Slashdot Mirror
The Virus Squad
dncsky1530 writes "Sydney Morning Herald - The Virus Squad - 'A new species has been discovered. So new, it's still unnamed, but researchers are racing to tag it - before it spreads around the world. For the next 10 to 30 minutes, the computer virus or worm is dissected, analysed and identified... "On the day we detected MyDoom, we did another 18 viruses," says Paul Ducklin, Sophos's head of technology for the Asia-Pacific. "There are about 800 new viruses a month. And the unglamorous bit of our work is often the other 798."'"
Maybe a lot of /. readers are too young to remember real viruses, or to have played around/collected them, but its been a decade since a real infectuous virus has gone around.
If it can't infect any arbitrary EXE file, its not a virus, its a trojan or a worm, depending on wether or not its a moronic user or a security hole that allows it to enter the system.
Well, I have to wonder how well the whole antivirus industry is handling the problem; why release virus signatures instead of just changing the entire underlying security system in the operating system? It's things like viruses that make SELinux seem like a very good idea to me.
It's things like SELinux that make the status quo seem like a very good idea to the antivirus industry.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
"There's still a big perception out there that only broadband users need one," Lee says. "Everyone needs a firewall, along with antivirus."
This rings all too true. If forwarding ports for certain applications wasn't such a pain in the ass, I would say make ISPs require firewalls or find a way to have some sort of personal firewall for their connection that they can access from the internet and change the settings on. Just a thought.
This would bring up other problems, but it'd at least stop a lot of problems with trojans and open relays.
How does that go?
"I AM PR3PAr3D T0 0ff3R TH3 2um 0F tHR33 BaGz 0f Ch33zY P00fS 4 a 3l33T P2Ych0!og!st!!!"
"While you clearly have abandonment issues, the practice has been hard up for money lately. Very well, I accept. But first, tell me about your mother."
Look, it doesn't take a psychologist to explain that when you sit the average person in front of a computer, they become a mouse-clicking fool. No amount of emergency IT sessions with the staff explaining precautionary tactics involving attachments is going to change that, and if any psychologist recruitment is necessary it's to explain why the average person keeps clicking attachments to messages in obviously broken English.
That's why blaming software vendors like Microsoft is stupid. Will four ARE YOU SURE YOU WANT TO RUN THIS warnings before allowing the execution of an attachment do any more than three?
But how often do you run across a computer you have to service with expired virus subscriptions? It seems to happen to me quite a bit. I suppose M$'s virus scanner mentioned earlier on /. might help, but that reeks even more of conspiracy than the current "protection money" setup does.
Rather than bundling a questionably legal virus scanner into their next service pack, Microsoft should perhaps add a tool that helps to lock down permissions on NTFS volumes, creates unpriveleged accounts for users and various services, etc. Even with the multitude of security holes, Windows can be made a lot harder to mess with, if you put a little work into. The key here is privelege seperation.
Right, no one would ever write code for the joy of writing it. That's why this OSS fad will never take off...oh wait.
The Tao that can be spoken is not the one eternal Tao