First JPEG Virus Posted To Usenet
Shawn writes "This could possibly be the worst viruses yet! Earlier this month Microsoft announced a problem in their GDI driver that processes the way JPEG images are displayed. Someone has finally posted an exploit to Usenet. Easynews, a premium Usenet provider, found the virus Sunday afternoon. Up-to-date information about how we found it and what it does is located at www.easynews.com/virus.txt. When this picture is viewed it installs remote management software (winvnc and radmin) and will connect to irc."
I run at work.
:)
The joys of running a mac shop
Linux had a similar security hole a week or so ago, bigmouth. Of course, you won't see THAT on the slashdot front page.
I suggest you people hold your tongues, and think before you blindly bash Microsoft all the time. Yes, there *ARE* OTHER good reasons to hate Microsoft, but that's beside the point, and I'd rather not get into that right now.
For the purposes of this discussion, suffice it to say that I think *BOTH* the Microsoft and open source communities have their fair share of exploits to deal with. For example, the Mozilla people have had to patch things like this before, too. In fact, need I also point out that a very similar potential exploit was also found recently in GdkPixBuf. So it ISN'T just Microsoft.
Before now, many of you were saying "we don't have as many exploits as Microsoft." Then finally, when similar exploits are found in open source, you people start rationalizing, and saying "Oh, okay, but our side still fixes things faster." That's what in logic we call "rationalization," and "shifting your reasons." I also bet that some of these same people also think our President is doing this on the reasons for invading Iraq (though please note I still support the President, though that's also beside the point.)
Saying "but open source allows people to see them more quickly, too" is also no argument. Certainly, one could say open source allows for greater transparency in the process, but on the other hand, I could also legitimately argue that allowing everyone to look for possible exploits in my code is like posting the blueprints for all my locks right out in the open, so every burglar can then look for ways to try to pick them or break them.
My point is basically this: I wish people would stop going to extremes, bashing Microsoft when any kind of security flaw hits, then trying to rationalize and talk down every similar flaw that is found in their favorite open source project.
Much as I despise virus writers, frankly after having been forced to use Windows for the last few days, I hope this destroys the damn platform. I normally try and keep a neutral attitude to platform wars, but these last few days have really opened my eyes to just how bad Windows is. It sucks so bad, I simply cannot fathom why it is so popular. I normally use OS X, but idiosyncracies aside, Windows designers truly seem to have no clue about what makes the difference between a productivity aid and a productivity hindrance. At every step some "feature" of Windows either doesn't work, or else does too much, requiring further steps to undo some of what it did. It cannot lay text out properly half the time. Its character mapping is totally broken, with different fonts having different character mappings. I could rant on....
Frankly, these viruses are great news for those of us who just want a bit more balance in the marketplace. I'm fed up with having to apologise for being a minority Mac user - fuck it, Macs let me get my work done, no fuss, no frustration, no stress, and no bad temper which makes me post rants to slashdot!! Windows users - piss off and call me back when your platform of "choice" is fixed. That's all.
So the virus first showed up here:
b inaries.pictures.erotica.transexual,alt.binaries.p ictures.erotica.transexual.action,alt.binaries.pic tures.erotica.transsexual
:-)
Newsgroups: alt.binaries.multimedia.erotica.transsexuals,alt.
Subject: (Shemale-loves it up the ass.jpg (1/1)] [1/1] - Shemale loves it up the ass
Serves the shemale-lovers right...
Beware: In C++, your friends can see your privates!
Think bigger. Think to the future. "Don't log in as root/Don't be an administrator." is NOT an answer. Mac OS 9 and below operated by default in a single-user mode without *any* authentication necessary to make changes and I can list the successful viruses/exploits (especially remote exploits) by hand on a single sheet of paper.
So you're saying that the best way to stop these exploits is to make the OS completely useless? Don't get me wrong, I'm a total Mac-head, but OS 9 and under were crap, and the only reason they didn't have any remote exploits is because the OS wasn't capable of any remote operation whatsoever.
Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!