Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nasty New Virus Variants

Posted by timothy on from the must-have-windows-to-try dept.

Lucidus writes "Numerous journals, such as Mac Daily News and The Motley Fool, are reporting that the latest versions of the Beagle/Bagle virus can infect users' computers whether or not they open an attachment. Apparently, the simple act of selecting the message activates the code. Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?"

11 of 1,050 comments (clear)

  1. Aside from... by ZiZ · · Score: 5, Insightful
    ...applying the patch which the article says was out last October?

    I don't know. Webmail, one of the numerous non-vulnerable email clients for Windows, maybe give up email entirely?

    --
    This flies in the face of science.
  2. How about... by Spacejock · · Score: 5, Insightful

    ... using email software which doesn't render HTML, and instead shows it as plain text without images?

    Yes, I wrote it. I wrote it because 99% of the messages I receive in HTML format are advertising. Most of those use dinky little images with referrer IDs to verify your email address is valid. The 1% I really need to see in HTML ... well the program has a link so you can view it in your default browser, if you really have to.

    I know it's going back to the dark ages, but maybe NOT running javascript, html, etc is actually GOOD when it comes to emails.

    I'm not advertising this thing, it's freeware anyway. I was a moderately happy Outlook Express user for years, but the lack of spam torturing implements drove me to write my own. Yes, I tried Mozilla, Eudora, etc etc. I think Thunderbird looks interesting too, and I recommend it. But personally I can't do without my POP3 preview window with colour tagging for spam, valid mail, blocked senders, ignored, etc. And deleting stuff before download. And bayesian filtering. And anything else I feel like adding, whenever I want to.

    --
    Hal Spacejock: Science Fiction with Nuts
  3. Re: Monoculture is bad by Black+Parrot · · Score: 5, Insightful


    > But as there are way too many deployments of Outlook as it is, and because it is Outlook/IE that is being exploited, the first solution would be to increase diversity in that field.

    IMO e-mail viruses don't result from monoculture; they result from bad software design. Namely, e-mail clients that execute attachments.

    We'd have Linux e-mail viruses in a minute if the popular e-mail clients added support for automatic execution of attachments. (Assuming anyone was foolish enough to use them.)

    --
    Sheesh, evil *and* a jerk. -- Jade
  4. All you poor poor Outlook users by GillBates0 · · Score: 5, Insightful

    I pity you so :'( tsk tsk
    Proud user of Pine since 1994. Thank you, Univ. of Washington!

    ? HELP - Get help using Pine

    C COMPOSE MESSAGE - Compose and send a message

    I MESSAGE INDEX - View messages in current folder

    L FOLDER LIST - Select a folder to view

    A ADDRESS BOOK - Update address book

    S SETUP - Configure Pine Options

    Q QUIT - Leave the Pine program

    Copyright 1989-2003. PINE is a trademark of the University of Washington.
    ? Help P PrevCmd R RelNotes
    O OTHER CMDS > [ListFldrs] N NextCmd K KBLock

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  5. Re:Switch!!! by golgotha007 · · Score: 5, Insightful

    you don't really need to go so far as to switch operating systems. perhaps this is a wake up call for those to switch to different applications that have the same or similar functionality.

    i use both windows and linux machines day to day.
    on my windows machines, i've activated the built-in firewall and use Mozilla Thunderbird for mail and Mozilla Firefox for web browsing.

    i have zero problems with viruses or worms.

    The real culprits here are IE, MS Outlook (& Express).

  6. Re:Switch!!! by dougmc · · Score: 5, Insightful
    The reason most (or all) viruses are written for Windows is because that's where they'll do the most damage, since most people use Windows.
    There is some truth to this.
    If everyone switches to Linux or Mac OS then you'll start to see viruses for those operating systems.
    Some more truth ...
    You should be glad you're in the OS minority. That's what's keeping virus writers away from your system.
    That's one small thing that's keeping virii out of my system. But it's only a small thing. Other things?

    My mail client (mutt) does not run under an account that has full access to the entire system. Instead, it runs as me, and cannot replace parts of the OS even if it wants to. So it can't do things like replace part of the TCP/IP stack -- a popular Windows worm/virus trick.

    My mail client does not automatically execute things sent to it. Instead, it shows me the text included in a file, and if I want to, I can open an external program to view it (like a movie player.) But under no conditions does it execute the email as a program, unless I save it to a file myself and execute that.

    ... And I know better than to do that unless I trust the source of the file, or can read through it and tell what it does.

  7. The solution is easy, but... by Infonaut · · Score: 5, Insightful
    The fact of the matter is that we're dealing with Windows. Most Windows users just want to use their computer and know as little as they can about how it actually works. They don't know the meaning of terms like "dialog box", "alert message", "preview panel" and so on.

    I'm not saying this to single out Windows users. Most non-professional Mac users are the same way. It's just that Windows is used by people who use what everyone else uses because they feel safe in doing so. They may not know how their computers work, but they're more afraid of looking deviant than having technical malfunctions.

    The subconscious refrain of Windows users around the globe is, "Well, at least I'm not the only one with this problem."

    Those Windows users who actively try to prepare themselves against the almost daily barrage of new worms, viruses, vulnerabilities, and other Windows annoyances still have a difficult time keeping up with it all. Even experienced Windows power users frequently find themselves overpowered by the ongoing war against malicious code.

    So the solution to this vulnerability is simple. But when you look at the situation in context, the potential for widespread havoc is a lot greater.

    --
    Read the EFF's Fair Use FAQ
  8. Re: Monoculture is bad by bgarrett · · Score: 5, Insightful

    Bad software design can emerge from a monoculture. Linux et al. is mostly virus-free because there is no Linux Inc. who writes email clients that auto-execute attachments simply because some corporate customers like it that way. The design goals and objectives of FOSS are capable of being highly secure because there is no central management ensuring that something else takes priority at all costs.

    --
    Nothing worth doing is worth doing today.
  9. Devil's Advocate by EventHorizon · · Score: 5, Insightful

    I love Linux and have used it since 1996, but I don't love half-truths. Mods, do what you must:

    1. Unless you have a special 'l00s4h' account for running network programs, you can lose anything owned by your normal account. Typically that's all your data (norp, zeraw, 3PMs, financial data, etc). You're saying losing all that stuff is _better_ than losing the core OS, which you can replace over HTTP in 10 minutes?

    2. Even with 'l00s4h', if your kernel has priviledge escalation bugs, bad guys can still get r00t. Linux had two of these in the past six months.

    3. You've personally audited mutt for overflow issues? How about the 1GB mozilla codebase?

    4. You trust Debian? Gentoo? GNU? Even though they don't always cryptographically sign binaries and even though their servers were 0wned a few weeks back?

    5. apt-get, emerge, etc don't typically use SSL, so how do you know you aren't being man-in-the-middled when you run it (as root)?

    Linux can be made more secure than d0ze--but don't delude yourself, or others.

  10. Re:Simple... by Perseid · · Score: 5, Insightful

    People have a tendency to forget that the evil-nasty viruses come out BEFORE the virus-scan developers have a chance to add it to their software. It is very possible to have the newest AV updates and get hit by a virus.

    People who hide behind virus scanners as if they solve all of the world's problems are part of the problem themselves.

  11. Re:Simple... by dustmite · · Score: 5, Insightful

    Yes, it's actually impossible to be protected against the 'latest virus that just came out', because it's impossible that your AV vendor has protection against a brand new immediately (unless the AV vendor wrote it themselves). There always must be a "window" between time of discovery of a new virus and the time that your AV is updated to protect against it during which you are vulnerable, and this is typically anything from a few hours to a few days.

    But just try to explain this logic to the damn "if you run an AV and keep your definitions up to date you'll have no problems" crowd ..