Slashdot Mirror

← Back to Stories (view on slashdot.org)

Years-Old Conficker Worm Still a Threat

Posted by timothy on from the barely-know-'er dept.

RedEaredSlider writes "The Conficker worm is still a threat, even though it is more than two years old and nobody has used it in a botnet attack yet. The problem is that so many machines are infected (largely because many don't realize it) and it's such a flexible piece of malware."

10 of 71 comments (clear)

  1. The real issue: by Isaac+Remuant · · Score: 5, Insightful

    The Average User is still a threat in his path to ignore one and all security measures.

    --
    "Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
    1. Re:The real issue: by clarkkent09 · · Score: 4, Interesting

      The real issue: software industry releases insecure products and blames ordinary users for not being IT security experts which is what it takes to be truly secure.

      --
      Negative moral value of force outweighs the positive value of good intentions.
    2. Re:The real issue: by causality · · Score: 4, Insightful

      The real issue: software industry releases insecure products and blames ordinary users for not being IT security experts which is what it takes to be truly secure.

      The bar could be raised far higher than it is now without even beginning to approach expertise. That's the part that is often underappreciated.

      "Truly secure" in an absolute sense is rarely if ever attained by anyone, and almost never necessary. What you really need to achieve is "unprofitable to compromise". It's security in a relative sense and much more realistic.

      I don't really disagree with your assessment of the average quality coming from the software industry. The users are not typically blamed for that, even though they're collectively responsible for creating a market where shoddy quality sells. That responsibility is indirect and spread out among large numbers of people.

      The users are more often blamed for not even trying to protect themselves, for not making even a token effort to understand the risks. That decision is more immediate and individual. For this reason average users are often characterized as stupid.

      I'm personally more inclined to believe that they could do better if they wanted to. I've seen the mentality many times because there is such an overabundance of examples (and not just in computing). It's not stupidity in the normal sense, though you could call it a kind of stupidity because it tends to act against one's own interests. It's more like an intellectual laziness combined with an entitlement mentality which insists that things like security must always be "someone else's problem" even though it won't be "someone else" who suffers any insecurity.

      Like any entitlement mentality it has to have an excuse to function, to seem like a believable position one does not wish to abandon. In this case it's the excluded middle: the notion that users are either drooling idiots or highly skilled experts with no intermediary states. That enables the afflicted to respond to recommendations for how they may improve by becoming offended instead of assessing the feasibility of the suggestion. The intellectual laziness component comes from institutional schooling's lesson that learning is hard and full of toil and cannot be a joyful process of discovery and fascination.

      You combine those things and you get a user who is nearly impervious to even the most basic, most easily understood advice especially concerning topics like security. Even when it's in their own interests to listen to it. Even when implementing it would be easier than their current practices. The rest of us get a degraded Internet in the form of spam and DDoS attacks and worse that so many compromised machines facilitate, thanks to network effects.

      The case against the mentality of the average user has a solid foundation, primarily because most of them could choose differently.

      --
      It is a miracle that curiosity survives formal education. - Einstein
  2. Nobody should be surprised with that one by damn_registrars · · Score: 4, Insightful

    The conficker worm exploits vulnerabilities on unpatched windows systems. If we were instead talking about a resurgence of the "iloveyou" virus or something of that nature, that would be a surprise. But conficker - as a worm - finds its own targets and infects on its own. And it will continue to do so as long as the writers of it find new holes to exploit in windows.

    Just wait until Microsoft stops releasing security updates for Windows XP, then conficker will really have a chance to run wild.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  3. how novel by gearloos · · Score: 4, Funny

    A link to a story ridden with popups about a worm. Cmon /. you can do better.

    --
    "Computers are a lot like Air Conditioners" "They both work great until you start opening Windows"
    1. Re:how novel by Farmer+Tim · · Score: 4, Funny

      Cmon /. you can do better.

      [citation needed]

      --
      Blank until /. makes another boneheaded UI decision.
  4. If security programs dont get it right ... by jobst · · Score: 4, Interesting

    of course it still a problem, especially if you read what happened to me this morning....
    Our sales directors computer (dell) has real trouble accessing the net (very very slow) whenever he tethers his laptop with his Galaxy S. I have the same laptop and phone but use Fedora14 and tethering gives me real good speed (considering) .... his is Win7 using Trend Micro (included when buying the dell) . When I turn Trend Micro off it performs well, loads the web-pages at the same speed as mine does.

    So there would be no surprise to me if a lot of machine run without virus/internet security because those machine become a real hog/snail/whatever .... so users cant be bothered!

    --
    to code or not to code, that is the question.
  5. China loves Conficker by Anonymous Coward · · Score: 5, Interesting

    The college (part of a larger university, but separate for IT purposes) I work at in Beijing has a choice between two different free (Chinese produced) antivirus/antimalware products. The one that detects Conficker is on the computers of the people designated "sysadmins" (discussion for another day as to what qualifies as a sysadmin at this school) and any computer I am required to use as a function of my work (not including my personal notebook, which the admins aren't allowed near). The software that doesn't detect Conficker (or quite a few other 2+ year old baddies, in spite of being "up to date") is on everyone else' computer. As best as I can determine, this is to give the appearance of justifying the positions of the 5 sysadmins needed to support less than 50 computers (not including the lab computers which require minimal support because they suck so badly the students would rather go to an internet cafe to do their work, if they can't afford to use their own computers). Someone let me know when an opening at Tsinghua U. is available.

  6. i confirm this by decora · · Score: 3, Interesting

    i know someone who works at a huge support center for a certain cellphone carrier. this person has informed me that they spend a good deal of their day telling people to shut off antivirus in order to get their "Modem Cards" (apparently the fashionable name amongst the masses) to work.

  7. Re:WGA/pirated copies of Windows by FreelanceWizard · · Score: 4, Informative

    This is not true.

    "The Automatic Updates feature is not affected by the WGA validation check. Therefore, you can use the Automatic Updates feature to make sure that you receive critical Windows updates."

    Only some updates are marked as "genuine only," and this doesn't include security updates (which are all critical).

    --
    The Freelance Wizard