Slashdot Mirror
Research Indicates Beijing Is World Virus Capital
An anonymous reader writes "The Chinese capital city of Beijing is now a global leader in distributing viruses. According to UK-based managed security services company Network Box, Beijing accounts for 40 percent of all viruses that passed though the company's servers in June, and 5.25 percent of detected spam. This compares with slightly lower percentages for cities in countries noted for having a malware problem. Moscow was second for spam with 5.12 percent, Seoul third with 3.58 percent, Turk in Turkey fourth with 3.4 percent, and London in fifth place at 2.47 percent. 'As more and more users come online in China, there's a good chance those computers are using pirated software without up-to-date security fixes, making them prime targets for hackers who are actually located elsewhere in the world, [Simon] Heron said. Those compromised computers, which are used to send spam and make it more difficult to identify the spammer, are so valuable that hacker gangs have been competing to take over machines. If one gang finds a machine running another gang's Trojan horse program — one that appears harmless to the victim but can be used to control a machine — they'll try to remove the software.'"
Hopefully they get so absorbed in rubbing eachother out that the rest of us can just get on with business as usual.
Engineering is the art of compromise.
OMG Olympic fuelled avian influenza pandemic here we come!?!
Oh, not that sort of virus.
ccalam - acoustic versions of new songs.
This seems like a target-rich environment for black hats to "do business" in.
Rule #1 -- Politics always trumps technology.
that the strictness of windows update is to blame....
duck and cover
..."I blame George Bush".
Any sufficiently well-organized community is indistinguishable from Government.
Blah
I would have guessed Redmond.
That's funny, I thought Africa was?
"Please, shut up. Just when I think you can't say anything more stupid, you speak again." -Archie Bunker.
Conclusion: ... G Bush is 100% responsible for failing to stamp out spam.
Sent from my ASR33 using ASCII
...When you won't allow people to update invalid copies of your software with security fixes. Quite honestly, Microsoft has to bear its share of blame in this. If they would simply make ALL security fixes available to all users no matter whether their copy is legal or not, we might be able to mitigate this problem to some extent.
I'm perfectly willing to admit, however, that you can't make people patch their OS if they don't want to do it.
---don't make me break out my red pen.
I for one wercome our new vilus spleading overrords.
Thank you, WGA.
One might speculate that it's a good thing for linux (and mac) that China runs on Windows. It's an incubator for this kind of activity. It probably does not help that a lot of the windows is pirated and/or never kept patched. Since linux is even harder to keep patched automatically it would not be a better situation (Flame me if you wish but please don't say something moronic as "its' as simple as "apt-get update-all". And even if you believe that linux is more resistant to holes than windows that's not an issue: Remember most of these bots come in as trojans not remote execution exploits, and they don't even need to run as root--so linux is not going to be more secure against trojans people welcome into their user spaces.
Now just imagine in the future when phones become general purpose computers, not subject to reprogramming by the phone service provider. That's going to be billions of rooted computers. Yikes.
Some drink at the fountain of knowledge. Others just gargle.
What is "Turk in Turkey"? Some guy named Turk in Istanbul?
Maybe the people who wrote these viruses are to blame?
What if somebody is simply zombying Beijing servers and/or desktops? It just may mean they have the most zombies, not that the actual perpetrator is there. It would still be considered lax security either way. Unless perhaps some big virus shop chose Beijing as their frame target because of China's already poor reputation in this area such that nobody would look elsehwere once traced there.
Table-ized A.I.
and let me guess, the "UK-based managed security services company Network Box" is trying to get into the Chinese market?
..due to glorious globalization and the firm and intellectual resolve of our esteemed business and political leaders, you get all of the above *cheap* and it increases shareholder value! Remember, efficiency is key to increasing the "bottom line", so if you want more cheap counterfeit poisonous junk, exploding batteries, and quality computer viruses, vote the Globalist party (either D or R wing) in 08!
Why would you rather be flamed than have someone point out the truth?
I caught some serious viruses last time I was theer
Help! I'm a slashdot refugee.
I defeat SPAM and I will defeat you.
I been monitoring spam, brute-force attacks and other junk that is coming to my network and most of it comes from China recently. It is hard to discern if these are 2nd or 3rd party bot attacks but in the last month I had and still under spam attacks from China, Korea and other locations and China is still number one for me.
China is still "under-development" and I think most systems in China are half-baked that are ripe for botnet attacks so my thinking that the junk is botnets. Don't think I'm against the Chinese since I'm Chinese also and seen the fair amount of bad configurations, software and hardware that Chinese have and they have a headache beyond any system administrator's nightmare. But who is controlling the botnet I would like to know since there is so much junk other there I barely have anytime to defend against it.
if the monitoring was inside china, rather than outside of it? Just because something appears to come from another country does not mean that it does.
There is no city called Turk in Turkey...
Well, it seems that the moderators are as uninformed as you are. Imagine that.
Most current distributions AUTOMATICALLY check for updates.
And they do NOT require "Windows Genuine Advantage" or any such crap (unless you're running Novell). Ubuntu does this flawlessly.
Actually, at the moment it appears that the majority of NEW infections are coming from holes in IE.
Zombies send out spam telling you that you have a greeting card at site 123.321.123.321 and when you go there, IE is cracked.
So, running Linux WOULD prevent that.
And regarding trojans, Linux makes it FAR more difficult to run software WITHOUT specifically intending to do so than on Windows. So Linux is more resistant to trojans.
Go ahead and claim that just because it is possible for a sysadmin to fuck up his system despite all the precautions otherwise
The fact is that Linux is far more resistant to viruses, trojans and worms.
And that is sufficient because it appears to drop the infection rate below the disinfecting rate. So the threats die because they're cleaned faster than they can spread.
But we've gone over this before and we'll go over this again.
Not only does this country have an insane problem with computer security, it also brought us SARS and the soon to come bird flu. WAY TO GO CHINA!!!!
Now look at Ubuntu.
By default, you are a less privileged user. You have to do RESEARCH on how to log in as the root account. And the people who are most likely to be a problem are the least likely to do the research. This limits the trojan and virus threat.
By default, there are no open ports. This limits the worm threat.
People can STILL manage to get their Ubuntu machines infected. But it takes a LOT of work on their part and it's very easy to clean them.
Once the infection rate falls below the disinfection rate, the "threat" dies.
Microsoft is TRYING to get around to doing this. But they're still learning. Maybe Vista +1 will follow Ubuntu's lead.
Washington D.C. is the World Computers Vulnerability Capital.
n ti-anti-anti-anti-non-non-non-anti-anti-nondisclos ure.
Does anyone remember the Windows Vista spyies you?
Does anyone remember the Intel Core Duo2?
Why the 95% of the PCs are based in the vulnerables Intel/AMD with Hasefroch Windows?
The vulnerabilities were pre-designed by the DARPA for massive auto-destruction violating all the contracts with NATO's countries.
It's a anti-anti-anti-anti-non-non-non-non-non-non-non-a
To guard their citizens against these virus threats, the Chinese government should create a giant firewall and put all their machines behind it!
Oh wait...
( ^_^)/
Somebody better let Paris Hilton know that Beijing took her title while she was in prison.
vilus capital...I keed, I keed.
I know it would be a small percentage, but with IP spoofing, and other options, how many spams are being mislabeled because china ip's are easy to copy and hard to verify? I've done research into China based IP's for spam and brute force attacks and can never get much info on it, seems to me like if I were to spoof an IP, that would be great cause it's harder to prove it is / isn't legit.
P.S. Dye gramar nazi dye.
"This compares with slightly lower percentages for cities in countries noted for having a malware problem. Moscow was second for spam with 5.12 percent, Seoul third with 3.58 percent, Turk in Turkey fourth with 3.4 percent, and London in fifth place on 2.47 percent."
As a Turkish guy I would like to state that we don't have any city/town/place called Turk in Turkey. But we have around 65 million Turks living in Turkey. I am really sorry that we don't have a place like the author said but I'll contact the authorities immediately to build a new city named Turk and place all spammers/virus writer in there so you don't have to change your post. We're benevolent people.
Couldn't it be diverted from it's propaganda goals to also filter for malicious traffic?
You can't take the sky from me...
As a friend of mine always said, bag it and get on with it.
Stick Men
Couldn't it be diverted from it's propaganda goals to also filter for malicious traffic?
You mean censorship? Propaganda is what you read on sites like Slashdot. Both are bad, but they are not to be confused with each other.
I'll probably be modded down for this...
How is it that the Chinese are so good about keeping out what they don't want their culture to learn about the rest of the freedom loving world, and so incredibly lousy about keeping in what they shouldn't be spreading to anyone else?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
It's funny how the Chinese government can filter anything they want to, yet they allow this crap through. Hmmm, I think the key point is WANT TO. More than likely half of it is state sponsored.
Turk is not in Turkey country.
Turk is in Uzbekistan country.
The exact localization of the HaXoR is in the UnDeRgRoUnD of this garden inside of an anonymous farm.
china has fired the first volley:
poisoned food.
computer virii. (or viruses for the humans)
email spam.
We will retaliate by opening more chinese armories. (otherwise known as WalMart)
They're using their grammar skills there.
most of the turkish internet users use internet for limited purposes - using MSN messenger to chat (generally during work), chain mailing each other and 20-30 lot lists various forwarded email messages that are "funny", "interesting" or "cool", (most of them are powerpoint slideshows, which are widely used to spread viruses), and idiotically clicking on links in chain forwarded emails that are supposedly sent by their "friends" - which takes them to trojan, keylogger, virus anything malicious sites.
this is something actually present in all countries, but its more serious in turkey. people generally do not work in any job that remotely in their interest area in turkey, due to unemployment, tough economic conditions, and social pressure that forces people to "immediately find a job, marry and make a baby, thereby creating a family". this results in people being more interested in anything other than work during work hours - in this, internet jumps in, and surfing, chain forwarded jokes, "funny site links", and emails go rampant. result is virus mayhem.
Read radical news here
Try to live here without buying anything from China. It's gonna be tough, especially if you want to buy shoes or electronics without parts or assembly in the PRC. Here's an interesting article about it.http://www.csmonitor.com/2005/1220/p09s01-coop. html
We are all just people.
From what I've read, a lot of meatspace viruses originate in China as well. When I first read the headline, I wondered which kind they were talking about.
When I saw the headline, I thought: "Which kind of virus?"
The People's Republic of China spends a considerable amount of attention on limiting what ordinary citizens are able to see on the Internet and this concerns many people in a variety of marginalized groups in the country. People in the West often complain at how unjust this is but the companies making the products to do it are in our own back yard. Beijing has it's fare share of academics being the capital of a country and all, so I think stomping out some unruly computer virus must not a priority. Maybe this is a good thing, at the very least it means that vast portions of the Internet remain unregulated so the network is not a total lockdown. Personally I hope China spends more time addressing public health issues and dealing with human viruses more effectively than trying to ensure my inbox does not have a lot of spam.
Are they the same people that also told us Africa is the aids capital of the world, and that they speak English in Australia?
That's what I thought too. I think this gives away the fact that they were using the HostIP location service which is littered with references to 'Turk'. The same service also doesn't identify location to province level in China or Korea. For Chinese netblocks the whois records will invariably give the address as 'Beijing' with only the description pointing to the province which in fact owns the address. For Korea there's little information at all. Nothing in whois and none of the main Geoip services can shed much light - so everything gets lumped into Seoul. And ... a lot of ISPs in the UK tend to use a nationally-based dynamic allocation pool - with the result that the IP is just going to be tagged to ... London.
So the rankings are of little use and the percentages are absolutely of little use. I guess Moscow would turn out to be the actual virus capital then we learn that China, Korea and Turkey have serious problems. We knew already.
Anyone remember when Bulgaria was the virus capital of the world?
put it in the bit bucket
I still wonder about the psycology of people who choose to write viruses. These people are writing programs to intentionally damage peoples lives. I wonder if they actually understand the consequences of what they're doing? (not law-based consequences, but the fact that they're hurting innocent people). Do they not care? Or is it the same cry for attention and help that other people (non virus-writers) express in different ways. Why is china in the lead? perhaps these people are unhappy with their lives and express it in this way? any psycologist care to comment?
What a load of crap. So how reliable is the "China == virus capital of the universe" conclusion all the xenophobes are hyperventilating about here? Perhaps Beijing is the sweetspot now, increasing connectivity, lots of unsecured PCs. But the source is very likely elsewhere, (Moscow? Florida?) and will switch in a minute if conditions change.
"The point of the nonsense spam is to mess with adaptive spam filters."
True.
"The idea is to train the filters so that the relative weight of whether the message looks like gibberish or not is high compared to other factors. Then you make the spam messages you want to actually reach the recipient look like legitimate messages."
Ah, no. The idea is to get past the spam filter with gibberish text but hawk the spamvertized item in a GIF or JPEG that the filter cannot see, but a human can (at least when reading email in HTML rather than straight text mode).
I suspect the grandparent sees only the gibberish because his email clien defaults to plain taxt rather than HTML viewing mode. Smart move, that, for a number of reasons I am sure most here already know.
Ignorance is curable, stupid is forever.