Slashdot Mirror
Windows Infected in 12 Minutes
Uber-Review writes "The speed with which PC's can become infected has now shortened. If your Windows computer is not properly protected,it will take 12 minutes before it becomes infected, according to London-based security company, Sophos. They have detected 7,944 new viruses in the first half of 2005, a 59% increase over the same time span last year."
And Slashdot can apparently be infected with a dupe in as little as 5 days!!!!
Don't mod me, bro'!!!!
Not to mention the original article was a lot better, and not a link to yet another news aggregrator that in turn links to another site: http://www.globetechnology.com/servlet/story/RTGAM .20050704.gtvirusjul4/BNStory/Technology/
Will wank off Linus Torvalds for fame.
Honestly, who cares anymore? We've all seen this exact same story with some slightly different words or numbers in about 100 different places. Use a firewall or don't use windows, I get it. Let's get on with our lives plz.
No, this time it was another windows machine that was infected in 12 minutes. Expect to see 200 million similar stories in the next week or so.
I'm waiting for a dupe in 12 minutes, now that would be good! :D
So there are variants and minor changes... do we really count these as new viruses?
ogg
Black cat, searing pain, flames...? I must be in Heaven! - Homer Simpson
The Internet Storm Center is tracking a similar number for while. See the "survival time". It has actually improved over the last few months!
---- join dshield.org Distributed Intrusion Detec
Speed doesn't shorten, kids; perhaps the OP meant "increased?"
"Windows infected in 12 minutes."
there is a new virus that causes the same news story to be posted twice
Hey. I saw this episode on Star Trek. The same thing kept happening over and over again until Data finally kept the ship from blowing up. /. Now we need to repeat all of our original posts, while sending a message with tachyon beams back to our original selves...
That's what's happening on
Blog's Up!
12 minutes hey. Gee I thought IE opened up quicker than that.
For years I have run Windows straight out of the box (no firewall, no security software, nothing), and I've only ran into two viruses -- one through Kazaa, and one through IRC (both my fault).
I can understand that Windows is vulnerable -- but if I've managed to run Windows for many years without any major problems, then I'm curious what they are doing during these 12 minutes to arrive to such a conclusion.
For he today that sheds his blood with me shall be my brother.
London-based? They're based in Abingdon, Oxfordshire, England. Does English now automatically mean London-based or what?
+Pete
Score:-1, Funny
I'm tired of talking about tech fixes to Slashdot's dup plague. It would stop if the editors would just read the damn front page.
--
make install -not war
But the funniest thing about the link is the one and only comment on there that says "Crappy article, but this girl will warm you up inside" and then gives a link to something that would probably lead you to the very exploit it is talking about.
Just leave your computer open and live on the internet without a firewall. I guarantee you that in less than 30 minutes, you will porbbaly catch something.
It's even faster if you have a static I.P.
I know, i was testing some vpn inside my company and i hooked the laptop to my external hub and it took about 20 minutes to get a worm, and i wasnt doing anything and my win2k was fully patched.
Do the editors of Slashdot actually read the site regularly? If not, should they be posting articles to the front page?
Followup question: Isn't this common sense?
My Windows blue screens in nine minutes, so I'm safe.
The global economy is a great thing until you feel it locally.
A herd of buffalo can only move as fast as the slowest buffalo. And when the herd is hunted, it is the slowest and weakest ones at the back that are killed first. This natural selection is good for the herd as a whole, because the general speed and health of the whole group keeps improving by the regular killing of the weakest members. In much the same way, the Internet is only as good as the slowest Windows members. Excessive going online, as we know, gets Windows machines pwn3d. But naturally, it attacks the slowest and weakest Windows machines first. In this way, continuously going online eliminates the weaker Windows machines, making the Internet a faster and more efficient place.
Shameless parody of the 'beer is good for you' joke
Free XBox, PS2
At least it's stable. It's exactly the same amount of time as the last time slashdot mentioned this.
Here's a solution.
*dodges flying tomatos*
OK, OK, here's a patch.
*runs*
Beware: In C++, your friends can see your privates!
pot. kettle. black.
That is why you unplug the computer while you install Windows and security programs. Have that stuff burned to CD or on a back up hard drive. You really don't want to be online right after a fresh install of Windows. I don't have my computer online until I have installed service pack 2, Anti-Virus, and Spybot.
Have you done extensive tests on a range of IP addresses, or are you just extrapolating based on a single result?
You can get robbed in a little as three minutes in Downtown Detroit if you walk around counting large stacks of cash.
The internet is not a nice place. Evolve or die.
There are some people that if they don't know, you can't tell 'em.
When MS_Blaster was at its peak I had computers that were infected before the install finished if I left it connected to the internet.
I seem to recall some cases of software firewalls (if this is what you meant) which don't initiate before the NIC driver comes online, meaning the PC has a few seconds where it can acquire an IP and receive packets before protection commences.
Good design practice should prevent this but it'll never be quite as good as a hardware f/wall. Decent FW devices can be found for very cheap prices now.
If you really can't run a hardware firewall due to a need for many open incoming posrt, the 2nd-best solution is to use a modem with routing ability and direct ports 445, 593 and 135-139 to a dead address (remember to send them to an address outside the router's DHCP range so that address can never be assigned to an unprotected machine). These ports represent Windows file/print sharing, RPC Endpoint mapper (a major exploit target) and RPC comms ports. Killing those 5 ports stops 80-90% of remote attacks, although if you are running a web server, but not actually serving remote users, block ports 80 and 8080 as well to kill frontpage server extensions overflow attacks.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
There's no way linux can beat windows speed record now!
This would be cool if the hunting actually culled the herd but it does not. The infested members of the herd continue ramble on like... zombies. In so doing they are able to impact the rest of the herd and slow it down rather than speed it up.
An Ebola type strain of computer virus might actually be a public good. It would kill off these flu ridden beasts, put them out of their misery and prevent them from continuing to harm the rest of the herd.
Ra's al Ghul anyone?
A Pirate and a Puritan look the same on a balance sheet.
Each minor variation means that the old anti-virus signatures won't catch it.
So new signatures have to be downloaded.
The problem is that any error in that and you're vulnerable to these "new" viruses/trojans/worms.
The real problem is that the infection routes on Windows still haven't been closed.
If you're running a router then just enable NAT and bingo - a simple firewall. I always deploy ethernet ADSL modems now for many reasons - but this is the main advantage.
...)
1. Go to new site
2. Plug PC into modem
3. Configure modem
4. Plug phone line into modem
5. Download latest windows patches
Note that at stage 5 the PC is already protected by a firewall. Just need to AV and patches to protect against email, adware etc.
But then I also configure Thunderbird - which limits the email viruses as well (the number of times I've been called becuase a user can't open an email containing a virus
By "Windows" they mean Windows XP pre-service pack 1 which was released in 2001.
So, what they're saying is: "if your unpatched 4 year old operating system is connected to the internet, it'll get infected pretty quickly."
Granted, pre-sp2 versions of XP has security that wasn't exactly the greatest and, granted, post-sp2 it still isn't perfect (and I'm not defending that) - but the above statement is like saying "if your vanilla install of Redhat 7.2 is connected to the internet, it'll get infected in a couple of hours".
The latter isn't fair to Redhat and so I don't see why it's particulary fair to Microsoft either.
Avantslash - View Slashdot cleanly on your mobile phone.
two words
XP SP2
and if you don't have:
install XP, then switch on the damn firewall before you plug in the bloody ethernet cable
Screw you all! I'm off to the pub
But what I want to know is how do these machines get infected???
It is certainly easy to get infected while using e-mail or surfing. But now that SP2 comes with a firewall turned on by default, shouldn't it now be impossible to infect a SP2 machine without some sort of user intervention?
Does the SP2 firewall have some holes pre-poked in it already? Are there flaws in the firewall?
"-1 Troll" is the apparently the same as "-1 I disagree with you."
that the editors of slashdot don't even read their own website
i'm a casual reader, and the dupes jump out glaringly at me just from reading the titles of articles
you would think then that an editor would have a little more exposure than me to the content coming into and out of slashdot, no?
hey editors: you have meta-moderation, how about meta-editting?
from your logs, identify readers who have read the website daily for a few months, and just as you randomly nab people for meta-moderation, randomly nab this pool of readers to review a story before it is published for dupes
leave the story in a holding area for a few hours, and if 5-10 of these regular readers look at it and don't have any dupe complaints, send it to the front page
because you have serious problem with all of these dupes
you need a solution
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
No, this has nothing to do with an email client. This is for a system connected to the internet and just sitting there with a default install.
These guys don't know what they're talki... [NO CARRIER]
Right.
WinXP boots to the desktop quickly, allowing the luser to screw himself more quickly.
Oh, wait, I forgot - XP SHOWS the desktop quickly, but you still have to wait up to a minute for anything else to happen as Windows fumbles around in the background trying to find the rest of the system - including the DSL connection.
God knows what the security state is as XP stumbles around back there dragging in useless services and pumping out thousands of log entries that no customer actually ever asked for. Fortunately, since nothing can be done until it finishes, it probably means nothing can be done TO it as well.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
1) Start
2) Post dupe.
3) ???
4) Profit!!!
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
The thing is, to take them seriously, we need better evidence than we have. If it was an independent organisation, then we could reasonably assume that they had a reliable testing mechanism. Sophos are far from independent. They need to present better evidence, especially if they're going to be as specific as 12 minutes.
Anecdotal evidence does not make their result any more reliable. I can find dozens of people who will provide an example of just about anything happening. It doesn't make it any more likely. You may just have been unlucky. A single sample is by no means representative, especially a sample that is self selecting. All the people who didn't get a virus in less than 30 minutes would not bother to respond to my comment.
Is it possible that a computer will be infected in 30 minutes? Clearly it is. Will that happen to all computers? Perhaps. Is the average 12 minutes? We don't know. The only evidence is from a company that makes no mention of their methodology, and has a definite reason to be biased. It has as much validity as a Microsoft sponsored report on Windows cost of ownership vs. Linux. Nobody would believe that, so why believe Sophos?
This is as wonderfull as the Zombie Dog story last week. No facts, no information about the PC, connection, patch history, viruses, etc. Just some random number and some advertising.
Big suprise, the world most popular OS has the largest number of virus's written for it. Another big suprise, leave your machine unpatched and unprotected on a network and it'll get infected.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
I want to know what was the methodology used? Was this just a box plugged into the net without a firewall? Were they connecting to web sites (if so what ones?) Where they checking mail (what client, was the email address new)? Etc
It would be very easy to build up a system and get it infected though use, but there is no real information to tell us how real world it is, just to scare us (or make us happy we use a different OS).
What do you know I wrote a novel
Putting London in the right country is probible a good as it is going to get in the US. Why do you think the New Mexico license plate have "USA" on them?
For stories that subscribers can see from "The Mysterious Future", but a button that can be clicked on the story title if the poster thinks the story is a dupe. I realize that each Slashdot author doesn't read every story that is posted, but enough other people would notice that dupes could get caught before they make the main page.
beware the jabberwock, my son! the jaws that bite, the claws that catch!
Just think about it for a second. A Windows XP computer is infected within 12 minutes because of unpatched exploits that need to be updated from Microsoft. It's worms getting through open ports that infect the computer once it's plugged into the internet. A hardware firewall takes care of that worm traffic.
But theoretically, those ports should be closed on Fedora already. And since most internet attacks are meant for Windows anyways, I should be safe not using the hardware router. But the truth is I don't know enough about the innards of Fedora 4 to know if it's a safe move or not.
That's why I asked. Because Windows problems != Fedora problems necessarily.
>>The first rule of PATRIOT act is do not talk about PATRIOT act
>Has it occurred to you that your sig is lying? There's no provision in the PATRIOT act that says you can't talk about it. You're just adding to the incoherent ramblings of the Left, which nobody listens to. There are plenty of real problems with the PATRIOT act, but your sig does nothing to address them. It's actually hurting by further making its opposition look like idiots.
Oh wise AC, verily, my slashdot sig is not doing enough to change society's problems. For that, I apologize profusely.
$8.95/mo web hosting
Remembers me the joke of the two guys in the jungle who see a lion.
The first one start immediately tying is shoes, preparing himself to make the run of is life.
The second one say: "What the hell are you doing, do you really think you can run faster than the lion?"
The first guy answer: "I am not planning to run faster than the lion but faster than you!"
Yahh, hiii haaaaa! -Major Kong, from Dr. Strangelove
If I can beat Super Mario Bros. 3 in less time than it takes to have my unprotected machine infected, then my machine isn't being infected fast enough.
The 11 minute barrier is still alive!
The retail and OEM versions of XP have been the SP2 version since Fall 2004.
-- "I never gave these stories much credence." - HAL 9000