Slashdot Mirror
The World's Biggest Botnets
ancientribe writes "There's a new peer-to-peer based botnet emerging that could blow the notorious Storm away in size and sophistication, according to researchers, and it's a direct result of how Storm has changed the botnet game, with more powerful and wily botnets on the horizon. This article provides a peek at the 'new Storm' and reveals the three biggest botnets in the world (including Storm) — and what makes them tick and what they are after."
I thought so.
You are being MICROattacked, from various angles, in a SOFT manner.
In other words, stupid people and people who dont care about security punish the rest of us. How nice.
You dont know how much I would appreciate a "Internet License" to show basic security and protections on the net. WIth the financial nets and traffic nets as they are, I'd say that hauling a 2 tom missle down a highway and doing this would be similar.
Imagine if somebody did this but donated cpu time to distributed computing projects like that one on cancer research. Force philanthropy would be rather strange and still illegal, but at least slightly more noble in a Robin Hood sort of way.
Probably because it's not the heart of all these problems. The heart of all these problems is that a billion security-unaware people operate computers that are connected to the internet.
Do you honestly think everyone switching to a different OS would solve the problem?
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
If you are afraid of Linux, switch to OSX.
We have heard that line saying it's the fault of the novice computer.
I did not believe that 10 years ago. I still don't believe it.
10 years ago, I thought that Microsoft would fix the bugs that created this Anti-Virus business.
I was wrong. Microsoft never saw a business reason to fix those bugs. Instead they increase the "It's not our fault" marketing, and even got into the [Anti]Virus business themselves.
The Windows Virus-prone bugs 10 years ago were:
- System access/execution from Office templates.
- System access/execution from Active X.
- System access/execution from Browser in general.
- System access/execution from Email attachments.
These features I suppose are there for novices. The same novices that are blamed for perpetuating "viruses" by using these "features".
These "features" have never existed in Linux.
Probably because it's not the heart of all these problems. The heart of all these problems is that a billion security-unaware people operate computers that are connected to the internet.
No, the heart of the problem is that windows, despite what M$ claims, was not be designed for those people and as a result those people make mistakes.
Software is soft, it can be anything we want it to be, and assholes who claim that "software can't do software related things" are lying through their teeth.
If thirty odd years ago windows had been designed responsibly we wouldn't have the mess that we have now. Amongst many other things when connected to the net they deliberately confused static data with executables and deliberately ran all programs as administrator. Things that mainframe OS' and Unix had understood and solved decades before. I can remember the very first time I saw a web page with an executable and thinking "you stupid fucking idiots". The ramifications were obvious right from the start; M$ just chose to ignore them.
The marketing parasites, and their patsies, who to this day continue to claim that windows was not a large part of the problem are lying arseholes. M$ is slowly improving their security but they still have a long, long way to go with a culture that still tries to test for security rather than building for it. And yes, despite what some idiots claim, security and user friendliness are not mutually contradictory. In fact they are more complimentary than contradictory with well built security systems helping users to make good choices for their own safety as well as everybody else's.
---
Flash = blink tag = incompetent web designer.
There are millions of Macs out there, and growing. But they're harder to compromise by design. The elusive "Mac virus threat" remains largely a marketing device for Symantec.
Have you read my blog lately?
Care to run a Linux live CD, mount your file system, dump the whole tree to plain text, and post it? A green Franklin says you have a virus or piece of malware on your Windows box right now that you don't know about.
Yes, Linux would fix 99% of the problem, the same way not smoking crack will cure a drug problem. Did you think the world's biggest monopoly can't make a secure system if they want to? So why don't they? Because they make more money when it breaks beyond fixing and you have to buy a new one.
Check the literature from before Windows 3.1 spread everywhere, and contrast it with today. Stupid users did not cause Windows. Windows caused stupid users.
The sophistication of this Storm "application" is much more indicative of a mature elder programmer, who probably has read the complete cypherpunks archives. We talked about stuff like this long ago. Compare to things like the Morris worm, the two Manila children, etc. Those were intense, but brief due to coding errors and the like.
Bah. No, these people are not children and they do know what they're doing.
"stupid people"
Because someone does not know much about computers, and specifically computer security, does not make them "stupid". It most often means that they have things they they are skilled to deal with. Because you probably cannot perform open heart surgery does not make you stupid either. It means that you probably know about computers and their security. We all have our areas of expertise and interest and they cannot be everything-there is only so much time and mental capacity.
This type of attitude I find prevalent among people who know a bit about computers. This is one of the reasons that Linux has taken so long to be usable for the masses. Most people do not want to build their own computers and most people don't want to have to learn about computer security. They want the people who specialize in it to make it where it works for them.
It's really nice to be a linux user for over a decade and sit back and say "ha ha". I don't believe Microsoft is capable of combating, or willing to combat, the problem. At the bottom of this issue however, is the fact that many users are clicktards. Infecting a linux or mac system is as easy as tricking a user into clicking something, or even simulating the pop-up password dialog box for a sudo event. Let's start with Fedora for instance. The ssh service, by default, allows root logins. How many users would enter their root password into a javascript popup that is titled "New updates for your Fedora system are available. Enter your root password to download and apply these updates"? I'm not picking on Fedora, it's a great distro. I certainly don't agree with PermitRootLogin yes as a default in sshd_config. Regardless of firewall settings, it's foolish. Alternative systems should be taking a cue from the shortcomings of Windows and doing what they can to minimize their own strike zone.
boycott slashdot February 10th - 17th check out: altSlashdot.org