Slashdot Mirror
Massive Spam Shot of "Storm Trojan"
jcatcw writes "Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through email. 'Expect this to grow much larger,' a Postini spokesman said; 'It should top out at 60 million messages within the next 24 hours.' It's the largest attack in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. The spam carries a ZIP file attachment posing as a patch with subjects such as Worm Alert!, Worm Detected, Spyware Detected!, or Virus Activity Detected."
My AVG seems to have quarantined a couple of these yesterday.
I'm a fiscal conservative, it's a pity we don't have a political party anymore
After all these years of malware on Windows systems, I think it's high time someone took Microsoft to court and at least charged them with contributory negligence. After the Mellissa virus, they can't claim that they don't know the hazard.
The person to bring this suit would need to be someone who's not a licensee of any MS products, but has suffered losses from their network getting DOS'd by Windows zombies trying to trade copies of the malware of the hour.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Does this variant run on Vista? That'd be too funny.
Good thing I installed that anti virus program that unexpectedly emails me attachments to protect me. Otherwise I'd be in trouble!
Life needs more saving throws.
My officemate got it as the Britney / Paris porn thing twice this week. But she wasn't interested. I got it once. I wasn't interested. I've gotten the "Spyware detected!" with the zip file attached three times: twice at work, and once on my Yahoo! account.
I work at Department of Agriculture, so I'm surprised they didn't install themselves ;-)
I didn't think the house band in Hell would play this badly.
This was an image file so I typed it out to so maybe a nice person with mod points will redeem my terrible Karma... -- Dear Customer, Our Robot has detected an abnormal activity from your IP address on sending e-mails. Probably it is connected with the last epidemic of worm which does not have offical patches at the moment. We recommend you to install this patch to remove worm files and stop email sending, otherwise your account will be blocked. We had archived the patch becouse the worm can modify unpacked exe files. you should open the archive file, enter the password and run the patch immediately. Password: ugh11 Customer Support Center Robot __________ NOD32 2120 (20070316) Information __________ This message was checked by NOD32 antivirus system. patch-95150.zip - is OK patch-95150.zip > ZIP > patch-95150.exe - error - password-protected file http://www.eset.com/
We use Postini, and I still get these emails frequently. Thunderbird's Bayesian filter does a great job at marking them though.
Does that mean it's now good bait to use for phishing?
The msg body was a GIF containing text telling me there had been virus activity from my IP and I should run this "patch" to fix it. The "patch" was a zip file they said they had to send as a zip so my "comprimised virus scanner" wouldn't reject it. If I didn't run the patch, my internet access woudld be cut off. All I had to do was unzip and run the patch and all my problems would be solved. HA!
We all had a chuckle at how stupid someone would be to actually do that - then we realized grandma probably would, not knowning any better. All the more reason to get grandma off windows and onto at least a Mac, if not Linux.
...trap for the unsophisticated Web user. I mean, if you get an email from someone you don't know telling you to update your anti-virus, wouldn't you think that's a little suspicious?
I don't get much spam, because I really don't let my email address float out in the wild, so this kind of thing never bother me. But it just makes me wonder when someone is going to take some initiative and try to build a better system, to minimize the human element as much as possible.
GetOuttaMySpace - The Anti-Social Network
All the more reason to get grandma off windows and onto at least a Mac, if not Linux.
Out of curiosity... since this is a completely social hack, and is just a means to trick somebody into opening up a compressed file and running the included executable... why would a Mac or Linux user be immune? Cannot Mac and Linux users also run executable programs from their desktops? You're confusing the ability to run a program of your choice with the means by which someone is fooling you into thinking you should choose to run it, right?
Don't disappoint your bird dog. Go to the range.
WARNING! Your computer is infected with a virus. This virus could be transmitted to you, and you will die within 24 hours.
Please forward this email to everybody you know, then smash your computer with a sledgehammer. NOTE: you must forward the email BEFORE smashing the computer, not after.
###
I swear to God I think people would actually do that. What the hell can the operating system do if people are willing to save a zip file, type in the password, and then run the contents?
Maybe Microsoft should refuse by default to run any software that didn't arrive on a CD. But then the virus will just include instructions to burn it onto a CD before running, and people will probably do that, too.
Er.. apart from the fact that this is a major security problem and Vista is advertised as "much more secure" and that it's also supposed to have multiple privilage levels for the same user and this would be exactly the kind of problem which would be stopped by executing programs from email with lower privilages and that a user level trojan would be an ideal case for blocking with an O/S level built in firewall and that if the anti-virus people were able to do low level things on Vista, it would probably also be more easy for them to block this kind of thing at the point where you try to do file access and so many other things that I would probably run out of breath and die trying to write this without using any commas or full stops;
No; this has nothing to do with Vista.
Sure, you could write a trojan targeted toward those OSs. And you could presumably trick users w/o regard to the OS they use. But it's far more likely that the windows user is logged in with full Admin privileges. The Linux and Max users are probably not, limiting the extent that the trojan can mess with their systems. You probably could trick the Mac and Linux users to log in as admin, to change the file mode to executable, and run the trojan. However, at each step, the user might just wise up and have second thoughts. Wouldn't stop all cases, but with something like this, it doesn't hurt to improve the odds in the good guys' favor.
I am not a crackpot.
What somebody needs to do is write a program to do thermonuclear detonation simulations, that would be easily run on millions of computers, sort of an "Armaggedon at home" project. One of the criminal gangs will then lease their botnet to some group that starts using the simulator to do some cutting-edge bomb research.
There is little question that the computer that deserves to be at the top of the Top 500 list is a botnet. It's only a matter of time before that computer power gets used for truly nefarious purposes, and my guess is that it's a matter of not much time at all.
The question is what the response will be -- will the insecure computer problem be fixed or will the internet just be destroyed?
Thad
I love Mondays. On a Monday, anything is possible.
If the any computer is not properly administered, it will be compromised by users that don't know any better. They can't possibly be aware of the differences between Microsoft automatically applying updates and other such "software updates" that might be required.
One sort of computer doesn't need to be administered any more than your toaster or TV needs to be administered. If the programming cannot be changed by the user in any way and all it does is read email and browse the web. Period. Maybe play some music sometimes. Ideally, such a device has its programming in ROM (not flash) and cannot be changed in any way. No instructions are ever put on R/W memory, ever. Completely and utterly secure the way your toaster is. How many people have found exploits for a toaster?
Windows is perfectly secure when it is properly set up and administered. The problem is that you can't install software on such a computer and you can run all sorts of fun applications. Gee, isn't that too bad. One solution is to require every user to either (a) switch to a appliance that cannot be compromised, (b) pay the ISP to administer their computer or (c) pass a test to be qualified to have a general-purpose computer connected to the Internet. And yes, the test should be similar to the FCC license for HAM radio: long, incredibly detailed and most people can't pass it without lots of work.
The operating system cannot be made secure from users adding software if they are supposed to add software. But users aren't qualified to add software to their computers and if they are allowed to do so, they will add things that will eventually destroy the ability to use the Internet.
I thought I had an abnormal amount of spam today. Usually just get 30-40 for the domain. These were addressed to ssdb@blah yykh@blah, etc. Accounts I've never used. I suppose I'll have to turn off the catchall account for awhile.
Right so a trojan will have a more difficult chance of compromising the OS itself. However it can still destroy the users data easily and to most people the data is the important thing. So if trojan writes cant figure out linux/os x (but we all know they will eventually) they might just get nasty and destroy data instead. In the end A. Dont take candy from strangers.
why would a Mac or Linux user be immune?
Probably because the executable inside is a Windows executable, and won't run on a Mac or Linux.
Let's say GM left something wide open in their cars that allows a bad guy to steal a Chevy, then blow up fifty or a hundred or a thousand other GM vehicles by remote control. You bet I would sue GM if my family was in one of the cars that blew up.
...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
Except the fool users that already unpacked and executed the file will then just type in the appropriate password when required in order to apply the patch.
There is no chance of this not succeeding with people that have no business being responsible for administering a computer.
That's why I said MS should be held responsible for flaws in their system that allows remote exploits like the RPC exploit that was quite popular before SP2 for XP.
What we're talking here is a guy coming up to you, telling you your car is unsafe and that he needs the car keys to drive it around the block to check if it is in danger and to fix it in his garage. Who should be responsible for that, GM or the cluebrick that hands over his keys?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
A BOFH at my company decided that the email server would not accept any M$ executable file attachments (.exe, .src, .zip, etc) four years ago. Yes, yes that was me. Our ClamAV spends most of it's day dumping fishing emails.
I've had a handfull of customers email me on this one yesterday and today.
"This is the same as the last 'patch' email I told you we never send, delete it"
Can all fish swim?
...is that malware has better installation instructions than any of our other software. When people see documentation, it's like a dream come true!
Ah... disillusionment. :-)
We have a set of filters in place that scan every incoming message (for viruses, spam, etc.). It looks like in the last 24 hours or so we've blocked a few thousand of these. They seem to be coming from all over the place, with a variety of subject lines. We block any IP that sends us malicious messages more than twice in an hour (the block stays up for 24 hours, I think), so the 2-3,000 we've blocked could be a drop in the ocean - or may not be. That's still a lot more than we get for most incidents like this.
Lead developer, http://wisptools.net
Why don't you think Mac users run as admins?
I am a big fanboy, 12 switchers and counting, but every time they would get a Mac, the first and only user account created would be the admin one.
It's not called root, but nevertheless it is an admin account.
So I would guess that most of the Mac users are running as admins, with a full mail server waiting to run right underneath their fingertips.
Lawsuits - the solution to and cause of all life's problems....
(with apologies to Homer Simpson, and beer)
"But this one goes to 11!"
Right, it couldn't destroy the entire operating system in Linux or a Mac, perhaps, but it could delete all of Grandma's photos, documents, email, bookmarks, and so on. Which is probably what she'd really care about.
Celebrate the finer things in life
Actually, there is a technical flaw, not just a human engineering one. The system allows users to install software, with global system implications, with no confirmation. My Mac confirms such things with me, and seems to get it right. My Linux box won't let me touch the global system configuration at all unless I su to root.
This has always been the problem. I recognize that there is incompetent Windows software out there that won't run without Administrator privileges, but that's another issue. If you really need privilege to do something (like change your password), others systems have ways of temporarily elevating privilege. Like suid on Unix.
...laura
Sounds convincing; however, certain classes of virus and worm fall outside this view. SQL Slammer? Didn't write to disk, didn't need to. Restarting your computer cleared the virus, for the few seconds it took to get infected again. A `read only' solution wouldn't help. Properly set up and administered? You mean, not connected to a network? My exploit for a toaster would be to pop some bread in, hold down the tray lever until it caught fire, and the watch as it destroyed your house. It's lack of accessability that causes the security there, not the innate design perfection of a toaster. I am also afraid that computers *are* appliances, and more, they're appliances that people require in order to do work. Halting the business world for a few months in order to `qualify' everyone would be more trouble than the internet's compromised machines are worth. For what my tuppence is worth: 1. Security by design: computers shouldn't need virus checkers. Probably also strength in diversity: if less people ran windows, less people could spread windows viruses. 2. Target the cause of the problem. If goods/services couldn't be sold by spam email, then there would be no incentive to send them. 3. User education, with a more inclusive and less elitist stance from the internet experts. 4. Quenching at source: ISPs should have a procedure for stopping spam zombies. Perhaps blocking port 25 at account creation, unless requested open by the user. Some method of blocking open relays too.
But there's no money to be made by deleting Grandma's photos of the grandkids, and money is what malware authors are all about these days.
Right, it couldn't destroy the entire operating system in Linux or a Mac, perhaps, but it could delete all of Grandma's photos, documents, email, bookmarks, and so on. Which is probably what she'd really care about.
It's also the thing that malware writers care the least about. They tend to be more interested in creating botnets or routing spam than deleting grandma's photos. Windows is a much better target for these aims.
Don't become a regular here -- you will become retarded.
If Grandma is running Linux, she's probably aware that her grandson takes care of all that sort of stuff. If it's a Mac, she knows that Apple takes care of everything.
If people thinks it's a critical security update, why would they be surprised that it requires admin privileges? They've already jumped through a dozen hoops to get to the point of running the program, so I don't see why this (a logical requirement) would faze them.
GP: oops, change all occurrences of "what" to "as" in my post.
P: You luser! You only want to change one occurrence, so why force the system to keep looking once it's found? Do you think CPU cycles are free or something? Besides, it's bad practice to use the "g" without thinking about what you really want first.
I think it is a combination of lack of understanding of the motives of the people who write this stuff, combined with a lack of understanding about the technology. Consider this point of view:
Why would someone want to write a program that deletes all my files? What is the point of that? What do they gain? Nothing, so why do it? And programs opened through email can't control my computer. The keyboard and mouse is the only way to make a computer do things.
It is only experience and knowledge that tells you not to open emails from people you don't know; not common sense.
I swear to God I think people would actually do that.
Then it would seem spreading such a virus hoax might help this sort of problem. Users stupid enough to fall for it would immediately lose their internet access.
//Information does not want to be free; it wants to breed.
And you could presumably trick users w/o regard to the OS they use. But it's far more likely that the windows user is logged in with full Admin privileges.
But it doesn't matter.
The trojan/worm need not be an administrator to trash a user's computer, even with Linux. Let's use Ubuntu as an example. It can still send mail and propagate just fine as a regular user. It can also trash that user's documents and files (which are likely to be the only important data on the machine). It can use a crontab entry to start a daemon on a high-numbered port, which will run without user interaction, or without them even being logged in. That daemon won't be root, but it will still be capable of being a very proficient zombie.
After that, for good measure, it can just run gksudo and simply ask the user for root permission. Ubuntu users are absolutely content to enter their own password into gksudo whenever prompted, especially when performing updates and patches (as this claims to be). So, the trojan will readily then gain root and be free to run completely amock. Trashing or rooting the OS is the obvious next step, but it's probably not even needed after all of the damage and infiltration already accomplished as a regular user.
Seriously - just because it's not Windows does not mean that it's secure. As long as people are able to run arbitrary programs on their own computers, these types of things will continue to be a problem...no matter what kind of computer it is, and no matter if it has root/administrator priveledges or not.
Kid-proof tablet..
A good campaign of email virus inoculation should do the trick. Start a series of spam which looks exactly like a virus, but just puts up a "If this were a virus, you'd have just infected yourself!" message, thus training users to just don't open it!
Possibly add a link or button (perhaps labeled "Click Me!") which puts up a follow-up message for the especially thick user: "For heaven's sake, you're just making it worse. Quit clicking these things!"
Executables are frequently distributed inside compressed archives (eg, ZIP files) in order to prevent email filters from automatically removing them as "dangerous file types." There are ZIP extensions and TAR natively includes UNIX privileges, so there'd be no need to chmod +x malware, as the decompression utility would do it automatically.
To the best of my knowledge, none of these formats will set the setuid bit, though, so from there you'd either need to get the user to run it as root (sudo malware) or, much more likely, use a local root exploit.
I don't know how the GNOME/KDE "sudo" interactive applications are used, but it's probably possible malware could simply use that to ask for root privileges. Home users would almost certainly have sudo access if only to be able to run software updates as well as install new software.
In short, Linux won't make users any smarter. They could still be tricked into running malicious software - although it would likely involve more steps, which may help prevent problems.
You are in a maze of twisty little relative jumps, all alike.
The thing is Microsoft shouldn't make Windows do these destructive things so readily in the first place. This comes about by bad engineering and worse its passed off as "bad users".
Everyone loves the car analogy: Changing the oil in your car regularly is kind of a pain for some so how about adding a feature that makes this as easy as pushing a button so everyone can do this on their own without damaging their car or making a mess. The owner pushes the button, the old oil is flushed out of the engine, placed in a easy to remove container, new oil is put in the engine by just pouring in some new one. All fine and dandy except the largest manufacture decides to place the button in the middle of the dashboard plainly labeled "CHANGE OIL". Everyone knows you really shouldn't change oil while you are driving down the interstate but what happens when your kids are in the back seat throwing things at each other and something bounces onto the dash, onto the button? Or maybe your precocious kid sees daddy pushing buttons on the car and mimics what he does while the car is sitting at home? Hopefully you catch this before you jump into the car for work and even if you do you had to spend time in the morning correcting this. Or maybe prank callers dial up the owner claiming they represent the car manufacture and their car needs emergency maintainers by pressing the button...
This is a good feature (an easy method to change oil) with muddled bad engineering where one can say "Oh the user shouldn't have pushed the button!" but lets not ignore the fact the engineers shouldn't have violated any number of good engineering rules in the first place. "User education" is not a substitute for good engineering. Microsoft's continual abusing of HMI for "ease of features" is bad engineering where people know they aren't supposed to do any number of activities that can wreck their computer and yet they happen by accident anyway. Normal user activities simply should not result in a computer becoming a zombie no matter what they browse, what they run, what buttons they press. And worst, correcting the situation is made excruciatingly hard where many users simply give up trying to fix it themselves. The computer is supposed to do what the user asks but not help if they ask them for rope to hang themselves.
...can you run it on Linux?
3 things about computers: they're alive, they're self-aware, and they hate your guts.
Yes, but everyone knows that Mac is for the fun stuff and Linux is for the pr0n... who would want to hack that?
Windows is perfectly secure when it is properly set up and administered.
That's true, but too bad that in today's hostile environment the only definition of "properly set up and administered" WRT a Windows box means it must have no network connection to any networks, period.
Placing a Windows box directly on the Internet is like smoking a cigarette at a petrol station.
Source: http://support.microsoft.com/kb/925330/en-us
http://www.skullsecurity.org/blog/
I'm not seeing any statistically significant increase in either what's being blocked or what's being accepted by any of the MTA's I manage. Also, Trend Micro's spam stats don't show any major jump in activity either.
I have seen a couple of copies of the spam itself, but nothing major.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
for non-government groups, rarely does 'truly nefarious==money'.
damaged by dogma
That is absolutely true. I guess the only real solution I can think of is require some sort of computer IQ test, instead of cancel or allow.
Are you sure you want to do this?
"YES"
OK what is the end result of this computation 15 XOR 24 ?
" UM 17?"
No, please call your son to ask permission to perform this operation.
Well.. maybe. Or Maybe not. But Definitely not sort of.
>
unless you know something about electronics/radio
I agree that everything Grandma cares could be destroyed, but without those admin privileges, Grandma's box is not turned into a spam spewing zombie, which is a major problem with windows machines, because not only are they wreaking havoc on their own machine, they also are increasing the load of servers everywhere.
That analogy doesn't fit in this case.
It's an attachment- Microsoft didn't leave anything wide open- it is user error.
A more accurate analogy would be that someone put a detour sign in the road that made Chevy owners drive off the road off a cliff. How could you sue GM for that?
Either way the car analogies really aren't working for this and they all (especially mine) are sounding really forced and stupid.
"Once someone smart had said : There's no patch for stupidity"
Sure there is
"But this one goes to 11!"
Not if you mount the home partition with the noexec flag, which should be the default.
3 things about computers: they're alive, they're self-aware, and they hate your guts.
I was going to reply that a compromised user account couldn't be set up as a bot-net, but now that I think about it, you don't need admin privileges to open up port 25 and start spewing out a million messages an hour, do you? So really, what's to stop this from happening in Mac OS or Linux?
It may be a Storm Trojan in the USA, however in the UK it would be called a Storm Durex. Either are good for penetration.
Evil people are out to get you.
Nope, you can't do it on UNIX systems. Ports 0-1023 are all reserved and require root to bind to.
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
Well, yeah, that's what I thought at first also, but then how am I able to browse the internet and send and receive mail without sudoing?
It's a damn good idea!
I swear we should be allowed to give mod points to sigs... "-1, Offtopic"
OK, so I'm not the most knowledgeable guy when it comes to all things computer, so perhaps someone could help me out here.
From the articles I've been reading it seems that these compromised computers formed into herds are becoming a huge problem, (SPAM, DOS attacks and so on). In this article it says that they communicate with each other to pass instructions through their own P2P network. Now, the security researchers are intelligent folks, more intelligent that the herders I would hope, so why don't they start going for the source of this problem as opposed to simply reporting about it? Why can't they try to interfere with, or try to wrest control of the herd? If they could gain control of the network, even for a brief period, they could order all the bots to Windows Update to patch themselves, then disassemble.
Obviously, I'm making sound easier than it would be, but could something like this not work?
Probably because the executable inside is a Windows executable, and won't run on a Mac or Linux.
Except, I was responding to the guy who said: "All the more reason to get grandma off windows and onto at least a Mac, if not Linux."
Since this is a social hack that gets people to run arbitrary code, getting more people over to Macs and Linux boxes will just get the people delivering the social hacks to do the math, and wait for when it's worth the trouble to also deliver payloads for Mac and Linux users. In a case like this, the Mac and Linux users are safe BECAUSE there are so few of them. Be careful what you wish for!
Don't disappoint your bird dog. Go to the range.
It's hard to exploit a Linux user (or in a better way, it's too easy to exploit a Windows user).
First, no Linux decompressor run the code inside the package (differently from Windows, and uncompatible too). So you'll need the user to explicitly run the code (or explicitly chmod +x it and run if it's not compressed).
Then, email programs (and image viewers, browsers, text editors...) don't try to execute embebed code (again, it's the sane behaviour, Windows is the one off), and Linux users aren't used to answer idiot dialog boxes, so they'll probably read one if they get it.
Only a few programs require SUDO, for a normal user all of them are already installed inside a menu that makes it clear that they require SUDO. It's quite harder to trick a user into giving you his password.
And, finaly, Linux users get almost all its software from the distro (and not some random site at the web), and don't expect to have viruses, so that email wouldn't probably work.
Rethinking email
Ever notice how spammers always use such clunky grammar?
The coding of the virus itself is clever and it takes computer language skills which most people cannot and will not ever master. --And yet the same people can't seem to write a convincing English sentence to save their lives.
These guys never fail to sound like ESL Russians or console game junkies. (Probably a bit of both.)
Anyway, I find it indicative of something Big and Unhappy that half-baked social engineering scams performed by the barely-literate can still be effective. It does, however, offer a useful tool in avoiding traps. Knowledge! It's all the protection you'll ever need.
-FL
Since when do you need admin rights to run a spam zombie? Keeping it hidden and keeping it from being easily removed might require admin rights, but just running it surely doesn't. And on Grandma's computer, how long will it live before someone with technical knowhow kills it?
because you're connecting to port 25 and port 80 on another machine. When you send traffic out of your machine it can leave from any port number it wants really.
your.ip.goes.here:9000 -->> www.slashdot.org:80 works. As long as you connect to a valid bound port, it doesn't matter what port you leave from.
Now, if that makes sense to anyone, could you please explain it to me? I think I've confused myself.
So then a Trojan _can_ send out mass mail on a user account? Do they spell "Canuck" different in Texas?
Over the past 5 days I my AV system (Sonicwall w/ Kaspersky) has gone from 0-5 viruses caught a day to 50-100.
April
Email-Worm.Win32.Zhelatin.cq 75
Email-Worm.Win32.Zhelatin.cs 61
Password-protected-EXE 58
Email-Worm.Win32.Zhelatin.ct 7
Email-Worm.Win32.Bagle.mail 7
Email-Worm.Win32.NetSky.q 5
Email-Worm.Win32.Warezov.ms 3
Exploit.HTML.Iframe.FileDow... 3
Net-Worm.Win32.Mytob.eg 2
It ultimately shouldn't make sense. and everytime you see a question like this you have to say to your self...
mumble, mubmle.. base 7 ?!? stupid microsoft they could of at lease said it was base 7, or a normal octal base.
Well.. maybe. Or Maybe not. But Definitely not sort of.
And the "fools" learned to system administer where? On Windows? How is Vista helping with this education:
...... ARGGGH.
A program is trying to access a file; should I permit it? yes; A program wants to read blocks from a file; should I permit it? YES; The opeating system now wishes to move the disk heads to file FX53243; should I permit it? YES YES YES d$%#. Do you want to install "disk-eater-virus.exe"? YES
A good design would make 99% of things happen automatically (e.g. like Fedora or Debian software upgrades) and try to only ask questions where the answer is quite likely to be no. Windows, including vista, trains the user to always answer yes whilst at the same time pushing needless administration on them. Installing safe software should be automatic (e.g. like in some Linux) and not have to require admin access. Installing other software should flash up clear warnings which the users are used to answering no to.
Yes; some admin decisions are hard, but those are not the ones that your normal user needs to make. Administrating a home PC which is used for web email and games should be easy and challenging to mess up.
Was the internet in fact down? If it was late last Tuesday, I think that might have been the problem, because my computer wouldn't turn on either.
Shouldn't a nice white hat out there write a virus that uses similar social engineering to differentiate between those people uninformed enough to click on any old thing that shows up in their mailbox and those who know better? Because the test to determine which is which is being performed at the rate of, what, 60 million per day? Just to a detrimental end.
[Ego]out
Uh... what? I could rattle off plenty that could. First one that sprang to mind was old school - the Netbus trojan.
I have to say it's a combination of all three. Common sense tells me not to open attachments from emails that I'm not expecting, aren't explicitly addressed to me, and so on and so forth. If someone sent a snail-mail to your house, but addressed it to a neighbor, would you open that?
A) Most malware are Windows based EXE files. They won't run on Linux or Macs (don't get technical and mention wine! although I guess that is a possibility, I just don't see it being setup for easy opening of random EXEs for Grandma).
B) Even if Grandma does run some *nix specific virus, unless her grandchildren did her a grave disservice and have her running as root, the damage done should be minimal. Grandma's home directory might get wiped and in lieu of proper backups that would be horrible for her but there is only a very, very slim chance that Grandma running the virus is enough to escalate priveleges and root the box. Again, possible but unlkely.
So here we have Grandma running a Mac or Linux. Is she exposed to potential malware? Of course! But chances are, even if subjected to it, the damage would most likely be localized and the rest of us wouldn't be stuck with another zombie trying to send pr0n and RX spam to us.
Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
for eg
cjmt@bsd$ netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 192.168.10.75.60763 66.249.93.99.80 ESTABLISHED
Hmm. So you take your average Almost-Bright person, and buy them a cat named Patch.
... Gotcha. Let's try this instead:
Oh wait...
You mean
Patch for sub-optimal brain conditions:
Phenomenon - Movie starring John Travolta
Flowers for Algernon - story by Daniel Keyes, also made to a movie.
6 Million Dollar Man Episode "Burning Bright" Starring William Shatner
However, the common theme is we don't "deserve" to keep the brain patch, and the price for the extended brain boost is death.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
This type of attack would also work on the Mac, or any other linux distribution. It's all about trusting your source of where you get your applications at. All these nix based OS's have a horrible vulnerability to the dreaded home directory wipe with a simple perl script which many people have run themselves out of curiosity. People in the nix world download from third party repositories or sources because their distribution doesn't include the package they want or the compile options they wanted, or either compile on their own which could also be unsafe. I wish Ubuntu had more focus on the security side since it's becoming one the popular choice alternative OS, at least addressing the wiping of your home directory, perhaps developing something more radical than your typical linux distro.
You can easily secure yourself from these type of attacks yourself very easily, but requires a bit of knowledge to do which 90% of the users don't have. But at the very least you can say BSD, linux, Mac is a huge step up from Microsoft Windows in terms of security, but not perfect.
Awesome! Does it run better in Wine or Cedega?
signature pending slashdot approval
Wrong - Linux and Mac are completely vulnerable to this type of attack. You go to install something that you were told to do so and it prompts for the root password. The user then types it in and the machine is wide open. ... Why bother with less than 5% when you can get 95% in a single effort?
Have you ever done anything with free software or a Mac? Neither works that way and there are multiple barriers, technical and social. Only someone without any Linux or Mac use could believe differently.
In the Windoze world you seem used to, all you have to do is click on things and the machine is off to the races. Why the M$ people don't fix this is beyond me but I don't really care.
In the Linux and Mac world nothing that comes through email has an execute bit set, nothing from email can do anything. The user will have to pull up a command line, change the execute bit and then provide a root password.
The social barrier comes from knowing where software comes from and the ability to share. No Mac software is ever distributed as a zip file like this. In the non free world, software comes from dozzens of sources in dozzens of annoyingly different and incompatible ways. In the free software world, everything comes from your distribution through a single program. In both the Linux and Mac world, the user will ask around before installing random software, especially one junk from the mail, because they have been trained to think that way. In the non free world, people are trained to push every button because they are trained to "do as I say". It's a byproduct of a greedy and broken distribution and development model.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Heh heh, watch all those Windows PC's becoming part of not just a botnet, but a *P2P* botnet! Wow....
...I'm immune!
2 8/1631206.shtml?tid=115
Well, thanks to two things...
1.) OpenBSD's spamd
2.) GNU/Linux on my other boxes
And no, it's not because "Linux isn't used as much," as all the little MCSE's like to whine. Rather, it's because GNU/Linux and OpenBSD are simply fundamentally better platforms than any version of M$ Windows. FOSS is simply BETTER.
And here's how you can help stop spammers:
http://applications.linux.com/applications/07/03/
Yes, I'm the author, and yes, there is a spamtrap address hidden somewhere in this email. Humans won't see the fake address, but spambot email harvesters will. Here on Slashdot, it's easy for humans to see *where* I've done it, though. Think of it as my contribution to helping rid your mailboxes of spam from crap like this Storm Trojan. Please help join me; consider implementing the above in front of your mail servers, too, if you can possibly do so.
We can't put a total stop to spam, but we sure can misdirect the spammers, and thus hurt their pocketbooks.
--TP
If that's the case, I'm impressed with Ubuntu -- it would almost be as "good" as windows.
It's a computer. It just runs code.
It could be Windows, or Ubuntu, Slackware, or Fedora, or RHEL. It OpenBSD. It could be Minix. VMS. It could be a classic Macintosh, a new Macintosh, or an Amiga. It could be a Treo 650.
If it speaks IP on a public network, receives email, and permits users to run programs, then it can do any of the things you quote.
Kid-proof tablet..
The more you regulate a company, the worse its products become.
my company uses Autoshun. blocks all this crap at the firewall automatically
I don't think I did. What you said was, verbatim:
Which is a statement that is completely and obviously false. Just because your mom hasn't heard of it doesn't mean it doesn't happen. All it has to do, by your account, is claim to be an e-card for her.
Also, not universally true; off the top of my head, I could tell you that catchall aliases break this mold.
I don't believe that MTA's accept email sent on ports outside the root range for spam reasons, but I could be wrong.
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
Well, I just ran a quick test. First test had mail leaving my system over port 1527, the second time over port 1529.
Now, if that makes sense to anyone, could you please explain it to me? I think I've confused myself.