Mega-D Botnet Overtakes Storm, Accounts for 32% of Spam

Stony Stevenson writes "The new Mega-D Botnet has overtaken the notorious Storm worm botnet as the largest single source of the world's spam according to security vendor Marshal. This botnet currently accounts for 32 percent of all spam, 11 percent more than the Storm botnet which peaked at 21 percent in September 2007. It started about 4 months ago but has been steadily increasing since then. It is also using news headlines to trick victims into opening the spam, a technique synonymous with the Storm worm."

Using Headlines to Trick People Into Clicking

[tomhudson]

"Mega-D Botnet Overtakes Storm, Accounts for 32% of Spam - using headlines to trick people into clicking"

It must work - I clicked on this article ...

Re:Using Headlines to Trick People Into Clicking

[Amorymeltzer]

Oh god... Taco, What have you done?!

Re:Using Headlines to Trick People Into Clicking

[machinelou]

Seriously though, how do they know which botnet sent which piece of spam?

Re:Using Headlines to Trick People Into Clicking

[ichthyoboy]

Let this be a lesson to all...friends don't let friends drunkenly post AC on /.

Re:Using Headlines to Trick People Into Clicking

[utopianfiat]

Moreover the headline sounds more like a sci-fi cyberpunk b-movie
"Mega-D Botnet Overtakes Storm the Movie"

Re:Using Headlines to Trick People Into Clicking

[Hoi+Polloi]

I can't tell if "Mega-D Botnet" is a rapper or a Transformer.

imagine what they could do...

[Cyko_01]

...if they were to work together against a common enemy!

Re:imagine what they could do...

[kramulous]

Except the compromised machines are probably the same ones.

Oh..... Your...... God!

[neonmonk]

Ah well, there's always hope. BAHA-HAHAHAHAHAAAH

Nothing!

[QuickFox]

"Mega-D botnet"? Pffft! That's nothing compared to the latest ship-and-anchor technology!

Re:Nothing!

[qkslvr846]

I'm going to get dekarma'd but that was simply brilliant humor. My chair nearly capsized.

Re:Nothing!

[Daltin]

Capsized? Like a ship? Be sure not to put it's anchor down on any of your LAN wires.

Re:Nothing!

I believe that is called a "dragnet"

Re:Nothing!

The new standard is that as long as terrorists weren't responsible it is ok. It isn't WHAT happened that matters anymore, it is HOW it happened.

Hmm

[rakuen]

So what's the end goal? A botnet that accounts for 99.9% of all spam? Not that that would necessarily be all bad; at least then we'd be able to unite our ire against one entity.

The largest "single" source?

[n6kuy]

Largest multiple source, I'd say. It's a bot net after all.

No longer synonymous, then

[gardyloo]

If this new guy uses a technique which something else used, the technique is no longer synonymous with either of them.

Re:No longer synonymous, then

[Fiznarp]

'Synonymous' describes two words that are synonyms. Since the subject described (a technique) isn't a word to begin with, I doubt it was ever synonymous at all. Though it may have been 'commonly associated' with the Storm worm.

Re:No longer synonymous, then

[ityllux]

Or "analogous" to the Storm worm, probably what he meant to say...

Windows users

For those of us still running Windows XP, I remember there being several products from Mcafee and Symantec that would be available for free download to remove the latest pieces of malware. I don't know what the latest and greatest is now. Are there any specific tools we can use (beyond a virus scanner) to check for and removed malware?

Re:Windows users

[ISurfTooMuch]

One thing that comes to mind is Microsoft's Malicious Software Removal Tool, which comes out each month in Windows Update. Another tool is Trend Micro's online virus scanner, located at http://housecall.trendmicro.com./

The tools you're thinking of were standalone removal tools for specific pieces of malware. I'm sure they still release these from time to time. They usually came out for malware that was especially high-profile, so don't expect to see one for every one out there.

But the most useful tools, IMHO, are the antivirus programs you can get for free, specifically AVG and avast!, among others. They work well, and they're much less bloated than Symantec of McAfee. Whenever I'm setting up a new computer for someone, reinstalling Windows on an old one, or doing any kind of work on one, I make it a point to question the owner about their virus protection and, after getting their OK, install some soft of AV software on it. If every geek did this, we might make an impact, albeit a small one, on the botnet problem. Remember, a little education goes a long way.

mAVG: http://free.grisoft.com/
avast!: http://www.avast.com/

Re:Windows users

[joshuaes]

I think ClamWin is a decent open source antivirus. Only gripe I suppose is that it does not have an On-Access scanner. You can still schedule scans though. http://www.clamwin.com/

Re:Windows users

[SL+Baur]

For those of us still running Windows XP Statistics show that the preferred botnot OS of choice is Microsoft Windows XP. You are part of the problem, not solution. Upgrade your OS to Linux, Mac OS X, or Vista, I don't care which. Just upgrade it.

Castration

[flipper9]

Now, if they would just make the punishment castration for creating these botnets, spam would grind to a halt.

Re:Castration

[peektwice]

Maybe a ship could accidentally drag an anchor over the spammers junk and cut them off from the internet.

Re:Castration

No; in fact spam would simply become one of the few tech industries with a high female to male ratio.

Re:Castration

That's only a punishment if there's the remote possibility of the castrate-ee having kids at some point in the future. For most slashdotters (and likely those responsible for the botnet), that's not much of a punishment since we're extremely unlikely to reproduce anyway.

Re:Castration

uh, it's run by women who want us men to have bigger manhoods, didn't you know?

Mega-D used for Arab Propaganda

[jihadist]

You see a lot of this stuff coming out of the Middle East: Jews did 911, Jews own the USA, Jews will make your penis shrink, etc etc

We need to fight back!

"The Jewish people have never had a friend in both fair and foul weather. Our allies have betrayed us, deserted us in our hour of need, and killed us in unprecedented numbers using crematoria and poison gas. To be Jewish is to know that wherever you go, you'll always have to watch your back.

Even in Israel we are persecuted by another ethnic group, the Arabs, who will not be happy until the last Jew is dead. In Europe, Nationalism is rising in Germany, Russia, France and the Netherlands. Soon there will be no tolerance left for Jews, and we will be exterminated.

Unless we take a stand."

http://www.zionists.com/

Just you wait! O-O

The Mega-DD botnet is on the way! For real men!

Priorities

[Fuzzums]

Isn't is nice to see that governments rather go after internet gambling, something that really doesn't dother me at all, and completely ignore spam, something that is really annoying to us, the normal people...

It makes clear, once again, that governments are totally not 2.0-ready. They don't know about how technologies work and how to deal with it.

Re:Priorities

[causality]

Isn't is nice to see that governments rather go after internet gambling, something that really doesn't dother me at all, and completely ignore spam, something that is really annoying to us, the normal people...

It makes clear, once again, that governments are totally not 2.0-ready. They don't know about how technologies work and how to deal with it.

What surprises me is the benefit of doubt that is always given to those in power. There is much political power to be had by allowing something to become a crisis and then stepping in with "justifiable measures" to address said crisis. This is referred to by various names; the two which come to mind are Problem, Reaction, Solution and the other is Thesis, Antithesis, Synthesis. The idea comes mainly from Hegel although I suspect it's actually older than this.

Really, don't you ever wonder why most "crises" were foreseeable events that were ignored or neglected until they became huge problems? Personally, I am not so quick to assume they just innocently "don't get it." They might or might not understand the technologies involved, but they certainly do understand what millions of people demanding that they "do something right now" can mean for their political careers.

Re:Priorities

[ronark]

Governments will never be "2.0 ready" as you claim. They are already "follow the money ready" and this will never change.

Re:Priorities

[Kavli]

It's really simple:

Gambling and the taxation of gambling is a source of income for governments and this is the only interest they have in this matter. Spam, or the lack thereof, is not going to have any impact on the financials of any state, so they couldn't possibly care less.

Re:Priorities

It makes clear, once again, that governments are totally not 2.0-ready.

You're kidding, right? Please? OMFG.

Re:Priorities

[Lewrker]

See, politicians might appear quite ignorant most of the time, but SPAM really isn't a political problem. I can experimentally prove to you that making all people who randomly click on all flashy widgets and install software from unknown sources disappear will not only stop most of the botnets, it will also make everyone else's lives much happier and easier.

Re:Priorities

[BarlowBrad]

They don't know about how technologies work and how to deal with it. And governments will continue on oblivious until we elect people who do know how technologies work and how to do with them. This election year (now for primaries, and in November for President and other offices) we have the chance to vote with more than just our dollars (as /. is so fond of saying with regard to the MAFIAA). Educate yourself, tell others and make your vote count.

Or else we will just be stuck with the status quo until the "tech generation" grows up and gets themselves into office.

Re:Priorities

[erroneus]

Yes, because the voters are appeased when religion is appeased. Prostitution, gambling, drugs and alcohol are all vices that people have been engaged in since the dawn of man. Religion has been the **industry** (don't kid yourself, religion is an INDUSTRY) that has placed itself as an enemy of humanity's vices, its own nature, to justify its existence. Human nature won't change and the perceived need for religion will perpetuate itself for the duration of humanity's nature. And as long as people can be distracted by religion, people will continue to vote for the issues that win elections and enable laws.

The reason governments go after vice is because that's what religion wants and the people speak to what religion has brain washed them into demanding because only religion and religious values stand to fight something as unchangeable as human nature.

"Vice" laws need to go away. It should be written into the constitution of every government that morality is not the domain of government so long as it doesn't conflict with the government's obligation to maintain general welfare and common defense. Gambling, drugs and alcohol and prostitution could NEVER threaten general welfare of a population directly. So laws against them can only be the response of legislators who have responded to the demands of the religion industry.

(And before anyone starts responding with disease and violent crimes related to gambling, drugs and alcohol, and prostitution, you'll find that most of these things are caused by their existence as underground and largely illegal activities as demonstrated very well as the prohibition of alcohol created organized violent crime industries that disappeared when prohibition was repealed. Take away the laws against other vices and you will see similar decreases in the diseases and violence surrounding the other vices... they won't go away but they will actually be less of a threat to GENERAL public welfare.)

An end of religious law would allow the focus of law and regulation that actually serves the purpose of government -- to provide for the common defense and to promote the general welfare.

Re:Priorities

[the_macman]

Bravo sir, Bravo...What you've written is brilliant. I couldn't agree more. Unfortunately for you and I religion will NEVER go away. Here's the catch. Religion is based on faith. The opposite of faith is doubt. To a religious person, anyone who doubts religion is clearly wrong and that just means you must try harder to convince them of your religion. Not too many people say, "Damn your right. My religion doesn't make sense at all." Instead they say, "You poor misguided person. I will pray for you.", and become even more steadfast in their religion.

That's why I'm moving to mars.

Re:Priorities

[causality]

Yes, because the voters are appeased when religion is appeased. Prostitution, gambling, drugs and alcohol are all vices that people have been engaged in since the dawn of man. Religion has been the **industry** (don't kid yourself, religion is an INDUSTRY) that has placed itself as an enemy of humanity's vices, its own nature, to justify its existence. Human nature won't change and the perceived need for religion will perpetuate itself for the duration of humanity's nature. And as long as people can be distracted by religion, people will continue to vote for the issues that win elections and enable laws.

What you describe is exactly why I dislike organized religion.

It's a shame it so often becomes confused with an individual's quest to find his/her place in the universe and to become a spiritual being with a sense of purpose. That is something that no group or election or law is ever going to give you. If you perceive a vice as a character weakness and decide that you don't need it to feel fulfilled and that, in fact, it would hinder you, you have achieved something that no law or other threat of punishment is ever going to accomplish. This kind of realization always occurs on a personal level and no list of "do's and don'ts" is ever going to make it happen. The best thing that an organization can bring about is a change in external behavior only; enhanced understanding of who you are does not come from external things and cannot be forced onto another person.

Re:Priorities

[Fuzzums]

Interesting reply

So you're saying for politicians it would be more interesting, career wise, to follow the path of Hegel et al and first let something become a problem, wait for a lot of complaints, solve it because a lot of people demand it and then become the "hero".

Still, if I look at some measures like demanding from ISP's to keep record their users's traffic information for 3 yeard, I still have a faint impression they don't know what they're dealing with and how to deal with it.

Re: Priorities

[Black+Parrot]

Isn't is nice to see that governments rather go after internet gambling, something that really doesn't dother me at all, and completely ignore spam, something that is really annoying to us, the normal people... Coming down on gambling will garner the votes of a vocal bloc who think it's immoral. How many of "us, the normal people" will ever be single-issue voters with a focus on spam?

Re: Priorities

[cmacb]

How many of "us, the normal people" will ever be single-issue voters with a focus on spam?

Probably few to none. It is, unfortunately the lock that both parties have on single-issue-voters that makes progress on many many issues unlikely. If the parties can get all the votes they need on issues such as abortion, gun control, immigration and special rights for various groups, what incentive will they ever have for focusing on the economy as a whole, improving our infrastructure (or getting out of the way so is can be improved). There are make-or-break issues that are rarely touched upon in debates etc., simply because so much time is spent on the issues for which vast numbers of lawyers and lobbyists make their living. With most people I talk to, once you get beyond one or two hot-button issues they plead total or almost total ignorance.

Re:Priorities

[Bill,+Shooter+of+Bul]

Very Interesting. I think that idea really trancends politics to almost every area. People are more willing to let a crisis come, rather than taking steps to prevent it. I'm nto sure how much of that is caused by psychological inertia, and how much of it is malicious.

Re:Priorities

>Prostitution, gambling, drugs and alcohol are all vices that people have been engaged in since the dawn of man.

And you know what? Theyre still wrong, regardless of the religion of the day.

Prostitution has historically only promoted violence against women, victimization, spread STDs, and caused social stress. Arguably, it can be done "right" but so thats the exception and far from being the rule.

Gambling has sent many families to the poor house. Its dead simple to get compulsive with this. Casino odds are terrible.

Drugs. Oh youve got to be kidding me. Its not religion fighting drugs its people who have a friend of relative ruin his or her life with them. again, this can be done "right" but its still very much the exception

Alcohol. Easily one of your weaker drugs, and currently done more "right" than more "wrong" in a lot of places. Still plenty of room to abuse, especially when mixed with driving, which happens all the time.

>"Vice" laws need to go away.

Please start your own country where you give up on these laws and Ill show you another failed state. Oh well, I guess all you Ron Paulies die hard.

Re:Priorities

[Martz]

Faith is belief without evidence - either because no evidence exists, or contradicting evidence is blindly ignored.

Re:Priorities

[erroneus]

"General Welfare" vs. "Individual Problems"

Each of the problems associated with the vices I listed are generally individual weaknesses. These are problems with the individual, not with a society. I might even go as far as to say we're fighting natural laws of selection by preventing addiction prone and otherwise weak people from doing some of these things legally even though some people will do it illegally anyway.

There will always be those individuals and in a way, you've made my point. Has making laws against vices prevented those things from happening? Not at all. Has removing or reducing laws around alcohol decreased criminal activities and even deconstructed an underground industry? You bet it has.

Laws about morality are a funny thing. When there are "morality laws" people think that going against them are somehow immoral. On the other hand, the inverse is true -- when the morality laws aren't present, somehow it's not immoral. For example, look at cultures where prostitution or more specifically where adultery are common-place. In those cultures, the very same activities cause a lot less trouble than in places where it's considered immoral. Let's pick on Clinton... if he were the president of France instead of the U.S., people wouldn't have given a crap if he was getting a blowjob in his office.

Re:Priorities

[Azuma+Hazuki]

2.0 ready? They're not even 1.0 ready. Shit, they're not even "computer-ready" if you believe some of the stories about how the Fed botches major IT projects, to say nothing of the deleted emails, etc.

Is it time to thank the enablers?

[erroneus]

In a world full of people looking to get what they want at the expense of all others, we should learn to accept that the bigger fish will eat the smaller fish, but even the smaller fish gotta eat.

People drive their cars every day... there are accidents sometimes. The accidents slow the traffic and pisses everyone off. Sometimes accidents are actually the fault of stupid people. Sometimes the accidents are design problems in the cars. Sometimes the accidents are problems with the roads themselves. But when the accident is cleared and people are going their merry way, we forget the accidents and we certainly never give the causes another thought.

Sometimes people do things to help make the roads safer, but what really works is education and improving levels of awareness. Where driving is concerned, at least where I live, we're at a pretty good balance... not too many accidents and awareness is high enough that it stays that way. Because when it comes to travel on the roads, we know there are no safe roads and there are no safe cars. There are only safe drivers.

I'm trying to draw pictures to draw comparisons. The comparisons should be rather obvious if I haven't been modded -2 Off-topic already. I'm trying to show the motives and the mentality leading to how we got where we are... we have stupid people without awareness or education. We have unsafe computers and unsafe networks. The network needs to be safer, but it can only be "so safe" without removing too much of its usability. The computers need to be safer and certainly CAN be safer... just like cars, the makers need to be sued and regulated until they ARE safer. (Yes, that means Microsoft should be held accountable for their part of the blame!) But computers can only be made "so safe" without removing too much of its usability. After that, the rest of the balance can only be maintained with education and awareness and that's the job of the governing bodies.

We live in a world with a lot of problems and dangers. We teach about a lot of things and think it's rather natural that those things we don't teach and warn people about will naturally lead to problems related to it. We've got a culture and economic system that *VERY* dependent on the public internet and the use of personal computers. We've got heavy dependence on a very weak and exploitable system. I just have to wonder how bad it has to get before the enablers are finally held responsible.

The enablers are the designers of the internet, Microsoft and the governments. The internet is being fixed with IPv6 but not fast enough because the governments are in the pockets of the people who stand to make less profit while the transitions are being made from IPv4 to IPv6. Microsoft is a significant inhibitor (among others) of change and improvement because they are the dominant technology connecting the public internet to the users and to the resources and economy that they all mutually depend on. Government is the only way to make change happen because it is clear that the wisdom and intelligence of the public is low enough that they will always be ineffective. Microsoft and other industry players spend and pay so that they can remain unregulated. They are the enablers of the hell we live with. Let's thank them. Thank the enablers.

It is the government's responsibility to educate the people absolutely and they are failing in that responsibility absolutely. (Note that I don't say it is the government's responsibility to protect the people. Government needs only to provide for common defense and to promote general welfare.) It is also the government's responsibility to regulate things that can cause problems or interference with the general welfare which includes the economy. The public internet, anything dependent on the internet, and the economy are demonstrably threatened by unregulated majority and monopoly players such as Microsoft. They don't want to be regulated, but they need to be regulated as the general welfare is at risk.

A si

Re:Is it time to thank the enablers?

[Kineel]

It is the government's responsibility to educate the people absolutely and they are failing in that responsibility absolutely.

That is perhaps the single most frightening statement I have ever read. Government education has been responsible for some of the biggest crimes in the past couple of centuries. See Germany in the 1930's or the Soviet Union for the first half of the 20th century for examples of this.

However, reading the rest of your post proves that government education is alive and working here in the U.S.

STOP listening to what the big government is trying to teach you, get out of the house and talk to real people. NOT just your close friends.

Don't rely on the Government for absolute education. People need to understand humans act like humans, and the same goes for institutions run by humans. If the Government is failing to educate, then take it as a fundamental truth that the Government is not the place to turn to for education.

Re:Is it time to thank the enablers?

[causality]

We live in a world with a lot of problems and dangers. We teach about a lot of things and think it's rather natural that those things we don't teach and warn people about will naturally lead to problems related to it. We've got a culture and economic system that *VERY* dependent on the public internet and the use of personal computers. We've got heavy dependence on a very weak and exploitable system. I just have to wonder how bad it has to get before the enablers are finally held responsible.

We've got a culture where people are *VERY* dependent on someone else to hand knowledge to them, even to the point of remaining ignorant of dangers for which much information has been written. I submit that this is the real problem.

Re:Is it time to thank the enablers?

" The spam campaign heavily promotes several pharmaceutical products including Herbal King, Express Herbals, and VPXL. "

Those listed above are the real enablers. They are funding the construction of illegal botnets. They are paying for the delivery of massive amounts of illegal spam. These enablers need to be held both financially and criminally accountable for the result.

Re:Is it time to thank the enablers?

[SirSlud]

How is this a cultural issue? This is life. 600 years ago, you were still dependent on whatever the best information was available on how to spread your sickness or how to build a house without it collapsing on your visitors, or what-have you.

Technology has made it easier to go out and self-educate; it hasn't changed the facts that:

a) you have to be able to discern what is 'correct' information versus 'false' information, even if there is often no actual basis for proving which is which unless you're fairly familiar with the subject matter to begin with
b) if you spent 24 hours a day, 7 days a week reading, until you died, you still wouldn't have learned absolutely everything about every subject which directly affects your life and your interactions with society and nature

One would argue that one of the many triumphs of modern democracy and western institutions is acknowledging the 'general will' of society. This permits organized and hopefully representative bodies such as government and private industry to centralize and specialize in the kinds of information and services we apparently (or more like are forced to) depend on. Of course its not perfect, but that is technology. We have better tools for spreading the word, we have better tools for spreading spam. I really don't understand the desire to paint users as people who should know better. It's not a cultural problem, its simply a matter of practicality. I bet my calc teacher didn't know how to properly firewall his computer off; he was just a little too busy learning and teaching calculus, you dig? Education goes hand in hand with preventing fraud, spam, exploitation, etc, but its rather misguided to blame it on some perception that we're in some golden age of consumers being lulled into technocratic submission.

Re:Is it time to thank the enablers?

[kc2keo]

so... why is this modded funny? I thought this poster made good points and should be informative. Thats what I think...

Re:Is it time to thank the enablers?

[causality]

Being dependent on someone else for your security is a choice you make; it's that simple. It's not some inevitable progression due to specialization. Not being so dependent just means either taking care of things yourself, or seeing to it that they get taken care of (i.e. i'm not a mechanic but that doesn't mean my car runs poorly; if I haven't the skill I find someone who does, as evidenced by results). For some reason with computers people make a half-assed effort, declare it "too hard" and give up.

a) you have to be able to discern what is 'correct' information versus 'false' information, even if there is often no actual basis for proving which is which unless you're fairly familiar with the subject matter to begin with

Are you suggesting that this is a serious obstacle? Have you never researched a topic before? You discern good information from bad by applying critical thinking and by checking multiple sources and by using some good old-fashioned common sense. This takes effort, which is why it's not very popular. Most people seem to want easy answers handed to them, which is nice when available but accepting nothing else is a big reason why there's such a sorry state of network security today. That does not mean in the least that it could not be done or that there's an excuse for why the average person shouldn't have the capability.

b) if you spent 24 hours a day, 7 days a week reading, until you died, you still wouldn't have learned absolutely everything about every subject which directly affects your life and your interactions with society and nature

This is a silly and extreme example; that you had to resort to that actually tends to reinforce the point I was making. It's simple, really. If I don't want to learn the basics of correctly operating and securing a computer, my option is to either not put one on the network or see to it that someone who does have enough understanding takes a look at it from time to time. To buy a computer and place it on the network and then refuse to take responsibility for its security is real nice; when it becomes compromised and attacks other systems or contributes to the spam problem I'm sure everyone will just understand that I couldn't be bothered to do it correctly, right? My equipment = my problem. What's so hard about that?

One would argue that one of the many triumphs of modern democracy and western institutions is acknowledging the 'general will' of society. This permits organized and hopefully representative bodies such as government and private industry to centralize and specialize in the kinds of information and services we apparently (or more like are forced to) depend on. Of course its not perfect, but that is technology.

That there are such specialists is why ignorance is no excuse. The presence of specialists who can handle the job just makes the ignorant user more irresponsible for not consulting one. Do I expect people to be an absolute expert on computers? No. Do I expect them to know when they're out of their element and dealing with what they do not understand? Yes, I do, especially when their failures can affect other people on the network. This is true whether it's computers, cars, firearms, whatever. It's a general principle, and a sound one.

We have better tools for spreading the word, we have better tools for spreading spam. I really don't understand the desire to paint users as people who should know better. It's not a cultural problem, its simply a matter of practicality. I bet my calc teacher didn't know how to properly firewall his computer off; he was just a little too busy learning and teaching calculus, you dig?

Your calc teacher is also aware that he doesn't know how to configure the firewall. He is aware that other people do know how to do this and can either take care of it for him, or show him how. If he's sharp

Re:Is it time to thank the enablers?

[gr8scot]

That is perhaps the single most frightening statement I have ever read. You must be taking it seriously, then. Why?

Re:Is it time to thank the enablers?

[gr8scot]

One would argue that one of the many triumphs of modern democracy and western institutions is acknowledging the 'general will' of society. That is a valid point, but it cannot be understated. The freedom of individuals to decide for ourselves what is most helpful to us to learn in pursuit of our happiness is far more important than any derived benefit of the tendency of collectives to pursue the 'general will.' That is an artifact of collective, institutional recognition of individual rights, and requires no special accommodation to operate, just as the "Invisible Hand" of free economic competition does not require special statutory recognition of corporatist interests.

Re:Is it time to thank the enablers?

[SirSlud]

Are you suggesting that this is a serious obstacle? Have you never researched a topic before? You discern good information from bad by applying critical thinking and by checking multiple sources and by using some good old-fashioned common sense.

Therein lies your hubris. I'm in your shoes. I know what to look for, I know how to cross reference, I know how to consider the source, etc. What you describe as 'common sense' is a skill, whether you think you learned it or were born with it. Many people don't have it, and won't have it. Many people were not born into a family or environment that can supply it. When you say, in so many words, "Know what you don't know," that in and of itself is knowledge that some people don't have. You want to look down on them for that? Its rather cyclical. What if they don't know how to know what they don't know? That is a way of looking at things that is taught, not simply inherent.

You really seem to have no idea what an even slightly determined human being can do. I assure you, if people wanted to educate themselves and take responsibility for their own actions, they would do it and nothing would stop them.

I know very well what determined people can do. They can be very intelligent, capable human beings like you who are totally naive and honestly believe that thousands of years of people going, "C'mon folks, pull yourselves up by your bootstraps!" just needs another decade of repetition until people stop acting like you think they shouldn't.

I also know that determined people can also be compassionate and realistic and realize that from spreading AIDS to spreading computer viruses, from building cars to crashing them while drunk, the solution isn't simply to proclaim that people choose to end up in the situation they're in.

Your calc teacher is also aware that he doesn't know how to configure the firewall.

You're stupid for even claiming that without knowing if it's true. If his network was ever compromised, would your brain explode, or would you have to fall back and say that hes obviously not smart and probably a shitty calc teacher? My dad has a PHD in atomic physics, and his machine has been blown up a few times. You're making a huge mistake. I have no doubts that you're an intelligent guy, but your approach to your fellow human being is more costly to society than your contribution by virtue of your breadth of knowledge.

Re:Is it time to thank the enablers?

[causality]

Therein lies your hubris. I'm in your shoes. I know what to look for, I know how to cross reference, I know how to consider the source, etc. What you describe as 'common sense' is a skill, whether you think you learned it or were born with it. Many people don't have it, and won't have it. Many people were not born into a family or environment that can supply it.

The unstated assumption you are making is that you are either born with something or you are forever deprived of it. This is a faulty assumption and it is not difficult to come up with counter-examples; in fact it is trivial enough that I won't bother. People can and do choose to overcome their environment. I notice one trait that all such people have in common: they don't make excuses for their failures. They take responsibility for their shortcomings and they see themselves as a work-in-progress. They don't just give up and say "oh no, this doesn't come easily, I'll have to work for something, I guess I'm fucked." When I make a mistake (be it computers or whatever), my reaction is to look at why I failed and what I can do to learn from that mistake, what I should have known but did not know. Therefore, either I learn the easy way - by observing other people to discern both why they succeeded or why they failed, or I learn the hard way - trial and error. Either way, I learn; I improve. I find this far more tasteful than playing the victim and acting like I am helpless to do something about it when I am not.

I refuse to just be a product of my environment, and I suspect that anyone who is content to be just another product is missing out on what it means to be fully human, to truly have your own identity and take care of your own education (not to be confused with your schooling, to grossly paraphrase Samuel Clemens). I don't look down on people who can't be bothered with this; it is their life, they may (and must) do with it as they see fit. But I refuse to be their apologist when they make poor decisions and these poor decisions quite naturally yield poor results.

Therein lies your hubris. I'm in your shoes. I know what to look for, I know how to cross reference, I know how to consider the source, etc. What you describe as 'common sense' is a skill, whether you think you learned it or were born with it. Many people don't have it, and won't have it. Many people were not born into a family or environment that can supply it. When you say, in so many words, "Know what you don't know," that in and of itself is knowledge that some people don't have. You want to look down on them for that?

It's a skill that is essential; it's the only effective way to avoid self-defeating behavior that I have ever known. Never confuse "expect better of" with "look down on". You wish to talk to me of hubris? To assume that I am not somehow special or better than anyone else, that therefore they are just as capable of refining this skill as I am, is the exact opposite of hubris. Hubris or any other shade of arrogance would mean assuming that I have reached a level of excellence of which most people are simply incapable, that I am inherently better than them and therefore they will never equal my accomplishments. I find it far more arrogant to excuse mediocrity on the grounds that it's unreasonable to expect anything better from the "unwashed masses."

Methinks that you do believe you are special, and have probably been told this all of your life by well-meaning yet misguided individuals. Yes, that's an opinion and no I cannot prove it, although it does explain this need you feel to be an apologist for people who undertake a task with no understanding and quite naturally get bad results. The common sense that I advocate isn't some grand accomplishment or amazing feat of human understanding. It's an appreciation for simple, self-evident truths and a refusal to overlook them just because they don't say what you want to hear. It is really nothing, certain

Re:Is it time to thank the enablers?

[SirSlud]

that therefore they are just as capable of refining this skill as I am

Nope. Thats hubris, right there, defined.

Jack Black?

[StCredZero]

Or, they could develop a much more robust variant, called the Tenacious-D!

Who cares about the exploiters?

[Idiomatik]

Chasing after security vulnerabilities and hackers is ridiculous. There wouldnt be spam-botnets if you hit the people paying the hackers. Killing a bot or imprisoning a hacker causes a tiny blip. If we charged every company being advertised in the spam the problem would go away. Spam wouldnt be profitable anymore.

Re:Who cares about the exploiters?

[Peturrr]

Somehow I never read about the companies getting questioned for their appearance in spam, even when the company's product is the biggest percentage of all spam sent. Do they all decline involvement?

Re:Who cares about the exploiters?

[Faylone]

Well, from what I've read, the people at the actual companies involved can be totally shocked to learn that they're getting advertised this way, as it happened due to outsourcing of outsourcing of outsourcing of out advertising, when you get that far away, you eventually end up with somebody who doesn't quite care about the companies involved, just that they get their money as easy as possible

Re:Who cares about the exploiters?

[Dirtside]

If we charged every company being advertised in the spam...

...then I could torpedo any company I wanted just by sending out spam with their name in the message.

Re:Who cares about the exploiters?

scary that this got modded insightful.

Re:Who cares about the exploiters?

except it would be rather easy to pay to have spam sent about your competitor....

Re:Who cares about the exploiters?

[Idiomatik]

I understand that of course. But come on, doing some snooping couldnt hurt. If 10million spam mails were sent in the name of company-X there is a decent chance they are involved. But they just arrest the worm maker rather than investigate the companies being advertised. The investigation would catch people doing what you suggested as well. My complaint is i've heard nothing about investigations of this nature.

Spam? What's that?

[Stochastism]

I don't quite get the spam thing anymore. It's solved. Spam is not annoying any more. Just use one of the big free email providers and you get relatively little spam. Even most corporations do a reasonable job with 3rd party spam filters. Sure, you still get it, but it's not annoying if it's a trickle.

Don't want to use a web interface? No problem, just get the free email service to fetch your mail, then download your filtered email by POP or IMAP. Okay, there's only one provider I know that lets you do that for free, but it probably has the best spam filtering too.

So you say all this spam is clogging up bandwidth? Well I bet it's still nothing compared with the bandwidth consumed by file sharing and video web sites. The economics of spam is changing, with fewer results per email sent, and more jail time per email sent, I reckon you'd have to be nuts to be a spammer these days.

Phishing on the other hand.. now that's bad.

Re:Spam? What's that?

[chromatic]

Spam is not annoying any more.... So you say all this spam is clogging up bandwidth? Well I bet it's still nothing compared with the bandwidth consumed by file sharing and video web sites.

I bet you've never run a mail server.

Re:Spam? What's that?

[rakuen]

It's ridiculous to think that mail parsers mean spam is conquered. If it was, then the Mega-D botnet wouldn't have even gotten out the door. Yet it has. Until people are educated to avoid spam, it will never be conquered. And the lack of education is evident because this botnet easily contains a plurality of all spam messages.

Re:Spam? What's that?

[QuantumRiff]

If its solved, why did I just have to spend several thousand dollars of taxpayer money to purchase an appliance to combat spam. Were blocking a few dozen thousand messages a day. We don't give students email addresses, just for the 80 or so full time staff. Being a school, we could have used that several thousand dollars to do something that would enhance the learning of our students, like purchase Photo shop for our labs, Or upgrade some computers, or even gotten a few more Mb/s on our internet pipe. But we had to waste it on a spam appliance (But, I do like barracuda's stuff, it works great). No, the spam is not solved, providers have expended great resources and time to ensure that you don't have to deal with it. Hell, maybe if Gmail didn't have to focus on fighting spam, they could actually implement new features, or just take gmail out of beta already!

Re:Spam? What's that?

[dmsuperman]

Use Gmail. It's an amazing service, plus the spam filters are unbeatable. I never get spam in my inbox, then I just POP it down to my thunderbird, which also has it's own junk filters for if anything were ever to get through the Gmail filters. The only spam I get now is through an email I'm slowly going to websites and changing to my gmail, and once it's gone I won't get any more spam.

Re:Spam? What's that?

[ScrewMaster]

Spam is not annoying any more.... So you say all this spam is clogging up bandwidth? Well I bet it's still nothing compared with the bandwidth consumed by file sharing and video web sites.

It's not? You might lose that bet.

I bet you've never run a mail server.

I doubt he has either. My bandwidth logs show that several hundred megabytes of crap hits my network every day, and that's just what is allowed past the firewall. I don't really know how much other stuff is coming at my IP, because it's blocked. The amount of spam is really unbelievable, though, and it's pretty much just a continuous unauthorized consumption of my paid-for resources that does me no good at all. I also get unending attacks on my FTP and other remote services, constant port scans and worm penetration attempts. All that does is clog my pipe, and eats ISPs profit margins.

Besides, torrents and video sharing sites are services that benefit the end user. Regardless of whether people like the GP believe that people are paying their ISPs enough for them, they don't claim vast amounts of bandwidth in order to sell a few thousand bottles of fake Viag!ka and make a few dozen people wealthy. The cost/benefit ratio of bit torrent is quite a bit better than that of spam, I'd say.

Re:Spam? What's that?

[rakuen]

Yeah, I use gmail too. A lot. But what you and I do doesn't mean a damn thing when there's several hundred people opening these spam messages for each one that avoids it.

Re:Spam? What's that?

[TheSeer2]

Education won't do anything. Quite simply, avoiding spam is a natural skill picked up by those with technical common-sense, the same people who would be able to learn it from being taught so teaching is pointless. For the people that can't pick it up naturally, they're never going to learn because if you're willing to install the fancy "search bar" in MSN Plus, you're not going to learn how to avoid spam.

Re:Spam? What's that?

[SL+Baur]

I don't quite get the spam thing anymore. It's solved. I'll bet that you've never had an important message bounced or misfiled as SPAM and I'm sure you have never run a mail server.

SPAM is the biggest internet problem and has been for a long time and just keeps getting bigger. Whether you see it or not, I guarantee you, you are paying for it.

Re:Spam? What's that?

[totally+bogus+dude]

Just to add to QuantumRiff's sentiments, calling spam "solved" by spam filters is like calling world wide conflicts "solved" by the arms race. Spam is only a trickle for you because many people spend a lot of time/money (and I mean, a lot) developing and purchasing anti-spam software and hardware. This stuff is under constant development to keep up with the latest techniques used by the spammers. This is similar to how the current state of superpower militaries keeps the peace; large-scale wars of aggression aren't viable at the moment. But this balance of power could shift pretty quickly, for example if someone has a major technological breakthrough that they're able to exploit before anyone else.

Even if we are able to keep up the pace of anti-spam technological improvements indefinitely, it's still a massive waste of resources. The spam problem just shouldn't exist. Sure we do get some dividends in terms of research into natural language parsers and the other techniques being used to automatically classify messages, but most of the people doing this could be doing more productive things with their time.

In the end I think it will only be solved when we solve the botnet problem, but it doesn't look like that's going to happen any time soon.

P.S. If you're trying to argue that something is "solved", it's usually a bad idea to also admit that there's only one provider of a viable solution (i.e. pop3/imap spam-free email) in the entire world. That's not a "solution", that's "an invitation to charge us whatever you wish for your service". Also free providers are a bad fit for businesses: using gmail or other free providers for your corporate email address makes your company look a bit cheap; not to mention the privacy issues.

P.P.S. You might find a trickle of spam not to be annoying, but plenty of others do, especially those who are responsible for implementing your so-called solution.

Re:Spam? What's that?

[Eighty7]

Just to add to QuantumRiff's sentiments, calling spam "solved" by spam filters is like calling world wide conflicts "solved" by the arms race.

Well what more do you want? These are the only real solutions. Your analogy isn't perfect because MAD isn't precisely an arms race, but the solutions are similar. You can't force people to submit to some external power that'll enforce peace any more than you can force everyone to switch to $SECURE_OS. I personally prefer a massive waste of resources over the only other alternative which is war - an even greater waste of resources.

I suppose the GP was talking about it from a consumer perspective when he called it a solution. It's pretty fucking good from my end getting free spam-less email. If you're in a business, you're quite free to pay for gmail & encrypt it for privacy.

Re:Spam? What's that?

[PAStheLoD]

There are free software, you know. SpamAssassin and The Gimp for example. And then you can just use that money for something else.

Re:Spam? What's that?

[Khyber]

Gmail has been out of beta as far as I can tell. The only 'beta' stuff about Gmail are the new features being implemented.

Re:Spam? What's that?

SPAM is not a problem. Spam is.

Re:Spam? What's that?

[Smallpond]

If you bought Barracuda firewall, please be sure to turn off bounce messages. Barracuda has the annoying default "feature" of forwarding spam to whoever is listed on the From line. If you don't turn that off you will end up on many blocklists. Errors should only ever be reported to the sending mail server.

Re:Spam? What's that?

[filioni]

In the end I think it will only be solved when we solve the botnet problem, but it doesn't look like that's going to happen any time soon. How about the requirement for PTR-records? This would dramatically reduce SPAM.

Re:Spam? What's that?

[SL+Baur]

I spell it SPAM to avoid infringing on the trademark of Hormel. UCE - Unsolicited Commercial Email never caught on. Your mileage obviously does vary. Actually, I don't really like to call it SPAM, I prefer calling it tofu. I despise tofu, however it is cooked.

Spam and pork in the USA is a problem, but it is a very different discussion.

Re:Spam? What's that?

[guruevi]

I don't know, maybe because you're a sysadmin that thinks spending $$$ is going to help a whole lot. What did you buy? Barracuda? Or another appliance that uses Linux, Postfix and Amavis with ClamAV and SpamAssassin. I just built a system like that for free on top of our current mail server (4y old machine) and the number of mails went down 80% after taking out (rejecting) IP's at the Postfix level using a DNSBL, and some custom rules we're about similar in size with the same purpose (educational). The whole process takes about a day and didn't even require the mail to be interrupted. So far (3 months) no complaints about missing e-mails, no complaints about passing SPAM.

dumb idea #2

[icepick72]

In the case of a large botnet, instead of each security company trying to compete for user downloads (e.g. Symantec, AVG, Kapersky, Microsoft OneCare, etc) they should all get together, make one free download that specifically targets and eradicates the botnet source on the computer (on any OS) and ensure it gets shoved through all the distrubution channels like Microsoft download, Linux package installers, other tool updates, etc. Maybe the botnet is too complicated for this. I don't know the detials. However I know it's within the software companies' reaches to work together in spcial situations.

Re:dumb idea #2

[drspliff]

That would defeat capitalism though, and at the moment I don't think I could trust one big anti-virus vendor knowing the attempts of various governments recently *cough*germany*cough*.

Re:dumb idea #2

[ymgve]

In the case of a large botnet, instead of each security company trying to compete for user downloads (e.g. Symantec, AVG, Kapersky, Microsoft OneCare, etc) they should all get together, make one free download that specifically targets and eradicates the botnet source on the computer (on any OS) and ensure it gets shoved through all the distrubution channels like Microsoft download, Linux package installers, other tool updates, etc. Maybe the botnet is too complicated for this. I don't know the detials. However I know it's within the software companies' reaches to work together in spcial situations.

Something like Microsoft's Malicious Software Removal Tool, you mean? Sure, it's not crossplatform, but really, what other platforms have serious virus problems?

Q about the botnet world

[A+nonymous+Coward]

How much of this is just botnets fighting over the same zombies -- how many existing old botnet zombies get taken over by the new botnet?

Heck, how many actual botnet masters are there? Is this just the same people but with new malware? Is this malware just version n + 1 of the old malware? Or do the same botnet masters have several botnets?

I sure don't know much about these in this kind of sense.

Re:Q about the botnet world

[ShaunC]

I'd venture to say that a nontrivial number of infected hosts are victims of "botnets fighting over the same zombies." By default, the zombie population is a fairly fixed one; PCs whose owners have demonstrated a willingness to click on any random bullshit that shows up in their email. I'd say it's generally accepted that someone who has become infected with Botnet_A is far more likely to become infected with Botnet_B than someone who practices good security behavior. Of course this population is always growing as the number of PC owners increases, and I've seen stats showing that the normal seasonal variations occur... Botnet activity and the number of distinct zombies tends to go up just after Christmas, at the start of spring and fall college/university semesters, etc.

I doubt that Mega-D is version n+1 of some other malware; this is someone new making their entrance into the underground enterprise. A bot herder has no real incentive to develop an entirely new trojan when their existing bot is still effective. Most modern bots have three primary directives: send spam, propagate, and upgrade/polymorph themselves. If something about Storm, for example, is rendered ineffective by AV or antispam products, it's much easier (and cheaper) for the Storm herder to push out a new release of Storm than it is for him to procure a completely new trojan. The ability to detect and upgrade to new builds is an inherent capability of Storm. Why bother trying to deploy something new when you can upgrade what you already "own?"

It's been shown that Storm's herder can petition off groups of hosts into sub-botnets, presumably to be sold or rented to specific customers. They're still technically part of the Storm botnet, though. Smaller players may have a reason to maintain a series of independent, parallel botnets if they find that their trojans don't deploy well. Surely if you're in the botnet business and you can't reach the "market share" of Storm or Mega-D, it would be to your advantage to experiment and diversify. I wouldn't be surprised if many of the smaller, less successful botnets are actually controlled by a handful of people trying to break into the game.

But I guess all of this is just speculation until we actually catch a few of these assholes and learn firsthand how they operate.

Re:Q about the botnet world

[A+nonymous+Coward]

Thanks. I wonder if one of the ways for a new player to get a new botnet off the ground would be to hijack an existing botnet. It makes me think of the Mafia and other gangs, where one of the ways of showing what a tough guy you are is to take over a rival gang. In fact, that may be the only way, i both cases, since the existing gangs and botnets have skimmed the cream along with a lot of the milk. But unlike a gang, where new gangsters can start at the bottom and work their way up by proving their mettle, botnet capos don't need to hire lots of junior apprentices, and without those kind of entry level jobs, wannabe botnet players would have to hone their skills on their own botnets, no doubt helped by observing existing botnets, and then jump in and try to take over existing botnets.

Sure is a curious business. I wonder if someday botnet gangster movies and other cultural references will be as common as the mafia and prohibition gangsters were for so long.

Re:Q about the botnet world

Somehow I doubt that a 'botnet gangster movie' about hanging out on IRC and mailing out spam will be quite as compelling as booze deals and shooting up restaurants.

Re:Q about the botnet world

[ShaunC]

I wonder if one of the ways for a new player to get a new botnet off the ground would be to hijack an existing botnet

This is a curious point. A great deal of effort has been put into investigating the Storm network. We're on the eve of the 2nd Super Bowl in a row that Storm will be spamming copies of itself. It's arguably the longest-lasting and most pervasive malware plague we've ever seen. Hundreds of man-hours have been devoted to researching and reporting on its capabilities. Thousands of man-hours have been spent trying to block its emails. And we can assume that 2 (or maybe even 3) hours have been spent by government officials trying to shut it down.

I suppose a sharp actor hoping to break into the botnet scene may do well to study Storm, and all the public research surrounding it, looking for a way to attack an existing and dominant botnet. To find a vulnerability in Storm would probably be more rewarding than to discover one in Windows itself. Taking control of a massive botnet from its herder is a lot sexier than trying to write and deploy your own trojan.

Were anyone to hijack Storm, I'd certainly wish them the best. The present opinion is that Leo Kuvayev is probably the Storm-master, and it can't be good luck to find yourself the foe of Russians.

Re:Q about the botnet world

You might benefit from reading up on the use of Eggdrop bots within the EfNet IRC network circa the mid to late 90's to get some idea about what such non-centralized networks are capable of accomplishing. I'd venture to guess that there are one or more similar software packages being modified to render the desired results.

I used to participate in operation of one of these botnets in defense of a couple very popular chat channels. There were often multiple networks connected together among groups who had friendly alliances. Features could be added or removed from bots individually. Groups of bots could be sent to retrieve(take-over) a lost channel, or sent into a new channel to help maintain its possession. Bots could monitor activity and provide useful reporting and statistics.

Though I do not recall any specific usage in relation to e-mail, it was certainly well within the realm of the software being used to be able to provide this capability, and we're talking about technology that is nearly 15 years old at this point.

107% of all SPAM!

[StCredZero]

Release a botnet that becomes self aware. Such that, it takes over 100% of all spam production, plus a large fraction of the emails sent by a genuine sentience.

Re:PEBKAC

[Ox0065]

The solution is out there. Have you ever heard someone tell you that

• they must have security updates turned off, because they might break the computer? (This is where your proposal falls down)
• they don't need virus protection, because they have a fire wall
• they can't use passwords, because "what if someone else needed to get on"
• they are perpetually in an administrator account, because right clicking executable & selecting "run as" is WAY to inconvenient
• they are using internet explorer, because their favourite website only works if they allow the world to run unsigned activeX controls
• they are using outlook, because learning how to use any other calendar & task list is IMPOSSIBLY EXPENSIVE. Think of the down time
• their computer takes 30mins to boot up
• their internet connection is slow
• they have regular IT outages costing them WHAT?
• the government & their ISP should do something about these damn spammers
• they didn't have a virus before they spoke to you
• all of the above

Solutions exist. The problem is all the wrong kinds of 'education'

+1

[toadlife]

If spam went away, everyone except for the largest email providers could run their MTAs on old surplus pentium 100s...and mail would flow very quickly.

Re:dumb idea #2.5

[icepick72]

Very good point. Most people I know don't run Windows update, many because their Windows isn't "Genuine" and would likely be disabled. This also leaves my original suggestion in a bind. If Malicious Software Removal Tool (MSRT) could be pushed through means other than the Windows update process then more people might receive it and be vaccinated.

Maybe another company should run an update service for only "critical" situations to push these tools to users without sharing information with Microsoft, assuring users they and their OS are guarded from Microsoft intervention. Just make sure it's in the right hands. If those hands were trusted by Microsoft then it could be built into the Windows OS (unlikely).

Spam is the government?

[Max_W]

I remember a scandal, when British PM Tony Blair bought 2 apartments for times lower price than the market price.

The deal was handled by his associate, the convicted crook, who was the mastermind behind the Herbalife spam. It made me think...

Spam is responsible for the largest part of the Internet traffic. It should make the spammers most influential people.

They are rich, they have an access to all private information on our computers, they can bring down an infrastructure of any country, they can promote any idea.

Could it be that spammers are taking over the world? That they are behind the nowadays PMs and presidents? Can put and take them off at will?

This theory explains it all. The volume of spam, the spread of bot-nets, the Tony Blair case, the constant growths of spam.

Remember Y2K?

[jred]

A lot of people spent a lot of time & money preventing anything really bad from happening. It mostly worked. You don't hear "those IT guys were great about keeping everything from shutting down." Nope, what you hear is "What about all the doom & gloom? Nothing happened!" Well, of course not. We patched everything *before* it broke.

Re:Remember Y2K?

[Fuzzums]

Do I remember Y2K?

No. Not really. What happened then??

gf not impressed?

buy idiomatik dick cream and add 3 inches overnight!

Who is regulating whom?

[Seth+Kriticos]

Just wonder, who is actually regulating whom.. Seems to me, that big companies have more to say, than government, especially in the new technology parts. Not that it matters, the same evolutionary system still works, that brought us here in the last few million years, and it says: until the people don't get really annoyed and bothered, so they actually stop the all day life and say "wait a minute, can't we do anything about it?", the destructive forces grow further. But if I see the right way of history (hopefully not), than the majority will never care, the destructive forces will rip apart the whole system (viral behavior) until the point, where eMail won't be a viable option, and some new communication will follow. Maybe I should buy a pigeon..

sniper rifles

In the end I think it will only be solved when we solve the botnet problem, but it doesn't look like that's going to happen any time soon.

Actually I think a better solution would be to set up bounties and send out teams with .50 calibre sniper rifles. Perhaps that will demotivate these people.

Smart idea #1, & it really does work... apk

Try this:

HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA + make it "fun" to do & quantifiable via CIS Tool:

http://forums.pcpitstop.com/index.php?s=fa2b98dd98aa1a4bfe35daeafd757c40&showtopic=150310

The tools/tips/tricks/techniques it points out aren't ONLY applicable to Microsoft Windows NT-based OS' of today (like 2000/XP/Server 2003 & even VISTA) either, since they also to Linux variants, BSD variants, Solaris & others as well (if only @ times via principals used on the "others").

Using CIS Tool for your "benchmark/gauge" also helps quantify ANY progress made (based on "best practices" for security on each platform the testing tool runs on)... &, it works.

APK

P.S.=> I have a friend (a security guard/PI by trade) who applied its points & used the CIS Tool to take his system from a 46.xxx score, out to a 90.xxx score using CIS Tool's guidance + that posts' other points layered ontop of those from CIS Tool, & instead of turning up his "usual" 200-300 infestations a month? He has only turned up 1 since in the past 6 months or so now, & only because he turned on JavaScript + Frames in his browser & hauled in a trojan (which we killed using the points in that thread no less which are listed with 100% free tools to remove most ANY online infector/infestor there is, nearly EVERY time, IF you 'disobey' some of that posts' points on how to never get them anymore)... apkl

Re:Smart idea #1, & it really does work... apk

[InvisiBill]

I read through those tips recently. They are generally good ways to improve security, but most are beyond the average user. Simply having people use non-admin accounts (with something like SudoWin for easy access to admin stuff) or even using DropMyRights on IE would probably be 90%+ as effective, and it should be a lot easier than going through all those pages of tips.

My biggest issue with those tips is that most things are way beyond the common user's understanding, and likely to cause issues. When someone does run into an issue, they don't have the first clue how to fix it. For example, AdBlock is a much better solution than a hosts file for general browsing. It's a lot easier to understand that */ads/* or *badstuff.com* is being blocked as opposed to figuring out why some random site is blocked due to getting an IP that's listed in some Windows LAN config file somewhere.

My parents and brothers are behind a NAT router using Firefox and Thunderbird with McAfee OAS and have no problems, despite running XP with admin accounts. My PC (also XP with admin account and Fx/Tb and McAfee) scored in the mid 50's on the CIS test linked from the tips, yet I've had no incidents (other than ones I manually triggered). Replacing a few obviously-busted programs with better alternatives and giving a little education will stop the vast majority of these problems.

Re:Smart idea #1, & it really does work... apk

"My biggest issue with those tips is that most things are way beyond the common user's understanding, and likely to cause issues. When someone does run into an issue, they don't have the first clue how to fix it" - by InvisiBill (706958) on Sunday February 03, @04:33PM (#22285070) Homepage Simple: When you DON'T KNOW WHAT TO DO? Don't do anything - ask!

I have to @ times, despite the fact I have been @ this field in total time summation of about 24++ years now... occasionally, I forget stuff I used to know "cold/down pat" from lack of use, but, I realize what questions to ask to get it back... & what is/are my "best friends" there? Search engines, like Google OR AltaVista for example.

(Of course, what I prefer over search engines? The "voice of experience", as do many others... the 'human touch', & what gives ME, THAT? Forums boards, or, sites like this one... people will help you, if you ask questions! It's good exercise for "techies" to field folks' questions on forums is why - practice, makes perfect... unfortunately, perfection is a road, NOT A DESTINATION!)

Congratulations for reading thru it... it takes perseverance, & despite CIS Tool's guidance (which I employed to make it easier on new folks to computing)? It is complex subject material, & I provided URL examples where I could to help folks out, as best I could.

I see you tried it, you can & will go farther on it, IF you ask questions of the folks out there that helped me (like the folks @ Belarc Advisor, & other sources (such as Ms Tech Net & the Knowledgebase @ MS & other sites).

APK

P.s.=> Adblock has 1 problem - it's "ISOLATED" to 1 family of browsers - the Mozilla flock! HOSTS extend across & protect ANY browser you have... & as to replacing "busted programs"? DO NOTE, I point out the security merits of say, Opera (especially this one) & Netscape, over FireFOx even, and certainly, IE.

On offering your tips on being safe behind your perimeter defenses? My post covers THAT, with folks I have to get out of "virus/trojan/spyware" etc. et al jams, daily... they too, believe a "firewall + antivirus" is enough, & MOST "security gurus" believe in a "layered security" approach, & with GOOD REASON - the folks I have to bail out everyday on the job find out for themselves, which "end is up" when I have to prove to they their std. defenses failed they... hence, why would I be fixing them up daily? Sure, there is "common sense" & luck too, to some extent in avoiding bad sites & what-not, as well as common sense... but, layered security is the way, & that URL of mine gives you that.

I am glad you took a read of it, & you went a GREAT DEAL of the way into it, judging by your reply... I tried to make it "simpler" for the avg joe out there, CIS Tool helps in that respect... the rest?

Sometimes, no matter "how good/great you are"? None of us, KNOWS IT ALL, but... you have to have the common-sense to ask sometimes, & several doctors opinions is the way to that... preferably, reliable sources ones (which I use extensively thru that post mind you)... apkl

Re:Smart idea #0 & it really can't fail

Install a brain on those users.

Seriously, the problem is awareness. Of course the user could decrease his/her chance of being infected if he/she adopts good security practices, but the fact that users are not is exactly the problem. The GP's point is that Microsoft is in a position to shove anti-trojan programs (if even specifically targeted at a few versions of popular botnet trojans) into all its users' throats, and thus instantly relieving some of the spam problems.

But why am I replying to a slashvertisement anonymous troll anyway :-/

Re:Smart idea #0 & it really can't fail

"nstall a brain on those users. Seriously, the problem is awareness." - by Anonymous Coward on Sunday February 03, @11:54AM (#22282804) Exactly - which is what that URL in my first reply, is all about...

"Of course the user could decrease his/her chance of being infected if he/she adopts good security practices" - by Anonymous Coward on Sunday February 03, @11:54AM (#22282804) Absolutely they can, & the evidences noted not only by myself above in my pal's successes using it, but also those from forums w/in the URL itself, clearly evidence your statement, for me...

"but the fact that users are not is exactly the problem. The GP's point is that Microsoft is in a position to shove anti-trojan programs (if even specifically targeted at a few versions of popular botnet trojans) into all its users' throats, and thus instantly relieving some of the spam problems." - by Anonymous Coward on Sunday February 03, @11:54AM (#22282804) Exactly - placebos. "There is more money in temp. fixes, than there is in the cure - keep people 'sick', & give them a palliative, instead of an outright cure or preventative"... & 1 oz. of PREVENTION > 1,000's of "CURE".

APK

P.S.=> "But why am I replying to a slashvertisement anonymous troll anyway :-/" - by Anonymous Coward on Sunday February 03, @11:54AM (#22282804) Well, I can say that same in - "Why am I replying to another 'A/C' here?"

Man - Labels?? They're stupid... & overly "generalizing"... apk

What's done is done...

[Skeet112]

The real problem here is identifying the problems before they even start, which is in essence, pretty impossible to do with our current technology, and could even violate some legitimate rights. As far as I'm concerned, currently, it's pretty easy to spot a scam/bot-net spam as it is. Usually they'll come out with the e-mails/spam stating... "You have xxx time to reply!" ", this is your final notice!" ", get your prescription Xanax at discounted cost!" "You have $800,000 in cash to claim! Click HERE!" The other way to spot these spam messages as a scam is to look at the wording. Generally, a scammer/bot-spam will make spelling mistakes, make websites that are similar but EXACT to legitimate ones, and ask you for your social-security number or bank account information. You should NEVER EVER click, or reply to these e-mails. What scares me is when these bot-nets are designed to draw user-specific information from the person/s they are being sent to. Lets say you have a bank account as bank. If a bot-net were ever able to actually find this information, then pose a scam or e-mail closely mimic something that ACTUALLY applies to you as a person, and has relevancy to your current everyday life... then that might be something to be feared. I guess the major points of this would be to just protect yourself from these scams/botnet: 1. Use you're common sense. If you have no idea what it's about, then it's likely not legit. 2. Look for spelling errors in e-mails and messages. Legitimate cooperations usually hire literate people these does, and spell check is a COMMONLY used tool. 3. Don't be an idiot... Get Spyware, Firewall, and Antivirus protection. If you don't know how, consult some IT Specialists... or the plethora of geeks that surf Slashdot. Cheers.

Joe Jobs

[Walter+Carver]

And how about Joe Jobs? Companies would try to kill each other by doing Joe Jobs.