Slashdot Mirror
WindowsUpdate.com Secured, Permanently
Precisely nineteen months ago, Bill Gates sent out a
memo
to employees (and the press) announcing that security was Microsoft's
number-one priority.
Today, about a hundred readers have submitted the
news that Microsoft.com
went down last night.
And now, the company has
"extinguished" WindowsUpdate.com
(future updates will come from a
different domain).
All this because of some Microsoft worm that triggers at midnight. Related news:
Windows Update
says you're protected, but maybe you're not;
WU.com
briefly ran Linux, heh;
worm variant with clever "anatomical term."
Don't worry next week there will be another memo with the URL for the new update
It seems the power in one of the most populated areas of North America was out around the same time Micrsoft was making these fixes? Coincidence? I think not. For those of you in the power outage area, expect it to happen again tomorrow as the DoS is about to begin.
Did they point windowsupdate.com to 127.0.0.1 ? I hope not, there was a mail on FD explaining that such an action would cause it to DOS the local network.. Also, wtf is up with the site running lunix?
always took you to http://windowsupdate.microsoft.com so whats the big deal about cancelling windowsupdate.com? do you think anyone will notice, or care for that matter?
Does the name Pavlov ring a bell?
but Microsoft was seen on Linux today also http://uptime.netcraft.com/up/graph/?host=www.micr osoft.com.
Quoth Billy G: "Linux sucks, it's worthless, not usable for real . . . What? A worm? Aaaiiiieee! Tux Save Me!!!"
---
Jedimom.com, that not-so-fresh feeling.
StrategyTalk.com, PC Game Forums
Change the update machines, new names, etc etc. MS is resorting to smoke and mirror tricks. It will only fool the current worms, not future ones that will have the new machine names in them.
Trolling is a art,
Take NetCraft stats with a Big Grain of Salt (big grains of salt, heh). If a site is "Akamized", as this one was, or is otherwise distributed, you'll see the OS of the front end, not what the site actually runs. You'll note that NetCraft lists "linux" for the Akamai site.
I like music
Breathing is more important to us than any other activity. If we don't breathe, we will die.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
1) Disconnect box from all external cords
2) Encase box in several hundred cubic meters of concrete
3) Surround concrete with meter thick lead lining
4) Bury under radioactive waste in a geologically stable region
5) Saturate the surface with nuclear land mines
6) Curse MicrSoft, becase you still get hacked!
-- The morphemes of your disquisition are ascertainable, but they have eschewed an ambit of transpicuous exposition.
Went to check for updates today, just for the hell of it and the speed was a huge improvement over the old URL.
They're obviously worried that something is in the wild that is hard-coded to attack WindowsUpdate.com, else there would be no point in abandoning that domain and moving to another.
Not a huge deal, since the official URL is windowsupdate.microsoft.com . The start menu, Tools in IE, and Windows Help all have that address. The worm author was kinda stupid, he should have pointed it to microsoft.com or windowsupdate.microsoft.com.
Username taken, please choose another one.
So "Permanently Secured" now basically means "Permanently Offline"? Why didn't they just let the worm eat the domain? What's the difference, really? Whether they pull the plug, or the worm does it for them, it still means windowsupdate.com won't work...
"It's better to have a gun and not need it than need a gun and not have it." ~ Christian Slater, True Romance
Oh, you mean this?
Precisely nineteen months ago, Bill Gates sent out a memo to employees (and the press) announcing that security was Microsoft's number-one priority.
It's the first line of the fucking story! For cryin' out loud, we know you're not going to read the fucking article, we don't really expect you to even read the whole story, but can't you at least fucking read the first line?!?!
They've given the windowsupdate.com site to Akamai to serve for them. Not a bad idea, actually, since Akamai has something like 15,000 webservers distributed around the world, to share the load.
Of course, it's extremely amusing that they're paying to have their content served by a flock of 15,000 penguins. I'm a bit concerned for our own site this weekend, as we use akamai for our static content. It'll be interesting to see how my pageloadtimes are affected (if they are).
Akamai is a great resource for dealing with huge spikes in webserver load - I guess you could say this qualifies as that.
Last night I finally went to go upgrade from Windows Media Player 6.4 to 9.0 so I can test out those high definition WMP9 videos for once. I couldn't figure out why microsoft.com wasn't loading but now I find out it was because of a DOS attack.
Now I'm thinking, was this intervention from a higher force to protect me from installing WMP9 or just odd luck?
----------
Check out my blackbox styles
OS: Linux
o m.edgesuite.net is an alias for a562.cd.akamai.net.
Server: Microsoft-IIS/6.0
Last changed: 15-Aug-2003
IP address: 213.161.82.33
Netblock Owner: Akamai
they did not switch their servers to linux, they used akamai's caching services to handle their massive bandwidth requirements. notice the server is still iis. this is an akamai box (linux) serving a cached copy of microsoft.com (windows/iis)
$ host www.microsoft.com
www.microsoft.com is an alias for www.microsoft.com.edgesuite.net.
www.microsoft.c
a562.cd.akamai.net has address 63.236.1.163
a562.cd.akamai.net has address 63.236.1.160
a562.cd.akamai.net has address 63.236.1.153
a562.cd.akamai.net has address 63.236.1.139
a562.cd.akamai.net has address 63.236.1.168
a562.cd.akamai.net has address 63.236.1.147
a562.cd.akamai.net has address 63.236.1.138
governments of the world should heavily fine ms each time a serious bug is found and/or exploited. and people should examine, and demand, better alternatives
Would you prepared to submit the open source community to this same program? Every time a governmental Linux server is cracked, RedHat, SuSe or fundamentally FSF will have to pay.
BOO! TERRO
You have to give it to the guy; his timing is impeccable...
the Army, or any large organization with a large install base of MS boxes, does not use SUS?
I started using it here about 6 months ago, it is the only way to go. I cannot imagine using Windows Update as an enterprise solution. One or two PCs at home sure, but SUS is free dammit.
This is not like those stupid email trojans that are inexcusable because Microsoft intentionally opened the door (with scriptable email, etc.). This is a garden-variety buffer-overflow exploit of the sort that could just as easily still exist somewhere in Linux.
At least we know where the DDOS attack didn't come from: New York, Detroit, Cleveland, Toronto, et al.
Stop by my site where I write about ERP systems & more
I predict (maybe this post will help a little :-( ) that the next iteration of the worm (or another one) will google up "windows update" and will attack the 3-5 bests results.
;-)
Let's see what happen then... Microsoft is going to pressure Google to remove www.google.com from their DNS Servers
That is the coolest job title. I'd have to negotiate a gold plated machette as a hiring bonus for a title like that. And anyone working for me would be officially titled a Hacking Minion!
Today, in the developed world, we do not worry about electricity and water services being available.
Maybe he didn't get the memo?
Check out my sysadmin blog!
So now, when we face a choice between adding features and resolving security issues, we need to choose security.
Apparently he changed his mind.
Our products should emphasize security right out of the box, and we must constantly refine and improve that security as threats evolve.
After it's too late, that is.
A good example of this is the changes we made in Outlook to avoid email borne viruses.
I must've been absent when that came true.
If we discover a risk that a feature could compromise someone's privacy, that problem gets solved first.
Since when are bugs called "features"?
If there is any way we can better protect important data and minimize downtime, we should focus on this.
Lip + service = $$$
M$FT doesn't have time to fix bugs. These problems are an annoyance and only after they have been taken to task time and time and time again - they have finally decided to do something about it. They have been rushing software out the door for so long that they don't know how to perform genuine quality control. M$FT is not a software company that makes money so much as it is a company that makes money by making software. Well, buying up other's software slapping on some lip stick and then putting it out as their own.
Bill Gates: "Leave us alone so we can innovate"
User: "You keep using that word. I do not think it means what you think it means."
Unix is more secure for (at least) two reasons:
1. Users don't run Unix as root. Viruses have a very hard time attacking programs they have no write permissions on.
2. Unix has a much longer history than Windows NT+. It's had more time for the holes and buffer problems and other stuff to be fixed. Linux essentially "lengthens" its short history because it has so many eyes looking at it.
3. The killer Unix programs (Apache, SSH, PostgreSQL, etc.) don't run as root either. So even if they get exploited, worms can't do much with their rights anyway.
Unix is just built better. It has a longer history. I'll ceed that perhaps with a larger user base (pretend Unix has 90% market share) it would be a bigger target, but it is *not* as susceptible as Windows is. Not by a large margin.
From the memo:
"Today, in the developed world, we do not worry about electricity and water services being available"
Well, at least some people don't have to worry about electricity...
-eric
For example, if someone hijacks or otherwise poisons some DNS servers, then all the traffic to windowsupdate.com will make it through to windowsupdate.microsoft.com anyway.
Or, a future worm could be written to target & attack a variety of Microsoft servers.
Or a future fowm could be written in such a way that the target is not part of the worm's code, but rather can be directed remotely somehow. This way, even if Microsoft tries to switch addresses, the person[s] directing the attack can just change the target.
The real solution isn't to keep trying to dodge the bullet.
The solution to become bulletproof.
Even after all this time, Microsoft still doesn't seem to get that.
Part of the reason Microsoft is such a prominent target is of course because it is so, well, prominent. Taking down (say) an FSF server doesn't raise nearly as many headlines (as this week's headlines will attest to). But I don't think that all of the problem here can be traced to how widespread Windows is -- while the Internet's clients are nearly all running Windows, a large fraction of the server architecture is running some Unix variant, and while there is of course some malware that targets *nix (Linux, Solaris, MacOSX, BSD, etc), the results never seem to be as catastrophic as the typical Windows outbreak
To rip of Bruce Schneier's analogy from his security article in Atlantic Monthly a year ago, it seems to me that the what security mechanisms Windows has tend to be brittle, while those that the *nix etc world have tend to be pliable. That is to say, when a problem comes up with (say) Apache, the damage tends to be isolated. This is partly because each installation will be configured differently, with different features enabled or disabled, and partly because the server runs on a variety of systems, each of which may have different mechanisms for providing underlying security protections. On the other hand, IIS installations tend to be pretty homogeneous, and a flaw with one very well could be a flaw with all.
That's not to say that IIS couldn't be just as secure as Apache, if not much more so. But part of Apache (etc)'s strength is it's heterogeneous nature -- people are able to tinker, adapt, mix & match components to suit their needs, and in the process this will also tend to protect them from catastrophic failure. Microsoft has actively resisted this kind of diversity -- witness their howls about having to come up with "thousands of versions of Windows" if some of the firmer antitrust penalties were put into force. Those thousands of permutations are, arguably, exactly what is needed: this will give their users greater choice, and it will make emergencies like this more rare.
I don't get why they're so opposed to the idea.
Maybe they've got cleverer plans than anything I can think of. I certainly wouldn't claim to be any kind of security expert. But if the best they can come up with is a change of address card, I can't help but wonder if they're fumbling in the dark here...
DO NOT LEAVE IT IS NOT REAL
This strikes me as being a really bad thing:
They're missing a really big flaw, here, which is that this is horribly vulnerable to malicious behavior. There are already plenty of viruses and worms out there that make registry entries for one purpose or another. It seems to me that if you were exploiting a vulnerability for which a patch already existed it would be very easy to automatically modify the registry to make it appear that the patch had already been applied. This would make tracking which systems were vulnerable much, much more difficult. This would work particularly well if you were trying to make a stealth worm.
There's no point in questioning authority if you aren't going to listen to the answers.
The solution is easy, limit the fine to a maximum of the full amount paid for the software. ;-)
And really that is the case, many billions of dollars were paid to Microsoft for defective software. When auto makers have a recall, they are required to fix the problem for you. With software you have to do it yourself, and if you don't its your fault. Then again if you do install the patch yourself and your machine breaks, its still your fault!
Basically, expect to see no real improvement in Microsoft's software until someone has the guts to sue them or the government gets involved (ala auto recalls). Otherwise there is absolutely zero incentive for them to work any harder than they have to to sell you software.
This is a garden-variety buffer-overflow exploit of the sort that could just as easily still exist somewhere in Linux.
Active Directory also provides a way to block this type of worm that *ix doesn't. There wasn't time to patch all of our servers during the outbreak, so one of the guys here implemented a group policy that prevents execution of msblast.exe and teekids.exe on any machine on our network. Once they're all patched, the policy can be removed really easily.
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
I installed and ran the Microsoft BSA utility that scans your computer for updates (windowsupdate looks in registry only) per the link above. It found 4 problems that WindowsUpdate can't find, so I followed the links, to read about them.
Problem is, when you click on the link to DOWNLOAD the actual patch for XP, it just redirects you to www.microsoft.com, so even their security tool is useless if you cant get to the files to manually install them. Fucking rediculous.
Tequila: It's not just for breakfast anymore!
I wonder if this "DOS" they claim to be suffering is really too many users actually trying to get updates for once. After all, the code in this virus is not set to DOS MS until the 16th so they can not blame it on that. I doubt they would ever admit to not being able to handle the load. I use MS update at least a few times a day and have been for the last year on various client machines. Sometimes I need 10's of updates from a fresh install, sometimes just a few driver updates or the recently released. I don;t have any specific stats but I have noticed a definate slowing of the update site when the blaster worm was announced and it is getting slower as the days go on, today it took over 5 minutes to get a sound card update that for the previous year, only took 10 seconds. Another time today it took about 60 seconds. DOS causing this? Maybe, but I would guess they are having a hard time providing the update service for everyone and do not want to admit it. I bet hundreds of thousands of people are running the update service for the first time ever and they need a lot of updates. This move of names and connectivity is probably a hidden attempt to get the stuff hosted somewhere else or split up the load more then what they are currently doing and make it appear it is for security reasons. Reading bewteen the lines here but the amount of work involved with name change of this nature is massive compared to the relative ease a virus writer can simply point to the new site. Does MS honestly think a name change will stop a DOS? I doubt it, but it fits into thier FUD compaign of increased security and that they are under attack.
Bad boys rape our young girls but Violet gives willingly.
I could be wrong, but I'm pretty sure that PostgreSQL complains very loudly when run as root, and instead prefers to be run in a separate account named "postgres". Likewise, my Apache was by default set to run in an account named "httpd". As for sshd, I dunno, you may well be right about that one.
This is on RH 7.1, so it may have changed.
I think given Microsoft's position on Linux that they shoud / would have researched the market to see if the service could be provided by a windows shop before signing a deal with akamai. It looks bad ... almost like saying windows isn't up to the task.
the Linux community needs to concentrate on not becoming the next big security joke. Okay, it's fun to laugh at Microsoft's pathetic record.... Just a second... Muhahahahahah. I feel better now. But as Linux becomes more and more popular blackhats will put more and more attention into breaking our OS.
We need to all make good design and operational decisions. Bad decisions like the one made by Lindows to run as root be default can lead to Linux having as bad a reputation as Microsoft.
The Linux community is positioned to demonstrate to the world that Linux, not Windows, should be used anywhere that security is an issue. Let's not blow it.
The race isn't always to the swift... but that's the way to bet!
Two thoughts here. First, package management
Operating system version control has been a problem for Microsoft Windows for a long time. Especially with runtime software bundled with third-party applications (think DirectX), you need a clear way to identify what is installed on a machine, upgrade it while tracking dependencies, and easily remove it. InstallShield does this sort of thing -- why isn't it built into the operating system?
Furthermore, most package managers provide a facility to verify the files that are running on the machine. While it isn't as conclusive as something like Tripwire, a simple "rpm --verify --all" will give you some insight into whether a system file has been replaced.
Package management on AIX (and probably other UN*Xes, but I haven't used them) gives you the ability to roll back out of a patch that went wrong, too. While that is possible to some extent in Windows, a package management solution could make that very easy.
And while we're at it, why isn't there a framework built into Windows to centralize patching of ALL products, not just Microsoft ones? Certainly the "Microsoft Update" that they are proposing is a good step, but why not build something that can check other vendors' web sites for patches? Couldn't such a framework be built so that when an application is installed it registers with the OS, and tells the OS where to look for updates for that specific product? Then when you run this "update console" or whatever, your local machine goes out to Microsoft, Symantec, Adobe, whoever, and checks to see if there are updates for EVERYTHING that is installed?
The system could also be similar to Red Hat's update mirrors/satellite up2date server, where a corporate customer could set up a central update server, tell it where to get updates for all the products in use in their company, and then that server mirrors it. Then updating the client workstations (and servers) is something that happens in-house. Maybe it could even be smart enough to tell if a client machine hasn't been updated yet, and then when that machine is powered on it could update itself and reboot if necessary, all before the user is able to log in.
These two things together could really put a dent in management for Windows machines. Sorry if this is sort of a ramble, I've been thinking about it for a while and it all just spilled out.
Because they've endgendered a "computing" culture where users are either: 1)ignorant about the need for patching, or 2) have been burned by fucked up M$ patches in the past and hence, don't keep up to date.
"Fool me once, shame on you ...
...
Fool me twice
won't get fooled again"
This country is overrun with idiots. I hope you reap the consequences of your actions. I spit on you all!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
You're new here, aren't you?
!#@%*)anks for hanging up the phone, dear.
Going to 'tools, windows update' in internet explorer takes you to a redir site on microsoft.com, which attempts to forward you to windowsupdate.com NOT windowsupdate.microsoft.com .. even still (~3PM EST). you'd think they'd at least fix that if they were fuckin with the dns..
You may not know this, but when you change an entry in DNS, it is not available to everyone for a while. This is due to caching (all ISP DNS servers are caching servers, of course). For instance, the AOL servers may have gotten the ip for the domain at 8am, and if it doesnt expire for 24 hours, their server will assume it is still at the same ip, so when an AOLer tries to go there (using AOL's DNS server) it will simply give that IP address, even tho it has changed. It wont go back to the SOA and check the serial number of the DNS entry to see if it is still valid until after it expires and someone requests it. So, it depends on the expiry of the DNS record before the change. My experience is that it takes 1 to 2 days for all the changes to fully propegate, and sometimes longer on some DNS servers if they override expiry.
Tequila: It's not just for breakfast anymore!
Microsoft is about to get into the AV business yet again. Keep in mind, MS does NOT consider those companies friends, rather they are competitors, so I can see MS letting them look bad with old links. That is not new for them.
Tequila: It's not just for breakfast anymore!
Too bad the target audience of this worm doesn't have an AD to help them.
they obviously don't trust their own users to keep their systems patched and/or behing firewalls
/.ers , hehehe.
I'm an XP user (among other os's) and I don't trust the average Windows user either. Not ragging, just a fact. My mom is one of them.
My brother and I were joking around because mom asked him what she should do about "that new virus" (blaster). She asked him if unplugging the computer was enough, or if she needed to do more. I told him he should have told her to put the box in the refrigerator because everyone knows that viruses and germs won't grow when they are kept that cold. Yea, I know, slightly cruel, but I'm telling ya, she just MIGHT have done it if we could have kept from laughing.
So its not an insult to Windows users, its just a fact: Most are interested in doing stuff with their computers and expect them to be like a toaster, just plug it in and never think about it again.
Ironically, I bought my 67 year old mom the computer last christmas, she uses it every day, and she WAS smart enough to ask someone about it, more than I can say about a few
Tequila: It's not just for breakfast anymore!
If those rumors are true, then the worm didn't cause the power failures, it just disabled the systems that would have prevented them. That this happened at around the same time is just a coincidence, - or maybe minor power failures happen frequently and were just prevented from spreading?
Who the fuck runs mission-critical systems on Windows?!! HOMER SIMPSON?!!!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
WindowsUpdate.com did not, I REPEAT: DID NOT EVER Run Linux. The scan from Netcraft only shows that during a particular scan the DNS resolved to Akamai's web caching servers. So Puh-LEASE don't try to start misinformed rumors.
Linux AkamaiGHost 15-Aug-2003 213.161.82.37 Akamai
Reminds me of the old military joke,
The Army will post guards around the place.
The Navy will turn out the lights and lock the doors.
The Marines will kill everybody inside and set up a headquarters
The Air Force will take out a 5 year lease with an option to buy.
[
While Windows was getting all the attention from their common creator Microsoft, DOS has secretly been waiting for its opportunity to strike at both.
From the infoworld article:
The company is cooperating with federal law enforcement officials to investigate the attack, which is the second successful DOS attack against Microsoft.com this month.
Two successful DOS attacks this month. And what a sense of irony: revolt against the creator by manipulating "the favorite" to do its bidding.
What's so hard about using a lower-case 'o'?
This is not my sig.
Notably, Microsoft refused to give permission to ISPs to burn CD's or make floppies with the Blaster patch on them. I heard of one outfit that had their lawyer contact MSFT to make sure that they were kosher before giving them to customers. Microsoft refused. As it turns out, stating that the users could easily download the patches directly, even if they had the shutdown bug and were dialing in to download a 1.2 MB patch.
I have no sympathy for MSFT getting DOS-ed. The fuckers deserve it, and they were hoist by their own petard. Sure, there is some nitwit out there that acted on as explout that was known for at least a month, but WTF? What is the problem with letting ISPs distribute the patch to fix this thing?
The ISPs are burning time and support lines over it, bandwidth is getting hosed by the packets on the affected ports, filtering ports helps (but doesn't eliminate the problem). Essentially, third-party companies (ISPs) asked for permission to help put out this fire, and Microsoft gave them a big "fuck you" and I am somewhat gratified by the whole thing.
Fuck you, Microsoft. Here's hoping you get more of the same.
I might post the emails discussing the attempt to get authority to help spread the patches somewhere, but I'm not anxious to cause a slashdotting of my own weenie ISP's servers.
The impending DDoS attack on Microsoft scheduled in the MSBlast worm was drastically mitigated by Microsoft's DNS shuffing, the diligent patching by systems administrators around the world, and the lack of electricity in several population centers. However, it was replaced by a much more potent DDoS attack by people checking to see if Microsoft's site was dead yet...
"Never put off for tomorrow what can be avoided altogether"
The SUS server is supposed to synchronize itself (manually or automatically) with Microsoft's servers to get the latest updates, and you get a chance to approve them for distribution to clients. Not a bad idea, and it seems to work OK.
However, the URL that's coded into SUS to synchronize with updates is -- wait for it -- a windowsupdate.com URL!
Error Message:l og1.cab'. (Error 0x80072EFD: Unable to connect to the server.)"
"Failed to download from URL 'http://www.msus.windowsupdate.com/msus/v1/aucata
Anyone using SUS to update their client machines is now stuck with their current update set until Microsoft sets up a new site to sync with and documents how to change the URL that SUS uses to whatever one they come up with.
Lame.
"[Unix] is *not* as susceptible as Windows is. Not by a large margin."
Oh really? I'd just like to point out that while this bug is *attacking* one of MS's sites, it won't successfully *break in*. It was a mere 2 days ago that a hacker successfully broke into GNU.org and compromised the crown jewel of the Linux community.
So who's more secure again? Don't be so quick to jump to Unix's defense. A lot more exploits are publicised for Linux than for Windows.
Like woodworking? Build your own picture frames.
I don't know why this became a big deal. Ok, I lied. It became a big deal because of users who did not patch their systems (for whatever reason). But it isn't like this patch is new. It was originally posted on July 16, 2003. They just revised the bulletin because of the outbreak.
From MS's site:
Why have you revised this bulletin?
Subsequent to the release of this bulletin Microsoft has been made aware that additional ports involving RPC can be used to exploit this vulnerability. Information regarding these additional ports has been added to the mitigating factors and the Workaround section of the bulletin.
If I have installed the patch provided with the original bulletin, am I still protected?
Yes. There has been no update to the patch itself, and the patch will still correct the vulnerability. This additional information is being provided to those customers who may require a temporary workaround until they can apply the patch.
I wish I could make my friends, family, people I know read these security reports on their own, but they never do.
-Valiss
Here in CA you have to fund the switch which allows you to feed from your supply to the lines, even if you don't EVER want to feed back, PG&E got some help in the legislation, this run s around 10K minimal. The CA government in its infinite wisdom also institutied a Farking tax on power feedback, in order to offset the cost of people leaving the system while it is so deep in financial trouble, so now even if you DON'T USE the power grid, you are required to pay a tax on the approx. amount you would use....Our rural neighborhood association just went through the governmental hoops to get this working...what a friggin nightmare.... Unless you have several hundred potential users, there is no way this is financially feasible thanks to our friends in government, always out to protect corporate interests at the expense of taxpayers freedom and choice.....
errr....umm...*whooosh* *whoosh* Is this thing on ?
-1 Overrated for that on a +5 post
That line of reasoning is hogwash, and part of the self-apologizing crap us Software Developers keep throwing out.
It used to be that we could blame the users for running executables they receive via emails. We demanded common sense, and said that it was user error, not Software Developer error. This time, the mere act of being plugged into a network or the Internet is enough to get the computer infected. So what do we do? We say Damn those lusers because they didn't install their latest security patches!.
That's a big, smelly load of shit. Systems administrators should be required to read bugtraq and keep their systems patched. Users should only show common sense. We can't ask them to do these things. There are people working with computers that actually use them as tools to do work, rather than as objects of worship, as we geeks do. They don't want to know about driver install woes or our petty flavour of the month.
We should be bounds-checking our mallocs rather than demanding users take the time to fix the faulty products we put out.
Overcaffeinated. Angry geeks.
"why would i want to help allievate the situation? hell, i get to have all my computers attack microsoft for free! and legally! wohoo! sick 'em!"
I know (think) you're joking, but while we can moan all we want about how Microsoft should design software that's more secure, we can't do anything about existing systems. And windowsupdate was the fastest, easiest way for the non-tech public to protect and repair themselves. Those of you out there that view this impending attack and the shutting down of windowsupdate as a good thing are very shortsighted.
Maybe you don't give a shit about all of those other users out there that use Windows. Maybe you're happy this is happening. Fine. But rest assured, it's not going to cause people to rebel against Microsoft, like many of you are hoping. There will be no enlightenment and mass exodus to Linux or BSD or OSX. This is going to get blaimed on "hackers". And we all know hackers hate God, hate America, root for Saddam, get pentagram tattoos on their foreheads....and use Linux. Pretty soon it'll be "yeah, I saw those Linux guys bragging on slashdot.org that they took windowsupdate down!"
IBM's reps will be going "yeah, thanks heaps for the positive image, slashdotters.........fuckers".
Make fun of people that run Windows all you want, but don't assist in, or support the disabling of one of their few effective means of defense.
Life is hard, and the world is cruel
And now, the company has "extinguished" WindowsUpdate.com (future updates will come from a different domain). All this because of some Microsoft worm that triggers at midnight.
If you're going to submit a biased article, at least get the facts straight. WindowsUpdate.com was never the primary WU domain, windowsupdate.microsoft.com was. They're just disabling the extra one that was never linked from the Windows OS.
Beware: In C++, your friends can see your privates!
I think everybody is missing the point on this whole issue. Fact :- Blaster is a worm, who's payload was intended to dos windowsupdate.com, rendering it unavailable to the folks using it.
Fact :- windowsupdate.com is 100% unavailable.
Conclusion :- Blaster is the most successful virus/trojan to date. It didn't just cause a few hours of unavailability, it wiped the domain from existence. Not just any domain, but a prominent microsoft domain (high profile, big budget website) totally obliterated off the internet.
Folks can say what they want, and argue about the politics of it all, bicker about who is responsible to update what, and whatever, but you cannot deny the facts.
Blaster is head and shoulders above the crowd as a denial of service worm, the first to achieve a 100% success even prior to actually triggering.
Say what you want folks, but this has got to go down in history as the most successful worm ever.