Slashdot Mirror
Virus Creators Sharing More Code
arpy writes "The Washington Times is carrying a report on a 5% increase in publicly available virus code in 2003 (based on a Symantec report). There are now about seven versions of MyDoom, and at least 14 each of Netsky and Beagle. Explains why my email account is overloaded with these little bastards. PC World is reporting changes in the countries that virus are originating from: Australia shot from 14th place to 5th over the last six months of 2003! The source of these stories seems to be the March 2004 Symantec Internet Security Threat Report." (This last requires registration to download.)
The folks whose machines are that vulnerable probably need a little "housekeeping" help...
"Obviously, I'm not an IBM computer any more than I'm an ashtray" (Bob Dylan)
Wouldn't the open source of these viruses be an advantage to the Antivirus folks? (Symantec, Norton, etc.) I mean, if they know the basics of the virus, wouldn't it be easier to defend against them? (I don't have much experience in the realm of viruses...just curious!)
01000001 01011001 01000010 01000001 01000010 01010100 01010101
Open Source software really is viral!
salute our new scr1pt k1dd13 overlords
msgbox("you have a virus")
Looks like we found at least one area where going the Open Source route is bad :-)
I plan to plan / Dutch course in The Hague
Any little kiddie who is going to copy a virus and change some code around isnt going to get very far, because the virus scanner is still going to pick it up. It would involve magor changes to change the virus enough for the scanner not to pick it up as the orignal virus. Just look at the last few varients of MyDoom, they hardly made a dent. As long as end users have updated scanners it should not pose as much of a problem.
Um... isn't wide public exposure kind of the point of a virus?
"Virus Creators Sharing More Code"
Does this mean Norton and McAfee are going to merge companies ?
For the creators of an original virus. It might be a little incentive for these people to at least come up with something new......... Nah, never mind.
Download Linux. It's one virus you'll be glad you caught.
I have been pwned because my
The nature of most viruses and worms means that they are shared quite ubiquitously. If you have received any of these viruses, then you have the code that makes them work. It's not hard to reverse engineer most code, and it's even easier if the language is something like VB script.
I remember getting the Anna Kornukova virus 4 years ago and just inspecting the script to see exactly how it worked. It would not be tough for a script kiddie to take that and modify it enough to get past virus filters. I'm sure there is virus code sharing, and I'm sure it's increasing, but if you really want to get your hands on the code, the author doesn't even need to intend to share it, he already has!
the only time I installed an anti virus, it whipped my hard drive. Since then I decided never to care about virus again and I've never seen any. Any similar experiences among /.ers ?
It suggests that anti-virus programs should be able to cope (if people bothered to use them).
I wonder if you could get a license for a virus under the GPL???
Evolution or ID?
Over the past several years we've learned that bacteria (and even plants?) can be 'promiscuous' about sharing useful genes, such as antibiotic resistance. Software is just catching up.
To continue to stretch the metaphor, apparently the immune system is keyed to stereochemistry of surface molecules. Change surface molecules, fool the immune system until it adapts. Spam has been taking this approach, injecting random text in an attempt to fool Baysean filtering. No doubt virii will learn the same trick. (Break code into mini-object modules, and use a randomizing link-edit step, for instance.)
The living have better things to do than to continue hating the dead.
You must have lots of friends and or family. I suggest you get a lesser life form companion and lose all ties to other sentient beings. Especially dumb ones with computers.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
...one doesn't mean you've never been infected.
Ph-nglui mglw'nafh Gates M'dna wgah'nagl fhtagn.
if this "virus writers sharing more code" has something to do with the recent windows source code leak.
I mean... if windows source is leaked and widespread, that's gotta be the ultimate virus source code spread in the latest years.
It's so obvious.. all we have to do is trick these virus writers into putting some SCO code into one of these viruses. They can put it between /** **/.. it doesn't matter. If they do that, SCO will pursue them to the ends of the earth!
Explains why my email account is overloaded with these little bastards.
Your account is overloaded because your mail server sucks. Don't you have a virus scan?
I don't get any virus emails at all. Hmm.
Sure there is! Haven't you seen Uplink? :)
1. Detect
2. Clean
3. Deliver if cleaned
4. Quarantine if not
Problem is, about 99% of viruses that have come into our firm in the last 6 months have been nothing but virus - no legitimate content. Despite this, our antivirus tool has no option to use its 'knowledge' of the 100% illegitimate messages and simply delete these outright.
In order to avoid the possibility of quarantining legitimate content, we are still detecting and cleaining, which still lets hundreds of confusing messages through to the users.
I know there are other products which will eliminate this kind of traffic altogether, but it seems to me that a few minor changes to (at least our) current antivirus products could dramatically improve the situation for us.
Are the other major mail-server based "pure" antivirus products any better than Mcafee?
---------- It tingles because it's working.
But this is not at all the case. The real damage, IMHO, is not when virus writers share the code, it is when they share the information on vulnerabilities.
The sharing of the code only helps the script kiddies. They can be easily taken care of. But not the clever guys who learn about, and then exploit, vulnerabilities.
Indefinitely Detained US Citizen
...when Symantec puts out a report that viruses are on the decline. I'm not saying that viruses are on the rise or on the decline or are not a danger to users, but I will definitely take such reports with a punch of salt, coming from a company which stands a lot to gain by scaring internet users with predictions of rise in virus attacks.
they hardly made a dent. As long as end users have updated scanners it should not pose as much of a problem Obviously you probably are not in the system administration field, ISP field, or anything similar. Right now I work in the ISP field, and you have no idea of the nuisances cause by the same repetitive viruses going on right now. Try explaining to Joe Blow common users why they're receiving messages from management, staff, security@someisp.com telling them their account will be terminated if they don't open foo file. Most don't know what a spoof is, and most don't understand why their dial up connections are now giving them errors.
Along with antivirus sofware which - some go through autoupdates, try explaining to users why they need to run their antivirus software after an update. See most people outside of the geek world would believe that an autoupdate from Symantec, or McAfee or others is automagically going to take care of itself, and it's not. Sure people here may know, but not everyone is Top Geek.
Whenever I talk to friends who don't know much about computing I try to liken it to human diseases and medicine, and those vaccination shots Americans have to take as kids going to school: "If you had diabetes you need insulin, if you go to the pharmacy and get that insulin but bring it home and put it on the table, your doing nothing. Think of an autoupdate from an antivirus company as doing just that. You got the medicine now, why leave it on the table. You have to use it." Most of the times they understand afterwards and ask silly things like well why doesn't the program do it itslef. Some antivirus software does after some configuration some doesn't.
For anyone to think that; someone outside of the computing - is going to have an understanding of this, you're wrong. If this were the case, there would be no more viruses. People are too trusting and naive sometimes, and no antivirus software is not going to detect anything. Has anyone not seen viruses that disable firewalls, antivirus software altogether, because I know I have dealth with people becoming infected with such. You can't base your experience with that of Joe Blow, it's apples and oranges.
MoFscker
I think that open source viruses are the way to go. GPL them and apply modern ideas from software engineering. Well documented viruses would be handy, both for filtering and to aid future virus designers.
"Explains why my email account is overloaded with these little bastards."
:). I know its not a 100% protection but it helps, obviously.
Well, partially it could also be to do with the fact that you are not careful about where your email address ends up. I have been as strict as possible about people not including me in their outlook/outlook expresss address books, or not including me on the mailing lists if i knew that participants are not security minded people. And i never had any sobigs, mydooms or the likes in my inbox yet i did use that account for emailing
You said "surreptitiously" ... how do you know it hasn't been done? Maybe just one of the good guys floating around can't clean up PCs faster than the bad guys release new viruses.
Infuriate left and right
Let me clarify this since I'm just waking up...
no antivirus software is not going to detect anything. I meant to type, no antivirus software is going to detect EVERYTHING. If this were the case, newer versions of Netsky and Bagel would get by, which is why most virus makers tweak code little by little, and another variant becomes a nuisance. Netsky and Bagle prove this. Right now there are who knows how many variants of it.
MoFscker
Users are generally like people who leave their car unlocked and then complain that their radio is missing when they get back.
Yes, they're stupid, but in the end the thief is the guilty one.
Virus writers are a great justification for the total elimination of privacy on the Internet. Imagine if you could use ISP logs to trace a virus right back to the first transmission, and then to the source. You could find the prick, drag him to the city limits, and dangle his corpse from a tree as a warning.
Sadly, while I wouldn't mind executing the jerks who assault our information infrastructure, I do value my semi-privacy.
Now where's the SCO when you really need them?
I first read the artile title as 'Virus Creators Sharing Morse Code' --- As a ham radio operator, I was appalled. First BPL, now this! :)
Blows McAfee and Norton out of the water. I can't believe it's not more well known than it is, maybe because it is a little pricier. But then McAfee and Norton have been jacking up their prices higher and higher with every new wave of Microsoft viruses that hit the Internet too.
We're blocking MS executable attachments like BATs, CMDs, PIFs and SCRs, scanning the crap out of EXEs and ZIPs, and now using eManager spam rules to filter out most worm-bearing emails since their subject lines and bodies contain matchable text patterns.
Stops unwanted mail dead.
Finally be able to stop bitching about your inbox.
100% Free.
Small catch: you need your own mailserver. Answer: add procmail to your recipie. Ha, get it?
MailScanner
SpamAssassin
ClamAV
--J(K) DOS is like Unix in exactly the same way that a pinto is like an aircraft carrier.
This must be a direct result of Mel Gibson's "The Passion Of The Christ". This holy movie has inspired a new culture of charity that is reaching down even to the virus writers, who so selflessly test the security of the world's computers so that we may all sleep more soundly, or... something.
*sniff* It gets me right here.
No, here. A little to the left. A little more.
Now scratch.
Aahhh....
--- Ban humanity.
...legitimate programmers continue to reinvent the wheel.
at it's best -- these things have been peer reviewed quite well by now :)
One time I got to work and checked our local geek account (where we all joke, pass notes, etc.) and I read this email forwarded by the technical support "Hi I'm writing to know if everything is alright with the system. I'm not getting anymore spam so I wanted to know if there's a problem." I kid you not, the end user was wondering why, they weren't receiving spam. It's difficult to filter too much, because what do you do when someone is constantly complaining about not receive a business proposal coming via way of zip. What happens if by mere coincidence it was flagged as spam, or a virus. That's the problem with filtering, personally I think education is a better resolve, but that's just me.
MoFscker
I have a message for you:
Screw you and the trojan horse you rode in on.
-
Does that include "real" virus code, such as the stuff in 40Hex (a popular virus zine a decade ago) or is that just "pseudo" viruses (really trojans written in VB or whatnot).
"all GPL code is viral" Your windows b0xen will be assimilated.. resistance is futile.
One was written from the MyDoom worm, and patched the hole after using it to get in.
That sounds freakishly like some biological viruses that recombine its genetic information into the host chromosomes which effectively seals off the cell from further attack by viruses, so that it can do its work safely without interference.
If virus makers actually learn how to recombine their code into standard windows libraries and the code is then free to work without interference, the Windows users wouldn't know that they are actually infected until some future date when their credit card numbers are stolen/hard drives reformatted/etc.
In fact, the whole idea of sharing the code of viruses is similar to the idea of recombinatorial DNA in viruses and bacteria: effective code from one virus can be transferred and incorporated into another virus/bacterium (plasmids) to make an even stronger pathogen. Scary stuff.
I am defenseless. Use your button. Mod me down with all of your hatred.
I'm always glad to see programmers cooperating, and even occasionally competing for market share. After all, that will only bring us better products.
But you have to wonder just what we're going to get next when some of these virus writers start working together. We've already seen multiple-vector viruses, better social engineering, and greater adaptability. It's certainly going to keep the anti-virus companies on their toes.
Sure I'm paranoid, but am I paranoid enough?
Gee, and I always heard that re-use is a good thing!
We've been running Antigen at my company for at least 3 years. It uses multiple scanning engines on each email. We can also block any attachments that we want (based on file extensions). As a result, we haven't gotten hit with a single e-mail virus in the entire time it's been running. We receive hundreds of viruses a day(recently thousands thanks to MyDoom and Bagle), but it blocks every one.
People can come up with statistics to prove anything. 7 percent of all people know that.
It's natural selection.
Those PC's that succumb and die from infections, leave only the strongest PC's to repopulate the earth. It's happened all throughout nature since time began. Consider this the "electronic black plague".
I am Bennett Haselton! I am Bennett Haselton!
That's great news.
/usr/ports/virus/ directory with viruses that will run natively on my operating system.
Viruses is closed-source, proprietary software that only runs on Windows.
A lot of nice guys are trying all day long to send me ".pif" files so that I can have fun, but I keep clicking and clicking again, nothing happens on my OpenBSD box. It's so disappointing.
Thanks to these opensource virus, I will probably soon be able to enjoy a
Great, I will now be able to chat with friends "hey what ? You still don't have Baggle 8.3XP ? Haha sucker, I got it for 3 days !".
{{.sig}}
So a new virus can only be detected when it is discovered and its signature put into your database. This takes time. Since modifying the signature is easy to do each new version of MyDoom requires a new signature and therefore an update.
The other method is too look at patterns in the code but this is a lot harder.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Well, sounds like a good idea but I think such a program would more aptly be called a retro virus.
Nick Powers
Encryption: I may not agree with what you say, but I will defend your right to encrypt it...
Sorry about that! my BAD!
Nick Powers
Encryption: I may not agree with what you say, but I will defend your right to encrypt it...
True enough, but irrelevent. Virus writers will probably always be out there. Much like car theifs. And neither is easy to catch. That is why the police tell you to lock your damn car. So if your computer gets a virus because you didn't patch, yes it is stupid, and your fault. Blaming others for your problem is no way to solve them.
If someone actually creates a virus that beats the patches out there (which never seems to happen) then it won't be your fault.
"Take that Lisa's beliefs!" - Homer Simpson
Maybe the virus writers are getting older, going to university and the lectures on software engineering and code reuse are hitting home??? :-)
Strangely Enough...Hotmail's Junk Mail filter was enough to keep malicious emails out of my inbox, though I had to block some legitimate emails in the process.
Quite a bit of assembly required, actually....
Very easy to use, and integrates nicely with Postfix. NOD32 is an awesome virus scanner. I just checked the list of features on amavisd and it doesn't seem to have a "clean" option, although most folks don't want it anyway... BUT it's written in Perl, so you could add it fairly easily I expect.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
Nice to see the FLOSS principles being taken up in more and more areas. :-)
Once, ignoring viruses and anti-virus software, relying on good practices only was a cool hobby; nowdays, it's a disaster waiting to happen, in a large part M$ is to blame.
I retired a box I used from 90-95 and I'm now in the process retiring the 95-04 one. Amazingly, I was able to run MS DOS and Windows 95 without much hassle and without permanent anti-virus-come-to-the-rescue operations.
People borrowing my diskettes (remember the 5 1/4 " floppies ?) did all sorts of things:
- have infected the floppies,
- have goten themselves infected,
- detected viruses on them, etc;
while my back yard remained clean. However, I've had a few strict policies:
- frizbee network: never stick anything into your floppy drive that's "been around" unless you plan to 'format';
- email: do not use MS Outlook, do not open unexpected attachments from people you know, do not touch stuff from people you don't know etc., etc.
Nowdays, using both W2k and Linux, I claim the (don't-check-for-viruses-and-don't-have-any) policy DEAD. At least for MS w/ Outlook and Explorer, a prompt anti-virus solution is a must.
If nimda was the ultimate lesson for typical corporate intranet environments, the Netsky & Bagle definitely break barriers in the category of private, spam-free, home user addresses.
And it's all probably because of this wrong (viruses-happen-to-losers-not-me) additute of just one of my otherwise cool e-mail-buddies that made it all possible for me: watching a bogus email w/ a virus dropping every 2-3 hrs into my private inbox, without a clue who really the sender is or whose set of contacts would correspond to the addresses in the spoofed TO: fields.
I haven't had any trouble with any of the non-M$ boxes I work with. But like it or not, I still have to use some M$ platform and sadly, no prevention is helpful - it cure, cure, cure, all the time...
Finally, someone who has really figured out the secret to code re-use!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
A lot /. readers are not familiar with Windows and may ask what "virus" means in computer science. So in order to better understand this article, here's a short presentation.
:
Virus are popular peer-to-peer sharing systems designed and optimized for Windows platforms.
Great features of these systems over other P2P systems
- It's free software, although the license is often missing.
- They are very well maintained. New versions are released almost every day.
- They are easy to use : no need for a GUI, no need for a CLI, everything is fully automated.
- Updates are also automatic.
- No need to tweak your firewall, popular viruses can work on port 25 using a SMTP-like protocol.
In order to join this community, you just have to run an installer called "outlook.exe". To improve your experience, the "internet explorer" add-on is also recommended.
And how handy, the installer and its add-on are part of the vanilla "Windows" installation CD set. No need to download anything and no registration is required. Very convenient.
Once the installer ("outlook.exe") has been started, an Evolution-like interface pops up. This is bloat, it can be safely ignored. Directly go to the "add contact" panel and fill in email addresses of friends you want to share executable with. Wait a few minutes (check the internet link is ok) et voila, viruses are automatically downloaded, installed and configured.
You know understand why this p2p system is so popular in the Windows world : easy to install, easy to use, and the operating system keeps a lot of unfixed security holes in order to avoid breaking backward-compatibility with older viruses.
{{.sig}}
There hasn't been a real security-hole based epidemic since the Day the MSSQL Servers Died. All of these recent worms are still based on the tried and true Stupid User vulnerability: there are apparently still people who will actually double-click on an unrequested screensaver file they got in the email.
As much as I am a Linux snob, the fact remains that you could just as easily do that to stupid Linux users: if they're using their computer for anything useful, they're able to send mail and run executables; that's the only requirements for a worm like this.
All's true that is mistrusted
Oops. I mean, Amavisd-new. Big difference.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
The code for my new virus is being released under the GPL
What someone really needs to do is make a virus that consists of several parts. Each part by itself would have no effect upon an infected computer except to run at startup and check for the existence of the other pieces.
If the final piece to run determined that all pieces were in place it would abort the startup process and display a dialog box with a button titled "I want to format my hard drive now" and a message saying something like:
"You are a bloody idiot and your computer has been infected with a virus. Not once. Not twice. Not thrice, but FOUR times!
You are too stupid to operate this computer further until you take it and have it professionally cleaned of viruses, trojans, spyware and other malware, have proper antivirus software and a firewall installed, receive some sort of training on keeping the antivirus software updated, and finally, are told in no uncertain terms to not immediately open each and every email attachment and to no longer download and install each and every cute little gorilla, gator, monkey or other furry or scaly creature that promises to make your internet experience ever so much better."
When they then click the "I want to format my hard drive now" button the activated virus would display a second dialog that says "You did not read the button at all did you?" and shut the computer off.
...because when my program (see sig) downloads and decodes it, it becomes a .txt file on disk no mater what the malware author names it. However, I have to protect the Windows registry entry that controls 'text file execution' by loading the double-clicked on text file into Notepad. To do that, I use a firewall and antivirus programs.
.bat.safe file (phony antivirus email?). When my program decoded it, it added .txt to the end of the file name. Perusing the malware with a hex editor, I notice the names of many antivirus and firewall programs listed in it. I'll bet the malware will 'search and destroy' such software in order to do it's dirty work.
.txt can be removed from the file to get the original filename back.
The other day, I got a malware exe disguised as a
By treating ALL email file attachments as 'text files' will make it almost impossible for a PC using my program to be compromised by malware. These 'text files' can be scanned for viruses or safely inspected with Notepad or a hex editor or simply deleted if not expected. If the file is kept, the rightmost
This method of handling file attachments also stops 'CLSID' trickery--using the CLSID for reserved file extensions instead of the extension itself.
virus.c 1:
// This Virus is Released Under the GPL
// If you violate the license, you will be infected
This signature was left intentionally blank.
more viruses, more problems
With the false positives, and the delays in identifying new viri, the virus writers have a gap in time and a gap in confidence that the detector is both timely and accurate.
For example McAfee Virus Scan reports a false positve for a development file SetCVSShellCommands.exe from NSIS (the installation program used by WinAmp and other programs). McAfee has been unresponsive on adapting Virus Scan so that it does not trigger a false positve. All they are interested in is actual viruses or -- in this misidentification -- spy ware.
I doubt that SetCVSShellCommands.exe -- basically NSIS itself with a custom script -- will be handled properly anytime soon.
This is not a new problem, though. One program I worked on about 10+ years ago was identified as a virus because it had a jump to a BIOS location and the string 123 in it (software reboot). At the time, the false positive was handled promptly and was not an issue when the virus detection software was updated.
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
Which means that certain marketing drones will run around in circles screaming "See! See! We told you so!"
"It is a greater offense to steal men's labor, than their clothes"
Sybari maintains a list of what it calls worm viri. If a mail message is found with one of those in it, Antigen simply purges the entire message. It doesn't send a notification to user or sender (spoofed most likely anyway) since it assumes it was an automated process. I don't know why the other Anti-Virus vendors haven't implemented a similar system.
Hoyty
I belive all information should be avaible for everybody, freedom shouldn't be sacrified for
idiots (yeahh, that includes microsoft monkeys and other brown noses like sales people and managers) that execute unknown code on their machines.
Remember some old electronic fanzine about virus coding "hex" something during my BBS time.
Hmmm, now thats an idea, are there any current open source antivirus products out there? If not, that could be a good way to combat virus's, my moms biggest complaint was when I made her buy trend micro's internet security 2004. She still doesn't see why its worth it. Might make users more supportive of opensource too.
The number of virus attacks originating in Australia leaped last year, putting it among the top five countries for virus generation, a new report claims.
Que Deus te de em dobro o que me desejas
[May God give you double that which you wish for me]
Problem is, about 99% of viruses that have come into our firm in the last 6 months have been nothing but virus - no legitimate content. Despite this, our antivirus tool has no option to use its 'knowledge' of the 100% illegitimate messages and simply delete these outright.
.mbx file before Eudora had a chance to move the attachment to the appropriate directory. Poof! My whole Inbox is gone!
My company has configured our PC-based/network-controlled Norton antivirus to be very aggressive in deleting possibly bad content. So aggressive, in fact, that it detected a virus signature in my Eudora
The reply from Data Security: "Eudora is not an approved application. Get rid of it." This was back when Outlook would still auto-execute from the preview pane.
Be careful what you ask for... you just might get it. Automatically deleting known bad content sounds fine, but it depends on a support department that's robust and flexible enough to distinguish the good from the bad. Ours was already overworked, starting from the day the VP opened that message from his secret admirer, with the subject "I love you!"
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
This is advertising disguised as news. Symantec's #1 marketing tool is fear mongering. They attempt to scare people into using their software by producing bogus studies.
Come on Slashdot. Quit publishing this fear mongering shit. You're basically providing Symantec with free advertising.
... or at least a large part of it.
I guess none of the virus kiddies know that the bandwitdth consumed by the worms is a large part of the problem they cause--not very many worms have even had destructive payloads* and we've still gotten hammered by them.
Of course, apparently no one else reads all those widely available reports on damage caused by the worms (securityfocus.com, incidents.org, slashdot, etc. etc. etc. have reported on such things).
(*Well, that depends on whether you consider the common payload of trojans 'destructive', they don't destroy any files directly, so I'm not classifying them as such, but they're not exactly benign...)
virus writers have been forced to include a non-warranty due to trojan horses posing as viri and DDoSing SCO and Microsoft.
Our street runs a "community based ISP.". Approx. 320 users on a switched 100 Mbit LAN. We run some Linux servers for standard services like mail, ftp, www, proxy, monitoring, firewall, etc).
19 October last year, we deployed RAV anti-virus from www.ravantivirus.com (now owned by Microsoft, who promptly announced that all RAV anti-virus software for Linux will be terminated).
Since October the 19th, 18.500 email viruses has been detected.
Dec 2003: 1700 viruses detected
Jan 2004: 3635 ""
Feb 2004: 7819 "",just slightly below one virus per day per user.
Mar 2004: (per 17 marts) shows a slightly downward trend with 4430 viruses detected (223 per day).
Only 8% of the viruses originate from within our network.
37% are Mydoom viruses
21% are Netsky variants
7% are Mymail viruses
Now, viruses are a problem. Everybody I talk to know to some extent that viruses are "bad". You sometimes read about high profile arrests of virus writers. Fine.
But spyware is IMHO an even bigger problem for a lot of users. They have a hard time understanding the concept, why they got it, and how to get rid of it, and why it seems to be totally legal to plant stealthy spyware on their PC. To me, and the people I explain what spyware is, spyware is hacking (cracking) in its most criminal sense, since the spying are done for clearly economic reasons.
If spyware were manufactured by pimple faced teenagers for no economic reason, I am sure they would be busted by the police as evil hackers. But since spyware hacking are made by so called businesses, it seems to be a totally OK practice by politicians and law enforcement agencies.
I believe in an open-source, collaborative environment. We need to built the best computer viruses possible. Free the software!
I was never infected by a virus.
Howver, sometime ago someone who kept my (professional) email address must have been infected
and now I am receiving all sorts of stupid spamm,
including unsolicited offers, plain bullshitt and erotic things. Its a real noisance I I depend a lot
on email for my work.
Overall these bastards are taking way a big part of the benefits of this fantastic technology (email).
The only thing I do (from time to time)is to inform the postmaster@domain they use as repply to.
Any other clue of what can be done otherwise?
>Yeah, right. The customer is not going to test first because Microsoft says it's ok?
Wait a second, windows users are wrong for not updating and Microsoft is wrong for providing yet another downloadable tool to help people stay patched?
Oh please, this knee-jerk MS bashing is going too far. Yes, you are still free to test your home machine and no one running a server is going to do this. Yes, heaven forbid windows users get patched so I dont get days of network downtime when the next 'click me' virus hits. Heaven forbid Joe User's computer just doesnt update and firewall itself.
These people chose microsoft over apple, let them live with the consequences. On top of that MS patches have been very good of late and are not the patches and service packs of the NT4 era.
Yay! exports are up. I knew all the toadying to the US would pay off for us eventually.
This competition in distributed computing is becoming even more popular than CETI@HOME
Australia shot from 14th place to 5th over the last six months of 2003
I doubt that we will ever figure out - and I suspect that even if we did figure out we couldn't do much about it
I am amazed the similarity between computer viruses and real viruses.
These computer viruses are evolving just like real ones. Albeit, these viruses need deliberate input from hosts, they are changing.. What scares me is what happens when a coder learns how real viruses (like Nesseria gonorrhea ) can change their 'signature' randomly and constantly. Then we all will be screwed..
So lets keep CompSci people out of the Bio labs!
Mike Jones-{ Genetic Engineer, in Training }-
See, this just shows you that the open source ideal works. Sharing the code from Mozilla, BSD, and Linux creates a more effective networking platform. Sharing the code to SoBig creates a more effective way of showing everyone why they should use the aforementioned software.
Sweet! I'll come and rob your house, after all, you didn't have adequate security, yes it is stupid, and your fault. Blaming others for your problem is no way to solve them.
MS should spend some money doing some quick media for the not-so-clueful to explain why...
Software companies used to provide tons of printed manuals with their products that people didn't read. Now they provide electronic manuals and websites that people don't read. Anyone who has ever worked in an IT role knows that you average two brain cell, mid level manager couldn't care less about 'what you tech guys do over in your office' so long as they still get their long lunch and company car. As for the home user... forget it. After you spend an hour explaining to granny what an attachment is odds are she will just open it anyway.
The problem is that people are inherently disinterested in anything outside their confort zone. Even if you explained it too them 15 times they will still open the attachment. You just need to look at how much money heath organisations have put into anti smoking campaigns with limited success, people don't listen. Don't waste your breath and deffinately don't waste another rain forest printing instructions.
Join the rest of us for a beer instead.
Windows auto-updating itself would be a huge problem. Why? Because I let mine do that a few months ago (Norton AV was running in the background) and the update which happened to be Windows 2000 Service Pack 3 contained a worm right in one of the CAB files off Microsoft's web site. Considering Windows to be unreliable and Microsoft a company one can't trust, having Windows auto-update itself will only bring yet more trouble if any benefits and all. And then there's the whole issue of (lack of) privacy with such a scheme.
Anyone seen the Phoenix BIOS and Microsoft merger post from yesterday?
1.all ISPs & mail providers should be running virus checkers. This includes AOL, MSN, Hotmail, Yahoo etc.
For all but the smallest mom-and-pop ISP, getting 1 copy of a decent email scanner and setting it up on the server isnt going to break the bank.
2.all virus programs should auto-update regularly and also should run both after they update and periodicly on a regular basis.
This just in:
Virus writing is now a bootable offence.
-- Karma Karma Karma Karma, Karma Chameleon - Boy George