Slashdot Mirror
Windows Viruses up Sharply in 2004
Brad1138 writes "MSNBC has an article regarding the proliferation of Windows Viruses and collaboration among virus writers and spammers. Also mentions the likelihood that viruses for Linux and handhelds will see a sharp rise."
The debut of their new documentary Viruses Up, Windows Down.
Oh, and before anyone says this is Microsoft/MSNBC bias against Linux, it's a Reuters article available from many other sources and seems based on the same Symantec information as the earlier zombie story.
(Seriously, this information may or may not be true...but can we say "vested interest?")
Reality has a conservative bias: it conserves mass, energy, momentum...
Porting is always appreciated!
Never learn by your mistakes, if you do you may never dare to try again
Does that mean that there will be some? Ooh! Can't wait for McAfee for my box!
End the FUD
Related article on NewScientist says "[t]housands of zombie PCs created daily" Also if you want this story de-uglied click here
Trolling is a art,
If you install it, they will come.
This short article mentions an increase in linux viruses, but fails to mention the obvious fact about a virus that attacks any open source operating system: Any exploit that is found by someone malicious will be quickly fixed by the overwhelming majority that belongs to the benevolent OSS community. The lifetime of a virus attacking and open source OS would be very short, and wouldn't require the use of any third party virus protection software to fix.
That could possibly have something to do with the fact that Windows crashing is a lot less fatal than a car crashing.
I thought last year was supposed to be the 'worst ever' according to this article anyway.
Hmmm, let's review:
2003 - worst year ever
2004 - viruses sharply up (from the worst year ever)
So - when does that 'Great Security Initiative' of 2002 start working? Microsoft please - the authenticated code approach doesn't work. Sandboxes do.
In market news, Virus Inc reported stronger-than-expected results, beating street analysis by a broad margin, sending Microsoft lower. Symantec, a promary contractor of Virus Inc, said that they are pleased with the performance "When they do well, we do well" said Ama Popup, director of Marketing at Symatec. Sasser, spokesman for Virus Inc, relayed the management outlook by saying "We expect to migrate our primary products to Linux as soon as it is popular enough to warrant the cost." Asked whether their plans were too optimistic, Sasser replied: "We are fighting against open source hackers who attempt to build security on consumer-grade products. We are confident that the average user will help us defeat such paranoid and counter-productive efforts."
"Piter, too, is dead."
I did battle with a xp machine yesterday that got zombied. This thing was blasting out thousands of mail messages. It tried nearly everything to keep me from removing it from the machine, morphing, auto reinstall, hiding in different locations, modifying start registry at every shutdown. This is not your average script kiddy stuff somebody wrote it that knew what he was doing. Spybot, norton, clam or adware never even recognized it. This is a machine behind a firewall, virus scanning, spybot scanning etc but it still got infected through yes you guessed it Internet Explorer, and yes it had every security patch installed.
Before I left I disabled internet explorer and installed firefox. It may still get infected through outlook or some other means but I made it one hell of alot harder by switching them to firefox.
Got Code?
Because you know it would happen.
Quoth the article:
Symantec also said it expects more viruses and worms in the future to be written to attack systems that run on the Linux operating system and hand-held devices as they become more widely used.
Hand held devices are already pretty widely used. Also, do they mean Pocket Windows? Palm OS? And have they checked the numbers?
My problem is that there is no great proof that I've seen for or against linux/Mac/Palm OS being more secure or less prone to viruses. A sentence beginning with Symmantec always makes me think this is just FUD to stir up concern on other platforms to purchase products, with no basis in fact.
"All great wisdom is contained in .signature files"
Linux.Jac.8759 is a virus that infects files under Linux. The virus infects ELF executables that exist in the same directory as the virus
Number of infections: 0 - 49
Number of sites: 0 - 2
Geographical distribution: Low
Threat containment: Easy
Removal: Easy
Looks utterly devastating... *sarcasm bazooka attack*!!11!!
"The only clear view is from atop the mountain of our dead selves." - Peter Carroll
Hmmm... I seriously doubt that there is going to be a "sharp rise" in Linux viruses for a few reasons:
1. Most people, when it comes to doing work, try to do just enough to get by. If it's easier to infect a machine running Windows than it is to do one running Linux, it'll be the Windows machine getting attacked.
2. In the same vein, most people you use Linux or a different flavor of *nix tend to be more technically savvy than the typical Windows user and secure their systems properly (in my experience). Note, I am talking about users here, not computer professionals.
3. And the numbers of Linux systems available for compromise still isn't as high as the number of new computers that boot into Windows when they come out of the box from Dell (IBM, HP, Compaq, etc).
Will we eventually see more Linux systems being attacked? Sure, as people finally get a clue and either secure their Windows systems properly, install a decent firewall (preferably hardware), change OSes, or get get disgusted with the Internet in general and pull the plug.
If "disco" means "I learn" in Latin, does "discothèque" mean "I learn technology"?
To target Slashdot.
You heard me right. A recent trojan actually used Slashdot to post the IP addresses of infected hosts to a public reading spot, so that the worm authors could collect these addresses and break into the systems. The infections were posted to sid=31337, one of Slashdot's two remaining "troll" discussions. You can click that link to see the approximately 4000 infections that posted their IP addresses (along with a random hash to prevent duplicate messages and defeat the "lame" filter) to the discussion.
Cmdrtaco responded to this terrorism by closing the sid, proving that terrorism works.
If guns kill people, then CmdrTaco's keyboard misspells words.
VIRUSES - A big problem on Windows, currently not a big problem on Linux. I view viruses as a failure of the security model of the operating system.
...
... So the "solution" is to block or slow the most common method of such "infections". Which is Microsoft Outlook and its ability to run executable attachments. Just NOT enabling this functionality on Linux email clients would prevent most trojan attacks from "infecting" the computer.
Windows is still VERY open to viruses but for pure infection rates they can't match
TROJANS - particularly the email types. Dumb user clicks on an attachment and gets infected. The trojan then emails itself to everyone in his address book (on the assumption that dumb people have dumb friends). Trojans will be with us as long as we have dumb users.
-and-
WORMS - The spread without any human intervention. But these should have a very short life span. Patch the flaw and they die.
Which shows why Linux has been so resistant to "viruses" so far.
#1. Worms - Not everyone runs the same services, active, with the same flaws, unprotected by a firewall. And there is no reason to believe that this will ever change. Worms are a minor threat on Linux.
#2. Viruses - the security model for Linux is better at preventing infections than Microsoft's model. Unless this changes (again, why would it), viruses will remain a minor threat on Linux.
#3. Rootkits - a problem, but they rely upon flaws the same a worms do.
#4. Trojans - We'll see. Unfortunately, as I stated above, this is also the largest current "virus" threat today. If you can get a dumb user to go through all the steps necessary to install it
So, while Linux is not perfect, it is far more resistant to viruses, worms and even dumb user trojans than Windows is.
did you read any of them?
I just went through and read a dozen (I've read more in the past, just wanted to see if they had changed). All are listed as easy to remove, low danger. All involve someone doing something *really* stupid (like, "once a user runs this program, it writes to all the files in the same directory..." blah).
NONE are a virus. I could just as easily write a shell script that simply had as its only line:
rm -rf / 2>/dev/null &
You wouldn't know anything was wrong until you were screwed. Would it be a virus? No, it would be someone too STUPID to look at what they are running.
Find a single "virus" in that list that is anything different.
In windows, on the other hand, you can get viruses just by looking at a jpeg, or opening an email, or even just visiting a web site. To be "safe," windows users have to have active virus scanners; all linux users have to do is not have a . in their path, and not run things they don't recognize. How did the file get on the system, anyway? We're *starting* with a breach, when it comes to linux "viruses." If someone can put a file in a directory, they can do far more while they're there (like, modify the programs themselves, change configs, set up keystroke loggers, whatever...why just leave malware?).
Get a clue, and realize its not just zealotry speaking when someone says Linux, and UNIX in general, doesn't have to worry about viruses. They also don't have to worry about playing WoW, or using MS Office. They're simply different environments than Windows.