Slashdot Mirror
Research Indicates Beijing Is World Virus Capital
An anonymous reader writes "The Chinese capital city of Beijing is now a global leader in distributing viruses. According to UK-based managed security services company Network Box, Beijing accounts for 40 percent of all viruses that passed though the company's servers in June, and 5.25 percent of detected spam. This compares with slightly lower percentages for cities in countries noted for having a malware problem. Moscow was second for spam with 5.12 percent, Seoul third with 3.58 percent, Turk in Turkey fourth with 3.4 percent, and London in fifth place at 2.47 percent. 'As more and more users come online in China, there's a good chance those computers are using pirated software without up-to-date security fixes, making them prime targets for hackers who are actually located elsewhere in the world, [Simon] Heron said. Those compromised computers, which are used to send spam and make it more difficult to identify the spammer, are so valuable that hacker gangs have been competing to take over machines. If one gang finds a machine running another gang's Trojan horse program — one that appears harmless to the victim but can be used to control a machine — they'll try to remove the software.'"
This seems like a target-rich environment for black hats to "do business" in.
Rule #1 -- Politics always trumps technology.
...When you won't allow people to update invalid copies of your software with security fixes. Quite honestly, Microsoft has to bear its share of blame in this. If they would simply make ALL security fixes available to all users no matter whether their copy is legal or not, we might be able to mitigate this problem to some extent.
I'm perfectly willing to admit, however, that you can't make people patch their OS if they don't want to do it.
---don't make me break out my red pen.
and let me guess, the "UK-based managed security services company Network Box" is trying to get into the Chinese market?
From what I've seen you have spam, mostly targeting English speaking Americans and Europeans and you have worms targeting anything with a fast connection, for use as a bot. I suspect that even if China was suddenly all using Red Flag Linux, worms and spam from China would still target the US.
Since linux is even harder to keep patched automatically it would not be a better situation (Flame me if you wish but please don't say something moronic as "its' as simple as "apt-get update-all".What version of Linux on the desktop do you run? My Kubuntu install pops up a nice GUI when updates are available, and that was the default configuration. It also applies to a lot more of the userland software than Windows update does. I find it a lot easier to keep up to date than my Windows install.
And even if you believe that linux is more resistant to holes than windows that's not an issue: Remember most of these bots come in as trojans not remote execution exploits, and they don't even need to run as root--so linux is not going to be more secure against trojans people welcome into their user spaces.I think you're mistaken here on several points. First, every study I've seen and the non-public data I have from work shows the majority of infections are from worms that do not involve user interaction, not from trojans. There are a lot more types of trojans, but they just don't spread as quickly and widely as fully automated attacks. If you're counting by infection instead of by number of malware variety, trojans are not the biggest threat.
Second, I do think the design choices of the major Linux distros are more secure than Windows for the most part, but that is not the reason why Linux will always have less chance of malware infection than Windows. Innovation, including innovation into security, is driven by market forces. Windows is a monopoly. When a Windows box is compromised, MS does not lose any money and very, very, very rarely lose any customers. Linux, due to its licensing, will never wield monopoly force in the market, thus it will always respond to the wishes of the users, who also happen to be the developers for the most part. If malware attacks against Linux were to increase in frequency enough so that Linux had to face the same level as Windows, Linux would not fare all that much better at first, but it would quickly develop better security features to mitigate the attacks, probably starting with an SELinux type approach combined with human generated white and grey-lists and some sort of an open verification scheme. User space versus root is not the most granular level of security on all Linux boxes today and if trojans became an issue on Linux, that would expand to consumer desktop systems.
Now just imagine in the future when phones become general purpose computers, not subject to reprogramming by the phone service provider. That's going to be billions of rooted computers. Yikes.That all depends upon how many OS's and providers for phones their are. If there is a monopoly, yep we'll have terrible security and it will be a mess. If we have a healthy market with multiple competing players, I don't think it will be a serious problem.
There is no city called Turk in Turkey...
Couldn't it be diverted from it's propaganda goals to also filter for malicious traffic?
You mean censorship? Propaganda is what you read on sites like Slashdot. Both are bad, but they are not to be confused with each other.
I'll probably be modded down for this...