Slashdot Mirror
Sober.P Worm Accounts for 5% of all Email Traffic
destuxor writes "The grave insecurity of the day is the Sober.P worm which is currently pushing nearly 5% of all email traffic at the moment. Unlike previous worms, Sober can disable the Windows Firewall and Symantec Antivirus. Interestingly, patched machines are not vulnerable to the exploits used by this worm. What are we going to have to do to convince "ordinary users" to visit WindowsUpdate once in a while?" update percentage corrected.
I read that the article refrences that it only comprises 4.65 percent of all email traffic? Where does this article say 25 percent???
My UID is prime is yours?
What are we going to have to do to convince "ordinary users" to visit WindowsUpdate once in a while?
Easy. Make it an invite-based system. People take for granted what they can get effortlessly.
Add a cost to it, and people will appreciate and use it more.
From the first line ... 5%, not 25%. Big difference ....
Alison
"It is a miracle that curiosity survives formal education." - Albert Einstein
It's been my experience that it is almost impossible to get ordinary (read: non-computer) people to update their machines, be it Windows or Norton Virus updates. The only way that most of them will get these updates, ever, is if 1. Someone does it for them, or 2. If it is automated, and does it for them.
Otherwise, they just don't see the reason to, don't have the motivation to, and just plain don't care.
be brainwashed into believing that the computer is an easy to use appliance, like a toaster or TV, and NOT a potentially hazardous tool like a chainsaw.
That this has become the holy grail of huge numbers of Linux afficianados is likely the worst thing there is for Linux. Instead of promoting Linux as the 'thinking man's alternative' most of it's fanbase has bought into the whole 'computer as appliance' mindset.
Give a man a bananna and he might choke on the skin. Teach him to peel and he'll be hell's bells.
What are we going to have to do to convince "ordinary users" to visit WindowsUpdate once in a while?"
The problem is, MicroSoft went a long way to tell people that no, they can not trust them when it comes to privacy. People from random businesses around here are pretty paranoid now -- I've talked to the CEO of a ~300 employees big company who, albeit a non-technical user himself, went on a long tirade about not letting Windows phone home.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
As much as I'm a Linux fanboy, that's not going to solve the problem.
Setting aside the debatable 'inherently more secure' argument, unless distros start doing something rash like including and starting an 'apt-get update && apt-get upgrade' cron job, they're going to hit the same problems if a nasty worm comes out that affects on or more distributions of Linux (eg. a SuSE worm, etc).
Rsync isn't really an option for updating windows since the patch usually changes few dlls to different ones.
Most people don't have broadband, but most people don't have fast computers either, it might take long time to compile the source distributed update.
And your average joe won't have compiler on their machine anyway.
I'd remove compiler from linux workstations too. The normal user, who surfs and reads email on the machine, won't have any need to compile things.
If local patches were used, I wouldn't worry about gpl coders peeking the code. I'd worry about worms patching the source code and creating new holes through modifying patch sources.
There are no atheists when recovering from tape backup.
I officially retract that last comment. The grammatical mistake was more retarded than the quote it was making fun of.
*blinking cursor*
It doesn't have to be in the same high-level languge the OS was written in; it could be a compiler-specific intermediate language, like GCC's SSA.
Such an arrangement offloads some of the compiling process to Microsoft's servers, and obfuscates the patch.
The compiler included with the OS doesn't even have to support any other language. And it can require a signed certificate from Microsoft to accept the code.
tasks(723) drafts(105) languages(484) examples(29106)
If virus writers ever changed their tactics from one of "sneak in and just borrow their CPU cycles and bandwidth for my bot-net" to one of "let's infect, spread, then kick them in the nuts" people would take notice once again.
Several years ago there was a virus that went around replacing jpegs with copies of itself (or something). My friend had a struggling web-hosting business where he hosted websites for about 100 different small mom-and-pop shops. Even though I warned him about the risks of viruses and that he should run his site with Linux/Apache he didn't listen. That virus wiped him out.
No, he didn't have up-to-date backups. But guess what? He keeps meticulous backups now and keeps his computers patched with up-to-date virus software and only connects to his web server via ftp (no mounted shares any more).
Alas, he still hasn't embraced Linux or OS X, but at least he's not part of the problem any more.
Just think what would happen if a virus spread around and just looked for .xls files and quietly changed all the 3's to 7's? How far back would companies have to go into their backups to be sure they had a known-good copy? D'ya think they might take viruses and security more seriously then?
The last major hassle we had with a worm was primarily due to the enormous amount of traffic it generated, bringing our networks to their knees. That was an annoyance to management, but they saw it as a network problem - not a virus/worm/security problem.
One of these days some one or some group is going to unleash a virus that really IS going to do real damage. Maybe then people will realize that they aren't sitting in front of an internet toaster, but sophisticated computing device that has a tremendous impact on many aspects of all of our lives.
"terrorism" and "pedophilia" are the root passwords to the Constitution
It's interesting because it means that there are still enough unpatched machines out there for a worm to gain serious traction without uncovering new technical vulnerabilities. Worms that hit patched machines are technologically interesting, but those are problems that can be fixed (eventually) by patching. A technological problem with a technological solution.
But it appears that even if a putative Service Pack 3 were flawless, there would still be massive worm activity in those who haven't patched. And if they haven't patched by now, they're not gonna, and that means we're going to be dealing with this problem for a long time to come.
It's a non-technological problem, so there may not be a technological solution. (Me, I'd like to see ISPs start throttling infected users, but that's a whole separate can of worms.)
If a student or member of faculty comes in with malware problems for the first time, I fix it for them and I give them a Gentoo Linux install CD to go away with. If they come back with viruses/spyware a second time, I tell the luser to stop bothering me, and that I gave them the solution to install last time.
Remind me not to hire you after you (maybe) graduate.
"I work at a University IT helpdesk, and after far too many malware problems from far too many dumb lusers (and many of them repeat visits), I've adopted a new policy. If a student or member of faculty comes in with malware problems for the first time, I fix it for them and I give them a Gentoo Linux install CD to go away with. If they come back with viruses/spyware a second time, I tell the luser to stop bothering me, and that I gave them the solution to install last time."
Let me guess - all those stereotypes about antisocial computer geeks seem to have originated in your general vicinity, am I right?
#DeleteChrome
Someone should write a white-hat worm that brings the machines up-to-date with security patches, turns on auto-update, sanitizes the computer and reboots...
Before everyone starts screaming that you can't release a white-hat worm, please consider the situation we are in today; Hundreds of thousands, if not millions of zombie machines are sitting out there doing the bidding of criminals to extort money from sites that fear DoS, fill our inboxes with Spam, spread virus and trojans that install keyloggers, attempt to get access to your financial and other accounts, etc.. etc..
On the one hand, we have total anarchtic hacker mayhem (today) and on the other, a sanitized Internet at the cost of using the techniques employed by the shadowy side of society.
I really doubt that many people would have issue with this. Hell, it should be done in the name of national security. Really... And anyway, if your machine is susceptible to a white hat worm, it is equallyt susceptible to the bad stuff, which means it is pretty much guaranteed that you already have a bunch of nasty stuff installed on it. A white hat worm will provide some relief.
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator