Slashdot Mirror
In Test, Windows 7 Vulnerable To 8 Out of 10 Viruses
As Windows 7's market share passes 3.6%, up from 1.9% the day before launch,
llManDrakell notes an experiment they did over at Sophos. They installed Windows 7 on a clean machine — with no anti-virus protection — with User Access Control in its default configuration. They threw at it the next 10 virus/worm samples that came in the door. Seven of them ran; UAC stopped only one baddie that had run in the absense of UAC. "Lesson learned? You still need to run anti-virus on Windows 7."
Anyone who uses any computer (including Mac AND Linux) without anti-virus is asking for what they get. Especially with the number of good free anti-virus programs available for Windows, there is no excuse not to have one either way. I use Avast Home Edition. It's free (just registration required), fast, and small-footprint. Even if 9/10 viruses would be blocked by UAC, an anti-virus program that blocks the last one is worth it.
I don't think Microsoft ever claimed you wouldn't need to run antivirus did they? Besides, it would hurt their virus scanner market share.
Is this supposed to be a surprise?
For one, they watered down UAC. Second, UAC won't do anything if the virus simply attaches itself to your user account, instead of the whole system. UAC is supposed to help keep malware gaining admin rights and infecting your system, not to stop it from running.
Next you'll be telling me that 8 out of 10 people who have unprotected sex with HIV-positive, syphilitic, sore-encrusted prostitutes will contract some sort of venereal disease.
They could have at least tested it with Security Essentials . . . it's freely available to Windows users.
So, for (1) Windows 7 is very similar to Vista, with a lot of code reuse, and (2) the people who develop viruses target *almost exclusively* windows, so how would the need to run an antivirus on a new version of windows ever be something you would doubt?
~dijjnn
Talk about stating the obvious! MS themselves recommend running anti-virus on windows 7. http://www.microsoft.com/windows/antivirus-partners/windows-7.aspx
Windows 7 had 1.9% market share before launch?
You call this a test worthy of coverage here? The guy don't even state whether he's using 32-bit version which I suspect is the case. This won't happen on 64-bit Vista/7.
""Lesson learned? Don't run Windows 7."
Oh, wait, that would challenge the iron law of commercial software reviews, of not considering alternatives.
I am officially gone from
"The next 10 samples that came through the door". 8 out of 10 zero-day windows viruses infected an unprotected machine? The most surprising thing to note out of this is that two of them failed right out of the box. The calibre of virus writers isn't what it used to be if they're not working on launch day.
"The true measure of a person is how they act when they know they won't get caught." - DSRilk
So 8/10 viruses don't require administrator permissions and conform to Windows development standards. If only the rest of the software industry had such high standards.
So which version of Windows 7 was tested? TFA does not specify. Was it X64?
For those of you as confused by the numbers as I was:
-Only 8 of the 10 successfully ran on Windows 7, the other 2 failed to even start
-Of the 8 that successfully started, 1 was blocked by UAC
Was the Windows Firewall up? If not, how many of these viruses would've made it through the default Windows Firewall settings? Or were these all of the "double click this attachment" variety?
On your successful slashvertisement. But Slashdot was the wrong target for it.
New tests show that software written for Windows runs on Windows! Copycat studies have also shown conclusively that software written for Macs run on Macs and software written for Linux runs on Linux! More at 11.
At least it proves that windows 7 is backwards compatible. (Or is it the same code with some new jacket on?)
It's all the user. I run without anti-virus and the last virus I got was in 2004. Just keep a firewall and don't go to random websites and download sketchy files.
Er, still.
I'm running several macs, both at home and at work, and the only time I've ever run an anti-virus on any of them was at the request of my ISP last month - there was a report of a virus originating from my home IP address. I downloaded and ran the latest ClamAV, and of course there was no virus on the machine, it was a spoofed IP address...
Over the past 5 years, that's the only time I've ever run a virus check. It came up with 0 viruses. I conclude that the likelihood of me getting a virus on a mac is still small compared to my XP box, which every time I run a virus check flags *something* new as wrong/suspicious. Sometimes I can even tell if the something is innocuous or dangerous...
Slashdot likes to say that anecdotal evidence is meaningless (which of course it is), but when a sufficiently large collection of anecdotes all say the same thing, we call that consensus. The general consensus is (I believe) that Macs are a lot less likely to be infected than Windows boxes, so your 'Anyone who uses any computer (including Mac AND Linux) without anti-virus is asking for what they get' statement is in fact news to me.
Simon
Physicists get Hadrons!
Were these run on an administrator account? Also what does 'run' actually mean? Does it mean that the viruses performed their full function or just that they were allowed to run but didn't cause any real damage to the OS? I would be interested if the viruses could still cause OS damage with UAC enabled on a non admin account. The article doesn't do a good job of answering any questions. The articles goal seemed to be to grab headlines.
So...what's the best anti-virus software for Windows 7?
When you posted:
-Only 8 of the 10 successfully ran on Windows 7, the other 2 failed to even start
I read it that two of the ten systems loaded with Windows 7 failed to boot. I should really have given MicroSoft more credit than that.
myke
Mimetics Inc. Twitter
3.9%.
Three ... ... ...
point
nine
percent.
That's almost thirty nine per thousand!!!!
Take that, linux! Mwwwwahhahahahaha!
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
The One And Only Solution, kids, is to only run executable code you can trust.
I don't have the time to discuss what this entails, but I can start you off with one source of software you definitely can not trust...
"Most people, I think, don't even know what a rootkit is, so why should they care about it?"
Did the account set up on Vista / Win7 have an administrator role, or was it a "normal user" account? By not disclosing that, Wisniewski is only giving us half the story.
!#@%*)anks for hanging up the phone, dear.
So in Vista, UAC had only two settings: On and off. When it was on the system functioned with real separate privileges. You had to escalate to perform administrative actions. Ok well people bitched and whined and bitched and whined about that since you had to do it for things like changing file permissions or accessing system control panels. Thus Microsoft relented and watered it down for 7, having two settings in between on and off. It is set to one of those by default. More or less it asks for permissions for a program trying to get admin access, but not a user initiated operation.
A machine without AV is vulnerable to viruses!
News at 11!
Talk about a useless piece of FUD...
Windows 7 won't have any of the security issues that plagued previous versions.
You can trust me on that.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
No shit.
I'm sure any other Windows OS shortly after launch is susceptible to many viruses as well.
Viruses use security holes to get onto PCs in the first place - once the virus is running on the PC, it's got free reign. There can be absolutely no security vulnerabilities on a system and the virus usually still do what it wants if it's preloaded onto the system.
You don't need administrative privileges to do many things that viruses want to do (eg. send mail, monitor keypresses). They ran the test by loading the virus onto the machine, then letting it execute. That doesn't demonstrate that the system is full of holes - it demonstrates that the system is very good at backwards compatibility!
nice score, with SP1 they'll aim to 10 out of 10 - 100%
nop, nop, nop #VBLANK
Badda bing...
If you're not checking, how do you know you're virus-free?
is the biggest security hole yet the greatest strength of any OS/Software. If virus writters had to rebuild for a new OS/Software each time it came out...they would almost always have to start over every time from scratch. There are still viruses from the Win95 days that will still infect XP SP3 machines (not sure about vista/7). So surprising...no...not in the least.
They could have at least tested it with Security Essentials . . . it's freely available to Windows users.
And yet the post at the Sophos blog says: "On October 22nd, we settled in at SophosLabs and loaded a full release copy of Windows 7 on a clean machine. We configured it to follow the system defaults [emphasis mine] for User Account Control (UAC) and did not load any anti-virus software." The point is that they installed Windows with the defaults like 99.999% of the users out there would do.
My mom is probably a typical Windows user, and when she eventually installs "the new Windows", I'm willing to bet she'll just go with the defaults. Because it's easy. So if the default install of Windows 7 doesn't include & configure Security Essentials by default, then this test reflects what real users will see.
Sure, they could have done a followup test to install Microsoft's Security Essentials, then see how that would have fared with the same 10 viruses. But these guys sell their own anti-virus software, so I don't really expect them to take the extra step.
Of course it'd still run viruses. Can you imagine the kind of anti-trust allegations that would be thrown at Microsoft if suddenly nobody needed anti-virus? lol.
I went to TFA (the fine article, in this case) and it made perfect sense. Windows 7 isn't virus compatible in 2 cases. In another case, UAC actually works as expected. I was actually a bit depressed that the other seven 'old' viruses worked just fine. Like some other slashdotters, home is OS/X and Linux, but I still have to go to work and put up with servers and workstations that halt when the virus checker goes off. This is at least as bad as the garbage collector delays of early Java.
Think global, act loco
Somewhat common sense real life lessons dont work in the same way when you talk about software. Ok, shooting yourself in the right foot hurt, but maybe the problem is the foot you picked and not that you shoot yourself, so put a bandage that could make it a bit less painful and, keep shooting yourself that the problem is definately not there, maybe shooting in the other foot, arm or head wont hurt at all.
In other news, running "sudo rm -rf /" as may cause migraines in up to 90% of linux administrators.
XML is a known as a key material required to create SMD: Software of Mass Destruction
Slashdot should have a Wall of Shame for programs that are like this.
Kodak Easy Share is my pick.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
Seriously, this guy is almost pathological in his determination to distribute as much FUD as possible about Windows.
Taco: Fire this retard. The stuff he posts is NOT news for nerds. It is thinly veiled, and ineffective, smear pieces. Real stories about OS problems are interesting. Kdawson's FUD isn't.
I demand 100% backwards compatibility damn it!
In one of the more detailed reviews (perhaps Ars Technica?) they mentioned that to keep the UAC warnings down, they let some actions taken while running as administrator proceed without an alert unlike Vista... so UAC basically has its own bypass.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The only reason people get viruses on Windows is because they steal it!
http://news.slashdot.org/story/09/11/02/2342258/Microsoft-Links-Malware-Rates-To-Pirated-Windows?art_pos=20
It's simple; they must have been testing with a pirated copy of Windows 7!
I haven't used any antivirus software for about 8 years too, and I haven't had a problem. How do I know? Everything works fine and running an online scanner finds nothing.
In my experience online scanners do a pretty reasonable job. I like Trendmicro's housecall http://housecall.trendmicro.com/
Antivirus software vendor has reached the conclusion that you still NEED antivirus software.
so why the hell do you need AV software to confirm you have a virus, I can do that myself with:
Autoruns
Process explorer
And for the real bad ass rootkits there was this little app somewhere, o god linux has made me windows numb
but in short, AV software isn't arcane magic, you can check it your self, and it isn't tedious.
Windows = Lots of viruses and lots of software
Mac/Linux = No viruses and no software
Take your pick.
This article is not saying Windows 7 is insecure. You couldn't even come to that conclusion if you look at what they did. They ran untrusted code known to contain viruses on a Windows 7 machine. UAC only blocked those that tried to perform administrative tasks, which is what its job is. They did not try to do remote infection.
I could write a virus attached to an executable that deleted your favorites file or all of the documents in your user's document folders. This would still be a nasty virus and would not be classified as an administrative activity, thus not triggering UAC. This would not indicate any flaw in the OS or it's level of security. This is no different from any other platform, running as admin or not, if you run untrusted code, it will be able to do anything your logged in user can do.
The point of the article is that people should not pretend UAC *is* virus protection. Microsoft doesn't market it as virus protection, and people shouldn't be under the impression that UAC prevents viruses from running.
now microsoft offers 'security essentials' virus protection is essentially a plug-in to the system. testing it without the plugin is a bit like checking the robbery rate of a house with an installed alarm system which is turned off for the test.
It could also just as easily read: "Two out of every ten virus writers deploy their work without testing it first."
I have a question.
I have read arguments that antivirus is essentially blacklisting, and that blacklisting makes no sense for security. If you run an exclusive club, you make a list of who IS allowed in. You don't try to list everyone in the world who ISN'T allowed in.
The argument say that the same should be true of programs - instead of trying to keep an up-to-the-second list of all 5 trillion viruses in the world, why not keep a list of the 50 programs that SHOULD be allowed to run, and assume that anything else is bad?
This makes logical sense to me, but (apparently) it isn't done. I assume it's much harder than it sounds. Can anyone explain this?
Only simple minded idiots think Mac's dont get viruses.
... couldn't find sufficient system resources to run?
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Microsoft has already limited the CPU cores and speed along with limiting max RAM installed on Netbooks running Windows 7 Starter so this is gonna hurt. Now that it's been proven they need anti-virus running too we'll have to see what kind of performance comparisons with Linux are going to get scripted for Microsoft. The big question should be what anit-virus software is running during the tests.
So, if the hardware people want out of the limits set by Microsoft then they will need to pay for the full version of Windows 7 too. That means higher hardware costs due to the need for increased performance to run Windows 7 safely and the higher cost of the OS. Another nice move pushing people to Linux Microsoft.
LoB
"Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
Lesson learned: don't execute random questionable crap on your computer and you can almost certainly live without AV.
... you can use your preferences to choose which authors you do or do not want to see stories from. If you dislike KDawson's choice of stories so much, you can opt to not display them. Hell, you have a lower UID than I do, and this feature has been available for the entire time I have been a member here. Why you don't know about it is beyond me; why you opt not to use it is even more of a mystery.
Or you can just continue trolling. The choice is yours.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
this is all Sophos advertisement, any OS will run code if user wants to do it under local previliges. UAC will not block changes unless admin rights are requested by the code.
Sophos have not specified how they tested it, and whether the infection happened on the fly or they downloaded the code and executed with local rights
http://www.microsoft.com/Security_Essentials/
Problem solved. I bet Microsoft would have loved to bundle this in, but Symantec, McAfee and the other A/V vendors would have screamed Anti-Competition!, but now they just complain about viruses running on windows 7. Microsoft can't seem to win either way on this one...
In all fairness, he also distributes FUD about Macs.
You still need to run anti-virus on Windows 7
There's a classic example of abductive reasoning. I do not have to run anti-virus on Windows 7 because I don't, nor do I ever plan to run Windows 7.
Yes, even Mac and Linux need (and regularly run) anti-virus software... If the role demands it.
Grandma running a Mac to check her email and (gah!) facebook will likely never need it.
Linux running a mail server absolutely needs to have and run it. It would be downright irresponsible not to, regardless of whether the Linux server was vulnerable to any of the viruses coming through or not.
and to also throw in my "who is surprised by this?"... You mean to tell me that they are surprised that windows software, written to specifically take advantage of a "feature" of windows, still runs on the newest version of windows, which is only minimally different from previous versions of windows, and was written specifically to remain as compatible as possible with previous windows software?... Hmmm
You won't hear a lot about virus problems with Windows 7 at Lifehacker. Just about everybody over there who says bad things about Vista In Lipstick...sorry, I mean Vista SP2...damn, happened again...WIN7, gets their commenting privileges yanked.
I imagine one of their little contests in the next week or two will be encouraging their pet Win7 lovers to vote on the best on-line anti-virus scanner.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
I'm guessing only 8 out of 10 apps work too.
"We blocked 20%! Woo Hoo! Next stop Windows 8 and 21%!"
Even if 9/10 viruses would be blocked by UAC, an anti-virus program that blocks the last one is worth it.
Thing is no AV program gets every virus. Like UAC they get most but not all.
Falcon
Should there be a Law?
Only simple minded idiots think Mac's dont get viruses.
Are you saying Macs running OS X can get viruses? Because it's obvious that Macs running windows can get them.
If you are saying OS X viruses exist can you give a few examples? I've never seen or heard of such a thing.
"Lesson learned? You still need to run anti-virus on Windows 7."
Or you could start by turning up the UAC level.
People complain that UAC in Vista was too intrusive, so MS turned it down by default. Now people are complaining that it doesn't do enough.
kdawson is not a real person, kdawson is a shill account for any of the editors to use when they want to post an obviously flamebait story.
I've been running windows for longer than I want to think about (yeah, I'm a glutton) without AV. A separate firewall , a couple of basic precautions, and not running shit you aren't 100% certain of is the only antivirus you need. This applies on any system, it really doesn't matter what the OS is.
If you insist on clicking to see the bunny, or running downloaded software from un-verifiable sources... then no AV will protect you for long.
So yeah - "no news". But not because "using any computer without AV is asking for what they get", but because when you download and run a virus yourself, you get what you deserve -- whining that the OS isn't protecting you (as done in the article) is just stupid. Use your brain and don't expect the OS (or AV) to think for you.
Windows 7 is backwards compatible!
They got some malware, and ran it. If these malware did not need elevated privileges, they are expected to run. You download a bash script from the net that goes "\rm -rf ~" and then complain that your $home is hosed? I am not sure the test is fair. Did the malware get root privileges? Did they do any damage that simple plain process with user privilege could not do? Unless such things happened, this test amounts to nothing more than testing backward compatibility of some old binaries in new OS. Duh.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Just recently had to edit the Host file. (Local DNS file).
Could not save it because of UAC, and didn't get a UAC prompt either, had to give up and disable UAC first.
trackballs suck as bad as those "natural keyboards" that were all the fad years ago.
I'll take a trackball over a mouse almost everyday. I used to use mice then I tried to use a trackball. At first it was awkward so I put it away. Later I got a new one and tried again. It took a little while to adapt but once I did that was that, now I won't give up my trackball for a mouse, you can pry it from my cold dead fingers. I have 2 now for my laptop, one stays on my desk and the other is in my backpack.
Falcon
Should there be a Law?
I realize that this is a controlled test, but why shouldn't it be standard procedure to install AVG on any machine with a fresh install of Windows? It's like they're implying that it doesn't happen.
You still need to run anti-virus on Windows 7."
Or, alternately, DON'T INTENTIONALLY RUN VIRUSES ON YOUR COMPUTER. Geeze.
You dont look hard enough
http://www.symantec.com/norton/security_response/writeup.jsp?docid=2009-110309-3638-99
http://www.symantec.com/security_response/writeup.jsp?docid=2007-110101-2320-99
http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99
Also, there was a torrent of a mac program recently that a lot of people downloaded and the keygen contained a virus. i think it was an iLife suite torrent...
Seriously. Everyone. With viruses, the problem is always PEBKAC.
isin't really news, this coming from a unix person. come back next year when they clarify this. sounds like a big AV scare tactic to grab more money to me.
I thought windows 7 introduced full ALSR (address space layout randomization) with windows core software protected against stack smashing as well with canaries? Just as GRSecurity patched Linux or a smart OS like OpenBSD by default How can these viruses work against full ALSR and protection against stack smashing?
You still need seat belts in cars with airbags, fire departments for neighborhoods with fire resistant code compliance, and ambulances even if a doctor lives next door.
I mean, really . . . this is stupid.
that actually think they're above the internet and it's evil side. It should be obvious that you need to run antivirus, and practice safe browsing habits.
No ONE company can stop against all infections..hell, a team of them working together couldn't do that.
I don't care what Microsoft, Symantec or whoever the hell claims to be the end-all to bugs says or does. Someone with a brain, a keyboard, energy drinks, and a bad attitude can do whatever they want, if they want it bad enough.
What exactly do they mean by "threw at it the next 10 virus/worm samples that came in the door"?
How, exactly, did the viruses get on the machine?
opening mail attachment?
viewing website in ie?
msn?
wmp?
running naked exe?
or just connecting to internet?
But dont forget BillG.'s mantra: we get them hooked and then when theyre addicted, well collect.
You can get a virus without using a web browser. There's email, there's files that are available over the local lan ...
Here's proof of concept from 3 years ago, though: http://news.techworld.com/security/5392/worlds-first-os-x-virus-hits-apple/
....so since I keep getting infected, I guess the bleach must be rubbish :-)
I'm also puzzled as to how everyone is suddenly taking an AV company's reports at face value - or does everyone suddenly agree with Symantec that MS were being terribly unfair when they locked down the kernel?
It's also worth noting that MS provide a free AV tool which is, by the accounts I've read, quite good....not that anyone's going to take any notice when there's another opportunity to plug Linux - plugs which will be ignored by nearly everyone not already using it,, as usual - if you'd all made more of a fuss of the alternatives to wIndows when it mattered - e.g. when O/S 2 had a chance, it might have made a difference :-)
I dont recall seeing MS claim win7 was virus proof...
Flappinbooger isn't my real name
Just stop running the damn viruses! It would have been 0/10 if they hadn't run them!
Seriously - I've been using 95/98/NT4/NT5/NT5.1 machines for over a decade, and I've never had a single virus. My anti-virus solutions are always installed with all of the (system breaking) protection disabled, and I just run a scan occasionally. Ditto for Amiga software prior to that. Ditto for the Linux servers I run.
Simple caution when installing things and prudent use of firewalls keeps away five nines of problems. Don't torrent l33t 0-1 day w4r3Z. Don't run cracks*. Don't use sketchy peer-to-peer software. When downloading free/oss/shareware, download only trusted, well known software, and download it directly from the source. Run md5 or sha sums, just in case. Don't let any children use your machine, or friends, or other sorts of retards, err, infection vectors. Don't use HTML-enabled email clients (I'm looking at you, Outlook), or if you do, use webmail products with a safe(ish) browser.
* If you absolutely have to, use only serial-generating ones, and run those from a secured emulated environment or system that gets re-ghosted after each serial run. It's easier just to buy the software or switch to a F/OSS solution though.
This is proof slashdot is biased, do you notice how slashdoters like to pick on Windows? You'd never see an article talking about people having problems with Ubun... wait... fuck...
But... the future refused to change.
The new Apple ad is starting to make more sense to me now...
That's what you get when you skip regression testing.
Give them time. They'll get the last two working again in the next service pack.
Never shake hands with a man you meet in a fertility clinic.
....except the marketing guys call it "4% market share". ZING!
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
So, the article says 8 out of ten, and so does the summary title. The summary says that 7 out of 10 viruses ran. Last i checked, 7/10 != 8/10. Oh wait, it's Windoze, it must depend on the square root of the number of minutes until the next hour.
This says it all.
http://msmvps.com/blogs/bradley/archive/2009/05/29/get-your-uac-defense-in-depth-slider-shirts-here.aspx
very well!! http://www.douerwan.com/
You log into your bank account using an unprivileged process. Firefox doesn't run with Administrator access. This means that a non-Administrator Trojan can steal your bank account password without so much as a UAC dialog coming up.
Making your machine a zombie in a botnet doesn't require Administrator access either, assuming that the back door listens on a port higher than 1023.
Sure, it might be easier to clean, assuming you know it's there. Most of the viruses I run into that are stealing our customers' credentials aren't even detected by the anti-virus companies yet.
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
They copy 10 programs to a PC and 8 of them run? No kidding...
Prevention is the best cure - preventing them from getting on the machine in the first place.
This article is so stupid its mindboggling. Anyone could write a new virus and run in on any operating system and it would run.... What do they want a whitelist of every executable in the world that has been confirmed not be a virus?
I have never encountered WiFi cards that did not work
The Ubuntu forums are filled with people having trouble getting their WiFi working. That was one of the problems I ran into for installing Jaunty on my Mac. I found solutions but wifi doesn't work out of the box so to speak. There are other hardware problems such as with fan control, touchpad, the Apple keyboard, sound, and suspend
I am sorry but I do not understand you. Maybe I am a little dumb, but it' s actually true what I said. I pointed out facts... I think it's for the better not to lie and point at the problems...
You may of pointed out how things went for you but you did not point out the facts of others, Fact is is Ubuntu and other Linux distros have trouble with some hardware. Before installing any Linux distro on a computer it's wise to make sure there is compatibility with the hardware Linux will be installed on. Which is what I've been doing in order to prepare for when I install Ubuntu myself.
>But if I walk into BestBuy after work *today* and I grab any piece of hardware, off the shelf, it will come with a disk that provides drivers for Windows. How many will include drivers for Linux?
None because they are included with distro's, so what's the problem?
As linked to above Linux does not come with drivers that work with all hardware. That's why it's also recommended people try out a live disk before trying to install Linux. If a Live CD works then Linux can be installed with a minimum of fuss.
As we used to say in construction, measure once, measure again, and measure a third tyme before cutting. Measuring 3 tymes first then making a cut is better than measuring once, cutting, then having to measure and cut again.
Falcon
Should there be a Law?
Man, this is a "well fucking DUH!" moment.
Chas - The one, the only.
THANK GOD!!!
Trust me.
If you reply, do so only to what I explicitly wrote. If I didn't write it, don't assume or infer it.
I run without AV, and I haven't had a virus in years.
How do you know you've never had malware if you don't run AV software?
Falcon
Should there be a Law?
The linux of the past HAS had better hardware support than Windows on occasion, I started using it in 1995 so that my 14000bps modem could run at top speed instead of the 9600bps that MS Windows limited me to. Then there's the stupid situation where even 32bit Vista did not support the Pentium Pro and newer CPUs so imposed a less than 4GB limit which every other OS had been able to exceed for a full decade.
In other words you really do not have a clue what you are talking about. Nearly all MS windows compatibility with hardware is due to work by the various hardware manufacturers.
Hitting Google is apparently easier than doing research. I went through the articles on your "osx+virus+in+the+wild" link, and what I found on the first pages was...
None of these (except possibly Inqtana-A) would be a threat to semi-competent users, and the only article that isn't from 2006 is the garbled wiki page.
Now if you want some actual research on Mac OS X viruses, you can check a vendor's site:
http://www.sophos.com/security/analyses/viruses-and-spyware/search-results/?search=OSX&action=search&x=0&y=0
Interestingly, what the site won't tell you is that most (if not all) of these viruses are phantom menaces; you have to Google each one yourself for that kind of detail. Many are proof-of-concept never seen in the wild, and most exploit holes already patched in the OS. All are trojans that require serious PEBKAC to run, even the only two known "worms" for the plantform -- Inqtana and Tored.
Inqtana, a virus one that got some notoriety and media attention is an example of all three -- a proof of concept (with an expiration date) that attacked an old hole in the Bluetooth stack and which required victims to consent to accept the download from an infected machine. Tored was an email worm that required you to execute an attachment on a very stupid looking spam email payload. Both are basically glorified trojans -- nothing on par with Conficker.
Now, trojans aren't complete non-issues, but savvy computer users currently have very little to fear from running a Mac w/o AV software since there are currently no self-instantiating viruses for the platform in the wild. Don't download pirated software (and risk something like iWorkS which hides itself in installers for certain programs), and don't trust installers where none should be present.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
I thought windows 7 introduced full ALSR (address space layout randomization) with windows core software protected against stack smashing as well with canaries? Just as GRSecurity patched Linux or a smart OS like OpenBSD by default How can these viruses work against full ALSR and protection against stack smashing?
Anyway, I certainly wouldn't disagree with the claim that 'Linux has much better support for seven year old hardware'. My objection is that the hardware support is presented as being both infinitely better than Windows *and* so bad you need special Linux hardware....at the same time.
OK, this I can understand. Because Linux developers have had a while to work on drivers for old hardware the drivers are available not new hardware won't have drivers available for some tyme, unless the manufacturers release drivers themselves or release the info on how it works so others can develop drivers.
Falcon
Should there be a Law?
Oldest PC I've personally installed Vista on dated from early 2000. Worked fine (albeit a bit slow - though a $30 video card fixed that).
Was the PC top of the line and maxed out when it came out?
Falcon
Should there be a Law?
Thanks, you made me think of something. I use a host file to block ads but looking at the page linked to I thought of adding the IP the pings that keep on coming from to the host file as well.
Falcon
Should there be a Law?
Well the badware will try to replicate itself somehow, so you'd have to watch all outgoing network traffic. Of course this isn't practical with just one computer, you'd need a commercial-grade IDS to be sure.
Vista's security was overrated. So, apparently, is Win7's.
This comment might not be around for long, because a good way to get your commenting status on Lifehacker revoked, or to get modded down to "Flamebait" on Slashdot, apparently, is to question whether Win7 is all it's cracked up to be. I hold the seemingly-illegal view that Win7 is basically Vista with some of the really ugly stuff patched up a bit. I might consider moving over to it at around SP2. Certainly not before.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
+1 informative
"Windows 7 vulnerable to 8 out of 10 viruses"
It's missing a 9! Where is the 9? It's supposed to be between the 8 and the 10! Where is it???
Headline would be perfect if there was a 9 in the proper place. >_>
Let q be a radix > 1. I am in ur base-q, killing 10 d00ds.
I guess you did not bother to actually check the search results, right?
Because I can't find any report about a real virus in the wild.
I wonder if you didn't do the same you accuse GP of not doing. The second result for http://images.google.nl/search?q=osx+virus+in+the+wild is Mac users face first OS X virus in the wild. Now anyone who knows what they're doing shouldn't get infected. As New MacOS X trojan/virus alert, mostly a non-event says it takes some clicking and seems to be a "proof of concept". Now Tech Q and A: Are Macs Vulnerable to Virus Attacks? is an interesting read.
Falcon
Ooh, don't get the idea I'm a shill, for MS, Linux, or anybody else and don't like Macs. I'm typing this on my MacBook Pro and of the 7 new computers I've owned it's the best.
Should there be a Law?
I don't know about you, but I have lovely process explorer app from sysinternals. Nice program. When watching TV/etc, I keep it up and I watch my IO/Network/Memory/CPU usage. Because I know every program that loads with windows and I know what to expect from every executable/service running. I know when/why they use a resource. If a service/whatever is reading the HD or using CPU time or network, if it doesn't have a reason, it's a dead process.
Can't rootkits hide from things like scanners and Windows?
Falcon
Should there be a Law?
Slashdot likes to say that anecdotal evidence is meaningless (which of course it is), but when a sufficiently large collection of anecdotes all say the same thing, we call that consensus. The general consensus is (I believe) that Macs are a lot less likely to be infected than Windows boxes, so your 'Anyone who uses any computer (including Mac AND Linux) without anti-virus is asking for what they get' statement is in fact news to me.
While Linux and Macs are more secure and less likely to become infected it's better to be safe than sorry. Even new AV software doesn't put much if any strain on current Macs.
Falcon
Should there be a Law?
Who is that stupid to pay MORE for a product to be compatible with earlier releases...
Home - Pro
What's up with that? To be able to use your old XP applications, you'll have to pay (lots) more!
I'll stick to os X for now on and if this PC would natively support os X, windows would already be history!
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
I think you can thank the antivirus companies for this one. Were microsoft to include enough tools and antivirus with their operating systems, suddenly all antivirus makers would be crying foul and shouting monopoly and the like, as their markets would suddenly dry up. It happened in the past when MS was pushing windows defender and trying to integrate it deep into their OS.
The article has no information about whether the system was 32-bit or 64-bit. 64-bit uses Patchguard to protect the kernel, and mandatory driver signing that prevents unsigned drivers from being loaded. There should be a difference in the infection rate of 32-bit Windows 7 vs 64-bit Windows 7.
You could press Win for start menu then type the name of the text editor and press shift+ctrl+enter to elevate it. It's a shame this doesn't work from other places like right click context menu or run though.
if i write 10 linsux viruses and run them on linsux box as root, 10 on 10 will infect the machine, isnt it ?!
Microsoft is in a hell of their own making. For years they have more or less taught users that:
*The way to install software is to pop some keywords into a search engine, and then run an un-trusted executable.
*The normal installation procedure involves clicking "yes" or "ok" on loads of dialogue boxes without reading them.
*Each app has its own installation procedure and it is perfectly normal that you have to do things you normally would not in order to get things
working.
That is only the tip of the iceberg of course. Hiding file extensions, executing apps by double clicking the file, programs changing your system configuration without asking you ... Microsoft made it all seem normal, thereby opening the floodgates for all kinds of social engineering attacks. I have no idea how they are going to solve the problem now. If you spend years teaching people to do things one way, you can't just go "uhm we fucked up, do it this way instead" and expect people to trust you.
They taught users to be negligent about security, taunting it as a usability advantage ( Windows "just works" ), and now they are trying to undo the damage without losing face. "Good luck with that."
Microsoft claims that they will fix backwards compatibility so that all the viruses will work under its most recent OS.
in nearly 30 years of daily programming and a almost 2 decades of Internet usage I've never encountered one virus or work on my PC. Gee. Must be user error. Stop going to the porn sites people. Stop downloading the stupid videos that your cousin sends you from 40+ other forwarded AO fucking L emails. If you live your personal lives like your online lives - you'd have AIDS already.
Good thing they released vista first, you know, to give malicious software engineers some practice before the real windows 7 came out.
Windows 7 runs all my legacy appications! (and viruses)
Yup. I'm also one who doesn't run with a virus scanner on a day to day basis. Once or twice a year, I've run online scanners or something like malware bits, and I've never found anything on my system. If you're careful about what executables you run, and you keep good entry point security (e.g. firewall, noscript) then you're pretty unlikely to get something. This works for a case where you're not too worried about someone actively trying to get into the system. If it's known that you've got something people want (valuable private information, critical services) then you're playing a different game.
The only power MS has, is that it fully supports the gaming industry. It also doesn't care to educate its users about proper computer security procedures. The governments of this world do NOT want you to use secure systems and encryption, since it requires more resources to eavesdrop.
"Ran" can mean "totally pwned the computer", but "ran" can also mean "started execution but couldn't do much other than start spamming/portscanning" (which is, admittedly, bad enough). UAC is designed to prevent pwning computers, not stopping execution, so I'd like to know which happened.
I'm proud of my Northern Tibetian Heritage
If you don't know what you're doing, you need to run antivirus. These "tests" were performed by actually running the executables. I don't consider that a vulnerability - If you invite murderers and rapists into your home is that fault of your security system or is it your own damn fault?
AccountKiller
I made a virus that would delete some files, I ran it and it deleted those files!
This should give some insight into the problems with Linux and how it could be addressed: for all it's strengths, it's not something people want. They want Windows, despite it's weaknesses. Make Linux wantable, watch market share change dramatically.
The problem with Linux's market share is that few PCs sold in stores come with Linux installed. And not many people have heard of Linux. Sure geeks and hackers on Slashdot have but they are not the typical computer user. Also most people do not necessarily want Window but think they need it. Talking with others about computers I've heard a lot of complaints about their PCs, and almost every tyme the problem is Windows. When I ask them if they thought of trying Linux or a Mac I'm asked if they can run MS Office, they say they have to have Office. When asked why they can not give an example of what only Office can do except Office macros, while Open Office can use Excel macros macros for Word have to be rewritten. There is also WordPerfect Office, Lotus SmartSuite, and other office suites.
Simply many people have the perception they need Windows because they need MS Office.
Make Linux wantable, watch market share change dramatically.
Fact is is no one knows what Linux's market share is. Estimates are Linux has a market share in the single digits on desktops with Linux, and Apache, having large shares of servers. Even with internal servers though it's hard to know how many MS Windows servers there are because IT departments of businesses and other users of servers switch from Windows and IIS to Linux and Apache without telling others. There have been articles linked to on Slashdot about how the London and New York Stock Exchanges have moved from MS Windows and .net to Linux and other open source platforms. The London Stock Exchange not only switched to Linux but actually bought the company that developed the trading system the exchange will use.
Falcon
Should there be a Law?
So, have we finally figured out why it is called Windows 7? Is it in fact because it runs 7 out of 10 viruses? I see a pattern here... I can't wait for Windows 10 !
Only 8 out of 10 programs designed to run on Windows OS worked? What was wrong with the other two?
The fact my Mac can get a virus running WinXP is just more proof to me that WinXP is the culprit. Luckily it doesn't take much to delete that partition and reinstall Windows.
I suspect installing IIS may increase chances of compatibility.
I think you underestimate just how much I just dont care.
In my world FUD means Fully Un-Detected :D
No. What you are talking about is a trojan horse, not a virus. Trojans are programs someone tricked the user into running: trojans are not self-replicating. You did get it partly correct. As you said, worms transmit themselves through the network. Usually through security holes in the target systems.
A virus spreads by infecting parts of files/disks, and when those files/disks are carried to another system, the virus can spread to the new computer. A boot sector virus puts itself into the area the BIOS loads and executes on startup.
Executable viruses hide themselves into another file (such as an .exe installer), and will infect another system if the new system runs the file. They will also reinfect a system you just cleaned if you mistakingly save an infected file and run it after the cleaning.
Malware can be both a virus and a worm and a trojan, though it seems most people these days just call everything a virus--including trojan horse programs.
Not as hard as trolls.
Falcon
Should there be a Law?
For Linux their might be a binary driver, if you are lucky, but if not you are stuck with a working system but with no extras and your system working unaccelerated ...
And here I was looking for and thinking of getting an external high resolution graphics card. Something like the ViDock 2.
What I find weird about the ViDocks are that they are compatible with Macbook Pro revisions 1, 2, and 4 but not 3 which is what I have.
Falcon
Should there be a Law?
This is a test without AV
While, the Windows7's maintenance center recommends users to install AV software immediately after installation
Regarding the AUC, it also has a preventive role against bad manip for Beginners
Does Sophos need this kind of testing to earn money?
Furhtemore here is a link from the very serious Computerworld.com
http://blogs.computerworld.com/14933/microsoft_xp_is_far_more_vulnerable_than_vista_windows_7
"I have yet (in over a decade of tending windows and NT servers) had a single machine get infected." - by black3d (1648913) on Tuesday November 03, @04:46PM (#29968812)
Same here, & it held true all the way thru Windows 2000/XP/Server 2003 (running as a workstation, its default install in fact as I am sure you know) & right now, same using Windows 7 here now (fully security hardened via secpol.msc, SCW + MBSA 2.11, Filesystem & Registry ACL's, the new WFP NDIS6 Firewall's "inbound & outbound rules table") + removing any bogus possible LSP's & also removing services that I did not need (for both speed & security) + cutting off networking protocols or clients (QoS, Client for MS Networks, Server service, File & Print Sharing, & TCP/IP over NetBIOS Helper service (& a few that Windows 7 introduced for remote sharing I don't need) & removing remote assist & TS/CITRIX or Anonyous logon / NULL session hack possibles, and downing shares manually too (even hidden default Admin$ types like these:
echo off /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE /DELETE :REM last line is to force complete read of HOSTS file into RAM, that domainname/hostname is the last line in it... apk
NET SHARE C$
NET SHARE B$
NET SHARE D$
NET SHARE E$
NET SHARE F$
NET SHARE G$
C:
NET SHARE ADMIN$
NET SHARE IPC$
NET SHARE DFS$
NET SHARE COMCFG$
NET USE *
ping zzzz.hostindianet.com
via that .cmd file to automate it, @ system startup... I can do that with no repercussions, because I don't require shares, as my system is a "single 'standalone' machine online @ home" here, currently (no network/LAN @ home or one I even need connecting to me here), basically/essentially, is why & how I can "get away with that".
Lastly, then I've thusfar been using Microsoft Security Essentials (decided to give it a go, & just to be "safe(r)" because it doesn't seem obtrusive on a Intel i7 Core 920 4/8 core H-T CPU, an EVGA NVidia 8800 GTX OC vidcard, + 3gb DDR3 Kingston RAM & WD "Velociraptor" disks & a GIGABYTE IRAM TRUE SSD ((AND, that SSD's NOT just slower on writes FLASH, it has 4gb DDR2 RAM onboard) doing the temp ops, webpage caching, pagefile.sys duties, print spooler location, AND lastly logging for apps & the OS, offloading my fast main drives & reducing fragmentation on them, which my Velociraptors are futher cached above their 16mb RAM buffers onboard, additionally they're cached by a Promize Ex-8350 128 PCI-Express 4x caching RAID 6 controller too).
So far, this combination has been successful, as this guide I wrote for securing Windows system has been (search GOOGLE for "HOW TO SECURE Windows 2000/XP" & it owns 21-30 or more spots consecutively almost):
HOW TO SECURE Windows 2000/XP/Server 2003, & make it "fun-to-do", via CIS Tool Guidance (& beyond):
http://www.tcmagazine.com/forums/index.php?s=e3e2856c10d35d2a9f0b46565b5231f3&showtopic=2662
That's what I did on systems Windows 2000/XP/Server 2003, & it worked out well for myself, family + friends, & even paying clients to security-harden their systems vs. malwares & such, & generally, it works (250,000++ views strong, got me paid for it @ a website, & also the fact that many who have used it are now experiencing far less hassles with malwares online with said guide rating 5/5 stars & such, on 15/20 sites it is featured @/on, & many making it an "Essential Guide", or "Sticky/Pinned Thread" also etc. et al)
Lately, on the same note - I am really just now perfecting how to "security harden" VISTA/Wind
this is funny "we intentionally ran code we knew had virus in it and it worked OMG" i think that applies to any system that you run something that your not sure about.. i have a experiment desktop that i have been running with no virus scanner since the beta came out and it has not been infected once remotely, i run a virus scan from a cd about once every other week just to check.. i hate M$ products but this one was actually done right (for once, and yes they are now serving snow cones in hell and the temp won't melt them anymore).
and as a linux user i can say Yes there are viruses that attack linux as well, they are just extremely rare since all the script kiddies are focused on M$ products.
and yes you should always have a virus scanner on a comp that is just a simple DUUUUUHHH
To be clear:
Of the ten programs Sophos tested with, none were viruses. They were newly released malware, typically Trojan horses. The less to learn is that default User Account Control settings will not prevent the user from installing malware.
No one should be surprised.