Slashdot Mirror
Fears of a Conficker Meltdown Greatly Exaggerated
BobB-nw writes "Many have been worrying that the Conficker worm will somehow rise up and devastate the Internet on April 1. These fears are misplaced, security experts say. April 1 is what Conficker researchers are calling a trigger date, when the worm will switch the way it looks for software updates. A 60 Minutes episode about the worm on Sunday will stoke concerns. But the worm has already had several such trigger dates, including Jan. 1, none of which had any direct impact on IT operations, according to Phil Porras, a program director with SRI International who has studied the worm. 'Technically, we will see a new capability, but it complements a capability that already exists,' Porras said."
Maybe I'm wrong here, but doesn't it make more sense to get everyone trying to fight this virus/bot/whatever early rather than wait?
After April 1st, this thing will be drawing from more domains than can be blocked for future updates. It sounds like it'll be much more entrenched and difficult to combat if that happens. So this advise sounds a lot like 'Well, the gangrene has spread from your foot up to your knee, but it's not a problem'.
Knock the last 4 words off of that, and you are right, keep the last 4, and you are a troll.
Windows is generally ill equipped by default, and because of its population density is a larger target, but a huge part of the blame is the ignorance of it's users.
The last virus I had that did any damage to my personal files, or necessitated a reformat, was 7 years ago, the last one that did any sort of "hostile" act was Blaster, which took about 3 minutes to fix.
Pay attention to where you are going, and you wont fall off the road... If You Walk Without Rhythm, You Won't Attract the Worm...(lol had to)
Seems like Windows Update is always failing with random errors. Maybe MS could buy up this technology to fix their own? ;)
Current Windows inherited most of its security problems from DOS and Win16. In fact Windows XP was the first "home desktop" Windows (given 2000 was marketed for office use) to use memory protection at all. Prior to that a process could read/write anywhere, which effectively meant there was no security of any kind.
And since most applications require administrator access to run at all, including most server applications, even having memory protection is reduced to the effectiveness of chewing gum. With administrator access, any application can insert itself as a shim into any other application.
Then even when you do narrow down to the few applications that run with pure user access, and run that way all the time, there are plenty of privilege escalation holes to get that administrator access back.
It's swiss cheese from the ground up. Users cannot be expected to be tech geeks just to be basically secure. Certainly if they run an untrusted binary, their personal files are forfeit, but by no means should that be allowed to spread to the whole system (of potentially thousands of users) nor the whole network via server software running as administrator.
Sam ty sig.
If everyone were using something else. Lets say linux or OSX Then whe worms would be tailored for those environments.
I'd like to see a worm tailored to my custom-compiled hardened 64bit gentoo. Linux is not a monoculture, only in source code form. You cannot target it the way you do windows.
I'd like to see a worm tailored to my custom-compiled hardened 64bit gentoo.
If you would read, once more, the post that you quoted, you might notice that it says "If everyone were using something else, such as Linux or OS X." Allow me to define "everyone" for you.... "everyone" is a pronoun meaning "Every person; everybody." "Everyone" cannot custom-compile their own Linux kernel with security in mind. "Everyone" cannot even custom compile their own kernel, period.
The grandparent said that Linux and OS X are a poor choice for a botnet because they are in the extreme minority, but if one were to ever become the majority, black hats would write trojans for that OS. I can assure you that if Linux were to become the majority of the OS market, there would only be a small handful of different compile configs used for 99% of those computers (much like Windows)... none of which would be custom for specific hardware or have extreme security in mind.
tl;dr you completely missed the point
Indeed.
The same year that is the "Year of Linux on the Desktop", will also be the "Year of Malware on Linux". Computer crime is profitable, and if Linux were to dominate the market, then it would definitely be targeted.
Maybe malware will be _slightly_ less prevalent than currently (and profits slightly diminished). But Linux (and OS-X) aren't so much more secure than Windows that they would be invulnerable to the hordes of clueless users/admins that "Year of the Linux Desktop" implies. The huge majority of Windows pwnage has the root cause "operator error".
Sure they did. Their users and those users expectations.
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
You mean having 10x users would reduce the number of different configurations? I don't know what you're smoking, but give me some.
Actually, it would probably be safe to assume that it would. Mass take-up of Linux would either require or force standardisation, and with that would come a form of 'same-ness' that would be open to attack.
That is, assuming that EVERY last computer user is running the exact same distro and the default programs on it...
If you create a worm that targets Pidgin, well then the Kopete users are safe (so long as Kopete doesn't share that very same flaw). That's the thing about Linux, each environment is too different. This makes mass-scale infections like this a bit more difficult to accomplish. Not to mention Open Source tends to have fewer exploits overall.
Security by Obscurity is a myth. If it wasn't, then why are Windows servers compromised much more often than *nix based ones, even though they're the minority?
Please oh please stop with the FUD. Security is not equal to the number of "critical" vulnerabilities you fix every week, regardless of what certain parties would like to say otherwise about it.
While what you say is technically true, (no OS is completely immune to malware) Linux simply has more hurdles that malware must jump over before a system can be infected. (people typically not running as root, fewer ports open, most software coming from "sterile" sources like official repositories, etc.) At least one of these obstacles is usually enough to stop most infection attempts before any damage is done. However, when users get lazy or careless and bypass these lines of defense, infection is possible if there is a type of malware able to exploit the opportunity at that exact moment.
"It is a denial of justice not to stretch out a helping hand to the fallen; that is the common right of humanity."
They might try to tailor their junk for these environments, but it's like the difference between a normal car (windows) and a car coated with teflon with a motion sensing machine gun on top (OSX/Linux), with the worms/viruses/malware being a type of graffiti paint.
Graffiti will stick pretty well to a normal car (and if you tend to stop in the more seedy parts of town than others, you have more of a chance of having your car "tagged" too), but it's not going to be very effective on the teflon coated ones and the owner is going to have to be silly enough to log in as root to disable the guns so the criminals can get close enough in the first place.
The argument that the reason why windows is being attacked is because it has a majority share is an ass backwards way of thinking about the issue.
Windows is targeted because it's "security" is inherently flawed, it's security isn't flawed because it's being targeted. The fact that it has a majority share is just an added bonus for these people, but it has nothing to do with the underlying problem, (though it certainly does help the problem grow by orders of magnitude).
I'm reminded of Dan Dennett's Ted Talk where he insightfully points out that, we don't like chocolate cake because it's sweet, it's sweet because we like it.
Another way of looking at it is like this... Houses aren't unoccupied, unalarmed and filled with artwork, expensive stereos and silverware because someone wants to break into them, someone wants to break into them because they are unoccupied, unalarmed and filled with artwork, expensive stereos and silverware.
If OSX or Linux took a majority share of the desktop, the problem wouldn't shift like you are thinking it would. Granted, there would be an uptick in attempts and there will inevitably even be a few holes to patch up that were previously unknown, but there certainly won't be an equivalent to the 100,000+ viruses that exist for Windows.
Also their applications, and their applications and programmers' expectations... which needless to say are extremely (cough*AdministratorALLTHETIME*cough) insecure.
Boot Windows, Linux, and ESX over the network for free.
Though I'm also a Linux user, that's a huge pet peeve of mine from back when Mac users were like "lawl no viruses 4 me!!" Great, you use Linux. Don't need to be so pompous about it.
Why are we discussing Windows/Linux/OS X preference at all?
If you want a system that's not vulnerable to Conficker, Koobface, Torpig, Storm, Antivirus 2009, Bitfrost, Sasser, MyDoom, Sober, Sobig, Welchia, Blaster, Nimda and Code Red, you need look no farther than "anything that's not Windows".
Help stamp out iliturcy.
If some fuckwit walked up my street with a hammer smashing car windows every day, then destroying the hammer would certainly help the economy.
Destruction of property is helpful for the economy if the property is doing more harm than good.
So anyone who says "Oh, I can keep my machine virus free" - whoopdefuckingdoo, so what, so can I. Most people can't, and it's because Microsoft can't write a decent *secure* fucking operating system to save their stock options.
Most people can't because keeping something secure requires a security mindset that most people can't/don't/won't adopt. These are the same people that hold a security door open for a waiting "delivery man", leave their spare house key in the obvious fake rock, answer telephone surveys with all of their personal info, etc. It has nothing to do with the OS. I've had to teach some _smart_ people running Linux why downloading random .rpms/.debs/binaries is a bad thing.