Slashdot Mirror
Years-Old Conficker Worm Still a Threat
RedEaredSlider writes "The Conficker worm is still a threat, even though it is more than two years old and nobody has used it in a botnet attack yet. The problem is that so many machines are infected (largely because many don't realize it) and it's such a flexible piece of malware."
The Average User is still a threat in his path to ignore one and all security measures.
"Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
The conficker worm exploits vulnerabilities on unpatched windows systems. If we were instead talking about a resurgence of the "iloveyou" virus or something of that nature, that would be a surprise. But conficker - as a worm - finds its own targets and infects on its own. And it will continue to do so as long as the writers of it find new holes to exploit in windows.
Just wait until Microsoft stops releasing security updates for Windows XP, then conficker will really have a chance to run wild.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
A link to a story ridden with popups about a worm. Cmon /. you can do better.
"Computers are a lot like Air Conditioners" "They both work great until you start opening Windows"
of course it still a problem, especially if you read what happened to me this morning.... .... his is Win7 using Trend Micro (included when buying the dell) . When I turn Trend Micro off it performs well, loads the web-pages at the same speed as mine does.
Our sales directors computer (dell) has real trouble accessing the net (very very slow) whenever he tethers his laptop with his Galaxy S. I have the same laptop and phone but use Fedora14 and tethering gives me real good speed (considering)
So there would be no surprise to me if a lot of machine run without virus/internet security because those machine become a real hog/snail/whatever .... so users cant be bothered!
to code or not to code, that is the question.
The college (part of a larger university, but separate for IT purposes) I work at in Beijing has a choice between two different free (Chinese produced) antivirus/antimalware products. The one that detects Conficker is on the computers of the people designated "sysadmins" (discussion for another day as to what qualifies as a sysadmin at this school) and any computer I am required to use as a function of my work (not including my personal notebook, which the admins aren't allowed near). The software that doesn't detect Conficker (or quite a few other 2+ year old baddies, in spite of being "up to date") is on everyone else' computer. As best as I can determine, this is to give the appearance of justifying the positions of the 5 sysadmins needed to support less than 50 computers (not including the lab computers which require minimal support because they suck so badly the students would rather go to an internet cafe to do their work, if they can't afford to use their own computers). Someone let me know when an opening at Tsinghua U. is available.
So is my Windows box
Seven puppies were harmed during the making of this post.
i know someone who works at a huge support center for a certain cellphone carrier. this person has informed me that they spend a good deal of their day telling people to shut off antivirus in order to get their "Modem Cards" (apparently the fashionable name amongst the masses) to work.
in order to keep your job you have to keep your power base in the bureaucracy.
in order to keep your power base in the bureaucracy, you have to keep your budget.
in order to keep your budget, you need to keep it at the same, or higher, level as last years budget.
in order to do this, you have to snowjob any penny pinching meddlers into thinking it's absolutely necessary.
My current crop of laptops is not that old yet. Will get back to you ;)
Home of The Suki Series
do you also think that this is the greatest layout ever?
They have a vested interest in maintaining the status quo.
Not to mention plain incompetence on their part. Such as McAfee mistaking a core Windows file for a "virus" last year.
When you think about it, it makes sense. They have lots of people. It's more cost efficient to use man-power for most tasks than it is to train one person in specialized equipment.
You get lots of people working and the maintenance costs are almost zero. People at a construction site were moving materials around in a wheelbarrow made of old bicycle wheels (one without a tire).
How much would it cost to fix that wheelbarrow when it broke? Now compare that to fixing a forklift.
Meanwhile, they all have jobs and are getting paid and can buy food.
Dude, At least, In my company. Mails were sent providing patches and explanations of how to deal with the conficker virus. How to treat your removable drives, etc.
Few listened and we were annoyed for some months by each infected computer. Somehow, the virus managed to get into the network and lot of employees wasted valuable time reinstalling their OSes only to be infected immediately for not taking the necessary measures (being offline, patching).
"Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
One problem is the low-end users who have systems they have bought from a "friend" which turns out to have a WGA-failing pirated copy of Windows. Windows Updates refused to allow it to be patched, leaving it to sit there waiting to be infested.
What Windows needs to do with WGA is give a grace period (60 days?) and warned if you do not get this copy legally licensed within X days then it will stop working (just like beta demo copies). After that time, have it just start up, explain the error and shut back down after 60 seconds. Not popular, but it would keep the bad machines offline. It would force the users to either get legit Windows installs which would have patch support, and/or they'd move to Linux which would also have patch support.
Yeah, I know. Redundant. I'll get my coat.
Help stamp out iliturcy.
What kind of company do you work at where they can't afford an IT professional to coordinate a virus cleanup? A Conficker clean up is something a $30 an hour network tech can handle if given the right instructions, time and leeway to take care of it.
I'm thinking 2020, 2025 before it sinks below 10%. Still the number one OS in the world, by a long margin.
Windows 98 is still putting more hits than WP7.
Help stamp out iliturcy.
Yeah, and from your perspective as (I assume) an IT guy, that was sufficient. But from the perspective of a random employee for whom computer is just a tool to get their actual job done, dealing with patches and explanations about "worms" (or is it snails) is an annoying and time consuming distraction. Especially when there is one update or another asking you to install and reboot just about every day, forcing you to close and reopen all the programs you are using etc. Not saying that there is a perfect solution, just that blaming "dumb" users for everything is a cheap cop out.
Negative moral value of force outweighs the positive value of good intentions.
A goverment company in a third world country with 350+ employees and a lazy IT department (of which I'm not a part of).
That being said, the users have no regards for computer security. They care about their cars, their paperwork, the keys to the office, but always fail to recognize the vulnerabilities of a computer system.
"Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
End users getting/dealing with virus = fail of IT dept. Other employees are not employed to deal with IT issues. Expecting them to do so is an epic fail. It's not their job.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
If the problem is boxes which haven`t had existing patches applied, how exactly does Microsoft ceasing to release more patches make this problem worse?
I guess I thought this was pretty obvious, but perhaps you haven't had a conficker infection run wild on you yet.
If a system gets conficker, the only way to clear the infection for good is to patch the OS for the vulnerability. The infection itself will eventually force the user to take action, because after a while the infected system will reach 100% CPU utilization as the system goes nuts trying to get commands from the botnet (even if it never finds any). On top of that the system will also take as much bandwidth as it possibly can, which will of course drag down the performance of the network it is on.
But when MS stops releasing XP patches, and the conficker authors find a new exploit after that point in time, then it is game over in terms of fighting infections on that system.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
I don't know about Puppy (although I suspect you can), but DSL linux can be booted from the network via PXE. You could run the machine without a hard drive, if you wished.
When our name is on the back of your car, we're behind you all the way!
There's sometimes a lopsided impression in companies that IT is an inconvenience if they "interrupt" other people's daily schedules, but when other departments have interruptive demands it's just "part of doing business." The truth, of course, is somewhere in between.
The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
5-10 years ago, the concept of putting Windows in products that are conventionally designed to actually work reliably was just a big joke to me, something that a few cranks were doing. Now it's just depressing to see how many different places it has weaseled its way into.
Nice thought except for the fact it doesn't actually work and is therefor pointless, and your "solution" is just taking away the rights of the customer who will happily FIRE you and thus put you out of business! Why Linux users seem to think "the answer is always Linux" when frankly unless you are in a corporate environment the opposite is usually true is frankly beyond me, but your "solution fails on multiple points:
1.-The consumer level devices, such as AIO printers, PMPs like the iPod,etc don't actually work in Linux so to find a working device your clueless customers are gonna have to A)research like it is the SATs (correct answer:they won't, and when they get burnt it will be YOUR FAULT)) and B)jump through flaming hoops to keep most consumer level devices running because what works in kernel Foo usually won't in kernel Bar thanks to Linus constantly futzing with things (correct answer:they won't and again see YOUR FAULT) but don't believe me, go to bestbuy.com, walmart.com, and look for yourself. Last I checked you were looking at about 30% supported and with NO way to tell if a device is easy or CLI hell to get working.
Second your answer is to take away all rights from the user yet you seem to think because it is Linux that "makes it alright" somehow. Would you be happy if someone "did you a favor" and replaced your Linux with Vista? No? What about taking away root and refusing to give you control of your own PC "for your own good"? No? Then what makes you think others would find that solution acceptable in ANY way shape or form?
As much as it galls FOSS advocates Linux doesn't work for home and SMB users a good 90% of the time. That "user that just uses email and surfs" frankly doesn't exist anymore than the "Linux hacker" that doesn't even have a window manager and just does everything by CLI. There is ALWAYS one or more "must have" apps that have no equivalent on Linux be it games, functional drivers for their AIO printer, or in my area QuickBooks (which has a "free for home use" version and is crazy popular here) and taking the OS away from the user will just make them hate you and turn them (and anyone they talk to) away from FOSS in general.
I have found a MUCH better solution that foisting an unwanted FOSS OS which frankly in non corporate settings without a competent IT guy to support it is a royal PITA is to make the PC as close as I can to a "toaster with a screen" so that I do the thinking so they don't have to and in turn keeps my shop popular even by just using referrals. Things such as giving them Comodo AV which by default sandboxes all non whitelisted apps such as the browser to minimize the risk of infection, and using Chromium based Comodo Dragon in Vista/7 so that the browser runs in low rights mode. Using Filehippo update checker to alert them to out of date third party software, having Windows set for autoupdates, and showing them how to have separate user accounts for family members with low rights so that kids and relatives can't go installing "that great app they heard about".
By using my "do the thinking for them" strategy I've found I have cut down reinfection by a good 90% and have several PCs in the hands of "clueless home users" that are happily running virus free 5 years+ down the line. While I find Linux perfectly acceptable for some uses such as web servers, corporate workstations, and for emergency "use this if you break it on a weekend" LiveCDs the whole "Give them Linux and they'll thank you for it" is total bullshit. What actually happens is they hate you and FOSS because their apps no longer work, their devices no longer work, and unless you are intending to give them free tech support for the life of the machine the odds that the machine will be running with full driver functionality a year from now is virtually zip, with "CLI fixes" being needed to be
ACs don't waste your time replying, your posts are never seen by me.
Sounds about normal then. I did some work last year for a South Korean government department and every single memory stick that they tried to pass data to me with had some sort of virus on it. Don't know (or care) if it was Conficker or something else. It would seem that every one of their laptops was infected too - copy the data off a memory stick, clean and re-format it, re-load the data. 2 hours later, the stick is infected again. After a while, you stop wasting your breath.
Tanzania was much more advanced than South Korea.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
The entire time I read the article, I was thinking about this.