Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fears of a Conficker Meltdown Greatly Exaggerated

Posted by kdawson on from the joke's-on-us dept.

BobB-nw writes "Many have been worrying that the Conficker worm will somehow rise up and devastate the Internet on April 1. These fears are misplaced, security experts say. April 1 is what Conficker researchers are calling a trigger date, when the worm will switch the way it looks for software updates. A 60 Minutes episode about the worm on Sunday will stoke concerns. But the worm has already had several such trigger dates, including Jan. 1, none of which had any direct impact on IT operations, according to Phil Porras, a program director with SRI International who has studied the worm. 'Technically, we will see a new capability, but it complements a capability that already exists,' Porras said."

3 of 143 comments (clear)

  1. Re-possitioning is a good thing? by Felix+Da+Rat · · Score: 5, Insightful

    Maybe I'm wrong here, but doesn't it make more sense to get everyone trying to fight this virus/bot/whatever early rather than wait?

    After April 1st, this thing will be drawing from more domains than can be blocked for future updates. It sounds like it'll be much more entrenched and difficult to combat if that happens. So this advise sounds a lot like 'Well, the gangrene has spread from your foot up to your knee, but it's not a problem'.

  2. Re:If only... by setagllib · · Score: 5, Insightful

    Current Windows inherited most of its security problems from DOS and Win16. In fact Windows XP was the first "home desktop" Windows (given 2000 was marketed for office use) to use memory protection at all. Prior to that a process could read/write anywhere, which effectively meant there was no security of any kind.

    And since most applications require administrator access to run at all, including most server applications, even having memory protection is reduced to the effectiveness of chewing gum. With administrator access, any application can insert itself as a shim into any other application.

    Then even when you do narrow down to the few applications that run with pure user access, and run that way all the time, there are plenty of privilege escalation holes to get that administrator access back.

    It's swiss cheese from the ground up. Users cannot be expected to be tech geeks just to be basically secure. Certainly if they run an untrusted binary, their personal files are forfeit, but by no means should that be allowed to spread to the whole system (of potentially thousands of users) nor the whole network via server software running as administrator.

    --
    Sam ty sig.
  3. Re:If only... by Anonymous Coward · · Score: 5, Insightful

    You mean having 10x users would reduce the number of different configurations? I don't know what you're smoking, but give me some.

    Actually, it would probably be safe to assume that it would. Mass take-up of Linux would either require or force standardisation, and with that would come a form of 'same-ness' that would be open to attack.