" one - They keep one single master copy of the "Genuine Microsoft Quality Products" hologram locked up in a safe for that one day in the distant future...

Re:Not entirely Microsoft's fault

[jazmataz23]

Put the X-files fanzine down and step away from the paranoid dementia.
They are checking the files they know to exist. Most likely some sort of secure hash before-n-after comparison like MD5 is a part of that process.

Yes, scanning only for the files you know are there is pretty boneheaded. You're hyperventilating because Microsoft is the culprit.

Do you know why Microsoft makes so many mistakes? Because they have a lot of products. More risks, more chances to make a mistake. Take a look at the number of strikeouts homerun hitters get compared to leadoff hitters.

feh.

Re:Not entirely Microsoft's fault

[gmuslera]

Do you know why Microsoft makes so many mistakes? Because they have a lot of products. More risks, more chances to make a mistake. Take a look at the number of strikeouts homerun hitters get compared to leadoff hitters.

That remembers me that Apache have more worms in the wild because more servers use it :)

Re:Not entirely Microsoft's fault

[SAFH]

---
Put the X-files fanzine down and step away from the paranoid dementia.
They are checking the files they know to exist. Most likely some sort of secure hash before-n-after comparison like MD5 is a part of that process.

Yes, scanning only for the files you know are there is pretty boneheaded. You're hyperventilating because Microsoft is the culprit.

Do you know why Microsoft makes so many mistakes? Because they have a lot of products. More risks, more chances to make a mistake. Take a look at the number of strikeouts homerun hitters get compared to leadoff hitters.

feh.
---

As an individual who has been responsible for the distribution of many products in the past, a virus being a part of a distribution is NOT acceptable by any stretch of dementia.

There have been comical quotes of Virual Studio .NET or jokes about "Trustworthy Computing" and a couple decent BillG skits, however the point here is that yet another company is not taking the rudimentary steps to protect it's customers.

Microsoft's products are (for better or worse) being used the world over; in schools, doctors offices, hospitals, law firms, all through out the US Government and practically everywhere else you look and there is no one that is ensuring that they are following basic security protocols.

Yes, "What if..." .DLL's are being replaced (or added) by anti-US operatives, or modifications are being made adding back doors... Yah, it's a bit X-Files'ish but not that far from reality. Obviously a source CD/Drive was sent over to be burned, and was connected to an insecure network, how hard would it be to figure out what network that is and insert a DLL that tracks connections on boot? AdWare companies do it through website and software installations all the time.

Just a thought...

feh. yourself.

Re:Not entirely Microsoft's fault

[Spoing]

Failures found in lower levels of a company are always management's fault. You can't blame a lack of oversight on the unsupervised.

Re:Not entirely Microsoft's fault

[Spoing]

Which packages? RedHat supplied? Seriously.

Re:Not entirely Microsoft's fault

[tero]

However the reality is that localization and translation is hardly ever done "inhouse" anymore. 99% (save Xerox, perhaps) of big companies outsource all their localization and translation. So in that sense we, as consumers and customers don't get to "ask them".

Other than that, I agree completely. Checking the files before distribution should always be done, no matter how many parties have been involved in the process.

Re:Not entirely Microsoft's fault

[Snover]

That's probably because most of those Mexican workers are child labourers, and nobody wants to think their, uh, stuff was made by child labourers...even though most of it is.

"Ignorance is Bliss."

Re:What... the... hell....

[purpledinoz]

South Korea, you ignorant fool! And please, don't ask whether I know Glen from Canada!

Re:Accident? Sounds like criminal negligence!

[JUSTONEMORELATTE]

Go ahead a mod this down -- redundant.
RTFArticle already

• M$ didn't introduce it; a translating company contracted to do the Korean language version did.
• The executable would have to be sought out and manually run
• You'd need to use IEv5.x to execute, and the version of Studio in question requires v6.x

Just pissing in the wind, I guess

Trustworthy computing?

[Anonymous+Brave+Guy]

Well, at least we can still trust Microsoft on one count...

Double your pleasure?

[TVmisGuided]

Does this mean all the spam I'm getting from kornet.com will also have Nimda attached? Wow...maybe that overpriced antivirus software can now be used as a spam filter too!

We now return to our regularly-scheduled MS flaming, already in progress...

(Yes, this is an attempt at humor. Moderate accordingly.)

Only one thing I can say...

[Skweetis]

GET /default.ida?nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnnnnnnnnHahahahahahah hahahahah hahhahahhaha heeheeeheeehee aaahahahhhhh

Morons.

Give it a rest

Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft. Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft. As if Linux doesn't have it's problems. You might end up like Larry Ellison and his ridiculous "Unbreakable" claims.

Of course, that's a problem with the Linux crowd. Feer of being, and being seen as, professional.

Re:Give it a rest

[elsegundo]

Kick 'em when they're down, I say....

Re:Give it a rest

[Tsian]

You don't think they would post this is Red Hat shipped with a virus?

Re:Give it a rest

[LinuxGeek8]

Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft.

Oh come on.
Just like deleting the MS viruses in your inbox and ignoring them, you can just as easy ignore these Slashdot topics.

Re:Give it a rest

[haa...jesus+christ]

Agreed. It's not accomplishing anything, and as far as I remember (from a few years ago) more than half of us are looking at this site on Windows boxen anyway. So if we're so 1337, why aren't we all on linux right now? Michael, you seem a bit upset today. Things at VA got you down?

Re:Give it a rest

[Ponkinator]

Hey, I happen to enjoy reading the derision heaped on Microsoft as I'm sure others do. If you don't like it then just look for the Bill-the-borg icon, read the story and avoid reading the comments.

Re:Give it a rest

[Vladimus]

I like the attitude of "Kick 'em when they're down", but they're not even close to being "down" yet.

Re:Give it a rest

[SirSlud]

When MS says they're going to do an about face on their history and enter 'trustworthy' computing with a straight face, they are going to get laughed at when that claim looks strained.

It's as simple as that. You'd probably be much more upset at us if we didn't all point out up front that we know we're flaming MS. :) That's the difference. When somebody makes a claim they dont keep, they wont get much support or benifit of the doubt (especially if they are the goliath.) I thank god the world works this way, or nothing would ever change.

Sometimes I wonder what MS would have to do to actually lose some market share if the anti-MS crowd wern't so passionate - probably kill a few people in the middle of a crowd, caught on videotape, I'd wager, although I imagine they'd just point out that the guy holding the gun wasn't an employee .. just another MS perma-temp. ;)

Re:Give it a rest

[Violet+Null]

Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft.

Go here. See the section entitled "Exclude Stories from the Homepage"? Find the box that says "Microsoft" and check it. Scroll all the way to the bottom and click the "Save" button. Walah.

Re:Give it a rest

[nEoN+nOoDlE]

you can always uncheck microsoft articles in your slashdot settings and then stop reading the comments posted under those articles. I for one want to know when Microsoft incorporates viruses into their software and any other time they screw up.

Re:Give it a rest

[fabiolrs]

Agreed completely... I even stoped sending in stories since most of them are reject... reviews on linux products (distros, softs, hards, etc), new stuff I found, interesting server stuff, lots and lots of stories... none of them were published...

Re:Give it a rest

[mithras+the+prophet]

you must be spelling everything in your submissions correctly. Run an automatic typo generator on your stories, and try again.

Re:Give it a rest

[Pfhreakaz0id]

You don't think they would post this is Red Hat shipped with a virus?
No, I don't. Do you? Really?

Re:Give it a rest

[sir99]

Yes. Absolutely. They would get hundreds (thousands?) of submissions and post it without a second thought.

Re:Give it a rest

[0xdeadbeef]

WTF? The whole point of Slashdot is to make fun of Microsoft. There are better places for news; Slashdot is infotainment.

Microsoft is waging a propoganda war against their competition, so it's hardly unprofessional to stop and laugh when they end up with egg on their face. Pull that stick out of your butt, AC.

This event ranks up there with such notable favorites as

• Getting caught astroturfing
  
• Getting caught with a rigged demo in the anti-trust trail
  
• The "leaked" Halloween documents
  
• Hotmail collapsing after switching to NT
  

Re:Give it a rest

[namespan]

I don't know where to start.

Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft. Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft.

Slashdot is hardly rapidly becoming useless. There is no lack of abundance of news about FreeBSD, Linux, Apache, Space, OS X, Wireless, and just about any other significant I/T and geeky topic.

And while Linux has its problems, and you may not share the editors views about Microsoft, there are two facts about Microsoft that are hard to ignore:

1) They are huge. Absolutely huge. They have a lot of influence in the I/T and software industry.
2) Sometimes their market presence and control gives them reputation beyond what's deserved.

You may not agree with #2, but consider: .NET barely exists right now. Their ads make it look like people are running serious production solutions on it right now. They claimed months back that Trustworthy Computing was their #1 priority. They just made a major gafe. They've ignored simple security problems for years because it suited them.

I wouldn't claim their technology is useless. It has its high points, a few better than open source alternatives. The problem is that it's all too easy to fall into "They're big, they're #1, so it must be the best" viewing of Microsoft. Most of us who bring up reports like this one do so because we've put up with far too much of that kind of reasoning.

As if Linux doesn't have it's problems. You might end up like Larry Ellison and his ridiculous "Unbreakable" claims.

Of course, that's a problem with the Linux crowd. Feer of being, and being seen as, professional.

Well, that wasn't anything like our petty digs at MS.

Do you mean afraid to make claims like Microsoft's "Trustworthy Computing" initiative and Oracle's "Unbreakable"? I don't see this as a problem in the open source world. OpenBSD is the only distro that comes close to making anything like an unbreakable claim, and it has history to back it up. We speak softly and upload running code. We release timely information about bugs, security holes, and patches. Cover ups are few. That's professional.

Of course, yet again, it's so easy to confuse "big" and "professional".

Re:Give it a rest

[MisterBlister]

I think they would post it, but instead of slamming them in the little editorial comment they would try to put some spin on it and defend Red Hat...ESPECIALLY in a case like this where the virus won't really infect anyone anyway.

Re:Give it a rest

[EastCoastSurfer]

I also quit submitting stories after two were quickly rejected a couple of weeks ago. The kicker is that the story popped up submitted by someone else 4-5 hours later. I guess the news I submitted wasn't old enough *shrug*

Re:Give it a rest

[coltrane99]

This new policy of criticising Microsoft has got to stop, so Slashdot can go back to being useful again..
Gasp.. what a crock...

Re:Give it a rest

[JordanH]

• Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft. Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft. As if Linux doesn't have it's problems. You might end up like Larry Ellison and his ridiculous "Unbreakable" claims.

  Of course, that's a problem with the Linux crowd. Feer of being, and being seen as, professional.

Gee, that is an interesting perspective...

Thanks Bill!

Re:Give it a rest

[the_verb]

Sort of like people laughing very, very hard when /.ers say that Linux is easy to use?

--the verb

Re:Give it a rest

[SirSlud]

Sure. Nice try, but sure, I agree. I'll spare you the 'Linux is an OS, not a window manager and desktop' lecture, but given what KDE and Gnome have done for a *fraction* of the cost that MS and Apple did to develop their Window Managers and Desktops, I think its fairly obvious that there is significant room for improvement in driving down the costs of both those commercial OSes (of which, to note, the cost of OSX is embedded in the hardware, as the OS is 'free as in beer'). Not to pick at their usability and functionality, but once everything is installed and configured, the KDE and Gnomes stack up fairly well against Windows and OSX, for a microfraction of the cost.

Anyhow, yes, if thats all you were looking for.

Re:Give it a rest

[theblackdeer]

well, no shit. /. is all about hyping linux. of course its biased; that's been the plan all along. laugh at the funny posts, ignore the trolls, and get your hard, objective and unbiased news elsewhere.

Re:Give it a rest

[Verizon+Guy]

Neither do I. Remember that huge gaping buffer overflow in BIND 9 (which ships in practically 1/2 of the major Linux distros). They never posted it. Phooey on them. "Propaganda by obscurity" if anything. Plus, anything posted/written by michael is questionable. Timothy is the only author I trust, really.

Re:Give it a rest

[miffo.swe]

So just because you use windows you cant complain? Is that in the EULA nowadays?

I use linux and all the pretty gadgets and gizmo's but i also uses windows at work when im forced to. Does that forbid me to speak out against Microsoft? The reason most people on slashdot hates them is BECAUSE they use or have used Microsofts products. If the never touched windows then they shouldnt complain.

Re:Give it a rest

[darien]

I don't think OS X is free as in beer. I think it costs $129, though it's bundled with every new Mac.

The Cost of Outsourcing

[Real+World+Stuff]

According to the Article, it appears that "Microsoft's flagship developer tools picked up the digital pest when a third-party company translated the program into Korean...".

Ultimately it was MS's responsibility to verify they did not shit in their own bed, but how many of us look at every line of code in a distibuted or outsourced project.

Just my $.0199999

Re:The Cost of Outsourcing

[coyote-san]

They can be expected to verify the ISO image.

Do you think they approved the disc without verifying all libraries, resources, etc., were present and properly named? (Okay, this *is* Microsoft but work with me here)

If we can expect them to perform that level of checking, why can't we expect them to run a virus checker at the same time?

Re:The Cost of Outsourcing

[frank_adrian314159]

...how many of us look at every line of code in a distibuted or outsourced project.

Well, we at least install it and see if it works right. We do this on machines that have AV protection.

Bottom line, ther is NO excuse for this type of FU. Whoever is in charge of MS's QA should be fired. Immediately.

Re:The Cost of Outsourcing

[iramkumar]

but how many of us look at every line of code in a distibuted or outsourced project

* How many of us ship viruses with a state of the art costly development environment which will be used by thousands of developers ?

*Does outsourcing absolve you from such things ? Are not open source products outsourced if you mean people from distributed geographical locations working on it ?

* There are absolutely no excuses to this kind of fsck ups. Can't they just checksum stuff , keep a list of files somewhere. For someone who claims how secure their systems are , such a fsck up , eventhough it is not going to affect anyone goes to show how easy it is subvert closed software packages. I often wonder whether it will be possible to ship a Nimda/Klez with the Linux Kernel ?

Re:The Cost of Outsourcing

[Ubergrendle]

"Ultimately it was MS's responsibility to verify they did not shit in their own bed, but how many of us look at every line of code in a distibuted or outsourced project."

Although I agree that 100% quality control is probably an unrealistic target, if a company the size of Microsoft wielding the resources that it does cannot provide end-to-end QA, then who possibly can? If microsoft cannot provide confidence in its base products and OS, how can legions of loyal developers ensure the quality of the solutions they deliver and deploy ontop?

Re:The Cost of Outsourcing

[Peyna]

* How many of us ship viruses with a state of the art costly development environment which will be used by thousands of developers ?

Ford Motor Co. ships(ed) thousands of cars that when rear ended with the left turn signal on would explode killing people.

Ford Motor Co. and Firestone shipped thousands of SUVs with faulty tires that would explode at high temperatures and rates of speed.

Funny how these things keep happening over and over again? Nimda isn't going to cost lives is the big difference here.

Re:The Cost of Outsourcing

[yomahz]

Ultimately it was MS's responsibility to verify they did not shit in their own bed, but how many of us look at every line of code in a distibuted or outsourced project.

Well, you'd think they'd at least compare MD5 sums of the binaries they know didn't change. Besides being easy to do, it's just common sense.

One string sums this up...

[loply]

Bwahahahahhahahahahahahahahahahaha! ROFL!

Uhm. How do these twats still have an ounce of credibility? For god sake - that happens to high schools and newbies running Personal Web Server.

Re:What... the... hell....

If you're in the software biz (and serious about it), you ALWAYS scan a new release with anti-virus software before you let it out the door.

ALWAYS.

It's easy, it's prudent and it keeps you from getting nasty PR.

MS isn't the first to get caught this way (in fact, didn't this happen once before?) and it's cheap to learn from someone else's mistakes.

Re:What... the... hell....

Has anyone ever heard of the following:

Secured Development environment?

Anti-Virus Software??

Don't they run A/V software on the development workstations and servers?

At least an aggressive manual scan before packaging seems a good idea.

Outsourced translators

[Mundocani]

Aside from the Trustworthy Computing crap, what does this really say about the industry-wide practice of outsourcing product translations? Anybody who's done software development knows that even the best products give internationalization secondary consideration, but I don't think anybody ever considered how little consideration is given by US companies to the translation and distribution of international versions of software. Perhaps this should serve as a sort of larger wake-up call for all of us.

Re:Outsourced translators

[D0wnsp0ut]

We outsourced the translation of a product to a company. They then created a marketing ad using us to drum up more business. They misspelled our name in the ad.

[sigh]

Whoo hoo hooo!

[Chanc_Gorkon]

Mod the parent up.....score +5 Funny. I was the first to find this thing on our servers and I understand why we got.....Microsoft getting it is TOO funny!

Speechless...

[peterdaly]

I have never seen so many one or two liner post after a slashdot article.

This may be the first time Slashdot readers are left speechless.

-Pete

That's One Degree of Separation! (tm)

[elsegundo]

Leave out the middleman when it comes to distibuting viruses! Give it straight to your customers!

Re:That's One Degree of Separation! (tm)

[teamhasnoi]

But is it Six Degrees to Kevin Bacon?

(Just say the subject and message really fast and it gets funnier, I swear.)

Re:That's One Degree of Separation! (tm)

[HFXPro]

Damn, I thought thats what .Net was. One big virus to make your machine run slower and allow people to right even crappier code. Hell all my friends have the .NET fever now. Whats more they redicule me cause I stick to my old trust C\C++, Java, PHP, Perl, Lisp, and SQL.

technically, it's not a virus

[apankrat]

it does not spread itself around **automatically** :)

Re:technically, it's not a virus

[peddrenth]

"it does not spread itself around automatically"

Yeah it does. When you buy windows, you start emailing files to world+dog (colleagues) as microsoft word files, so for them to work at the same office as you, they all need to install windows too.

And once your whole office is publishing IE-only websites with Powerpoint presentations on them, then anyone who wants to do business with you has to install windows too. The virus is already starting to spread.

Eventually it reaches a government department, and they make laws saying all tax-filings need to be done electronically, then write a website that only reads MS digital cerificates. Then anyone who has to pay tax (i.e. everyone except the queen) needs to install Windows.

Course it's a virus. Just because it relies on stupidity to spread doesn't mitigate anything -- loads of 'real' virii spread that way.

"Warn all your friends - you MUST delete command.com which is a virus"
"Warn all your friends - you MUST send your CV in .DOC format"

Re:Accident? Sounds like criminal negligence!

[rohdem]

Read the fucking article!! The chances of someone actually being infected are almost ZERO, because the virus needs IE 5.5 or lower and Visual Studio .NET requires IE 6!!

In Other News

[Target+Drone]

Microsoft today announced it's new "Don't ask, Don't tell" security initiative. Microsoft is now requesting that customers no longer ask if there are any security holes in its software. It is also strongly urging all media outlets to stop telling people about any possible security issues.

A spokes person from Microsoft was quoted as saying "This is the best chance we have at cleaning up our image."

Repost: Is windows a virus

[Lord_Slepnir]

This is a repost of one of my comments from the MacAfee story. The quotes are from that story: ".... you have to have already been infected by ANOTHER virus..." "They only affect Microsoft Windows. If you aren't running Windows, you are safe. " This speaks for itself....

Not the first time

[errorinspelling]

I do remember some 3-4 years ago Microsoft sending out a notification that some of their, I think, Technet CD's were being sent out with a MS-Word Macro virus on it.

Well, it's not a first.

[Strike]

They've submitted a virus with a security patch before

So.. is it any wonder

[k98sven]

..that the Korean government is investing in linux systems?

Or maybe this is just another sleazy MS retaliation tactic?
The fact that it backfired might just be proof.

Slamming MS

[glh]

OK, someone messed up.. but it isn't as bad as it sounds. First off, it wasn't MS that put the virus in, it was some third party thing they used to convert the language to Korean. However, MS should have at least run virus scan on it before they shipped it. Second, the person running VS.NET would actually have to install IE 5.5 over IE 6 (why would anyone do that) and browse a certain help file in order for it to get infected.

I'm not trying to defend MS. Just pointing out the facts (or at least how they were stated in the article). On one hand it's kind of funny to read through all the quick one-liner jokes about MS (definitely worth a chuckle) but I think MS isn't quite as bad as they're being made out to be.

By the way, anyone know the company that wrote the nimda infected software?

Re:Slamming MS

[GigsVT]

actually have to install IE 5.5 over IE 6 (why would anyone do that) and browse a certain help file in order for it to get infected.

It's this whole voodoo-superstition shit that makes me really hate Windows. "Apply service pack 23ase, reboot twice, pray to the sun gods, upgrade DirectX, and walk twice clockwise around the computer".

Bullshit, total bullshit. Ask a Windows user which Windows kernel version they are running sometime, if you want an example.

Re:Slamming MS

[Beryllium+Sphere(tm)]

>MS should have at least run virus scan on it before they shipped it

At the risk of being pedantic, the article mentions that MS did run a virus scan.

They ran a virus scan against every file in their release manifest.

That doesn't work when a virus adds a new file instead of modifying an existing one. But it's an easy mistake to make.

Re:Slamming MS

[_xeno_]

Actually, according to the article at least, Microsoft did scan the files for viruses prior to shipping. However, they apparently have it set up to only scan files that they expect to be there, and therefore missed the added Nimba file. The way I read it, the Nimba file is not really part of the package and can never be accessed in normal usage of the product, and can only be accessed if the user goes looking through the actual help files that come with the system.

Assuming that by "help files" they mean "VS.Net Documentation" then there are quite a few help files covering everything from JScript, VB, C#, C++, to the Windows Platform API, the C# class library, and more - which means it'd be practically impossible to manage to find the one Nimba file amoungst the croud. However, if they just mean tool help, then that content is a lot more limited, but I somehow doubt that is the case.

I have to wonder how much about that "scan only files that should be there" is really spin doctoring, and if they didn't really scan the disk and are instead coming up with an excuse for having missed the presence of the file.

Anyway, the Slashdot writeup is, as usual, way overblown in its anti-Microsoft slant. If they're going to write tirades about McAfee scaremongering, then they probably shouldn't do it themselves.

(And, by the way, Michael is the author of both articles...)

Re:Slamming MS

[avandesande]

This does however validate the fears of non-english speaking countries that they are getting 'second-best' from propriatary vendors, one of the reasons the Chinese goverment is switching to linux.

Re:Slamming MS

[dinivin]

On the contrary, I think this is worse that it's made out to be...

Since we know for a fact that they didn't scan for a virus before burning it to CD and shipping it, why the Hell should we assume they do that for any of their products?

Dinivin

Re:Slamming MS

[MrResistor]

It's actually even more difficult than that. The infected file isn't an actual help file, it's an extra file that's not even supposed to be there, and isn't linked or referenced anywhere in VS.NET. They'd have to install IE 5.5 over IE 6 and browse to the directory the help files are kept in and actively search for and open the infected file.

Really, it's a close to harmless as you can get, considering the astronomical improbability of someone executing the infected file by accident. Of course, one should never underestimate the ingenuity of fools, so I have no doubt that it will happen.

On the whole, I have to give MS credit for the way they are handling this. They are offering free clean replacements to everyone who has an infected copy, they have a patch out, and they are spreading the news so that people are informed and thus able to fix the problem. I'm a little curious about the "patch", but I suppose it's a more reliable solution than just telling people to delete the file.

Yes, I am pointing and laughing at MS right now, I am typically an MS basher after all, but at the end of the day I have to say that I wish they would deal with more of their problems as honorably as they've dealt with this one. It would have been really easy for them to sweep this under the rug and pretend it never existed.

Re:Slamming MS

[SirSlud]

I dont think anyone is going to excuse this just because MS was lucky that the chamber wasn't actually loaded. The trigger went off, and thats all the ammo I need to demand someone revoke the gun license.

As for outsourcing, this is absolutely ludicrous that companies neednt take accountability for the actions of their contractors. Thats how all the clothing manufacturers dodged the anti-sweatshop movement. Now Nike/Espirit/Adidas/Gap/Etc doesn't employ the sweatshop workers, they contract them! Brilliant, and insedious. While it may not be fair to compare that to the IT world, it shows the extreme consequences of allowing companies to divest accountability for services and products offered under their brand. If we dont hold MS accountable in the least, wheres the motivation for them to be more careful with their contractor selection skills? They will continue to select contracts based on politics and economics rather than on the quality of the service/product being outsourced.

I realize that its not *entirely* their fault, but it doesn't help with the kind of facade MS puts on. Just like Oracle's "unbreakable" claim, if you want to make claims that simply are not true or that you cant deliver on (I dont care if its your fault or not, you made the claim), you're never *ever* going to get the benifit of the doubt in this kind of situation. If you wanna make claims you cant back up, you dont deserve the benifit of the doubt. :)

Re:Slamming MS

[slntnsnty]

Yes and No.

Yes it might not be that bad in this instance. Although it IS bad...

However, it is poor coding, poor security, blatant negligience on MS's part that allows so many virus's to be distributed so easily.

Hello Klez.

Re:Slamming MS

[dchamp]

It's not as impossible as you might think. Say you're developing a project for a corporate standard where they're using IE 5.5, so you instal IE 5.5 to test it. Then you go look at the help files, click the infected one, and bang-o, you've triggered the virus.

In a perfect (well, perfect for the MS arena anyway) world, that corp standard would be updated to IE 6.0, but it doesn't always work that way. Ask any web developer how many browsers they have on their system for testing purposes. I have Opera 6.x, IE 6, Mozilla 1.0, Netscape 4.x, and lynx... possibly a few others.

-dc

Re:Slamming MS

[InnereNacht]

Since you asked...

Microsoft Windows XP [Version 5.1.2600]

Cry for me.

Re:Slamming MS

[_xeno_]

They (being Microsoft) found it when uploading the help files to MSDN. Since the help files need to be converted individually to the online format, the Microsoft employee uploading the files noticed an extra file at that point.

In other words, it was practically impossible to find, until someone at Microsoft had to go individually through all the files to get them ready to be read through MSDN.

This is according to the linked article -- please, read the articles, they're usually very informative :)

Re:Slamming MS

[Wraithlyn]

'I have to wonder how much about that "scan only files that should be there" is really spin doctoring'

That's exactly what I thought. Who the hell writes scanning software that instead of 'scan *', only scans stuff on a list? The very fact that there ARE extra file(s) should immediately set of warning lights to any validation procedure worth it's salt, unless it's coded by a band of retarded monkeys.

Oh wait, we're talking about Microsoft, nevermind.

Re:Slamming MS

[Conare]

the astronomical improbability of someone executing the infected file by accident

What, you never double-clicked the wrong file by accident? If it was just that, I would disagree with you, but because they would have to revert to an earlier version AND execute a file they didn't mean to, you are probably right. Don't give MS too much credit though, someone would have found this eventually (scan all files on hard drive for virii) They are just acting this way so they can release it with their spin.

If they tell people to just delete the file, how many do you think will double-click it instead of clicking it? I think that would seriously lower the "astronomical improbability".

Re:Slamming MS

[jazmataz23]

The file in question never gets copied to the hard drive. I'm sure it would show up if you scanned the CD-ROM for virii.

Re:Slamming MS

[bogie]

"the person running VS.NET would actually have to install IE 5.5 over IE 6 (why would anyone do that) and browse a certain help file in order for it to get infected"

IE 6 is still vulnerable to nimda. http://www.microsoft.com/technet/treeview/default. asp?url=/technet/security/topics/NimdaIE6.asp

Re:Slamming MS

[wadetemp]

Sorry, the trigger goes off every time you ship software. There's nothing that keeps bad pointer, in any software, from running a codepath that deletes user files or is otherwise malicious to your current task or data. I'm sure plenty of bits in most software apps could do some damage... what's the difference between these bits and those bits, besides intent? What's more important is the probability that those bits will be executed. And in this case, it's basically zip.

I realize this is quite a bit like the arguement for revoking the right to carry certain kinds of guns, but then again, I don't think anyone needs an AK47.

Re:Slamming MS

[spongman]

why should a computer user possibly need to know the kernel version they're running (unless they're one of the ~1% of computer users that feed off that kind of stuff)? do you know the alloy composition of your screwdrivers?

Re:Slamming MS

[GigsVT]

You don't upgrade screwdrivers.

If an OS like Linux has a kernel flaw, you can say "well it's a kernel flaw in 2.4.15"

If Windows has a kernel flaw, you have to do something like:

"Well, Windows XP has a kernel flaw when IE 6.234 and Service Pack 23.531 and Office XP Version 2.542 is installed, but not if you installed critical update path OE-231 to fix vulernability CVE-23192."

When you have random unrelated MS products applying kernel patches like crazy, and every IE patch and upgrade patching your kernel, version control is nearly impossible.

MS is a unique example of how not to manage an OS. I don't know of any that are worse, except maybe Mac stuff.

Why do you think there are so many Nimda infections still rolling around? People have no idea if they applied the right voodoo in the right order to get it fixed.

Re:Slamming MS

[spongman]

what voodoo? all you have to do is go to windowsupdate.com and click on 'scan', 'review' & 'install'. or you can have the critical update wizard do it for you.

Re:Slamming MS

[GigsVT]

Yes, it's always good to have blind faith in a corporation that has acted criminally multiple times in the past, with regards to consumer issues.

Re:Slamming MS

[spongman]

and how exactly is this relevant to your argument?

Re:Slamming MS

[GigsVT]

Well, without knowing the versions and what is going on, you are forced to blindly trust big brother to fix your computer, when something goes wrong.

Yes, I know this debate is going nowhere fast. :)

Easter Egg

[elliotj]

From the article:
"It's extremely unlikely that a developer would ever accidentally get infected by Nimda," said Flores. "They would have to try hard just to run the worm."

So I guess its more like an Easter Egg. I hope this isn't World Cup related.

Re:What... the... hell....

[Zordak]

Have you ever been to Korea, you moron? Those people are absolute technophiles. They love all of the newest little electronic gadgets. They're not always the highest quality little gadgets, but everybody has them. Koreans are not aborigonees living in a wasteland. They live in big, crowded cities like most of us, except they're usually bigger (the Seoul/Inchon area alone has something obscene like 14 million people) and they have lots more concrete (if you had ever been to Korea, you would know what I am talking about). You need to leave your momma's basement a little more often.

Just another reason to complain

[DrPascal]

If you actually read the article, there are very valid reasons (albeit mistakes) that this happened, and the likelyhood of the virus actually running on the machine is next to none. The Help system wouldn't ever open it.

But hey, this is Slashdot. Let's all miss the relevant parts of the article and just bash "M$"! Yay, fun.

Re:Just another reason to complain

[Jason+Earl]

You are missing the point. The problem isn't really that Microsoft is shipping a virus (although you have to admit that this is pretty darn funny). The problem is that Microsoft is shipping files that they don't know about. This file could have been anything.

Microsoft has set up their business so that their customers have to trust them. There is no way for Microsoft's customers to verify that Microsoft software is safe. Yet time and time again Microsoft has shown that they simply are not particularly trustworthy. It has gotten so bad that it isn't just /. that is laughing at Microsoft. This particular story was published by CNET (which is a very Microsoft-friendly news source).

Re:Just another reason to complain

[stang]

Microsoft has set up their business so that their customers have to trust them. There is no way for Microsoft's customers to verify that Microsoft software is safe.

Umm, how about running a virus scanner?

Re:Just another reason to complain

[schon]

If you actually read the article, there are very valid reasons ... that this happened

Uhh, you're saying that there is a valid reason to ship a virus?

And no, a mistake is not a valid reason.

Re:Just another reason to complain

[1010011010]

The new "Trustworthy Computing" slogan: "Caveat Emptor"

Interestingly enough:

[Ab0rtRetryFail]

Microsoft's stock seems to have gone up on the news. I actually own stock in Microsoft (though only a half-share), but before you flame me, I'm not investing because I believe in the company, I'm investing because I think it's a good growth stock. I've hedged my portfolio with Sony, so its no big deal. Anyhoo: I just found it interesting that the stock has gone up about a dollar today. I guess most investors don't see this as much of a problem.

Re:Interestingly enough:

[Random+Feature]

It isn't a problem in the sense that it's going to cause damage, or infect anyone, but it is *damn* funny.

And it is a PR nightmare for MS because a lot of people aren't technical enough to understand what's necessary to become infected. All they hear is "shipped with Nimda" and it's bad news.

Maybe a re-brand?

[rfsayre]

Viral Studio .NET??

Re:Maybe a re-brand?

[krogoth]

Like this?

http://www.ubersoft.net/d/20020527.html

Bet you can't guess what company is being parodied :)

This reminds me...

[Visigothe]

Of when the Native Americans were given pox-ridden blankets by the early settlers..

Gee, thanks! [caugh, caugh]

Or maybe it was to get back at Korea for the Speed Skating events during the winter olympics

=)

DOJ Take Note

[Paul+Lamere]

This is just another example of Microsoft trying to bundle everything with windows. Now that they are bundling Nimda, Melissa is going to go right out of business.

Couple that with ..

[iramkumar]

the McAfee virus story http://features.slashdot.org/article.pl?sid=02/06/ 14/1343223&mode=nested&tid=166&threshold=3
and we got ourselves a real conspiracy theory :))

expecting a virus?

[BroadbandBradley]

Flores said that under Microsoft's security policy, the company normally scans every file being transferred to the master of a program. But in this case, the company only analyzed files it expected to find. Since the Nimda-infected file had been added by the worm, the company overlooked it.

I would think one might look for something that shouldn't be there when trying to detect a virus. I guess MS has some more "advanced" method that I just can't grasp.

Life Imitates Art

[Kozz]

Truly, life indeed imitates art(satire). Microsoft Bundles Worm with IIS .

Re:Life Imitates Art

[travdaddy]

I especially liked this part in the satire... strangely accurate:
Security experts were unfazed by the whole affair. "If it's a Microsoft produced worm it won't work until the third version anyway. I'll get more worried then when Trojan Worm Virus 3.0 is released," said SecurityBreach.com's Lonnie Markow.

Re:Life Imitates Art

[gregbaker]

This by no stretch the first time MS has caused life to imitate satire. Remember setting anyone straight on the Good Times "virus"? "No," you said, "emails aren't programs, so such a thing is impossible." Then, they wrote Outlook.

In the list of new features...

[iabervon]

• No longer vulnerable to this virus

How would you know they'd fixed IE if they didn't distribute a virus that no longer worked?

In other news.....

[dr_db]

...a loud thunderclad was heard in the Redmond regions. Police suspect it was the sound of Mr. Gate's asshole slamming shut.

I am suprised that this virus release...

[CONTROL_ALT_F4]

Is not a prelude to Microsoft marketing a new anti-virus product. A mere $89.99 will buy you the software to get rid of the virus they handed you.
Anyone remember DOS 6.22? It was the pay-for-bugfixes to the almost nonfunctionally screwed up DOS 6.0. Microsoft has done this before.
I think that no snide comment of mine can truly do justice to this phenomenal screw of on Microsoft's part. But we can all try anyways!

Re:What... the... hell....

[Ooblek]

You should have realized it was a joke - however lame it was.

By the way, this is just another example of a premature attack by OS zealots. Just as the case of the cross-platform virus discussed previously, the Nimda file is installed as part of the help system, but is never loaded by the help system. As the tounge-in-cheek editorial posted by the illustrious Slashdot editors put it, "Only a complete moron would get infected by this virus." So unless someone in Korea is stupid enough to uninstall IE 6.0 (required for .Net to run), install IE 5.5, and then load the Nimda file, it is unlikely that they will get infected. For every MS goof, there is an equal goof in the OS community. (But we all know people that point that out get modded down....)

Re:What... the... hell....

[rector]

Normally reside3nt antivirus software checks only files you try to run. Just some file with a virus lying somewere in the deep directory structure would be fiound only during a massive check up. And even in this cas people almost never check any file whose extention doesn't correspon do ususal virus bearers like .exe or .doc

heh

[bilbobuggins]

secret attacks on them there chiphead south koreans?
well i'll be danged if that ain't the most downright American thing i've heard all week!
</bush impersonation>

Re:Accident? Sounds like criminal negligence!

[peddrenth]

"This kind of recklessness by Microsoft is criminal negligence!"

I think the phrase you're looking for is "disclaimed criminal negligence, supplied without warranty, nor claims of mercahantability or suitability for any particular purpose"

If they'd been supplied in Maryland, Virginia, Alaska or Hawaii, then UCITA would have made it criminally negligent. But it wasn't, and it isn't.

Well...

[Dark+Lord+Seth]

... at least now we know MS uses their own product, IIS.

Re:Accident? Sounds like criminal negligence!

[rector]

Even in the States you hardly can sue if you can't prove any resulting financial losses. In this case you need to make a real effort to lose any money because of the virus.

Re:Accident? Sounds like criminal negligence!

[chris_mahan]

I'm not sure he's so offbase.

If I shipped a coffee grinder to grandmas and included a grenade detonator mechanism in the package (by accident of course), but said that there's absolutely no chance of Grandma blowing herself up, I would still be in hot waters for sending grandma a piece of military hardware.

Dontcha think?

A Security Hole is still a Security Hole

A lot of posts seem to revolve around "Who cares, it's an inert virus; it could happen to any [multi-billion dollar corporation outsourcing its flagship development product that claims to be working to eliminate any end-user paranoia from its product line]..."

But that's missing the point entirely. Seriously -- Nimda? What's that? People don't care about the statistics or logistics of the virus. No, people are concerned that a *known virus* was able to get into the code. Now ask yourself -- what if it was an unknown virus? What if a disgruntled contractor for the outsourced company snuck a new trojan horse in there? One that puts your MS Passport login info as a MIME header on whatever version of MSIE you're running?

This is a PR disaster of incredible proportions because it shows how naked the emperor still is, despite hiring new tailors.

Don't get me wrong, I make a lot of money off of writing Microsoft code. But the simple fact of the matter is that they're (supposed to be) going for "Trust" but their current habits are still hanging on "Hope".

Cool! Virus Free!

[Cheap+Imitation]

Leave it to Microsoft to change the meaning of "Virus Free".

Now, instead of meaning it ships with no viruses, it means they include them at no extra charge!

It IS a bigger threat

[rector]

Open Source IS a bigger threaat. Imagine Microsoft distributing the virus with a well-commented source code!

It may be fun to bash Microsoft . . .

[Badgerman]

But a third party company screwed this baby up in transition, not M$. Using this as a "M$-is-so-evil/incompetent" story is pretty inappropriate.

There's many, many other reasons to dislike Microsoft. Taking one out of context only strengthen's Microsoft's hand and makes those who oppose Microsoft look petty.

Re:It may be fun to bash Microsoft . . .

[anderiv]

Not true...Microsoft's name is on the box, isn't it? So - they need to be held responsible for the contents, no matter if their programmers do the work or an outside contractor.

If you don't register we'll...

[Joel+Ironstone]

It also plans to send clean copies of the program to every registered customer free of charge and is attempting to contact developers who may have bought the product but not registered it.

Its not our fault...he never sent us his personal information and registered his product. Oh well, he'll learn for next time.

Get with the program!

[doomicon]

Nimda is not a security fopah, rather a remote administration feature soon to replace terminal server. I am disgusted that a "News for Nerds" site, would not recognize such remarkable innovation!

and yet...

[imAck]

And yet MS stock was still up $0.41 at last check. Even with the Nasdaq dropping.

A different kind of experience

[rector]

And adds extra value to the software. This experience is very different from ejoying all those bugs.

Re:Accident? Sounds like criminal negligence!

[bobKali]

Nah it's more like you hire Mailboxes etc to package your coffee grinder to grandma and they accidentally drop a grenade detonator mechanism in the package before shiping it off. Yea, you could've looked over their shoulders while they were packing but wouldn't the packers be liable for adding it than you?

Oh, and I thought nimda attacked IIS also, so developers running that (and since I run apache while I'm developing, I'd immaging that'd be fairly common for a .NET developer) or am I mistaken?

..And in other news

[jeremy+f]

And in other news, an Pakistani foreign national was detained in New York City today for what officials are calling "a suspected case of viral bioterrorism". The man, Rumollea Abdula Jabala, 30, was reported to be "coughing and sneezing", and "blowing his nose" by onlookers, who promptly called officials to report the situation.

Jabala, who came to America on a work Visa, denies official reports that he deliberately caught the flu to infect persons in the USA whom he would come in contact with.

Jabala is currently being held in a city hospital, under armed guard, until officials can verify any terrorist links.

Re:Is M$ getting into the AV Software business?

[teamhasnoi]

That's so crazy, it just might work!

Either that or someone there has been watching too many episodes of 'The Mole".

Re:slashdot morons strike again

[grendel's+mom]

You should include yourself in the list of "slashdot morons" because YOU missed the point.

This significant issue is that they only check the files they *expect* to be in their distribution.

Before you ship code, you had better know *exactly* what you were shipping. What if the 3rd party localizers added a nice trojan program? It's *trivial* to execute code on a remote Windows machine. There are several exploitable holes to accomplish this.

The included virus is trivial. Microsoft's shoddy QA is the problem. Unfortunately, this isn't only a MS issue. It's an industry wide problem. // End rant

Re:Accident? Sounds like criminal negligence!

[chris_mahan]

But MSFT did do a check of the "package" before they shipped it off. So they should have caught it.

It's not that hard to say: scan all, including compressed files.

Perspective

[alacqua]

They're worried about the viral nature of the GPL?

Trust No One

[bsd-mon]

I wouldn't say that the Trustworthy initiatiave failed, but this will hopefully teach MS the number one lesson in security and viruslessness - trust no one. In the end, my email system is only as virus free as yours. If you are infected by Klez/nimda/... you still harass my bandwidth and my procmail filters. I'm just not dumb enough to run that .exe that h0t_ch1x@hotmail.com just sent me.

Just because MS code and systems are "secure" and "virus-free", as soon as they hand the code off to someone else, the code is only as virus free as their system is.

So what happens when they get rid of the PCs?

[fallacy]

Are the Koreans legally obliged to donate them *with* the Nimda since it would "go a long way to help an organization get that computer into use with minimal expended resources."

It sure would help the receiver to get the computer into use: use into sending out viruses...

Sneaky

[JojoLinkyBob]

That's a low-rent way on fighting software piracy!

Re:Accident? Sounds like criminal negligence!

[rjamestaylor]

Why are people giving the contractor (MS) a free swing when their sub-contractor (translation co) makes a serious blunder that can, under certain conditions, result in a major security breech? Visual Studio.NET users didn't contract with the translator, MS did and MS respresented the product as their own. So, yeah, no one who gets a paycheck signed by BillG made the error, but the blame is squarely on MS' shoulders.

"It's not our fault," claimed Blamer, er, Balmer, "it's the fault of the {temporary worker|sub-contractor|college intern} we hired."

Re: Nimba.NET

[WillyElectrix]

It wasn't Nimba but a JPG image of Nimba. Of course the virus only works after you log on using Passport.

-W.

Toasters Rule!

[RAMMS+EIN]

``Microsoft distributed Nimda-infected copies of Visual Studio''

So...what's new here? This is just another update to that well-known and widespread virus that turns computers into toaster ovens. http://www.xbill.org/
and have fun! Sometimes it makes me wonder if this is a hint that we should all switch to Macs (http://netscape.digitallivingtoday.com/netscape/d igitallifestyles/gizmo/g4_cube/)

Re:What... the... hell....

[jasonbw]

It kind of makes you wonder exactly how much useless crap gets shipped. This was an older virus, so that's why this is so public; but how many stray files are just ignored? Isn't there some type of accounting procedure that should be run before you ship a package like that?

Nimda-infected Visual Studio .NET

[Darth+RadaR]

http://msdn.microsoft.com/vstudio/productinfo/over view.asp

And it will run on any platform too. :)

Windows without viruses...

[Will+Collins]

Windows without viruses? Ahhh, you mean linux

shipping unknown files...

[dpilot]

Now all we need to do is find a way to slip a GPL-ed file onto a Microsoft CD the same way this virus got there.

They could clearly argue that the file was NOT part of their distribution, and therefore the product does not have to have source released under the GPL. But I'll bet until they finally came to that conclusion, there'd be a TON of Brownian motion in Redmond on the part of execs and lawyers.

So before someone actually does this, the need to let the alternative energy people know, so the heat source can be tapped.

And in other news . . .

[kalidasa]

The latest release of Nimda has been infected with the Visual Studio.NET virus.

Russian Roulet

[Titusdot+Groan]

Click. Oh, empty cylinder, I guess this game is safe after all.

Just because it is almost impossible to trigger this virus and just because the guy who pulled the trigger is "only" a microsoft contractor is no reason NOT to be upset that MS once again played this game with their customers.

This is NOT a no blood/no foul scenario!

Re:What... the... hell....

[The+Turd+Report]

Those people are absolute technophiles

Why don't they close the open proxies that ever spammer and his dog is abusing, if they are so tech oriented?

So we shouldn't talk about it?

[dachshund]

Anyway, the Slashdot writeup is, as usual, way overblown in its anti-Microsoft slant. If they're going to write tirades about McAfee scaremongering [slashdot.org], then they probably shouldn't do it themselves.

Well, god forbid we should put too much pressure on the company that produces the vast majority of PC OSes. Particularly a company that has recently been bragging about it's new high-security policy.

Are you actually suggesting that there's too much criticism of Microsoft's security practices in the world? A Slashdot 10 times as rabid couldn't begin to bring consumer concern to the levels it should be at.

Re:So we shouldn't talk about it?

[_xeno_]

There's a huge difference between there being a single Nimba infected file that is never used anywhere in the entire product, and the headline "Visual Studio .Net: Now with more Viruses". Not to mention that the hole the Nimba virus would be attacking becomes patched during the installation of Visual Studio .Net by the installation of Internet Explorer 6.

Is it a problem? Yes. Is Microsoft doing something about it? Yes. In fact, Microsoft seems to be going out of their way to ensure that no one is harmed by it - giving clean copies to all the customers they are aware of.

Michael is trying to make the situation seem much more dire than it really is. Yes, Microsoft managed to let a file infected with a virus into a version of one of their most important products. However, that product makes the system it installs on immune to the specific vector of infection that the infected file accidently included with the product.

Just like Michael went after McAfee for claiming that the JPEG virus is a huge concern, he's claiming that the virus Microsoft included is a huge concern. It isn't.

An appropriate headline might be "Korean Visual Studio .Net Ships With Nimba" and then mentioning in the story body that the infected file is not actually used by the system and should theoretically never be run, and even if it is run, can't infect the system with Visual Studio .Net installed anyway. The story body should most likely also mention that the virus was added by a third party contracter.

The headline and story blurb seem to suggest that installing the Korean version of Visual Studio .Net will infect your computer with a virus, and that simply isn't the case. Yes, it still shows sloppy QA, but it can't really cause any actual damage, and that should be mentioned in the story.

Re:So we shouldn't talk about it?

[dachshund]

Just like Michael went after McAfee for claiming that the JPEG virus is a huge concern, he's claiming that the virus Microsoft included is a huge concern. It isn't.

Whether the virus actually poses a serious threat is incidental. What this incident demonstrates is that Microsoft has a poor process for examining work done by their contractors. This wasn't even a complex, difficult-to-diagnose code glitch: it was an entire additional file, which is to other kinds of fatal flaws as a mammoth is to a field mouse. What kind of security process runs a virus scan on only the files you expect to be there?

If you have serious money riding on Microsoft products, it should scare the hell out of you. It's like buying a new wall safe, learning that criminals have infiltrated the organization and added backdoors to the locks, but thanks to a completely accidental redesign, they can't use them. Phew. Would you be inspired to purchase that companies products? And of course, that analogy doesn't begin to cover it, because hunting down those criminals is nothing compared to the sort of work required to guarantee secure, trustworthy software.

This would be bad enough, but it comes on the heels of Microsoft's enormous marketing initiative for "Trustworthy Computing", which was intended to make customers feel that Microsoft is now committed to security in their products. If I were a major customer of Microsoft's, this incident would more than reverse any warm feelings I had toward the company's security policies since "Trustworthy Computing".

Not to mention that the hole the Nimba virus would be attacking becomes patched during the installation of Visual Studio .Net by the installation of Internet Explorer 6.

So if your doctor's office was accidentally spreading Hepatitis B to their patients, but-- fortunately-- was giving them Hepatitis B vaccinations at the same time, you'd feel comfortable doing business with that doctor in the future? What if next time it was something nastier?

Microsoft is breathing a sigh of relief right now because they caught a lucky break. Period. The only evidence of competence here is the installation of a Nimda-patched version of IE, and that's only because Nimda is a pretty old-fashioned bug by industry standards.

Wow... where's the money?

[PierceLabs]

Billions of dollars in the bank and not one copy of Microsoft Antivirus? :)

Re:Accident? Sounds like criminal negligence!

[gmack]

MS mastered the CD so they should have checked the contents before they did so. Odds are both parties here are at fault one for introducing it and the other for not finding it.

It's just extremly funny and mostly harmless this time unfortunatly it's not the first time MS shipped a product with a virus.

Re:What... the... hell....

[Zordak]

You should have realized it was a joke

I did realize it was a joke. I think, though, that before you make a joke at the expense of an entire culture that is proud, ancient and sensitive, you would do well to know that it has at least the smallest kernel of truth (for example, if you had made a joke about the disks getting copied all over the country, it would have been funny). Also, yes, I did the exact same thing by lumping you with the 31337 skr1p7 k1dd33z that live in their mothers' basements, when in fact I know nothing about you, and yes, I did it on purpose, and yes, I wrote my comment right off the cuff because I was irritated, and yes, the word "moron" was calculated to incite anger, so my comment should be properly be modded as flamebait. Still, though, I think the joke was about as fair and as funny as making a joke about how dispassionate Linux users are about their OS of choice.

This was predicted weeks ago

[drew_kime]

See here for details.

Banner Ad

[krulgar]

When I read this article, the banner ad was for Microsoft Visual Studio .NET.

It's that kind of policy that keeps me reading /.

Just to be fair...

[newerbob]

...about three times that I can remember software from APPLE came with viruses. And this was direct from APPLE not by way of a translation company.

Microsoft's agent that put the virus in is the culprit here, and the risk, as news.com pointed out, is low.

Which one is the virus?

[Koyaanisqatsi]

Clear one point for me: which of the two pieces of software (vs.net and nimda) is the virus here?
--
sig is out enjoying the sun ;)

Re:What... the... hell....

[Zordak]

I didn't say they were particularly good at technology, just that they really like it.

I really do know a Glen from Canada!

[cnelzie]

He used to work with me... Nice guy, except he had this funny way of saying "out and about"

Absolutely wrong

[dachshund]

But a third party company screwed this baby up in transition, not M$. Using this as a "M$-is-so-evil/incompetent" story is pretty inappropriate.

If GM includes defective 3rd-party gas tanks and brake-pads in their vehicles, will you absolve them from blame? The sad thing was that this wasn't even a very subtle flaw. Microsoft could easily have found it with a slightly more robust virus checking process.

"Trustworthy computing" means that your 3rd party suppliers are going to have to go through the wringer, too. Otherwise the phrase has no meaning, and there's nothing at all wrong with making this point.

Re:Absolutely wrong

[TheAwfulTruth]

As a matter of fact, when Ford put defective Firestone tires on their Explorers, that's EXACTLY what happened. The person making the mistake IS the one to blame. It's become all to common to blame who you WANT to blame rather than who SHOULD be blamed tese days :(

Re:Absolutely wrong

[dachshund]

Ford got away with it because tires are generally considered to be an add-on, not part of the vehicle (and the company still got into a lot of trouble, and lost business. The name "Ford" lost a lot of safety cred thanks to this problem.) Let them put defective steel/aluminum members into a car, and see if the focus is on "Smithson Steelco, Inc.", or on Ford itself.

Even better, let them run a standard set of tests on the vehicles (including crash tests) and still not pick up on a glaring flaw, and see who gets blamed.

Anyway, the fact is that somebody needs to be pressured in order to stop things like this from happening in the future. If you let Microsoft off the hook on this, they have no incentive to take responsibility for work done by their outside contractors. Do you think that shifting the blame onto the virtually unknown contractor that made this mistake is going to make future mass-released Microsoft products more secure?

So, to sum up, Microsoft really SHOULD be blamed. A world where Microsoft gets blamed is probably a better one for all involved (even Microsoft).

Re:What... the... hell....

[The+Turd+Report]

Except when they switch to daylight savings time, then they flash 11:00.

Re:What... the... hell....

[The+Turd+Report]

True. Anyone know how to say 'Shut your f-ing proxy' in Korean? (Or any asian language) I am on the virge of just nulling all of asia at the border routers and be done with the whole lot.

Inconsistent or sloppy?

[moocat2]

So, Microsoft only scans the files they expect to be part of the install but they ship all the files anyway. While there is no way from the outside to prove or disprove this statement, I think it's odd they aren't consistent in which files they choose to scan and which they choose to ship. A decent process would use a consistent way to manage it.

At a minimum, I find this an example of the sloppy techniques I see all over the industry. Of course, sloppiness is one of the reasons that all these viruses keep finding new ways to infect software so I think it's a pretty big slap in the face for MS's Trustworthy Computing program.

Re:This is Obviosly sabotage -

[talks_to_birds]

Shoo, Micro$oft troll...

t_t_b

Re:Accident? Sounds like criminal negligence!

[rjamestaylor]

"Both parties" -- regardless the name on the business card, the product is labled "Microsoft" (or, in Korean, "Microsoft-shima"). When an agent of a company screws up, the company screws up.

IE 6 may still be vulnerable

[bogie]

Per Microsoft http://www.microsoft.com/technet/treeview/default. asp?url=/technet/security/topics/NimdaIE6.asp

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:What... the... hell....

[jjsoh]

"Why don't they close the open proxies that ever spammer and his dog is abusing, if they are so tech oriented?"

Speaking as a Korean, it's just because SPAM tastes so good! (I always keep a can handy in my cupboard for special occasions.) So, we like to share it with others around the world.

Am I kidding about electronic SPAM? Yes. About being Korean? No. About SPAM the "meat".. hmm.. sort of. :)

FIRST TIME REACHING 2nd ROUND IN WORLD CUP HISTORY!! GO KOREA!!

Nothing changes.

[MisterBlister]

All of this Slashdot rah rah Linux rulz Microsoft sux stuff reminds me of the (C64|Apple II) rulz, (C64|Apple II) sux arguments that 12 year olds used to have back in the day. Are you guys the same people, older but not any more grown up?

Re:What... the... hell....

[festers]

There are plenty of pro-Microsoft moderators around here these days, smartass, no need to cry about that.

Re:What... the... hell....

[einhverfr]

Couple things to note:

MS has a very good system of preventing viruses (used to be documented in a knowledge base article until someone realized that article said they used UNIX systems because they were impervious to Windows viruses).

What probably happened is that a system was infected before the help files were compiled, and then once they were compiled (rendering the virus intert) the AV software did not pick it up. Once the masters are checksummed, then no one will notice because the subsequent copies have not been tampered with.

Again, the virus is inert. But this is a HUGE publicity blow to Microsoft, so it is a BIG deal.

Only an utter idiot....

[talks_to_birds]

...or a complete incompetent doesn't know that Nimda is still out there and probing, daily.

I'm seeing 40-80 probes daily (heh.. intermixed with 40-80 MS SQL port 1433 probes daily), on my firewall at home on a goddam dialup, fer krissakes...

How the hell can *any* company, or *any* subcontractor not be aware of this ongoing problem?

How the hell can any company with any pretensions to "Trustworthy Computing" have let this happen?

Make no mistake (Micro$oft apologists notwithstanding): there is absolutely no excuse for this unparalleled screw-up.

Do these people really think they are so all-powerful as to be immune to this sort of thing, or do they think they are so all-powerful that they just don't need to care?

t_t_b

Re:What... the... hell....

[beerman2k]

You obviously didn't read the article, you moron. They did run anti-virus software, just in brain dead fasion. According the article MS scans every file for viruses before they're shipped. Unfortunately, they only scan the files that are part of the product. The worm attached itself to a file it had created, so that file was never scanned. A stupid mistake, yes, but you really ought to learn the whole truth, before you go around bashing people.

What was it AdTI was saying?

[jpvlsmv]

Something about how Open Source software could have a virus on it?

Re:What was it AdTI was saying?

[1010011010]

Wow, I hope the media pick up on that.

"On the heels of a white paper alledging that Open Source software might include viruses, Microsoft has shipped the latest version of its proprietary software development environment with a virus. The irony meter is, by all accounts, pegged."

So here's the real question...

[allism]

if we assume that this guy/gal/armadillo/whatever that wrote Nimda would be forced to make financial reparations for the havoc it wreaked, would that amount be greater or less than what he/she/it could collect from Microsoft for suing for theft of intellectual property? It might make financial sense for the author to come forward now...

I think instead of buying lottery tickets, I'm gonna start writing viruses and hoping that MS accidentally ships one...

Re:I've been hammered by these

[talks_to_birds]

• "Some of my web pages have pacific keywords, so I've bounced more than my fair share of these to the FTC and other spam and abuse websites."

Excuse me? What?

t_t_b

They always screw up

[WildBeast]

Most of the time that MS uses a third-party company, that company screws up. My question is, who exactly is in charge of seeking out and contracting with those companies? Fire him big time.

More Chambraigne quotes related to MS products:

[brad.hill]

BillG: "Microsoft Visual Studio .NET: Now with Securi-hancers!"

Windows user: "Finally, a product for me! I believe every word that man just said, because it's exactly what I wanted to hear."

Linux user: "Man, you've been brainwashed."

News.com: "Microsoft developer tool distributed with viral payload."

BillG: "He's making a mockery of the product! You're making a mockery of the product!"

(Linux user): Noooo!! Can you not comprehend that your ignorance will cause me to explode now? Arrgghhh!!!

BillG: "I AM THE KING!"

Oh. C'MON!

[rutledjw]

So what? Does your point matter? MS distributed a virus with their code! Whether or not it runs, is this indicative of their source control?

There is no way it can be stated that it's no big deal when this kind of thing happens. Period. The bottom line here is quality. If this kind of thing gets through, what else can get through? What kind of quality controls are really in place?

Whatever controls ARE in place, apparently they aren't effective or aren't being followed...

Re:What... the... hell....

[The+Turd+Report]

Fried SPAM or grilled BBQ'd SPAM is pretty good, actually.

At last...

[hakkikt]

...M$ includes a really efficient piece of code with their compilers.

Re:What... the... hell....

[TheBrownShow]

Publicity blow?

You know what they say, bad publicity is still publicity...and all us Linux Zealots are just fueling the fire.

Re:What... the... hell....

[Zordak]

What's even better than SPAM is the high-quality "Run-cheon mit'" (Luncheon meat). The bad romanization doesn't do the name justice, but that stuff was beyond interesting. That's why I always stayed away from imitation American foods in Korea. I much preferred good Korean stuff to bad American stuff -- except Duen Jang Chi Gae (again, sorry for the bad romanization). I never could get a taste for that stuff.

Walah

[aralin]

'Walah' is spelled 'Voila' :)

also

[dachshund]

The headline and story blurb seem to suggest that installing the Korean version of Visual Studio .Net will infect your computer with a virus, and that simply isn't the case. Yes, it still shows sloppy QA, but it can't really cause any actual damage, and that should be mentioned in the story.

Hate to double-post, but, the blurb currently includes the following text:

News.com just updated their story to point out that it probably won't infect the people who installed Visual Studio .Net, but it's still a rather nasty faux pas for a company that's supposed to be cleaning up its act.

Looks like News.com is really to blame here. Since they're sort of a "third party" supplier, should we really hold Slashdot accountable for that website's mistake?

You miss the point

[Vicegrip]

It's not not the potential affect of the virus. It's the fact that it's even there.

"Only a complete moron would get infected by this virus."

Yes sir, we know there's a bomb in your car, but don't worry: it's not wired to the engine so it can't hurt you.

The fact that Microsoft could allow its flagship development tool to ship with such a notorious virus is absolutely incomprehensible and humiliating. If I were Balmer I'd be skinning alive those involved with a dull spoon.

Re:Is M$ getting into the AV Software business?

[Stackis]

How dare you lable me a "troll"

Anyone that makes shit out of M$ should be labled "vigilant"...

Of course....

[ManicGiraffe]

Now any random fool that forgets to patch or upgrade or whatnot, and manages to pick up Nimbda, can claim they installed .NET and it's all M$'s fault, not their own stupidity.

Microsoft: We screw up so you don't have to.

Re:Of course....

[RazzleDazzle]

Of course there have been patches available for these old ass holes for like a year or whatever now so if you don't have it patched you probably have more to worry about than nimda. You should also have anti-virus software, which should pick it up too. What the hell is the matter with people?

A **high-quality** worm

[melquiades]

They...um...made sure that it was a quality worm that went out the door.

Well, have there been any security holes discovered in Nimda? Sounds to me like Microsoft is living up to their promises.

Just Nuts

[Hut-Moll]

LOL,

That just cracked me up. I go to slashdot see a .net ad running across the top.. and behold this article was nested in in there.

I just loved seeing this ad splashed across /.

Hut-Da-Moll

Re:What... the... hell....

[isorox]

For every MS goof, there is an equal goof in the OS community

I dont pay members of the open source community $500 for a copy of their work. I do pay microsoft. I expect that $500 to buy me what is advertised.

Re:Accident? Sounds like criminal negligence!

[uncoveror]

If you have any more details, please send them to secrets@uncoveror.com Sounds like a big story!

Re:Shut up or I'll send over a few japs to rape yo

[jjsoh]

.. ?

Actually...

[sterno]

It is the secret Microsoft revenge for the Koreans taking first place in their grouping in the World Cup. How dare they make the US look like a second rate soccer team, LAUNCH THE VIRUS!

Nimda...

[jjsjeff]

Now with improved networking support! :)

Intentional?

[Greyfox]

Does anyone else think there was a conversation in Microsoft that went something like this:

Ballmer: Damn! Some of those south asian countries have 94% piracy levels!
Bill Borg: (Sarcastically) We may as well ship the virusses right on the installation media.

Bill and Steve look at each other, light dawning

Ballmer: Hey... YEAH!
Bill Borg: Get southeast asia distribution on the phone!

Re:What... the... hell....

[miffo.swe]

The issue is the track record and that it seems that Trustworthy computing is a marketing gimmick. Do just as much as needed not to be laughed out of the industry but nothing more. To gain a reputation to be secure Microsoft has stop making those idiotic mistakes that seems to be a part of their corporate culture. I think they are getting to the point where the size of the company makes a 180' u-turn about security very hard to perform.

Any company can make such a mistake but not many of them braggs about there "superior" products and has an illegally obtanied monopoly.

Re:What... the... hell....

[miffo.swe]

Duh? The first time after youve installed the antivirus program you scan every and all files on the machine. Anything being copied or opened will be scanned for viruses so a virus shouldnt be able to lie unfound unless a. the virus is new b. the person installing didnt scan after install. Most AV programs scan the whole disk periodically by default also.

MS was due.

[mj01nir]

Not only has MS done this before, they've done it several times before.

I'm just amazed that it doesn't happen more often.

Perhaps it's intentional...

[Junior+J.+Junior+III]

That'll show those lousy Koreans to pirate MSFT software!

How much you want to bet M$ offers to release "guaranteed" virus-free software in the future provided that Korea cracks down on software piracy?

Re:Shut up or I'll send over a few japs to rape yo

[DavidTC]

.. ?

Holy crap! Not only is that displaying right, but I can cut and paste it!

And remember...

[myov]

Microsoft is paying *extra* attention to security now!

Not Code Red?

[Nishi-no-wan]

Are they not bundling Code Red? Snort has been reporting a lot of NNNNNNNNNNNNNNNN's recently:

• $ grep NNNNNNNNN httpd-access.log | wc
  88 1056 41562

First record: 05/May/2002:21:57:58.

I've been fortunate in that none have been on the same B or C class subnet. Naturally, I've notified the two infected ISPs on the same A class subnet before either attacked twice.

Still, how is it that this thing has resurfaced? Don't these things ever die? Is Microsoft secretly including it in other packages?

I know what to say...

[wessman]

Somebody is getting fired!!!

Re:It IS a bigger threat

[rector]

I haven't seen the code of the Windows kernel. However, do you need really good comments (or even any) to figure out how a few lines of the virus code work? By the way, there are commercial programs with GPL'ed code like Metadot or MySQL. And they appear to heve pretty well commented code. This might become the case for Microsoft as well.

Re:"take it like men"...?

[chris_mahan]

I would reply with some wit, but since it's posted by an anonymous coward, I won't.

Why it slipped through

[goodchef]

"It wasn't until a Microsoft employee was adding the help documentation to the software giant's developer Web site that the worm was found. 'We have to go through a conversion process to an online HTML format,' said Flores."

No wonder Nimda slipped through. They're spending all their time manually converting to HTML.

However, in Microsoft's defense, it should be noted that most other developers only convert the help files they expect to find.

Re:What... the... hell....

[Buck2]

Can you believe I lost a point for this?

lost a point lost a point lost a point

la la la