How Windows Gets Infected With Malware

← Back to Stories (view on slashdot.org)

How Windows Gets Infected With Malware

Posted by timothy on Wednesday October 5, 2011 @03:04AM from the sure-c'mon-in dept.

Orome1 writes "Since Up to 85 % of all virus infections occur as a result of drive-by attacks automated via commercial exploit kits, CSIS has actively collected real time data from them for a period of three months. The purpose of their study is to reveal precisely how Microsoft Windows machines are infected with malware and which browsers, versions of Windows and third party software that are at risk. They monitored more than 50 different exploit kits on 44 unique servers / IP addresses. The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates."

373 comments

Min score:

Reason:

Sort:

70% on fully updated installs. by 140Mandak262Jamuna · 2011-10-05 03:07 · Score: 5, Interesting

Salient point is that, fully updated and patched installs let 70% of the infections through.

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
1. Re:70% on fully updated installs. by houstonbofh · 2011-10-05 03:17 · Score: 1
  
  Mainly because the technology is reactive. We have to see and attack before we can guard against it.
2. Re:70% on fully updated installs. by Moheeheeko · 2011-10-05 03:19 · Score: 3, Insightful
  
  The day that people stop clicking on "want bigger pen0r?" or "see x clebrity naked here" links is the day that 30% jumps to 90%. The fact is is that a fully updated maintaned system is virtually malware proof if the user uses common sense.
3. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 03:23 · Score: 3, Interesting
  
  Even more salient is that only 13% of the successful infections relied on software that was Windows only (10% were IE exploits, 3% were Windows Help exploits).
  All you folks encourgaging your friends and families to buy Macs for the specific reason of their security are in for a world of hurt in a few years when Mac hits ~30+% market share. Kits are already starting to appear.
4. Re:70% on fully updated installs. by Dunbal · 2011-10-05 03:28 · Score: 5, Insightful
  
  Stupid users eh? Explain the following: Yesterday I visited the top site google provided for a search I did. I was not searching for anything particularly exotic or deviant, certainly not pornographic or illegal. Immediately on visiting the site with my Windows 7 machine, Microsoft Security Essentials pops up to alert me of a "severe" threat (Trojan:JS/BlacoleRef.A) it had located in my browser cache (Firefox 7.01). I did what the security program said, and it says the threat was removed. I have no idea if it was removed or not, my only choice with such an obfuscated, complicated OS is to assume that the tools I am given are not lying to me and are doing the job that they are.
  However should I be infected in the above scenario, how exactly does this make me a "stupid user"? I've had a PC since the late 1970's. I can code in ASM, Cobol, Fortran, Basic, C, C++. I like to think I know how computers work. I don't click "Yes" to everything, and I don't run programs from dubious sources anywhere other than a virtual machine. Should I be going through my registry and boot files daily to not be a "stupid user"? Isn't that what an OS is supposed to do for me - take care of the basic functions of my machine while I run the programs I need? Are you just going to troll me by saying "use linux instead you noob"?
  
  --
  Seven puppies were harmed during the making of this post.
5. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 03:30 · Score: 5, Insightful
  
  You say:
  
  Salient point is that, fully updated and patched installs let 70% of the infections through.
  TFA says:
  
  The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.
6. Re:70% on fully updated installs. by networkBoy · 2011-10-05 03:32 · Score: 1
  
  But sadly, average users need better than this.
  Everyone on /. is at least computer literate, likely has fundamentals of data and system level security, and understands the importance of backups (even if they don't do it, they are accepting a known risk).
  The average user thinks that e-mails are private, that 'password' is a bad password but that 'pa$$word', 'mypassword', 'PaSsWoRd', and password123' are all good enough, and that their digital pictures are perfectly safe on their hard drive in their 5 year old PC that has never been opened and physically cleaned.
  I also think Linux is bad for the average user, because while it is more secure than Windows by default, if you muck with it you can cause vastly more damage to the system if you are in the "just enough knowledge to be dangerous" camp. Ubuntu goes a long way towards this, but it needs an even friendlier interface (IMHO) for system setup and config. We won't get that till an OEM adopts it seriously for end user platforms.
  I think the ideal solution is only now starting to be available (mostly to power users). Run everything in a VM jail. XPMode on Win7 is awesome for this. If only is was the default mode of operation, rather than limited to Pro and greater levels of the OS. And if only they made snapshotting and rollbacks easier (other guest OS's would be nice too).
  -nB
  
  --
  whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
7. Re:70% on fully updated installs. by hedwards · 2011-10-05 03:32 · Score: 2
  
  That's the theory behind Immunet, once one of the computers is infected by a new virus it's analyzed pretty much immediately and a signature is added before the virus has a chance to infect more machines. It doesn't stop new infections, but it does diminish the spread.
  I'm not sure how well it ultimately works, but the basic theory behind it is sound.
  Another thing that could happen would be for the ISP to throttle the connection back to dial up speed for infected computers downloading anything other than antivirus software. The main concern I'd have there would be false positives and the inherent reward of throttling users.
8. Re:70% on fully updated installs. by AvitarX · 2011-10-05 03:34 · Score: 0
  
  It wwas in the browser cache, so you are fine (it didn't infect anywhere else, and UAC makes sure it doesn't have the privledge to hide from your virus software).
  If you visted the same site with out of date software, there would be a chance of infectio, but most likely the security essentials + uac would prevent it.
  
  --
  Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
9. Re:70% on fully updated installs. by minstrelmike · 2011-10-05 03:35 · Score: 1
  
  You guys aren't supposed to read between the lines. Stats are supposed to obscure facts, not detail them so even a manager can figure it out.
10. Re:70% on fully updated installs. by UnknowingFool · 2011-10-05 03:36 · Score: 2
  
  But aren't you assuming that the other 87% are fully cross-platform? For instance Java and Flash vulnerabilities exist in both Linux and OS X but don't result in the same issue as those platforms are different. For example, a Flash vulnerability may allow the execution of a bundled .exe file; however that does nothing for Linux/OS X users. For them they would have to get scripts and even then bypass any default settings that don't allow scripts to run automatically.
  
  --
  Well, there's spam egg sausage and spam, that's not got much spam in it.
11. Re:70% on fully updated installs. by houstonbofh · 2011-10-05 03:38 · Score: 1
  
  Are you just going to troll me by saying "use linux instead you noob"?
  User Virtual Box to browse, you stupid Noob! :) It is actually almost to this point. Some of the exploits even work on Linux. Only as the running user, however, so a root exploit means you were a stupid Linux noob running as root. (So far anyway. Tomorrow may be different.)
12. Re:70% on fully updated installs. by CadentOrange · 2011-10-05 03:39 · Score: 2
  
  Your anecdote perfectly illustrates why we need to run AV scanners on our machines. It doesn't matter how careful we are, we are not immune to drive by attacks. At this point, the typical slashdot response is "Run AdBlock/NoScript". This doesn't always guarantee that you'll be safe because what happens if the "safe" site you regularly visit has been compromised and the script you're about to allow is no longer safe? AV packages add another layer of defense, and this is a good thing.
13. Re:70% on fully updated installs. by rsilvergun · 2011-10-05 03:40 · Score: 1
  
  "my Windows 7 machine ... how exactly does this make me a "stupid user"?", well, there's your answer
  
  Sorry, I kid, I kid. But seriously, I feel your pain. My brother put a virus on my PC when he viewed a video about how to teach a kid to ride a bike. Go figure. What I've taken to doing is doing my web browsing in a Vitual Box running Ubuntu + Chrome. It's pretty bullet proof, and even if it gets through it's tough to get out of the V-Box (Yeah, I know it can be done, but who does it?).
  
  --
  Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
14. Re:70% on fully updated installs. by spottedkangaroo · 2011-10-05 03:43 · Score: 1
  
  Unless the scanner didn't know the virus yet. I think you'll find that they don't know about anything from the last month or so. If you check virus total with the various binaries you collect on a mail server, you'll find that literally *most* of them don't get caught in any consistent way by any majority of the virus scanners listed there. It's not just that virus scanners suck, it's that the don't work for anything but the oldest stuff. So I hope UAC can do the job and it isn't a userspace malware setup.
  
  --
  Imagine if you weren't allowed to use roads because a bus company complained about your driving 3 times. --skunkpussy
15. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 03:43 · Score: 0
  
  I'm not sure where you got that figure from the article linked in the post. In fact that seems to be a direct contradiction to its conclusion where it says:
  The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.
16. Re:70% on fully updated installs. by houstonbofh · 2011-10-05 03:44 · Score: 4, Interesting
  
  I also think Linux is bad for the average user, because while it is more secure than Windows by default, if you muck with it you can cause vastly more damage to the system if you are in the "just enough knowledge to be dangerous" camp. Ubuntu goes a long way towards this, but it needs an even friendlier interface (IMHO) for system setup and config. We won't get that till an OEM adopts it seriously for end user platforms.
  I have set up a laptop for 2 different client's wives with Ubuntu. Both were non-computer experts, and kept getting every infection known to man. After setting them up (Over 2 years ago) I never say those laptops again. I still see the clients, but they say the laptops are running perfect. Lost a lot of business there, and from happy clients. :) Ooops...
17. Re:70% on fully updated installs. by Krneki · 2011-10-05 03:47 · Score: 1
  
  It helps, but what can you do if you favorite site serves infected 3rd party adds?
  
  P.S: I do use noscript.
  
  --
  Love many, trust a few, do harm to none.
18. Re:70% on fully updated installs. by ackthpt · 2011-10-05 03:48 · Score: 1
  
  To think with GUI Operating System versions it began with Microsoft's rather optimistic view, with regards to ActiveX, nobody on another networked computer would every think of invading your computer, manipulating it, installing software on it and controlling it.
  Big fan of OTR and impressed when I heard a radio play from the 1950's which predicted unprotected computer hardware being infected... so the concept wasn't new.
  I also spent my early years on a mainframe system, where we were always vigilant to keep aspiring computer science students from exploiting security holes in software and operating system (the fake login program, these days called a Spoof, was a standard entry point for most.) We had pretty hardened systems by the mid-80's, when the mainframes were starting to be replaced by PC-servers.
  I still have this nagging feeling that prevailing attitudes, not just at Microsoft, but among a large number of developers is, "Nah, nobody'd ever do such a thing, so I won't bother trapping it."
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
19. Re:70% on fully updated installs. by AJH16 · 2011-10-05 03:54 · Score: 2
  
  An interesting thought, but something seems fishy there. How does immunet tell that a particular piece of malware is malware? If it can tell automatically, then why not simply prevent it in the first place and updates are not necessary as you now have the perfect AV. If you can't tell automatically, then it relies on an end user to recognize and prevent infection. At this point, it is really relying on the end user and is not really any better than conventional AV.
  
  --
  AJ Henderson
20. Re:70% on fully updated installs. by beelsebob · 2011-10-05 03:56 · Score: 2
  
  Tbf, a large number leveraged flash and acrobat reader. Flash is not installed by default on Macs any more (though is likely to be installed as there's no alternative), acrobat reader is not installed, and is unlikely to be installed due to the existence of preview, and safari's native pdf rendering.
21. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 03:59 · Score: 0
  
  Salient point is that, fully updated and patched installs let 70% of the infections through.
  [citation needed]
22. Re:70% on fully updated installs. by blackicye · 2011-10-05 04:09 · Score: 1
  
  Salient point is that, fully updated and patched installs let 70% of the infections through.
  This proves that no amount of software development can overcome human stupidity.
  I haven't used an antivirus program in over 15 years and have not had any infections in about as long. I do download a free trial of some random antivirus program every year or so and just do a full manual scan before I uninstall it though.
  I like to tell people that the best antivirus that you can possibly install lies between your ears.
23. Re:70% on fully updated installs. by oakgrove · 2011-10-05 04:11 · Score: 2
  
  I used to do the bi-monthly schlep to my mother's house to clean off the latest Google-results-hijack/adware/trojans du jour. Finally one day I told her, "I got something for ya." Installed Ubuntu 10.04 LTS and haven't had a problem since. She's one very happy Linux user.
  
  --
  The soylentnews experiment has been a dismal failure.
24. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 04:16 · Score: 0
  
  I still have this nagging feeling that prevailing attitudes, not just at Microsoft, but among a large number of developers is, "Nah, nobody'd ever do such a thing, so I won't bother trapping it."
  I have to take issue with you characterization of Microsoft's current attitude towards security. It's my opinion Microsoft takes security very seriously and has since the infamous e-mail from Mr. Gates.
25. Re:70% on fully updated installs. by jijacob · 2011-10-05 04:17 · Score: 3, Insightful
  
  The catch here is that *you* set the laptops up. Had you given the wives an Ubuntu CD and left them to their own methods, odds are they wouldn't be so happy.
26. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 04:19 · Score: 0
  
  But aren't you assuming that the other 87% are fully cross-platform? For instance Java and Flash vulnerabilities exist in both Linux and OS X but don't result in the same issue as those platforms are different. For example, a Flash vulnerability may allow the execution of a bundled .exe file; however that does nothing for Linux/OS X users. For them they would have to get scripts and even then bypass any default settings that don't allow scripts to run automatically.
  This study appears to only evaluate Windows platforms.
  It would be nice to see them run it on OSX, and Linux using Java JRE, Adobe Reader/Acrobat and Adobe Flash on those platforms and see what damage was done.
  Then one could make an informed choice as to OS.
  Otherwise, TFA just tells you to update Windows and it's apps as often as possible.
27. Re:70% on fully updated installs. by Hatta · 2011-10-05 04:21 · Score: 1
  
  How many are let through with a fully updated NoScript?
  
  --
  Give me Classic Slashdot or give me death!
28. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 04:26 · Score: 1
  
  exe files arent materially different than Linux / Mac bin files-- if you can tell the OS to execute arbitrary code, the extension is hardly meaningful.
  Regardless, thats not how those exploits work. Machine-code is somehow slipped through the plugin's security measures, and is executed (buffer overflow, etc). That code then downloads the actual exe and dll files that are set up as the permanent infection, and will often attempt privilege escalation at the same time (and if successful, will often overwrite the MBR with an infected copy). But it isnt like Oracle simply forgot to remove the "System.runWindowsOnlyExeFile" command, or the "system.IO.writeInfectedMasterBootRecord" command (really, who comes up with these names?)
  If you doubt me, reviewing the attack methods of the past 4-5 years of Pwn2Own would be informative.
29. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 04:28 · Score: 1
  
  Flash is also not installed by default on Windows, nor is Java (though your OEM vendor may slip it in on you). That doesnt matter; the first time the user visits youtube, they will get Flash, and that will likely be the version of Flash they have for the next umpteen months until their local friendly geek updates them. (does Mac system update cover java?)
30. Re:70% on fully updated installs. by maxwell+demon · 2011-10-05 04:37 · Score: 2
  
  It helps, but what can you do if you favorite site serves infected 3rd party adds?
  P.S: I do use noscript.
  AdBlock Plus.
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
31. Re:70% on fully updated installs. by ThePilgrim · 2011-10-05 04:43 · Score: 4, Insightful
  
  Except having it set up is how most people receive windows
  
  --
  Wouldn't it be nice if schools got all the money they wanted and the army had to hold jumble sales for guns
32. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 04:46 · Score: 0
  
  Is Win 2000 really that resistant?
  Hardly!
  Almost anything XP gets will also infect 2000.
  I'm guessing the author has simply stumbled upon a crude method to approximate the installed base.
33. Re:70% on fully updated installs. by Synerg1y · 2011-10-05 04:46 · Score: 1
  
  I think anon is referring to users who open email zip files from unknown senders and who don't bother to install an AV to start...
  Being a coder doesn't make you a bad / good computer user... it's just different. By seeing the grains you may have trouble seeing the big picture. Security knowledge is what is required to know if your infected or not... or you can just trust MS... or you can not store anything sensitive easily accessible on your computer (cached browser passwords are a sec joke, you can google how to extract them... it works, I've had to help some "stupid" users who can't remember theirs).
  I've known coders who can't set up their own environment, much less configure a computer (not saying this is you by any means). A browser is a ready made program, it has nothing to do with whether the user knows how to code or not (unless your making extensions) and the difference is how well you know the options, and a level deeper... what do the options do that is not listed in the UI, as in how do they tie together.
  Lastly, if your truelly truelly curious and are willing to let your computer drive you crazy for a week or two, look into comodo anti-virus, it provides that granular view into the workings of your computer by blocking everything until you allow it (in the right configuration that is in their documentation), and if you don't know something is, you can google it, if google doesn't know, it's probably safe to block. On that note, I run security essentials, cause I'm way too lazy to care about little things like this, all my data is behind encryption mostly on external drives, nobody's going to write an exploit that can successfully get at that.
34. Re:70% on fully updated installs. by JDG1980 · 2011-10-05 04:53 · Score: 2
  
  How many users are willing to have all websites broken by default until each one is explicitly whitelisted?
35. Re:70% on fully updated installs. by Endo13 · 2011-10-05 05:03 · Score: 1
  
  And what's to say that same site didn't also have another infection that wasn't caught?
  You make some very interesting points.
  
  --
  There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
36. Re:70% on fully updated installs. by Dunbal · 2011-10-05 05:06 · Score: 1
  
  Being a coder doesn't make you a bad / good computer user...
  No I agree. Especially if you learn to code in a cookie-cutter university environment. However I taught myself everything I know about computers back when computers were far simpler than today. I knew how to peek and poke to memory, deal with interrupts and DMA channels and even sometimes write my own drivers before most of today's coders left their diapers. I have intimate and fairly obsolete knowledge not only of CPU's and their supporting chips, but I understand on a fundamental level how a computer works, just like the first automobile owners back at the turn of last century had no need of a mechanic. But curiously operating systems (including linux) have become bloated. "Features" have become interdependent. I believe it's gotten to a point where one single person is now incapable of knowing all the little details of an OS and all the housekeeping it does in the background. So even someone who really, truly understands computers like myself can easily have the wool pulled over his eyes through some attack vector unknown to him.
  
  look into comodo anti-virus
  I tend to avoid 3rd party security software because of previous bad experiences with Zone Alarm and FreeAVG to name but a few (skipping over the obvious McAffee and Norton). They tend to start off well and then when they reach some sort of critical mass suddenly the company decides it wants to force you to have anal sex with it. No thanks. At least Microsoft screws me up front.
  
  --
  Seven puppies were harmed during the making of this post.
37. Re:70% on fully updated installs. by David_Hart · 2011-10-05 05:06 · Score: 1
  
  I'm not sure that I agree with the extrapolation that 70% of patched systems "let" the infections through. The article talks about drive-by automated attacks but seems to mix in statistics for more general attacks. As long as the system is fully patched, there are no zero-day exploits, and there is no physical access, then the system should be safe. My thought is that the remaining 70% is due to user activity, rather than a fully patched system being exploitable.
38. Re:70% on fully updated installs. by oakgrove · 2011-10-05 05:22 · Score: 3, Funny
  
  And if you think that would be bad, imagine giving them a Windows CD.
  
  --
  The soylentnews experiment has been a dismal failure.
39. Re:70% on fully updated installs. by Teknikal69 · 2011-10-05 05:24 · Score: 0
  
  If my experience is anything to go by they are just avoiding the guy who put the weird OS on their laptop none of their programs installed on and probably don't want you to do it again.
  I would almost be certain they are bothering someone else with their windows problems now. Not a bad strategy actually.
40. Re:70% on fully updated installs. by mangu · 2011-10-05 05:26 · Score: 0
  
  Are you just going to troll me by saying "use linux instead you noob"?
  Why not? In Linux you don't need to go through your registry and boot files daily to not be a "stupid user", Linux does what an OS is supposed to do for you - take care of the basic functions of your machine while you run the programs you need.
  Linux is easier to install, easier to configure, easier to use. Why not use Linux instead?
41. Re:70% on fully updated installs. by gtall · 2011-10-05 05:31 · Score: 1
  
  "does Mac system update cover java?" Nope, as of OS X 10.7, java is your problem, not Apple's.
42. Re:70% on fully updated installs. by 140Mandak262Jamuna · 2011-10-05 05:36 · Score: 1
  
  Salient point is that, fully updated and patched installs let 70% of the infections through.
  [citation needed]
  I know you are not supposed to read the Fine Article, but not even the summary? The summary quotes the very article to mention the 31.x% statistic.
  The article also says 99.8% of the infections happened due just five software. Cant understand that. On top of it, it splits Adobe into two pieces Flash player and Pdf reader. Thus the top prize goes to Java JRE. But there it clubs an array bounds violation with ActiveX vulnerability in the deployment tool. Looks like the article has the stench of a shill setting it up for Microsoft/Adobe to claim "Java has the top prize for being vector of malware".
  
  --
  sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
43. Re:70% on fully updated installs. by Moheeheeko · 2011-10-05 05:38 · Score: 1
  
  This largely depends on what you google. Something mainstream and well known will usually net you posotive results on the first link, other things not so much. It pays to read the url before clicking the link.
44. Re:70% on fully updated installs. by Pope · 2011-10-05 05:41 · Score: 1
  
  Yes, the built-in Software Update service on OS X includes some Java updates, but with Lion, Java is no longer installed by default. http://support.apple.com/kb/DL1421
  
  --
  It doesn't mean much now, it's built for the future.
45. Re:70% on fully updated installs. by Synerg1y · 2011-10-05 05:42 · Score: 1
  
  I've never known anybody to use Zone Alarm, I've hosed a few windows with FreeAVG > killed performance and uninstalling didn't do as much as it should have...
  Comodo is hard to use, but a lot better than the ones you've mentioned, and though I tend to conform to your view on third party software, think of comodo as a layer between the user and the OS that prompts for user interaction to let the OS do anything. Definitely, don't use it if you don't want to though, but you do have the wrong impression of what I am referring to :)
  Easiest way would be to set up another windows instance and play with it, as you probably regret not doing with AVG :)
  If you think malware / spyware is sketchy on a windows box, root kits are just plain out creepy
  http://www.bleepingcomputer.com/startups/rootkit.html
  The rootkit is what makes me want to reinstall windows on compromised machines than try and fix em,
  http://www.bleepingcomputer.com/startups/rootkit.html
46. Re:70% on fully updated installs. by ak3ldama · 2011-10-05 05:44 · Score: 1
  
  We have monitored more than 50 different exploit kits on 44 unique servers / IP addresses. Our figures come from the underlying statistical modules, thereby ensuring an as precise overview of the threat landscape as possible.
  The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates.
  
  --
  "but money is the God of Algiers & Mahomet their prophet." - Rich. O'Bryen June 8th 1786
47. Re:70% on fully updated installs. by ewanm89 · 2011-10-05 05:52 · Score: 1
  
  Unless it's a privilege escalation exploit.
48. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 05:54 · Score: 1
  
  :\ one would have hoped they would have started moving towards "best of Windows and Linux", not "we're putting more things on the user's plate".
  Seriously, why cant MS and Apple get on the "update repository for desktops" bandwagon?
49. Re:70% on fully updated installs. by UnknowingFool · 2011-10-05 05:55 · Score: 1
  
  The problem is that you are assuming arbitrary code execution rather than arbitrary file placement. Both are bad but there is less severity in file placement depending on where the file is located. If files can only be saved to user directories but not executable there is less risk. As for Pwn2Own there were different categories. One was code execution and one was file placement and one was reading user files.
  
  --
  Well, there's spam egg sausage and spam, that's not got much spam in it.
50. Re:70% on fully updated installs. by amicusNYCL · 2011-10-05 06:03 · Score: 1
  
  I think anon is referring to users who open email zip files from unknown senders and who don't bother to install an AV to start...
  Maybe, but the 70% number quoted, and this study, dealt with drive-by browser installs rather than emailed zip files.
  
  --
  "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
51. Re:70% on fully updated installs. by lpp · 2011-10-05 06:15 · Score: 1
  
  The report only shows how many machines were running each browser or OS on the infected machines. They don't report how many machines in total had those browsers or OSes. So it may be that 100% of the Win98, Win2k and Win2003 installations were infected but they represent such a small subset of the total userbase that the percentages in the pie charts are also relatively small.
  Additionally, the browser report doesn't break out different versions of IE and Firefox. The fact is a lot of people are still using IE7 and maybe even IE6. IE8 is an improvement and IE9 even more so. Likewise, I still see a number of FF3 users and FF4 users. I would lump FF5 through FF7 together because, really, wth not. Practically the same anyway. But FF5+ represents an increase in safety over FF4.
  I would have liked to have seen relative infection rates within each browser and OS version. That is, it's nice to know the percentage of infections that involved Windows XP, but I would also like to know what % of Windows XP users became infected. Even then you aren't controlling for varying levels of user experience and ability to avoid infection, or anti-malware installations, but I suppose there are limits to all data collection.
52. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 06:21 · Score: 1
  
  I assume that for a few reasons. If the exploit relies on being able to stick exe files in dangerous locations where they will be executed by the os (like naming it notepad.exe and sticking it in %windir%), it has several additional issues to deal with-- chiefly, if the user does not have admin credentials, the infection will likely fail.
  Having machinecode download and execute code from the %temp% folder is much more reliable, doesnt rely on admin privileges, and is unlikely to be blocked-- if you try to block file execution from temporary folders, it breaks basically every software updater in existence (as they extract to %temp% and then run an extracted exe or msi).
53. Re:70% on fully updated installs. by Cramer · 2011-10-05 06:22 · Score: 1
  
  UAC only stops the lazy and dumb. There have been numerous published means of evading it and doing bad things. (completely unknown to the user.)
54. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 06:26 · Score: 1
  
  The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.
  
  The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates.
  (emphasis mine)
  
  Salient point is that, fully updated and patched installs let 0.0626% of the infections through.
  (ftfy)
  I know that hating on Microsoft is supposed to trump reading comprehension but the e-pedant in me can't let this one go.
55. Re:70% on fully updated installs. by kermidge · 2011-10-05 06:27 · Score: 1
  
  Right on. The reflexive riposte of "stupid users" is often wrong-headed. For decades personal computers have been marketed as appliances. Expecting the general user to become hip to HIPS, AV, doing updates to their piece-meal systems (OS, drivers, apps, etc.) is unrealistic. Any admonishments or usage tips regarding security or safe surfing presented to the customer are, I suspect, merely things to be clicked through by them to get to doing whatever it is they wish to do.
  Trying to convince people even to do updates often as not falls on deaf ears. For instance, among other things, I've recommended to Windows users for years to use Secunia - first their on-line scanner and now their excellent PSI. It helps, but only if people take heed or let me install it.
  The suggestion for using a virtual machine for browsing (apart from licensing issues) is a good one, but who amongst the general user population will even be aware of this, let alone do so?
  Expecting general users to educate themselves to become proficient in doing their own security and incorporate best practice is little more than an elitist cop-out. Unless and until suppliers put useful security at least on par with marketing's out-the-door bling, I don't see the situation improving. Transparent updates for all software, provided the vendor is trusted, the update is verified to work (without regressions) and old versions verified as being completely removed might help. I'm not holding my breath.
  Hells bells, even with the big improvements in fllters, we've managed to do little to even remove spam from the networks this past decade.
  [In the hope of saving some the trouble of typing, I've been using Linux as my main OS for several years; all Windows installs are as virtual machines.]
56. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 06:31 · Score: 0
  
  So, how is for example a Windows Help infection going to work on a Mac?
  I have been using Linux since the previous century and still haven't had a single exploit on my machines and I click things with wild abandon, just the way the internet gods intended them to be clicked.
57. Re:70% on fully updated installs. by Agent0013 · 2011-10-05 06:45 · Score: 0
  
  The catch here is that *you* set the laptops up. Had you given the wives an Ubuntu CD and left them to their own methods, odds are they wouldn't be so happy.
  Right, because they were so capable of re-installing Windows on their own anyway!!
  
  --
  
  -- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
58. Re:70% on fully updated installs. by Optic7 · 2011-10-05 06:46 · Score: 1
  
  I have no idea if it was removed or not, my only choice with such an obfuscated, complicated OS is to assume that the tools I am given are not lying to me and are doing the job that they are.
  Can you give us an example of how another "better" OS would have handled this differently?
  BTW, I largely agree with you and laugh at people who don't run real-time AV scanners on their machines, like a CS student I met once. But I don't get your point with that sentence though because I don't know how another OS would have done it better.
59. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 06:57 · Score: 0
  
  That's not fair. Just because it wasn't directly a IE or help exploit doesn't mean other operating systems automatically have whatever issue was exploited.
60. Re:70% on fully updated installs. by mlts · 2011-10-05 07:01 · Score: 1
  
  Malware doesn't need UAC to deliver a payload. A lot of stuff can run as a user:
  1: Slurping up files.
  2: Obtaining keystrokes can be done with some software in userland.
  3: Some Web browsers install in the user's home directory. Hooking into that or modifying the executable directly isn't difficult.
  4: Running a botnet client can be done.
  5: User documents can be encrypted with an obnoxiously large public key and a note left where to send the random money.
  6: Caches can be riffled through to look for contacts to target for spear phish attacks.
  Even without Administrator access, malware can do a number on a user. Heck, even without leaving the context of the Web browser, it can sit and wait until someone logs on their bank, then use the authentication cookies to perform a transfer while putting up a bogus screen for the user (like site is down or whatnot.)
61. Re:70% on fully updated installs. by Riceballsan · 2011-10-05 07:02 · Score: 2
  
  Well in theory, if you rigged a computer with a baseline install, and the 3 major browsers and perhaps flash, ran a script to make it visit random pages, but not download or install any files or programs, upon reboot any process running is almost certainly malicous.
62. Re:70% on fully updated installs. by _0xd0ad · 2011-10-05 07:05 · Score: 1
  
  An exe is not just arbitrary code. It has a header which contains information about the executable and it can contain entirely different sections for execution under Windows/DOS. A DOS executable header begins with the characters "MZ". Windows executables are denoted by "PE". Most Windows applications will have a DOS MZ executable stub at the beginning, before the PE section, to display "This program cannot be run in DOS mode." and exit.
  http://www.fileformat.info/format/exe/corion-mz.htm
  Now, if you were talking about a DOS .com compact executable, yes. Nothing but pure arbitrary code.
63. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 07:06 · Score: 0
  
  I don't think that's what the article means. Trying to reconcile these two statements:
  The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates.
  The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.
  I gather that the first statement means 31.3% of the half million users covered by the study were infected due to missing security updates. The remaining ~70% either got infected with full security updates or not infected at all.
  Among all infections, 99.8% were caused by lacking of update of 5 specific packages. So the total number of users infected, with or without full security updates, is a little bit more than 31.3%.
64. Re:70% on fully updated installs. by vtcodger · 2011-10-05 07:08 · Score: 1
  
  **All you folks encourgaging your friends and families to buy Macs for the specific reason of their security are in for a world of hurt in a few years when Mac hits ~30+% market share. Kits are already starting to appear.**
  Yep. And predictably in a few years, kits will include Ubuntu as well as Windows and Mac. And in a few more years, Unix in general will be only marginally more secure than Windows. In point of fact, Unix uses pretty much the same implementation technologies as Windows, and has pretty much the same types of vulnerabilities. IMHO, the notion that Unix is substantially more secure than Windows is almost surely delusional. It's obscurity that protects Unix, not superior technology.
  
  --
  You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
65. Re:70% on fully updated installs. by Shoe+Puppet · 2011-10-05 07:11 · Score: 1
  
  Like, app stores?
  
  --
  (+1, Disagree)
66. Re:70% on fully updated installs. by AliasMarlowe · 2011-10-05 07:12 · Score: 1
  
  Salient point is that, fully updated and patched installs let 70% of the infections through.
  What are you, some kind of Microsoft basher? Fully updated and patched installs accounted for barely 68.7% of infections, not 70%...
  
  --
  Those who can make you believe absurdities can make you commit atrocities. - Voltaire
67. Re:70% on fully updated installs. by Riceballsan · 2011-10-05 07:14 · Score: 3, Interesting
  
  Installing a modern linux OS, is generally easier then windows, even for someone who has never used linux before.
  typical linux install, insert CD, boot computer, click the install linux button (by default it will ask to downlaod the updates, and does so in this step), hit next, accept the defaults. computer boots back up, ready to go with a word processor, firefox and almost everything they need ready to go.
  windows 7. insert install CD, hit next, accept the defaults, computer boots back up, look for manufacturs CD to install any missing drivers, find printer drivers, find Office CD or go to webpage to download open or libre office, install antivirus, agree to windows updates, reboot, install more updates, reboot. Done.
  There are a few exceptions to the list, and it's not uncommon for windows to have all of the drivers ready for you, But oddly in all installs of linux I have done recently, everything I have ever thrown at it has been automatically detected and ready to go on reboot, and I do admit the antivirus would be necessary if linux were to ever fall into the common for average users to get category.
68. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 07:22 · Score: 0
  
  That's interesting (+4). When I installed Ubuntu on my wife's laptop, she couldn't tolerate it and demanded I put Windows (any version) on it. I put Windows 7 on it. She said the UI was inconsistent and the fonts were unreadable. She couldn't find anything and couldn't even figure out how to get her task bar at the bottom of the screen. It hard locked on her twice and one time the window manager crashed and she had to power it off to get it rebooted and normal again.
  My 4 year old couldn't stand it either. Her main issue was flash game compatibility (really all she uses the computer for) and because she couldn't get the volume right. It was as if the volume scale was linear rather than logarithmic. It took about a day for her to royally fuck up her Ubuntu install.
  I put Windows 7 on her computer as well. It's snappy and she enjoys that everything just works. Volume controls sync between audio sources in different applications seamlessly. She's never been able to fuck anything up. Anything that could potentially be a fuck up raises a UAC prompt and it prompts for the admin password. The machine runs updates nightly, virus scans with MSE, etc. Never has found anything. Probably because she can't install anything to it.
  I couldn't even figure out how to get a non-admin user setup for her on Ubuntu. This was two years ago. Disclaimer: I have an MCP, MCSA, MCSE, MCITP SA, and MCITP SE. Obviously, I'm pretty keen on configuring a Windows system. Everything in linux is just inconsistent and cumbersome to me. Too much hassle to fuck with it and not enough time when there is a life to live.
69. Re:70% on fully updated installs. by hairyfeet · 2011-10-05 07:22 · Score: 1
  
  There is also an easy way to solve it, that is the combo of Comodo Dragon and Avast Free. you simply use the Dragon's built in secure DNS, which is constantly updated and will block any site that has malware (you can of course choose to go to the site anyway but Comodo tells you what malware is on the site so if you continue its your own stupidity) and if there happens to be a site Comodo doesn't catch (haven't seen one yet, but possible) then Avast, which scans the page BEFORE it loads will catch it and put a screeching halt to the page load and throw up a warning, again listing the malware that was detected.
  Using this combo my users, some of which would get more viruses than a Bangkok whore, went down to nothing. Zip, zero nada, squat. I even loaded it on an XP test box (because XP security sucks compared to Win 7, which is what most of my users are now on) and just started clicking every link in my spam folder, just to see if I could infect the thing. I got a bazillion stop loads by Comodo along with Avast saying I shouldn't go to that site, but as long as I didn't click ignore, which should be called the "yes I'm a moron please infect me' button, all was golden. I ran three different offline scanners, two boot CD scanners, and two online scanners, and nothing. Zip zero nada squat. Then add in Win 7 with ASLR and DEP and you have a box that I can hand to my worst users and not have to worry about it coming back except for hardware upgrades.
  So you CAN lock Windows down nicely, it just takes a little thought, that's all. I tried the same experiment with MSE and 3 got through, AVG let 2 past, Adaware Free also caught everything though, so if you prefer it over Avast its good. I've simply found my customers like Avast, especially that nice little female voice that Avast uses. But with the above you too can let your worst users loose on the net and go have a beer, confidant you won't be dealing with a zombie when you get back.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
70. Re:70% on fully updated installs. by 140Mandak262Jamuna · 2011-10-05 08:07 · Score: 1
  
  Thanks for parsing it buddy. Had not fully understood what the article was saying.
  So only 31.3% of the exposures resulted in infections. And almost all the infections were due to lack of updating just five packages. So 70% of the time even un-updated machines/software did not result in infection. This casts a completely different light (and makes me look pretty dumb, make it just dumb, I'm not pretty).
  Also the study divided flash player and pdf reader as two different packages. But lumped Java JRE update tool vulnerabilities with JRE array bounds violation. Cant figure that out.
  
  --
  sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
71. Re:70% on fully updated installs. by Zamphatta · 2011-10-05 08:36 · Score: 1
  
  So basically the authors fond the real answer to "how Windows gets infected with malware", is "by using it."
72. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 08:39 · Score: 0
  
  Well, I don't know if that guarantees it's malicious, but you can be certain it used an exploit to get in.
73. Re:70% on fully updated installs. by Nutria · 2011-10-05 08:43 · Score: 1
  
  She said the UI was inconsistent
  I dispute that, but it's really subjective opinion, since GNOME 2 seems very consistent to me.
  
  and the fonts were unreadable.
  2001 is calling, your unreadable fonts were just fixed...
  Seriously, are you sure that you didn't install Debian?
  
  Her main issue was flash game compatibility
  I installed Ubuntu 10.04LTS on my wife-kids PC and everything's hunky-dory. The kids play flash games, the wife watches recent TV shows on network web sites and they all read email and write the occasional document.
  
  I couldn't even figure out how to get a non-admin user setup for her on Ubuntu.
  WTF?
  Minimum-privs is the *default*.
  
  I have an MCP, MCSA, MCSE, MCITP SA, and MCITP SE. Obviously
  If you can't use Ubuntu, then you're obviously a drooling idiot who *should* stay on Windows.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
74. Re:70% on fully updated installs. by Nutria · 2011-10-05 08:44 · Score: 1
  
  what can you do if you favorite site serves infected 3rd party adds?
  Get your pr0n from usenet?
  
  --
  "I don't know, therefore Aliens" Wafflebox1
75. Re:70% on fully updated installs. by Nutria · 2011-10-05 08:51 · Score: 1
  
  But FF5+ represents an increase in safety over FF4.
  How so?
  
  --
  "I don't know, therefore Aliens" Wafflebox1
76. Re:70% on fully updated installs. by Nutria · 2011-10-05 08:59 · Score: 1
  
  How many users are willing to have all websites broken by default until each one is explicitly whitelisted?
  Exactly. I deinstalled Noscript 2 years ago because it's just a big fat hassle. Sadly, ABP is creeping in that direction on web sites with lots of video on it.
  Flashblock is still a Big Win, though.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
77. Re:70% on fully updated installs. by WorBlux · 2011-10-05 09:10 · Score: 1
  
  Usually you can Crtl+Alt+F1, run top and then kill whatever program is responsible for it. As for in application volume, you can usually set which mixer is targeted. To move a panel you have to take the lock off first in the panel settings. Flash Compatibility.. really not much you can do there though it has gotten better in the past two years. For a non-admin user go and make an account, then remove the user from the admin and wheel groups. Of course it takes time to learn all this, and if you are already a advanced expert in a totally alien system I can see why you wouldn't bother though it's not particularly difficult. In fact learning it might jeopardize all sorts of muscle memory and normal memory that you need for work.
78. Re:70% on fully updated installs. by Dunbal · 2011-10-05 09:12 · Score: 1
  
  This largely depends on what you google.
  Something related to EVE Online character skills?
  
  --
  Seven puppies were harmed during the making of this post.
79. Re:70% on fully updated installs. by jefe7777 · 2011-10-05 09:13 · Score: 1
  
  true. but this just tells me that all of the following together while not perfect, is about as good as it gets:
  - up to date on everything
  - user skilled in spotting oddities
  - noscript/adblock
  - sandbox
  - good security software
  and if one is going to do any browsing in the seedier corners of the net, then a full VM.
80. Re:70% on fully updated installs. by lennier · 2011-10-05 09:13 · Score: 1
  
  Also the study divided flash player and pdf reader as two different packages. But lumped Java JRE update tool vulnerabilities with JRE array bounds violation. Cant figure that out.
  Possibly because Flash Player and Adobe Reader are two separate downloads, each with their own auto-updater, while Java JRE with its auto-updater is one download?
  Makes sense to me.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
81. Re:70% on fully updated installs. by lennier · 2011-10-05 09:18 · Score: 1
  
  It's my opinion Microsoft takes security very seriously.
  Indeed. In fact, all Microsoft developers are required to take a strict regimen of humour-suppressing drugs in order to protect them from bouts of spontaneous uncontrollable giggles as they compile the monthly Patch Tuesday list of "privately reported" buffer overflows which their ten years of uber-security focus on top of decades of advanced compiler technology have somehow failed to detect before shipping.
  Working in that kind of environment is no joke.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
82. Re:70% on fully updated installs. by Dunbal · 2011-10-05 09:27 · Score: 1
  
  Can you give us an example of how another "better" OS would have handled this differently?
  Not allowing code to be executed from data segments and not allowing any program to run anything with system level privileges would be a start. This whole concept of having a remote server even be able to execute code on your machine is sheer lunacy. Yeah in a perfect world it's a hell of a concept - centralize the work and every computer becomes a dedicated, specialized terminal. But the world is not perfect. Why oh why do we insist (active desktop, RPC, activex, java, flash) on even allowing remote execution - intentional or not?
  
  --
  Seven puppies were harmed during the making of this post.
83. Re:70% on fully updated installs. by WorBlux · 2011-10-05 09:27 · Score: 1
  
  Considering how most infection are through non-updated vectors and most Mac OS X and most linuxes have a package manager that updates everything together I somehow doubt it. Also there aren't a lot pirated version running around without updates. Fixing bugs quickly and distributing the fix widely is the first defense against malicious code. Also the Sun JRE and acrobat packages are rarely on linux boxes, Open JRE and okular or evince are preferred.
  "The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages."
84. Re:70% on fully updated installs. by Moheeheeko · 2011-10-05 09:31 · Score: 1
  
  Somone wanting to get your EVE info and steal your account. Any mmo search runs that risk.
85. Re:70% on fully updated installs. by houstonbofh · 2011-10-05 10:00 · Score: 1
  
  Nope. Their husbands are still clients, and I run into them from time to time. They are still running it, and happy.
86. Re:70% on fully updated installs. by houstonbofh · 2011-10-05 10:04 · Score: 1
  
  I couldn't even figure out how to get a non-admin user setup for her on Ubuntu. This was two years ago. Disclaimer: I have an MCP, MCSA, MCSE, MCITP SA, and MCITP SE.
  This is one reason MS Cirts mean nothing... You could not wander the menu to System -> Administration -> Users and Groups? Your could not click on "Add User" and choose "Desktop?" What will you do when the next Windows comes out?
87. Re:70% on fully updated installs. by Optic7 · 2011-10-05 10:06 · Score: 1
  
  Again, agreed on the general premise, but to me it doesn't seem like that's what it did at all. It seems like the AV scanner detected an incoming file in the cache that contained a javascript threat, not necessarily that an execution of that threat was attempted. Of course, the threat would be there to be run at some point, and like I said, I also really wonder how malware is executed at all, but I think that this is an important distinction. I still think that except for malware that comes through unpatched java/flash/acrobat or 0-day exploits, most of the malware that gets installed is due to the user clicking on the prompts that come up asking them in not so many words if it's ok to infect their computer with malware.
88. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 10:08 · Score: 1
  
  Its a hair-splitting distinction. If you can point at a random data blob and tell the system "run the code contained therein", you are running arbitrary code.
89. Re:70% on fully updated installs. by LordLimecat · 2011-10-05 10:11 · Score: 1
  
  A), you failed to read my post where I mentioned that 3% of the infections were through Windows Help.
  B), the linux marketshare is so absolutely insignificant that you wont be seeing professionally packaged, commercially available (black market) malware kits for linux for a long long time. Macs, on the other hand, are already starting to get their share of them, as their market share is 15-30x higher than Linux's.
90. Re:70% on fully updated installs. by scot4875 · 2011-10-05 10:42 · Score: 1
  
  My 4 year old couldn't stand it either. Her main issue was flash game compatibility (really all she uses the computer for) and because she couldn't get the volume right. It was as if the volume scale was linear rather than logarithmic. It took about a day for her to royally fuck up her Ubuntu install.
  There you have it, folks: AC's 4-year old daughter isn't a big fan of Ubuntu. Adjust your recommendations accordingly.
  --Jeremy
  
  --
  Jesus was a liberal
91. Re:70% on fully updated installs. by hedwards · 2011-10-05 10:58 · Score: 1
  
  It's not any more suspicious than any other antimalware program. The typical way of telling is that you run the file and see what happens. Of course you don't want to run the file on your computer, but I remember years ago when antivirus software started actually running the programs in a VM to see if it tried to do anything suspicious.
  Ultimately you're going to get false positives from time to time, but that's the case with any software and if it gets it wrong you'll hear about it.
92. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 11:05 · Score: 0
  
  Have you turned on a Windows 7 pre-load for the first time? "Set up" hardly describes the situation.
93. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 11:50 · Score: 0
  
  The catch here is that *you* set the laptops up. Had you given the wives an Ubuntu CD and left them to their own methods, odds are they wouldn't be so happy.
  I have given people the Mandriva CD to install it themselves and they seemed to do OK. It seems to pick sane defaults "out of the box".
94. Re:70% on fully updated installs. by Cryptimus · 2011-10-05 13:09 · Score: 1
  
  Wrong. On the contrary, the article - if you read it - specifically says the following:
  The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.
  So, fully patched installs let through 0.2% of infections.
  The 31.3% figure refers to the percentage of infections relative to exposure. In other words, it's the infection success rate over the entire data set.
  Thank you, come again!
95. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 13:09 · Score: 0
  
  I also think Linux is bad for the average user, because while it is more secure than Windows by default, if you muck with it you can cause vastly more damage to the system if you are in the "just enough knowledge to be dangerous" camp. Ubuntu goes a long way towards this, but it needs an even friendlier interface (IMHO) for system setup and config. We won't get that till an OEM adopts it seriously for end user platforms.
  I have set up a laptop for 2 different client's wives with Ubuntu. Both were non-computer experts, and kept getting every infection known to man. After setting them up (Over 2 years ago) I never say those laptops again. I still see the clients, but they say the laptops are running perfect. Lost a lot of business there, and from happy clients. :) Ooops...
  I think condoms would be better than Ubuntu for protecting against those infections.
96. Re:70% on fully updated installs. by mjwx · 2011-10-05 13:30 · Score: 1
  
  Tbf, a large number leveraged flash and acrobat reader. Flash is not installed by default on Macs any more (though is likely to be installed as there's no alternative), acrobat reader is not installed, and is unlikely to be installed due to the existence of preview, and safari's native pdf rendering.
  No, they'll just get Mac users the same way 90% of windows Malware is installed.
  
  Social engineering.
  
  "Install free Muppets/Hello Kitty/Naked Katy Perry screensaver"
  /mac user clicks
  Oh Hai, I'm a Mac Virus.
  
  There is no technological defence for stupidity, pretending a platform automagically protects you from yourself is stupid, convincing others this is true to other people makes one the heir to the throne of the kingdom of idiots.
  
  --
  Calling someone a "hater" only means you can not rationally rebut their argument.
97. Re:70% on fully updated installs. by mgblst · 2011-10-05 13:39 · Score: 1
  
  Bullshit. Only someone who does not understand simple OS basics would ever think this. There are major differences between OX X, Linux and Windows.
98. Re:70% on fully updated installs. by spazzmo · 2011-10-05 14:46 · Score: 1
  
  Where have you been for the last decade? Everyone knows the reasons people have to use Windows. Or do you get off on watching the same tedious old arguments go round and round in circles yet again...
  
  --
  The cheese stands alone...
99. Re:70% on fully updated installs. by Anonymous Coward · 2011-10-05 18:36 · Score: 0
  
  Yes, sometimes we need to see it for decades before we can guard against those buffer overflows? (Yes, really. It happened just like that.)
  Wake up and smell the fuzzing. There is, in fact, a proactive component of security that some developers like to pretend doesn't exist. Here's how it works: you fuzz it first (proactive) instead of waiting for some black hat to do it for you (reactive). Sure the proactive approach isn't always 100% but neither are seatbelts and bike helmets.
100. Re:70% on fully updated installs. by beelsebob · 2011-10-05 18:48 · Score: 1
  
  You mean like the Mac App Store?
101. Re:70% on fully updated installs. by jc79 · 2011-10-06 02:20 · Score: 1
  
  B), the linux marketshare is so absolutely insignificant that you wont be seeing professionally packaged, commercially available (black market) malware kits for linux for a long long time.
  I would have thought being able to pwn the majority of web and database servers out there would be a decent incentive to write malware kits for linux. Anyway, why pay black market rates when metasploit is free?
102. Re:70% on fully updated installs. by LordLimecat · 2011-10-06 06:17 · Score: 1
  
  No, because malware kits dont WORK on server installs, they only work when someone browses to your infected website. If you know of any big iron servers running Gnome with an outdated Firefox and a vulnerable version of flash, do let me know, however.
  Hacks on servers tend to be bruteforce attempts, worm attacks, and dedicated efforts by a human being. Those are all kind of irrelevant to the discussion, as its a different class of attack than malware.
103. Re:70% on fully updated installs. by monkyyy · 2011-10-06 17:05 · Score: 1
  
  "I do admit the antivirus would be necessary if linux were to ever fall into the common for average users to get category."
  but it would be auto-installed and cross disto viruses would be very hard to write
  
  --
  warning pointless sig
104. Re:70% on fully updated installs. by monkyyy · 2011-10-06 17:17 · Score: 1
  
  linux did it first, w/ one very important difference, able to add different "stores"
  
  --
  warning pointless sig
105. Re:70% on fully updated installs. by monkyyy · 2011-10-06 17:21 · Score: 1
  
  i disagree, good user permissions and telling the person to stop and think(also known panic) whenever root password prompt pops up
  
  --
  warning pointless sig
106. Re:70% on fully updated installs. by jc79 · 2011-10-06 20:59 · Score: 1
  
  Point understood. My mental classification of malware kits includes worms and other attack methods, as well as their payloads - I'm sure the crims aren't purely interested in owning desktops when there's plenty of poorly configured, unpatched servers out there. Not to mention 0-day exploits discovered by bad guys and sold to other bad guys in the form of kits.
  But yes, it's mostly Windows systems with flash, acrobat reader &c that are the low hanging fruit for the kinds of people who would buy kits rather than writing their own.
107. Re:70% on fully updated installs. by Lord_Byron · 2011-10-07 06:36 · Score: 1
  
  A what? Oh wait, I think I remember hearing about those...they don't make them anymore, do they?
108. Re:70% on fully updated installs. by mangu · 2011-10-07 12:03 · Score: 1
  
  Everyone knows
  
  When someone starts a sentence with those words he's almost certainly wrong.
  
  Or do you get off on watching the same tedious old arguments go round and round in circles yet again...
  Not me. I just wonder why so many people get off on complaining about the same tedious old problems round and round yet again. Microsoft sucks. Period. Why do you people still wonder How Windows Gets Infected With Malware?
  Imagine if in the 1960s everyone knew the reasons people had to drive Chevrolet Corvairs...
Welll by jawtheshark · 2011-10-05 03:08 · Score: 1

Understandably... Given the zoo of updaters you get by installing just a handful applications, I too disable disable them, except for Windows update itself. (Well, I used to, I still have a XP copy somewhere on an old laptop, I migrated fully to Linux years ago). However, doing that and running as Limited User pretty much took care of not being infected. It also helped, not using the system browser.
As I understand, these days infection most often occurs over Adobe Flash, Adobe Reader, Internet Explorer, in that order.

--
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
1. Re:Welll by jawtheshark · 2011-10-05 03:09 · Score: 1
  
  Next time, I'll read the article... Promised, because that's what it says, except I forgot Java... :-) Who installs that anyway? ;-)
  
  --
  Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
2. Re:Welll by QuantumRiff · 2011-10-05 03:11 · Score: 4, Insightful
  
  I can't tell you how much I wish Windows Update would update other applications.. I guess I've turned into a crusty, bearded old Linux geek.. but one command to update everything kind of spoils you. (and being able to install and uninstall more than one application at a time is nice too).
  
  --
  
  What are we going to do tonight Brain?
3. Re:Welll by mikael · 2011-10-05 03:14 · Score: 2
  
  I must admit I always had some suspicions of web browsers that visit dozens of websites before they even visit your own home page. Running 'tcpdump -vv' and 'netstat -a', while a browser is very enlightening, even more so when doing 'whois' on those websites I've never heard of.
  Never could understand why 'firefox' was opening a shttp link to weather.noaa.gov, or who "stopbadware.org" was.
  
  --
  Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
4. Re:Welll by houstonbofh · 2011-10-05 03:23 · Score: 5, Insightful
  
  Plug-in repositories are one thing I WISH windows would steal from Linux!
5. Re:Welll by LordLimecat · 2011-10-05 03:24 · Score: 1
  
  Which is why Chrome is such a boon-- auto-blocks Java if its too old, auto-updates Flash, auto-updates its PDF reader (which notably isnt Acrobat based).
  Even if you disregard marketing blurbs about Chrome's security, the auto-update alone makes it a huge security plus.
6. Re:Welll by houstonbofh · 2011-10-05 03:26 · Score: 1
  
  weather.noaa.gov is the stupid toolbar something added. stopbadware.org is the firefox link scanning site trying to keep you safe from "bad websites" but only after they have infected lots of folks, and for a while after they are cleaned up... The other 52 websites on a given page are adds, and google analytics.
7. Re:Welll by somersault · 2011-10-05 03:40 · Score: 1
  
  According to my colleague, the option is there for Win7 to do that now. It's apparently the software vendors who need to integrate their apps into it. I doubt Adobe and Oracle will do that without being pushed though, there probably is something in the rules against pushing extra toolbars and such when updating.. they love doing that.
  
  --
  which is totally what she said
8. Re:Welll by Leebert · 2011-10-05 03:41 · Score: 2
  
  It will happen if and when Microsoft can manage to swipe the App Store concept. The end goal is in sight, although we might not like the side effects.
9. Re:Welll by bill_mcgonigle · 2011-10-05 03:45 · Score: 4, Funny
  
  I think that's in Windows 8 and they're calling it an 'App Store'.
  No word yet on how many reboots it'll take to install an app.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
10. Re:Welll by buchner.johannes · 2011-10-05 04:08 · Score: 2
  
  Use PSI https://secunia.com/vulnerability_scanning/personal/
  There are also several software-updaters based on repositories, but none are really good. The software landscape is just different in Windows.
  
  --
  NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
11. Re:Welll by Nerdfest · 2011-10-05 04:14 · Score: 1
  
  They will likely do what Apple did and borrow the concept, but not allow other repositories to be added. The walled garden is now an accepted approach it seems.
12. Re:Welll by darkgrayknight · 2011-10-05 04:16 · Score: 0
  
  Not any, most likely. Windows barely reboots for its own updates and most installs don't need the reboot process as they no longer modify Windows system files.
13. Re:Welll by maxwell+demon · 2011-10-05 04:46 · Score: 1
  
  The other 52 websites on a given page are adds,
  Only adds, or could also be a few subtracts among them?
  SCNR
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
14. Re:Welll by VGPowerlord · 2011-10-05 05:02 · Score: 1
  
  weather.noaa.gov is the stupid toolbar something added.
  Why would a toolbar contact a government-run weather service?
  
  --
  GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
15. Re:Welll by mikael · 2011-10-05 05:23 · Score: 1
  
  So in effect, they get to know your online usernames plus all the websites and comments you make?
  
  --
  Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
16. Re:Welll by apparently · 2011-10-05 06:30 · Score: 1
  
  Why would a toolbar that someone installed in order to get weather updates contact a government-run weather service? It's just a hunch, but I'd guess that its so it can get the weather.
17. Re:Welll by Cramer · 2011-10-05 06:33 · Score: 1
  
  This is actually why I f'ing HATE chrome. It refuses to allow me to run the versions of java I MUST run for certain apps to work. Java is the worst pile of GD crap I've ever seen. (and windows makes it even worse... ever tried to maintain installs of multiple versions?)
18. Re:Welll by Cramer · 2011-10-05 06:34 · Score: 1
  
  (otherwise, I love chrome)
19. Re:Welll by VGPowerlord · 2011-10-05 07:01 · Score: 1
  
  OK, since you missed my point, I'll stop trying to be subtle:
  Why would a toolbar contact a government-run weather services instead of their own, since if they contact their own weather service they can track your information rather than having the government track it?
  
  --
  GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
20. Re:Welll by _0xd0ad · 2011-10-05 07:14 · Score: 1
  
  To get information, obviously. Maybe you want to know the current temperature at the Guam International Airport, updated in your status bar automatically? Here it is. The add-on just scrapes that page.
21. Re:Welll by Anonymous Coward · 2011-10-05 07:45 · Score: 0
  
  Updating Adobe's program that displays pdf files requires a reboot. Why? I write programs that read files and even write them, and my code doesn't need a reboot! (Heck it doesn't need an install, just put the .exe file on the machine).
22. Re:Welll by shutdown+-p+now · 2011-10-05 08:56 · Score: 1
  
  There's no such option so far as I know. MS apps can integrate with Windows Update for their updates (and usually do so), but there are no public third-party hooks.
23. Re:Welll by shutdown+-p+now · 2011-10-05 08:59 · Score: 1
  
  In many cases, when a Windows installer says that it wants a reboot, it doesn't actually need it. It's there "just in case", and because users have grown to accept that as the unfortunate but necessary side effect of installers.
  Win8 apps (the ones that can go into the store) don't need reboots to install, because they each get their own private folder, and can't install components outside that folder - a lot like what the convention is for OS X, but forced by the OS. Since can't install or change system-wide components, there's no situation in which they might have to deal with locked files and such. And they don't have custom installers.
24. Re:Welll by Nutria · 2011-10-05 09:05 · Score: 1
  
  Why would a toolbar contact a government-run weather services instead of their own
  Because it's an add-on written by Joe Programmer?
  
  --
  "I don't know, therefore Aliens" Wafflebox1
25. Re:Welll by lennier · 2011-10-05 09:22 · Score: 1
  
  Why would a toolbar contact a government-run weather services instead of their own
  Probably because they're too cheap to actually own a weather service so they'd rather just flash ads in your face while loading the free government-run one? That is how the invisible middle finger of the free market works best.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
26. Re:Welll by houstonbofh · 2011-10-05 09:55 · Score: 1
  
  Not accepted by me. (And I am not that special, no matter what my mother says.)
27. Re:Welll by houstonbofh · 2011-10-05 09:56 · Score: 1
  
  They could... Scary, huh?
28. Re:Welll by somersault · 2011-10-05 09:59 · Score: 1
  
  Hmm, so he was just being a douche. Thanks.
  
  --
  which is totally what she said
29. Re:Welll by LordLimecat · 2011-10-05 10:17 · Score: 1
  
  Im fairly certain you can bypass that-- either through an "about:" page or through a command-line switch.
30. Re:Welll by Anonymous Coward · 2011-10-05 14:08 · Score: 0
  
  Ninite.com; installs almost everything worth having, and updates it all when you run it again, all for free.
31. Re:Welll by apparently · 2011-10-06 17:30 · Score: 1
  
  Well here's a thought: what's easier, maintaining your own weather information, or tapping into a resource that already provides that information so that you don't have to duplicate the effort? Are you seriously that retarded that this confuses you? Am I talking to a retarded person? If so, congrats on figuring out how to post on slashdot; there's a good chance that you could be an editor in no time.
How Window Gets... hu wha? by sgt+scrub · 2011-10-05 03:08 · Score: 4, Insightful

A window can get infected? Lies I tell you!

--
Having to work for a living is the root of all evil.
1. Re:How Window Gets... hu wha? by houstonbofh · 2011-10-05 03:19 · Score: 1
  
  Yep. When a window licker has a cold or the flu...
2. Re:How Window Gets... hu wha? by adeft · 2011-10-05 03:24 · Score: 1
  
  Yeah, that sentence made my head hurt just a bit.
3. Re:How Window Gets... hu wha? by Anonymous Coward · 2011-10-05 04:28 · Score: 0
  
  Finally, a use for the word "windowlicker." I've been waiting for years for this.
how windows get infected with malware? by Anonymous Coward · 2011-10-05 03:09 · Score: 0

how windows get infected with malware? how windows get pregnant?
we must instain operating system
1. Re:how windows get infected with malware? by Anonymous Coward · 2011-10-05 03:15 · Score: 0
  
  I accidentally the whole window!
2. Re:how windows get infected with malware? by LordLimecat · 2011-10-05 03:25 · Score: 1
  
  How Windows [machines] get infected.
  I didnt have trouble parsing that; possibly if you turned the brainpower spent making snarky responses to reading comprehension you wouldnt have had the issue either.
3. Re:how windows get infected with malware? by Anonymous Coward · 2011-10-05 03:43 · Score: 0
  
  How Windows [gets] infected.
4. Re:how windows get infected with malware? by somersault · 2011-10-05 03:44 · Score: 1
  
  What talk bout. We no talk that here.
  
  --
  which is totally what she said
5. Re:how windows get infected with malware? by Anonymous Coward · 2011-10-05 03:56 · Score: 0
  
  I didn't have trouble parsing that joke; possibly if you turned the brainpower spent making snarky responses at reading comprehension towards understanding jokes, then maybe you wouldn't have had the issue either.
  Also, learn to use apostrophes.
6. Re:how windows get infected with malware? by LordLimecat · 2011-10-05 04:11 · Score: 1
  
  There were multiple Windows machines being discussed. "Gets" is only appropriate for the singular case, so the usage of the plural "get" was correct.
  Pedantic fail.
7. Re:how windows get infected with malware? by LordLimecat · 2011-10-05 04:21 · Score: 1
  
  One might wonder how you ever manage to read headlines if you cant grasp the concept of implied words. Its not exactly uncommon for a headline to drop words, nouns and verbs alike.
  Why, Msn.com has the headline "Dust storms, Bear attacks, more". Oh noes! Theres no verb in those sentences! WHAT are the dust storms doing? Or perhaps the dust is currently storming, and its the object of the attacks and storms that we are missing? However will we decode this headline? And what is the bear attacking?
  Really folks, if you cant get this, slashdot is probably not the site for you.
8. Re:how windows get infected with malware? by somersault · 2011-10-05 05:30 · Score: 1
  
  "Storms" and "attacks" are both verbs. The dust is storming, the bear is attacking. There was an s missing from the headline. It's a Slashdot meme to make jokes about the poor editorial quailty. You need to relax and get over it.
  
  --
  which is totally what she said
9. Re:how windows get infected with malware? by LordLimecat · 2011-10-05 06:11 · Score: 1
  
  Not correct. You might be able to make the case for "attacks" being a verb, but ONLY if it is referring to a single bear doing the attacking. If it is referring to several incidents, it would be "bear-attack", plural-- that is "bear attacks" (noun).
  Dust storm, however, is a noun, and I have never heard the usage that would indicate the dust was storming something-- you would have to think the dust was breaching the walls of something, which is a bit of a stretch.
  From the context (being a headline, the use of what appears to be a plural combined with the word "more"), it seems obvious that they are referring to several incidents involving dust storms, and several incidents involving bear attacks.
Accounting for market share? by Robadob · 2011-10-05 03:10 · Score: 0

It doesn't state whether the first donut chart of browsers and exploits accounts for market share, however given then internet explorer is leading followed by firefox then chrome i would assume it doesn't (unless people select their browsers based on which is more exploitable).
1. Re:Accounting for market share? by Anonymous Coward · 2011-10-05 03:20 · Score: 0
  
  Jeeze, it's like you have a vendetta against useless data, or something.
2. Re:Accounting for market share? by houstonbofh · 2011-10-05 03:28 · Score: 1
  
  IE is the default browser on more systems than anything else. And even if Firefox is installed, the API calls on windows for http downloads use the IE engine, unless you go to some trouble.
Three guys beat IE!!! by 140Mandak262Jamuna · 2011-10-05 03:10 · Score: 1

According to the article, IE ranks fourth! Java JRE ranks first, Adobe Flash and Adobe Pdf reader takes the next two places. I think combining these two, Adobe is the king of the hill now in being the vector of disease. Not that it is any surprise.
Java JRE issue is confusing. If the problem is with Java and specs, it should be platform independent. So it is the Windows implementation that is at fault? I don't know.

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
1. Re:Three guys beat IE!!! by ColdWetDog · 2011-10-05 03:15 · Score: 1
  
  OTOH, you can cruise the Internet in safety and ease using the following combination:
  WIndows 98
  Safari for Windows
  Quicktime for Windows
  About the only thing you could do is run iTunes, but you would be safe!
  
  --
  Faster! Faster! Faster would be better!
2. Re:Three guys beat IE!!! by daid303 · 2011-10-05 03:25 · Score: 1
  
  Java JRE, so, disable it. I haven't found a single site that depends on it, the add-on seems to install by default (I just want the runtime, not the browser add-on...) and only use in the browser seems to be an attack vector.
  And It's not a problem with the specs I think, it's the problem that the Java JRE is huge, and a single exploit in a single feature is a problem.
3. Re:Three guys beat IE!!! by gad_zuki! · 2011-10-05 03:26 · Score: 1
  
  Yep, the advice I always give is:
  1. Uninstall java. Most end users never have a need for it and don't update it.
  2. Use Chrome to read PDFs or Foxit. No need for Adobe, but to be fair Adobe's new sandbox model in version X is resistant to viral infections and exploits.
  3. Update flash as often as it says or switch to Chrome.
  4. Run MSE or some other AV.
4. Re:Three guys beat IE!!! by LordLimecat · 2011-10-05 03:27 · Score: 1
  
  Yes, people who actually deal with such issues for a living have known this for some time. The difference between browsers is rapidly becoming moot-- the market share of any one browser is too diluted to be worth targetting when compared with the widespread adoption of Flash, Java, Acrobat, and Quicktime.
  There are some cases where it is conceivable that IE would be more secure than firefox, given the huge leaps made between IE6 and IE9 over the last 4 years.
5. Re:Three guys beat IE!!! by RicktheBrick · 2011-10-05 03:36 · Score: 1
  
  I am getting this pop up ad for Norton anti-virus. That would not be unusual except for the fact that the only way I can see to get rid of it is to click the accept button. There is no x or a no thanks button on it. I have microsoft anti-virus and I also have Iobit windows care program and I run firefox with their pop up blocker. Even with all of that I still get that pop up. I will not accept just because they do not have a easy way to decline.
6. Re:Three guys beat IE!!! by washu_k · 2011-10-05 03:48 · Score: 1
  
  The JRE issue is simple. The JRE is being exploited to deliver Windows malware. Linux or other OSes can get "infected" by the same exploit, but since the payload code is for Windows it won't run on other OSes. The JRE is just the delivery method, it's not actually running the malware.
  
  The big issue with Java is that while it is platform independent, it is not version independent. There are many many Java apps that require a specific version of the JRE and will not run on a newer one. So if you need to run an app that needs an old JRE you can't patch and secure your system. At a previous employer about 80% of our comprimised systems were because of Java with almost all the rest because of Adobe products. That was despite our default browser being IE6.
7. Re:Three guys beat IE!!! by Billly+Gates · 2011-10-05 07:54 · Score: 1
  
  Lazy or ignorant admins at your other place. ... not you in particular :-)
  IE it is easy to setup zones of protection. Setup the intranet sites in its own DMZ or just configure the MSI to setup IE to use Java for one or two particular sites only. It will then be disabled in the internet zone. I believe even ancient IE 6 has that option if you have the later service packs. Banning flash is obvious too as it serves no work purpose other than people calling saying they can't watch youtube or msnbc during work hours but I think their bosses would chuckle and give you a thumbs up for that one.
  JRE is a big threat now should be treated as such.
  
  --
  http://saveie6.com/
8. Re:Three guys beat IE!!! by Anonymous Coward · 2011-10-05 21:26 · Score: 0
  
  A fairly common tactic. Whenever I've observed this type of behaviour on a machine I've had brought in for decontamination, I'll use Task Manager to try and end the relevant process.
  You may find SysInternals' Autoruns program useful in finding out where it is launched from.
  Once you know what the process is and where it is launched, use a combination of Taskkill /f to end the process (or SysInternals' PSKill if you're on a home edition of Windows), and either Del (to delete the malicious .exe), SC (to stop / adjust the configuration of a malicious service) or Reg Add (to stop the launch of a process via Registry).
  Put both commands into a batch file (so you can kill the process and prevent it from launching, before it has a chance to respawn) and you're good to go.
Update early. Update often. by mrflash818 · 2011-10-05 03:10 · Score: 2, Insightful

When a Microsoft Windows machine gets infected by viruses/malware it does so mainly because users forget to update the Java JRE, Adobe Reader/Acrobat and Adobe Flash.
Update early. Update often.

--
Uh, Linux geek since 1999.
1. Re:Update early. Update often. by chispito · 2011-10-05 03:14 · Score: 1
  
  When a Microsoft Windows machine gets infected by viruses/malware it does so mainly because users forget to update the Java JRE, Adobe Reader/Acrobat and Adobe Flash.
  Update early. Update often.
  Alternately, you could simply not use Adobe plugins.
  
  --
  The Daddy casts sleep on the Baby. The Baby resists!
2. Re:Update early. Update often. by Anonymous Coward · 2011-10-05 03:20 · Score: 0
  
  There is no reason to have a Java browser plugin active anymore - it is a security risk and almost no legitimate websites use Java anymore. Just disable Java in the browser.
3. Re:Update early. Update often. by houstonbofh · 2011-10-05 03:34 · Score: 1
  
  Funny enough, while there are loads of alternative pdf readers out there, all of the alternative flash players I know of seem to be Linux only, or the windows versions are way behind. http://www.gnu.org/software/gnash/ http://sourceforge.net/apps/trac/lightspark http://swfdec.freedesktop.org/wiki/ Perhaps this will get these projects some attention...
4. Re:Update early. Update often. by networkBoy · 2011-10-05 03:36 · Score: 1
  
  I wish this were true.
  So many enterprise apps are Java (not JS) it is frightening.
  I maintain a whitelist for JVM apps allowed in the browser rather than uninstalling it. Annoying, but I can not do my job without it, nor can my wife go to school without it (on-line classes use it for the "classroom app").
  -nB
  
  --
  whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
5. Re:Update early. Update often. by jimicus · 2011-10-05 04:11 · Score: 1
  
  Alternately, you could simply not use Adobe plugins.
  Let's face it, for most people that's a bit like telling them not to have sex if they don't want to get pregnant.
  Entirely true, but so un-representative of the real world you might as well save your breath.
6. Re:Update early. Update often. by i+kan+reed · 2011-10-05 04:22 · Score: 1
  
  Uninstall reader/acrobat as useless, install firefox with flashblock, adblock.
  Ta-da, infection almost certainly now depends on users being morons.
  I personally would like a way to tell firefox to block cross-domain anything that's not a static image. That would quash a lot of the scripts that are problematic without the hassle of noscript.
7. Re:Update early. Update often. by antdude · 2011-10-05 06:04 · Score: 1
  
  How do we watch Flash videos then? :P
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Why not link to the original report? by Anonymous Coward · 2011-10-05 03:12 · Score: 0

This is ridiculous. The link goes to a splog that has ripped off the original report, which was here:
http://www.csis.dk/en/csis/news/3321
And don't get me started on the squishiness of the numbers being thrown around.
a failure to learn. by Anonymous Coward · 2011-10-05 03:16 · Score: 0

"When a Microsoft Windows machine gets infected by viruses/malware it does so mainly because users forget to update the Java JRE, Adobe Reader/Acrobat and Adobe Flash."
What we have here is a failure to learn. It was clear from the very start that allowing random untrusted sites to run code on your system (even if in a sandboxed environment, because those sandboxes leak) is a bad, bad, bad idea. Not just the drive-by malware, but the annoyances, the privacy violations, and other crap.
Yet people STILL do it, and then bitch when the inevitable happens. It's like watching someone smack themselves in the thumb with a hammer over, and over, and over, and never seeming to learn.
There are valid uses for scripts, but not anywhere near to the extent they are used, and it should be done ONLY when you have cause to trust them, not by bloody DEFAULT.
I know, here come all the slashtards to say that the web sucks if you don't enable scripts. But it wasn't like that in the past: it BECAME like that because people failed to think, because they put up with trivial eye-candy uses of scripts that were not necessary in any sense, because they didn't push back when idiot "web designers" started to use them where simple HTML would have sufficed.
In the end, you get what you deserve. And apparently thinking is "just too hard", so people didn't do it, and now here we are: dumb people by the millions are having their machines infected just by visiting a web page. There is NO WAY that visiting a web page should be able to jack your machine. No way at all. If it does, the fault is both yours, and all the people's who put up with this trend towards using scripts for trivial things that don't need them. Now, the web is some horrlble mess of tangled cross site flash and javascript and sh*t, and people bitch that it's too hard to figure out which ones are safe to run. Well, of f*cking course. Because you LET It get that way. When the trend started, you kept cheerfully using pages that *abused* scripts for things where it wasn't needed. You failed to listen to those of us who pointed out why this was a bad, bad idea.
You get what you deserve. What you deserve, computing public, is the world we now have. Hope you like it.
Top 5 to be avoided by hesaigo999ca · 2011-10-05 03:16 · Score: 1

I guess dont use java, adobe reader or flash, or IE, and you should kill 90% of possibilities.
1. Re:Top 5 to be avoided by Anonymous Coward · 2011-10-05 03:45 · Score: 0
  
  Not really. You'd need to sort by the ratio of infections per install to find the most dangerous ones.
Better statistics? by SpryGuy · 2011-10-05 03:17 · Score: 2

Looking at the graphs and statistics, I ended up wishing they'd factored in usage share, to make the numbers more meaningful.
I mean, if (say) 70% of users used XP and 30% of users use Win7, then seeing 70% of the exploits on XP and 30% of the exploits on Win7 doesn't tell you much other than there's an exploit that is the same across them. It does NOT mean that XP is more vunerable than Win7. Ditto the breakdown by browsers. Without usage share factored in, the numbers can be misleading in either direction.

--

- Spryguy
There are three kinds of people in this world: those that can count and those that can't
1. Re:Better statistics? by Anonymous Coward · 2011-10-05 05:00 · Score: 0
  
  I was thinking the same thing!
2. Re:Better statistics? by Anonymous Coward · 2011-10-05 06:16 · Score: 0
  
  Yes, this was my question as well. Does Windows 7/Safari look nice and safe because adoption of that software isn't common?
3. Re:Better statistics? by Billly+Gates · 2011-10-05 07:49 · Score: 1
  
  Ask any IT professional who has migrated to Win 7 and almost every one will say the amount of support issues and malware tickets go down significantly aftewards. Win 7 is much more secure than XP by design and many under the hood things in runtime and at compile time. It is near impossible to peak and poke in a Windows 7 machine with an exploit.
  Flash and Java will execute other executables so it bypasses all security.
  
  --
  http://saveie6.com/
4. Re:Better statistics? by SexyKellyOsbourne · 2011-10-05 11:34 · Score: 1
  
  Agreed.
  Security in Windows XP was really an afterthought -- it wasn't until SP2 seven years ago that it was reasonable to install. Before that, it would get rooted WHILE installing. In Win7, that is built in, not merely tacked on or recompiled. But it still includes IE6 by default, which US-CERT said was not fixable in its security model in 2004, and is the biggest danger of installing it.
  Of course, I don't know what kind of masochist would voluntarily install an OS from 2001 that still considers SATA to be exotic hardware and can only be cloned across the same hardware, but that's another issue.
  Windows 7 boxes are still exploitable, but only if they're grossly unpatched. The ones that get infected are usually have no Service Pack, much less have ever had Windows Update run, and are using an expired version of Norton Antivirus. Windows Update kills common malware rather well, and Security Essentials is free and actually quite nice (beats AVG).
  The same would apply to someone who has ignored 2 years of Ubuntu Security Notices and patches. There are quite a few: http://www.ubuntu.com/usn/
  As far as Flash and Java goes, I've been putting Chrome on home systems for browsing. It blocks usage of versions of Flash, Java, Quicktime, and other plugins that are exploitable. The malware blocker is also excellent on it, although Firefox and IE9 are catching up on doing that well.
5. Re:Better statistics? by Billly+Gates · 2011-10-05 18:22 · Score: 1
  
  The issue is many organizations are downgrading from Firefox to IE 7 or IE 6 again due to security concerns. Many think because IE is updated that is secure and therefore supported regardless of whether it is insecure by design. Sigh
  Firefox 3.6 is unsupported and therefore more insecure than IE 7 according to the PHBs.
  There are a lot of ignorant people who stick to old assumptions in I.T. today
  
  --
  http://saveie6.com/
Obvious strategy by Anonymous Coward · 2011-10-05 03:19 · Score: 0

after looking at the pie charts; deploy Opera on Windows 98, you'll be perfectly safe.
How Windows Get Infected With Malware 16 by DRAGONWEEZEL · 2011-10-05 03:19 · Score: 1, Troll

Simply Click HERE! ;)

--
How much is your data worth? Back it up now.
What we really want is to sell you something. by Anonymous Coward · 2011-10-05 03:22 · Score: 0

"With this study CSIS has received confirmation that our security program Heimdal is addressing a market not adequately covered by a proper patch routine or policy for this area."
Wow. I am so glad Heimdal is there to save us all.
-- over the top roll of eyes --
Aweful! by Anonymous Coward · 2011-10-05 03:25 · Score: 0

That is truly one of the most poorly written articles I've read in some time.
Not much meat in TFA by sl4shd0rk · 2011-10-05 03:26 · Score: 2

User's patches not up-to-date. User got infected.
The applications the malware targets are unsurprisingly the same-ol-same-ol. Windows, Java, IE, Adobe.
Perhaps the real questions should be:
- Why is patching so ineffective?
- Why is patch frequency not decreasing over time (these are *very* mature applications) ?

--
Join the Slashcott! Feb 10 thru Feb 17!
1. Re:Not much meat in TFA by Anonymous Coward · 2011-10-05 04:04 · Score: 0
  
  Perhaps the real questions should be:
  - Why is patching so ineffective?
  - Why is patch frequency not decreasing over time (these are *very* mature applications) ?
  The better question is why the software such a POS.
  The latest 10.x version of flash is about 4 megabytes in size. That is a very, very small program. Writing a secure version of flash wouldn't be very difficult - test & validate all the inputs, proper separation of modules, etc.
  If flash wasn't such a POS, Adobe wouldn't be facing the threat of being obsolete in the face of HTML5.
2. Re:Not much meat in TFA by Anonymous Coward · 2011-10-05 04:09 · Score: 0
  
  Make software makers liable for security vulnerabilities and watch what happens. You'll get stuff that makes the Space Shuttle's code look buggy.
  Despite popular belief, the legal system is not a "trick" to make business for lawyers; it gives economic incentive for people and businesses not to break the law (criminal) or to act in a reckless or negligent manner that negatively impacts other people (civil). Damage award caps and immunity reduce or remove those incentives.
3. Re:Not much meat in TFA by Anonymous Coward · 2011-10-05 04:22 · Score: 0
  
  Yeah, and nobody will want to buy it. It's not that you couldn't write bug free software, people would just rather buy a buggy piece of software and only spend a tenth of the money.
4. Re:Not much meat in TFA by quacking+duck · 2011-10-05 05:19 · Score: 1
  
  The Flash update process is pretty retarded, for one.
  In the control panel, it can tell me which versions of the ActiveX (IE) and plugin (Firefox, etc) are installed, but when I manually ask to check for updates it sends the default browser to the Flash download page.
  What a completely lame-brained approach--the control panel should check for, download and install updates itself, or pass it off to an Adobe Update app, or *something* that doesn't require manually downloading and installing a fresh copy of *both* IE and plugin versions of Flash.
5. Re:Not much meat in TFA by painandgreed · 2011-10-05 07:16 · Score: 1
  
  - Why is patch frequency not decreasing over time (these are *very* mature applications) ?
  Not really. They are new versions of old software filled with new features that require new patches. If it was the same code, then we could expect for these products to be mature, but the code base is constantly increasing. New features are constantly being added, sometimes in the same updates that fix other bugs. I fight with this sort of thing all the time with enterprise programs. Our business installs a program. We find bugs and demand they are fixed and they are with the next update that adds more features, new code, and more bugs. Sure, we want just a stable product, but other people want new features and the vendor needs them to stay ahead of the competition and sell to new customers. Any bug fixes are applied to new versions rather than the current one because they can't or won't expend the money to fix older versions as well as the newer ones with new features.
6. Re:Not much meat in TFA by Anonymous Coward · 2011-10-05 12:39 · Score: 0
  Perhaps the real questions should be:
  - Why is patching so ineffective?
  Ooh, ooh; can I answer that please?
  Maybe it's because I have to download a complete version of the program instead of just the patch?
  
  13MB for Firefox when I only need a few kb for the digital certs that are revoked?
  15MB for Java runtime
  65MB for Adobe Reader
  I ask you with tears in my eyes, do I download a new OS every Patch Tuesday?
unfactored by Anonymous Coward · 2011-10-05 03:27 · Score: 0

this is unrealiable information.
the first chart should have been represented as a ratio to the least used browsers
same with the operating systems
and then the whole thing should be factored according to the habits of dutch people
Java JRE by Bigbutt · 2011-10-05 03:28 · Score: 2

Unfortunately I run into areas where I am unable to upgrade the JRE due to incompatibilities with newer versions. For instance, in dealing with a Dell DRAC, the old Chassis says it'll support 1.4_5 something or other or newer. The problem is with the exact version it works fine but upgrading JRE on my system causes it to fail and refuse to start up the console java app. So I have a Windows laptop at my desk that is kept at that specific version of the JRE so I can continue to access the chassis until it's replaced. It's just one example but it's one I have to deal with on a periodic basis.
[John]

--
Shit better not happen!
1. Re:Java JRE by Anonymous Coward · 2011-10-05 04:32 · Score: 0
  
  Here Here!!
  I have come across this so often that my mantra has become "Java sucks". The original idea might have been good, and it might be nice to program in, but when it comes down to actual implementation it is severely flawed. When the underlying platform isn't backwards compatible, something is wrong.
  Java Sucks.
2. Re:Java JRE by Anonymous Coward · 2011-10-05 04:41 · Score: 0
  
  But you don't surf the web from a DRAC and, if you are, STOP!
3. Re:Java JRE by magamiako1 · 2011-10-05 05:20 · Score: 1
  
  Easy: Virtualize the management system used to manage these cards, throw it in a VM that is not used for general everyday computing (its sole purpose is managing the DRACs)
  
  Contact Dell to see if an update exists that would allow you to use a newer version of Java.
  
  If the hardware is too old, look into a replacement plan due to aging.
4. Re:Java JRE by DigiShaman · 2011-10-05 05:34 · Score: 1
  
  I have clients that can't use their check scanner for online corporate banking if JRE gets upgraded. Of all the PCs in the office, that's the one you do NOT want to get infected with a rootkit and keylogger for obvious reasons.
  
  --
  Life is not for the lazy.
5. Re:Java JRE by Bigbutt · 2011-10-05 05:56 · Score: 1
  
  Not allowed to virtualize Windows (I've asked). They're trying to reduce the number of Windows licenses in the company (I have a Mac :) )
  The last update was applied. This was end of life'd two years ago.
  Hahahahahahaha. Believe me, we're trying to get old hardware replaced.
  [John]
  
  --
  Shit better not happen!
6. Re:Java JRE by Bigbutt · 2011-10-05 05:58 · Score: 1
  
  Granted but I do from the system I use to access the DRAC. The issue is that my Windows box has to stay at a specific version of the JRE in order to continue to access the DRAC. So upgrading the JRE isn't possible. Fortunately I've received a new laptop so the old Windows one just sits until I need it to access the DRAC.
  [John]
  
  --
  Shit better not happen!
7. Re:Java JRE by Bigbutt · 2011-10-05 06:00 · Score: 1
  
  My solution is to just keep the old laptop around but not use it for anything but that specific task. So it sits in a drawer and every month or so I have to break it out, turn it on, and check out the console for the server that stopped responding to the network for some reason. If it doesn't get on the 'net, there isn't much of a chance of it getting infected.
  [John]
  
  --
  Shit better not happen!
8. Re:Java JRE by magamiako1 · 2011-10-05 06:08 · Score: 1
  
  Company's going to have fun on the Mac environment....(word: it's worse)
9. Re:Java JRE by Bigbutt · 2011-10-05 06:36 · Score: 1
  
  Most of my problems are related to being forced to use IE or needing to use Visio. I have an RDC connection to a terminal server but they won't put project or visio on the server. Again, the laptop still has its uses. I'm particularly amused that I still have my old laptop; so much for recovering a Windows license :)
  [John]
  
  --
  Shit better not happen!
10. Re:Java JRE by magamiako1 · 2011-10-05 06:48 · Score: 1
  
  IE is relatively secure as long as your sys admin (you have sys admins? right?) provides a proper update schedule and enforces update policies to occur.
  
  As noted by this article and many countless before it--MOST problems are solveable (well over 99% of them) by merely having a proper update policy.
11. Re:Java JRE by GoblinKing · 2011-10-05 08:06 · Score: 1
  
  For what it's worth that is not a Java problem ... it's an "idiot programmer for Dell writing bad code in Java" problem by requiring a specific version with no upgrade path. I have a number of Java applications that were written using the 1.4 JDK that will run without problem on the current 1.7 JRE.
12. Re:Java JRE by Anonymous Coward · 2011-10-05 08:49 · Score: 0
  
  You can have multiple JREs/JDKs on your system. The Java system panel tool lets you choose them etc. With a bit of tricking, I bet you could install a quick switch. Something like a registry key being switched via a batch file with a shortcut assigned.
  Oh, and if it's about applets: A greasemonkey script can re-write the <applet> tags to force a certain JRE version.
  You're welcome. :)
  P.S.: You can thank Gentoo Linux for freeing my mind from the limitedness of seeing a computer like a gadget/appliance, and seeing it for what it really is: A generic machine to automate your information processing work away. :)
13. Re:Java JRE by healyp · 2011-10-05 09:16 · Score: 1
  
  Why don't you update the DRAC firmware? Unless your DRAC's are beyond ancient. Why, just this week I went through the process of getting all our DRAC5 cards up to Firmware 1.60 and DRAC6 cards up to 1.70. Now they all work on any browser and on Linux even- though it does require the sun-java package on Linux, IcedTea/OpenJDK doesn't cut it.
14. Re:Java JRE by SexyKellyOsbourne · 2011-10-05 12:04 · Score: 1
  
  If you can, ask management "What's the cost of shutting down the production line for a day?"
  Explain to them that the system is a petri dish for viruses and even intentional industrial sabotage. A single Win7 Professional license to virtualize the system (virus protection, instant restoration, little to no downtime) via XP Mode, or even a damned Xen Server License, is pretty good insurance versus that.
  I did something similar once while consulting for something else at a factory, and the VP turned white and was on the phone immediately.
Similar: Dan Guido's Exploit Intelligence Project? by Anonymous Coward · 2011-10-05 03:33 · Score: 0

This research is oddly similar to Dan Guido's Exploit Intelligence Project. Even the ring/pie charts. Although, to CSIS's credit, they did invert the colors for Java and Flash in the donut chart.
http://www.isecpartners.com/storage/docs/presentations/EIP-final.pdf
Anyway, I've seen Dan Guido give the EIP lecture a couple of times, and unless I'm mistaken, he draws many of the same conclusions.
Java and Adobe need automated silent updates by sandytaru · 2011-10-05 03:34 · Score: 1

They need to incorporate the option of turning on automatic, silent upgrades like Google Chrome has - many end users don't recognize the "Hey I've got an update" balloons on their machines, and just ignore them until they wind up several versions out of date. Also, Adobe needs to cut out this "reboot required" nonsense for Adobe Reader. Not everyone is able to reboot machines at a drop of a hat, and it's annoying to have to schedule a reboot on a server for a program that didn't require a reboot for installation and is only used once every few months. (I seriously update Adobe more than I use it on many machines.)

--
Occasionally living proof of the Ballmer peak.
1. Re:Java and Adobe need automated silent updates by goldspider · 2011-10-05 03:57 · Score: 1
  
  I don't know about Flash, but Java can be set to auto-update.
  
  --
  "Ask not what your country can do for you." --John F. Kennedy
2. Re:Java and Adobe need automated silent updates by AtomicJake · 2011-10-05 04:13 · Score: 1
  
  Silent updates is the worst idea ever. Something that worked yesterday, stops working today - and I have no clue why.
  It is OK for some users to enable automatic updates (e.g. if you use only a Web browser and no specific plugins), but even then: Make the users aware about each update. Most users are far better off with a planned update.
3. Re:Java and Adobe need automated silent updates by Anonymous Coward · 2011-10-05 04:24 · Score: 0
  
  Also, Adobe needs to cut out this "reboot required" nonsense for Adobe Reader...
  This is true a hundred times over. It is especially annoying when you realize that the only reason for this reboot is to reinitialize their crappy framework.
4. Re:Java and Adobe need automated silent updates by Anonymous Coward · 2011-10-05 04:29 · Score: 0
  
  Failed to download the required installation files...
5. Re:Java and Adobe need automated silent updates by Rhywden · 2011-10-05 04:29 · Score: 1
  
  Yes. But it only looks once a month. Better to use something like Secunia PSI.
6. Re:Java and Adobe need automated silent updates by sandytaru · 2011-10-05 04:31 · Score: 1
  
  That only works if users actuall install the updates. Best case scenario, they actually call IT and ask about it and make us install it for them. Worst case scenario, they ignore it and we don't find out about it until six months later when they're system is suddenly infected beyond repair because they double clicked a fake UPS attachment reciept.
  
  --
  Occasionally living proof of the Ballmer peak.
7. Re:Java and Adobe need automated silent updates by Anonymous Coward · 2011-10-05 07:34 · Score: 0
  
  Ah yes, the old google auto-install trick. I wonder why my PC has stopped responding and it is google update deciding to take over my bandwidth and CPU and memory, grinding everything to a halt, because I had an old version of google earth on there. And chrome turned up on my machine when I never asked for it (i think that was firefox recommending an update to adobe flash that somehow downloaded chrome, wtf?)
  What is worse is Nokia which decided that since I have a nokia phone, my PC is now owned by them, and it should constantly scan it looking for mp3 files to tell Nokia about.
Words counts! by jabberw0k · 2011-10-05 03:40 · Score: 1

Grammars be important, their how we speech proper. Kapeesh?
Injection and Payload by Synerg1y · 2011-10-05 03:47 · Score: 1

It looks like they were mainly studying browser based attacks, the CVE's I looked up all had to do with browser code injection, along those lines.
They go on to state 85% of virus infections (do they mean malware / spyware?) are caused by drive by attacks (website exploits)
I'm not sure of and am to lazy to look up the actual figures, but I would dedicate that 85% to email based attacks, not Nigerian scams, but infected attachments, embedded code, etc.
Oh well, I'm demoting the scope of these statistics to browsers only...
and also state that I believe WIndows gets infected buckets more by email based attacks for many reasons including the ease of guessing email addresses on a domain, as well as user trust that who is sending them the email knows their email so they may know them, etc...
Salient point: by aepervius · 2011-10-05 03:49 · Score: 1

http://www.net-security.org/images/articles/102011-infection.jpg

Avoid Java, Flash, acrobat and IE Explorer and you avoid around 95+% of the entry points. IOW it does not seem to be opera or mozilla which is vlnerable, but the added cruft plug in.

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
How Long Will it Take by Anonymous Coward · 2011-10-05 03:59 · Score: 0

How long will it take for people to realize you can't protect idiots from themselves? You don't even need anti-virus if you don't open stupid shit. Stop downloading free screensavers, don't open shit people send you unless you know they really sent it and they're not a virus-infested mess, don't use IE, and you're pretty safe. I haven't had an infection in years and I have no active anti-virus. I check periodically with online scanners, but nothing ever appears.
1. Re:How Long Will it Take by Shoe+Puppet · 2011-10-05 07:19 · Score: 1
  
  I'm not surprised you haven't found any root-kits.
  
  --
  (+1, Disagree)
That articles is just an ad... by Anonymous Coward · 2011-10-05 04:05 · Score: 0

...for their security software, though, they make some valid points about security patches being updated. It just gives the article a veneer of poo with the plug at the end.
FTFA by Anonymous Coward · 2011-10-05 04:11 · Score: 0

"The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates."
And mathematics means that 100%-31.3% ~ 70% (remember "as many as...").
Or is it just a script posting here?
1. Re:FTFA by maxume · 2011-10-05 04:34 · Score: 1
  
  The article never equates user exposures with infections.
  (so it isn't clear if that other 70% actually result in infections...)
  
  --
  Nerd rage is the funniest rage.
Summary of the article by rabtech · 2011-10-05 04:16 · Score: 1

TL;DR:
The majority of infections are (in order): JRE, Acrobat Reader, Flash, and a minority are actual browser exploits and/or Quicktime exploits. No word on the versions but I expect that they are all well-known and long-patched holes.
Part of the reason I run with Java disabled, Flashblock installed, etc.

--
Natural != (nontoxic || beneficial)
1. Re:Summary of the article by Anonymous Coward · 2011-10-05 09:20 · Score: 0
  
  It is interesting that this group would blame third party software vendors for issues that only occur on Windows platforms. It makes me suspect that Windows is behind the study.
  I am running Flash, Reader, and Java on Linux with no problems. The bottom line is a security paradigm. These programs do not have root access on Linux / Unix platforms. Also, downloads automatically have their executable bit disabled.
  To infect a Linux client (not running services like Apache, FTP, SSH), one would need to download the virus, make it executable (chmod a+x ./virus), and run it as root (sudo ./virus or su -c "./virus"). Macintosh, which is based on Unix, is in a similar position.
  Vectors of attack which work against those platforms usually involve "jailbroken" systems which are using third party software repositories, weak passwords, services, etc.
Forced updates needed by mrshermanoaks · 2011-10-05 04:18 · Score: 1

Unless you force users to update software before continuing to use it, they will nearly always pick the "remind me later" option. Updates to packages like these need to be automatic and enforced for all but the most managed of users, or this problem will just go on forever.
It this issue affected only the individual users, it would be one thing. But the fact that clicking the "remind me later" has a disastrous effect across society means that you can't just rely on people to do the smart thing. They won't. They'll do the quick, easy thing.
Product Pushing. by nairnr · 2011-10-05 04:29 · Score: 2

Of course this study was done to showcase a product... And it is a Danish company CSIS...
"With this study CSIS has received confirmation that our security program Heimdal is addressing a market not adequately covered by a proper patch routine or policy for this area. "
1. Re:Product Pushing. by Guspaz · 2011-10-05 05:32 · Score: 1
  
  Not to be confused with CSIS, the Canadian Security Intelligence Service, our equivalent of the CIA.
2. Re:Product Pushing. by Anonymous Coward · 2011-10-06 02:55 · Score: 0
  
  Oh, I thought it was done to showcase Linux.
Siemens, Stuxnet by Anonymous Coward · 2011-10-05 04:29 · Score: 0

Just imagine that you have 15 year old industrial machines with unique programs, where patching shuts down production indefinitely. You also have managers who demand remote access, or monitoring of uptime/downtime/errors, etc.. This is why the DHS is concerned about industrial control systems being accessible on networks. No patching, extreme critical nature, and wide demand for accessibility.
A setup that lets NOTHING bogus thru... apk by Anonymous Coward · 2011-10-05 04:30 · Score: 0

http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Search
* Demands about 1-2 hours of your time, for years-to-decades of "disease-free" stable, fast, & secure uptime...
APK
P.S.=> It just works, & on very simple principles (mostly)...
... apk
1. Re:A setup that lets NOTHING bogus thru... apk by Anonymous Coward · 2011-10-06 00:38 · Score: 0
  
  Demands about 1-2 hours of your time, for years-to-decades of "disease-free" stable, fast, & secure uptime...
  I don't think 1-2 hours would be enough to even begin to read that crapflood.
2. Re:A setup that lets NOTHING bogus thru... apk by Anonymous Coward · 2011-10-10 13:26 · Score: 0
  
  ... apk
  Acronyms are supposed to be written in capital letters. Please learn to use capital letters properly before criticizing others.
And the conclusions to be drawn are by microphage · 2011-10-05 04:47 · Score: 0

And the conclusions to be drawn are, security on the Windows platform relies on the applications being totally free of vulnerabilities that could be used to leverage privileges on the target system.
1. Re:And the conclusions to be drawn are by magamiako1 · 2011-10-05 06:15 · Score: 1
  
  No, it's called shitty application developers that don't want to leverage the tools Microsoft provides for securing their applications.
  
  I've gotten arguments from developers who SWEAR they can do it better--and by better, I mean "I should be able to put my application anywhere on the system and the system shouldn't be exploitable by any bugs in my code."
  
  I shit you not, we argued over this for a while.
  
  Microsoft provides developers every tool they need to make a Windows application that can operate on least privilege but they REFUSE to use it.
Flash, Silverlight, Office, Java by Anonymous Coward · 2011-10-05 05:05 · Score: 0

These are the big cross-platform software suites with the most vulnerabilities

My friends & family run Debian with the browser running in an isolated user account, works quite well
1. Re:Flash, Silverlight, Office, Java by LordLimecat · 2011-10-05 06:56 · Score: 2
  
  My friends & family run $OS with the browser running in an isolated user account, works quite well
  So do most windows users. Luckily for the virus makers, its pretty easy to pester the user with a zillion gksudo / consent.exe prompts requesting elevation-- all it takes is clicking "allow" if you dont have a password set, and its all over.
2. Re:Flash, Silverlight, Office, Java by Nutria · 2011-10-05 08:49 · Score: 1
  
  So do most windows users.
  I dispute that, and assert that most home users run using the default Admin account that was automatically created by the manufacturer.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
3. Re:Flash, Silverlight, Office, Java by LordLimecat · 2011-10-05 10:05 · Score: 1
  
  Someone didnt pay attention to the Vista and Win7 changes. As in Ubuntu default installs, the user has admin "capabilities", but they are dropped most of the time. To actually use them, you must click through a UAC prompt that is functionally identical to gksudo.
4. Re:Flash, Silverlight, Office, Java by Nutria · 2011-10-05 10:42 · Score: 1
  
  Someone didnt pay attention to the Vista and Win7 changes.
  The only non-XP Windows systems I've seen in the past 5 years is the Win7 Starter on my wife's (brand new) netbook.
  Other than that, we're pure Linux at home and XP at work, so there was nothing to not pay attention to (if that makes any sense).
  
  --
  "I don't know, therefore Aliens" Wafflebox1
5. Re:Flash, Silverlight, Office, Java by LordLimecat · 2011-10-05 13:47 · Score: 1
  
  Ah, well perhaps you shouldnt have commented on Vista and windows 7. You see, WinXP market share is under 38%, so my comment about "most windows users" was accurate.
  Incidentally, 7 really is worth the upgrade-- dont judge it based on Starter which really is awful and is usually put on devices that should never have run windows to begin with.
6. Re:Flash, Silverlight, Office, Java by Nutria · 2011-10-05 14:23 · Score: 1
  
  perhaps you shouldnt have commented on Vista and windows 7
  Point *slightly* taken.
  
  7 really is worth the upgrade-- dont judge it based on Starter which really is awful and is usually put on devices that should never have run windows to begin with.
  I'm not going to pay an extra $100 on a $250 computer. When/if my wife comes upon it's limitations (so far she hasn't) then we'll discus what to do.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
7. Re:Flash, Silverlight, Office, Java by LordLimecat · 2011-10-05 14:49 · Score: 1
  
  Yes, I dont think I would spend the money if it were that much. But if you can snag a $30 student upgrade, its worth it, and if you are getting a new computer, might as well go for 7. The new GUI is much better (as in, it improves productivity), cross-GPU-vendor multi-monitor is supported, and theres heaps of other goodies. To be sure, there are annoyances, but all in all I think 7 was a good direction.
  Now if only they hadnt thrown that all out for the mess that is Windows 8.....
8. Re:Flash, Silverlight, Office, Java by Nutria · 2011-10-05 15:13 · Score: 1
  
  But if you can snag a $30 student upgrade, its worth it
  Guess we're not upgrading... :)
  
  cross-GPU-vendor multi-monitor is supported, and theres heaps of other goodies.
  It's a netbook, for Christ's sake.
  
  Now if only they hadnt thrown that all out for the mess that is Windows 8.....
  I know the feeling. I've held our desktops back to Ubuntu 10.04 and 10.10 because my wife hates change and I hate (1) change for change's sake and (2) pandering to mythical Linux newbies.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
I call BS - Linux repos package them all the time by daboochmeister · 2011-10-05 05:08 · Score: 1

I call BS - many Linux repositories package and provide Adobe and Oracle software all the time, without issue, and without "extra toolbars and such" being installed when you use their packages. Are you really really sure that MS isn't imposing a requirement that Adobe and Oracle find unacceptable? (go ahead, call me cynical) Or possibly that MS won't allow the licenses under which such packages are provided?

--
"Ahh! I see you're in that indeterminate Schrodinger state where - oh, uh ... never mind." Dave Bucci
Secunia PSI by ThatsNotPudding · 2011-10-05 05:20 · Score: 1

http://secunia.com/vulnerability_scanning/personal/
I'm sure it's not unique, but I like that it does keep track of third-party programs and services - especially the seemingly purpose-built attack vector: Flash.
1. Re:Secunia PSI by flappinbooger · 2011-10-05 07:02 · Score: 1
  
  ninite pro also has some auto-update functionality that reminds me (vaguely) of the linux repository functionality.
  
  --
  Flappinbooger isn't my real name
Re:I call BS - Linux repos package them all the ti by somersault · 2011-10-05 05:33 · Score: 1

Perhaps. I was trying to give MS the benefit of the doubt, as my colleague typically does. I guess it could be just laziness on MS' part.

--
which is totally what she said
Better Development / Better Education by nanoosa · 2011-10-05 06:31 · Score: 1

There are many holes that have been overlooked by developers; however, education of the end user is just as important.

--
Mike W
This.. by Marble68 · 2011-10-05 07:27 · Score: 1

Find out how Windows gets infected with Malware by downloading this exclusive EXE *FOR FREE*.

--
/me sips his coffee and ponders a new sig...
Re:It is not 2005 anymore by Billly+Gates · 2011-10-05 07:38 · Score: 1

The old vulnerabilities of putting an activeX control, tricking a RPC, or targetting a buffer overflow in Windows XP or IE 6 are long gone.
IE 9 on Windows 7 and IE 10 in Windows 8 are one of the mose secure web browser out there. Not seriously?
It is compiled with VC 2010 and has crazy ASLR, Dep (data execution prevention), and even checks exception handling at compile times to make sure it not abused. Even if you you could figure out how to do a buffer overrun and poke some bad instructions in ram, its addressing is all randomized so targeting the kernel or a particular dll to execute is all but impossible. This is especially true under WIndows 7 where the whole system has a scrambled layer of ram addresses that is always changing. It is a bitch to do now.
Even IE 8 which is not a modern browser in today's standards (still mediocre), is ok secure wise when patched compared to its horrible past siblings of IE 6 and IE 7.
Modern IE is not IE 6, or IE 7 by a longshot. As I.T. professionals you need to learn newer things. It does not make sense to target Windows or IE vulnerabilities because by the cracker finishes the trojan MS will likely fix it via a Windows update.
Flash however is compiled with adobe's with no such security checks at compile time! Doh. Even worse many users have 2 year old flash 9 still that is never auto updated. You can run bad javascript in PDFs that crossite to a badsite and a whole other nasties. I use Foxit and it even caught a PDF that did just that and had xss cross site scripting protection. Thank God.
Flash is never updated, does not have the resources as MS, and Oracle doesn't give a shit about Java and refuses to patch security glitches. The RMI by its very nature is to allow foreign natively compiled code so no crazy hacks needed.
The solution? Ban flash at work, setup IE to use Java for selected Intranet sites only in a protected zone. It is very easy to setup and any administrator at work should always do that. Youtube is not business productive anyway and is the only real reason to use Flash. ;-) You can ban these with Chrome and I assume Firefox as well but you can't do particular sites like IE can. Ms put them there for a reason.
Do these steps and your support will go down by at least 50% at work. Guarantee it.

--
http://saveie6.com/
Windows Help by c++0xFF · 2011-10-05 07:55 · Score: 1

3% of successful infections used a feature that nobody I know about has ever used (beyond accidentally pressing F1).
Just goes to show that even the most benign features could potentially harbor a security risk if the programmers didn't do their job right, regardless of operating system.
Useless charts by ytpete · 2011-10-05 07:58 · Score: 1

All those pie charts are kind of useless unless they normalize them for percent of installed base... Oh, IE makes up the largest number of browser infections? Maybe because IE makes up the largest number of browser users. Windows 2000 gets far less malware than Windows Vista? Probably not actually more secure... just has far fewer users anymore.
old proverb: infections ~ install base by Onymous+Coward · 2011-10-05 08:20 · Score: 1
The tendency for infection is correlated to how popular the OS is, goes the oft-repeated idea.
For relative infectibility, I quote the "exposed to malware" numbers from the article. They make it a little ambiguous whether this means actual infections. And for relative popularity between Windows OSs, I quote from the Wikipedia article on Windows (with some averaging).
"Exposed To Malware"
1. XP - 41%
2. Vista - 38%
3. 7 - 16%
(Relative) Install Base
1. XP - 46%
2. Vista - 11.4%
3. 7 - 40.2%
Appears to be a large discrepancy between these numbers. Any explanations? On the face of it it looks like it is not true that popularity of OS correlates highly with infection rate.
1. Re:old proverb: infections ~ install base by Lance_Denmark · 2011-10-05 08:33 · Score: 1
  
  People still using XP are doing so because of legacy software? Likely to be businesses which have some tech minded people behind them. Most savvy home users have moved onto Windows 7, as Vista was a pile of shit. Those left using Vista are the Moms who send emails full of cats.
2. Re:old proverb: infections ~ install base by shutdown+-p+now · 2011-10-05 09:02 · Score: 1
  
  People who have already upgraded to Win7 are more likely to be up-to-date on patches - doesn't sound too surprising to me.
  That, and UAC also helps.
Happy wives and daughters by overshoot · 2011-10-05 08:57 · Score: 1

Well, OK, we're not married. I'll wait while heads explode all over /.
Anyway, several years ago $DAUGHTER was headed off to University and it was time for her to take responsibility for her own computer, so we went shopping at Fry's and she got the usual mobo, PSU, HDD, video, etc. for the case I bought her. She and $HERSELF (not her mother but ...) then built the box and, following the online instructions, did a Stage One installation of Gentoo.
Worked like a champ for four years, she kept it up and all w/o my needing to hold her hand (not that I object to holding her hand, even now.) She only replaced it because a laptop suited her needs better in grad school. So she wiped a new ThinkPad down to bare metal and installed Ubuntu. Here we are four years later and she's doing her dissertation on that ThinkPad, still no help required from Dad.
And before anyone asks:
* No, she's not a CS or other tech major. Sociology, actually.
* She already has a boyfriend and he's about 6'4" of professional outdoorsman.

--
Lacking <sarcasm> tags, /. substitutes moderation as "Troll."
1. Re:Happy wives and daughters by i_b_don · 2011-10-05 10:19 · Score: 1
  
  WTH is a "professional outdoorsman"?
  d
  
  --
  all language nazi's will burne in heil!
2. Re:Happy wives and daughters by reboot246 · 2011-10-05 12:31 · Score: 1
  
  I wonder if it's anything like "urban outdoorsman", only full time.
3. Re:Happy wives and daughters by jc79 · 2011-10-06 02:10 · Score: 1
  
  I'm a professional outdoors-person, although I prefer to be referred to as an outdoor instructor, or mountain leader. I work freelance for a number of organisations (mostly residential outdoor education centres) as well as running a business teaching navigation and guiding hillwalks.
Get your hooked on phonics out then troll... apk by Anonymous Coward · 2011-10-06 01:57 · Score: 0

".doolfparc taht daer ot nigeb neve ot hguone eb dluow sruoh 2-1 kniht t'nod I" - by Anonymous Coward ANOTHER "ne'er-do-well" /. OFF-TOPIC TROLL on Thursday October 06, @08:38AM (#37624518)
"???"
Uhm... Could we get a translation of that off-topic "troll-speak/trolllanguage" of yours, please?
* And, you're an off-topic troll - no questions asked...SEE MY SUBJECT LINE ABOVE!
APK
P.S.=> Yes, it must have just have been another off-topic done nothing of significance with his life troll spewing his off-topic b.s. again & not contributing to the ongoing conversations. Oh well - No biggie!
("ReVeRsE-PsYcHoLoGy", for trolls - Courtesy of this code by "yours truly" in less than 1 second flat):
---
#TrollTalkComReversePsychologyKiller.py (Ver #2 by APK)
def reverse(s):
try:
trollstring = ""
for apksays in s:
trollstring = apksays + trollstring
except:
print("error/abend in reverse function")
return trollstring
s = ""
print reverse(s)
try:
s = "Insert whatever 'trollspeak/trolllanguage' gibberish occurs here..."
s = reverse(s)
print(s)
except Exception as e:
print(e)
---
... apk
Professional ourtdoorsman by overshoot · 2011-10-06 03:47 · Score: 1

Designing and building trails for the Forest Service, for one. As in, spending more time hiking with a pack and sleeping in a tent than under a roof. In between doing things by hand rather than with power tools because the tools are too hard to get to where the work needs to be done.

--
Lacking <sarcasm> tags, /. substitutes moderation as "Troll."
Re:Get your hooked on phonics out then troll... ap by Anonymous Coward · 2011-10-06 06:06 · Score: 0

gah! go droop deep ay! ya peed poor dog hag.
Don't trust this report by Anonymous Coward · 2011-10-06 21:09 · Score: 0

This "research" appears thoroughly flawed on several counts. The fist and most obvious is the conclusion it's all down to patching - from a patch management vendor. The second obvious one is the web browser chart. This shows the distribution of infected machines by browser from the sample, but does not compare that with browser usage including non-infected machines, so it's impossible to find out which browsers are actually the most vulnerable. The same applies to the OS "statistics". In general, the complete lack of any apparent experimental procedure to ensure robustness makes the findings pretty worthless except as a "white paper" promoting a product.
Re:Get your hooked on phonics out then troll... ap by Anonymous Coward · 2011-10-06 22:59 · Score: 0

Don't you have anything better to do with your life?
no u by Anonymous Coward · 2011-10-07 00:37 · Score: 0

something better than poking paranoid delusionals like apk with sticks just to watch them jump and squirm?
U have a delusion of being a psychiatrist by Anonymous Coward · 2011-10-07 00:53 · Score: 0

Do U have a PhD in psychiatry, a license to practice it, years of professional practice in it, as well as a formal examination administered in professional environs to make your "snap/instant prognosis-diagnosis" there, dear "SiDeWaLk-ShRiNk of /."? If not, and you most likely don't have any of the above, then I'd say you're the one suffering delusions (lol!).
1. Re:U have a delusion of being a psychiatrist by Anonymous Coward · 2011-10-07 07:17 · Score: 0
  
  you are the one who's delusional, because everyone here "apparently" thinks that you're a "shitheaded idiot" and your "ignorant, aggressive, asperger ramblings" should be banned:
  http://meta.slashdot.org/comments.pl?sid=2463558&cid=37633844
Such an intelligent reply (not) by Anonymous Coward · 2011-10-07 07:43 · Score: 0

Sorry 4 stalking U apk. I'm http://slashdot.org/~apparently & I have psychiatrist delusions here on /. and I'm upset that you constantly get the best of me here on /. everytime. I do have a small penis as I admitted earlier, and I wish I were you apk. I truly do. I have no home paid for in full as you do which is why I avoid this simple question you asked of me here http://yro.slashdot.org/comments.pl?sid=2457274&cid=37602672
1. Re:Such an intelligent reply (not) by Anonymous Coward · 2011-10-07 08:39 · Score: 0
  
  I already told you I'd prove my gigantic cock to you, apk, which you seem so obsessed with. All you have to do is ask, and I'll show you what a real cock looks like, not that little thing you have between YOUR legs.
2. Re:Such an intelligent reply (not) by Anonymous Coward · 2011-10-07 08:44 · Score: 0
  
  apk isn't gay so you can cease your strange attempts @ homosexual courtship/mating rituals and your bull queer style online stalking of him (lol).
3. Re:Such an intelligent reply (not) by Anonymous Coward · 2011-10-07 10:07 · Score: 0
  
  neither am I but I'm certainly not afraid to provoke a little well-deserved penis envy from a lesser-endowed straight man... or a faggot for that matter, say, you ARE quite sure that you're straight, are you? cause you seem to know an awful lot about fags, and you seem rather obsessed with my cock after all. if you want to see it so badly why don't you just ask?
You're not very intelligent, are you? by Anonymous Coward · 2011-10-07 07:53 · Score: 0

In the link you posted, apparently wants to get rid of you (you post as anonymous coward, and you truly put the "coward" into it). Re-read the link you posted here http://meta.slashdot.org/comments.pl?sid=2463558&cid=37633844 and realize how stupid you continue to look stalking others online due to your geek angst, while posting as anonymous coward to do so.
Listen goof: What gave you the idea by Anonymous Coward · 2011-10-07 08:08 · Score: 0

You could even form a thought in the peanut sized skull of yours? Now, STFU, and leave the rest of us normally intelligent people here be.
1. Re:Listen goof: What gave you the idea by apparently · 2011-10-07 15:03 · Score: 1
  
  Apparently you can't answer easy, simple questions. I realize that you're posting as AC, but could you provide me with the state that you live in so that I can direct you to your state's Department of Developmental Services, so that they can help you learn the art of responding to easy questions? With any luck, they can team you up with a second grader who can teach you how to respond to sentences that end with question marks: "?".
2. Re:Listen goof: What gave you the idea by Anonymous Coward · 2011-10-07 15:49 · Score: 0
  
  Alexander Peter Kowalski 903 E Division St Syracuse, NY 13208
3. Re:Listen goof: What gave you the idea by Anonymous Coward · 2011-10-07 16:00 · Score: 0
  
  Exactly. The fucking crazy idiot who pretends he's some IT wizzzard can't even protect his PI.
4. Re:Listen goof: What gave you the idea by Anonymous Coward · 2011-10-08 02:14 · Score: 0
  
  go chew on glass you piece of human garbage.
Quit projecting by Anonymous Coward · 2011-10-07 11:32 · Score: 0

See subject-line above, & get 1 thing straight: I am NOT your "type" (gay obviously), & I am not "on the menu", so find yourself another dish.
1. Re:Quit projecting by Anonymous Coward · 2011-10-07 11:37 · Score: 0
  
  I told you I'm not gay. How much clearer can I be? You really need to get those repressed homosexual urges under control, because I have no interest in any erotic fantasies you have with another man. I merely offered to show you what a real dick looks like, since you'd probably need a mirror to find your own pathetic excuse for one.
2. Re:Quit projecting by Anonymous Coward · 2011-10-07 11:50 · Score: 0
  
  Ok apk: I admit I'm queer + have strange fantasies about you. I'm sorry it makes me stalk you, but, I find you irresistable and I wish I were you apk.
Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-07 11:46 · Score: 0

And stalking others like some mentally disturbed maniac. Or, didn't you say this:

I already told you I'd prove my gigantic cock to you, apk by Anonymous Coward on Friday October 07, @04:39PM (#37643398)
From your post here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37643398
Cat's outta the bag, and all your denials of your "true nature" (lol) are useless. What really gives you away is your stalking bull queer methods though.
We're not interested in your mentally disturbed homosexual courting you're attempting. Go away now.
1. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-07 12:21 · Score: 0
  
  Wow, yeah right, you're delusional, you know that? I originally said the only thing I had to prove to you is my cock, more as a joke than as anything else, you're the one who seems obsessed now with this perverse penis envy that you have, and some bizarre need to claim that my cock isn't large enough (I assure you, it is). I'd certainly prove it to you if you wanted me to, but as far as the rest of the stuff you're claiming that I should prove (degrees and houses and whatnot) you can go shove that "where the sun don't shine" (another one of your strange homosexual fantasies, I'm sure)!
  And by the way - I realize your hidden homosexual urges are probably due in part to the fact that no woman would want to have sex with an obese slug such as yourself, but you can rest QUITE assured that I would NOT want to have sex with you either - though I'm sure you could find some people who are "in to that sort of thing", well, perhaps if you let them piss on your head or eat their shit or give their dog a blowjob or something else of that nature, because most of the "normal" folk (even the fags) wouldn't dream of ever having sex with you either - might have to go for some stronger kink to find anyone willing to have YOU!! LOL.
  p.s. pretending to be me just further proves that you're the closet fag that we always knew you to be (yes, I just saw your last post, the one where you pretend you're me and have "strange fantasies" for apk - trust me, the only people with any "strange fantasies" for you, you probably wouldn't want to encounter because I imagine the "fantasy encounters" might be very painful for you).
2. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-07 12:51 · Score: 0
  
  Sorry apk. I am projecting saying you're fat. I am fat, and I have homosexual urges also. There's just no hiding or point in my denying it after I said I would show you my tiny penis earlier.
3. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-07 14:10 · Score: 0
  
  Sorry apk. I am projecting saying you're fat. I am fat, and I have homosexual urges also. There's just no hiding or point in my denying it after I said I would show you my tiny penis earlier.
  It's so funny to see you pretend to be a fat pathetic little man with homosexual urges and also admitting to having a tiny penis. OH WAIT because it's all true! LOL. Keep pretending apk, we all know the truth and the truth is you're pathetic. Cower some more in my shadow, feeb.
4. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-07 22:12 · Score: 0
  
  Sorry for stalking you apk. I can't help it I'm a twisted freak.
5. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-08 01:11 · Score: 0
  
  you = apk
  cower some more, feeb. you're completely pathetic.
6. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-08 03:40 · Score: 0
  
  You = Michael Kristopeit - and, what? No new account of the 1,000's you keep here?? After all, you're the only fool who posts made up words like "feeb" & "cower some more", and has literally 100's to 1,000's of registered account usernames here on slashdot too. Proof per this http://www.google.com/search?sclient=psy-ab&hl=en&source=hp&q=feeb+site%3Aslashdot.org&btnG=Search and that's just another one of the trolling accounts you (actually others posing as you) use to harass others here: Grow up, you fool. If anyone's pathetic around here, it's yourself you effete and nearly always off topic illogical trolling imbecile.
7. Re:Quit projecting, & homosexually stalking by Anonymous Coward · 2011-10-08 10:28 · Score: 0
  
  ur mum's the fool whose face cowers some more in the shadow of my huge cock. fellate me, feeb. you're exactly what you have claimed to be: NOTHING.
Look @ that "reaction", lmao by Anonymous Coward · 2011-10-07 12:45 · Score: 0

If you're reliving a "childhood trauma" with that rant, please: Keep it to yourself! On attempting to psychoanalyze others, do wait until you have a PhD in Psychiatric sciences, a license to practice it, and a formal examination administered in a professional environs. There's also the fact you offered your penis to another man here that also says worlds about your "sexual preferences" alone. We also know you don't own a damned thing which is doubtless why you harass and troll others online like some psychotic freak. You're miserable. Whose fault is that? Yours.
1. Re:Look @ that "reaction", lmao by Anonymous Coward · 2011-10-07 13:22 · Score: 0
  
  Why are you so afraid to see another man's cock, apk? Maybe it'll bring back some repressed homosexual urges, eh? Your extreme homophobia is very telling. I bet it makes you extremely nervous when your Doctor has to check your testicles or prostrate, you do realize you need to have those done at your age, right? Wouldn't want anything swelling up and falling off, not that you'd miss it anyway. I'm not afraid of another man seeing my genitalia, probably just be jealous but hey it can't hurt ME any even if he DOES enjoy it in some sick closet-fag sort of way!
  But hey, you calling me "miserable" can't possibly make it so, the only one who can make you miserable is YOU, you miserable little troll. Keep up the good work, all you're doing is proving that you're nothing but a pathetic loser who wishes everyone else was as miserable as he was and tries to project his delusions and insecurity and overall faggotry onto them.
LMAO, I read 1st sentence & that was enough! by Anonymous Coward · 2011-10-07 13:32 · Score: 0

See subject-line, you're twisted & strange! However, you made me laugh at just how screwed up some people can be in this world.
UR "twisted" n strange! by Anonymous Coward · 2011-10-07 13:47 · Score: 0

Why are you so afraid to see another man's cock, apk? by Anonymous Coward on Friday October 07, @09:22PM (#37645450) From the post I am replying to here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37645450 from you.
Then your earlier 'offer' quoted here too:
I already told you I'd prove my gigantic cock to you, apk by Anonymous Coward on Friday October 07, @04:39PM (#37643398) From your post here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37643398
LMAO! Quit projecting, attempting your mating ritual bull queer style or something, and quit homosexually stalking your fantasy man apk you're clearly obsessed with or whoever the heck it is you're doing that to here. Have you no shame? Yoo? You're massively quite twisted, and definitely strange! Stay away from me please. Seek help for your condition. Like was said earlier of you here by others, I suspect you are a victom of some strange childhood trauma.
1. Re:UR "twisted" n strange! by Anonymous Coward · 2011-10-07 13:54 · Score: 0
  
  Haha, better question to ac stalker is why's he so eager to show his then, after he asked you what he did? I read those quotes of the ac stalker you quoted and busted out laughing at the rest of what you wrote though. Thanks for the laffz.
the only thing i'm projecting is the shadow by Anonymous Coward · 2011-10-08 17:41 · Score: 0

of my huge dong. cower some more in my shadow, feeb. you're completely pathetic.
1. Re:the only thing i'm projecting is the shadow by Anonymous Coward · 2011-10-10 11:16 · Score: 0
  
  You're right, ac, I admit it, I'm a fag and I am hot for the ac's thick meat-stick but I'm too cowardly to admit it. apk
2. Re:the only thing i'm projecting is the shadow by Anonymous Coward · 2011-10-10 11:44 · Score: 0
  
  APK doesn't write that way. Impersonating he isn't helping you. APK isn't gay. Learn to write correctly.
You project is your own insecurity by Anonymous Coward · 2011-10-09 09:45 · Score: 0

See subject line above & ur last reply. Obviously you aren't "confident down there" (lol).
1. Re:You project is your own insecurity by Anonymous Coward · 2011-10-09 17:25 · Score: 0
  
  "you project is your own security"
  LOL I think I've got you hot and bothered, you can't even form a proper sentence.
2. Re:You project is your own insecurity by Anonymous Coward · 2011-10-09 17:27 · Score: 0
  
  *insecurity (shoulda copied and pasted, I know)
you = projecting (again) by Anonymous Coward · 2011-10-09 18:41 · Score: 0

I have no problems with my insecurity. Sounds like the limp-dicked loser apk is projecting again. (NO surprises there!)
1. Re:you = projecting (again) by Anonymous Coward · 2011-10-09 22:01 · Score: 0
  
  3 replies in a row from you? Someone struck a nerve in you and the truth's out on you now.
2. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 02:15 · Score: 0
  
  what does that have to do with anything? you = stagnated.
3. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 02:31 · Score: 0
  
  what does that have to do with anything? you = off topic trolling douche.
4. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 02:44 · Score: 0
  
  oh look, it's more projection from the off topic trolling douche.
5. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 03:28 · Score: 0
  
  Sorry 4 trollin' n stalkin' U apk. Haven't taken my meds today.
6. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 06:27 · Score: 0
  
  Sentences begin with capital letters. Please learn to write.
7. Re:you = projecting (again) by Anonymous Coward · 2011-10-10 11:13 · Score: 0
  
  i know how to write, i just chose not to when an anonymous faggot on the internet is being a fag.
That's just TOO GOOD by Anonymous Coward · 2011-10-10 17:10 · Score: 0

Impersonating he [sic] isn't helping you. ... Learn to write correctly.
Boy, you sure put your foot in your mouth with that one. Too good, just too good. Keep it up, faggot-boy, this is prime entertainment.
1. Re:That's just TOO GOOD by Anonymous Coward · 2011-10-11 01:42 · Score: 0
  
  For once you capitalized a the first word in a sentence. What about the dozen others?
U project ur homosexual insecurities by Anonymous Coward · 2011-10-11 03:25 · Score: 0

U call me fag. It shows it bugs u, not I. U project ur issues by name calling. Don't u know that?
1. Re:U project ur homosexual insecurities by Anonymous Coward · 2011-10-11 17:20 · Score: 0
  
  You can't write proper english, and you're a fag.
2. Re:U project ur homosexual insecurities by Anonymous Coward · 2011-10-12 01:51 · Score: 0
  
  Quit projecting your homosexual insecurities. Funny you capitalize 1st letters of sentences now too, lol.
3. Re:U project ur homosexual insecurities by Anonymous Coward · 2011-10-12 13:45 · Score: 0
  
  ur a fag
4. Re:U project ur homosexual insecurities by Anonymous Coward · 2011-10-13 01:05 · Score: 0
  
  You wish he were a *fag*. He isn't. Go try elsewhere and try stay on topic troll.
5. Re:U project ur homosexual insecurities by Anonymous Coward · 2011-10-14 11:04 · Score: 0
  
  you project your impression that I wish you're a fag. I don't wish anything remotely like that. you wish I wish you were a fag, as that would imply that someone thought you were sexually attractive, which no-one does.
Pot calling the kettle black, stupid? by Anonymous Coward · 2011-10-14 06:26 · Score: 0

You posted 12 sentences that didn't start with capital letters here http://tech.slashdot.org/comments.pl?sid=2461178&threshold=-1&commentsort=0&mode=thread&pid=37637720 and? Those are initials (apk), not an acronym, stupid.
1. Re:Pot calling the kettle black, stupid? by Anonymous Coward · 2011-10-14 11:01 · Score: 0
  
  initials are an acronym, stupid. and initials, like all acronyms, should be capitalized.
  
  ac-ro-nym noun
  Definition of ACRONYM
  : a word (as NATO, radar, or laser) formed from the initial letter or letters of each of the successive parts or major parts of a compound term; also : an abbreviation (as FBI) formed from initial letters : INITIALISM
  now get a fucking dictionary, you cunt.
Are you on topic, troll? No by Anonymous Coward · 2011-10-14 07:06 · Score: 0

I get the last laugh with that fact alone. See subject-line above.
Now get on topic, you off topic troll by Anonymous Coward · 2011-10-14 12:07 · Score: 0

See subject line above? I'll always win based on that, and your dozen sentences here http://tech.slashdot.org/comments.pl?sid=2461178&threshold=-1&commentsort=0&mode=thread&pid=37637720 you anonymous trolling moronic dolt, lol! When will you ever understand you just do not possess the intellect to get the best of me, hmm??
1. Re:Now get on topic, you off topic troll by Anonymous Coward · 2011-10-14 12:54 · Score: 0
  
  ur a faggot go suck a dick
  http://ompldr.org/vYXRjMg
Sentences begin with capital letters by Anonymous Coward · 2011-10-14 23:55 · Score: 0

So learn to write properly. Quit projecting your strange homosexual desires also, and cease your off topic trolling stupidity.
1. Re:Sentences begin with capital letters by Anonymous Coward · 2011-10-17 03:22 · Score: 0
  
  To borrow a phrase from Arnie ("The Terminator"): Fuck you, asshole.
To Mr. online stalking psychopath by Anonymous Coward · 2011-10-15 00:48 · Score: 0

Sentences begin with capital letters: Learn to write properly. You wish I was a fag, but I am not. I'm also not clicking the link you posted, Mr. online stalking trolling psycho, so please go away, and seek professional psychiatric help. Accept this as well: You do not possess the intellect to get the best of myself here, hence, why you must go off topic constantly as well as attempting your illogical adhominem attacks on myself, to no avail, other than making yourself out to be a stalking online psychopath.
1. Re:To Mr. online stalking psychopath by Anonymous Coward · 2011-10-15 02:34 · Score: 0
  
  ur a liar, I can tell by the tracking statistics that you clicked the link.
Sentences begin with capital letters by Anonymous Coward · 2011-10-15 00:53 · Score: 0

Moron (see your own sentence and subject-line above): Pot calling the kettle black, are we, idiot? It's clearly evident that you do not possess the intellect to get the best of me, give up. Your online psycho-stalking is turning out to be your undoing (hence why you do this anonymously like a total coward).
Seems others are watching you by Anonymous Coward · 2011-10-15 04:25 · Score: 0

Make a fool of yourself also. U R A cowardly little worm and an online stalker.
1. Re:Seems others are watching you by Anonymous Coward · 2011-10-15 04:44 · Score: 0
  
  huh, others whose ip address is from syracuse ny. wonder who that could be.
What's my IP address then? by Anonymous Coward · 2011-10-15 05:23 · Score: 0

I'm not even in NY state. Prove an IP address is from a certain city. You seem to overlook there could be people from any place on earth clicking your links. I did not though so you have no way of knowing where I am at all whatsoever. This is going to be hilarious in addition to watching your homosexual come ons, psychopathic stalking, off topic trolling, illogical adhominem attacks, misuses of the english language (such as not starting sentences with capital letters rampantly on your part), and far more.
1. Re:What's my IP address then? by Anonymous Coward · 2011-10-15 09:11 · Score: 0
  
  you're apk, you live in syracuse, your address is 903 e division st. internet superhero doesn't even know how to keep his dox private, and doesn't know an ip address is easily tracked to your location.
  everyone here thinks you're a fag, an idiot, and I wouldn't be surprised if one of these days somebody showed up at your house to shut you up for good.
2. Re:What's my IP address then? by Anonymous Coward · 2011-10-15 13:23 · Score: 0
  
  Sentences start with capital letters, nutjob.
death threats now? by Anonymous Coward · 2011-10-15 11:10 · Score: 0

your "undoing" will be if you ever try to harm me you little piece of human garbage. yes, I troll you anonymously because you're a psychopathic scumbag and I don't trust you.
Answer the question by Anonymous Coward · 2011-10-15 12:21 · Score: 0

What's my IP address then, bigshot? You stalk people, and claim I clicked your link?? What's my IP address??? LMAO, you're a trolling stalking psychopath and a liar as well.
Seems you make threats by Anonymous Coward · 2011-10-15 12:48 · Score: 0

Right here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 about showing up at apk's place? Utterly hilarious. I enjoy letting you show everyone that you are a cowardly little loser, lol, who is only harming himself and making apk look good on top of it by your off topic trolling and online psycho stalking. What 'death threat' did anyone make to you, goof? Show us that. You'll be able to do that, just like you could my ip address (nothing out of you there either, punk).
You're outnumbered 160:1 fool, lol by Anonymous Coward · 2011-10-15 12:57 · Score: 0

Roughly 160++ of them & I post as AC (hard to get even +1, as /. hides our posts & we "AC"'s start @ ZERO/0 points, unlike registered "lusers", lol!):
+5 'modded up' posts by apk (6):
CA DISREPUTABLE #2 of 2:2010 -> http://news.slashdot.org/comments.pl?sid=1884922&cid=34350102
EXCEL SECURITY FIX:2009 -> http://it.slashdot.org/comments.pl?sid=1139485&cid=26975021
TESLA:2010 -> http://science.slashdot.org/comments.pl?sid=1872982&cid=34264190
TESLA:2010 -> http://tech.slashdot.org/comments.pl?sid=1806946&cid=33777976
NVIDIA 2d:2006 -> http://hardware.slashdot.org/comments.pl?sid=175774&cid=14610147
HOSTS & BGP:2010 -> http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450
----
+4 'modded up' posts by apk (3):
INFO. SYSTEMS WORK:2005 -> http://slashdot.org/comments.pl?sid=161862&cid=13531817
WINDOWS @ NASDAQ 7++ YRS. NOW:2009 -> http://tech.slashdot.org/comments.pl?sid=1290967&cid=28571315
CARMACK'S ARMADILLO AEROSPACE:2005 -> http://science.slashdot.org/comments.pl?sid=158310&cid=13263898
----
+3 'modded up' posts by apk (7):
APK MICROSOFT INTERVIEW:2005 -> http://developers.slashdot.org/comments.pl?sid=155172&cid=13007974
APK MS SYMBOLIC DIRECTORY LINKS:2005 -> http://it.slashdot.org/comments.pl?sid=166850&cid=13914137
APK RC STOP ROOKIT TECHNIQUES:2008 -> http://it.slashdot.org/comments.pl?sid=1021873&cid=25681261
APK FOOLS IE7 INSTALL IN BETA HOW TO:2006 -> http://slashdot.org/comments.pl?sid=175857&cid=14615222
PROOFS ON OPERA SPEED & SECURITY:2007 -> http://slashdot.org/comments.pl?sid=273931&threshold=1&commentsort=0&mode=thread&cid=20291847
HBGary POST in Fake Names On Social Networks, a Fake Problem:2011 -> http://tech.slashdot.org/comments.pl?sid=2375110&cid=37056304
INJUSTICES:2010 -> http://apple.slashdot.org/comments.pl?sid=1754650&cid=33255474
----
+2 'modded up' posts by apk (6):
HOW DLL API CALL LOADS WORK:2008 -> http://tech.slashdot.org/comments.pl?sid=1001489&cid=25441395
APK ROOTKITS:2005 -> http://it.slashdot.org/comments.pl?sid=165958&cid=13843462
APK TRICK TO STOP A MALWARE:2008 -> http://tech.slashdot.org/comments.pl?sid=1010923&cid=25549351
SECURE CODING 4 DEFCON:2005 ->
1. Re:You're outnumbered 160:1 fool, lol by Anonymous Coward · 2011-10-15 14:24 · Score: 0
  
  you = NOTHING
2. Re:You're outnumbered 160:1 fool, lol by Anonymous Coward · 2011-10-15 14:47 · Score: 0
  
  you = NUTJOB (proof here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 where you make your puny threats, what a punk). Where's my ip address you said you had also, nutter?? Correction: you = NUTJOB + LIAR.
bring it, faggot by Anonymous Coward · 2011-10-15 14:23 · Score: 0

appears that you think you're invincible
1. Re:bring it, faggot by Anonymous Coward · 2011-10-15 15:17 · Score: 0
  
  I will bring you the definition of what you are http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=what+is+a+nutjob%3F&btnG=Search ROTFLMAO!
Don't make me laugh, wuss by Anonymous Coward · 2011-10-15 14:52 · Score: 0

Appears that you are definitely a punk coward, lol.
Dear nutjob, answer a question by Anonymous Coward · 2011-10-15 15:12 · Score: 0

Because this ought to be a huge laugh: Why do you obsessively stalk apk (or who you think is apk in your paranoid delusional fantasy land of psycho-ness)? LOL!
This, I have to hear.
I mean, how badly has he gotten the better of you (doubtless on technical issues in computing since you stalk he here on a computer tech forums) that your 'geek angst' emo issues have you so psycho stalker obsessed this way, nutjob?
ur a freak. thanks for the link. by Anonymous Coward · 2011-10-15 17:16 · Score: 0

struck a nerve? why did you reply 4x in a row exactly?
"the real apk"

There is a cornocopia of theories to choose from however. My personal favorite is the one that APK is really just some prison inmate with an axe to grind. I favor this theory because it would explain APKs lack of knowledge, his bad temper, poor grammar and spelling skills, his inability to interact with others, why he has no resume online and why he is still using something as crufty and useless as Delphi to develop applications (a prison donation perhaps?). There are other theories of course. Some say APK stopped taking his medication for whatever variety of mental conditions he suffers from
nice. thanks for that link, freak.
Y R U avoiding a simple question nutjob? by Anonymous Coward · 2011-10-15 17:24 · Score: 0

http://tech.slashdot.org/comments.pl?sid=2461178&cid=37727968 so just answer the question nutjob, and remember: Sentences start with capital letters (and you said apk has poor grammar? Puh-leese, lol!). Additionally, the day you've done all apk has around computing, or more on your part, such as this partial list of his personal favorites he has posted to trolls such as yourself before:
"My Name is Ozymandias: King of Kings - Look upon my works, ye mighty, & DESPAIR..."
----
Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61
(&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row 2000-2002, in its HARDEST CATEGORY: SQLServer Performance Enhancement).
WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)
PC-WELT FEB 1998 - page 84, again, my work is featured there
WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there
PC-WELT FEB 1999 - page 83, again, my work is featured there
CHIP Magazine 7/99 - page 100, my work is there
GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it
HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!
Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only...
Being paid for an article that made me money over @ PCPitstop in 2008 for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com/forums/showthread.php?s=ee926d913b81bf6d63c3c7372fd2a24c&t=28430&page=3
It's also been myself helping out the folks at the UltraDefrag64 project (a 64-bit defragger for Windows), in showing them code for how to do Process Priority Control @ the GUI usermode/ring 3/rpl 3 level in their program (good one too), & being credited for it by their lead dev & his team... see here -> http://ultradefrag.sourceforge.net/handbook/Credits.html or here http://sourceforge.net/tracker/?func=detail&aid=2993462&group_id=199532&atid=969873
AND lastly: http://g-off.net/software/a-python-repeatable-threadingtimer-class where I got other programmer's work WORKING RIGHT (in PyThon no less, which I just started learning only 2 week ago no less) by showing them how to use a "Dummy Proxy Function" as I call it, to make a RepeatTimer class (Thread sub-class really) to take PARAMETERIZED FUNCTIONS, ala:
def apkthreadlaunch():
getnortonsafeweb(sAPKFileName = "APK_1_NortonSafeWeb360Extracted.txt".rstrip())
a = RepeatTimer(900, apkthreadlaunch) # 900 is 15 minutes... apk
Where it was NOT working for many folks there, before (submitted to the maker of the RepeatTimer class no less, & yes, it WORKS!)
----
What do I have to say about that much above? I can't say it any b
Only nerve struck was my ulnar nerve by Anonymous Coward · 2011-10-15 17:37 · Score: 0

"Funny bone", n' him makin' me laugh @ U, w/ his "nutjob" post about U, lmao! He described you perfectly. Lastly, please: Learn to count, along with using capital letters on the first letter of your sentences nutjob (which makes your mindless posts easy to spot here). He only posted twice.
1. Re:Only nerve struck was my ulnar nerve by Anonymous Coward · 2011-10-16 02:32 · Score: 0
  
  twice here and twice more in other threads on this page. that makes four. fuck off, cunt.
2. Re:Only nerve struck was my ulnar nerve by Anonymous Coward · 2011-10-16 06:05 · Score: 0
  
  the "funny bone" has nothing to do with laughter. ur a fucking crazy idiot as we all know. go fuck yourself with a broomstick.
dear apk, pls answer this question by Anonymous Coward · 2011-10-16 02:38 · Score: 0

"The fucking crazy idiot who pretends he's some IT wizzzard can't even protect his PI."
is it true that everyone here think's u r a fucking crazy idiot?
You've GOT to be a woman using by Anonymous Coward · 2011-10-16 03:06 · Score: 0

The "C" word, lol (very telling that) - & Y R U avoiding a SIMPLE QUESTION http://tech.slashdot.org/comments.pl?sid=2461178&cid=37727968 , there, hmmm? I mean, come on: What is this all about, REALLY, hmmm?? I mean, your "thinly veiled threats" here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 have already been reported to law enforcement (so you know) about coming to apk's home which he's aware of now via my letting he know about it, and if anything happens here? Letting you know that the next step'd be subpoening your IP address from /. logs & then coming for you (only being fair). I'd cut it out were I you, seriously, on this online "psycho-stalker" crap. I see his posts here on this site and nearly every one has your stalking psycho harassing and threatening posts in them at some point. Get mental help, seriously.
1. Re:You've GOT to be a woman using by Anonymous Coward · 2011-10-16 07:05 · Score: 0
  
  You're a lying faggot, & quoted here making "thinly veiled threats" of your own, & demanding that I tell you who I am (probably so that you can subject me to your deranged stalking and harassment in real life vs. just online as you currently do): http://tech.slashdot.org/comments.pl?sid=2461178&cid=37723222
  
  Your online psycho-stalking is turning out to be your undoing (hence why you do this anonymously like a total coward).
  Why are you so afraid? Just because everyone knows your name and address and knows that you're a fucking loony tune who harasses and stalks others online? Just a suggestion; Maybe if you weren't a psychopathic freak you wouldn't have to worry so much.
Y R U avoiding simple questions, nutjob? by Anonymous Coward · 2011-10-16 03:21 · Score: 0

You project what you really think of apk by calling him a (lol) "internet superhero" http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076, making threats to he here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076, and now "IT wizzard" etc..
(Top marks in other words, but a bit psycho in the 1st one, as he is only a man after all)
Why are you avoiding telling us why you won't answer a simple question here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37727968 , hmm, and avoiding answering it truthfully psycho?
Also, as far as you trying to cut him down, saying "everyone thinks" about him??
They sure do think of he, and well, to the tune of over 150 mod ups (so much for your b.s., you're outnumbered 150:1 or better) here from one of his posts:
APK posts here as AC (hard to get even +1, as /. hides ac posts & we "AC"'s start @ ZERO/0 points, unlike registered "lusers", lol!):
+5 'modded up' posts by apk (6):
CA DISREPUTABLE #2 of 2:2010 -> http://news.slashdot.org/comments.pl?sid=1884922&cid=34350102
EXCEL SECURITY FIX:2009 -> http://it.slashdot.org/comments.pl?sid=1139485&cid=26975021
TESLA:2010 -> http://science.slashdot.org/comments.pl?sid=1872982&cid=34264190
TESLA:2010 -> http://tech.slashdot.org/comments.pl?sid=1806946&cid=33777976
NVIDIA 2d:2006 -> http://hardware.slashdot.org/comments.pl?sid=175774&cid=14610147
HOSTS & BGP:2010 -> http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450
----
+4 'modded up' posts by apk (3):
INFO. SYSTEMS WORK:2005 -> http://slashdot.org/comments.pl?sid=161862&cid=13531817
WINDOWS @ NASDAQ 7++ YRS. NOW:2009 -> http://tech.slashdot.org/comments.pl?sid=1290967&cid=28571315
CARMACK'S ARMADILLO AEROSPACE:2005 -> http://science.slashdot.org/comments.pl?sid=158310&cid=13263898
----
+3 'modded up' posts by apk (7):
APK MICROSOFT INTERVIEW:2005 -> http://developers.slashdot.org/comments.pl?sid=155172&cid=13007974
APK MS SYMBOLIC DIRECTORY LINKS:2005 -> http://it.slashdot.org/comments.pl?sid=166850&cid=13914137
APK RC STOP ROOKIT TECHNIQUES:2008 -> http://it.slashdot.org/comments.pl?sid=1021873&cid=25681261
APK FOOLS IE7 INSTALL IN BETA HOW TO:2006 -> http://slashdot.org/comments.pl?sid=175857&cid=14615222
PROOFS ON OPERA SPEED & SECURITY:2007 -> http://slashdot.org/comments.pl?sid=273931&threshold=1&commentsort=0&mode=thread&cid=20291847
HBGary POST in Fake Names On Social Networks, a Fake Problem:
Police were at apk's home by Anonymous Coward · 2011-10-16 06:30 · Score: 0

I'd seriously consider your little threat here -> http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 because the police were at apk's home. Anything happens per your little threat there? You're going to be in deep shit and /. gets a subpoena order to find you and nail you. Have fun and no, No thanks, not into your weird ideas of fun you just mentioned psycho stalker.
Didn't you say this stalker? by Anonymous Coward · 2011-10-16 18:36 · Score: 0

yes, I troll you anonymously by Anonymous Coward on Saturday October 15, @07:10PM (#37726716)
You also must said your link led to someone who demanded your identity? Where??

& quoted here making "thinly veiled threats" of your own by Anonymous Coward on Sunday October 16, @03:05PM (#37732458)
Where please. I didn't see any threats there at all, but I have seen yours here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 making threats to someone's person and home.
You are quite clearly, very stupid, and definitely mentally addled. Have you been drinking or taking drugs and posting?

& demanding that I tell you who I am by Anonymous Coward on Sunday October 16, @03:05PM (#37732458)
Again, where did anyone *demand* you post your identity?
You're not doing a good job of defending yourself!
You also most definitely issued threats of violence here to others http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076
You clearly have mental issues and are an online stalking psycho (but apparently a harmless cowardly windbag that makes threats online under anonymous posts, lol).
Do slashdot a favor, Mr. mental case nutjob and yourself also: Take your meds please, lol.
1. Re:Didn't you say this stalker? by Anonymous Coward · 2011-10-16 23:42 · Score: 0
  
  was all clearly quoted right there in my post. stop blowing smoke now and trying to pretend like you never said it. you're a lying scumbag.
BUSTED!! by Anonymous Coward · 2011-10-17 13:45 · Score: 0

the police were at apk's home
And you, mr. pretending-to-not-be-apk, know this because HOW EXACTLY? Cause I'm just DYING to find out how YOU (if you're really not apk, in his faggotry lowercase initials as he always uses) know that police were at HIS house (if you're really not faggy apk, as I already said). Cause we all know that in reality you ARE faggy apk. Go suck on a dick. Better yet, kill yourself.
Properly constructed sentences by Anonymous Coward · 2011-10-17 22:57 · Score: 0

Don't begin with conjunctions (like "And"). Learn to write properly.
Show us where anyone threatened you? by Anonymous Coward · 2011-10-17 23:10 · Score: 0

I show where you make threats here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 easily. So, please show us those "quotes" you said you put up already where anyone else has threatened you with harm. You haven't yet, and you can't: That was never done to yourself. However, I show where you did, clearly, in the link above.
No thank you by Anonymous Coward · 2011-10-17 23:55 · Score: 0

Not interested. Go find yourself another dish, I'm not "on the menu", so take your homosexual come on elsewhere.
And "properly constructed sentences" is a fragment by Anonymous Coward · 2011-10-18 04:26 · Score: 0

And make me, faggot.
P.S. And your subject line is a fragment. And what about properly constructed sentences? And how ironic.
Re:And "properly constructed sentences" is a fragm by Anonymous Coward · 2011-10-18 07:23 · Score: 0

That continues into the comment. U fail and you're off topic.
Re:And "properly constructed sentences" is a fragm by Anonymous Coward · 2011-10-18 09:56 · Score: 0

Then why is "Don't" capitalized? Looks like the beginning of a new sentence to me. Guess you're still just a blithering idiot. Learn to capitalize properly before telling others what to do.
Re:And "properly constructed sentences" is a fragm by Anonymous Coward · 2011-10-18 12:08 · Score: 0

1st: You're an off topic online stalker troll above all else.
2nd: You said you had my IP address here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37724686 , well, what is it?? Did you tell a little "fib" there, lol? Of course.
3rd: You like to make threats to others here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076
4th: You admit trolling others

yes, I troll you anonymously by Anonymous Coward on Saturday October 15, @07:10PM (#37726716)
5th: Again, where did anyone *demand* you post your identity? You said they did here

& demanding that I tell you who I am by Anonymous Coward on Sunday October 16, @03:05PM (#37732458)
which you ran from yet again when asked questions. Your constant evasions of questions, or providing proofs of things you state, aren't victories in debate just in case you didn't realize that, lol!
6th: You've made homosexual offers to show your "c*ck" to me etc. here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37720666 and here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37724686 and http://tech.slashdot.org/comments.pl?sid=2461178&cid=37643398 plus http://tech.slashdot.org/comments.pl?sid=2461178&cid=37652244 and here as well http://tech.slashdot.org/comments.pl?sid=2461178&cid=37643398 as in other threads you've been "obsessively stalking" me in for who knows how long now!
* LMAO - Since "3 strikes, you're out" isn't good enough for you apparently? There's a partial list of 6 of your "FAILS" here
That's only some of many you've made here in lies, stalking, libeling myself, and more...
(That's also overlooking whoever's pointing out your constant grammatical errors too mind you such as more than a dozen sentences that didn't start with a capital letter properly http://tech.slashdot.org/comments.pl?sid=2461178&threshold=-1&commentsort=0&mode=thread&pid=37637720 even, lol, and more such as improperly starting sentences with conjunctions http://tech.slashdot.org/comments.pl?sid=2461178&cid=37748206 etc./et al).
Attempting to impersonate apk here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37672412 was the worst of all: Apk signs off as APK and usually has a p.s. - don't try to become a forger, lol, since you like criminal activity like online stalking and libeling others. You aren't good at those, and you certainly suck at impersonating others also.
You really need some sort of professional help of some sort. No expert here on that, but after the above partial list only of your "problems"? I can only think that much of you at this point. Especially after telling us what you really think of apk by calling him a (lol) "internet superhero" http://tech.slashdot.org/comments.pl?sid=2461178&cid=37726076 and also that apk's an "IT wizzard" etc.. (Top marks in other words, but a bit psycho in the 1st one, as he is only a man after all)
ur a fag by Anonymous Coward · 2011-10-18 12:16 · Score: 0

I posted the pic of my COCK and you clicked it (as expected. fag.). As proven by the tracking stats on the web host that I used.
You were asked for evidence of that before by Anonymous Coward · 2011-10-18 13:55 · Score: 0

Well, what's my IP address then? You can't produce that and you know it, because you were asked to do so before and ran from it, here http://tech.slashdot.org/comments.pl?sid=2461178&cid=37724686 oh, and for the rest of your numerous wrongdoings such as online stalking, making threats to people or their homes, murdering the written english language (LOL) and, far more? Rinse, lather, and repeat http://tech.slashdot.org/comments.pl?sid=2461178&cid=37756840 You need serious professional help of somekind, no questions asked. Your first sentence in the post of yours I am replying to shows anyone that alone and once more, sorry to disappoint you: I am not gay/homosexual as you attempt to libel myself as imo. You doing things like that project your own personal issues: Perhaps some childhood trauma of yours maybe?
A repeated grammatical mistake by you by Anonymous Coward · 2011-10-19 00:08 · Score: 0

Once more: Sentences don't begin with "And" (conjunctions).
The IP is evidence by Anonymous Coward · 2011-10-19 03:03 · Score: 0

A great wizzard such as urself should know to reserve potential evidence and not go blabbing it on the intrawebz. And can't you tell I don't give a shit? I'll talk however I want to talk. I only use proper language when I care about the other person's impression of me, and any impression made in that pea-brain of yours isn't worth the potato chips and soda that fuels it.