Slashdot Mirror

← Back to Stories (view on slashdot.org)

20 Years of Innovative Windows Malware

Posted by CmdrTaco on from the innovate-this dept.

snydeq writes "InfoWorld's Woody Leonhard takes a look at the past 20 years of innovative Windows malware — an evolution that provides insights into the kinds of attacks to come. From macro viruses, to interstitial infections, to spray attacks, to industrial espionage, 'there's been a clear succession, with the means, methods, and goals changing definitively over time,' Leonhard writes, outlining the rise of Windows malware as a succession of ingenious breakthroughs to nefarious ends."

82 comments

  1. Good ole' days... by olsmeister · · Score: 1

    Remember the good ole' days, when malware spread by floppy disk?

    1. Re:Good ole' days... by Anonymous Coward · · Score: 1

      I remember the good old days when viruses spread by hand.

    2. Re:Good ole' days... by dadelbunts · · Score: 1

      And genitals.

    3. Re:Good ole' days... by confused+one · · Score: 1

      I remember creating boot sector viruses for DOS -- we'd trade back and forth in the dorm, testing each others skills. So, yes.

    4. Re:Good ole' days... by Tr3vin · · Score: 1

      And sitting next to girls.

    5. Re:Good ole' days... by Anonymous Coward · · Score: 0

      Like the monkey virus... It was the first (computer) virus I ever got. killmonk would take care of it. After I started using Linux, they all stopped. It could be exclusively that the folk who design Linux go out of their way to not automatically run stuff off the internet, that they use things like ascii armor (low memory) for buffers so that checksum and overflow bits automagically protect buffers, or it could be as some have suggested 'if you had our market share you would be a target too.. blah blah'. I tend to think both are part of the equation. The Linux folk give a crap about security. And I haven't run any anti-virus software in over 15 years (and I've been on the internet non-stop in all that time). No viruses, worms, trojans, slowdowns, or problems.

    6. Re:Good ole' days... by sconeu · · Score: 1

      That's "cooties", not "viruses".

      On the other hand, Windows users always have cooties.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    7. Re:Good ole' days... by antdude · · Score: 1

      I remember getting by Stealth virus in college. We had to use McAfee VirusScan to clean up our 3.5" floppy disks. Ugh.

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    8. Re:Good ole' days... by Longjmp · · Score: 1

      I remember very well.
      Back in the Win 3.x days my boss has brought 99% of infections to the company because he had to stick his floppy into every slot he could find...

      --
      There are fewer illiterates than people who can't read.
    9. Re:Good ole' days... by Runaway1956 · · Score: 1

      Wait - not even a browser hijack? Firefox was hijacked to one of those online virus scan sites, the scan ran, found dozens of infections on my C: drive, and prevented me from closing the window, or leaving that page. I couldn't even close Firefox - had to kill process on Firefox to get out of that mess. That was when I decided to install the add-on, noscript. Completely disabling javascript and plugins isn't really an option these days - but you CAN selectively permit sites! Other than that incident - my history is much like your own. No virus, no trojan, and no antivirus running in the background, stealing half of my CPU power!

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  2. Let the windows hate begin by dadelbunts · · Score: -1, Flamebait

    Soon it will be full of posts about how windows sucks and is horrible. All not realizing that when you have such a huge market share you make yourself ripe for attacks like these. Huge market share + huge number of people using computers being noncomputersavvy = crapton of malware.

    1. Re:Let the windows hate begin by Anonymous Coward · · Score: 1, Insightful

      You know what else are huge targets, and far more valuable than windoze boxes? LAMP servers.

      You're a moron.

    2. Re:Let the windows hate begin by Anonymous Coward · · Score: -1

      In before some idiot mentions that Linux doesn't get nearly as many exploits (because literally no one cares about it on the desktop)

    3. Re:Let the windows hate begin by quickOnTheUptake · · Score: 0

      Which posts will then be followed by posts pointing out that marketshare doesn't account for all the success that malware has had on Windows, but that MS has a few historical cases of a) making social engineering easier and b) making a successful exploit potentially more catastrophic.
      And maybe even a few arguing an overall moribund history of patching known holes.

      --
      Mod points: Guaranteed to remove your sense of humor.
      Side effects may include gullibility and temporary retardation
    4. Re:Let the windows hate begin by pentalive · · Score: 1

      Several factors mitigate this however 1) LAMP servers are not used day to day to surf the web and exchange email. 2) Usually the operator of the server will do as many of the tasks as possible as a non-administrative user, (This prevents a virus from spreading as fast) 3) Usually the operator of the LAMP server will be computer savvy. 4) In a large number of cases the LAMP server is run from a read-only image, or can be quicky re-imaged from a protected source - if malware gets a foothold. All of these are also true for an IIS server.

    5. Re:Let the windows hate begin by Nerdfest · · Score: 1

      Most of these installations are not run by idiots ... you can't really say that about Windows desktops.

    6. Re:Let the windows hate begin by Nerdfest · · Score: 1

      I say "idiots" only because I use the term for any non-expert user. Basically, desktop users are not security experts. They're generally easy to trick into doing things they shouldn't, and they generally user, or can get administrative privileges as they admin their own boxes.

    7. Re:Let the windows hate begin by RyuuzakiTetsuya · · Score: 0

      Why not blame the OS and the CPU architecture underneath?

      System security shouldn't be something users should ever have to worry about. While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."

      x86 CPUs kind of suck for security. Windows as an OS really sucks for security.

      --
      Non impediti ratione cogitationus.
    8. Re:Let the windows hate begin by dadelbunts · · Score: 1

      notavirus.exe looked totally legit

    9. Re:Let the windows hate begin by DocSavage64109 · · Score: 3, Insightful

      yes, because nobody has ever stolen credit card numbers from a LAMP server.

    10. Re:Let the windows hate begin by Anonymous Coward · · Score: 0

      True although modern OSes don't take full advantage of x86 features. x64 was actually a step backwards for security in some lesser known ways.

      It's sad that a negligible 5-10% perf drop generally always results in OSes taking the faster, insecure approach.

    11. Re:Let the windows hate begin by QuoteMstr · · Score: 2

      Don't bother. It's practically an article of faith around here that Windows is badly-made, that Microsoft is a malicious, profiteering drag on innovation, and that Windows OS security is responsible for the spread of malware. This view might have been partially accurate 15 years ago, but in 2011, the worm has turned. Companies are made up of people, and people change and mature. Microsoft is trying to be a good corporate citizen these days, and frankly, I'd be far more worried about Apple, both from a technical-security perspective and from a market lock-in perspective.

    12. Re:Let the windows hate begin by drsmithy · · Score: 2

      System security shouldn't be something users should ever have to worry about.

      What ? That's like saying steering isn't something car drivers should ever have to worry about.

      The end user is the single biggest security risk in any remotely modern system.

      While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."

      What security features were missing until Windows 7 ?

    13. Re:Let the windows hate begin by pandrijeczko · · Score: 2

      With all respect, that's an absolutely facile statement.

      1. Add up the total number of devices that run some kind of Linux kernel in this world and it would certainly exceed the number of instances of OS X being used and may even give Windows a run for its money - I'm talking everything from DVD and media players, through car engine management systems to Internet servers. The number of desktop instances of Linux is probably very small in comparison, I agree, but they could all suffer from security exploits.

      2. Unless you are talking about specific kernel exploits (which ultimately may only ever cause a system to slow down or crash, rather than allow access to the system), then to say "Linux exploits" is meaningless because it depends what applications and services are running on top of that kernel - again, that will be determined by what that particular installation of Linux is expected to do.

      3. Based on the above, then exploits onto a Linux system will occur as a result of an application exploit onto that system - e.g. OpenSSH, Apache Web Server, FTP, etc. Since those vulnerabilities invariably occur in programming errors within the source code, and that source code can probably be ported to a number of platforms including Windows or OS X, then those platforms might also be at risk of the same vulnerability.

      I have no problem with anyone having a go at the low number of Linux desktops because most of who use it just use it and don't care how popular it is. (Yes, there are zealots in ALL user bases.) But if you are going to make a comment then do so from a position of knowledge, rather than basing that comment purely on the FUD you may have heard.

      And to be honest, believing that a particular vulnerability *only* affects Linux may not strictly be true, as I have explained - and that could be dangerous from a seucrity perspective.

      --
      Gentoo Linux - another day, another USE flag.
    14. Re:Let the windows hate begin by RyuuzakiTetsuya · · Score: 0

      What ? That's like saying steering isn't something car drivers should ever have to worry about.

      The end user is the single biggest security risk in any remotely modern system.

      70% of malware results of drive-by infection.

      This is more akin to the idea that I shouldn't worry about hitting the gas or brake pedal in fear of blowing the engine.

      What security features were missing until Windows 7 ?

      A real UAE implementation, NX, ASLR, etc? Windows Vista had some of these features but they sucked, and Windows 7 still sucks by a large margin, Windows 7 just sucks a whole lot less.

      --
      Non impediti ratione cogitationus.
    15. Re:Let the windows hate begin by causality · · Score: 2

      Don't bother. It's practically an article of faith around here that Windows is badly-made, that Microsoft is a malicious, profiteering drag on innovation, and that Windows OS security is responsible for the spread of malware.

      If by "article of faith" you mean "consistent with the long history of this corporation, its products, and its business practices" then I agree. The tone with which you make that statement reminds me of a saying: I'm sorry if the correct way of doing things offends you.

      The only thing I would add to your statement is that the security of Windows is part of the problem. The other part of the problem is Microsoft's insistence (because they make more profit this way and never face liability) on marketing Windows to completely clueless users with claims that it's "easier to use than ever!" etc. A significant fraction of the security problems would be mitigated if Microsoft would be more honest and unambiguously state that their products may endanger the user if the user does not learn about and follow good security practices.

      As it stands now, users have a sense of entitlement which leads them to believe that security is always someone else's job. Those with this mentality are among the first to be compromised. I don't like this any more than you do but I accept the reality of it. The positive side is it means that users willing to invest in their own experience are far less likely to have problems in this area. So everyone gets to make a choice, and choice is good.

      Another significant fraction of the problems would be mitigated if Windows shipped with all non-essential services and background processes disabled by default. A user savvy enough to enable them is more likely to be savvy enough to secure them.

      Companies are made up of people, and people change and mature.

      I don't understand why people feel a need to make statements like this. Was someone claiming that companies are not made up of people? Was anyone stating that people are entirely static entities who never change?

      Microsoft is trying to be a good corporate citizen these days

      I'm sure it's a total coincidence that Microsoft has never been more irrelevant. They are no longer the source of all the new and interesting innovations.

      frankly, I'd be far more worried about Apple, both from a technical-security perspective and from a market lock-in perspective

      Apple made a wise move by basing OSX on BSD Unix. They won't end up reinventing Unix that way and they are starting with a mature codebase that has already experienced a great number of security attacks. Of course that isn't and won't be perfect, but it would be worse still if they started from scratch.

      I absolutely agree with you about the market lock-in. I don't like that no matter who is doing it. It's against the users' interests when Microsoft does it and it's against the users' interests when Apple does it. It represents a failure to put the customer first. The only reason why it's so common in the software industry is that most people don't understand computers.

      Vendor lock-in sends a clear message though unfortunately it largely falls on deaf ears: it means the vendor does not really believe in its products or its excellence and is afraid of having to compete on a level playing field.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    16. Re:Let the windows hate begin by drsmithy · · Score: 2

      70% of malware results of drive-by infection.

      So, an application problem, then ?

      A real UAE implementation, [...]

      I assume you mean UAC. Windows NT has had this since day one, Vista and 7 just made it more automatic.

      [...] NX, ASLR, etc?

      So did other OSes until about the same time. Are you asserting their security, also, was "a giant sign that says, "Please don't own this box."" ?

    17. Re:Let the windows hate begin by pandrijeczko · · Score: 5, Insightful

      System security shouldn't be something users should ever have to worry about. While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."

      Absolute rubbish! And that's coming from me, a mostly Linux user.

      Microsoft made some design mistakes in Windows and cocked up on marketing making people believe that it is entirely possible to use Windows as an inexperienced user and never have to worry about security. In Vista they tried to counteract that bad information by annoying everyone with "in your face" security reminders called UACs, realised they'd gone too far with that and backed off a little in Windows 7. (And that *really* is the extent of my Vista and Windows 7 knowledge because I've not yet used either.)

      But even up to and including XP, if it's patched up to the latest Service Pack and patch version, has a firewall activated, a virus checker and sits behind a NAT router on the Internet, then that system is going to be pretty safe just sitting there.

      The fact is, that XP machine will get viruses and malware because an inexperienced user has not understood what he's doing or has been tricked into clicking something he should not have done. Sorry, but if you insist on downloading cracked games and cracked software from BitTorrent, then you're going to be putting viruses onto the machine that will end up trashing it, it's that simple.

      But, on the other hand, if you get rid of applications like Outlook and IE that hook deeply into the core system, replace them with standard applications like Thunderbird and Firefox (or countless other web and mail clients) that sit *on top* of Windows, rather than *within it*, then that's already going to block a lot of malware getting onto the system in the first place. Then take care with email attachments, stay aware from dodgy software and sites, and like me you'll have several XP systems that haven't seen a virus in years.

      Ever OS (yes, even Linux) has security weaknesses that can be opened up by a user who is not sure about what he/she is doing.

      Windows is *not* an easy system to maintain, XP needs as much care and attention from an administration and day-to-day maintenance perspective than anyone of my Linux servers do, maybe even more so in my case because I'm much better at automating stuff in shell/Perl scripts on Linux than I am on Windows.

      But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it, and your comments don't honestly do any justice to the number of really good Windows sysadmins who make a pretty good job of keeping it secure, in my experience.

      --
      Gentoo Linux - another day, another USE flag.
    18. Re:Let the windows hate begin by drsmithy · · Score: 1

      But, on the other hand, if you get rid of applications like Outlook and IE that hook deeply into the core system [...]

      Please elaborate on how Outlook and IE "hook deeply into the core system".

    19. Re:Let the windows hate begin by drsmithy · · Score: 1

      Apple made a wise move by basing OSX on BSD Unix. They won't end up reinventing Unix that way and they are starting with a mature codebase that has already experienced a great number of security attacks. Of course that isn't and won't be perfect, but it would be worse still if they started from scratch.

      Can you highlight the aspects of Apple's marketing where they "unambiguously state that their products may endanger the user if the user does not learn about and follow good security practices" ?

    20. Re:Let the windows hate begin by RyuuzakiTetsuya · · Score: 1

      But even up to and including XP, if it's patched up to the latest Service Pack and patch version, has a firewall activated, a virus checker and sits behind a NAT router on the Internet, then that system is going to be pretty safe just sitting there.

      This is what I'm talking about. Users are users, they're not a thing for OS vendors to abuse. They live lives outside of the realm of computing too.

      But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it, and your comments don't honestly do any justice to the number of really good Windows sysadmins who make a pretty good job of keeping it secure, in my experience.

      I'm speaking purely in the user space sense. Users shouldn't have sysadmin skills.

      Sysadmins on the other hand, are paid to support and keep systems running. Non-sysadmins typically are already working one maybe two jobs, why are we advocating that they also do technical support for free?

      --
      Non impediti ratione cogitationus.
    21. Re:Let the windows hate begin by pandrijeczko · · Score: 1

      Yes, but the core point I am trying to make is that you simply cannot make a simple statement that an OS is inherently insecure - it very much depends on what other layered security defences are placed around it.

      I would hope that these days, virtually everyone with an Internet connection is using an ISP-supplied NAT router because that alone adds a whole heap of good security protection over any computer just connected to a USB ADSL modem.

      --
      Gentoo Linux - another day, another USE flag.
    22. Re:Let the windows hate begin by causality · · Score: 1

      Apple made a wise move by basing OSX on BSD Unix. They won't end up reinventing Unix that way and they are starting with a mature codebase that has already experienced a great number of security attacks. Of course that isn't and won't be perfect, but it would be worse still if they started from scratch.

      Can you highlight the aspects of Apple's marketing where they "unambiguously state that their products may endanger the user if the user does not learn about and follow good security practices" ?

      Oh I get it. This is more "us and them" fanboyism. It's like when I say that something Obama does is bad for the country, somebody who likes the Democrats has to chime in and say "oh yeah well Bush did this and that and it was bad too!" as though that makes it okay. Like it's a big imaginary zero-sum balance sheet, so if I criticize "one side" I must also be supporting "the other side". You're either with us or against us, right? It's a rejection of objectivity and I refuse to validate it.

      Why would you embrace an artificial duality and limit yourself like that? Your emotions surrounding the Microsoft Corporation and the Apple Corporation cloud judgment that badly?

      Now that I've addressed the origin of your question, I'll address the question itself. Did you notice how I never claimed that "oh, by the way, what I just said about Microsoft's marketing wouldn't apply to Apple"? That was no accident. Microsoft's very visible practice was used as an example to explain a more generally applicable concept. Just like when politicians fuck up the country with their poor decision-making, it's not somehow okay when someone else does it.

      I explained the concept. The reader either understands the concept and where it would and would not apply without me having to spell everything out, or not. If not they ask questions like you just did. Sure, I could have explicitly said "there's no reason why this is any less true of Apple". But why should I go out of my way to pre-emptively accommodate every potential failure to understand what I did say and every potential failure to appreciate that if I didn't say something, it was for a reason?

      I recognize this type of self-limiting "either-or" thinking for what it is: invalid. I accordingly give it no accommodation when writing a post. I hope that answers your question, though I'm betting it's more answer than you bargained for. You could view it as inflammatory or you could recognize it's the only valid response to what you gave me to work with; that part's up to you.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    23. Re:Let the windows hate begin by pandrijeczko · · Score: 1

      I don't claim to be a Windows expert.

      As I understand it, some Microsoft applications have deep hooks into the core OS or libraries that give them higher privileges that what the user running them has - the best analogy I can give is "sudo" in Linux. It is those elevated permissions that allow some scripts or malware to exploit.

      As I also understand it, Outlook and IE can run scripts without too much intervention that can use those elevated permissions also.

      Other than that, I can only speak from years of experience fixing my own Windows PCs and those of friends and relatives. Having told them, over many years, to steer away from Outlook and IE and switch to apps that "sit on" rather than "sit within" Windows, they tell me they get less problems with viruses. I also explain to them how to avoid dodgy email attachments and nasty web sites, that also probably helps.

      --
      Gentoo Linux - another day, another USE flag.
    24. Re:Let the windows hate begin by IorDMUX · · Score: 1

      But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it,

      While I agree that this is part of the problem, the idea does not take into account the serious system security flaws that failed to even involve the user, skilled or otherwise.

      From the article:

      The root of the problem? In those days, Outlook used Internet Explorer to display HTML-based emails. Even though you never saw IE in action, it was there, lurking in the background, running VBS programs without permission. Years later, the Klez worm used the same approach, but with a different security hole.

      --
      >> Standing on head makes smile of frown, but rest of face also upside down.
    25. Re:Let the windows hate begin by drsmithy · · Score: 1

      As I understand it, some Microsoft applications have deep hooks into the core OS or libraries that give them higher privileges that what the user running them has - the best analogy I can give is "sudo" in Linux. It is those elevated permissions that allow some scripts or malware to exploit.

      How did you come to "understand" this patently false proposition ?

    26. Re:Let the windows hate begin by drsmithy · · Score: 1

      Oh I get it. This is more "us and them" fanboyism. It's like when I say that something Obama does is bad for the country, somebody who likes the Democrats has to chime in and say "oh yeah well Bush did this and that and it was bad too!" as though that makes it okay. Like it's a big imaginary zero-sum balance sheet, so if I criticize "one side" I must also be supporting "the other side". You're either with us or against us, right? It's a rejection of objectivity and I refuse to validate it.

      No. I'm merely wondering why you don't criticise consistently. The jab at marketing wasn't the only place, either - you call Apple's BSD codebase "mature", as if Windows was created only few years before Vista was released, when in fact it's the better part of 25 years old, only a couple of years less than NeXT/OS X.

      If you are going to offer "Team A" up as bad because of particular behaviour, it pays not to similarly criticise - if not praise - "Team B" when they're doing the same thing, *especially* when you're comparing them to each other.

    27. Re:Let the windows hate begin by pandrijeczko · · Score: 1

      I'm going to leave it there with this thread, I think.

      This is beginning to feel too much like I'm talking to ELIZA.

      --
      Gentoo Linux - another day, another USE flag.
    28. Re:Let the windows hate begin by cinderellamanson · · Score: 0

      Yes and this year we shall bypass security in order to add a big bloated easy button in the upper left-hand corner of all of our windows! Oh, look, 7 spock impersonators just left engineering AND sales are up! I knew this was a good idea.

      --
      Hey buddy, can i bum a karma? ~}CinderellaManson{~
    29. Re:Let the windows hate begin by cinderellamanson · · Score: 0

      This goes all the way back to netscape vs IE, in essence, if IE is a security nightmare (IE6 anyone?) you cannot replace it for all tasks on the computer and you cannot uninstall the damn thing either. So, you'd download your latest copy of Firefox, lock IE in a patched up dungeon somewhere, only to be forced to reinstall IE, so can run WGA.

      Frak, IE6 is STILL in the wild and you have the gall to ask this? Really?

      --
      Hey buddy, can i bum a karma? ~}CinderellaManson{~
    30. Re:Let the windows hate begin by atlasdropperofworlds · · Score: 1

      What is really telling is that there are now social engineering attacks to get access to people's windows machines. People actually cold call saying how they are from "Microsoft Tech Support" and try to get you to (a) pay for 'warranty' and (b) give them access to your machine using logmein123.com. I've actually had to fix a system because the person just did what he was told to do. Unbelievable. You can't secure a system from it's own administrator, so if the administrator is an idiot, his box is as good as owned.

    31. Re:Let the windows hate begin by atlasdropperofworlds · · Score: 1

      >Apple made a wise move by basing OSX on BSD Unix. They won't end up reinventing Unix that way and they are starting with a mature codebase that has already experienced a great number of security attacks. Of course that isn't and won't be perfect, but it would be worse still if they started from scratch.

      But the world is evolving. Even windows now has a mature code-base that was NT (which further contains significant bits of OS/2). The problems encountered and solved 10 years ago don't apply today. Technology changes and old threats lose relevance in favor of new ones. Besides, OSX itself isn't open source, so we don't have any idea if it's security is moving in the right direction or not anymore.

    32. Re:Let the windows hate begin by Runaway1956 · · Score: 1

      You have a point, albeit, a very small point. *nix boxes were pretty secure on x86, while Windows x86 was insecure. Today, *nix is more secure on AMD64, and Windows is more secure on AMD64 - but still, *nix is far more secure than Windows. As has been mentioned already, it's an attitude. Linux users tend to think of security, while Windows users tend to think in terms of convenience. Maybe we should take a poll, and find out how many *nix users enable auto logon, and how many Windows users enable it. Auto logon means that if your house is burglarized, and the burglar even thinks to look at your computer, he can ALSO wipe out your online banking. Wipe it out in seconds, without having the vaguest clue about how to break into a computer, or an account. How many ways can we spell braindead?

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    33. Re:Let the windows hate begin by drsmithy · · Score: 1

      I'm going to leave it there with this thread, I think.

      Look, it's a pretty simply question. You are asserting that certain Windows applications have "deep hooks" into the OS. WHY do you believe this to be true ? What evidence is there that it is true ?

      I can tell you right now that your belief is false. I am curious as to how you reached it, however.

    34. Re:Let the windows hate begin by drsmithy · · Score: 1

      Frak, IE6 is STILL in the wild and you have the gall to ask this? Really?

      The assertion is that IE has "deep hooks into the OS" that enable "higher privileges", not that it is one of the included components of a default Windows install.

    35. Re:Let the windows hate begin by badkarmadayaccount · · Score: 1

      x86 is actually a great architecture, when you get rid of some cruft (Tru64 (or was it VMS?) handled the migration to Alpha quite well - but the ugly but required for compatibility instructions not even in the microcode - but in the system firmware (SRM)). The instruction encoding could be a tad smarter - to simplify the decoder, but efficient instruction encoding is important, the memory wall has been hit, in a sense, for a long time, and efficient cache usage is a must. Segmentation is a really neat feature, which was not taken advantage of driven by pure laziness, and traditionalism (This assembly sucks! It's meant to be use by a compiler, moron. But I won't be leet anymore - so fuck off.). Register addressing could have been a little smarter - but actually, with segmentation and rings, x86 has top notch security, it's just that nobody uses it. Same thing with WinNT - great security and extensibility architecture, and it went either/both badly implemented, or/and unused.

      --
      I know tobacco is bad for you, so I smoke weed with crack.
  3. Whoops by 93+Escort+Wagon · · Score: -1

    From macro viruses, to interstitial infections,

    Did anyone else read that as "intestinal infections"?

    --
    #DeleteChrome
    1. Re:Whoops by Anonymous Coward · · Score: -1

      Your mom did.

  4. Odd... I just watched a similar article... by Anonymous Coward · · Score: 1

    And it had the dates right. http://www.f-secure.com/weblog/archives/00002094.html Cascade.... now a PE infector! Or not...

  5. WoW by Anonymous Coward · · Score: 0

    So having Windows is a bit like having unprotected sex... excellent!

    1. Re:WoW by Reverand+Dave · · Score: 1

      Unprotected sex is only dangerous if you have a partner or an internet connection.

      --
      I got here through a series of tubes
  6. Dumb security by improfane · · Score: 1

    The losing strategy of trying to enumerate all the bad software in existence is so stupid because bad software outnumbers good software, so why can't we enumerate all the good software - all versions?

    In theory you can never be sure that you've removed malware. A compromised computer is compromised forevermore.

    I honestly think with enough smart people, the right technology and software you can make malicious software less of a problem. Here's an example:

    rather than installing the antivirus on your PC, you take your virus ridden computer to the antivirus shop*. The idea being that the malicious people cannot learn from your antivirus or disable it. Especially if you inspect it offline...

    * Oh shit! I've given them that idea.

    --
    Slashdot needs Geekcode | Can anyone recommend any good SCIFI? My tastes: Foundation, Startide Rising, CITY, Ringworld,
    1. Re:Dumb security by Anonymous Coward · · Score: 0

      And how exactly do you tell when your PC is virus ridden?

    2. Re:Dumb security by Anonymous Coward · · Score: 0

      I hesitate to answer such an impish post, but here goes:

      Enumerating good software requires a central repository, which must then be protected from actual malicious software from getting on the list.
      Overall, it wouldn't work anyway, since the malicious software poses are something "safe" almost 100% of the time, and can travel in several vectors (meaning, it can pose as any number of good programs). Did you read and understand the article?

      Who wants to carry a machine from one location to another just to get it cleaned? Before then, the machine is laden with trojans, which are capturing and selling your personal information and spamming your friends. Have you seen articles where unpatched versions of XP are infected in minutes? Seems like a short amount of time before you again trudge down the ye olde computer store. Do you take your toaster to the store you bought it from to get it cleaned?

      If you are trying to keep Antivirus scanners from landing in the hands of virus writers, you've missed the point. They don't have to go buy a copy. They can pull them from infected machines. They can pull anything they want, that's the neat trick of pwning a box. You don't get security from obscurity, you just complicate things for legitimate users.

      Howabout I give you this idea: There are thousands of people working in this industry, who meet at conferences, who study the individual real/virtual machines, layers and layers of software, and the vectors/methods - in incredible detail. They are smart, some possibly smarter than you. While your armchair quarterbacking comments on /. might be give you a warm feeling of "knowing better" - you haven't suggested anything of value.

    3. Re:Dumb security by badkarmadayaccount · · Score: 1

      I see a market for a x86 PC with a coreboot+XenClient+IllumOS (because of ZFS) system firmware, virtualizing windows, with checksum protection of core system files and registered, with restore from original known-good snapshots, per file. Unsigned executable execution triggers a system call, in turn trapping to the hypervizor, triggering a snapshot, before the first untrusted instruction is executed. On boot the user is presented with the option of a friendly management console, allowing the installation to be reverted cleanly and securely. User data is on a separate partition, hidden, also snapshotted, and transparently integrated with the root win fs with a few registry hacks applied by the hypervizor. That data partition is set to read-only during untrusted executable execution. The hypervizor audits on every boot the autostart processes, and doesn't allow mounting of user data if an unregistered service is detected, such, upon detection are killed immediately, and executables that fail checksum aren't allowed to load. Maybe automatically set up hidden limited accounts with faked access to user data for untrusted executables, all this auditable by the hypervizor at any time.

      --
      I know tobacco is bad for you, so I smoke weed with crack.
  7. Better Link by Nemyst · · Score: 5, Informative

    I wish they'd link to the print page: http://infoworld.com/print/151021

    At least this way you avoid the obnoxious SIX pages layout for what could fit in a single page easily. I know, I know... The submitter is always an InfoWorld employee and /. editors don't know the meaning of the word "edit", but hey, I can still ask? Beg, maybe?

    1. Re:Better Link by Capt.DrumkenBum · · Score: 4, Informative

      Look on the bright side... You are going to get a +5 Informative for posting a simple link. :)

      --
      If I were God, wouldn't I protect my churches from acts of me?
    2. Re:Better Link by Anonymous Coward · · Score: 2, Funny

      Don't take this the wrong way, but does it kill you to hit the print button yourself? I mean, sheesh. I know, I know... you're being tracked as you move your mouse to the button, etc.

    3. Re:Better Link by HatofPig · · Score: 1

      AutoPager for Firefox/Chrome automatically finds all the the div-elements containing article text or other primary page content on paginated websites and stitches them together into a single page dynamically as you scroll down. Can't surf without it!

      --
      Silicon & Charybdis McLuhan Kildall Papert Kay
    4. Re:Better Link by badkarmadayaccount · · Score: 1

      No AutoPager add-on on your FF? Turn in your geek card.

      --
      I know tobacco is bad for you, so I smoke weed with crack.
  8. 'Software improves over 20 years' by Kittenman · · Score: 1

    Is the alternative headline. No shit, Sherlock.

    --
    "The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
  9. 20 Years of malware by ArhcAngel · · Score: 0

    Let's see...There was DOS then Windows 3.x, Windows 95, Windows NT, Windows 98, BOB, Windows ME, Windows 2000, Windows XP, Vista, and Windows 7. I think that's a little more than 20 years actually.

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    1. Re:20 Years of malware by Anonymous Coward · · Score: -1

      Let's see...You're gay.

    2. Re:20 Years of malware by Anonymous Coward · · Score: 0

      Was that really worth typing in the captcha?

  10. Moore's Law of Malware by CrowdedBrainzzzsand9 · · Score: 1

    Someone smarter than I am may have an (informed) opinion about whether malware and other types of attacks will have a Moore's Law-like life cycle. Are the bad guys winning? I'd say that they're winning if they will predictably make use of publicly networked computers in business or at home more trouble than it's worth.. Adding to the bad guys' risks are the good guys who are dancing with the devil with their untapped treasure trove of personal information.

  11. Share! by Anonymous Coward · · Score: 0

    Share! Share! Tweet! Share! Share! Share! Share! Fuck You!

  12. 20 years! by KevinColyer · · Score: 5, Insightful

    Why have we put up with 20 years of Windows virus's for so long?

    TWENTY YEARS!

    What a complete waste of time. And my time is worth much more that the paltry licence fees I have shelled out over the years!!!

    Is there any way to say that this is not an epic fail for the Win16/32 platform? On other platforms (Mac, Linux, other Unix's) the total amount of malware is hardly about 100 items in that time... Even if it is around 1000 (I really don't know) it is insignificant in comparison.

    I have had not one malware issue in ten years of hosting Linux servers and five years as a Desktop OS on multiple PC's. My last Windows issue was a false positive: AVG thinking it had found a torjan in hal.dll and "healing" it. Thanks AVG. Several hours of work to restore that machine... (the re-imaging broke).

    No Windows on every one of my desktops thanks!

    1. Re:20 years! by catmistake · · Score: 1

      Whatever, man, malware on Windows is far superior to any other malware on any other platform, by far. It alone supports an entire industry, and without it, thousands of programmers and researchers and experts would need to find something else to do to put food on their kids' plate. People gotta eat, right?

      --
      The Admin and the Engineer
    2. Re:20 years! by Anonymous Coward · · Score: 0

      FYI: Apostrophes do not mean plural, and they do not mean, "Look out! Here comes an 's'!!!"

    3. Re:20 years! by Anonymous Coward · · Score: 0

      You are so right - how foolish of me!!!!!! How proud Windows users must be that their malware is the most sophisticated in the world! I am deeply ashamed of the poor quality malware on Linux. I'm mean some of it has not even made it out of the lab and into production, it is so rubbish! Woe is me!

    4. Re:20 years! by KevinColyer · · Score: 1

      You will be Really Impressed with my use of Capitals then! And my confusion with ei and ie! Just wait till you see me write in French!!!

      Actually, I was trying to figure out the plural of Unix - is it Unixes or Unices. I figured Unixs would be wring but I guess Unixes is more proper.

      Cheers, ;)

  13. As a Windows Admin by Freaky+Spook · · Score: 1

    I'd have to say Windows 7 is not too difficult too bad these days.

    The biggest problem I have always had with Windows though is the way it manages applications. There are far too many install vectors, from a single binary to various packaged installers.

    Microsoft should have secured this better and reduced the options to developers for installing applications. All it does is confuse the user, and make it more difficult for heuristic scanning to determine what is legitimate or not, plus it allows developers to be lazy.

    The way Linux/Apple have gone with Applications as packages is a much smarter idea.

    Even with Windows 7/Windows 2008 Microsoft still haven't really addressed this. UAC while good doesn't address the underlying problem of the heterogeneous environment(or mess) that Windows applications are.

    1. Re:As a Windows Admin by drsmithy · · Score: 1

      The way Linux/Apple have gone with Applications as packages is a much smarter idea.

      What ? I can get applications onto a Linux or OS X systems via a binary in a zipfile/tarball, via a package manager like Fink/apt/RPM, via a packaged installer, by a simple drag & drop from a disk image, by compiling from source, from a shell archive, and probably others I haven't thought of.

      Your argument is ridiculous on its face. There are *more* "install vectors" on Linux and OS X than there are on Windows.

    2. Re:As a Windows Admin by atlasdropperofworlds · · Score: 1

      I disagree. They are the same, which is too many.

  14. Well... by Anonymous Coward · · Score: 2, Funny

    ...at least something about Windows is innovative.

  15. And 20 years of .... by Anonymous Coward · · Score: 0

    unprotected security holes in windows.
    Some of which have lasted for decades.

    Someone called Windows a 'coagulated heap of spaghetti code' Fitting.
    Except its a insult on spaghetti.

  16. 20 years ago ? by rossdee · · Score: 1

    So before 1991 malware wasn't innovative?

    (I don't really know, I wasn't dealing with "windows" back then, but I was dealing with viruses.- I thought the disk-validator type virus was particularly nasty. Workbench 2 fixed that backdoor, but there were a lot of people running WB1.3 amigas.

  17. Scam by Anonymous Coward · · Score: 0

    "Whale -- at 9KB, the largest virus to date"

    He had me until the second page though.

  18. ~250 on linux at last glance by Anonymous Coward · · Score: 0

    recently i decided to look into the state of linux rootkits, boot kits, etc, I found two programs which scan for and potentially remove native linux viruses; chkrootkit and rkhunter. they had signatures and heuristics for around 260 rootkits.

  19. Quit trying to act as if you've done the job by Anonymous Coward · · Score: 0

    RyuuzakiTetsuya you can quit your play acting already. You aren't a system administrator or a programmer professionally so quit trying to play act like you know what you're talking about.

  20. Quit trying to play expert RyuuzakiTetsuya by Anonymous Coward · · Score: 0

    RyuuzakiTetsuya you're no expert in computing so why are you trying to play expert in it? Give up.

  21. RyuuzakiTetsuya tries to play security expert? by Anonymous Coward · · Score: 0

    RyuuzakiTetsuya care to show us proof you are a certified security specialist? Oh, you don't have that to your name?? How about a Computer Science or Computer Information Systems degree to your name instead at least??? You don't have that either???? Of course not. You're just another wannabe moron trying to play expert.