Slashdot Mirror
Kama Sutra Worm Could Make For A Bad Friday
mikey1134 writes "CNN is running a story about the Kama Sutra worm, a virus that is coded to overwrite files of the (potentially thousands of) infected computers. They provide some background on this viral outbreak and warn users to protect themselves" From the article: "And even for home computer users who have never taken such precautions before, security experts say now would be a good time to back up your most important data, like financial information and family photographs, to CDs, DVDs, zip drives, or an external hard drive that you know is worm and virus free. Unlike a lot of malware that exploits vulnerabilities in the Windows operating system, there is no 'patch' that can be downloaded to ward off Kama Sutra."
The best backups are those written to only once. Burn to a write-once only CD or DVD. Don't back up to an external hard disk. As soon as you plug it in anything can happen, either from Windows itself or from malicious software (redundant, I guess).
In the old days we backed up to tape and flipped a switch so the tape couldn't be overwritten. Today it's burn-once disks. Don't trust anything but physical protections from disk writes.
Developers: We can use your help.
This is the virus that MS has a patch from their fancy new Remote System Control program, right? Simply agree to download and blindly run any code they decide to send, let 'em take a peek at what you're running from time to time, and send regular status reports to the nice windows home base -- and then, we'll protect you from the nasty viruses!
And remember, kids... that's a nice computer. Would be a shame if something were to "happen" to it, you know what I mean?
...transfer your important data to a new hard drive inside of a Mac.
I liked how in the article itself it said "There is no patch for user error." I call it removing their Banzai Buddy and smacking them upside the head with a keyboard.
Like they learned from Happy99?
Keep in mind all of those Dells that ship with time limited anti virus trial software. Even if people know they need virus protection, they may not know that it's expired.
END OF LINE.
I'm sorry? It won't be super destructive? May I ask what you define as a super destructive virus? Overwrting the contents of all MS Office documents (not just deleting them) is extremly devestating. Even with backups the time it would take to restore the files would be a lot of downtime. Then you look at all the people who don't have backups. People and businessess. That could result in serious economic damage as companies are forced to re create there entire business. Was your post meant as a joke or...? You evidently have never had to recover from a virus infection of any magnitude. I have and its not easy. It takes time and its a race against the clock.
Charles Wyble System Engineer
like totally unhelpfull..I didnot understand a word of your post or the links
Surely, there is a simple answer to this question:
if i scan my hardrive tonighte with avg or macafee or norton, am i protected ?
where do i download the patch ?
if not, this surely demonstrates that the protection companies aint worth a tinkers damm
Sure. But I reckon gradually corrupting small parts of them is still worse. You might only realise you were infected months later, when the quarterly financial figures come out totally whacked, and you'll spend the rest of forever in the company of accountants and auditors trying to track down the correct figures.
Fragging out a file all at once? Then the victim realises something's up, gets the machine fixed, loses some work. Imperceptibly corrupting the file? Victim keeps spreading the virus, and every version of every file he works on is suddenly untrustworthy...
Real Daleks don't climb stairs - they level the building.
you can do better:
turn you pc to an other os and leave it on tomorrow as well
I wouldn't call it a Microsoft insecurity issue, but a stupid user issue. The user has to install it for it to work, the user actually has to be involved and allow it onto their box. The same type issue can be had for a Linux box and you don't even have to be a root user to be affected; someone emails you unknown app and like these windows dumbasses you run it can wack all of the Openoffice documents you have been using to write your disertation for the past year is gone.
A stupid user is stupid user, the article summed it pretty well: "Unfortunately, there is no way to patch user ignorance, and the way this virus propagates is through user ignorance,"
Right, because that's fantastic advice for the type of people who click on unknown attachments in their emails...
Congrats, you use Linux. It's be great if more people did, perhaps. But now you're just jerking yourself off, and it doesn't seem particularly helpful.
This is because, while it may have been posted before, this is very helpful for some of us who are looking for resources to make sure we are covered in the last day before the attack. If it wasn't for the links I got off slashdot, I couldn't get my PHB's to approve my time to verify everything. Thus, an article is not a "dupe" if it is still useful. Hence, your complaints are offtopic.
As was this.
Watch for Penguins, they eat Apples and throw rocks at Windows.
Hey, this isn't Flamebait, it's true. You can make whatever arguments you want (smaller target size), but Macs have been impervious to every big, newsworthy Windows virus in the past five years.
Do you realize how funny it becomes after the seventh time a big-time worm goes around in the Windows world and you're unaffected? When Blaster was rebooting the world's computers, when Code Red was making the rounds, when the WMF flaw was making people afraid to view email or visit unfamiliar websites, Mac users have just shaken their heads and kept on running. This Friday will be the same.
It's amazing the American economy has come to rely on something so unreliable. I switched my office to Mac last year because life is too short for this shit.
"Sufferin' succotash."
Step 1: Go into Date and Time properties Step 2: Click on Internet Time tab Step 3: Uncheck Automatically Synchronize Step 4: Click on Date & Time tab Step 5: Change the date to the 4th (saturday) Step 6: Click OK Step 7: Wait until it really is saturday and turn automatically synchronize back on. I'd reccomend this for everyone, whether you think you have it or not, just to be on the safe side.
Maybe you haven't worked with companies having fewer than 100 billion dollars in assets; but I provide software and services to credit unions and I assure you, they cannot afford to use a SLDT 320 GB tape once and archive it forever. The monthlies are (if they follow our recommendations) put away indefinitely, but that's about it. There is a reason to reuse tapes, and it's called "practicality." They couldn't open their doors to teenagers and low-income families if they had to do what you demand.
Gamingmuseum.com: Give your 3D accelerator a rest.
There's no patch because it's not a vulnerability, it's a virus. The only thing you can patch is the users that still won't follow directions and not open executable attachments. The OS is working as intended when it executes code you ask it to, which is how this virus gets on.
This "OMG MS won't patch t3h systems!!!11" stuff on Slashdot is getting old. No, they won't patch it because there's nothing to patch. Duh. They have decided to add it to the malicious software tool, which is a mini virus scanner akin to Stinger from Mcaffee, which scans for a limited subset of viruses, but that's not a patch. Windows OneCare, which is NOT a remote control system by the way, does find it because, well, it's a virus scanner just like any other. It catches it just like AVG, F-Secure, Norton, and so on, which is to be expected as it's a competitor.
So let's leave off the bullshit ok? There are two easy methods to prevent this from hurting your system:
1) Don't run random programs that some with e-mails. If you use Outlook Express, it'll even tell you not to (twice).
2) Get a virus scanner. Doesn't need to be MS's, there are many good ones out there. I recommend AVG, it's fast and free.
It will most certainly affect any writeable permanent redirected shares, AKA mapped drives, since the whole point of mapped drives is to create something that looks like a regular local storage volume.
It will *probably* walk the local network and affect nay shares it can access.
But - why take the chance? Always assume it will affect anything it could possibly write to.
but Macs have been impervious to every big, newsworthy Windows virus in the past five years.
Well no shit. My Ford has been impervious to every big, newsworthy Chevy recall in the past years.
Bad boys rape our young girls but Violet gives willingly.
>where do i download the patch
You don't -- there isn't one. This does not exploit a vulnerability in the OS. It exploits a vulnerability in those willing to click email attachments.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
/. has changed markedly over the years, but still keeps it's technical orientation. This has become more obvious, IMO, since the emergence of digg.com, a site with lots of tech news, but very n00bish comments. How about we keep /. the way it is, instead of trying to dumb it down? The links provided contain lots of usefull info. You might not understand all of it, but you might learn something.
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
In aviation the US system prevails. The altitude of the flight is still measured in medieval feet, something like 33600. In normal scientific metric system it is 9600 meters.
As my professor said: "It is the shame to enter 21-st century with the Imperial System of Measurement". Still we did.
I blame the US archaic technological system of doing things. This is the reason of these endless vulnerabilities.
It is impossible to work like this. I think the UN has to create the International Body and come out with the Open Source Secure OS, based on the understandable scientific System of Measurements. The humankind shall not be the hostage of an undereducated Bill or whomever. We shall aspire to the modern secure computing.
> How about we keep /. the way it is, instead of trying to dumb it down?
Absolutely, and if you don't understand something, read the comments. Chances are pretty good someone else didn't understand either and asked. Or if that hasn't happened, post the question yourself. That's why the comments section is here!