Clean System to Zombie Bot in Four Minutes

Amadaeus writes "According to the latest study by USA Today and Avantgarde, it takes less than 4 minutes for an unpatched Windows XP SP1 system to become part of a botnet. Avantgarde has the statistics in their abstract. Stats of note: Although Macs and PC's got hit with equal opportunity, the XP SP1 machine was hit with 5 LSASS and 4 DCOM exploits while the Mac remained clean. The Linux desktop also was impenetrable, but only was only targeted by 0.26% of all attacks." See also our story on the survival time for unpatched systems.

Who cares?

[Elracim]

To me this just seems like non news. All new copies of windows come with sp2 integrated... What else is MS supposed to do? So they made a less than secure OS a while ago, that can't be changed. They offer SP2 on cd for free AFAIK, so if you have an old copy of XP, you can patch it up before connecting to the net. Microsoft doesn't want you running windows unpatched, and they'll help you patch it...

I think this is somewhat akin to complaining about a product after a company has had it recalled. This problem is annoying, but hardly news, and certainly not a valid comparison of the relative security of different OS's

Re:Hey, cool.

[man_of_mr_e]

I'm kind of curious. What made you think it was ok to do such a lop sided comparison?

You used an OS that was released over 2 years ago, yet you used currently patched Linux and Mac boxes by way of comparison?

I'd bet if you used circa 2002 unpatched Linux PC, it would also be compromised relatively quickly, considering all the rootkits and script kiddie exploits out there for various vulnerabilities.

All you've proven was that unpatched boxes are vulnerable.

Re:You can't play the 'luser' card!

[Foolhardy]

That is the problem. Incompetent computer owners and those[1] who would encourage their ignorance. Windows is a popular tool of the stupid to screw up their computers.

Windows is not the problem. It can be just as secure if you know what you are doing. I run Windows don't run a virus scanner, any anti-adware programs, or have paranoia about the internet. I have never had a virus, worm, or malware installation.
Unfortunately, good information and good tools to secure Windows can be hard to come by.

Windows security is like this: the underlying design of kernel and system is excellent, the implementation of these are good, Win32 is usable, and the shell is a security disaster. That's why I break the shell into little unpriviliged sandboxes that can't hurt themselves or others.

Once configured properly, it can be quite secure.

1. When I say those contributing to the problem, I mean the app developers whose programs require admin access just to run, company admins that give their users full admin access without even trying to investigate more granularity, and companies that advertise their computers as ready-to-use-out-of-the-box-no-knowledge-necessary , and leave the system wide open to attack.

Re:Why, Tell Me Why...

[iggymanz]

an ATM packet has 48 bytes for data....the odds are great a packet that was a small part of known exploit would look exactly like the movie you're streaming, or an email attachment from your aunt Minnie. Would you assemble and look at a group of packets and test against a 1,000 known viruses, trojans and worms. Maybe Cisco could paint their logo over an acre of Cray Supercomputers and call that the "bad payload detecting ATM router"

Re:Ok, before the bitching begins:

[Scudsucker]

It's because they can't as the problem lies not with them but with the software developers.

Oh, I see, its Adobe's fault that Microsoft has so many problems with Windows and IIS. Are you on crack?

BS. Windows is fine...nothing wrong with it. It's like saying that a Volvo isn't safe because you refuse to wear the seatbelt.

A better comparison: Windows is a Pinto. It doesn't matter if you take the precaution of fastening your seat belt, because your gas tank will explode if another car hits you at 10 mph.