Slashdot Mirror
Visual Studio .Net: Now with more Viruses
News.com breaks the story (and 8000 readers submit) that Microsoft distributed Nimda-infected copies of Visual Studio .Net in Korea. I don't even know what to say here; nothing seems adequate, except to point out that "trustworthy computing" does not seem to have had any effect whatsoever. News.com just updated their story to point out that it probably won't infect the people who installed Visual Studio .Net, but it's still a rather nasty faux pas for a company that's supposed to be cleaning up its act.
Did McAfee or Norton give this press release?
--fetch daddy's blue fright wig, i must be handsome when i release my rage
I mean, come on, anyone ELSE see this as similar to when the Cult of the Dead Cow released Back Oriface 2000 with CIH preinstalled? :)
Seriously, before any of the "OH ITZ M$, THY SUXX!!!1111" posts come out, lets be honest. Any company can make that mistake. It takes a special moron in Quality Assurance to release that one.
I have to ask though... what would YOU do if you were MS in this case?
--- Ãther SPOON!
"breakable"
:-)
or maybe that doesn't quite say it. Hmmm, what am I trying to get at.
"trivially breakable"
It only infects one file that's never referenced by the system, and there are all sorts of unlikelihoods that prevent this from being executed. Still, bad press is bad press.
If they only had been using a Walmart Lindows box......
The guy who wrote that virus should sue Microsoft for distributing it without his permission. We're talking about theft of intellectual property here!
I'm an American. I love this country and the freedoms that we used to have.
Hell, nimda is a better feature than that stupid paperclip thing!
None of your shoddy open-source crap here, no sir!
Carousel is a lie!
I'ts not a virus/spyware.. it's a feature that enhances your web experience.
"You probably won't get any viruses from installing our software!"
-Restil
Play with my webcams and lights here
"breakable"
or maybe that doesn't quite say it. Hmmm, what am I trying to get at.
"trivially breakable"
In this case, "broken" is what your looking for.
Why is this under the BillBorg icon, and not the Monty Python "it's funny!" foot?
The "third party" that translated the software into Korean had something to do with the problem.
Well, at least we can still trust Microsoft on one count...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Morons.
Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft. Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft. As if Linux doesn't have it's problems. You might end up like Larry Ellison and his ridiculous "Unbreakable" claims.
Of course, that's a problem with the Linux crowd. Feer of being, and being seen as, professional.
According to the Article, it appears that "Microsoft's flagship developer tools picked up the digital pest when a third-party company translated the program into Korean...".
Ultimately it was MS's responsibility to verify they did not shit in their own bed, but how many of us look at every line of code in a distibuted or outsourced project.
Just my $.0199999
If we don't fight for ourselves no one will.
Aside from the Trustworthy Computing crap, what does this really say about the industry-wide practice of outsourcing product translations? Anybody who's done software development knows that even the best products give internationalization secondary consideration, but I don't think anybody ever considered how little consideration is given by US companies to the translation and distribution of international versions of software. Perhaps this should serve as a sort of larger wake-up call for all of us.
Mod the parent up.....score +5 Funny. I was the first to find this thing on our servers and I understand why we got.....Microsoft getting it is TOO funny!
Gorkman
Leave out the middleman when it comes to distibuting viruses! Give it straight to your customers!
The revolution will be televised. Blackout restrictions apply.
A spokes person from Microsoft was quoted as saying "This is the best chance we have at cleaning up our image."
They already gave them .NET, how far do you expect MS to go?
..that the Korean government is investing in linux systems?
Or maybe this is just another sleazy MS retaliation tactic?
The fact that it backfired might just be proof.
OK, someone messed up.. but it isn't as bad as it sounds. First off, it wasn't MS that put the virus in, it was some third party thing they used to convert the language to Korean. However, MS should have at least run virus scan on it before they shipped it. Second, the person running VS.NET would actually have to install IE 5.5 over IE 6 (why would anyone do that) and browse a certain help file in order for it to get infected.
I'm not trying to defend MS. Just pointing out the facts (or at least how they were stated in the article). On one hand it's kind of funny to read through all the quick one-liner jokes about MS (definitely worth a chuckle) but I think MS isn't quite as bad as they're being made out to be.
By the way, anyone know the company that wrote the nimda infected software?
From the article:
"It's extremely unlikely that a developer would ever accidentally get infected by Nimda," said Flores. "They would have to try hard just to run the worm."
So I guess its more like an Easter Egg. I hope this isn't World Cup related.
how far do you expect MS to go?
Well that depends. Since MS is the one taking us for a ride, it depends on where we want to go today.
Have you ever been to Korea, you moron? Those people are absolute technophiles. They love all of the newest little electronic gadgets. They're not always the highest quality little gadgets, but everybody has them. Koreans are not aborigonees living in a wasteland. They live in big, crowded cities like most of us, except they're usually bigger (the Seoul/Inchon area alone has something obscene like 14 million people) and they have lots more concrete (if you had ever been to Korea, you would know what I am talking about). You need to leave your momma's basement a little more often.
Today's Sesame Street was brought to you by the number e.
If you actually read the article, there are very valid reasons (albeit mistakes) that this happened, and the likelyhood of the virus actually running on the machine is next to none. The Help system wouldn't ever open it.
But hey, this is Slashdot. Let's all miss the relevant parts of the article and just bash "M$"! Yay, fun.
DrPascal: Not the language, the mathematician.
Viral Studio .NET??
This is just another example of Microsoft trying to bundle everything with windows. Now that they are bundling Nimda, Melissa is going to go right out of business.
Flores said that under Microsoft's security policy, the company normally scans every file being transferred to the master of a program. But in this case, the company only analyzed files it expected to find. Since the Nimda-infected file had been added by the worm, the company overlooked it.
I would think one might look for something that shouldn't be there when trying to detect a virus. I guess MS has some more "advanced" method that I just can't grasp.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas
Truly, life indeed imitates art(satire). Microsoft Bundles Worm with IIS .
I only post comments when someone on the internet is wrong.
How would you know they'd fixed IE if they didn't distribute a virus that no longer worked?
By the way, this is just another example of a premature attack by OS zealots. Just as the case of the cross-platform virus discussed previously, the Nimda file is installed as part of the help system, but is never loaded by the help system. As the tounge-in-cheek editorial posted by the illustrious Slashdot editors put it, "Only a complete moron would get infected by this virus." So unless someone in Korea is stupid enough to uninstall IE 6.0 (required for .Net to run), install IE 5.5, and then load the Nimda file, it is unlikely that they will get infected. For every MS goof, there is an equal goof in the OS community. (But we all know people that point that out get modded down....)
Now, instead of meaning it ships with no viruses, it means they include them at no extra charge!
"it does not spread itself around automatically"
.DOC format"
Yeah it does. When you buy windows, you start emailing files to world+dog (colleagues) as microsoft word files, so for them to work at the same office as you, they all need to install windows too.
And once your whole office is publishing IE-only websites with Powerpoint presentations on them, then anyone who wants to do business with you has to install windows too. The virus is already starting to spread.
Eventually it reaches a government department, and they make laws saying all tax-filings need to be done electronically, then write a website that only reads MS digital cerificates. Then anyone who has to pay tax (i.e. everyone except the queen) needs to install Windows.
Course it's a virus. Just because it relies on stupidity to spread doesn't mitigate anything -- loads of 'real' virii spread that way.
"Warn all your friends - you MUST delete command.com which is a virus"
"Warn all your friends - you MUST send your CV in
But a third party company screwed this baby up in transition, not M$. Using this as a "M$-is-so-evil/incompetent" story is pretty inappropriate.
There's many, many other reasons to dislike Microsoft. Taking one out of context only strengthen's Microsoft's hand and makes those who oppose Microsoft look petty.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
And in other news, an Pakistani foreign national was detained in New York City today for what officials are calling "a suspected case of viral bioterrorism". The man, Rumollea Abdula Jabala, 30, was reported to be "coughing and sneezing", and "blowing his nose" by onlookers, who promptly called officials to report the situation.
Jabala, who came to America on a work Visa, denies official reports that he deliberately caught the flu to infect persons in the USA whom he would come in contact with.
Jabala is currently being held in a city hospital, under armed guard, until officials can verify any terrorist links.
Either that or someone there has been watching too many episodes of 'The Mole".
You should include yourself in the list of "slashdot morons" because YOU missed the point.
// End rant
This significant issue is that they only check the files they *expect* to be in their distribution.
Before you ship code, you had better know *exactly* what you were shipping. What if the 3rd party localizers added a nice trojan program? It's *trivial* to execute code on a remote Windows machine. There are several exploitable holes to accomplish this.
The included virus is trivial. Microsoft's shoddy QA is the problem. Unfortunately, this isn't only a MS issue. It's an industry wide problem.
But MSFT did do a check of the "package" before they shipped it off. So they should have caught it.
It's not that hard to say: scan all, including compressed files.
"Piter, too, is dead."
They're worried about the viral nature of the GPL?
Move on. There's nothing to see here.
I wouldn't say that the Trustworthy initiatiave failed, but this will hopefully teach MS the number one lesson in security and viruslessness - trust no one. In the end, my email system is only as virus free as yours. If you are infected by Klez/nimda/... you still harass my bandwidth and my procmail filters. I'm just not dumb enough to run that .exe that h0t_ch1x@hotmail.com just sent me.
Just because MS code and systems are "secure" and "virus-free", as soon as they hand the code off to someone else, the code is only as virus free as their system is.
To read makes our speaking English good. - X. Harris
"It's not our fault," claimed Blamer, er, Balmer, "it's the fault of the {temporary worker|sub-contractor|college intern} we hired."
-- @rjamestaylor on Ello
And it will run on any platform too. :)
/*drunk.. fix later*/
Now all we need to do is find a way to slip a GPL-ed file onto a Microsoft CD the same way this virus got there.
They could clearly argue that the file was NOT part of their distribution, and therefore the product does not have to have source released under the GPL. But I'll bet until they finally came to that conclusion, there'd be a TON of Brownian motion in Redmond on the part of execs and lawyers.
So before someone actually does this, the need to let the alternative energy people know, so the heat source can be tapped.
The living have better things to do than to continue hating the dead.
The latest release of Nimda has been infected with the Visual Studio.NET virus.
MS mastered the CD so they should have checked the contents before they did so. Odds are both parties here are at fault one for introducing it and the other for not finding it.
It's just extremly funny and mostly harmless this time unfortunatly it's not the first time MS shipped a product with a virus.
I did realize it was a joke. I think, though, that before you make a joke at the expense of an entire culture that is proud, ancient and sensitive, you would do well to know that it has at least the smallest kernel of truth (for example, if you had made a joke about the disks getting copied all over the country, it would have been funny). Also, yes, I did the exact same thing by lumping you with the 31337 skr1p7 k1dd33z that live in their mothers' basements, when in fact I know nothing about you, and yes, I did it on purpose, and yes, I wrote my comment right off the cuff because I was irritated, and yes, the word "moron" was calculated to incite anger, so my comment should be properly be modded as flamebait. Still, though, I think the joke was about as fair and as funny as making a joke about how dispassionate Linux users are about their OS of choice.
Today's Sesame Street was brought to you by the number e.
See here for details.
Nope, no sig
When I read this article, the banner ad was for Microsoft Visual Studio .NET.
/.
It's that kind of policy that keeps me reading
Microsoft's agent that put the virus in is the culprit here, and the risk, as news.com pointed out, is low.
--
Ask the Ya-Hoot Oracle Anything!
Is it a problem? Yes. Is Microsoft doing something about it? Yes. In fact, Microsoft seems to be going out of their way to ensure that no one is harmed by it - giving clean copies to all the customers they are aware of.
Michael is trying to make the situation seem much more dire than it really is. Yes, Microsoft managed to let a file infected with a virus into a version of one of their most important products. However, that product makes the system it installs on immune to the specific vector of infection that the infected file accidently included with the product.
Just like Michael went after McAfee for claiming that the JPEG virus is a huge concern, he's claiming that the virus Microsoft included is a huge concern. It isn't.
An appropriate headline might be "Korean Visual Studio .Net Ships With Nimba" and then mentioning in the story body that the infected file is not actually used by the system and should theoretically never be run, and even if it is run, can't infect the system with Visual Studio .Net installed anyway. The story body should most likely also mention that the virus was added by a third party contracter.
The headline and story blurb seem to suggest that installing the Korean version of Visual Studio .Net will infect your computer with a virus, and that simply isn't the case. Yes, it still shows sloppy QA, but it can't really cause any actual damage, and that should be mentioned in the story.
You are in a maze of twisty little relative jumps, all alike.
He used to work with me... Nice guy, except he had this funny way of saying "out and about"
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
If GM includes defective 3rd-party gas tanks and brake-pads in their vehicles, will you absolve them from blame? The sad thing was that this wasn't even a very subtle flaw. Microsoft could easily have found it with a slightly more robust virus checking process.
"Trustworthy computing" means that your 3rd party suppliers are going to have to go through the wringer, too. Otherwise the phrase has no meaning, and there's nothing at all wrong with making this point.
So, Microsoft only scans the files they expect to be part of the install but they ship all the files anyway. While there is no way from the outside to prove or disprove this statement, I think it's odd they aren't consistent in which files they choose to scan and which they choose to ship. A decent process would use a consistent way to manage it.
At a minimum, I find this an example of the sloppy techniques I see all over the industry. Of course, sloppiness is one of the reasons that all these viruses keep finding new ways to infect software so I think it's a pretty big slap in the face for MS's Trustworthy Computing program.
t_t_b
I'm on PJ's "enemies" list! Are you?
No, I stole all my ideas from Taco.
Comment removed based on user account deletion
There are plenty of pro-Microsoft moderators around here these days, smartass, no need to cry about that.
-------
"Every artist is a cannibal, every poet is a thief."
It isn't a problem in the sense that it's going to cause damage, or infect anyone, but it is *damn* funny.
And it is a PR nightmare for MS because a lot of people aren't technical enough to understand what's necessary to become infected. All they hear is "shipped with Nimda" and it's bad news.
I don't have a solution, but I certainly admire the problem.
Couple things to note:
MS has a very good system of preventing viruses (used to be documented in a knowledge base article until someone realized that article said they used UNIX systems because they were impervious to Windows viruses).
What probably happened is that a system was infected before the help files were compiled, and then once they were compiled (rendering the virus intert) the AV software did not pick it up. Once the masters are checksummed, then no one will notice because the subsequent copies have not been tampered with.
Again, the virus is inert. But this is a HUGE publicity blow to Microsoft, so it is a BIG deal.
LedgerSMB: Open source Accounting/ERP
I'm seeing 40-80 probes daily (heh.. intermixed with 40-80 MS SQL port 1433 probes daily), on my firewall at home on a goddam dialup, fer krissakes...
How the hell can *any* company, or *any* subcontractor not be aware of this ongoing problem?
How the hell can any company with any pretensions to "Trustworthy Computing" have let this happen?
Make no mistake (Micro$oft apologists notwithstanding): there is absolutely no excuse for this unparalleled screw-up.
Do these people really think they are so all-powerful as to be immune to this sort of thing, or do they think they are so all-powerful that they just don't need to care?
t_t_b
I'm on PJ's "enemies" list! Are you?
Something about how Open Source software could have a virus on it?
Most of the time that MS uses a third-party company, that company screws up. My question is, who exactly is in charge of seeking out and contracting with those companies? Fire him big time.
BillG: "Microsoft Visual Studio .NET: Now with Securi-hancers!"
Windows user: "Finally, a product for me! I believe every word that man just said, because it's exactly what I wanted to hear."
Linux user: "Man, you've been brainwashed."
News.com: "Microsoft developer tool distributed with viral payload."
BillG: "He's making a mockery of the product! You're making a mockery of the product!"
(Linux user): Noooo!! Can you not comprehend that your ignorance will cause me to explode now? Arrgghhh!!!
BillG: "I AM THE KING!"
There is no way it can be stated that it's no big deal when this kind of thing happens. Period. The bottom line here is quality. If this kind of thing gets through, what else can get through? What kind of quality controls are really in place?
Whatever controls ARE in place, apparently they aren't effective or aren't being followed...
Computer Science is Applied Philosophy
...M$ includes a really efficient piece of code with their compilers.
What's even better than SPAM is the high-quality "Run-cheon mit'" (Luncheon meat). The bad romanization doesn't do the name justice, but that stuff was beyond interesting. That's why I always stayed away from imitation American foods in Korea. I much preferred good Korean stuff to bad American stuff -- except Duen Jang Chi Gae (again, sorry for the bad romanization). I never could get a taste for that stuff.
Today's Sesame Street was brought to you by the number e.
'Walah' is spelled 'Voila' :)
If programs would be read like poetry, most programmers would be Vogons.
It's not not the potential affect of the virus. It's the fact that it's even there.
"Only a complete moron would get infected by this virus."
Yes sir, we know there's a bomb in your car, but don't worry: it's not wired to the engine so it can't hurt you.
The fact that Microsoft could allow its flagship development tool to ship with such a notorious virus is absolutely incomprehensible and humiliating. If I were Balmer I'd be skinning alive those involved with a dull spoon.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
They...um...made sure that it was a quality worm that went out the door.
Well, have there been any security holes discovered in Nimda? Sounds to me like Microsoft is living up to their promises.
For every MS goof, there is an equal goof in the OS community
I dont pay members of the open source community $500 for a copy of their work. I do pay microsoft. I expect that $500 to buy me what is advertised.
I really do expect them to fire up NortonAV and scan every single file on the disk, and every archive. THEN they can hand it off to manufacturing.
I haven't seen a virus on a shrinkwrapped product since the early 90s. Back then, when I was in software retail, we saw 2-3 games a year with a virus on one of the floppies. Bad thing to do to your customers (never mind broken
Honestly, how long does it take to virus scan a CD ? Not the disk image, but the actual burned master in a CD-ROM drive ? In a fast drive (24x or up) it's not that long. And right now every Windows developer in Korea has been sent a virus. What if they do that to a state where it is a criminal offence to distribute a virus ? I'll be quiet now, maybe somebody at RandomeSoftwareHouse will go to jail over sloppy QA. That'll be the Day !
Veteran, Bermuda Triangle Expeditionary Force, 1992-1951
Now with improved networking support! :)
Ballmer: Damn! Some of those south asian countries have 94% piracy levels!
Bill Borg: (Sarcastically) We may as well ship the virusses right on the installation media.
Bill and Steve look at each other, light dawning
Ballmer: Hey... YEAH!
Bill Borg: Get southeast asia distribution on the phone!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Not only has MS done this before, they've done it several times before.
I'm just amazed that it doesn't happen more often.
the no
That'll show those lousy Koreans to pirate MSFT software!
How much you want to bet M$ offers to release "guaranteed" virus-free software in the future provided that Korea cracks down on software piracy?
You see? You see? Your stupid minds! Stupid! Stupid!