Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Pulls an "Italian Job"

Posted by kdawson on from the blame-italy dept.

A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

133 comments

  1. Why do they never come right out and say... by Chris+Tucker · · Score: 0, Troll

    ...that it's Windows machines that get 0wned.

    Don't use Windows, don't get 0wned.

    --
    Guaranteed! This comment 100% Anthrax free!
    1. Re:Why do they never come right out and say... by MadUndergrad · · Score: 4, Funny

      Speaking of looking like a douche, it's "viruses". I'll say it again, "viruses". Not virii.

    2. Re:Why do they never come right out and say... by Cheezymadman · · Score: 0

      I guess you're going to tell me that it's "cactuses" and "octopuses" now, right?

      --
      We're all going to die. i intend to deserve it.
    3. Re:Why do they never come right out and say... by Daychilde · · Score: 4, Insightful

      Insightful my ass...

      The day your favorite OS dominates the market, it'll be pwned, don't you worry. And I say this as 1) a Firefox fan, hoping that it never gets to be the majority browser for precisely that reason, and 2) a fan of all the OS's. I use Windows for my desktops, Linux for my servers, and Mac sometimes to play. They all have fans, and I don't feel the need to belittle any of them to make one of the others look better. It doesn't work that way.

      Hope I don't get modded down - I'm not so much flaming as ANTI-trolling if you catch what I"m trying to say. heh. :P

      --
      A cheerful little bird is sitting here singing.
    4. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 4, Insightful

      Disclaimer: I am neither a Windows fan nor an Mac hater. I use Windows *nix almost equally.

      Everytime some vulnerability is found, someone shouts about not using Windows, especially these Apple lovers. Come on guys, can we stop this? These so called malwares target novice users, not Slashdot users. Tell me a single alternative your mom can use and I will take it. The so called alternatives are either too_expensive (suggest your mom to shell out 2K on Mac just_to_get_on_internet) or too_not_userfriendly. Why not stop beating the drum on Windows?

    5. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 5, Insightful

      "The day your favorite OS dominates the market, it'll be pwned, don't you worry."

      If market share is any indication to being pwned; then why isn't Apache attacked more that IIS? According to Netcraft Apache has 53.76% of the market compared to MS: 31.83%

      And I say this as 1) a Firefox fan, hoping that it never gets to be the majority browser for precisely that reason, and

      I personally only want FF have enough of the market; just enough to make companies follow the web standards: IE not catering to only one browser. Actually, the same applies to ODF; just enough to make companies not require a specific Office Suite.

      "2) a fan of all the OS's. I use Windows for my desktops, Linux for my servers, and Mac sometimes to play."
      Use what ever works for you.

    6. Re:Why do they never come right out and say... by 1u3hr · · Score: 4, Informative
      Regardless of scoring points in the OS/browser pissing competitions, I'd just like to know what OS and browser are vulnerable, so I know whether I personally have to worry about this.

      The summary and linked articles don't even say that. Only Panda's MPack report, a dozen pages in, starts to list the actual vulnerabilities targetted. Which are IE, WMP and one Opera bug. However, the malware is actually modular in which new vulnerabilities can be plugged in, so this isn't static, and they say new versions come out about once a month.

      Nevertheless, unless the WMP vulnerability works on multiple browsers, it's just Windows IE (duh) and Opera. No mention of Linux, Mac or Firefox I saw.

    7. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      Okay, why don't you stop using that old excuse about Linux not being user-friendly. My mom and my step-dad both use Linux everyday and are incredibly inept at using computers. The biggest thing for them was just getting them to swap in the first place, once they did swap they found everything to be incredibly stable and easy.

    8. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      What would be the point in that? You obviously can't handle being corrected anyway.

    9. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 1, Funny

      Let's just hope that Apache never becomes dominant in the server section so the same doesn't happen to it.

    10. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      If you really want an affordable, no virus machine (so far) for your mother, Apple does sell a headless Mac for 600 bucks. Single core Intel, light on memory, so-so graphics. But it's not at all shabby for e-mail, ripping some CD's, maybe touch up and photo albums from her digital camera.

      Score a copy of Windows, install via Boot Camp and she can use any existing programs that she has. Only please to uninstall IE 7 so the Windows side never sees the internet.

    11. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      Firefox and Opera was both in the report but the bug they used was in the plugin MS mediaplayer.

    12. Re:Why do they never come right out and say... by cyphercell · · Score: 1

      funny how you remove one player and suddenly security comes from competition rather than third party patch professionals.

      --
      Under the influence of Post-Cyberpunk Gonzo Journalism
    13. Re:Why do they never come right out and say... by Herby+Sagues · · Score: 1

      > If market share is any indication to being pwned; then why isn't Apache attacked more that IIS? Actually it is. Look into any defacement reporting site (such as zone-h.org) and look at the numbers. They vary every day, but ion average about 60% of the defacements are for linux boxes. So there you have.

    14. Re:Why do they never come right out and say... by svunt · · Score: 1

      You silly man. Octopus is GREEK octo=eight pus=foot, so octopuses is fine, or octopodes would sort of work too (podes=feet), but only sorta.

    15. Re:Why do they never come right out and say... by the_womble · · Score: 1
      Tell me a single alternative your mom can use
      My father uses Mandriva. So does my wife. My four year old daughter currently uses Kubuntu.


      None of them could install Linux for themselves, but they have no problems using it.

      shell out 2K on Mac just_to_get_on_internet

      1) A bottom of the range Mac costs nothing like that
      2) Install Linux, say "this icon starts the web browser, this icon starts the email program". What is so difficult about that?
    16. Re:Why do they never come right out and say... by laffer1 · · Score: 1

      headless? WTF? All desktop and laptop macs have graphics cards. http://en.wikipedia.org/wiki/Headless

      --
      MidnightBSD: The BSD for Everyone
    17. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      I agree. If I was a malware writer, I would not spend my time on *nix, because *nix users are unlikely to be caught. Mac? Too freaking small user base to waste my time! As simple as that. If more people switch to these system, there will be a time when it will make sense to target them too. Remember there was a time when there was no exploit for Firefox. This very one exploit targets Firefox too. Even Opera too.

    18. Re:Why do they never come right out and say... by mjwx · · Score: 1

      Well I'm afraid it doesn't work that way

      MS is the most attacked company because of two reasons, first they have no ethics and don't think twice about screwing the consumer by lockin and predatory licensing schemes. The second reason is that all MS formats are MS formats, there are no other products that effectively use those formats (lockin, this relates back to point number one). If OSS (Linux) reaches MS levels of market share it will not suffer the same amount of attacks, or even half as many. This is because of two main reasons, the first being a superior security model the second being open formats. What open formats will allow is multiple different operating systems to utilize the same files etc. MS is so widely attacked not because every 9 out of 10 computers are running windows but because they are all running the same version of windows, one virus could effect 90% of the worlds computers. Due to diversity this is less likely to happen to *nix, or even Linux specifically.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    19. Re:Why do they never come right out and say... by compro01 · · Score: 1

      i agree that modern Linux distros (Ubuntu in particular) are very easy to use for day-to-day use, but it can get ugly in a big hurry when things go wrong.

      granted, same thing happens with Windows, but it seems to happen more severely with Linux in my experience. i seemingly need to make use of the command line much more often in Linux problem solving than i do in windows, and while that is no problem for me, it's extremely intimidating to most users.

      --
      upon the advice of my lawyer, i have no sig at this time
    20. Re:Why do they never come right out and say... by fucksl4shd0t · · Score: 1, Insightful

      Let's see, users are asked to use a commandline and they say "I've got no idea, how much do you charge?"

      --compared to--

      After a long series of condescending dialogs over what was otherwise a minor problem, the user has now unwittingly completely trashed his system. She's on the edge of a nervous breakdown and doesn't know who to trust, because her 4 calls to Microsoft tech support led her down 8 different blind alleys, and her friends have all told her to just reload, but make a backup first, and she's thinking "wtf do you mean, reload? And how am I supposed to do a backup?"

      Here in the linux world, I think it's perfectly ok to offer only an advanced UI for a task that expects the user performing it to have the necessary skills to do it, or the necessary time to learn the skills. The alternative we've all faced already, some friend/relative shows us a computer that's needlessly fucked because the OS lied to them, by both calling them an idiot and telling them it would fix it for them.

      Yes, for all tasks that a user reasonably is expected to perform, Linux does well, imo better than Windows. For more advanced sysadmin type stuff, it also does very well by presenting the user with the simple choice: learn how to do the task or find someone who knows how to do the task. Use Linux and you'll never need your prozac again.

      --
      Like what I said? You might like my music
    21. Re:Why do they never come right out and say... by und0 · · Score: 2, Informative

      Defacements are usually done exploiting poor coded PHP applications, not exploiting Apache bugs, FWIK...

    22. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      +5 Insightful my ass...

      The Microsoft astroturf contingent is out in force today!

    23. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      Slashdot is owned by SourceForge (so is Linux.com), right? There is no such thing as "responsible, objective journalism" when the editors & owners have interests to protect, vs. the competition (Microsoft)!

      Thank goodness the poster of this thread (by Anonymous Coward on Tuesday June 19, @12:16AM (#19560879)) to whom I am responding understands this much, & could see through it.

      Unfortunately?

      Well, most of the world is populated by sheep that can't even read their credit card bills or others obligation's reports, to understand when they are being hoodwinked, and they just pay the bill anyhow without perusing it carefully, line-by-line, to catch it (or in this case, "read between the lines" here, & understand this site's motivations).

      The ownership here knows sheep are easy to herd, and even if you expose them for something? Something bigger/badder will come along the next day, and blow it away, and the sheep will forget about it in a day or two.

      Plus, imo, they also understand that 'controversy is good' and it pays their bills when people fight over Windows vs. Linux (vs. MacOS X etc. et al). It gets views up and this is all they are truly concerned over imo, like any soulless money grubbing freak is.

      Newsflash - money is not going to make you a bigger man with a bigger penis boys.

    24. Re:Why do they never come right out and say... by WhatAmIDoingHere · · Score: 1, Insightful

      How does using a different brand of computer make you a "douche"? I think it's the average mac user themselves who think that because they own a Mac they're superior. Actually, I think they thought that before they even got the Mac. I'm a recent switcher, 6 months now, and I don't think I'm any more of a douche than I was before. I'm not a hippy and I'm not artistic, I just like it because it's something I've never used before and it does just about everything I need to do and it's more stable/easier to use than Windows.

      And if nobody gave a shit about Macs, why does Apple have a bigger market share than Toshiba and currently has the same size market share as Gateway? Oh, and Apple's market share is growing every day much faster than either of those two companies.


      But maybe you're just a troll.

      --
      Not a Twitter sockpuppet... but I wish I was.
    25. Re:Why do they never come right out and say... by bl8n8r · · Score: 3, Informative

      Looks like Windows*. No really. Yes again.

      " 1) A Trojanised WMF File (Downloader)
          2) ActiveX/OCX File (dropper)
          The downloaded malware, when executed, installs
          1) A rootkit "

      Most of the world is in denial about the whole security issue surrounding
      Windows. Even some of the postage on /. is quite alarming. People don't
      *want* to know, that's why they don't post it.

      [*] - http://blog.trendmicro.com/italian-job-vs-italian- bizness/

      --
      boycott slashdot February 10th - 17th check out: altSlashdot.org
    26. Re:Why do they never come right out and say... by walt-sjc · · Score: 1

      Indeed. iMac's start at $999, mac Mini $599. iMacs are ready to go, mac mini needs a mouse, keyboard, display, which you can probably use your old PC ones. IMHO the iMac is a better deal (built in iSight too.) Claiming it costs $2K though is disingenuous - especially since that is twice what it really costs. While you can buy a cheaper dell, when you start comparing specs the Macs are quite competitive.

    27. Re:Why do they never come right out and say... by solitas · · Score: 1

      It ain't the platform - it's the application: if you want to use an app that "lifts its skirts" for every intrusion probe that comes along then that's YOUR business.

      Can we help it if our apps are just better written than the ones you choose to use? :)

      --
      "It's time to take life by the cans." ~ Bender ("Bendin' in the Wind", ep. 3-13)
    28. Re:Why do they never come right out and say... by pakar · · Score: 1

      Simple... Do what i did for my dad.

      - Install whatever distribution you prefer
      - Install fluxbox
      - Configure fluxbox so you have a static menu on the top left with the applications that they might want to run
      - Install Firefox
      - Install Thunderbird ( added wmpop3 so he don't have to start the mail client to see if he has any mails )
      - Install Openoffice
      - Install GPhoto2

      My dad has a keyboard with a few multifunction-keys on the top that i mapped to the different workspaces. It seems like he has problems with understanding the concept of having multiple windows on the same workspace and lots easier to just start the different applications on their predetermined workspaces and just press the "web-button" or the "mail-button"

      Even have some simple scripts for him so he can just select album(s) from GPhoto and the system records it to a CD/DVD that he then can play in his DVD-player..

      And maybe install a VNC-server that you can access via a SSH tunnel and your are done...

      It's perfect for him... And why did i do this?? Well, he complained that Windows was hard and messy to use! And this was of course his first computer ever. (about 1½ year ago :)

      What i'm getting irritated on is that people without real experience with any Linux distribution chooses the most difficult ones to use. Shure you are good on Windows, but that does not automatically give you experience on *nix systems.
      And then ofcourse complain about how hard the system is to use.. I would say, if you don't know by heart how to manually compile and use a new kernel from kernel.org on your system you should be running one of the simpler distributions.. You still have all the options of changing the configuration there, but you have alot of automatic things too until you know how to do that manually too.

      I have been running different distributions on my private system for about 12-13 years now and working with it for about 10 years, and every single say something new comes up, so don't pick the hardest one to start with, go with one of the simpler where things are automated until you feel a bit more shure about how it works, then maybe try another distribution if you are not satisfied with the simple one.

    29. Re:Why do they never come right out and say... by C_L_Lk · · Score: 1

      The iMac's would be competitive if they would put the bigger screen on a less spec'd out model - A "Dell Desktop" can be had with a 20" LCD, Core2Duo, 500 Gig's of space, and 2GB RAM for under $1000... the 20" iMac is minimum $1700 over at the local BestBuy. MacBooks are even further down the competitive price chain - to get a screen big enough to see what you are typing you need a MacBook Pro - why can't they sell the "specs of a MacBook" in a MacBook pro case with the bigger screen? I can get a MacBook for $1200 but it has an awful 13" screen - and the cheapest MacBook Pro (still only a 15.4" screen) is a minimum of $1999. My HP laptop (dv9300) with a 17" screen, Core 2 Duo, 2 GB RAM, 240GB Hard drive was only $1499 (and it's running Ubuntu 7.04) - that puts the Mac prices back in line with how expensive they really are. My eyes aren't as good as they used to be. I need a 17" screen laptop and a 20" screen on my desktop. Apple can't seem to do that for me without taking a loan against my house for some reason. Maybe someone in Apple land in the product development and marketing group reads /. - if so - hear my pleas! I WILL buy a Mac - if you make ones with bigger screens affordable!

    30. Re:Why do they never come right out and say... by rbanffy · · Score: 1

      +1 sarcastic for you.

      --
      http://www.dieblinkenlights.com
    31. Re:Why do they never come right out and say... by smellsofbikes · · Score: 1

      1. Mac Mini: $700. I *believe* they can access the Internet.

      2. My mom, brother, girlfriend (and, soon, aunt) are using linux. It's not user-friendly, but once I set it up, it works and they don't have to screw around with it.

      --
      Nostalgia's not what it used to be.
    32. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      "If market share is any indication to being pwned; then why isn't Apache attacked more that IIS? According to Netcraft Apache has 53.76% of the market compared to MS: 31.83%"

      Do tell, when was the last remote IIS worm?
      From what Google says, it appears to be http://www.cert.org/advisories/CA-2001-11.html . 2001. Hmm...

    33. Re:Why do they never come right out and say... by dr.badass · · Score: 1

      The day your favorite OS dominates the market, it'll be pwned, don't you worry.

      Precisely the reason that no OS should dominate the market. Homogeny just means a bigger target.

      --
      Don't become a regular here -- you will become retarded.
    34. Re:Why do they never come right out and say... by Anonymous Coward · · Score: 0

      girlfriend (and, soon, aunt) Is she marrying your father's brother, or your mother's brother? :-)
    35. Re:Why do they never come right out and say... by smellsofbikes · · Score: 1

      Incest *rocks*. Or something... good catch there, in any case.

      --
      Nostalgia's not what it used to be.
    36. Re:Why do they never come right out and say... by lgw · · Score: 1

      For a while, IIS was turned on by default in Windows NT installs. This was a huge target environment of people who didn't even know they were running a web server. Sure, Apache was the most common platform for actual web sites, but there were a lot of copies of NT sold relative to the number of web sites back in the day.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    37. Re:Why do they never come right out and say... by Chris+Tucker · · Score: 1

      "The day your favorite OS dominates the market, it'll be pwned, don't you worry."

      I'll be very worried when some malware forces me to log into the Admin account on my Mac, run the malware installer, entering my Admin password and hitting return.

      --
      Guaranteed! This comment 100% Anthrax free!
  2. Super Mario Malware! by feedmetrolls · · Score: 0

    That's all the insight I can come up with.

    --
    You are reading a sig. Cancel or allow?
    1. Re:Super Mario Malware! by GFree · · Score: 0, Offtopic

      You know Italy is doing well for its cultural representation when "Super Mario" is the first thing that springs to mind.

    2. Re:Super Mario Malware! by beav007 · · Score: 0, Offtopic

      Really? For me it's hairy women. And yes, I'd prefer that it didn't spring to mind. It just does.

      Look! A distraction! *runs*

    3. Re:Super Mario Malware! by Anonymous Coward · · Score: 0

      is your username refering to beaver? :P

    4. Re:Super Mario Malware! by beav007 · · Score: 1

      In a now apparent unfortunate turn of events for me, yes it is. It comes, however, from having that nickname in school due to my buck teeth.

    5. Re:Super Mario Malware! by JContad · · Score: 0

      Mario sure screwed the peach this time.

      --
      Hopscotch - an online comic.
  3. I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 5, Interesting

    This malware probably just affected a single DreamHost shared server, thus bringing down 10,000+ sites at once.

    But this method of artificial number inflating is to be expected from an industry trying to promote their anti-malware, anti-virus, anti-spyware, anti-trojan, anti-anti-virus, anti-rootkit products. Anyone actually requiring these craplets to be installed on their dedicated servers have a much larger problem between the keyboard and the monitor to worry about.

    1. Re:I wish they'd count "servers" and not "sites" by siddesu · · Score: 2, Insightful

      you're right to an extent, but still, if you are a site owner, and if your site is making money for you (or if you are a site user, and are delivering benefits from the said site) little would you care if you're co-hosted or not. the days when putting up a site meant l33t skillz and buying a server seem long gone. the fact that sites are hosted on one server (and it may be a big server) doesn't make the problem smaller to the owners and the users.

      and, incidentally, imho software companies should be liable for trouble created by their software as the hosting companies are.

    2. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 2, Insightful

      and, incidentally, imho software companies should be liable for trouble created by their software as the hosting companies are.

      Never will happen.

      The software vendors cannot control what 3rd party software run with their software -- not even a pure 'monoculture' PC from the OS up.

      Hence the usual longwinded boilerplate EULAs that REALLY only say 3 things:

      1) Do redistribute our software.
      2) Do not reverse engineer our software.
      3) This software is "AS IS". Use it at your own risk. We are not responsible for anything that happens to your compuer when you use our software.

    3. Re:I wish they'd count "servers" and not "sites" by Devil's+BSD · · Score: 1

      to my knowledge, dreamhost isn't italian.

      --
      I'm the Devil the Windows users warned you about.
    4. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 0

      Oh yes, the EULAs that

      (1) aren't valid, because they weren't disclosed before the purchase
      (2) can't override the implicit warranty of fitness for the purpose for which sold

      Probably the software companies will be found liable only in cases of provable malice, not for negligence.

      But IANAL, so what do I know?

    5. Re:I wish they'd count "servers" and not "sites" by antic · · Score: 5, Informative

      A big, usually decent hosting company in the US that I use was getting done over by this - I had 10-20 sites infiltrated over a period of a few weeks, in 2-3 waves using two slightly different techniques. The host denied any responsibility or knowledge, saying that poor FTP passwords were the entry point. My computer was not the issue as those sites hacked were all on this host - no sites on any of the other 5 or more hosts I use were impacted, regardless of the strength of their passwords.

      Trivial passwords (single English word of five characters) were guessed as well as slightly more complicated ones (non-English words, eight characters, random numbers inserted).

      It appeared to me that were the host NOT the problem, that bots might have been guessing the passwords through brute force? I searched the net seeing if I could find more information about these attacks, but there wasn't much out there, especially given that there wasn't much to search on besides the fact that they used an IFRAME or JavaScript DeCode function, and a probably random set of IP addresses.

      Anyone know more about it all?

      --
      'Thats they exact same thing a banana wrench monkey.'
    6. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 0

      BS pure and simple. Car companies can't control what resellers or customers do with their cars, but you don't see EULAs removing product liability attached to cars. It is just the fact that the economy has been reliant on software for a short time, and the fact that the company that controls most of what is causing trouble is too big that things are going teh way they are.

    7. Re:I wish they'd count "servers" and not "sites" by Herby+Sagues · · Score: 1

      You might be right about the second point, but where does it say that the product was sold "to resist attacks by malicious third parties"? Are car manufacturers liable when a well equipped specialist thief is able to steal a car? If a product is sold as absolutely crook resistant, then the company should be liable. AFAIK neither Microsoft nor any other software manufacturer promises that.

    8. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 0

      Anyone know more about it all? If it is shared hosting then it is probably the actual server which has been rooted and it is the hosting companies problem (which they'll deny as usual).

      Even with dedicated hosting, quite often the hosting company has their own backdoor/password into the system. If a hacker breaks into any single server with that hosting company, they can get the master password and login to all the other servers (including yours). Or hackers could even hack the computers of the system administrators within the hosting company. They'll never acknowledge or even investigate this claim if you ask them about it, so it is always just safer to lock them out and do everything yourself. Another angle of attack is via network sniffing on the hosting companies end, done by a compromised server somewhere within their data center. Cheap hosting providers won't give you an individual VLAN for each server, which is one essential way to help ensure you're safe from hackers.

      Or maybe you were running the same piece of vulnerable software or script on each site?
    9. Re:I wish they'd count "servers" and not "sites" by tinkertim · · Score: 4, Insightful

      and, incidentally, imho software companies should be liable for trouble created by their software as the hosting companies are.

      There are many web hosting companies and some of them negate their responsibility to Internet users at large.

      The web hosting industry does not get much attention from free software developers. This is broadly because they want to insist that anything they spend money on develping not be usable by their competition. As such, no company (under the terms of the GPL) may make any developer sign any kind of non disclosure agreement for the purposes of receiving GPL code.

      The web hosting industry is stuck in a rut of its own design. It uses software that it can't modify to meet its real security needs because nothing exists free that has all of the working features that their customers demand.

      This is the problem, this will continue to be the problem for quite some time. Even if a free control panel and billing system were realsed that they find suitable it would only be after perhaps a couple years of development and testing.

      Sad, but true. The industry is making us all a victim of its success. It sells the use of GNU/Linux computers pocketing all profits and only giving back to companies that produce software that is not free.. totally against the tit-for-tat that made it such a lucrative market to begin with.

      You're right, but you left out some stuff. :) I'm part of that industry, but only one of very few people who speak out against the practice and remain able to eat and pay bills.
    10. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 0

      It wasn't serving Digg, was it?

    11. Re:I wish they'd count "servers" and not "sites" by justinlee37 · · Score: 3, Interesting

      between the keyboard and the monitor to worry about.

      Did you mean between the keyboard and the chair? Because all I see between my keyboard and my monitor is a desk with a dirty shot glass, a lighter, a knife, a case screw, two dimes, two empty cups of hot sauce, an open bottle of safeway-brand "personal lubricating liquid", and a bag of grass ...

      So you may be able to understand how I'm totally lost here.

    12. Re:I wish they'd count "servers" and not "sites" by antic · · Score: 1

      Some sites used scripting, MySQL, etc, most were completely dead-boring static HTML.

      If it wasn't a brute force guess of the passwords, then I think you might be right about the shared server being infiltrated. If that is the case, then it's such a shame that one can get stuck in the dark because the host is too embarrassed to reveal the truth - e.g., waste days trying to research possible threats and causes.

      --
      'Thats they exact same thing a banana wrench monkey.'
    13. Re:I wish they'd count "servers" and not "sites" by ricotest · · Score: 1

      If it was brute force, the host is still at fault - virtually every provider out there has a login attempt limit for FTP connections, and you'd think thousands upon thousands of failed logins would show up on their logs.

    14. Re:I wish they'd count "servers" and not "sites" by agileinfosystems · · Score: 1

      ya i totally agree with you.thanx for such a good info.

    15. Re:I wish they'd count "servers" and not "sites" by antic · · Score: 1

      When I suggested that that should be happening, they didn't really have any response - surely if they did, they would've mentioned it?

      So, if that were the case and it took a certain level of effort to get past low-medium level passwords, then realistically it's just a matter of time before tougher (12-15 randomised characters) passwords get done?

      --
      'Thats they exact same thing a banana wrench monkey.'
    16. Re:I wish they'd count "servers" and not "sites" by Stinky+Cheese+Man · · Score: 1

      Anyone know more about it all?

      It would help if you actually identified the hosting company. One "big, usually decent hosting company" that I am familiar with, that hosts about 3,000 sites per server, had at one time a password-hash file that was readable by anyone with an account on the server. All you had to do was download the file and run a password cracker on it and you could recover a large number of user passwords. I warned them about this 10 years ago. They thanked me and did nothing. It may still be this way.

    17. Re:I wish they'd count "servers" and not "sites" by stickystyle · · Score: 1

      Where did TFA mention DreamHost? Their servers are in LA...?

      --
      Pluralitas non est ponenda sine neccesitate
    18. Re:I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 0

      it's just a matter of time before tougher (12-15 randomised characters) passwords get done?

      No, because the problem is exponential.

      12 random alphabetic (let's say all upper-case) characters gives you 26^12 = 95,428,956,661,682,176 passwords. If you can check a million a second, operating 24/7, it will take 9.543 * 10^10 seconds to check them all, or about 3023 years.

      You'll probably find your password sometime before that, but it will most likely take many, many years.

      Throw in lower-case letters, numbers, and symbols and it gets much harder.

    19. Re:I wish they'd count "servers" and not "sites" by antic · · Score: 1

      Like I said, just a matter of time. ;)

      Previously, I had a password in the form of AAANANAA (A=alpha, N=numeric) guessed. It wasn't a dictionary word or combination of dictionary words, and the numbers were not their typical I=1, A=4 replacements. I had assumed it would be non-trivial to guess and that there would be a system in place to limit on-going login attempts, even if coming from a range of IP addresses (e.g., botnet or whatever).

      Of course, even if you suspect the host, there's only so far throwing around accusations will get you.

      --
      'Thats they exact same thing a banana wrench monkey.'
    20. Re:I wish they'd count "servers" and not "sites" by zippthorne · · Score: 1

      The keyboard and the monitor are the interface ports for a self-repairing, hydrocarbon powered, 100W device that closes the feedback loop.

      --
      Can you be Even More Awesome?!
    21. Re:I wish they'd count "servers" and not "sites" by tehcyder · · Score: 1

      Because all I see between my keyboard and my monitor is a desk with a dirty shot glass, a lighter, a knife, a case screw, two dimes, two empty cups of hot sauce, an open bottle of safeway-brand "personal lubricating liquid", and a bag of grass ...
      You forgot to mention the packet of tissues.
      --
      To have a right to do a thing is not at all the same as to be right in doing it
    22. Re:I wish they'd count "servers" and not "sites" by weicco · · Score: 1

      So you want same laws for computers that concern cars? Since its law(s) that's regulating car modifications, not some EULA or any other contract. So everytime you do some modification you have to get some authority to check if it was OK. Personally I would find it annoying if I was to bring my computer to inspection after every software I install or write myself.

      --
      You don't know what you don't know.
    23. Re:I wish they'd count "servers" and not "sites" by justinlee37 · · Score: 1

      You forgot to mention the packet of tissues.

      I live in a studio apartment. There's a paper towel rack on the other side of the room.

  4. Because it's all... by trippeh · · Score: 0, Flamebait

    ...lies.

    Beslides, I'm not technically savvy enough to use Linux and I dislike having to find an emulator for my favourite games, or run a screen-long line of code to start up my various crapplications. Sure, that might have changed since I last tried an OSOS, but my first experience wasn't too pleasant and I'm not anxious to repeat it. The operating system itself wasn't the problem. It was the forums. Too much "stfu MSn00b" and not enough actual help.

    Insular sods...

    --
    THUD~*
    1. Re:Because it's all... by hdparm · · Score: 0, Troll

      STFU MSn00b

    2. Re:Because it's all... by Anonymous Coward · · Score: 0

      and modded troll!

      Nobody has a sense of humor here anymore

    3. Re:Because it's all... by eat+here_get+gas · · Score: 0

      Evidently today is GayMacFanboi Day...this guy gets modded "flamebait' because he showed how using a MAC wasn't good for him? And he wasn't even finding fault with the OS, just the bullshit that goes with making the "crapplications" function. But everyone that flames M$ gets modded up....this IS a truly weird place.

      my Karma is low for a reason,
      up yours.

      --
      the significance of a signature is insignificant
    4. Re:Because it's all... by Chris+Tucker · · Score: 1

      Yeah, They say that Mac users are arrogant fanboys. Please! Compared to the Smelly Linux Hippies, Mac fanatics are nowhere near as bad.

      For an OS supposedly open and free and for "The People", the aforementioned "STFU n00b" is endemic.

      --
      Guaranteed! This comment 100% Anthrax free!
    5. Re:Because it's all... by hdparm · · Score: 1

      Lots of people do, actually. Only n00b moderators don't.

  5. Queso scan by ozmanjusri · · Score: 1, Funny

    A queso scan identified the machines used to compromise the servers as Mac Minis...

    --
    "I've got more toys than Teruhisa Kitahara."
  6. Re: Viruses/Viri/Virii by beav007 · · Score: 5, Informative
    From http://en.wikipedia.org/wiki/Virii:

    In the English language, the standard plural of virus is viruses. This is the most frequently occurring form of the plural, and refers to both a biological virus and a computer virus.

    The less frequent variations viri and virii are virtually unknown in edited prose, and no major dictionary recognizes them as alternative forms. Their occurrence can be variously attributed to hypercorrection formed by analogy to Latin plurals such as alumni or false analogy to Latin plurals such as radii; idiosyncratic use as jargon among a group, such as computer hackers; and deliberate word play, such as on BBSs (see, e.g.: leet).

    Yes, viri/virii is incorrect (for now), but when the vast majority of us don't RTFA (or can't, due to the /. effect), you can hardly expect people to figure it out all on their own ;)
  7. Re: Viruses/Viri/Virii by Anonymous Coward · · Score: 0, Redundant
    Two Points:
    • English is an evolving language, and "virii" is fairly commonly used in the context of malware. Not being, as yet, recognized by "major dictionaries" is hardly a limitation on the use and adoption of industry-specific terminology.
    • Surely by now everyone on \. is aware that, while somewhat informative, and often interesting, Wikipedia has never been deemed authoritative.


    -AC
  8. Re:Breaking malware news: by Anonymous Coward · · Score: 0

    You are the bane of my existence.

  9. Mafia spam? by Tablizer · · Score: 5, Funny

    As a sign of this, I just got a spam that insisted I purchase a lower mortgage, along with a photo of a horse head.

    --
    Table-ized A.I.
    1. Re:Mafia spam? by Afecks · · Score: 1

      As a sign of this, I just got a spam that insisted I purchase a lower mortgage, along with a photo of a horse head.
      Was it one of these?
  10. Re: Viruses/Viri/Virii by zoogies · · Score: 1

    It may be commonly used, but virii is stupid. Where did it come from? People trying to look knowledgeable about latin? Then viri makes sense; you know, because it's the plural of the actual latin word "virus" (which means 'man,' not virus or bug or anything even closely related). VIRUSES. IT'S NOT A DAMN LATIN WORD, PEOPLE.

  11. This is the... by Goldberg's+Pants · · Score: 1

    Self Preservation Society...

    "You're only supposed to blow the bloody doors off!"

  12. Re: Viruses/Viri/Virii by Belacgod · · Score: 2, Informative

    Actually, the Latin word for "man" is Vir, not Virus.

  13. It's all Microsoft vulnerabiltiies by Animats · · Score: 5, Informative

    Note that Trend Micro never uses the word "Microsoft". That's deceptive. How does Microsoft manage that? This attack depends entirely on vulnerabilities in Internet Explorer and Microsoft Media Player. It does try to attack Firefox and Opera browsers by sending them Windows Media files, but doesn't have a direct attack on either browser.

    So:

    1. Use Firefox.
    2. Go to Tools->Options->Content->Manage File Types. Go down the list, and remove or change all entries that automatically invoke Microsoft applications. (Use OpenOffice for .doc, .xls, and .ppt, maybe QuickTime for video files.)
    1. Re:It's all Microsoft vulnerabiltiies by corsec67 · · Score: 1

      Note that Trend Micro never uses the word "Microsoft".

      That is because to most people "computer" means something running Microsoft Windows. Saying that computers running Windows were involved would be like saying "the accident involved cars with internal combustion engines." That, and reporters don't really care about educating their readers, they just care about making the publication money.

      And that is my bad attempt at an automotive analogy.

      --
      If I have nothing to hide, don't search me
    2. Re:It's all Microsoft vulnerabiltiies by weicco · · Score: 5, Insightful

      Even simplier:

      1. Run Windows Update
      --
      You don't know what you don't know.
    3. Re:It's all Microsoft vulnerabiltiies by wellingj · · Score: 0, Troll
      What about:
      1. Run Ubuntu Live Install.
      That should take care of it once and for all...
      --
      Money is the root of all evil?
    4. Re:It's all Microsoft vulnerabiltiies by FudRucker · · Score: 1

      in light of microsoft's inability to build a secure system & application and users refusal to switch to a more secure system (BSD,Linux) is about the same as refusing to get off the rail-road tracks knowing a freight-train is about to run you over...

      --
      Politics is Treachery, Religion is Brainwashing
    5. Re:It's all Microsoft vulnerabiltiies by TheRaven64 · · Score: 1
      I booted my Thinkpad into Windows the other day, and it did this automatically, and then told me I needed to reboot to complete the installation.

      I'm still trying to figure out how it managed it without being connected to a network...

      --
      I am TheRaven on Soylent News
  14. Re: Viruses/Viri/Virii by Anonymous Coward · · Score: 4, Informative
    Vir means man. Its plural is viri. Virus is a different word, a rare 2nd declension neuter, meaning (among other nasty things) 'poison'. It has no plural.

    But I agree with you, virii is both bad English and bad Latin.

  15. Re: Viruses/Viri/Virii by infaustus · · Score: 1

    Virus is a latin word (originally just meaning slime or ooze, but I've seen latin-english dictionaries list it as virus-virus.) Viri does mean men (virus does not mean man) but it also is the correct plural of virus.

    --
    Frosty piss posts are worthless, GNAA posts are worthless and hurtful, but they are the least of this site's neuroses.
  16. Re: Viruses/Viri/Virii by Herby+Sagues · · Score: 1

    THe fact that the language is evolving doesn't make any common distortion of the language right. Virii was not even right in Latin, so what would be the reason to create an irregular declination of a word without any reason other than trying to look cool?

  17. Re: Viruses/Viri/Virii by mrbluze · · Score: 2, Interesting

    Yes, viri/virii is incorrect (for now), but when the vast majority of us don't RTFA (or can't, due to the /. effect), you can hardly expect people to figure it out all on their own ;)

    If we speak of groups of virus types (that is, a species), there are different forms used depending on whether we're speaking of a family, genus, etc. (if you read the full wikipaedia article, and if you studied it in uni):

    • Order: virales
    • Family: viridae
    • Subfamily: virinae
    • Genus & Species: virus

    Now the individual virus is a virion, which probably has its own possible plurals, to make matters worse.

    But viruses is the correct plural for English speakers, by convention, but I remember the virulogist (or virologist) speaking of viruses as viridae, since we usually distinguish them by their family, eg: herpes, pox, and so on.

    --
    Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  18. Re: Viruses/Viri/Virii by fbjon · · Score: 1
    No, but dictionaries on the other hand do have some authority. Also, I think someone in the industry is as likely to use 'virii' as they are to use 'M$' or 'filez', or some other lame thing like that.


    Not to mention, the "language is evolving" argument doesn't mean that just any invented word is ok to use. Language evolves over time by itself, not because we're telling it to evolve.

    --
    True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
  19. Aruba by Anonymous Coward · · Score: 0

    From what I could read in the italian newsgroups, attack started june 16 with the iframe added on "home pages". One user reported that a template inside a DB was modified, but news can't be confirmed.

    The hoster is "Aruba", a really big hoster in Italy, famous for their low prices. A couple of weeks ago another italian "Hosting Solutions" was hacked. It seems that both hoster are using cpanel as a client frontend.

    In both cases hosters were really bad at handling the situation. They both blamed clients about using weak password or that the password were stealed from their PCs.... can't be for an event so big....

    After 4 days from the start of the attack (and several weeks after the similar attack at hosting solutions), we have no informations about HOW they succeded hacking the servers ! And THIS IS BAD ! We don't know if we have to blame cpanel, ftp server, windows or a particular site that using a site feature (sql ? cgi ?) allowed privilege escalation....

    Francesco
    Roma, Italy

  20. What web servers are vulnerable? by bailey86 · · Score: 1

    What web servers are vulnerable? Been looking around but can't see anywhere anything about the type of web server being infected.

  21. Defacements.... by DrYak · · Score: 3, Informative

    Look into any defacement reporting site (such as zone-h.org) and look at the numbers. They vary every day, but ion average about 60% of the defacements are for linux boxes. So there you have.


    What the parent poster talked about was the very low amount of Apache-targeting viruses and exploits compared to those targeting IIS. Apache is the most widespread server software, but IIS is the one that gets most viruses.

    And most of the time this kind of vector is used as described in current article : as a way to get control on machine to distribute malware and/or be used in a botnet.

    Whereas, what you speak about - defacement - is done in most of the case, by stupid script kiddies who just use some random tool to exploits bugs (either remote execution or SQL injections) found in common PHP script (forum engines, etc.), it is mostly server independent. Apache or IIS doesn't matter as long as poor script code is present with known vulnerability. Therefore, you're very likely to find that the defacement frequence follows closely the market share of the servers.

    Most of the time, the script kiddie just put "I am teh 1337 r0xx0rs !" in the front page. You can't do much with a compromised script (you can't start a IRC server, put a zombie bot, a full mail server for spitting spam or use it as a starting point to infect other servers in the vicinity).
    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:Defacements.... by man_of_mr_e · · Score: 1

      Uhh.. what are you referring to? There hasn't been any IIS related malware (virus or worm) for over 5 years.

      Also, Netcraft counts host names, not servers. There is no current information on how many servers are IIS versus Apache, but netcraft information on physical server market from around 2001 indicates that with similar hostname ratios as today IIS had about 50% of the server marker.

      --
      If you need web hosting, you could do worse than here
  22. Tiscali? by flokemon · · Score: 2, Informative

    From the article:
    "Apparently, most of these sites are hosted on one of the largest Web hoster/provider in Italy."

    Why would I not be surprised if Tiscali's webservers were somehow to blame?...

    1. Re:Tiscali? by Anonymous Coward · · Score: 0

      The hosting provider appears to be Aruba.

    2. Re:Tiscali? by digitaldruid · · Score: 2, Informative

      Yes, it appears to be aruba (very popular in Italy and a little less in Spain) and according to this thread http://community.aruba.it/forums/ultimatebb.php?ub b=get_topic;f=58;t=000218 the affected sites are on IIS (you can choose between windows/IIS or linux/apache hosting).

  23. Re: Viruses/Viri/Virii by digitig · · Score: 1

    Language evolves over time by itself, not because we're telling it to evolve. Wow, clever language! How does it manage that, without the help of people to provide the mutation and selection? (BTW: is Esperanto the language of religious fundamentalists? It's Intelligently Designed!)
    --
    Quidnam Latine loqui modo coepi?
  24. Beware of the Panda by Anonymous Coward · · Score: 0

    While the Panda Software report is probably legit, I'd advise everybody here against downloading and using *any* software and/or service from them. Panda Software has a history of spamming and is tied to the infamous cult of Scientology. More info here.

  25. Is this the... by ByteofK · · Score: 1

    ...mojo-rific Italian Job with Quincy Jones producing it, or the lame up-to-date any-excuse-to-sell-a-video-game version?

  26. After the title... by Comboman · · Score: 2, Funny

    ...I was hoping for a story about a malware attack that involved the use of Michael Caine and numerous Minis.

    --
    Support Right To Repair Legislation.
  27. A malware question to the comunity by Koyaanisqatsi · · Score: 1

    Not completely on-topic but hey, it does not warrant a full "ask slashdot" and I've been struggling with this for a couple of days now ...

    I've been hit with win32.Perlovga.A on a secondary computer through an infected USB key. That machine had no anti-virus and autorun was at that time enabled (stupid). This particular crapware saves two EXE files (copy.exe and host.exe) and an autorun.inf that executes copy.exe to the root of each volume. When the infected USB key was plugged-in, it loaded the mallware.

    I removed all instances of the mallware itself, all is clean and nice, except for:

    There seems to be some rootkit left behind because if I extract those two EXE files from where I saved them, they don't show-up in the filesystem unless I boot in safe mode, although nothing gets loaded in memory at this point.

    Rootkit Revealer does not show anything suspicious, and AutoRuns shows way too much information and nothing that strikes me as odd.

    Anyone has more experience with this one? I will really like to understand what it had done ...

    Cheers!
    k

    1. Re:A malware question to the comunity by Anonymous Coward · · Score: 1, Informative

      It seems that in your situation the best approach would be to use a liveCD to remove any remenants. One possible security focused CD is http://www.inside-security.de/insert_en.html

      Ideally, this would be burned from a computer know to be unaffected.

    2. Re:A malware question to the comunity by Koyaanisqatsi · · Score: 1

      Awesome!

      I haven't realized that the UBCD full comes with INSERT. Will try it out later today, thanks for the tip ;)

  28. pwn this... by Anonymous Coward · · Score: 0

    Getting the attention of hackers by being big doesn't make you more vulnerable than you already were. If it was as easy to exploit Mac and Linux as it is Windows, there'd be viruses galore for them too.

    Most Microsoft "bugs" are in the core design. They can't really fix those, because they consider them features.
    Even if they started over the employees that came up with Autorun, ActiveX, DirectShow... they'd just ruin everything again.

    A company which survives by imitating some good ideas will have mostly bad ones.

  29. Re: Viruses/Viri/Virii by FlameSnyper · · Score: 1

    Apparently, you've never seen The Matrix!

  30. Re: Viruses/Viri/Virii by Lord+of+Hyphens · · Score: 1

    ...so what would be the reason to create an irregular declination of a word without any reason other than trying to look cool? Game.
    Set.
    Match.
    --
    "I've spent my whole life figuring out crazy ways to do things. It'll work." -- Montgomery Scott, "Relics"
  31. Re: Viruses/Viri/Virii by AlecC · · Score: 1

    Actually, it is a Latin word, meaning "slime". But since it is a collective noun, it probably does not have a plural, just as we rarely refer to "slimes". It is probably thiord declension, in which case the plural is virus, rather than first, which would give virii.

    --
    Consciousness is an illusion caused by an excess of self consciousness.
  32. Re: Viruses/Viri/Virii by Anonymous Coward · · Score: 0

    "Vir means man. Its plural is viri"

    Thus, Agent Smith is proved correct.

  33. Viri/Virii are wrong in any case by nephridium · · Score: 1

    Virus derives from the Latin word for "venom" and has the neutral gender. The Latin plural -i only applies to masculine nouns of the o-declination. The proper plural for virus, if you'd want to use the Latin form, would be vira (though afaik there is no documented usage of the pural form), all neutral gender nouns have an -a (nominative) plural.

    --


    And when you gaze long enough into the code, the code will also gaze into you.
  34. You misspelled truth by baomike · · Score: 1

    It is not spelled troll it's truth.

  35. yes, but... what's the server running? by advocate_one · · Score: 1

    as far as I can tell from the pdf in TFA, the server side exploit package is relying on PHP and MySQL... so to me it generally indicates a Linux based server... although that isn't an actual given.

    --
    Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
    1. Re:yes, but... what's the server running? by advocate_one · · Score: 1

      and in replying to myself, the exploit hosting server is most likely running Linux to provide the PHP and MySQL... the servers that are hosting the infected frames could be anything...

      --
      Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
    2. Re:yes, but... what's the server running? by Kadin2048 · · Score: 1

      It requires one (presumably Linux-based) server to run the PHP and MySQL "backend" ... that's where the rootkits/malware are actually hosted.

      Then, you go out and hack a whole bunch of other sites -- in this case, all apparently IIS-based, for reasons I won't speculate on -- and add the bad IFRAME, which points to the backend server.

      Joe User visits the compromised site, which has the bad IFRAME. It points his browser to the backend, which has the rootkit-delivery software, which uses one of many known browser vulnerabilities to do the deed.

      It's not clear to me from TFA or other things that I've read, whether the Linux-based "backend" server in these operations is usually a hacked Linux box somewhere, or whether it's a server actually set up and run (very indirectly) by the attackers themselves, in some neutral territory (e.g. Russia). Since it's a SPOF, you don't want (if you're the botnet-operator) it to be taken down too easily.

      Anyway, point is, you have one PHP/MySQL server running the rootkit-delivery payload server, and then you hack lots and lots of high-traffic sites with bad IFRAMEs in order to drive victims to it.

      --
      "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  36. octopuses anyone by baomike · · Score: 1

    If english can tolerate octopuses why not virii?

  37. Re: Viruses/Viri/Virii by zoogies · · Score: 1

    If it's 3rd declension, that would give vires, right?

  38. Re: Viruses/Viri/Virii by Trigun · · Score: 1

    You forgot 'Pwn3d!'

  39. Oh no, not the monocrop argument again... by Anonymous Coward · · Score: 0

    It is boring to always read the same logical fallacy here regarding the monocrop argument: most MS fans keep saying "if insert any non-MS browser here was the market leader, it would be pwned just like Windows".

    This is wrong. It is a logical fallacy easily debunked. If such an assertion was true, this would mean that all OSes would be equal regarding security. Which is wrong (in bold, several times, get it!?).

    These MS astro-turfer fanboys keep repeating this logical fallacy ad nauseam and we can't stand it anymore: no, all OSes are not equal regarding security.

    For a start, I'd guesshazard that if OpenBSD was the main OS its security would prove better than that of, say, Windows 98.

    If you disagree with that you are wrong.

    All OSes are not equal when it comes to security.

    Do you get it now? Note that I'm not saying that more market share for Linux would not mean more attacks but simply that the pathetic security track record of MS OSes is not a fatality. There are a great many poor decisions and poor programming practices responsible for the mess we're in now (I'm talking, for example, about these botnets of 100.000+ Windows machines).

    So, please, MS fanboys, stop astroturfing using your favorite logical fallacy "it's because Windows has 95% market share".

    It is not. All OSes are not equal when it comes to security and this is a fact. Get it now?

    And note too that even if a user doing a "sudo apt-get install m4lw4r3" can still break havoc does not either make all OSes equal regarding security.

    I refuse to concede that DOS, Plan 9, OpenBSD, Linux, Mac OS X, Windows 95, Windows 98, Windows 2000, Windows XP, Windows Vista, OS 2, etc. are all equal when it comes to security. I refuse to concede that for they are not equal regarding security. You cannot prove that they all offer the same protection: they don't. So the monocrop argument is a logical fallacy.

    Anyone trying to spread such blatant disinformation is an MS fanboy astroturfer.

  40. YES by Ayanami+Rei · · Score: 1

    Any more scans?

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
  41. Re: Viruses/Viri/Virii by Anonymous Coward · · Score: 1, Funny

    But I agree with you, virii is both bad English and bad Latin.

    Here, here! Whomever reads slashdot, their things like this that effect how your percieved. Its rediculous, to!

  42. Re: Viruses/Viri/Virii by The+Conductor · · Score: 1

    Parce mihi, "Spare me," everyone here remembers Latin grammar worse than I do.
    vir, plural viri, masculine, 2nd declension, "man"
    virus, 2nd declension neuter, "venom" or "toxicicity"
    bacterium, 2nd declension neuter, plural bacteria
    We don't have any surviving attestations to a plural of virus, or AFAIK, any -us 2nd declension neuter. The meaning is by nature a collective noun: you don't hear "Potassiums" very often, do you? Or is it Potassia? My own sense is that the neuter-plural-ends-in-a wins out over -us-ending-takes-i-for-plural. After all, it's unus nauta not una nauta: grammatical gender wins out over consistent form. Cicero and Vergil aren't around anymore to ask, so that is the best we can do.

    And yes, virii, is just awful, delicto summo.

  43. Italian Job? I'm confused by Tired+and+Emotional · · Score: 1

    OK, I don't get it. So how exactly did this virus mess up the traffic lights in Rome?

    --
    Squirrel!
  44. I wonder if it is related by Anonymous Coward · · Score: 0

    There was an explosion of Italian bank targeting phishing sites reported to http://phishtank.com/ which I remember contacting an admin friend to ask what the heck going on.

    I wonder if it is related to this one.