Slashdot Mirror
New Viruses Hit 30-Month High
Mz6 writes "InformationWeek reports that Sophos has analysed and protected against 959 new viruses in May, this is the highest number of new viruses discovered in a single month since December 2001. From Sophos' own TopTen list they continue on to say that the 'Sasser and Netsky worms may have captured the headlines. ...May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.'"
That Sophos antivirus has the somewhat incredible problem of not being able to remove and clean viruses on an infected host... but hey, at least we know they're there.
"Other bands play, but Manowar KILLS"
"Kowing is half the battle!"
On a totally unrelated note.. is it bad when you post comments to your own stories?
Hmmm.
... the school semester ends in May. What are all those CS graduates supposed to do in between being rejected for an interview and filling in a McDonald's application!
that explains the porn advertisement posts on my blog with IPs tracing back to infected machines all over the world...
damn those script kiddies.
Correction: "...walk away with BILLIONS of dollars in the bank."
This is why security at the operating system layer is so important. How many homes and businesses are broken in to every day worldwide? Tens of thousands, I am sure. Computer crime will escalate in the future, to the point that virus software will probably barely be able to keep up.
Laws aren't going to stop this kind of thing, we need better solutions for security that automatically adapt and defend the end user or system they are on.
I'm investing in a hazmat licence with all the infections I see on enduser computers.
What could possibly go wrong?
to boost virus levels 30 months ago to never before seen heights.
What is this profane practice called "Kowing" of which you refer?
While watching those after school specials you forgot how to spell "knowing".. D'oh!
The release of the Phatbot source made most of this possible. Agobot had over a thousand variants because any kid with GCC could change half a dozen strings, pick a new list of tasks to kill, pick a new IRC server to report back to for 'pwn3rship' and then pack the thing up with the executable compressor of his choice.
Not everything should be released under the GPL, I'm afraid.
Isn't it freakin' obvious that computer viruses are written by rebellious and outcast youth who (like most youths) consider themselves invincible? Anyone with the slightest incling of the rebellious mind will recognise that arresting someone for an act will encourage others to commit the same act. German kids used to consider it "kinda wrong" to write and release worms, now the government has gone ahead re-enforced the wrongness of that act. The fact that Microsoft ponied up a cash reward just broadcasts the message that writing and distributing worms really pisses them off (whereas before worm writers had nothing but an assumption). That message is now clear. Hate Microsoft? Wanna rebel against society? Write a worm!
How we know is more important than what we know.
May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.
I doubt these arrests ever really curb the problem but instead add to it. Those that are captured get their names known world wide and are considered by many l33t hackers, although most are nothing more than script kiddies. Some (Mitnick for one) start successful security consulting businesses and become published authors afterwards.
On the other hand, the monetary rewards for turning in a virus writer might be a better deterrent. I know people that would snitch on their own mothers for a reward!
With all these viruses out there you should use this as an advantage to show people Linux or at least install Mozilla on their system so they wont open as many possible viruses in the future. Right now I bet there is a record number of people who are sick of using their computer right now. So it is you chance to be the savior and show them linux (Just the simple stuff web browsing, word processing, Printing, playing MP3) if they are sick enough of windows they will let you give linux a try. If they won't then at least see if they are willing to run Mozilla instead of IE.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Of course the sheer number of computers out there and various OS flaws makes for more virus targets, but as for actual viruses, I attribute this to more people just know how to code. Coding has steadily become something with a large 'entry learning cost', to something many more people could do. Whether intentional or not, the average joe is becoming more exposed to the methodology of writing functional pieces of code through macros, application-specific scripts, etc. And as more jobs are offshored and people in other countries learn and become proficient at it, it's as simple as with a larger base of people knowing how to write code, and a constant ratio of all people with bad intentions, it will just keep increasing.
Anyway, my two cents.
Be very, very careful what you put into that head, because you will never, ever get it out. -Thomas Cardinal Wolsey
All of their top ten are W32 viruses. This isn't surprising at all- but my question is, is it because of W32 being an inherantly insecure platform (which it certainly IS) or is it because Sophos doesn't track anything else?
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
GET BACK TO WORK
You want :-O?
Based on the last few analyses I've seen, it appears that occurrences of real "new" viruses, meaning ones made from whole cloth that "advance the state of the art", as it were, haven't really been up that much.
What does seem to be up are "copycat" viruses--viruses that seem to be made from the new viruses. Either people are getting hold of the source to viruses, making a few modifications (to 'set their thumbprint' on them), and releasing them, or else just reverse-engineering the viruses. These "copycat" viruses do appear to be on the upswing. On the other hand, from all reports, the copycats tend to be poorly written and have flaws that either limit their spread or else limit their effectiveness.
The real innovators, though, are definitely getting better every year.
Is anyone doing that kind of analysis: rate of increase of "innovative", more dangerous viruses vs. random, garbage mods of existing ones? That would be an interesting glimpse into the state of the virus "industry".
(not that I want there to be -- I'd be happy if all these sociopathic virus writers found something more productive to do, or just f****d off and died.)
Am I part of the core demographic for Swedish Fish?
What a joke!
"...noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan, the German teenager who has owned up to writing Sasser and Netsky has done nothing to curb the problem."
Oh right, so the arrest of Sven was going to solve the problem...? Maybe he wasn't the cybercrime boss after all..? Idiots.
Wow. Am I ever glad that most of my boxes run DragonFly BSD...
May 8-{
How many of these affect Linux?
Oh, right.
And how is this news? Windows users expect to get hit by viruses; this is nothing new.
When Linux starts getting hit, then I'll take notice.
All those people who claim that Linux is ready for the desktop conveniently forget that it still doesn't support anywhere near the number of viruses that Windows does. A single release of Windows contains more virus enablement than all releases of Linux combined. When it comes down to it, Linux won't ever break into the desktop mainstream until Linus improves support for viruses.
The society for a thought-free internet welcomes you.
... is there, for example, a 'free' and/or 'free' antivirus tool that will run on *BSD and scan filesystems for PC/Windows virii? .
I find your ideas intriguing and I wish to subscribe to your newsletter.
I am sure most of them see it as a joke or some political statement. But the political statement is pretty lame because no one knows what your angry about, "I Made this virus to protest the war?", "I made this virus to protest the the treatment of X", "I Made this virus because I dont like X company". When you get a virus it doesn't seem to spur the ideas that the virus writer wanted to portray.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Most viruses, like Bagel and Netsky, spread via user stupidity. They e-mail themselves to everyone on your list, and then people open them, and infect themsleves, etc. The exploit viruses are far rarer.
well dont you think it could be the programmers from various anti-virus companies trying to keep their jobs? thats my theory. -ian
/ian
Sophos works just fine...
Say this with me: EDUCATE THE PERSON.
I can't even estimate the number of people with whom I've dealt that have expired, disabled or even damaged anti-virus programs on their computers. Their justification is "I don't know about spending that $X/yr...I don't need it."
For those with Windows versions that have the auto update features available, I can't even estimate the number of people with whom I've dealt that have it disabled, inactive or just ignore it. Their justification is "it slows down my AOL and it keeps popping stuff up or tries to restart the PC."
It's *GREAT* for business and part of me wants to thank the virus writers, spammers and spyware folks...you're providing me with a chance to make some beer money. However, what it boils down to is SOMEONE has to educate the masses...and that someone is all of us; even if we just remind our family and close friends.
Before your little brother or sister [son or daughter] go back to college this fall, MAKE SURE THEIR PC IS SECURE. The college folk with whom I've dealt have epidemics happening on campus...the networks are so overloaded that it's difficult to even fix the machine without taking it home.
...NGCSB becomes a reality. Then all our problems will be solved.
This case is particularly clear - forget about punishing the behaviour - just fix the technical problems that allow worms and virii to exist.
There may be no I or U in TEAM, but you can make meat out one.
Nobody seems to be bringing up the possibility that the rise in viruses could be attempts at economic warfare. There are a lot of people disgruntled with the US and the West and some of them are probably good programmers.
It would be interesting to compare the economic costs of losing the World Trade Center buildings to the economic cost of viruses and fighting them.
It could be a case of "we are at war with you and I made this virus to cost you money and productivity."
Most of these worms exploit buffer overflows.
Just like most exploits under Unix systems.
I think we'll see less occurances of theses worms when NX-compatible processors become common.
Like AMD64 processors...
If i was going to write a virus, it would be an oldschool virus, and would display a skull on the screen with "Fuck the RIAA" scrolling across the screen, then remove itself.
Snowden and Manning are heroes.
There's a good page on stopping comment spam here.
Vino, gyno, and techno -Bruce Sterling
That'll teach people what outsourcing can lead to!
You could try:
ClamAV, A GPL virus scanner featuring:
* command-line scanner
* fast, multi-threaded daemon
* milter interface for sendmail
* database updater with support for digital signatures
* virus scanner C library
* on-access scanning (Linux and FreeBSD)
* detection of over 20000 viruses, worms and trojans
* built-in support for RAR (2.0), Zip, Gzip, Bzip2
* built-in support for Mbox, Maildir and raw mail files
I use ClamAV on my mail server and it works pretty good.
There is also an open source windows version called ClamWin Antivirus.
I'd say that social engineering worms are superior to every other type of malware, no matter how elegantly written past viruses/worms may have been. Why bother with rewriting partition tables, privilege elevation exploits, or VB scripts that take over Outlook, when the user will willingly run the code based on a one sentence message from some stranger? If you had told me this 10 years ago, I would have laughed at the prospect that gullibility and ease-of-use would be the two greatest threats to computer security. Amazing.
Sasser may have generated the most complaints for lazy [and/or clueless] admins, but these mailer worms are the biggest headache for me. Unlike Sasser (we have no cases of it), the social engineering ploy is going to continue to be effective until e-mail as we know it changes. Sender authentication + SMTP would fix both spam and virus problems, unfortunately at a great cost in convenience to users. Considering that almost everyone I know receives 90 per cent spam/viruses in their inboxes every day, that inconvenience is looking more trivial every year.
Fred
"A fool and his freedom are soon parted"
-RMS
I think I will just keep that FAT32 partition for storage.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
I wonder if virus writters know the damage they do...
What damage are you talking about?
I think viruses do more to strengthen the software business than cheap powerful and unbreakable software does.
ie: Imagine someone who doesn't know a thing about computers, being able to go out and get a computer system, set it up, and have 0 problems with it. That would put 99% of I.T. businesses out of business!
"If anything can go wrong, it will." - Murphy
Sophos, in case you've forgotten, are the same bunch of asshats who asserted to the media that Linux advocates were responsible for the MyDoom worm.
Unfortunately most ISPs don't qualify as much more knowledgable than most users. Therefore they'd find a cheap solution and deploy it. Period. I'm waiting fearfully for Cisco or somebody to introduce a cheap/powerful enough router or some piece of head-end gear that the ISPs will just turn on stateful packet filtering across the board, and deny all incoming connections.
And of course this still won't stop the problems, because there will still be other disease vectors besides incoming connections. So I also won't be surprised to see rate limits on outgoing email and filters on every outgoing port where the ISP provides that service in-house.
They've only begun closing down the Internet. There's lots more to go, in the name of spam, virii, and terrorism.
As for 'users capable of administering their own connection,' no way. Who evaluates? Giving every idiot who simply asks full privileges opens the floodgates, again. Probably the simplest, most likely thing would be to allow MSCEs to administer their own connections. Is that what you really wanted?
Mildly off-topic... Sometime I'd like to take a look at the most simply-caught spam. IMHO, spam would be a great way to broadcast clandesting (including terrorist) information. Nobody reads the stuff, or at least most people try not to. A little deception, a little steganography, a little encryption, a little spread-spectrum, (split/interleave the message amoung many pieces of spam) and you've got a terrific worldwide communications channel.
The living have better things to do than to continue hating the dead.
I use ClamAV on my mail server and it works pretty good.
When you think mediocrity, think ClamAV
In God we trust...all others please have two forms of ID
If Microsoft cares so much about security now, then why don't they include free virus scanning software with Windows?
At least MS will be adding better Anti-Virus integration support for 3rd party anti-virus developers in Windows XP SP2. Article
Im dreaming ofa big bndwdth, That can resist the
seriously.. this is funny.. :(
....dont say any more or Mr.Bush might come with some new sort of terror threat/conspiracy theory as to why his popularity is failing
Don't worry. Even if all the virus writers go away, there will still be the spammers and the spyware writers. Not to mention the really-shitty-driver writers. They're the most nefarious of the bunch.
We all know it, but in some environments, virus and spam crap keeps some ITs in their jobs. So as much as we curse spam and virus authors, it does keep getting us our paycheck time and time again.
Get a mac, even a used one, and you won't have to worry about this crap.
- Zav - Imagine a Beowulf cluster of insensitive clods...
And I don't mean "will instantly wipe your hard drive".
I mean ones that will randomly alter numbers in Excel spreadsheets and Access databases.
At the moment, viruses are just a really huge annoyance and a means for spammers to grab more zombies.
I think the copycat viruses are because it is far easier to copy what someone else has already proven than it is to do original work. I also believe that most virus writers aren't that great at writing code. But that's just my personal opinion. The majority of "viruses" I see via the email scanner are the old "click the attachment" types of trojans. Social engineering.
Spyware may be the next playground for the virus writers. God help us all if 30 million spyware trojans get hijacked.
When you think mediocrity, think ClamAV
That might actually help it penetrate the corporate and academic markets.
Seriously though, the names of some OSS projects totally preclude their penetration in some markets. I asked my boss if we could put 'the GIMP' on the image for the summer, and only purchase a Photoshop seat when requested; she laughed at me and said 'no', then asked what the GIMP was.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
Thanks, that looks excellent, just what the doctor ordered. I love slashdot, it's every bit as helpful as usenet, but faster! :-)
I find your ideas intriguing and I wish to subscribe to your newsletter.
FYI: Other AV companies (like sophos) detect well over 90,000 viruses, worms, and trojans. I would not be touting 20k.
This serves to further complicate an already complicated system, and so strange side effects are more likely to pop-up (no pun intended). Such as between badly written printer drivers and firewall software, of all things.
Foolishly, a couple weeks ago I volunteered to help a friend out with his home computer. Of course, it was practically locked up with all the crap he had on there. I re-installed it (XP Home), put on the cr. updates, got him set up with Mozilla, AdAware, Spybot S&D, and ZoneAlarm.
I even talked him into getting his family members to use a limited account on the system, to hopefully keep the system as clean as possible for as long as possible. (However, I now realize that many games and other apps don't run properly under anything but an Admin account... so what's the use of that? Growl...)
Printer was working, everything. So I handed it over to him, and a couple days later he calls me to tell me that the printer stopped working. In his effort to be helpful, he clumsily re-installed the printer drivers, but with the old version, not the new. I got it straightened out again, and after some research, discovered that his printer driver (for an HP Photosmart 7350), has some kind of funky problem with the latest version of the free Zone Alarm. But I managed a workaround to this by having him restart his printer driver service. That was yesterday.
Now, something else has happened to the printer, the goddamned thing won't print at all, and re-installing the printer drivers makes not ONE fucking difference.
So what's my point (other than the one under my hat ha-ha)?
1) We have to try to protect ourselves from all the low-lifes trying to own our systems, and in so doing, make our systems even more complicated and difficult to get them to perform the tasks we have them for in the first goddamned place.
2) No matter how much you straighten out somebody's system for them, they can balls it right up again within a short span. Only this time, it's YOUR fault. (I thought of keeping the admin password only to myself for the trial period, but as I mentioned, in order to use it for games, they have to log in as Admin. So they can change anything, install anything, and then play innocent when it breaks.)
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
There are solutions for scanning for and removing virii without having to run from the compromised environment!
http://www.avast.com/i_idt_154.html
But that fact aside, the real point to antivirus software is to prevent a virus-infected piece of code from being run on a previously uninfected machine. If a scanner works properly, it will identify the malicious code BEFORE the computer gets a chance to run it and allow it to cause damage. Why is this concept "doomed" from the start?? In my experience, it's exceedingly rare that someone gets a virus infection while running the most current version of a quality antivirus product. The trouble generally starts when people either stop getting regular signature updates *OR* keep renewing subscriptions for 2+ year old versions of scanners. (EG. If you run Norton AntiVirus 2001 on your Windows PC, having the latest signature updates may not do you loads of good, because the main "engine" that tries to match up code against the signatures isn't as intelligent as the "engine" used in their 2004 version of the product.)
http://securityresponse.symantec.com/avcenter/venc /data/w64.rugrat.3344.html
When 64-bit Windows is widely available, the viruses will already be there waiting!
that once biotech takes off we'll see the same explosion in human virii that we currently see in their digital cognates.
'Bitter, disillusioned teenager (or bitter, disillusioned terrorist) whips up new version of influenza, pictures and patches at eleven. If you live on the south side of the river, however, you're as good as dead, please try X brand tylenol for all your lethal-flu-related misery.'
BTW, what would a human equivalent to 'Windows Update' look like?
- undoware.ca
At the risk of sounding like a bigger loser than I really am:
One time, when I was bored a number of years ago (think, 10-12 years ago), I was browsing through the complete listing of viruses for the Mac that the virus scanner would catch. There were only a couple hundred at the time, and pretty much all of them were trojans.
Something that struck me was the number of political ones. A rather significant percentage were designed to spread a message. I find this interesting, because nowadays, that political element seems to be totally gone. That's not to say they didn't have destructive payloads - I recall that more often than not, they did.
I think it would be a fairly interesting study to hunt down early virus databases and compare them to ones today.
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
...as opposed to coincidentally or ironically...
I ran into my first virus problem in over three years this last week. I wasn't concerned enough to actually get the name of it, but it wasn't anything I've seen making any headlines. All I remember is Norton found it and eradicated it (apparently) before it did anything.
But it was enough to get my attention when my box screamed "virus alert!" at me in the middle of listening to music. Oh well, no worries.
I've read not one but two articles on this recently, too, that Linksys has problems with not only the wireless (shudder, who would want THAT headache) but also their BEFSR-41 plain old wired router. HardOCP I believe had one of em, link over and read up.
Thankfully, companies like BellSouth (like they need praise) DO send out Westel dsl modems that have NAT functions built in, so maybe some folks are being spared a number of online goodies being sent to them. Lets at least hope!
goodnight and have a pleasant tomorrow
I'd love to ditch Windows and move my PC over the rainbow to Linux, but dammit, there are no known drivers for my wireless card! Will someone PLEASE code some drivers for the D-Link DWL-G510 card? I'd do it myself, but the last time I did any programming was back in high school on an Apple //e, and methinks things have advanced a bit since Applesoft BASIC was the standard.
I'd buy a new Mac but I just built the PC and there's no chance in hell of my convincing the wife to let me spend MORE money now.
I am sure most of them see it as a joke or some political statement. But the political statement is pretty lame because no one knows what your angry about, "I Made this virus to protest the war?", "I made this virus to protest the the treatment of X", "I Made this virus because I don't like X company". When you get a virus it doesn't seem to spur the ideas that the virus writer wanted to portray.
This is exactly why I don't think that worms are primarily the work of geeks. If it was then they would make statements. We would see stuff like:
1) a worm that deletes harddrives that _don't_ have mp3s, released during the fall of napster.
2) People complain about the commercialization of the web. Someone would use a worm to install ad blocking stuff in IE, to put the advertisers out of business.
but we don't see stuff like that. We see Trojans and spam networks mostly, with the occasional anti-worm.
I don't believe its geek kids just out to do damage either, because they hardly delete harddrives anymore. I think Bruce Perens is right, that its primarily the work of spammers, not crackers or script kiddies.
All this goes to show that one of the few profitable occupations is to be a virus writer.
Err, just do something bad that generally makes life less enjoyable for the masses. You're guaranteed success. If Bush gets re-elected them my point is proven.
*snickers* I keed I keed
Presently here, but not there.
It may sound trollish but i wonder why do are people and especially company's not switching over to linux or osX in droves?
It instantly fixes so many security problems that it seems like an easy decision.
What are the factors, apart from enertia, that keep em hooked?
f-prot has a native bsd version, with free cron job to download updates!
Music is everybody's possession.
It's only publishers who think that people own it.
Fuck Beta
~John Lenno
A very good parent post. You should forward a copy of it to all of your friends by email.
I'm still trying to figure out what people mean by 'social skills' here.
Herbert A. Zimmerman's doorMAT factory.
No Highschool diploma, ahh...
I hear houses without carpets are easier to clean and there aren't any carpet fibers to host the lice and mold and fungus that cause breathing problems in children and generally all Asthmatics.
HAZMAT...ahhhh, mommy.
There are several infection vectors used by the current round of viruses. I'm assuming that even fully patched versions of Windows, Outlook Express, and Internet Explorer are vulnerable to security exploits (they are).
.zip file where the password was given in the email body?
1: Executable attached to email, either auto-infecting or using the social engineering made possible by Microsoft's "virus-friendly" File Extension Hiding. So people click on what they think is a text file attachment (where even the icon makes them think that it is a genuine text file). As I've repeatedly said before, it is time that Microsoft released a patch to completely diasble and remove this dubious feature from Windows.
Cure: Use a non-Microsoft email reader - Pegasus Mail, Thunderbird, whatever.
2: Social engineering via email. Who in their right mind would open an attached password-protected
Cure: User education.
3: Seemingly innocent HTML emails which contain an OBJECT DATA exploit.
Cure: Don't use Outlook. Use an email gateway box running MailScanner to disarm dangerous HTML tags.
4: Worms spread via direct connect to your PC.
Cure: Proper firewalling, use application proxies and don't NAT anything to the net. This is more appropriate in a corporate environment.
5: Web pages with dangerous HTML which, by exploiting IE or Outlook Express vulnernabilities, run malware on your PC.
Cure: Use a proxy server which strips all dangerous tags; Dump Internet Explorer and use Mozilla Firefox instead.
6: You are "Protected" by Antivirus software but the virus / worm got you before the vendor's weekly update came out. (Waving to McAfee and Symantec as I write this). This is the BIGGEST change I've seen in virus behaviour this year. Since February, we've been catching viruses/worms before some of the main vendors have had updated patterns out. (thanks ClamAV and Bitdefender).
Cure: Antivirus vendors need to release patterns as soon as they've got the virus signatures tested, and not wait to see if an outbreak happens. Users need to update their virus patterns on an hourly basis, not weekly.
That'll do for starters.
i've installed clamav on osx too just by the way, i don't think it fully works...clamd not running and i'm not sure if i can't get clamscan to work because im making a configuration foobar of some other reason... but certainly clamscan can be used to scan files from terminal.
and i think freshclam may not be the only way to update the virus definitions but i've not looked too hard into it
Offline processing. Set a simple filter against the inbox, and have it collect/consolidate for you while you're out acting like a pillar of the community. Using the web could be automated, but it would be more trouble.
Besides, using spam has the good (to clandestine types) side-effect of clogging the Internet and annoying Westerners.
The living have better things to do than to continue hating the dead.
even the arrest of Sven Jaschan ...has done nothing to curb the problem
What about the public evisceration and flaying of Mr. Jaschan alive? I'd say by the time you've brutally tortured to death your 5th or 6th l33t hax0r, the number of new viruses might just start to fall.
(having just spent all last night cleaning & disinfecting a friend's home LAN, after one of his kids accidently went to a wrong url...)
-Styopa
To be honest, thats not really a suprise and is one of the reasons I've just wiped my windows disk and installed linux. Perhaps if more people did the same the problems wouldn't be so bad...?
I'm a network admin for a school. We run linux, OS X and predominantly WINDOWS. We haven't had a virus incident in over 4 years (since I started).
Why you ask?
We scan/filter web content, email, and every single file that comes and goes from our systems. We prohibit users from installing any software (via software enforced lockdown - not "honor system"). We distribute patches on a timely basis via automated patch management systems (microsoft makes this particularly easy).
Bottom line - we prevent stupid users from doing stupid things.
This will NEVER happen with a non-technical home user. As long as the home user is responsible for keeping his/her machine patched/updated and can mindlessly install software we will ALWAYS have this problem. I know people who KNOWINGLY have infected machines spewing out god knows what - and they don't take the effort to clean their machines because the machines still run!
It doesn't matter whether it's Linux, OS X, or Windows. If OS X reaches 95% market penetration, malware writers will write crap to run on those machines. Stupid people are the problem - not the platforms.
-ted
I have never been infected by a windows virus. And it's not like I do a whole lot of fuckin work to prevent it either. I only have 1 windows box, my laptop. It dual boots with slackware, I only use it for school. Whenever I boot up I run my symantec update, takes less than two minutes. I then check windows update, unless there is a service pack this only takes a couple of minutes as well. None of this is fuckin rocket science and it takes less than ten minutes a day. I understand in a corporate enviroment that it isn't this easy, but for home users it shouldn't be that fuckin hard. People are just to fucking lazy, they deserve whatever shit they get if they can't take a few minutes to do these two things.
defiance
http://stageofbattle.org
The dramatic rise in viruses means the economy is on the mend. Isn't that an old trailing indicator from way back--when the number of new computer viruses rises, the economy is back to full tilt?
What those who want activist courts fear is rule by the people.
Sophos is hardly a definitive source. I'm usually more surprised when their AV catches a virus that when it fails too. Indeed, combine Sophas AV with their PureMessage anti-spam product and you will virtually guarantee that no email will ever get to a user at your organization. Unless it happens to be a new virus. Though I also dislike the Trend av product, their virus tracking center is at least trustable.
In my recent series of interviews, I applied for a Lead Programmer position requiring extensive experience in C++, VB, SQL, and administration experience in SQL Server 6.5 through 2000.
Most of the people bidding against me were asking for less than half of your figure, and had been working in the industry for several years. This is one example, though it is both typical of my own experience, and of the experience of every IT person I know.
I think you fail to realize just how bad the tech economy really is. The CS grads aren't angry about not being able to find a $100,000 IT job...they are angry about not being able to find an IT job at all.
According to this article anyway. Corporate policies may emphasize security, but getting managers to actually live up to them is another issue entirely.
And when the viruses cause harm, they never blame their own bad security practices. They just complain about how evil and skilled the hackers are or how bad Windows was designed, etc.
If they disliked the design of Windows so badly, why not switch to Unix? Is it because Unix is so much more expensive than the cost of Windows plus the cost of recovering from virus damage? Or is it because a system designed with a robust security model is just too troublesome?
I have several friends who are proud of their shiny new XP computers. They play fun games, do their taxes, send email, and surf the web. Big fun!
The strange pop-up ads start making their appearance in less than six hours. By the end of the week, they are asking me why their computer is slow, why they are constantly bombarded with ads even when not surfing, and why their virus scanner has suddenly stoped working.
When I give them steps to clean that crap up and secure their computer, they just throw the letter away. Its simply too complicated for them. Even if most of them were willing to put forth the effort, they are too computer illiterate to pull it off. And even if I do it for them, and give them instructions on what to avoid....they eventually do something "stupid." Not stupid to them of course, only stupid to an experienced computer geek.
That's what one would expect from the mass distribution of a powerful operating system designed to be easy-to-use for the non-IT populace.
because some CS graduate is having a hard time finding that $100,000 a year job
Hey - this page of classified job ads is from 1998!
"Provided by the management for your protection."
Obvious!
Liberty in your lifetime