Slashdot Mirror
Has Mass-Mailed Malware Peaked?
Ant writes "Broadband Reports posted a CRN article about researcher saying mass-mailed worms have reached their peak. Six years ago, on March 26, 1999, Melissa, the first virus that spread by mailing copies of itself to e-mail addresses it found on infected machines, swept the Internet. Today, the researcher who led authorities to the hacker who wrote Melissa, says that mass-mailed worms have reached their peak."
What have we accomplished by making this statement? If nothing else, doesn't this just tempt virii/malware writers into trying harder?
-dave
http://millionnumbers.com/ - own the number of your dreams
If mass-marketed malware has peaked, then it will only come down.
Thinks they've reached their peak huh?
;)
Just wait until the next version of Windows
I believe it. Over the last three years I've seen mail-based virus infections disappear. I don't think I've seen a mail-based virus infection in the last year at all.
[insert witty sig here]
or just reached a saturation point? I suppose that "peaked" sounds better.
The dogcow says "Moof!"
just like my stock prices did ... then of course they fell. So, cutting my losses, I sold them. An what do you know, it turns out that they are even higher now.
Could it be that more users are employing protection against these worms now? Thanks to ClamAV I never see any in my inbox now, but my log messages would suggest there are still plenty of clueless people out there propagating them.
I think that perhaps they might have reached their peak for propigating via email. IMs, P2P, IRC... pleanty of other mediums to play in.
So the whole premise here is that mass mail viruses are peaked because they are slowly being devoured by the phishes... err phishers.
While I suppose that's true to an extent, we are still a long way from providing an environment where the From header can not be (easily) spoofed. The article makes it sound like we are going to throw a switch any day now and all will be right in the world of SMTP.
In short, I wouldn't say we've reached a peak necessarily, but perhaps more of a plateau. But even then, I think that might be wishful thinking.
New versions of windows could change this. Vast untapped markets remain for Mac and Linux.
There are still plenty of chat-based worms such as the recent W32.Serflog.C worm, which is quite unpleasant.
They don't need any more encouragement. That's not the limiting factor on their productivity. While I don't believe this article, which is entirely based on the idea that worms will decline now that the spoofing upon which they depend is addressed by some new tech for sender authentication, I also know we can't live in fear. The other way to react, in that fear cage, is to be afraid to say that worms are increasing, because that will make them more attractive: be on the side that's winning. No, you can't get paralyzed by fear of the truth - the truth is essential in addressing the problem, and anyone interested must freely discuss it, if we're to use our superiority in numbers to win.
This attitude goes to the heart of today's problems. Fear of terrorists, fear of criminals, fear of government, fear of people different from us, fear of big changes in the world economy, energy, politics. All of them have people who say we should just keep quiet, lest we make it worse by making it more "popular". We must talk about the realities, so we can confront them, resolve them. Otherwise, the fear has won, and we are defeated.
--
make install -not war
Peaked : The highest figure
So.. how do we know it's peaked untill we see clear evidence in a year or twos time?
I like muppets.
Changes in the gross volumes of malware mail are irrelevant. As long as the mean time to infection (receipt of the latest malware) is on the order of or less than the mean time to patching, computers will have problems. Only when patching is much faster than malware spreading rates can we claim even partial victory.
The other issue is the damage done by the malware. One especially dangerous piece of malware, mailed once to all susceptible machines, will be far more serious than more innocuous malware mailed thousands of times.
Besides, I suspect that malware creators have turned their attentions to more nefarious activities such as phishing. Owning someone's bank account is more valuable than owning their PC or corrupting their harddrive.
Two wrongs don't make a right, but three lefts do.
They've reached their peak because there are no more computers remaining send them too. All computers are already getting them!
Much Like The Tasmainian Devil, Melissa is practically extinct, but! while virus scanning my laptop the other day, i found the melissa virus was on it... now i though this very strange because this virus was supposed to have vanished... (or am i wrong? if so, please inform me)
Anyone who is capable of getting themselves made President should on no account be allowed to do the job. - HHGTTG
Greetings,
To check for malware please click on the link.
Check for SPYWARE
Panda Antivirus Has Scanned This Post.
There are no viruses.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
Probably the #1 reason that these viruses have peaked is because people protect themselves better. If they use windows they (usually, yes there will always be idiots) know not to click on random attachments, have filters, and regularly run a virus/spyware checker. Why? Probably because they got burned before or know someone who got burned.
Kind of reminds me of how in the late 90's people thought HIV was declining in the US because the rate of new infections was dropping. But then people got complacent and started doing stupid shit again and now the virus is making a comeback in the US as the rate of new infections is increasing once again.
Lesson learned: Somoeone is always trying to fuck you, so be vigilant with your protection.
Monstar L
As noted in the article, criminals will turn to other methods.
The thing about Melissa was that they were on to it before it spread very much.
The next big thing might be very complex and dreamed up by a complete brain box. On the other hand, it might be very simple and we'll all ask why we didn't think of it. My favorite example of simple was the Viet Cong with their dung covered stakes vs the greatest power in the history of the world. We all know how that one turned out. What I'm saying is that just because one threat may diminish, we are by no means out of the woods.
The problem with statements like these is that they take the name, worms, too literal. A computer virus or worm, although they behave very much like the real organisms, cannot be eradicated like a real virus or worm. To the casual reader you would think the email worms and viruses have been wiped out of existence like polio and small pox. It just isn't the same. Our immune system has a memory and protects itself. For some reason, programmers don't seem to have a memory. How else can you explain buffer overflows still being the number one cause of exploited systems? We all know it, but we just don't do anything about it.
What is funny though is that if we put as much proactive effort and money into combating preventing electronic viruses and worms as we did with polio and small pox, we could probably truly eliminate these things. What people don't appreciate about the diseases that we have 'wiped out' is that there are teams of very dedicated people (like the CDC) that respond to every reported outbreak of one of these diseases. If we tracked down every computer worm and virus the way we handle Ebola, I think this would all come to an abrupt end.
But that would but too many antivirus firms and the like out of business. And we can't have that...
I kind of like how Gmail's policy of "keep suspected spam 30 days, than discard" makes it pretty easy to gauge your spamrate...from this summer, it was above 14K, but now it's closer to 8.5K. I don't know how much of that comes from zombie nets, or if there's some other factor (since I own a few domains, and receive any email sent to them, sometimes I get waves of bounces when someone hijacks my domain name as a from address) but it does seem like spam ain't as bad as it used to be.
SO YOU'RE GOING TO DIE: The Comic for Dealing with Death
You are forgetting that the Viet Cong was a branch of the USSR...the 2nd greatest power at the time. The USSR wanted to conquer and crush South Vietnam more than the US wanted to protect it from the invasion. Hence, South Vietnam's being the loser in the Vietnam War despite having a powerful ally.
Don't blame Durga. I voted for Centauri.
Judging by the numerous virii that I receive in my webmail on a daily basis, I would have to say NO WAY JOSE! Every variant of Beagle / Netsky / you name it is in there. No need to look at the AV sites to see what the latest mass mailing worms are. All I have to do is log into my webmail to find out.
This guy says worms have peaked because they depend on spoofing the sender, and IBM has introduced some sender authentication tech. He made a good call on Melissa in 1999, but I don't see the rigor of this latest pronouncement. He assumes that people will use sender auth, which I don't - people don't even use free firewall SW like Zone Alarm. He also assumes that sender auth use will grow faster than the hosts on the Net, and that the worms' growth is entirely limited by the number of address books infected. Melissa only used the first 50 addresses - what if new worms use all the addresses? And with so many more people in addresses books, the exponential infection growth could easily surpass the exponential authentication growth. He might have had as much hope in widespread spam/virus filtering, which obviously hasn't stopped the tide from rising.
Sender auth is a great help, but it's not enough. And complacency like that in which these researchers indulge is a greater enemy than insecure protocols. Security is an intractable, NP-complete problem, where the pickers are up against the locksmiths every day. Declaring the war over is a sure way to lose.
--
make install -not war
Your post reminded me of harry potter. He-Who-Must-Not-Be-Named
Always cracks me up
As I recall, there was some sort of weird competition going on last year. So was there a "peak" or just an unusually high level of virus creation efforts that could repeat itself in the not so distant future?
does it bother anyone else that the /. "icon" for worm stories is actually a caterpillar.
I'll go back to picking my nits.
Viruses is the correct term for the biological ones. Virii is perfectly acceptable for the computer ones.
Why? Because the English language is constantly changing. New words are invented, and new meanings are given to old words. What is a 'word' is determined by usage. SO if people use "virii" to describe computer, um, virii, then so be it.
You are witnessing the birth of a new word. Don't try to abort it just to be an ass.
From TFA: "The good news now," he said, "is that what Melissa ushered in is finally waning. Mass-mailed worms and viruses reached their peak last year."
I think the blurb is a little misleading. The blurb should have said that the peak was last year and we are on the decline.
The Tasmanian Devil is endangered, but not anywhere near extinct. The "practically extinct" animal you are thinking of is likely the Tasmanian Wolf, also called the Tasmanian Tiger. This animal, however, is much less remembered, due to its extinction(?) and the fact that there is no Warner Brothers cartoon character to make it so everyone thinks it is so cool.
Don't blame Durga. I voted for Centauri.
To be honest, i dont receive in my gmail account mail worms, but that is because gmail executable attachment filtering. But in a server i administer there are a constant flow of mail worms (that dont impact end users thank to anomy sanitizer and ClamAV) but the biggest part of them are not for especific individuals but for randomgeneratedname@mydomain.com, almost none hits a real account. Not sure what or how many worms of this kind are, but a few infected people generates a lot of mail traffic this way.
It is a type of caterpillar known as the inchworm.
Don't blame Durga. I voted for Centauri.
Even if it was possible to say anything has peaked while standing on the peak, I doubt this is true. I wish it was, but just wait until the next major hole in Outlook is found. More users. More windows boxes. More malware.
Thank you for being right.
I would also like to point out to anyone who disagrees with you that nearly all respected linguists (who know more about language than anyone here) do not advocate "prescriptive grammar".
Le français vous intéresse?
Although it's true that living languages evolve, that doesn't give license for people to just make up words or change the meaning of existing words. There are certain rules of etymology to follow. Most words are formed in whole or part from words in other languages (such as Latin) and derivations such as plurality and tense follow common rules. Slang, trademarks, and other words which were in fact made-up don't get officially accepted as part of the English language unless they have achieved widespread usage over a number of years.
I thought that the definition of worms made them diffrent from viruses in that they don't need to pick up a ride on a file, they can come on there own. Maybe this is just another public misconception, like when people call crackers, hackers. We all should know that a statement like "I caught a worm from an email sent by a hacker" makes no sense at all.
Star Trek, there maybe hope.
death of Virus's internet. So if there is not internet then there are no virus's. Woohoo!
Ubiquitously - A Ubiquity Developer Community
You've missed the important variable. A funny joke about homosexual prison rape is +5 funny. An unfunny mentioning of HIV is -1 flamebait. Funniness rankings are directly proportional to funniness. There's not a secret formula for it or anything.
I think the decline can be attributed to a few factors:
1. Increased use of SPAM and virus filters on email, esp. at the provider level
2. It's no longer really a challenge to write email worms, etc. So the only people writing them are the ones trying to work for spammers
The new threat is going to be in viruses written for mobile phones with ever increasing OS capabilities, memory and CPU power. I'm not an anti-MS bigot, but I don't really want any version of windows at all on any mobile device that I store confidential info on. As more and more phones keep coming out that support advanced OS', you can expect more and more viruses for these devices.
On a graph that is increasingly climbing, today is always the peak.
If you mod this up, your slashdot background will turn into a beautiful sunset!
I think malware writers are shifting their focus away from mass-mailed malware to other easier and more effective ways to harm computer users. This article (http://www.keralanext.com/news/indexread.asp?id=1 63468) says that viruses, spam, and phishing scams are still on the rise, which is pretty alarming considering they are already a huge problem.
Number of infections: 0 - 49
Number of sites: 0 - 2
Geographical distribution: Low
Threat containment: Easy
Removal: Moderate
Hmm...
Just FYI, it's the catcher that gets HIV, not the giver.
Also most faggots are not switch-hitters, that give and take, despite all the man-trains you look at on gay porn sites.
More and more ISPs who provide email services are starting to provide free email virus scans.
I receive frequent emails stating that the virus scanner was unable to clean the attachments of viruses, so the attachments have been deleted.
Microsoft might also have something to do with it by finally cluing in that auto-running attachments when you open an email is not necessarily a good thing, and they've taken the "can't save, can't run period" road as being the new default to outlook express, the chance of such a virus spreading this way is severely contained.
With enough publicity of email based virus writers being prosecuted, new would be virus writers might also be detered.
It also doesn't take too many stings for someone to become wary of blindly running attachments. You'd have to live in a vacuum not to see a connection between news reports about the next melissa, or the next netsky or the next beagle virus running rampent and the flood of emails in your inbox enticing you to run the attachment. So even if new viruses were created to propagate via email, the population is on guard.
These factors combined are probably what have caused the decline in self mail propagated malware. It will remain to be seen if the user community and the software provider community drop their guard to allow this stuff to flare up again.
With the drop in this type of malware, is it any wonder why now we are faced with browser exploited malware? I think the virus writers have simply moved on to greener pastures and when that shuts down will probably find yet another unforseen avenue of spreading their malware.
The email spread viruses have probably peaked, but factoring in all the new and creative ways for getting malware, it's just another drop in the bucket.
I don't get new versions of Windows in my inbox!
(I know its obvious, but I couldn't resist!)
Of course they peaked. After Slammer, mail is just way too slow.
The next generation worms are spreading much faster than mail could ever allow, and will continue to pick up speed. I've done some research and a publication more than a year ago on just how fast these beasts could be.
Mail. Pah. Malware authors move with the time, too.
Assorted stuff I do sometimes: Lemuria.org
They certainly had me piqued!
GETPKG - Package Management for Slackware
Due to the distinct lack of thinking machines and robots at Hogwarts School, there might be something to claims of a Dune/Potter connection. Surely the blast-ended skrewt must be related to the Sandworm.
Don't blame Durga. I voted for Centauri.
Now I can caclulate the *EXTACT* percentage of morons using the Internet.. being that anyone with a quarter of a brain knows not to open such stuff (or fixes it within a short time if they happened toopen something).. this "max" should give you a pretty good statistic of the clue-free using the internet.
meh
While gathering such statistical data keeps someone employed and quite busy at that, it doesn't help to remedy the situation.
/. are exempt of course.)
Take for example the rise of free email services (ie. Hotmail, Yahoo!, etc) some years back: They were known to sell off email address in order to cover some operating costs. This was confirmed by researchers who created accounts on various systems (not limited to Hotmail or Yahoo!), and didn't disclose their address to anyone. Several weeks later, SPAM started appearing in their Inboxes. The rest is history...
Other causes:
* Bots/Spiders relentlessly sifting through vast amount of web pages and usenet archives for the simple purpose of harvesting and processing fresh email addresses.
* ID10T errors on the user side as they love to click on attachments they have no clue about.
* Users who participate in chain letters, as anyone's system who is compromised along the way can reveal their email address.
* Poorly configured mail servers who respond to requests for mailing lists.
* Consumers who volunteer their email address to telemarketers, store give-a-way programs, etc. That information is then sold off of course, and voila, more SPAM. Then they have the nerve to ask, why am I getting so much SPAM??!! Bunch of morons!!
With regards to worms and other system exploits:
* Piss poor implementations of TCP/IP (in the case of Windows)
* Weak firewall configurations or none at all (Windows XP's firewall is a joke as it trusts all outgoing connections. Therefore, once the worm has taken hold, it's free to do as it pleases)
* RPC (Remote Procedure Call) and Remote Administration tools implemented on end user machines (If I'm not mistaken, Macs carry these features as well.) This should only be implemented on corporate installations or the like. Since the average end user simply browses the web, checks email and logs onto their favorite IM program, such RPC capabilities should be an opt-in deal. Clients such as FTP and Telnet will still be available, but anything running as a server would be optional, and subject to a two-step authentication before allowing it to listen in on it's given port.
* The wide-spread use of P2P programs with embedded spyware/etc. The user infected by the use of such programs is at fault for this one.
* Unsecured wireless installation in homes. This is a growing concern as such connections are being used to launch DDoS attacks and serve as SPAM gateways, among other things.
(Note: Those using such connections to log on to
and finally...
* CraptiveX (or ActiveX[tm] for those M$ folks out there) - This so-called technology speaks for itself. Oh.. I'm sorry!! It's inherent lack of security is a FEATURE, not a bug.
At first, i thought this topic was about those AOL CD's you get in the mail.
I really wish those would peak...
Get thunderbird. That'll keep you safer if/when the next big one hits.
-----
Check out the Uncyclopedia.org :
The only wiki source for politically incorrect non-information about things like Kitten Huffing and Pong! the Movie !
Please allow me to hate the creator of the 120-character limit: *HATES*. Thank you.
It really bugs me [pun intended] that /. has a catepillar as the icon for Worms.
Even if it's an "inchworm" that's still wrong, because inches aren't metric, and Slashdot should be using metric icons.
Saskboy's blog is good. 9 out of 10 dentists agree.
Mass-mailed worms have reached a peak, so we're now just dealing with tons of the junk, and not increasing tons of the junk! Hmpf... I still wish there was some miracle cure for this that didn't negatively impact your own mail usage too much. :-/
:-)
Electric shocks for people double clicking on attachements to blacklisted messages?
Beware: In C++, your friends can see your privates!
Six years ago, on March 26, 1999, Melissa, the first virus that spread by mailing copies of itself to e-mail addresses it found on infected machines, swept the Internet.
No. That didn't sound right, but I double checked just to be sure.
Morris worm... November 2, 1988
I know you. You're that guy who refused to see that Tom Hanks movie "The Green Mile" because they did not call it "The Green Kilometer". And you always refuse if some friends ask you to go to the pub for a pint or two.
Don't blame Durga. I voted for Centauri.
Yep, you're right.
A worm does not require human intervention to run, infect or replicate itself. Worms are most commonly seen infecting vulnerable services via open ports and then automatically scanning for more machines to infect. Again, worms do not require human intervention.
The email "worms" or "viruses" are actually trojans.
People think the trojan is a screensaver or picture or whatever, they click on it and it installs itself, then it sends copies of itself to other machines.
A virus resides in memory and attaches itself to other files so that when other machines use those files, they will also be infected. The original file is not destroyed and should still function correctly.
Trojans will be around forever. They are social engineering attacks.
Old worms should slowly die as the machines they've infected are upgraded, patched or fail. As more and more machines are shipped with firewalls, the new worms will dwindle, also.
Viruses are failures of the security model of the system. That's why Linux doesn't have any viruses "in the wild".
Truly, this is the Post of the Beast. Behold the spelling! Behold the derogatories! And most sickly of all - the olde, olde, "M$" gag!
...
...)
Now watch, as this post shall slowly be moderated underground to the cheers of Slashdotians everywhere
(Parent is actually quite funny, if you're into that sort of thing. "The rest is history"? But it only happened a couple of years ago! And "SPAM"? Geeks should know better
was a mass mailing worm. This guy says Melissa was first, but in reality it is the oldest propagation vector, dating back to the original great grand daddy of all viruses.
Although it's true that living languages evolve, that doesn't give license for people to just make up words or change the meaning of existing words.
Automobile.
Just to name 1 off the top of my head. (And I didn't even consider computer terms!)
Automobile is a made-up word. It was made up to describe a new invention, oh, about 100 years ago.
Slang, trademarks, and other words which were in fact made-up don't get officially accepted as part of the English language unless they have achieved widespread usage over a number of years.
Duh. And people have been using "virii" for "a number of years". As to wether it is in "widespread" usage, that's a matter of opinion.
In any case, you seem to admit that it is, in fact, 'slang'. So accept it as such, and don't bitch when people use it in an informal setting.
...Kuo also made a call to deal with the underlying problem that allows e-mail to serve as an attack vector for hackers and thieves.
"The mechanism of mass-mailing viruses relies on spoofing the From: address, and that aspect has been taken over by the phishers. This spoofing is the singular point for mass-mailing viruses and worms, for spam, for all phishing attacks.
For phishing attacks: maybe. For everything else: no. Once you have a process running with user privileges, you can impersonate that user without forging any heaers.
We must talk about the realities, so we can confront them, resolve them. Otherwise, the fear has won, and we are defeated
Mass fear allows the powerful to rise even higher. The problem isn't just terrorists, criminals etc... it's the people who use this fear as a distraction from their own agenda.
Like all pain, suffering is a signal that something isn't right
What the hell?
Take off every sig. For great justice.
In a recent interview, he says that he has not seen a single email virus for at least 3 years.....
PENAROL: Seras eterno como el tiempo y floreceras en cada primavera.
Don Knuth stopped getting viruses when he upgraded to the vMac.
Don't blame Durga. I voted for Centauri.
Comment removed based on user account deletion
Sorry to break it to you, half of Slashdot users are below average. What a lousy userbase we have here.
Don't blame Durga. I voted for Centauri.
The people using that fear *are* the terrorists. The people who planebomb buildings are *saboteurs*, a specific (and often shortlived) kind of terrorist. Without the media fear, it's just sabotage. It becomes terrorism when the event is spread through the media - electronic, word of mouth, or otherwise. Terrorism is infowar, and "we" are our own worst enemy. The only remedy is knowledge - the antidote to any kind of fear, which is incubated in ignorance, and spawns anger and violence.
--
make install -not war
"Six years ago, on March 26, 1999, Melissa, the first virus that spread by mailing copies of itself to e-mail addresses it found on infected machines, swept the Internet."
Pshaw, Good Times had been doing that since 1994! Now there was a horror to behold! Back in the day, we all had to incinerate our computers whenever we got an email with the words "Good Times" in the subject! And even that wasn't enough sometimes!
... months, certainly, years perhaps.
...
My ISPs believe, correctly, that I don't wish to receive any emailed viruses, and throw them away for me. (Yep, there are even Linux server-side detectors for Windows viruses.)
Now, if only I could get them to do the same for spam
Your program has control over data it produces internally. But there is no such control over data coming in from outside. User input, for example, can never be trusted, and must be verified for conformance to the requirements of your algorithms before it is used. Data coming in over the network is even worse... Not only does it come from outside of your program, but it comes from outside of the computer, and even from the other side of the globe.
The trouble with too much software is that too many assumptions are made about data, without respect for the fact that computers are GIGO systems: Garbage In, Garbage Out.
I think most programmers have gotten that memo... Except the ones working for Microsoft.
Yes, Macs do have those features. But they are turned off by default. You need an admin's password to turn them on. There are Remote Apple Events, which are also turned off by default.
You're thinking of Remote Desktop or something, right? Which requires the (rather expensive) software to connect to if the computer is set to allow the connections.
Of course, you'd wonder why people were using a convoluted irregular plural when the vast majority of words and nearly all new coinages in standard use use the regular plural form in English. But never mind.
If anything, I've been helping more and more people rid their computers of viruses/malware that two years ago.
there is hardly any software at all for the mac, period. Developers stay away from it. The bad side is that there are so few applications. The good side is that there's so little malware.
once microsoft provides new methods for incubation and caring for worms, the authors will be able to innovate and provide new and better viruses that do the same thing but take twice as long to be detrimental..
or something like that...i'm tired of being offsenive now..
Ive seen serious virus infections drop pretty significantly over the last year. Not because people are more prepared or knowledgable (perhaps they are?). More because when they are infected with a more damaging virus there computer begins to really have problems, and the first they do is call us techs, and we fix it, stopping the problem there. Additionally spyware has help thwart viruses... since spyware tends to cripple the computer, the first thing they do is call us techs. The first thing we do, is run anti-spyware and anti-virus scans, killing both and updating their norton.
Hopefully soon there will be a good spyware program that we can upgrade and forget like norton (yes i know it doesnt always work that way)-- then the general public should be much better off (assuming they have techs who upgrade it for them *wink*)
Mike
I heart the RIAA & MPAA, im sure its mutual...
> * RPC (Remote Procedure Call) and Remote Administration tools implemented on end user machines (If I'm not mistaken, Macs carry these features as well.)
Yes, Macs do have those features. But they are turned off by default. You need an admin's password to turn them on. There are Remote Apple Events, which are also turned off by default.
I made the reference in case some readers weren't aware of it. Such services being disabled by default provides a more secure OS out-of-the-box, especially when it comes to the average user.
You're thinking of Remote Desktop or something, right? Which requires the (rather expensive) software to connect to if the computer is set to allow the connections.
Nope, just what I said above.
I think you are absolutely right. The terrorists' most powerful weapon are the media. Possibly if the media were not telling us about those attacks, no one would be afraid of being blown up. But what solutions to this problem should there be? The media cannot just stop informing us. One might tend to say they should not report on terrorist attacks. But there would surely be some other way of keeping people afraid. And who would be to decide what to hush up? Government? No, this is a much too serious matter to be entrusted to a limited group of people!
I think the only solution is to make almost any information freely available. One would be less afraid of the Arab next door if one knew about his culture and just talked to him. IMHO educated people have far less problems when dealing with new situations, simply because they get used to the feeling of being confronted with something new. You often face something new when trying to understand things. Thus knowledge should be freely available and every human should be able to access it. Unfortunately this seems to be a utopian idea.
I haven't seen any viruses either, since using ClamAV and my spam has gone down to almost nothing thanks to Spam Assassin - but that doesn't mean that the idiots are not sending it to me anymore.
The only way to address bad info, whether lies or just bad news, is for more information. Context, corollaries, connections, discussion. The world is a complex place, where constructive growth vastly outweighs the bad actions and structures. Free expression is much more powerful than propaganda, especially when interactive and independent. So people can talk amongst ourselves about info we're getting. We've got a nascent P2P culture, on a P2P-oriented infrastructure. But it's up against the traditional media, which is highly centralized, with coroprate interests that conflict with both free expression and even stopping terrorism.
;). People always say "education" is the antidote to ignorance, fear and propaganda, but they're thinking of school buildings, state-sponsored/accredited teachers, more centralized official knowledge. The great strength of people is in our ability to communicate with each other, our desire for other people with whom to communicate. As we get past the huge edifice of traditional media institutions, into our global communictions mediasphere, we'll have the chance to leave terrorism as far in the past as maps with gaps labelled "here there be dragons".
:).
Any idea that requires perfection for execution is "utopian". But increased/improved communication is a practical reality that gains ground every day. Most Slashdotters are building the solution, both in our work, and the Slashdot discussions that work distracts us from
For a more specific set of insights, I recommend McLuhan's War and Peace in the Global Village. McLuhan pointed out that every new tech has brought a new kind of warfare, and identifies infowar as the spawn of mass media tech. Understanding the beast is the key to hunting it. Just be sure to eat everything you kill
--
make install -not war
There's making the information freely available, there's taking realistic and reasonable precautions and then there is terrorism and propoganda. For example, consider aircraft security. First off, planes are far from the biggest security concern. Sencond, the effective measures (marshalls, conckpit doors, terminal monitoring) are largely invisible to the public. So the whole take-off-your-shoes thing is mostly to make the public feel safer, right? Does it? Does anyone with any connection to the decision making process honestly think that such steps make the public safer or even feel safer? Probably not. More likely such visible steps are intentionally used to increase fear. As the PATRIOT act proves, a public under the grip of a terrorist agenda can easily be manipulated.
a pessimist says: it can't be any worse than that.
an optimist replies: no, it will be, it will be.
that virus writers have turned to more lucrative malware such as phishing, working with organized crime, etc.
As Don Rickles used to say, "What? That's better?"
I suspect that Microsoft will now attempt to use this fact (if it is a fact) to say, "See? Our security is better now!"
Bullshit.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
http://www.lemuria.org/security/WormPropagation.pd f
You fucked up, Tom. You must have copied a path to the file from your home directory or something.
That said, article looks interesting. Am giving it a read.
Aren't all fish bald?
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Combine them and its still a +4.
They usualy have management jobs. Hey guess what, our Vice President just opened up an attachment in email and now our whole network is down while IT tries to remove the malware infections.
I still see infected malware emails, my AV program detects them.
Yet there exists a problem caused by a few factors:
#1 Managers are usually given Administrative access to their machines. This increases the risk for infection.
#2 AntiVirus software uses a subscription model. If Management is too cheap to renew licenses, they can end up without protection from new malware. Most managers are unaware that AV software actually scans for signatures and that the signatures of new malware are different from the old ones.
#3 Those without Administrator access, cannot properly update their AV software. Imagine a McAfee VirusScan software not being updated since 2003. You attempt to update it, but the system fails to install the new software because you do not have access to install. The path to the AV data files is marked as read only. Yet Malware can easily infect your machine. I've seen college labs full of workstations with older protection that is unable to be updated. I can only guess that corporations are full of machines like that as well.
#4 Some viruses like to set the clock to the year 2000, hoping to trigger Y2K issues. Most malware kills itself after a certain date in the future. If the year is always 2000, the malware will not kill itself.
#5 People still download software willy-nilly from the Internet from file sharing networks, web sites, and IRC channels without scanning them first and then they run them. People are still getting malware infections this way, more so than the email attachments. All malware did was evolve from the email attachments to infecting software for download on the Internet. For example, one malware for OSX was a Word 2004 installer program, which actually was not a Word 2004 installer but a program script designed to delete all files on the OSX hard drive. It seems the age of the cuckoo egg malware infections have replaced the age of the email attachment malware infections. A cuckoo egg being a file you think is one thing, but it actually turns out to be something else.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
Marge: "Homer, why did you spend all of Lisa's college money on tickets to Vietnam?!?!?!
Homer: "Mmmmmm. dung-covered steaks. mmmmmm"
Don't blame Durga. I voted for Centauri.
The computer isn't broken, it just has a hosed windows install. And you don't have to "fix" it,why waste your time with bug be gone crapola just to have to do it again next week, when there is no absolute need for it, you can just ignore it. No reason to abandon the internet, the net is just too useful. Why don't you be a pal and get your friend a live linux Cd to play with? He can be back online surfing relatively safely in five minutes. It's a nice break from malwarez and there are a ton of them out there now, knoppix being the most famous of course. And they are about as easy to use as you can find out there.
The latest I have used, just got them this week, are austrumi 0.94 (IMO the best mini distro, runs entirely from RAM, then ejects and frees up the optical drive, and is *fast*) and SimplyMempis 3.3 (full complete distro, nice polish to it). Run them live or option to install to hard drive from the same disk if you like it. Cool beans and stuff.
"Combine them and its still a +4."
No, +4's are those funny pants golfers wear.
(This post provided as an example of -1, Offtopic for the information of the public).
Blank until
Yeah, I only got 73 unsolicited emails informing me of this, so, yeah, I guess it has finally peaked at last, thank goodness. Of course, some of them were from people I don't know and some were from people I do know, and so it's impossible to tell which were automatically sent to me by worms and which were sent to me by helpful friends who often act like worms.
- Network operators have blocked outbound port 25 for large chuncks of the net -- protecting the net from their infectable, directly networked machines.
- Mail admins have installed virus filters on most legitimate MTAs that touch the internet.
- End users have figured out that they really do need virus protection. Even if they "just" use their computer for browsing and email.
- Microsoft got lots of their users on Windowsupdate.
- Legislators have passed some laws. Eg, making it a felony to use zombies for sending spam. (The virus writters might be hard to catch, but the spammers that buy/rent zombies are much easier, and they are the source of the money.)
All of these help a little bit, and there's a network effect with some of them. For example, mail admins a year ago had trouble installing virus filters because there were so many viruses loading down their servers. Now with other mailservers dropping the viruses quicker, it's easier to add the filters. There's also a network effect for the virus/worm writers. If its harder for them to get new zombies (and many of the zombies can't be used for spam), there's less profit motive to write the viruses to get the zombies.It's always been my "utopian" dream that the internet will evolve into the answer that good men have been lacking through the ages. The minorities in power have always relied on misinformation, lack of information, and the physical suppression of ideas to retain their control. The distributed and instantaneous nature of the 'net make the suppression of information much more difficult. I want to believe that man has evolved to the extent that having access to accurate information and communication with other cultures will open our eyes to the REAL us/them problem. It relies on each of us accepting the responsibility to discover the truth as best we can and taking responsibility for not just our own actions but for the actions done in our names. Is a man innocent if he knows his government is acting wrongly and he does nothing? The difference between terrorists and freedom fighters is often defined by whoever is writing the headlines - or more accurately - whoever is paying for the headlines.
My great worry is that people CHOOSE to remain ignorant. It's easier and more comfortable to sit in front of the plasma tv and watch the game than to risk the powers that be's ire. After all - they said those guys are evil - so that MUST mean we're good - right? And if you say anything different? Well that must mean you're evil too. If you're not, I might have to pay attention to what you say. And I might have to DO something uncomfortable, maybe even dangerous, like stand up for the truth. Naw, I'd rather just watch a little tube and order out for pizza. Business as usual, just like the President said. I mean, that IS the American way, right?
billy - who loves his country and fears for its honor
All that information is interpreted in a context. Controlling the context is the most efficient way to control the information, or more importantly, its effect. Right now, the corporate broadcast media is cracking under the strain of defining the context to turn most information into noise. We're in an evolutionary watershed in the memepool (to mix metaphors like a Beck thesis). Our society will emerge within the next 10-20 years evolved, if it survives recognizable at all. I do everything I can to help people talk, to keep us engaged, to listen and learn. As long as we're able to keep doing those things, we haven't lost, and maybe we've won.
--
make install -not war
Well, that's well and good, but I already noticed that your perception of ignorance is not, how to put it, "viewpoint neutral." Be sure not to mistake disagreement with your conclusions as ignorance. For example, it is quite possible for a thoughtful person to think about what they see and hear, and conclude that people who blow up buildings full of innocents are bad, people who build democracy from tyranny are good, and that some pizza sounds pretty good right about now.
The search for truth is noble. But in adjudging others of ignorance, do not assume omniscience upon yourself.
If you don't know where you are going, you will wind up somewhere else.
But what do we know about Tasmania here? Thanks to a Warner Brothers cartoon called "Taz Mania, most Americans think that the place is an angular desert inhabited by nothing but talking Tasmanian Devils.
Don't blame Durga. I voted for Centauri.
ahh, I'm in the same boat with downloading distros, stuck on dialup here for the time being. the minis I am able to download and burn though, usually just start it at night before I go to bed, done in the morning. For larger ones I either send away mailorder for a few dollars to any of the clone makers, or I get a friend of mine in a local whitebox shop who has a dsl connection there to download and burn them for me (handier than mailorder). I give him a buck or two per disk. That's how I got my copy of simply mepis this week. That's what I use for my girlfriends computer (an older one that has 98se on it), I just give her a live CD linux to run, eliminates quite a few cross room "service calls", heh! And I don't worry about the hardrive getting hosed at all either with that technique. It's as close to a no brainer as it gets.
Some decent minis to try are Feather, Puppy, DamnSmall, Austrumi. The last three are at 50 megs, Feather is over 100 now, but that is still quite a bit smaller than any of the normal full bloaterised distros. Of those 4 I like Austrumi. A note on that one, the developer is quite good at packaging and coding, etc, but he is Latvian so it default boots into that language. Once it boots, hover your mouse at the bottom of the screen to raise the task bar, mash the start menu button, look around for a UK British Union Jack flag symbol, mash that thing, it will reboot into (mostly) English. Had me faked out deluxe until I rebooted back into my regular desktop and went to their forums to see how to do that, pretty funny really. Besides that it's a small fast distro, has enough for your normal surfing needs, along with some other proggies of course. The console dialup tool works quite well with my external serial modem, but I don't know about the broadband connection scripts, although apparently from reading their forums it works as well. The developer chose Opera over Firefox browser, he says it's a much smaller resource program than FF, and that's what his distro is about, small, fast, complete enough to be practical.
Anyway, good luck, hate to see someone so turned off from windows malwarez that they stop using the net. Sort of telling isn't it?
I see more and more computers
Its been only 2days since i have installed win2000 on my machine, which many people recommended to be safe,and now my comp is filled with viruses!!
I have visted a few finance site like yahoo finance,checked mail etc.I have no idea from where these viruses came from!!!
Oh yea, i got NAV2003,ZA firewallAdaware,spybot etc, but nothing seems ward off viruses n trojans....
So ,what iam trying to say is , there isnt much to be happy about the decrease in the mass mail worms.They have adavced such that,merely connecting to internet is enough............
At this rate,iam beginning to fear using comps ,althoug i have used it for more than a decade.
Why does yahoo do this
Thanks for making my point. I notice you don't question the WHYs behind peoples actions. Is it possible that the 9/11 terrorists were fighting the tyranny supported by the US in their country (Saudi Arabia)? If someone thinks attacking your country is important enough to PLAN to die, don't you think it's a good idea to try to understand why? Refresh my memory - how many different reasons for the war in Iraq did Bush try before settling on 'Democracy'? When the bombs were dropping in Baghdad, I wonder which of his reasons made the innocent civilians getting blown up more comfortable? Isn't it just possible that there are flaming assholes pushing their own agendas on both sides? This IS a democracy, which means that while I may hate THEIR assholes, in the end, I'm RESPONSIBLE for mine. It's awfully easy to take the comfortable way out and reach for the pizza - but if everyone did that we'd all be using Windows.
billy - you can ignore the Constitution when you pry it from my cold, dead fingers