Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Malware Authors Combine Efforts

Posted by CmdrTaco on from the you-don't-like-your-data-anyway dept.

An anonymous reader writes "Spammers, Hackers and virus writers are all teaming up according to some russian security researchers. This means that they reckon that weaknesses will be exploited in a matter of hours of being announced, rather thant the weeks and months that we're seeing now. Scary stuff."

60 of 306 comments (clear)

  1. And just yesterday by Anonymous Coward · · Score: 5, Interesting

    They couldn't get along!

    1. Re:And just yesterday by Tablizer · · Score: 2, Funny

      New virus and malware combination causes duplicate articles, news at 11:00!

      --
      Table-ized A.I.
    2. Re:And just yesterday by networkBoy · · Score: 3, Interesting

      I think I can reconcile this:
      There will be a few groups who work in strategic alliances. The very scary part about this will be the "power" behind some of the malware campaigns. I think CoreWars, running on every windowz box that isn't hardened really is going to happen.
      This should prove to be interesting, especially when governments step in with the non-judiciary non-legislative branches because a real security leak is caused by one of these programs. Think a pissed off NSA (not a politicking one) of the "good 'ol days".
      -nB

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  2. Public disclosure... by PincheGab · · Score: 4, Interesting

    So where does this place public disclosure advocates? Are people going to demand that makers of affected software have a 24/7 programming staff ready to plug leaks just so weakenesses can de disclosed immedately? In light of this even I would favor not publicly disclosing weaknesses immediately!

    1. Re:Public disclosure... by techsoldaten · · Score: 4, Insightful

      You know what? Business needs remain the same regardless of how fast hackers are writing exploits. Few companies, Microsoft included, could afford to have a 24x7 staff of patch writers for all of the applications they have deployed.

      This is the greatest argument for open source software I have ever seen. A proprietary model of development is going to get creamed as people take advantage of their limited resources and exploit the woo wang out of their apps. FOSS apps, on the other hand, potentially have hundreds of thousands of people ready to go worldwide at any given moment to correct problems as they happen.

      M

    2. Re:Public disclosure... by _Sprocket_ · · Score: 3, Insightful


      In light of this even I would favor not publicly disclosing weaknesses immediately!

      How does this change anything? This situation already exists and has existed for years. There has always been an element of pay-to-attack behavior as well as gathering resources via mass shotgunned attacks. And, in fact, spammers have been taping in to this environment for a while.
    3. Re:Public disclosure... by paulthomas · · Score: 2, Interesting

      RFP has a fairly respected document on public disclosure methods. The idea is basically that public disclosure happens only when there is no vendor response or when vendor response irresponsibly wanes. I agree that immediate public disclosure is not the right approach to take.

      http://www.wiretrip.net/rfp/policy.html
      -Paul

    4. Re:Public disclosure... by LnxAddct · · Score: 3, Insightful

      I think you underestimate how many companies are told they have vulnerable software rather than find it themselves. Http-equiv from malware.com finds tons of stuff and the Samba team used to submit a number of vulnerabilites they found in Microsoft's implementation. And all the time vulnerabilities are disclosed, sometimes the company is told before hand and if they don't act quickly enough then they are disclosed publicly, otherwise the company may find out at the same time you do. Regardless, if some thrid party does find a vulnerability and 2 or more people know about it, the world will know about it within a week. "Three can keep a secret if two are dead". So in short, yes companies need to be prepared 24/7 to fix their faulty software as fast as possible.
      Regards,
      Steve

    5. Re:Public disclosure... by jrl · · Score: 2, Interesting

      The flip-side to your argument is that many of the exploits are found by "bad guys" before they are rediscovered by "good guys".

      By definition, the "bad guys" don't typically believe in disclosure as it takes away another one of their 0day toys.

      By disclosing weaknesses immediately you allow information owners to take precautions to protect their infrastructure, even if that means making the resource unavailable until a patch is provided by the vendor.

      It is naive to believe that only "good guys" find problems. As soon as someone is considerate enough to share the problem, I believe it is in our best interest to be notified of it as soon as possible.

    6. Re:Public disclosure... by Ytsejam-03 · · Score: 2, Insightful
      So where does this place public disclosure advocates? Are people going to demand that makers of affected software have a 24/7 programming staff ready to plug leaks just so weakenesses can de disclosed immedately?
      IMHO, this makes little or no difference. How many of the viruses and trojans in recent years have been created before a patch was available? Not Blaster or Sasser. I'm sure there are some in this category, but I can't think of any.

      Once a patch is released, most businesses will do their own testing before rolling it out into production. This will often take several days. It's not unheard of for a patch to break something, and they don't want that "something" to be one of their mission critical servers or apps. Even if the exploit and patch were released at the same time, it would still take days for many organizations to roll out the patch.

      Before you decide that full disclosure is a bad thing, you should ask yourself if you're really better off not knowing about vulnerabilities in the software you're using. What incentive would the makers of this software have to find and fix the vulnerabilites in a timely manner if no one ever put pressure on them? How much testing would they do if no one else did their own vulnerability testing after the software was available?

      How many of the "bad guys" do you suppose already know about vulnerabilies long before they're disclosed? If someone is actively exploiting an undisclosed vulnerability, do you think they would create a trojan and get the vendor's attention? The vulnerability that Blaster exploited was introduced in NT4 back in 1996. How many people exploited this vulnerability before it was disclosed? We have no way of knowing.
    7. Re:Public disclosure... by SeaFox · · Score: 2, Interesting

      You know what? Business needs remain the same regardless of how fast hackers are writing exploits. Few companies, Microsoft included, could afford to have a 24x7 staff of patch writers for all of the applications they have deployed.

      Well, maybe if they tested the software better and built it more secure from the start they wouldn't need a 24x7 staff of patchers.

      Haha. But that would imply the product is being driven by developers and engineers, not marketting people.

    8. Re:Public disclosure... by dankney · · Score: 3, Insightful
      I would disagree completely -- this is an argument against open source. The exploits are expected to come out within hours of disclosure, not hours of discovery.



      Closed-source software has the ability to write the patch before disclosing the vulnerability.



      I believe in open source 100%, I just think that this argument falls against, not for OSS.

    9. Re:Public disclosure... by DaHat · · Score: 2, Interesting

      Just because you can get a patch out faster in the OSS world doesn't mean you should. It's pretty easy to open up a block of code and fix a bug (provided you know what it is, where it is and how to fix it), it's the testing to make sure that your fix didn't break anything else and that your system still works exactly like before (other than the fixed bug of course) is the time consuming part.

      Does Microsoft spend weeks doing regression and unit testing? I do not know, however making the assumption that a patch can get out in the OSS world faster is better is not a very good one.

      Having patch writers on hand 24x7 would be great for the actual fix, but would not reduce the amount of time required to make sure that the fix works and is safe.

      It should be pointed out that the advantage of a proprietary model of development vs the FOSS one is one of liability. A patch needs to have at least the same, if not better quality (speed, error proneness, etc) than the bits that it is replacing. It is far easier for a small FOSS group to release a quickly written and tested fix than it is for Microsoft too. Despite popular belief, Microsoft has extremely high quality standards. How many companies do you know who have programmers on call 24x7 should their code break a build?

      --
      Help Brendan pay off his student loans
    10. Re:Public disclosure... by ReelOddeeo · · Score: 2, Insightful

      From TFA...
      "This is why vulnerabilities are so important," said Kaspersky. "We are against anyone who publishes vulnerabilities because it gives hackers a tool."

      Wouldn't it be more important to be against anyone who creates vulnerabilities rather than those who inform us about them so we can patch or even shut off services if necessary?

      --

      Those who would give up liberty in exchange for security and DRM should switch to Microsoft Palladium!
    11. Re:Public disclosure... by caino59 · · Score: 3, Insightful

      as long as it is the software company itself who finds the virus...

    12. Re:Public disclosure... by aldoman · · Score: 2, Insightful

      Microsoft's problem is testing.

      When they have a patch, it has to be backported to hundreds of languages, versions, service packs, major releases, then tested on those and finally tested with a variety of applications before they get released.

      Linux/OSS tends to break binary compatibility far more often than Linux so it's much easier: you just patch the latest version of the software and [for major projects] backport it to older releases. For example, you don't see Firefox backporting all of the security fixes to earlier versions. If it was Microsoft, they'd have to port them to IE5, IE5.5 and IE6, then test on all the various OSs etc. Firefox can just say 'here is 1.0.1. Upgrade to be safe'. They'd probably offer XPI files for older versions if it was very serve though.

      But yes, I agree that OSS will win this battle, but it's not just because of developer numbers. As Joel Spolsky recently said in his interview with salon.com, 90% of Microsoft is basically red-tape.

      --
      IntechHosting - Free domain, 2GB, PHP, £4.95/$8.95
  3. How many times do I have to tell you? by Anonymous Coward · · Score: 5, Funny

    Get a firewall, block all inbound and outbound traffic, unplug your ethernet cable and shut off your computer. It's that easy to protect yourself.

    1. Re:How many times do I have to tell you? by forrestt · · Score: 5, Funny

      I think you can probably even skip the first couple steps.

    2. Re:How many times do I have to tell you? by Anonymous Coward · · Score: 2, Insightful

      I think you can probably even skip the first couple steps.

      True, but having the additional steps is what makes it a +5 funny post. "Unplug your ethernet cable" would probably be modded troll.

  4. Uhm.. You know those russian security experts by Phixxr · · Score: 5, Insightful

    Is it just me, or does it seem that every story that lists the source as a "Russian Security Expert" is generally a load of crap?

    -Phixxr

    --
    ungggghhhh
    1. Re:Uhm.. You know those russian security experts by chris88 · · Score: 3, Informative

      Kaspersky is to blame, not Russians in general.

      They also predicted "Internet Terrorist Attack" in August.

    2. Re:Uhm.. You know those russian security experts by SoTuA · · Score: 2, Funny
      Yes, because russians get everything backwards.

      I mean, in Soviet Russia efforts combine malware authors, for chrissake!

  5. All the more reason.. by farsideofthemoon · · Score: 2, Informative

    to lock down your enterprise with a File surveillence and security tool like i:scan... know what's happening before the user does...

    --
    I know what's on your hard dr
  6. Many shallow eyes... by Onimaru · · Score: 2, Interesting

    ...make deep bugs deeper. FOSS philosophy applied to viruses. Yikes.

    --
    adam b.
    1. Re:Many shallow eyes... by ottawanker · · Score: 3, Funny

      .. don't tell me you've been paying for your viruses all this time!? I always make sure the viruses I get use the GPL.

  7. No big deal by MrRuslan · · Score: 3, Funny

    this wont have an effect on computer litirate people who know how to protect themselves ...and for those who dont know things wont change much ether....some people still have blaster on there box..they dont know or wanna know how to take care of there box

    1. Re:No big deal by kevin_conaway · · Score: 4, Funny

      I'm trying to come up with a clever joke to poke fun at your grammar and spelling but I think I'll let your post speak for itself.

  8. Groups of Attackers by teiresias · · Score: 2, Informative

    I don't think more people cooperating will really find new exploits, they will simply explore the ones they have already found. So, instead of an exploit coming out and than a derivative coming out a couple weeks later, we will see four or five derivates in quick succession of the original exploit.

    Also, what "new" cooperation tools are malware writers using to communicate with each other? I'm fairly sure that IRC, Instant Messaging, VoIP, Bulletin Boards, and e-mail have all been standard communcation tools for these people. Maybe the groups now have more members.

    --
    -Teiresias
    1. Re:Groups of Attackers by Heisenbug · · Score: 2, Insightful

      Every time a new exploit travels around the internet, there are posts here saying things like "it's a good thing there was that bug ..." or "it's a good thing they used a relatively inefficient search for new hosts ..." or "it's a good thing it failed to disguise itself in this way ..."

      If there's a movement towards greater code reuse, sharing of ideas, and debugging help among the people creating these exploits, we won't just see a speed difference -- we'll see a quality difference. We've been relying on security through malware incompetence for a little too long ...

  9. Organized Crime? by jellomizer · · Score: 4, Interesting

    Isn't this the same as orginized crime. So a bunch of internet thugs orginize to advertise more stuff, because they realized it will be more effective if they worked togeth. Will this rise the cost of protection money to use the internet?

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  10. I'll from the head! by identity0 · · Score: 5, Funny

    Hacker: I'll form the head!

    Scammer: I'll form the heart!

    Pornographer: I'll form the right hand!

    Spammer: I'll form the crotch!

    All: Together, we are - ASSHOLETRON!

    (catchy theme music here)

    1. Re:I'll from the head! by NardofDoom · · Score: 4, Funny
      It's like Captain Planet, only worse. And evil.

      "Captain Spam-it, he's our hero. Gonna make your compuer divide by zero!"

      --
      You have two hands and one brain, so always code twice as much as you think!
  11. No surprise- by IWantMoreSpamPlease · · Score: 5, Interesting

    Used to be (way back in 2003 or so) AdAware was all you needed (and Norton AV or a workalike)

    But now, man some of the things I've seen are really nasty!

    You wipe 'em out, they come back, they hide from searches, morph into other programs, I've even seen one (I shit you not, I've been in IT for 10+ years, never seen anything like this one!) that was active even when the infected drive was placed as a slave on another machine, it started right up and infected the new PC.

    This goes way beyond simple syware, these people are teaming up and it's just the beginning.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
    1. Re:No surprise- by gregfortune · · Score: 3, Funny

      I've even seen one that was active even when the infected drive was placed as a slave on another machine

      Dude, don't click on them *again*...

  12. serve yourself and save by to_kallon · · Score: 3, Interesting

    "They work in groups that exchange information with other groups on forums and Web sites."
    erhmm....
    ianase (i am not a security expert) but wouldn't that statement apply to, hmmmm....., oh i don't know.....THE INTERNET?? seriously, a broad, vague, statement like that suggests to me that this is mostly overreaction on the part of a group who could experience significant gains IF their statements were true.
    fud? imho, yes.

    --


    The only way to get rid of a temptation is to yield to it.
    -Oscar Wilde
  13. Security Through Obscurity by TrollBridge · · Score: 2, Interesting
    "This means that they reckon that weaknesses will be exploited in a matter of hours of being announced, rather thant the weeks and months that we're seeing now."

    Kinda makes you think twice about publicly announcing vulnerabilities in your software before you have time to fix them, does it not?

    --
    There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
    1. Re:Security Through Obscurity by druhol · · Score: 2, Insightful

      A good portion of the time, hackers and such learn about the exploits by reverse-engineering patches and updates. The problem isn't 'security through obscurity' so as just that most users are too lazy to patch their computers when a new update comes out.

      --
      WWD4D?
    2. Re:Security Through Obscurity by Cid+Highwind · · Score: 2, Informative

      Specific descriptions of a new vulnerability let sysadmins deploy new IDS/firewall rules to detect and block malware, write scripts to scan for infected hosts on their network, etc. Non-specific "there's a new remote-root hole in openSSH, but we're not telling you what it is" announcements just give people ulcers.

      --
      0 1 - just my two bits
  14. This war can't be won ... by smoyer · · Score: 3, Insightful
    The problem with detecting and deleting viruses, trojans, etc. is that you will never get ahead. At such time as a zero-day exploit is known to a hacker, they can create their malware of choice to exploit it. A skilled hacker may have an exploit ready in 6-12 hours.

    Once done, they have a certain population size (vulnerable hosts) that can be almost instantly assaulted.

    On the white-hat side, once the malware is noticed, it may take months to patch the initial security hole and even longer to patch the entire population of vulnerable hosts.

    This is why vulnerability announcements are so important, the software that survives in the future will be the one with the shortest vulnerability to patch cycle. The others will die off ... only the strong survive!

    1. Re:This war can't be won ... by nacturation · · Score: 2, Insightful

      This is the Windows way. Linux security fixes usually take a few hours up to a few days for services (ssh, apache, Bind, ntp).

      That's great for simple products like Firefox, but what about when the product that has the security hole needs a fundamental change in its behavior? And if that product is used by every Fortune 500 company now you'll need to do compatibility testing to make sure that the product fix doesn't b0rk the dozens of other interoperable software which has been built on top of it.

      Security is easy when all you need to do is fix a buffer overrun problem. It gets a bit more involved when making changes to software which has many dependencies.

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  15. focus change by derxob · · Score: 4, Insightful
    Back in the day virus writers main intent or goal was to piss off users and to create the next 'big' virus. Now a days, it's all about the money. Those same virus writers are now focusing their attention on the same aspects of before, infecting and disrupting a users system, but when money is involved, the stakes get higher, and things become a lot more dangerous.

    However, this article is pleading that we should *not* be publishing vulnerabilities, "because it gives hackers a tool", and I disagree with this. Publishing vulnerabilities is a way to alert the public of exploits that are present. What we need to do is make the publishing of vulnerabilities more popular than it is so that the general public is aware of problems and alerted on how to fix them.

    --
    Beat the computer, program your life.
    1. Re:focus change by MinutiaeMan · · Score: 2, Interesting

      I see a major problem with this, at least in some circumstances. If businesses start issuing too many warnings about vulnerabilities, at least some users might become "desensitized" to the urgent need to upgrade. Heck, already too many users don't bother upgrading until there's a big bad virus or worm out there threatening everyone.

      Of course, by the same token, if businesses start issuing more warnings (cough*MICROSOFT*cough*) then maybe more people will realize that their software of choice is a piece of sh*t and start looking for a replacement.

      I think that so far, the general effect of an increased emphasis on security has been the latter (people reconsidering options). But will it always stay that way? I don't know.

  16. Microsoft should.... by Himring · · Score: 4, Funny

    Microsoft should use the business model that's brought them where they are today, create a "virus" department in Redmond and beat these guys at their own game.

    I can see it now: Active Virus (TM)

    1. Make OS.
    2. Build-in holes.
    3. Release patches.
    4. Create virus.
    5. Still profit!

    --
    "All great things are simple & expressed in a single word: freedom, justice, honor, duty, mercy, hope." --Churchill
    1. Re:Microsoft should.... by Turn-X+Alphonse · · Score: 2, Insightful

      You missed some...

      6. People get sick of it and whine
      7. People move to Linux
      8. Profit for someone else!

      --
      I like muppets.
  17. Et tu, Slashdot? by menkhaura · · Score: 5, Insightful

    Mistaking hacker for cracker is acceptable on the general media, where people aren't very aware of such subtleties. But on Slashdot? C'mon, I know Slashdot is crawling with Windows users, wannabes and such, but this is getting offhand!

    --
    Stupidity is an equal opportunity striker.
    Fellow slashdotter Bill Dog
    1. Re:Et tu, Slashdot? by CumInHerTaco · · Score: 2, Funny

      Slashdot is crawling with Windows users, wannabes and such...

      w00t, we have wannabes?!

      I feel cool now!

      --
      The only way to end war is for everyone to get a piece!
    2. Re:Et tu, Slashdot? by QuantumFTL · · Score: 2, Insightful

      Mistaking hacker for cracker is acceptable on the general media, where people aren't very aware of such subtleties. But on Slashdot?

      I know this won't be very popular, but maybe it's time the "hacker" community accepted that like many other english words, it can mean multiple things. Geeze, already it can refer to someone who is bad at golf, or someone who enjoys chopping at wood, why not someone who "hacks" into computers?

      Maybe i'm silly but I'd rather trust the Oxford English Dictionary on something than the consensus of slashdot. It's part of the english language now, and probably will be for the rest of our lives. Get used to it.

  18. Re:Anonymity is part of the problem by lucabrasi999 · · Score: 4, Funny
    It's a shame, but it seems some people are malicious in proportion to their anonymity.

    ...And this was posted by an Anonymous Coward. Am I the only person to see the irony here?

  19. Move along, nothing to see here by worktheweb · · Score: 3, Informative

    These are the same guys who were predicting an "Internet Meltdown" a little while back -- I'd take their prognostications with a grain of salt ...

    http://it.slashdot.org/article.pl?sid=04/08/25/1 53 3213&tid=172&tid=95&tid=1

  20. Latest Kapersky news by flibuste · · Score: 2, Insightful
    Last time I heard about Kapersky labs, we were supposed to have an internet doom day. I'm still waiting for it, yet Kapersky is still blowing whistles.

    How can you trust such a non-trustable source anywany?

  21. open a can of whoop-ass by TheSHAD0W · · Score: 2, Interesting

    This circumstance does have some advantages; by tying themselves together financially they open the possibility for one to be traced from the other.

    It also opens the participants to criminal conspiracy charges. Can you say RICO, motherf***er?

  22. Very dangerous meme... by CODiNE · · Score: 2, Insightful

    "This is why vulnerabilities are so important," said Kaspersky. "We are against anyone who publishes vulnerabilities because it gives hackers a tool."

    This pushes security discussion underground, but doesn't stop the bad guys, just leaves the administrators vulnerable and unaware. Very easy to spread this sort of propaganda however... hopefully it doesn't lead to laws being passed.

    --
    Cwm, fjord-bank glyphs vext quiz
  23. Jabberwocky! by jaypifer · · Score: 5, Insightful
    "This is why vulnerabilities are so important," said Kaspersky. "We are against anyone who publishes vulnerabilities because it gives hackers a tool."
    And this is why most people are against security by obscurity. Kaspersky is confused. The tired phrase of "If guns are outlawed, only outlaws will have guns." applies even more pertinently to software vulnerabilities.

    By the time someone with enough motivation (read funding) to write an article on a vulnerability does so, the bad guys have already written exploits. Why? For the same reason...they get paid!

    The published articles allow the moderately tech savvy user to protect themself. Additionally, it forces the software makers' hand to close the vulnerability faster than if they had no pressure at all. Ultimately, this is our only way of shaming large companies into creating proper software and delaying the releases until they've created a more hardened product.

    Yes, hanging out the dirty laundry of vulnerabilities makes it easy for the junior hackers to create something out of nothing, but I'd rather we all know about the problems at the same time than a few sophisticated spam hackers knowing about the problems for an indefinite amount of time.

    --
    Never go to sea with two chronometers; take one or three.
  24. Re:China: Spammers, Viruses, and Hackers by My+name+isn't+Tim · · Score: 2, Insightful

    until even Firefox will be useless, because see they are gaining market share in leaps and bounds, which makes them a target for malware and exploits now. It's only a matter of time until only lynx will be safe.

  25. Re:Oh and let's not forget... by kcb93x · · Score: 2, Funny

    Exactly. Which is one of the reasons I refuse to get rid of my old DOS box. 6.22/3.11 for Workgroups. If some 32-bit virii went around, hit everything...I've got my 486 to get the patch:)

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  26. pattern, anyone? by majest!k · · Score: 2, Interesting
    i just read the article. i couldnt help but notice a striking resemblance with the agendas of Kaspersky and our very own Bush administration...

    1) spread fear, its good for business.
    2) create some fucked up 'axis of evil' shit to help further #1. ("Virus writers are combining their efforts with hackers and spammers to launch Swiss Army knife-like malware attacks on users")
    3) throw in some fuzzy math for effect. ("The company said that it was seeing 200 new viruses a day.")
    4) take a random stab at preventing free speech. ( "They work in groups that exchange information with other groups on forums and Web sites ... We need to cooperate to prevent this.")
    5) and finally, say something really stupid that goes against something tried and true thats trusted in the industry - in this case, the idea of Full Disclosure. ("We are against anyone who publishes vulnerabilities because it gives hackers a tool.")

    and to think i actually used to respect their work. maybe they should just stick to coding and save the PSA's for when they have a smarter PR rep.

    just my 2 cents.

    --
    smattawichu
  27. Protocols will have to get more resilient by Dr.+Manhattan · · Score: 2, Informative
    I'm too scared to have my ssh server exposed to the raw net. Things like port knocking and so forth help, but suffer from reliability and resource problems. I created an authentication protocol that's correct by inspection and utterly immune to any attack short of actually finding out the secret key.

    In these days of 0-day exploits, I just can't take the chance that someone will find a hole in ssh and create a Warhol-worm before I can install a patch. I sleep better now...

    --
    PHEM - party like it's 1997-2003!
  28. RE: argument against open source? by King_TJ · · Score: 2, Insightful

    I know this has been stated MANY times before in various ways, but if "closed source" truly is effective in preventing malware/hacks/virii simply because the source isn't available for anyone's inspection - then why do we see all the security flaws popping up with IIS? Meanwhile Apache has comparable market-share and usage world-wide on the net as a web server, and it is considered far more secure?

    By the same token, Linux and BSD have been chosen as the platform many commercial firewall/router products are based on, despite being open-source. If open-source really had a "disadvantage", security-wise, by the mere fact that it's freely available code - then wouldn't you think companies like Netgear or Cisco/Linksys would steer clear of them in security-related network appliances?

    Of course "exploits are expected to come out within hours of disclosure" - but that seems like a pretty general statement to me. Far more people with malicious intent are capable of slapping together some code based on a documented flaw than figuring out a previously undiscovered flaw and exploiting it. If you disclose a Linux or BSD security flaw, I'd say it's just as likely to be exploited quickly as a Windows flaw.

  29. Re:China: Spammers, Virus Writers, & Hackers by Long-EZ · · Score: 2, Interesting

    Close. Actually, the two things you should do are:

    1) Download and install Firefox.
    2) Delete Internet Explorer (if you can).

    On my computer, Internet Explorer is slightly faster for casual browsing than FireFox because Explorer is more tightly integrated into the operating system.

    On my computer, I'm running Linux. IE is NOT integrated into the operating system. You can't see it, but I'm doing the Superior Dance.

    If IE is integrated into your OS, there is a third thing you should do.

    3) Upgrade to Linux or Mac.

    I can't understand why everyone isn't more enraged by the fact that 80% of spam now comes from zombie Windows PCs. Lack of security hurts us all. As a society, we're far too complacent about PC security. We should take the attitude that a person's right to run an unpatched Windows box attached to a high speed cable ISP does not supercede the right of a million internet users not to drown in illegal V1aGr@ and warez spam.

    --
    >> My ultraviolent Linux switch video.
  30. Re:Indeed. I used Netscape 4.08 on WfW 3.11 to d/l by Average · · Score: 2, Insightful

    Ethernet socket driver for a simple ethernet card.

    Trupmet winsock or similar to bind to the 0x60 DOS socket.

    $20 router connected to your DSL to do the PPPoE login, as well as a bit of firewalling to any computers internally.

    I would never suggest using a PPPoE utility on the computer when routers are so cheap and useful. Most DSL modems even have the router logic built-in nowadays.