Slashdot Mirror
New Massive Botnet Building On Windows Hole
CWmike writes "The worm exploiting a critical Windows bug that Microsoft patched with an emergency fix in late October is now being used to build a fast-growing botnet, said Ivan Macalintal, a senior research engineer with Trend Micro. Dubbed 'Downad.a' by Trend (and 'Conficker.a' by Microsoft and 'Downadup' by Symantec), the worm is a key component in a massive new botnet that a new criminal element, not associated with McColo, is creating. 'We think 500,000 is a ballpark figure,' said Macalintal when asked the size of the new botnet. 'That's not as large as some, such as [the] Kraken [botnet], or Storm earlier, but it's... starting to grow.'"
ISP action is definitely appropriate. If they can tell who is using torrent software, they should be able to tell who is sending spam and which machines are part of a botnet.
Filtering/quarantine at this level is like shooting down a scud missile on the way up instead of on the way down.
Bigtime Consulting - "We're the best because we cost the most"
Auto-update is really annoying, especially if you don't have a very good connection. Its one of the first things I disable when I do a fresh install of XP.
Not sure why this was modded funny, as this seems to be far and away the predominant mentality of windows users...
http://www.zombieapocalypse.tv/
"Some think they know better what updates to install than Microsoft suggests."
When updates stop breaking other software, and Microsoft stop bundling DRM as 'critical updates', then I suspect people will start trusting Microsoft to tell them what updates to install.
Personally I like to see what Microsoft are doing to my computer before I install it.
What if I buy a rosebush and plant it in my garden, then somebody uses it to deface little kids and old ladies with its thorns? Am I kinda liable for that?
Is a computer more like a gun or a rosebush? I guess that depends on whether it is running Windows or Linux.
Computer to 'Some simple concept' analogies are stupid as hell. Get over your elitism. Most people don't understand the first thing about computers, and they don't have to. Just like most people use a TV, VCR, whatever, without any clue how it works, they just use it to play movies. Blinking 12:00.
Your analogy fails because leaving a gun out is gross negligence. It's a dangerous thing, and that's fairly obvious. A computer isn't. I suppose an argument could be made that computers are dangerous. It would be quite a stretch though. In that case there should be mandatory licensing to operate one, you know... like a car. But there isn't. So, either make the argument that computers are dangerous and should be controlled (and make sure you understand the actual ramifications of that argument), or stfu and realize that no, most people don't understand Computer Security or why it's important, and they never will.
And then, as an expert in the field, learn that you aren't smarter than mom and dad using their computer, you just have a specialized skill set. Most nerd kids like prolly half the slashdot crowd are or were.. started out with computers coming naturally to them. It's easy to assume then that it shoudl come naturally to everyone. And when you see it doesn't, your first reaction is that something is broken in them. After that nerd grows up a bit in the world, that person learns that no... they aren't idiots. We just have an aptitude for something that others don't. And that doesn't make them dumb. They probably have skills we don't. Say... socializing for example. So my guess is your (and all those who always come to slashdot posting the same song and dance) maturity level hasn't quite evolved yet.
And to not be elitist myself... I can admit I was once the same way. I grew out of it, as will you. :)