Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Infected in 12 Minutes

Posted by CmdrTaco on from the now-that's-what-I-call-secure dept.

Uber-Review writes "The speed with which PC's can become infected has now shortened. If your Windows computer is not properly protected,it will take 12 minutes before it becomes infected, according to London-based security company, Sophos. They have detected 7,944 new viruses in the first half of 2005, a 59% increase over the same time span last year."

36 of 355 comments (clear)

  1. Nice... by j0nkatz · · Score: 5, Funny

    And Slashdot can apparently be infected with a dupe in as little as 5 days!!!!

    --
    Don't mod me, bro'!!!!
    1. Re:Nice... by m4dm4n · · Score: 5, Funny

      Actually thats a well protected and patched uptodate slashdot. Some slashdots can dupe within hours.

      --

      No France
  2. Holy Dupes, Batperson! by Willeh · · Score: 5, Informative
    http://it.slashdot.org/article.pl?sid=05/07/01/021 8209&tid=172&tid=220&tid=218

    Not to mention the original article was a lot better, and not a link to yet another news aggregrator that in turn links to another site: http://www.globetechnology.com/servlet/story/RTGAM .20050704.gtvirusjul4/BNStory/Technology/

    --
    Will wank off Linus Torvalds for fame.
  3. Woop-de-freaking-doo. by MasamuneXGP · · Score: 5, Insightful

    Honestly, who cares anymore? We've all seen this exact same story with some slightly different words or numbers in about 100 different places. Use a firewall or don't use windows, I get it. Let's get on with our lives plz.

    1. Re:Woop-de-freaking-doo. by digidave · · Score: 5, Interesting

      I guess one of the problems is that you can be infected before you have a chance to download a firewall. Unless you're on the newest version of Windows you're pretty screwed unless you can configure packet filtering on the NIC.

      --
      The global economy is a great thing until you feel it locally.
  4. Re:er, dupe by NoMoreNicksLeft · · Score: 3, Funny

    No, this time it was another windows machine that was infected in 12 minutes. Expect to see 200 million similar stories in the next week or so.

  5. Re:er, dupe by Andrewkov · · Score: 3, Funny

    I'm waiting for a dupe in 12 minutes, now that would be good! :D

  6. variants... do they count? by super_ogg · · Score: 5, Interesting

    So there are variants and minor changes... do we really count these as new viruses?
    ogg

    --
    Black cat, searing pain, flames...? I must be in Heaven! - Homer Simpson
  7. Internet Storm Center is tracking "survival time" by UnderAttack · · Score: 5, Informative

    The Internet Storm Center is tracking a similar number for while. See the "survival time". It has actually improved over the last few months!

    --
    ---- join dshield.org Distributed Intrusion Detec
  8. And in a related slashdot story by mindaktiviti · · Score: 5, Funny

    "Windows infected in 12 minutes."

  9. Time Loop by DanielMarkham · · Score: 5, Funny

    Hey. I saw this episode on Star Trek. The same thing kept happening over and over again until Data finally kept the ship from blowing up.
    That's what's happening on /. Now we need to repeat all of our original posts, while sending a message with tachyon beams back to our original selves...

    Blog's Up!

    1. Re:Time Loop by Lt+Cmdr+Tuvok · · Score: 5, Funny
      You are quite perceptive. Tachyon beams are exactly what I, myself, have been using, and am indeed using right now, to write messages on this very 'chatboard'.

      Perhaps we are indeed violating the Prime Directive in the most appalling manner by allowing geeks from your time to view 'Star Trek' unabatedly. Your knowledge of events and technology that occur and exist in our time grows ever greater.

      With this in mind, please disregard this comment. It does not exist.

      --
      Without the darkness, how would we recognize the light?
  10. Only 12 minutes by DS_User · · Score: 5, Funny

    12 minutes hey. Gee I thought IE opened up quicker than that.

  11. What'd I'd like to know by AutopsyReport · · Score: 4, Interesting
    What I'd like to know is what are they doing during those 12 minutes for Windows to become "infected."

    For years I have run Windows straight out of the box (no firewall, no security software, nothing), and I've only ran into two viruses -- one through Kazaa, and one through IRC (both my fault).
    I can understand that Windows is vulnerable -- but if I've managed to run Windows for many years without any major problems, then I'm curious what they are doing during these 12 minutes to arrive to such a conclusion.

    --

    For he today that sheds his blood with me shall be my brother.

    1. Re:What'd I'd like to know by ceeam · · Score: 4, Insightful

      Maybe you are on some strange subnet that bots don't scan too much. Maybe you don't visit sites that track your address for "who-knows-what-purposes" (OTOH - at least you've successfully posted to /. so you have your port 80 scanned back). Maybe your provider filters bad traffic (or even NATs you). Maybe your connection is so unreliable that they don't bother. Maybe you just don't know. Lots of options.

    2. Re:What'd I'd like to know by Dun+Malg · · Score: 3, Interesting
      I can understand that Windows is vulnerable -- but if I've managed to run Windows for many years without any major problems, then I'm curious what they are doing during these 12 minutes to arrive to such a conclusion.

      I've had my "NAS pr0n box" (an old Athlon 1600+ w/250GB worth of misc drives) running un-updated WinXP Pro (the "reset5" 30-day hack precludes updates) for over a year on the same static IP, open to the whole intarweb, and it hasn't picked up a single virus. I use it for torrents, eMule, kazaa-- basically all and sundry untrustworthy site scouring-- and still it works. I recently installed McAfee on it, just to see what viruses I'd "collected", and there's nothing! I think the biggest deciding factor in how fast your exposed windows machine gets "pwned!" is whether or not it's in the IP address range assigned to a large ISP that caters to the Unwashed Masses (e.g. Comcast). Using an ISP that markets to the bespectacled nerd crowd puts your IP address in a range that probably won't be tapped for a "zombie harvest".

      --
      If a job's not worth doing, it's not worth doing right.
    3. Re:What'd I'd like to know by clonmult · · Score: 3, Informative

      What version of windows are you running?

      I was running a Win98 PC as a gateway for the kids PCs connection at home, and it was generally fine, the odd virus, but nothing major.

      However, when I put in Win2K (SP1, no firewall or AV initially installed), it was virtuall unusable within an hour.

      According to the firewall, the machine gets attacked/probed maybe up to a hundred times a day, its ridiculous.

  12. Uh by sheriff_p · · Score: 5, Insightful

    London-based? They're based in Abingdon, Oxfordshire, England. Does English now automatically mean London-based or what?

    +Pete

    --
    Score:-1, Funny
  13. Eat Your Own Dog Food by Doc+Ruby · · Score: 5, Insightful

    I'm tired of talking about tech fixes to Slashdot's dup plague. It would stop if the editors would just read the damn front page.

    --

    --
    make install -not war

  14. Re:er, dupe by Anonymous Coward · · Score: 3, Funny

    But the funniest thing about the link is the one and only comment on there that says "Crappy article, but this girl will warm you up inside" and then gives a link to something that would probably lead you to the very exploit it is talking about.

  15. Editors - Question by Phishcast · · Score: 5, Insightful
    I read Slashdot regularly, and I at least skim every headline that comes across. I must notice just about every duplicate article with simple skimming. I'm not nearly as annoyed as a lot of folks when I see a dupe, but my question is this:

    Do the editors of Slashdot actually read the site regularly? If not, should they be posting articles to the front page?

    Followup question: Isn't this common sense?

  16. Blue screen by digidave · · Score: 5, Funny

    My Windows blue screens in nine minutes, so I'm safe.

    --
    The global economy is a great thing until you feel it locally.
  17. Re:Internet Storm Center is tracking "survival tim by savagedome · · Score: 4, Funny

    A herd of buffalo can only move as fast as the slowest buffalo. And when the herd is hunted, it is the slowest and weakest ones at the back that are killed first. This natural selection is good for the herd as a whole, because the general speed and health of the whole group keeps improving by the regular killing of the weakest members. In much the same way, the Internet is only as good as the slowest Windows members. Excessive going online, as we know, gets Windows machines pwn3d. But naturally, it attacks the slowest and weakest Windows machines first. In this way, continuously going online eliminates the weaker Windows machines, making the Internet a faster and more efficient place.

    Shameless parody of the 'beer is good for you' joke

    --


    Free XBox, PS2
  18. Windows is stable! by broothal · · Score: 5, Funny

    At least it's stable. It's exactly the same amount of time as the last time slashdot mentioned this.

  19. Obligatory "here's a patch" post... by Jugalator · · Score: 3, Funny

    Here's a solution.

    *dodges flying tomatos*

    OK, OK, here's a patch.

    *runs*

    --
    Beware: In C++, your friends can see your privates!
  20. Wow, thirty posts about it being a dupe. by cablepokerface · · Score: 5, Funny

    pot. kettle. black.

  21. And in related news..... by Darth_brooks · · Score: 4, Funny

    You can get robbed in a little as three minutes in Downtown Detroit if you walk around counting large stacks of cash.

    The internet is not a nice place. Evolve or die.

    --
    There are some people that if they don't know, you can't tell 'em.
  22. 12 minutes is faster??? by Vapon · · Score: 3, Interesting

    When MS_Blaster was at its peak I had computers that were infected before the install finished if I left it connected to the internet.

  23. not always enough - hardware firewalls are better by CdBee · · Score: 5, Insightful

    I seem to recall some cases of software firewalls (if this is what you meant) which don't initiate before the NIC driver comes online, meaning the PC has a few seconds where it can acquire an IP and receive packets before protection commences.

    Good design practice should prevent this but it'll never be quite as good as a hardware f/wall. Decent FW devices can be found for very cheap prices now.

    If you really can't run a hardware firewall due to a need for many open incoming posrt, the 2nd-best solution is to use a modem with routing ability and direct ports 445, 593 and 135-139 to a dead address (remember to send them to an address outside the router's DHCP range so that address can never be assigned to an unprotected machine). These ports represent Windows file/print sharing, RPC Endpoint mapper (a major exploit target) and RPC comms ports. Killing those 5 ports stops 80-90% of remote attacks, although if you are running a web server, but not actually serving remote users, block ports 80 and 8080 as well to kill frontpage server extensions overflow attacks.

    --
    I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
  24. Finally! by Aumaden · · Score: 3, Funny
    Now, all you linux fan boys can just stfu.

    There's no way linux can beat windows speed record now!

  25. Re:Internet Storm Center is tracking "survival tim by jedidiah · · Score: 5, Insightful

    This would be cool if the hunting actually culled the herd but it does not. The infested members of the herd continue ramble on like... zombies. In so doing they are able to impact the rest of the herd and slow it down rather than speed it up.

    An Ebola type strain of computer virus might actually be a public good. It would kill off these flu ridden beasts, put them out of their misery and prevent them from continuing to harm the rest of the herd.

    Ra's al Ghul anyone?

    --
    A Pirate and a Puritan look the same on a balance sheet.
  26. Re:not always enough - hardware firewalls are bett by Anonymous Coward · · Score: 5, Informative

    If you're running a router then just enable NAT and bingo - a simple firewall. I always deploy ethernet ADSL modems now for many reasons - but this is the main advantage.

    1. Go to new site
    2. Plug PC into modem
    3. Configure modem
    4. Plug phone line into modem
    5. Download latest windows patches

    Note that at stage 5 the PC is already protected by a firewall. Just need to AV and patches to protect against email, adware etc.

    But then I also configure Thunderbird - which limits the email viruses as well (the number of times I've been called becuase a user can't open an email containing a virus ...)

  27. pre sp1 by Mr_Silver · · Score: 5, Insightful
    If your Windows computer is not properly protected,it will take 12 minutes before it becomes infected, according to London-based security company, Sophos.

    By "Windows" they mean Windows XP pre-service pack 1 which was released in 2001.

    So, what they're saying is: "if your unpatched 4 year old operating system is connected to the internet, it'll get infected pretty quickly."

    Granted, pre-sp2 versions of XP has security that wasn't exactly the greatest and, granted, post-sp2 it still isn't perfect (and I'm not defending that) - but the above statement is like saying "if your vanilla install of Redhat 7.2 is connected to the internet, it'll get infected in a couple of hours".

    The latter isn't fair to Redhat and so I don't see why it's particulary fair to Microsoft either.

    --
    Avantslash - View Slashdot cleanly on your mobile phone.
  28. Re:oi vey... by harrkev · · Score: 4, Interesting

    But what I want to know is how do these machines get infected???

    It is certainly easy to get infected while using e-mail or surfing. But now that SP2 comes with a firewall turned on by default, shouldn't it now be impossible to infect a SP2 machine without some sort of user intervention?

    Does the SP2 firewall have some holes pre-poked in it already? Are there flaws in the firewall?

    --
    "-1 Troll" is the apparently the same as "-1 I disagree with you."
  29. Most retarded story. by RingDev · · Score: 3, Interesting

    This is as wonderfull as the Zombie Dog story last week. No facts, no information about the PC, connection, patch history, viruses, etc. Just some random number and some advertising.

    Big suprise, the world most popular OS has the largest number of virus's written for it. Another big suprise, leave your machine unpatched and unprotected on a network and it'll get infected.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  30. Re:OT: Your sig by Anonymous+Custard · · Score: 3, Funny

    >>The first rule of PATRIOT act is do not talk about PATRIOT act

    >Has it occurred to you that your sig is lying? There's no provision in the PATRIOT act that says you can't talk about it. You're just adding to the incoherent ramblings of the Left, which nobody listens to. There are plenty of real problems with the PATRIOT act, but your sig does nothing to address them. It's actually hurting by further making its opposition look like idiots.

    Oh wise AC, verily, my slashdot sig is not doing enough to change society's problems. For that, I apologize profusely.

    --
    $8.95/mo web hosting