Computer Viruses Broke 100,000 In 2004
Sammy at Palm Addict writes "The count of known computer viruses broke the 100,000 barrier in 2004 and the number of new viruses grew by more than 50% according to news from the BBC. The BBC also reports that 'phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% with attacks are becoming increasingly sophisticated.'"
Now how many non Windows viruses were there? You could probably count them on one hand. Let's give credit (or blame) where it is due.
Should we really consider the dozens of variants of Bagle, Netstky, etc. separate viruses? Just because the anti-virus vendors choose to implement recognition of these variants by separate signatures, are they really different viruses?
I think it would be more interesting to know how many new virus/worm/trojan families were released year-to-year.
Don't underestimate the power of The Source
The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.
But quite frankly the ISPs and of course the individual users are to blame as well.
Why don't broadband ISPs require boradband firewalls? Only recently have some of them started to incorporate firewalled modems, and even then they're only sent to new customers. Would this mean that existing customers would have to spend money for a new router at the ISPs demand? You bet. But given the choice between disconnection or buying a $50 router, I'm sure that the vast majority would find a way to get that $50.
Additionally, most virii are sent over SMTP ports since they contain their own SMTP servers. I would not be against shutting down direct-from-client SMTP as long as those who run their own mail servers have the option of having their specific connection opened for SMTP traffic.
Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?
At this point I would actually welcome something like a drivers license for broadband access. You don't gain the ability to use a broadband connection unless you prove to the ISP that you know the rules and that you are informed of how to be a responsible Netizen, including the use of firewalls, virus scanners, and alternate products like Mozilla, Eudora, Firefox, and others. If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.
If people were made aware that any virus or worm outbreak cause by them would mean the complete loss of their Internet connectivity, I think we'd see the number of virus infections drop dramatically.
But have an ISP do the responsible thing at the risk of pissing off customers? No, they'd rather spend billions of dollars a year on mail storage, spam-fighting hardware and software, increasing bandwidth usage, and always-rising amounts of mail to abuse@isp.net...and of course pass those charges onto us.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
Accidentally
Have you noticed that when it comes to computers the relatives always replace had a major lapse of common sense and with accidentally?
"So, you accidentally received a piece of mail from someone you didn't know, you accidentally opened it up to see what it was, you accidentally moved the mouse over the attachment, and then you accidentally double-clicked on the attachment just because it was there? Oops! I accidentally just formatted your hard drive. Do you have your installation CD?"
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
Viruses still exist because programmers still use obscure C functions full of holes and obscure processors full of executable stacks.
Please programmers, read the electronic paper "Smashing The Stack For Fun And Profit" (->Google).
zzz
And can you tell me what about common (non-geek) sense suggests that opening up an e-mail and the included file should be at all hazardous? Common sense suggests you should jsut get to see what's in the file. If it's junk, you'd delete it.
Unless you've been specifically told otherwise, it wouldn't seem dangerous at all. When you open junk mail at home, or mail from a sender you don't recognize, you don't expect it to take pictures of your house and mail them back to the sender. You don't expect the opened mail to leave dogcrap on your doorstep or make your refridgerator stop working. It seems like a fairly harmless thing to do.
It's only because of severe design flaws in e-mail programms and OSes that there's an issue.
These things are looking more and more realistic/genuine all of the time. The last I got I opened up the email just to take a look, and the reply to address was "cgi.ebay.com/cgi-bin/"whatever else... it looked so nearly authentic it was scary. Everyone sees the cgi-bin at the ebay page, so having the name cgi.ebay.com was just... yah... I see why people fall for these, they are just uninformed, thinking someone actually was trying to steal their eBay account and such. What needs to be done is when you sign up for stuff, you are required to read aloud to a microphone some statement about how the company will never send you emails to verify account information, social security numbers, and so on. It's the only way to guarantee they read it, but perhaps they still wouldn't understand it. It's just scary. What we need is to make a global law about these things as well... if you are found doing this sort of act, you and your whole immediate family is executed in front of a live TV audience. I bet it'd get higher ratings that Survivor!