Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kama Sutra Worm Hits Softly

Posted by Zonk on from the not-a-problem-with-me dept.

An anonymous reader writes "Despite warnings of the danger posed by the Kama Sutra worm, ZDNet is reporting that things haven't been nearly as bad as expected." From the article: "There have been 'no reports of any (Kama Sutra) detonations so far. Also, the virus seems to be dropping in e-mail prevalence. It was down to second place yesterday, according to our monitoring stations, and slid again into third place today,' Paul Ducklin, head of technology at Sophos Asia-Pacific, told ZDNet Australia. The worm's ranking was overtaken by MyDoom and Netsky variants, which have been around for a number of years. "

175 comments

  1. What? I don't understand.... by JustASlashDotGuy · · Score: 5, Funny

    It sounds like the news over hyped a story for no reason. Say it ain't so!

  2. Uh oh... by suwain_2 · · Score: 3, Funny

    I got:
    Nothing for you to see here. Please move along.
    the first few times I tried to view this article. Are we sure Slashdot isn't infected?

    --
    ________________________________________________
    suwain_2 :: quality slashdot p
    1. Re:Uh oh... by Tackhead · · Score: 1
      > I got:
      > Nothing for you to see here. Please move along.
      > the first few times I tried to view this article. Are we sure Slashdot isn't infected?

      Naw, if Slashdot had been hit, it would have said DATA Error [47 0F 94 93 F4 K5]. Please move along.

      Man, those Kuro5hin folks, always trying to get the last byte in edgewise...

    2. Re:Uh oh... by Patrik+Arvhult · · Score: 1

      Yes it is. Every time I visit /. my webserver gets a evil datagram of a ping back from /. If i remember right the log entry looks like /. investigates if my webserver is open to relay traffic like a miss-configured proxy. What it does if this test is passed: no idea. Maybe /. has a secret inner circle of alien worms utilizing found proxies for internal communication like distribution of blueprints: of their newest state of the art *n*l-probes designed to analyze brains of slashdot readers. Or maybe its sumthing else, gotta check my logs again.

  3. Old Threats by Nom+du+Keyboard · · Score: 4, Insightful
    overtaken by MyDoom and Netsky variants, which have been around for a number of years.

    I, for one, would favor a slightly smarter Internet that simply filtered out known threats, stopping any further spread once they're identified. The fact that attacks continue to run years after they're first known is just plain stupid!

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
    1. Re:Old Threats by kevin.fowler · · Score: 5, Funny

      There is no patch for user stupidity.

      --
      Bury me in mashed potatoes.
    2. Re:Old Threats by JesseL · · Score: 5, Funny

      Yes, there is.

      --
      "Prefiero morir de pie que vivir siempre arrodillado!"
    3. Re:Old Threats by Anonymous Coward · · Score: 0

      Hand grenade? :)

    4. Re:Old Threats by Lehk228 · · Score: 1

      user stupidity patches come in many different sizes, i prefer .50 Cal. myself

      --
      Snowden and Manning are heroes.
    5. Re:Old Threats by c0d3h4x0r · · Score: 1

      On a more serious note -- yes, there are real patches for user stupidity. They are called "foolproof design" and "solid usability". Too bad that only Apple gets it at all ... and even they still only partially get it (for instance, the iTunes UI is atrocious).

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    6. Re:Old Threats by Sloppy · · Score: 1
      There is no patch for user stupidity.
      In this case, it sounds like there is. Supposedly, this virus spreads by the user telling his email client to execute an attachment. Not just "opening" it (viewing hostile content should always be safe to do (barring accidental execution (e.g. an overflow bug in libpng)), but deliberate execution.

      The patch is to remove that capability from the email client. Or if people really want to use their email clients as program loaders (wtf?!), then at least it should load the programs into a sandbox.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    7. Re:Old Threats by Blkdeath · · Score: 1
      On a more serious note -- yes, there are real patches for user stupidity. They are called "foolproof design" and "solid usability".

      Yeah, right. There's a reason there's a cliche about "... along will come a better fool" - because it's true.

      We have so many warnings and safety bubbles around us nowadays we're losing the ability to protect ourselves from our surroundings. We're creating a society of clueless, helpless retards.

      We start our computers and watch as fifteen protection mechanisms automatically fire up and scan for anything malicious. Our ISPs filter our traffic to protect us from that which we cannot protect ourselves; heaven forbid a message should get through with an attachment and some retard on the other end of the ethernet clicks on the damned thing.

      You can see paralells in other areas of life. Cars, for example, have so much safety built into them it's probably doubling the production cost of your average sedan. Yet morons still find ways to kill themselves. Hell, people feel so artificially safe in their cars they're driving faster, more carelessly and more drunk because, hey, it's not like I can be HURT or anything! I've got ABS; it's impossible for me to hit somebody! {SIGH!}

      It's getting so bad we have physicians in the UK wanting to ban the most important knife in the kitchen - the chef's knife - because a) they know nothing about cooking, and b) people are damned stupid and hostile enough to keep stabbing each other with them! See what happens when you outlaw guns? People stab each-other! If you ban knifes, they'll bludgeon each other to death!

      The long and short of it is this; there is no cure for human stupidity. Darwinism is a pipe-dream, but it's a good one.

      --
      BD Phone Home!

      Shameless plug. Like you weren't expecting it.

    8. Re:Old Threats by toadlife · · Score: 1

      I disagree. There is nothing in the design of OSX that will prevent ill-informed users from screwing it up. The asking of the admin password is nice, but that doesn't even come close to bringing into the realm of foolproof.

      --
      I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
    9. Re:Old Threats by Anonymous Coward · · Score: 0

      > stupidity patches come in many different sizes, i prefer .50 Cal. myself

      careful, threats against the executive branch of the US gov't are taken seriously.

    10. Re:Old Threats by c0d3h4x0r · · Score: 1

      We have so many warnings and safety bubbles around us nowadays we're losing the ability to protect ourselves from our surroundings. We're creating a society of clueless, helpless retards.

      We start our computers and watch as fifteen protection mechanisms automatically fire up and scan for anything malicious. Our ISPs filter our traffic to protect us from that which we cannot protect ourselves; heaven forbid a message should get through with an attachment and some retard on the other end of the ethernet clicks on the damned thing.

      You've totally missed the point.

      An OS with a foolproof design would be absolutely impossible to surreptitiously infect with malware/viruses/spyware. Things like that only get secretly installed because Windows is not architected in a bullet-proof way that requires interactive user confirmation before changing system-critical stuff. I'm running some post-beta2 dailies of Vista (I'm a MSFT employee), and one of the most obvious and significant changes is that they've rearchitected the system in exactly the way I've just described.

      But a bullet-proof OS that always seeks user confirmation before letting programs do system-critical stuff is only half the solution. An OS with good usability is also needed, so that users are able to clearly decipher, in layman's terms, what it is the OS is asking them to confirm, and so that it's not easy for confirmations to be easily approved (out of habit) without forcing the user to carefully read them first. Not even OS X or various UNIXes do this right.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    11. Re:Old Threats by Blkdeath · · Score: 1
      You've totally missed the point.

      An OS with a foolproof design

      I think you've missed the point. Any 'foolproof design' has been a pipe-dream since humans have been creating ... anything. An OS wth a foolproof design has been a pipe dream since computers were invented.

      But hey, if Microsoft can finally accomplish this, hey, all the power to them. Excuse me while I split my sides now.

      --
      BD Phone Home!

      Shameless plug. Like you weren't expecting it.

    12. Re:Old Threats by c0d3h4x0r · · Score: 1

      You're not disagreeing with anything I actually said. I never said that OS X was a perfect example of how to make an OS.

      I totally agree with you that the other half of the problem is that the OS needs to clearly inform and educate the user about the choice they are being presented with. Read my replies in the other branches off my original post for more info.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    13. Re:Old Threats by c0d3h4x0r · · Score: 1

      I think you've missed the point. Any 'foolproof design' has been a pipe-dream since humans have been creating ... anything. An OS wth a foolproof design has been a pipe dream since computers were invented.

      So instead of actually working toward that goal and getting as close as possible, you would rather that everyone just gave up and just keep things as screwed up as they are now?

      I swear, some people are so negative I don't even know why they bother getting out of bed in the morning. I mean, you're going to eventually die anyway, so why bother?

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    14. Re:Old Threats by Blkdeath · · Score: 1
      So instead of actually working toward that goal and getting as close as possible, you would rather that everyone just gave up and just keep things as screwed up as they are now?

      So let's see if I understand; you didn't understand anything I said in my initial response, and you're still arguing that the solution to all of our computer related problems is technical (and Microsoft seems to be at the forefront from what I gather of your arguments), yet you continue to argue the same point over and over.

      If you're not going to address my initial points save yourself some time by not responding.

      --
      BD Phone Home!

      Shameless plug. Like you weren't expecting it.

    15. Re:Old Threats by c0d3h4x0r · · Score: 1

      I fully addressed all your initial points, if you'd bother to read what I actually wrote. I never said the problem is purely technical. What I said is that part of the problem is poor usability -- even when users are given a choice over whether some operation should occur, users are not forcibly informed well enough by current OSes to make informed choices. That's a usability problem.

      People shouldn't have to read a manual or spend half their lives keeping up with geek sites and security bulletings just to use their computer. If they absolutely MUST understand something in order to proceed, then the burden is ENTIRELY on the software to educate them properly. "User education" as a goal anywhere but in the UI of the software itself (and I'm not talking about "help topics" or "README" files, either) is wasted effort, because people won't read it (nor should software designers expect them to have to).

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    16. Re:Old Threats by scaryfast · · Score: 1

      The Internet works because it is so free to send information wherever you like. I, for one, don't want an Internet that does anything to my packets, thank you.

    17. Re:Old Threats by Anonymous Coward · · Score: 0

      Here's the long and the short of it. The average computer user is certifiably stupid. They probably should have anything sharp and pointy taken away from them lest they accidentally jab their eyes out. They never listen to warnings. They take no responsibility for anything, don't bother even trying to understand even the rudiments of security. I contend that no operating system save the one on a computer where the power plug is pulled out is secure from the average moronic computer user, a subspecies of H. sapiens known to be about as intelligent as week-old pastries. I think the proper solution is IQ tests before permitting computer purchases.

    18. Re:Old Threats by TheDauthi · · Score: 1

      How do I deploy this to multiple users at a time? I have a large domain...

    19. Re:Old Threats by saintlupus · · Score: 1

      If you think the iTunes GUI is bad, check out iCal sometime. The interface was designed by someone at Apple France, and to be honest, it's bad enough to have earned everyone in that country a cock-punching.

      --saint

    20. Re:Old Threats by toadlife · · Score: 1

      Unfortunately, no one has figured out how to explain complex questions to regular users, and it seems doubtful that anyone will without users being somewhat more educated about how computers work.

      For example, on the latest Vista Beta my friend was playing with on his laptop, it said...

      "Do you want to allow Explorer.exe to do [some action]?"

      Most users would be lost at the "explore.exe" part. :(

      --
      I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
    21. Re:Old Threats by joecr · · Score: 1

      I still think making learningas the only way to continue living is a good way to take care of the problem. Yes I know we will have fewer people on this planet, but the ones who live will have learned to be smarter & thus improve our intelegence as a whole group.

    22. Re:Old Threats by yourdeadin · · Score: 1

      AI is no match for natural stupidity.

    23. Re:Old Threats by c0d3h4x0r · · Score: 1

      For example, on the latest Vista Beta my friend was playing with on his laptop, it said...

      "Do you want to allow Explorer.exe to do [some action]?"

      Most users would be lost at the "explore.exe" part. :(

      I completely agree. That's why I said that part of good usability is explaining things in layman's terms, rather than in techno-babble that grandma wouldn't understand. Microsoft has *never* done a good job of that, although it's certainly done a better job than most Linux distros have.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
  4. Media Hype by Anonymous Coward · · Score: 1, Funny

    It was all pretty much media hype from the beginning.

    1. Re:Media Hype by lotrtrotk · · Score: 1

      Who the heck moded the parent "Funny"? It couldn't be ANY more true.

    2. Re:Media Hype by rabeldable · · Score: 1
      "Media Hype" + "Virus Name Variance" = "Consumer Dilemma"

      The names of viruses should be treated like tropical storms & hurricanes. With the new year the naming should start over at the letter A, then when the English alphabet is exhausted the names should be Greek... and so on. It makes sense to prevent confusion over the many vendors and their different naming conventions. Of course all of this would have been prevented if M$ decided to create an API that did not require so many privileges.

  5. Racy Title by Artie_Effim · · Score: 5, Funny

    that might just be the raciest title on a /. article ever. W0W

    1. Re:Racy Title by oliana · · Score: 4, Funny

      How 'bout "Kama Sutra peaks prematurely" or "Kama Sutra comes with a whimper, not a bang"

      --
      In Soviet Russia, asses suck this joke.
    2. Re:Racy Title by Anonymous Coward · · Score: 0

      I think you may have inspired a few /.ers to hit their Kama Sutra worms a bit harder...

  6. The media loves it by JesseL · · Score: 2, Insightful

    when there is a particular date they can get in a tizzy about. No one will know they were making a mountain out of a mole hill until the "crisis" has passed. Remeber the michelangelo virus?

    --
    "Prefiero morir de pie que vivir siempre arrodillado!"
    1. Re:The media loves it by Lxy · · Score: 2, Interesting

      One source I saw (was it /. yesterday?) actually suggested keeping your computers turned off today. All too familiar with the big Michroangelo scare of 1990 (oh geez I'm old...)

      --

      There is no reasonable defense against an idiot with an agenda
      :wq
    2. Re:The media loves it by Dynedain · · Score: 4, Funny

      Do I ever... My father insisted on turning off the answering machine, because it was digital one that did voice stamps and other complex features, and the "virus could spread through the phone lines".

      +1 to my dad for knowing that the answering machine did have a computer as a component
      -100 for thinking that it was susceptible to a virus dialing it up and infecting it

      --
      I'm out of my mind right now, but feel free to leave a message.....
    3. Re:The media loves it by propagandize · · Score: 1

      Remeber the michelangelo virus?

      ...or Y2K?

    4. Re:The media loves it by riflemann · · Score: 1

      +1 to my dad for knowing that the answering machine did have a computer as a component
      -100 for thinking that it was susceptible to a virus dialing it up and infecting it

      That's what they said about email only a few years back...
      --
      Sparks:Gadget:Beer Maker
    5. Re:The media loves it by Geoffreyerffoeg · · Score: 1

      Could a digital answering machine theoretically have a vulnerability? All I can think of is a buffer overflow, and presumably they account for humans talking too long; a DOS attack, which really doesn't cause problems; or a simple bad electrical signal, which requires someone attacking your physical phoneline or a really evil phone company.

      It is a computer, though, so shouldn't it have bugs?

    6. Re:The media loves it by towsonu2003 · · Score: 1
      My father insisted on turning off the answering machine, because it was digital one that did voice stamps and other complex features, and the "virus could spread through the phone lines".

      +1 to my dad for knowing that the answering machine did have a computer as a component -100 for thinking that it was susceptible to a virus dialing it up and infecting it

      +1 for your dad for seeing the future of voip.
    7. Re:The media loves it by electr01nik · · Score: 1
      I have a rather crappy SouthWestern Bell Freedom Answering System answering machine.

      It stores your messages after the outgoing message on a single tape. If you happen to have a message and power goes off, it forgets everything. If somebody calls, it plays your messages back after the OGM.

      Not a virus, but definitely open.

  7. Re:What? I don't understand.... by l33t.g33k · · Score: 3, Insightful

    Sorry, it IS so. The media uses end-of-the-world headlines because it gets people riled up and excited, and this news about the Kama Sutra worm falls into that category...

    --
    My sig is permanently on strike.
  8. The big question remains by Lxy · · Score: 5, Insightful

    Does this mean A) we've done a good job training our users or B) no one infected with this worm is willing to admit it?

    Most of the users I support would rather reconstruct their documents than admit they clicked on a "free pr0n" e-mail. Wonder how accurate this news really is.

    --

    There is no reasonable defense against an idiot with an agenda
    :wq
    1. Re:The big question remains by ursabear · · Score: 1

      I am thinking along the same lines. I think there is something to be said about the fact that it was publicized in advance, and more people "saw it coming."

      Of course, I don't think users who have had their files dumped have necessarily become aware of the issue yet, or as you say, maybe they haven't wanted to admit it.

      --
      A Passionate Independent Musician
    2. Re:The big question remains by jiushao · · Score: 1
      A) we've done a good job training our users
      B) no one infected with this worm is willing to admit it?

      Do we care which? As long as they either don't do it anymore, or are smart enough to understand it when they do something wrong I am happy.

    3. Re:The big question remains by Jazzer_Techie · · Score: 2, Informative

      The people over at F-Secure seem to think it's too early for any real damage assesment. Their arguement makes a lot of sense.
      --
      From the weblog:
      So far today we haven't received any significant Nyxem damage reports.
      Vast majority of the machines infected by Nyxem are home computers. Nothing will happen on them until people get home from work and boot up their machines. Half an hour later the damage starts. The user won't realise what's going on until an hour or two later, when it's already late Friday night.
      The full scope of the problem won't come to light until during the weekend or early next week.
      We'd like to think that they whole problem was avoided and everybody cleaned up their machines in time. But unfortunately that's probably not true.

    4. Re:The big question remains by TripMaster+Monkey · · Score: 0


      If the answer is B, then that implies A.

      --
      ____

      ~ |rip/\/\aster /\/\onkey

    5. Re:The big question remains by k12linux · · Score: 1
      And how many just left their computer off because today was the day? Would be interesting to learn that more systems were hit on March 3 then today.

      So far though it seems to have all of the devastation of the y2k disaster.

    6. Re:The big question remains by Anonymous Coward · · Score: 1, Funny

      [(A v B) v (-A ^ -B)] --> [(^_^) ^ (TMM is a fucking idiot)]

  9. Killing me softly by TubeSteak · · Score: 3, Funny

    I felt all flushed with fever, embarrassed by the crowd,
    I felt he found my letters and read each one out loud.
    I prayed that he would finish but he just kept right on ...

    Strumming my pain with his fingers,
    Singing my life with his words,
    Killing me softly with his song,
    Killing me softly with his song,
    Telling my whole life with his words,
    Killing me softly with his song...

    That's what came to mind when i read the title "Kama Sutra Worm Hits Softly." It's not my fault though, my mother subjected me to years of 'light' music on my way to school.

    Anyways, I'm not surprised the media took this one and ran with it. When was the last time they had a 'major' malicious virus to talk about?

    --
    [Fuck Beta]
    o0t!
    1. Re:Killing me softly by dr_dank · · Score: 3, Funny

      It's not my fault though, my mother subjected me to years of 'light' music on my way to school.

      Years of 80s music made me think that this was the Karma Chameleon worm. Seems to come and go. Whoa-o-o.

      --
      Where does the school board find them and why do they keep sending them to ME?
  10. Re:What? I don't understand.... by whoever57 · · Score: 4, Insightful
    It sounds like the news over hyped a story for no reason. Say it ain't so!
    Oh, there is a reason alright. Think how many extra subscriptions of Norton, McAfee, etc. were sold in the last couple of days.
    --
    The real "Libtards" are the Libertarians!
  11. duh, this is the foreplay by syle · · Score: 5, Funny

    Of course it's soft at first. But wait until it changes positions a few times! It will be surprisingly intense before long.

    --

    /syle

  12. There certainly was a reason by Anonymous Coward · · Score: 0

    The news corporations rolled the dice and were secretly hoping that Kama Sutra would cause some serious damage. Why? Because now the news outlets would have a whole new set of stories for you. The news services would have created their own top story. You'd see computer security exposes on news broadcasts for at least a week.

    And while you're watching the news, make sure you look closely at these words from our sponsors.

  13. Re:What? I don't understand.... by undeadly · · Score: 1
    Sorry, it IS so. The media uses end-of-the-world headlines because it gets people riled up and excited, and this news about the Kama Sutra worm falls into that category...

    Yeah, and the assocation Kama Sutra == faboulus sex in various positions fit for those training gymnastics since age five.

  14. Re:What? I don't understand.... by Pantero+Blanco · · Score: 3, Insightful

    Possibly, the reason it didn't hit so hard was the fact that it was so hyped.

    If someone warns me that I'm about to get hit by a car, and I move and avoid being hit, I wouldn't say that there was nothing to be worried about.

  15. IT'S NOT A WORM! by SanityInAnarchy · · Score: 4, Informative

    It's a virus.

    Surely Slashdot knows the difference? A virus/trojan relies on user stupidity. A worm relies on software insecurity.

    --
    Don't thank God, thank a doctor!
    1. Re:IT'S NOT A WORM! by 0racle · · Score: 0, Flamebait

      Who cares. The point is is this was a chicken little story to begin with.

      --
      "I use a Mac because I'm just better than you are."
    2. Re:IT'S NOT A WORM! by Anonymous Coward · · Score: 0

      In other news: hens are once again mad at Chicken Little after they got up early this morning for the abundance of worms promised only to find Chicken Little perusing the Kama Sutra.

    3. Re:IT'S NOT A WORM! by Deanalator · · Score: 1

      WOAH, the plot thickens!

      but ya, it also spreads via windows shares (not just emails), so yes, it is a worm.

    4. Re:IT'S NOT A WORM! by jiushao · · Score: 1

      It spreads via Windows shares if you run executables on other peoples shares. As in "stupidly run executables from untrusted sources". As in "it is a virus, not a worm". As in "stop spreading misinformation" :)

    5. Re:IT'S NOT A WORM! by TheSkyIsPurple · · Score: 5, Informative

      Really?

      http://en.wikipedia.org/wiki/Computer_worm

      A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagate itself....The main difference between a computer virus and a worm is that a virus can not propagate by itself whereas worms can. A worm uses a network to send copies of itself to other systems and it does so without any intervention

      This thing (from what little I read) emails itself around when it can... which would qualify it as a worm.
      I'm a little fuzzy on the intervention part... the user has to to the initial activation, which could be intervention, but then again you have to do the initial activation with viruses, so I don't think that qualifies.

      This thing doesn't seem to make itself part of another executable persé, so it wouldn't quite qualify as a virus.

      Maybe I read my definitions wrong...

    6. Re:IT'S NOT A WORM! by mnmn · · Score: 1

      Nope you got it wrong.

      A virus and a worm rely on software insecurity. A worm is a virus but spreads through emails.

      Its the trojan that relies on user stupidity. Spyware too. Unless it comes within a reputable software with no options to not select it.

      --
      "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
    7. Re:IT'S NOT A WORM! by Viper+Daimao · · Score: 2, Funny

      duh, its because worm fits better with the imagery of the name "Kama Sutra".

      --
      "In the game of life, someone always has to lose. To me, if life were fair, that someone would always be Oklahoma." -DKR
    8. Re:IT'S NOT A WORM! by BenSchuarmer · · Score: 1

      A worm is a virus but spreads through emails.

      This is false. Worms spread lots of different ways.

      Kama Sutra can't spread without the help of an e-mail client program, so it's a virus.

    9. Re:IT'S NOT A WORM! by NickBilo · · Score: 1

      Actually it is a worm. Virus infects files. Worms spreads copies of itself. Hence: mass-mailing worm is correct. Network worms are typically the ones that exploit a software vulnerability to spread, IM, P2P and email worms don't. http://www.informit.com/guides/printerfriendly.asp ?g=security&seqNum=23

    10. Re:IT'S NOT A WORM! by accessdeniednsp · · Score: 1

      feh. Symantecs...

    11. Re:IT'S NOT A WORM! by FurryFeet · · Score: 1

      Worm? Heh, you must be really popular with the ladies... little guy.

    12. Re:IT'S NOT A WORM! by Anonymous Coward · · Score: 0

      IT'S NOT A WORM! It's a virus. Surely Slashdot knows the difference? A virus/trojan relies on user stupidity. A worm relies on software insecurity.

      And the vendors rely on user insecurity.
  16. Re:What? I don't understand.... by PornMaster · · Score: 4, Insightful

    And think how many more people, having done that, are at least in some way a little more protected from becoming a spam zombie.

    --
    500GB of disk, 5TB of transfer, $5.95/mo
  17. Re:What? I don't understand.... by HermanAB · · Score: 1

    My mail system filters tens of thousands of messages per day, for various businesses and it hasn't logged a single one of those viruses. So, as far as I'm concerned, the whole thing is much ado about nothing...

    --
    Oh well, what the hell...
  18. Comparisons to other worms are misleading by Max+Nugget · · Score: 4, Insightful

    The worm's ranking was overtaken by MyDoom and Netsky variants, which have been around for a number of years.

    This information distorts the issue. Kama Sutra carries an extremely destructive payload, deleting a user's local data and data on attached network drives (and, worse, the antivirus software on the networked computers can't prevent these deletions). This cannot be directly compared to MyDoom or NetSky, which merely clog networks, install backdoors (that are not usually used for anything nearly as destructive), and turn computers into spam and DoS zombies.

    The above statement is like saying that rainstorms have overtaken tornados in prevalence. That doesn't matter, because tornados do much, much more damage than rainstorms do.

    1. Re:Comparisons to other worms are misleading by JesseL · · Score: 4, Informative

      Actually, from what I gather rain does cause more damage than tornadoes. In 1999 rain (floods) caused $5.4 billion in property damage in the US, while tornadoes caused $1.1 billion worth of damage.

      http://www.flooddamagedata.org/data/national331401 4-495.txt
      http://sciencepolicy.colorado.edu/sourcebook/torna does.html

      --
      "Prefiero morir de pie que vivir siempre arrodillado!"
    2. Re:Comparisons to other worms are misleading by ivan256 · · Score: 1

      MyDoom or NetSky, which merely clog networks, install backdoors (that are not usually used for anything nearly as destructive), and turn computers into spam and DoS zombies.

      I'll take 10 users getting their documents destroyed over one DoS zombie any day. The former only has an impact on me if I'm an idiot, the latter becomes a problem when other people are idiots.

    3. Re:Comparisons to other worms are misleading by Max+Nugget · · Score: 1

      I'll take 10 users getting their documents destroyed over one DoS zombie any day. The former only has an impact on me if I'm an idiot, the latter becomes a problem when other people are idiots.

      That's easy for people like us to say, but the reality is that the documents and data of a person who lacks a sufficient understanding of computer security are not automatically less important than our data or documents.

      Or, by way of analogy, the life of a person who didn't think to buy a carbon monoxide detector for their home, is not less important than your life, just because you happened to be wise enough to purchase a detector.

      However I do agree with you that it's better for people's problems to affect themselves rather than other people. In fact that is one of the biggest reasons why the current generation of internet worms and trojans are so successful: the people getting infected are causing damage to other people's systems, not their own, and so they have no motivation to tighten up security on their systems. This is no doubt a big contributor to the fact that a huge percentage of computer systems don't have basic protections like antivirus, firewall, or up-to-date Windows security patches.

      People don't have much fear of viruses/worms/trojans because it's been years since the days when these things were truly destructive to the infected individual's computer. In fact, to the extent that people DO have some fear of viruses, it is probably a remnant of the mid-to-late 90's when viruses were more locally destructive.

    4. Re:Comparisons to other worms are misleading by ivan256 · · Score: 1

      the reality is that the documents and data of a person who lacks a sufficient understanding of computer security are not automatically less important than our data or documents.

      I don't disagree. All I'm saying is that a virus that harms the person who gets infected through his own negligence is better than a virus that harms countless others through a person's negligence. This is especially true with viruses that go out of their way to have no concequence on the 'victim' such that the person won't know to try and solve the problem.

      It's not that I don't think other people's documents are valuable, it's that I don't think other people should shoulder the burden for somebody's mistakes, and that viruses with obvious effects on the person who gets infected are more likely to get cleaned up quickly.

      Besides, we all backup our important documents, so having them wiped out by a virus would only cost us a days work tops, right?

    5. Re:Comparisons to other worms are misleading by Squirmy+McPhee · · Score: 1
      The above statement is like saying that rainstorms have overtaken tornados in prevalence. That doesn't matter, because tornados do much, much more damage than rainstorms do.

      I think you're missing the point. The comparison makes no pretense of describing the damage that the Kama Sutra worm might do, merely how common it is in the wild. That the worm dropped in prevalence over the past couple of days indicates that people are doing something about it and it is now likely to affect fewer computers. Likewise, comparing the prevalence of rainstorms to that of tornados says nothing about the damage likely to be done, but does indicate that you're more likely to get wet than to find yourself in a swirling vortex.

      I don't about you, but while I'm prepared to handle a tornado, it's the rain that's on my mind when I wake up in the morning.

    6. Re:Comparisons to other worms are misleading by Anonymous Coward · · Score: 0

      OMG, you are fucking idiot, READ THE F&&& ARTICAL!!

      NO damage was DONE! NONE! The hype is *over* now, why are you still hyping?

    7. Re:Comparisons to other worms are misleading by rhendershot · · Score: 1

      Informative ??!! OMFG. What were you people thinking? There's so much wrong with this it's hard to know where even to begin.

      Prevalance of RAIN, not FLOODS.

      The analogy wasn't meant to be taken literally. Kind of the point of analogies in general. Surely you got the point; That calling the others of more importance without reasoning for their potential effect is misleading, improper, brainless and just plain wrong?

      parent should have come with a warning 'cause it's seriously caused me to bang my head against table.

    8. Re:Comparisons to other worms are misleading by JesseL · · Score: 1

      What do you think causes floods? The National Weather Service isn't talking about broken pipes.

      While +5 is overrated, the point I was trying to make is that the OP's analogy was doing a poor job of making his point for him. I was trying to make it clear that while the dramatic and spectacular issues may make news, it's the ordinary, persistant problems that really cause more damage.

      While their effects aren't as terrifying for those affected, there is little doubt that MyDoom and Netsky are continuing to have a far greater impact than the Kama Sutra virus.

      --
      "Prefiero morir de pie que vivir siempre arrodillado!"
    9. Re:Comparisons to other worms are misleading by rhendershot · · Score: 1

      >>This [Kama Sutra] cannot be directly compared to MyDoom or NetSky

      The whole point to his statement was to highlight their difference and bring to the fore the idiocy of counting hits in the wild; which really doesn't provide any useful metric.

      I do not see your comments as helping clarify this point. If that's what you believed you were doing or were attempting, health onya bud.

      >> MyDoom and Netsky are continuing to have a far greater impact

      This is relative. To the net admin, dealing with DoS is probably a much bigger problem than having this weeks reports erased from (temporary) storage on some local workstation. To the Sales Manager, losing a man-week of effort when the latest RFP proposal document gets wiped is probably of significant -possibly life-changing- concern.

      Where hits is directly related to new infections it is of some validity. I doubt there's much corellation.

    10. Re:Comparisons to other worms are misleading by MyHair · · Score: 1

      What would you rather have dropped on your head? 1 pound of bricks or 5 pounds of feathers?

      Okay, stupid post, but what did you expect from me and Slashdot?

  19. Delayed reaction by MoogMan · · Score: 5, Insightful

    In all fairness though, you may not notice a critical document has been lost until a few days down the line...

  20. Or a smarter Microsoft by GodWasAnAlien · · Score: 2, Insightful

    A new MS company that fixes bugs that the viruses are taking advantage of.

    How many here, have had a win-sysadmin, send out messages "please don't open mails with the subjest 'OpenMePlease', it will possibly cause bad things."

    Sounds like a serious bug with the mail program. The mail program should not by default run attached programs or open attatche documents that trigger macros.

    1. Re:Or a smarter Microsoft by KarmaMB84 · · Score: 1

      It's the user that opens the attachment. Should the e-mail app refuse to let the user choose to open any attachment at all?

    2. Re:Or a smarter Microsoft by David+Horn · · Score: 1

      You mean like Outlook? I've had many a problem trying to work around this security to open an EXE file I was expecting and someone forgot to ZIP. :)

      --
      PocketGamer.org - For the gamer on the go!
    3. Re:Or a smarter Microsoft by corbettw · · Score: 1

      How many here, have had a win-sysadmin, send out messages "please don't open mails with the subjest 'OpenMePlease', it will possibly cause bad things."

      When I've had Exchange admins send me things like that before, I usually point out how easy it is to set up Spam Assassin on a Linux box. Problem solved!

      --
      God invented whiskey so the Irish would not rule the world.
    4. Re:Or a smarter Microsoft by undeadly · · Score: 1
      When I've had Exchange admins send me things like that before, I usually point out how easy it is to set up Spam Assassin on a Linux box. Problem solved!

      Try out spamd that is much likely to catch e-mails from infected PCs than SpamAssassin.

    5. Re:Or a smarter Microsoft by Sloppy · · Score: 1
      It's the user that opens the attachment. Should the e-mail app refuse to let the user choose to open any attachment at all?
      I think there's confusion over the meaning of "open." "Open" should not mean "execute as native code with the same privileges as the user."

      Fine, let them open it. But if the attachment is a media type that is unrecognized, then it should "open" it in a hex editor or something. Boring, but appropriate, since native code should not be considered a recognized media type.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  21. More prepared? better prepared? by guildsolutions · · Score: 4, Insightful

    I really think that people are becoming more and more prepared for viruses, I would also venture to say that more and more people are running virus scanners and more and more isps are filtering the content of the emails and other methods of transmissions.

    Overreaction? Maybe, but definitly better than underreaction.

    1. Re:More prepared? better prepared? by Anonymous Coward · · Score: 0

      First off, this isn't a troll...but will post anonymously anyway. I'm a Linux user -- Kubuntu Breezy on a laptop. I try to watch what I do with the machine, and definitely do not open strange attachments even with the idea that Win32 viruses won't affect me. (Not much of a chance, as I don't run WINE).

      I don't run ClamAV on my machine, as I don't have "a lot" of memory to begin with and not much to spare on processes that I don't think is justified.

      Should I be running ClamAV just in case there IS an outbreak of a Linux-targetting virus? Ok, well, after you've stopped laughing, seriously...should I run ClamAV?

      See, I also have an XP box and I run AVG on it along with MS Anti-Spyware Beta. I use this box for gaming, but it's not one of those uber-powerful boxes. I would rather not have those memory/cpu resources spent on AV/Spyware processes but I believe it's necessary. Everyone would agree that not having AV on a windows box is stupid.

      So the troll-esque question is -- why is it almost standard and acceptable that when you run Windows, you have to "sacrifice" resources to AV/Antispyware? Do we then have to take that into account when we compare performance between any other OS and Windows?

  22. but but.. by Deanalator · · Score: 1

    it said 15 million infections :-(

    http://webstats.web.rcn.net/cgi-bin/Count.cgi?df=7 65247

  23. Soft ehh, by stevea1210 · · Score: 2, Funny

    Looks like someone could use a little blue pill before using the Kama Sutra.

  24. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    It sounds like the news over hyped a story for no reason. Say it ain't so!

    The submitter was just trying to score some Karma Sutra points...

  25. Misprint in the virus email subject by killermookie · · Score: 3, Funny

    Instead of it saying "Schoolgirl fantasies gone wrong" it said "Schoolgirl does math homework and studies history".

    1. Re:Misprint in the virus email subject by Kesch · · Score: 1

      I fail to see the difference.

      --
      If this signature is witty enough, maybe somebody will like me.
    2. Re:Misprint in the virus email subject by ShibaInu · · Score: 1

      Or, "hot sexy grandmas!"

      Maybe "lesbian action with real lesbians"?

  26. If so, the story will be posted numerous times... by Anonymous Coward · · Score: 0

    over the next several days.

  27. Why it didn't effect many people... by Anonymous Coward · · Score: 0

    ...because many people are moving to Linux. Obviously if
    Microsoft's market share really is as big as they claim
    then the virus would have hit much harder.

  28. Re:What? I don't understand.... by Andrzej+Sawicki · · Score: 1

    Hey, at least they made me do my backup on schedule. This does not happen often, you know.

  29. It's bleedin' obvious by HalAtWork · · Score: 1
    There have been 'no reports of any (Kama Sutra) detonations so far'

    Well it's pretty obvious. Most places that allow Joe Public to post or report news require registration. The Kama Sutra deletes DOC files, where Joe Public keeps all of his passwords. Now they can't access e-mail, post stories, or read the NY Times to even find out about the virus. ;)

    But really, when the average user experiences problems on a PC, they're so bewildered by PCs as it is that they figure it's their fault and call upon the neighbourhood geek to fix their woes. Why would they ever hold software vendors responsible for any problems they experience in Windows? Downloaded software from Fred's Shed has enough spyware and malware as pack-ins, they figure it must be that. Or they just didn't know what they were doing.

    Are people not getting fed up of experiencing problems? Do they just decide to part ways with PCs or that they'll buy a new one or reinstall everything? Wtf?

    --
    Twinstiq, game news
    1. Re:It's bleedin' obvious by Tweekster · · Score: 1

      what in the hell are you babbling about? I have never met a user that keeps passwords in a doc file. Other than that I honestly cant make heads or tails from your rant.

      --
      The phrase "more better" is acceptable English. suck it grammar Nazis
    2. Re:It's bleedin' obvious by dtfinch · · Score: 1

      Everyone knows that passwords belong on sticky notes.

    3. Re:It's bleedin' obvious by Anonymous Coward · · Score: 0

      So I guess you don't know anyone who runs Windows? ;)

  30. Re:If so, the story will be posted numerous times. by oliana · · Score: 1

    Acutally, if the story were to be repeated numerous times over the next few days, it would be nothing out of the ordinary.

    --
    In Soviet Russia, asses suck this joke.
  31. Karma Sutra by dusik · · Score: 0, Redundant

    Karma Sutra worm hits ./!

  32. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    I'm thinking zero. I've seen a number of systems on which Norton was able to identify that an infection took place, but was powerless to do anything about it. In fact, I've never seen Norton actually remove an infection of any kind. Anecdotal evidence, true, but IMO Symantec products are worth less than the media they're printed on.

  33. Re:What? I don't understand.... by dusik · · Score: 1

    "Kama Sutra == faboulus sex in various positions fit for those training gymnastics since age five."

    * At least 18 - 5 = 13 years of training required by U.S. law.

  34. Yeah But... by Comatose51 · · Score: 4, Funny

    Yeah but just wait til the Tantra worm hits... wait for it... wait for it....

    --
    EvilCON - Made Famous by /.
  35. "Despite"? by Thad+Boyd · · Score: 2, Informative

    Despite warnings, or BECAUSE of them? The Houston Chronicle thinks the latter, and I'm inclined to agree.

  36. How can I ever show my face at work again? by ChePibe · · Score: 1

    I don't work today (well, not at my job at least... the joys of college life) and I was happily taunting all the other employees that covered the student open computer labs of the joy they were bound to have today while I leisurely took the day off for more importan things, like posting on /.

    Now, it looks like I'll have to hang my head in shame on Monday. Curse you media, curse you!

  37. Re:What? I don't understand.... by MrShaggy · · Score: 1

    Hwy.. nothing wrong with over-hyping something like this. Your right in your analogy. Anyone remember the panic of y2k ? A lot of work because of some liitle numbers that were hyped. I bellives that for the most part that the lights would go out for a while. Maybe a couple of stock markets migbht not open for a few days. Who knows... But no fallign planes or anything so fun.. but thanx for the warnings.. I can feel safe knowing my remote is y2k compliant... ;)

    --
    I have mod points and I am not afraid to use them.
  38. Brother? by darthservo · · Score: 0

    Are you the brother I never knew about?

    --

    Prove it.

  39. Re:What? I don't understand.... by cybercrime · · Score: 1

    And how ISPs are experimenting with notifying infected subscribers and blocking their traffic! Nothing like an opportunity to test a controversial measure in times of FUD.

  40. Tom jones: Sex Bomb by maggern · · Score: 1

    Sexbomb, sexbomb!

    I'm your main target, come and help me ignite.
    Make me explode although you know the route to go to sex me slow.
    No don't get me wrong ain't gonna do you no harm no,
    This bomb's made for lovin' and you can't shoot it far

    Sexbomb sexbomb you're a sexbomb
    You can give it to me when I need to come along
    Sexbomb sexbomb you're my sexbomb
    And baby you can turn me on turn me on darlin'
    Sexbomb sexbomb you're my sexbomb sexbomb
    You can give it to me when I need to come along
    Sexbomb sexbomb your're my sexbomb
    And baby you can turn me on

  41. Overhyped? by rueger · · Score: 1
    Surely not. Although the ZDNet report cited seems to have been based in large part on this lengthy and detailed analysis over at the Internet Storm Center:

    Ok, in some parts of the world it is already Feb 3rd and some damage is already probably done.
    If you know any story related to this event, please share with us .

    Samir Datt wrote to tell us about "unconfirmed reports" of damage in Bangalore, Ludhiana and Delhi. (email arrived 1am EST, 6am GMT).


    Yup, that's the whole thing. Sure glad that the folks at Ziff Davis linked to it!
    --
    Three Squirrels
  42. More likely... by ivan256 · · Score: 1

    C) The Anti-Virus vendors made a much bigger deal out of this than it really was to increase sales.

    1. Re:More likely... by dgatwood · · Score: 1
      D. The downturn in the virus attempting to spread is because all the infected machines ate themselves.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  43. Dang it! by darthservo · · Score: 3, Funny
    I was planning on this thing being big!

    Now what am I going to do with 500,000 T-shirts, stickers, coffee mugs, mouse pads, and other miscellaneous paraphernalia printed with the slogan "I got pwned by Kama Sutra!"

    --

    Prove it.

  44. Failed Marketing by mnmn · · Score: 1

    I can hear the marketing department of a dozen antivirus companies go

    "Oh Crap"

    Where have all the virus makers gone anyway. We must either start funding script kiddies, or get into the antispam business.

    --
    "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
  45. Re:What? I don't understand.... by Fishstick · · Score: 2, Informative

    Funny, but a nit-pick, if I may...

    * At least 18 - 5 = 13 years of training required by U.S. law.

    take a look a this: http://www.avert.org/aofconsent.htm

    the age of consent in the US differs from state to state, 18 in (quick count) only 13 states (most 16, 17)

    and the US State with the lowest AoC goes to... (drumroll)

    South Carolina @ 14!

    They should adopt "Lowest age of consent law in the union!" as their new state motto and put it on license plates.

    --

    There is much cruelty in the universe, John.
    Yeah, we seem to have the tour map.

  46. Re:What? I don't understand.... by TCQuad · · Score: 3, Insightful

    And think how many of those people now believe the little more protection they just purchased is absolute protection and that they're free to open any and all attachments they get from now on.

  47. Re:What? I don't understand.... by Fishstick · · Score: 3, Funny

    Ok, I screwed up (no pun intended)

    The great states of Iowa an Misouri also have 14, and where there are two different numbers for the same state it means

    the law within that country or state varies according to region or circumstances.

    So, I'm guessing 14 is legal if you are married (preferrably to a close relative), ;-)

    --

    There is much cruelty in the universe, John.
    Yeah, we seem to have the tour map.

  48. Kama Sutrat hits softly... by xutopia · · Score: 2, Funny

    It's called foreplay!!!

    I jest!! :-D

  49. Re:What? I don't understand.... by SatanicPuppy · · Score: 1

    In South Carolina, and this isn't actually a joke, the age of consent is fourteen...with your parents permission.

    It's 18 otherwise. Made for many many "Do you have a note from your parents?" jokes when I was in high school.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  50. Re:What? I don't understand.... by WlfRecon · · Score: 2, Insightful

    And just look at it this way, if a person was only prompted to install an AV system when the news hyped up this worm then do you think that same person will be very likely to keep the system updated and run regular checks? Doubtful.

    --
    Semper Fi
  51. ridiculous by Anonymous Coward · · Score: 0

    i am in shock and awe that people thought this was going to hit hard. the vast multitude of steps that had to be done manually by a user to infect your machine was silly. this has nothing to do with windows security, there is no patch for stupid. if people freely run scripts that are attached to porn emails that randomly turn up in your in box, than the world of pc's, regardless of OS, is not for you. i have two windows boxes at home, both with NO anti-virus at all, i didn't even bother checking them for this virus while watching panicked "computer security specialists" on tv talking out their ass. BTW, i have had home PC's since the apple II and i only install anti-virus once a year for a sweep and i have only had one virus or security related problem on a home pc ever...and that's with MS Windows. i can't believe what passes as experts these days.

  52. Re:What? I don't understand.... by Fishstick · · Score: 1, Redundant

    Wow, some state legislature actually drafted and voted in a law that makes it legal for your 14-year-old to have sex, as long as they have a note from home!

    Like I said in another comment, sounds like an exception for marriages involving close relations. I know I've heard that in some states you have to be 18 to get married, unless you have permission from your parents and then it's 16. 14 - wow, that seems seriously messed up to me.

    --

    There is much cruelty in the universe, John.
    Yeah, we seem to have the tour map.

  53. Re:What? I don't understand.... by NMerriam · · Score: 1

    Before you get too excited about low ages of consent -- you can STILL be charged with "corruption of a minor," "exposure to a minor" and similar crimes for having relations with someone under 18. If the parents, cops, DA or whoever wants to get you, they CAN get you and put you on a sex offender list for the rest of your life.

    --
    Recursive: Adj. See Recursive.
  54. Kama Sutra is a Tantric Virus... by Anonymous Coward · · Score: 1, Funny

    It's obviously controlling its execution and waiting as long as possible before delivering its payload :-)

  55. Usability / Foolproof Design by lotrtrotk · · Score: 1

    "Foolproof design", and "solid usability" don't go hand in hand. The more you try to prevent users from being able to do things that might infect themselves, the more you prevent them from being able to DO THINGS!

    You can make something more fool-proof. But they'll just come out with bigger fools.

    1. Re:Usability / Foolproof Design by c0d3h4x0r · · Score: 1

      "Foolproof design", and "solid usability" don't go hand in hand. The more you try to prevent users from being able to do things that might infect themselves, the more you prevent them from being able to DO THINGS!

      You're completely wrong. Security (of the user's own system, where the user IS their own sysadmin) doesn't mean blocking users from being able to do certain things. Security means always presenting users with an opportunity to confirm/decline a potentially dangerous operation, combined with explaining that choice to them clearly in layman's terms so they can be informed enough to make the right choice.

      And when I say "choice", asking for admin credentials in order to carry out an operation is still just a form of confirmation. It simply has some authentication built in as well, so that from an organizational perspective, the "you don't have enough information to make the right choice" policy can be enforced by a separate sysadmin.

      Stupid users only do dumb things because they lack information and understanding. If the OS did a truly good job of FORCING them to stop and read something before confirming it, and it did a truly good job of explaining, in layman's terms, WHAT they were being asked to decide and what the consequences of each choice were, then you would never have to BLOCK the user from doing anything. All you would ever need to do is stop and ask them to make a choice.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    2. Re:Usability / Foolproof Design by lotrtrotk · · Score: 1

      So then what your saying is... Providing the user with a very detailed & descriptive "Yes/No" dialog before installing Screensavers 2000 Plus, is "foolproof design"?

      Giving the user the "choice" means that they COULD make the WRONG choice.

    3. Re:Usability / Foolproof Design by c0d3h4x0r · · Score: 1

      So then what your saying is... Providing the user with a very detailed & descriptive "Yes/No" dialog before installing Screensavers 2000 Plus, is "foolproof design"?

      No, what I'm saying is that it would be foolproof if you provided the user with a dialog that says something like this:

      WARNING!
      The program 'Screensavers 2000 Plus' is trying to write to a restricted area of
      your system. This may be an attempt to hijack your computer. Only grant this program
      access to carry out this operation if you are a computer expert and you truly know that
      this program has a legitimate reason to be attempting such an operation.

      To grant 'Screensavers 2000 Plus' permission to carry out this operation, enter credentials for an administrative account below.

                  USERNAME: [ ]
                  PASSWORD: [ ]

      [Grant Permission] [Deny Access]

      Note that a visible timer on the dialog would count down for some reasonable duration (say, 10 seconds?) to force you to read the dialog before the "Grant Permission" button would be enabled.

      If this kind of confirmation and education were built into the OS at every level, then yes, the system would be as foolproof as you can possibly make it. You have to admit that with a dialog like that, even Grandma can probably make the right choice.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    4. Re:Usability / Foolproof Design by joecr · · Score: 1

      You forget nothing is fool proof to the suficintaly talented fool. You are just making it ID10T resistant.

      One thing that might help is to have the computer read alloud the warning & make it so you can't click ok untill at least 10 seconds after it stops talking, but still that would not be fool proof. The only way I can think of to make a fool proof computer is that it kills all of the people who are ID10T's or do something stupid, but that would mean we would have almost no one left on this planet of ours.

      I only suggest this because it might force people to actually pay attention as they just might want to live.

    5. Re:Usability / Foolproof Design by c0d3h4x0r · · Score: 1

      While I share your frustration with users not tending to read or understand things, it's really not the user's fault. It's the fault of the software for not presenting text in ways that make it compelling for users to read it and for not phrasing text in layman's terms that ordinary people can understand.

      --
      Moderator hint: a comment is neither "Flamebait" nor "Troll" if it is true.
    6. Re:Usability / Foolproof Design by joecr · · Score: 1

      Well then you just might want to go to Wal-Mart. At the self check out lanes it tells you all of the simple things you need to do. Do they pay any attention to when the voice tells them their change is under the scanner? Of course not, then they wouldn't leave behind $100 a the register (I've seen this several times & from talking to other employees it sounds like I'm not the only one that the ID10T's do this to.), they just ask the person dealing with them & all the stupid questions that they keep asking. I can think of several other things like that just with the self checks that people don't pay attention. It really irks me when they don't pay attention. I also hate it when they are just plain stupid & ignore the good advise I give them.

      I should know what I'm talking about as I've been a cashier for over 16 months at two different stores & they act just a stupid at both stores. I also am considered the most well informed about how the self checks work & how best to use them at both stores. I have no hope for people to get a brain, or figure out how to use the one they have on their head.

      So I still stand with the only way to get them to pay attention is to make it worh their while. In other words they get to live if they pay attention. If you don't well death to you. I know it sounds really cynical of me, but I've never seen people act in their own best interest unless they were told the results would be death. For some reason they start to pay attention. I guess they don't want a game over.

  56. Re:What? I don't understand.... by MobileTatsu-NJG · · Score: 1

    "It sounds like the news over hyped a story for no reason. Say it ain't so!"

    So... was the story overhyped, or did the hyping of the story cause ppl to protect themselves? If it's the latter, kudos.

    --

    "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

  57. Over hyped? Maybe not... by Anonymous Coward · · Score: 0

    I've read a lot of comments saying "Over hyped" but maybe in this case that's a GOOD thing. My dad didn't know ANYTHING about it at all until he called me out into the family room asking "Did you hear that?" "What?" "The Kama Sutra worm." "Oh. Yeah. Don't worry. We're fine."

    So maybe all of the news exposure was a good thing.

  58. Re:What? I don't understand.... by dusik · · Score: 2, Funny

    South Carolina @ 14!

    They should adopt "Lowest age of consent law in the union!" as their new state motto and put it on license plates.

    ... except a lot of people might object to the term "union" in SC :)

  59. Unintentional Humor? by frenchs · · Score: 0, Redundant

    I can't be the only one who snickered when I saw the subject of this post. Anybody else?
    -s

  60. Re:What? I don't understand.... by Anti_Climax · · Score: 1

    I know my friend's parents bought and installed a copy of mcaffee anti-virus, despite her urgings to use AVGFree instead. I'm sure the AV companies are making bank off the headlines.

    --
    Even people that believe in pre-destiny look both ways before crossing the street.
  61. Only thousands of files and hours of work lost . . by ulfhednar · · Score: 1

    Just another day of working with MicroSoft.

    Move along, move along.

  62. Kama Sutra Worm Hits Softly by stringycheese · · Score: 2, Funny

    I thought this article was about a new sex toy

  63. Re:What? I don't understand.... by NtroP · · Score: 1
    According to the F-Secure entry "...the Municipality of Milan had many of their 10,000 machines infected by Nyxem.E and have chosen to switch off their network today."

    Also see here (if you speak Italian)

    Seems like having to have 10,000 computers shut down for a day is a big deal... We won't hear about the real impact until next week, I'm guessing.

    --
    "terrorism" and "pedophilia" are the root passwords to the Constitution
  64. Re:What? I don't understand.... by jb.hl.com · · Score: 1

    What a stupid idea. That's like saying that if people buy condoms, they'll just have lots of unprotected sex and get HIV because they think they'll be protected, so it's best not to buy condoms.

    Any decent virus scanner worth its salt should pick up email viruses anyway.

    --
    By summer it was all gone...now shesmovedon. --
  65. Oh THAT one might have hit softly... by 20th+Century+Boy · · Score: 2, Funny

    The Scorpion Worm, however, will rock you like a hurricane.

  66. It's both... by Anonymous Coward · · Score: 0

    ... so you can't really go wrong in calling it a worm or a virus. However, I think the term virus should supersede worm, but maybe that's just me.

  67. Re:What? I don't understand.... by just_another_sean · · Score: 1

    Yeah, they had a field day with this one. Some brilliant wag said "hey, end of the world headline *and* a sexual conotation on the name!" Pure gold...

    People ate it up though. I received no less then three articles from my boss on this "impending doom".

    But the fact that it depended on user stupidity and not a hole or exploit had me calm over this. Not to say that some of our users aren't a bit clueless, it's just that they value their jobs enough to avoid emails that offer them "free nekkid pics".

    --
    Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
  68. Re:What? I don't understand.... by Fishstick · · Score: 1

    > Before you get too excited about low ages of consent

    excited? no
    revolted? sorta
    suprised? not really
    up in arms? hardly

    --

    There is much cruelty in the universe, John.
    Yeah, we seem to have the tour map.

  69. A bad but apt analogy, try this one one for size. by twitter · · Score: 1
    What a stupid idea. That's like saying that if people buy condoms, they'll just have lots of unprotected sex and get HIV because they think they'll be protected, so it's best not to buy condoms. Any decent virus scanner worth its salt should pick up email viruses anyway.

    Condoms in a kama sutra story, nice but not quite right. Condoms have been shown to be effective. Antivirus programs have yet to protect anyone from the yearly M$ spread disease. OpenBSD might be considered a good condom, GNU/Linux distributions are condoms too but some are like the kind you get at a truck stop or the feel good extra thin kind. A distro with Macromedia Flash might be considered, "ribbed for her pleasure." Hooking up Windoze to a network is kind of like going blind drunk at a gay bar on the wrong side of the tracks.

    As it was in the beginning, is as it is and ever shall be.

    --

    Friends don't help friends install M$ junk.

  70. Re:What? I don't understand.... by hotdiggitydawg · · Score: 1

    And think how many more people, having done that, are at least in some way a little more protected from becoming a spam zombie.

    No, don't tell me, I know this one... erm... hmm... both of them?

  71. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    Terrible analogy which holds absolutely no weight. I'm not even going to explain why because it's so blatantly obvious.

  72. Re:A bad but apt analogy, try this one one for siz by Anonymous Coward · · Score: 0
    Slashdot: come for the infantile philosophy, stay for the immature name calling.

    Thank you so much for contributing to the improvement of the signal to noise ratio in this discussion.

  73. Re:What? I don't understand.... by Sky+Cry · · Score: 1

    Get a warning like that everyday and you'll start ignoring all warnings, including the real ones.

  74. Re:A bad but apt analogy, try this one one for siz by twitter · · Score: 1
    Thank you so much for contributing to the improvement of the signal to noise ratio in this discussion.

    Given your interest is in reducing S/N ratio here, I know your thanks are as sincere as the rest of your posts.

    --

    Friends don't help friends install M$ junk.

  75. Re:What? I don't understand.... by n54 · · Score: 1

    Not sure exactly what your opinon is but there's so many people who think it was a non-issue and in that case: http://en.wikipedia.org/wiki/Y2k#Reported_errors

    It's a puny list which doesn't surprise me as most of the failure cases I know of are covered by confidentiality agreements.

    Three cheers for self-defeating prohecies (http://en.wikipedia.org/wiki/Self-defeating_proph ecy) be it viruses or anything else bad :)

    --
    this comment is provided "as is" and without any express or implied legibility or congruity [...]
  76. botnet ops by Anonymous Coward · · Score: 0

    I have a botnet with 20,000+ nodes, I scanned my machines for this last week. I dont want to share my bitches with anyone else.

    1. Re:botnet ops by Anonymous Coward · · Score: 0

      Am I one of your bitches?

  77. crying wolf? by dimeglio · · Score: 2, Insightful

    Healthy paranoia or y2k-like panic? Personally, from all the attention these warnings have generated, I was expecting mayham; instead, we get "no reports of Kama Sutra explosions."

    Maybe this was the reaction intended by the author of the worm - to prepare the real next BIG attack when no one pays attention to warnings anymore.

    --
    Views expressed do not necessarily reflect those of the author.
  78. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    So a 18.05 year-old male has sex with a 17.98 year-old female and the male is branded as a rapist for life if convicted?

  79. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    It's like deja vu all over again. The same thing happened about 15 years ago (way before ) when the Michelangelo virus was supposed to strike, the media covered it as the end-of-the-world-as-we-know-it, and... poof... nothing happened.

  80. Okay by Anonymous Coward · · Score: 0

    heh...heh...heh...just wait until July 4th, 2055.

  81. In Vitro Virus (was:IT'S NOT A WORM!) by Gary+W.+Longsine · · Score: 1

    Please spoo into this test tube, sir, while ma'me lies back waiting for the turkey baster. Pay no attention to the highly educated and trained staff, supported by millions of dollars worth of complicated medical equipment who will perform magic behind the curtain.

    This "email worm" is more like a virus than a worm. It doesn't exploit an automatic execution hole in a popular email package, and thus it requires a user to execute the malware for it upon receipt of the email. This is social engineering, and purists can argue that it's a virus, not a worm. It doesn't self replicate, unless expensive medical intervention (in vitro fertilization) is also self-replication. (Note that this effort with respect to the malware requires only a modestly educated and trained person with a five hundred dollar PC to help execute the virus to steal or otherwise wreck havock on valuable data, rather than a highly skilled staff with millions of dollars worth of equipment.)

    Well, in some circumstances it might self replicate. Symantec's description indicates that it attempts automatic propagation (including execution) using Windows C$ and Admin shares. This probably works in some LAN environments.

    Like so many other bits of malware, it sports a mixture of virus-like and worm-like features (although not many worm-like features in this instance). Many other bits of malware last year routinely arrived in an email and then, once actived by a single user behind the company firewall, began probing the network to exploit one or more wormable holes.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
    1. Re:In Vitro Virus (was:IT'S NOT A WORM!) by TheSkyIsPurple · · Score: 1

      > This "email worm" is more like a virus than a worm

      That was kind of my point. These aren't always clearly separated enough that someone can say "C'mon! of course is THIS and not THAT"

      It exhibits some wormish properties, and it exhibits some virusish properties. By strict definition of either, it is neither, but something different. (It doesn't spread entirely without intervention; nor does it infect an executable)

  82. Re:What? I don't understand.... by Anonymous Coward · · Score: 0

    In this Videochat are all over 18 years old!Live Videochat

    Have a nice day!

  83. Which is the better scenario? by philntc · · Score: 1

    When it comes to virus warnings, predictions, and precautions. There's a stark choice. Cry wolf and have nothing happen, or stick head in sand and get kicked in the butt?

  84. Only open safe files by GodWasAnAlien · · Score: 1

    Only 'safe' files should be opened.

    A text file is safe, so that can be opened if clicked, right.
    An html file is safe, assuming the browser is safe.

    A word document is safe, unless it has macros.
    Probably, when launching word by association, a special flag should be passed. 'word -nomacros'.

    An excel document is safe, unless it has macros.
    Probably, when launching word by association, a special flag should be passed. 'excel -nomacros'. ...

    An EXE/BAT file is not safe....