Linked by Thom Holwerda on Wed 1st Apr 2009 13:48 UTC
Bugs & Viruses We're well and deep into April 1 now, and if you were to believe some of the reports and hype on the internet, we should've all been paying in bottle caps right about now. As any sane person already saw coming, the Windows worm Conficker didn't do anything. It just kind of sat there, patiently mocking all those who did not update their machines properly.
Order by: Score:
No big suprise there
by Laurence on Wed 1st Apr 2009 14:13 UTC
Laurence
Member since:
2007-03-26

A BBC article summed it up nicely:

Vincent Weafer, vice president of security response at anti-virus firm Symantec added: "We believe the software is geared towards making money. The characteristic of this type of worm is to keep it slow and low, keep it under the radar to slowly maximise profits over the long term."

http://news.bbc.co.uk/1/hi/technology/7976099.stm

Edited 2009-04-01 14:14 UTC

Reply Score: 4

RE: No big suprise there
by bousozoku on Thu 2nd Apr 2009 04:12 UTC in reply to "No big suprise there"
bousozoku Member since:
2006-01-23

A BBC article summed it up nicely:
"Vincent Weafer, vice president of security response at anti-virus firm Symantec added: "We believe the software is geared towards making money. The characteristic of this type of worm is to keep it slow and low, keep it under the radar to slowly maximise profits over the long term."

http://news.bbc.co.uk/1/hi/technology/7976099.stm
"

Couldn't we just apply his response to Symantec's own software? It seems more like exploits than upstanding utilities most of the time. I don't know of any other software that could be labeled as crashware so readily.

Reply Score: 2

april 1 anyone?
by poundsmack on Wed 1st Apr 2009 14:46 UTC
poundsmack
Member since:
2005-07-13

aside frmo a lame april fools "OMG the world is going to end" virus (Y2K anyone?) there could be more to it.

Yesterday marked the last day of the financial quarter. Anti virus companies are hurting just like any other industry. What would be a great way to get a bunch of people to help pad your bottom line for that quarter than a big scare to get tehm to buy new antivirus licences? "there's nothing like a war to end a depression." This wouldnt be the first time something like this has happened, i doubt it will be the last.

Reply Score: 7

April Fools
by Isolationist on Wed 1st Apr 2009 15:00 UTC
Isolationist
Member since:
2006-05-28

Perhaps doing nothing was the April Fools joke in itself?

Reply Score: 4

v RE: April Fools
by satan666 on Wed 1st Apr 2009 16:37 UTC in reply to "April Fools"
RE[2]: April Fools
by BluenoseJake on Wed 1st Apr 2009 17:03 UTC in reply to "RE: April Fools"
BluenoseJake Member since:
2005-08-11

if people had of patched their systems in October, when the patch came out, then the worm wouldn't exist. This is not a problem with Windows security, it's a user problem.

Every system gets security updates. Repeat it now:

EVERY SYSTEM GETS SECURITY UPDATES.

If you keep spouting nonsense, it'll be you that looks like the joke.

Reply Score: 8

v RE[3]: April Fools
by satan666 on Wed 1st Apr 2009 17:10 UTC in reply to "RE[2]: April Fools"
v RE[4]: April Fools
by yossarianuk on Wed 1st Apr 2009 17:28 UTC in reply to "RE[3]: April Fools"
RE[4]: April Fools
by Thom_Holwerda on Wed 1st Apr 2009 17:49 UTC in reply to "RE[3]: April Fools"
Thom_Holwerda Member since:
2005-06-29

Blaming the users for the holes in Windows security is lame. Why are there holes in the security in the first place?


Because bug-free code is impossible to write. Only agencies like NASA can write bug-free code, but that does mean that in the hypothetical case NASA were to write a general-purpose operating system, it would cost upward of 10000 EUR per copy - probably a hell of a lot more.

We are modding you down because you have absolutely no idea what you're talking about. Starting with Windows Vista (and to a lesser extent, XP SP2) Windows is a pretty damn secure operating system. The only recent case of massive failure is this Conficker thing, which doesn't count since it only affects unpatched system.

Satan666, I know you are the person who systematically mods down almost each and every of my posts, we have insights into those things, you know. It's kind of funny that you complain about being modded down while you yourself abuse our system so thoroughly.

Reply Score: 9

RE[5]: April Fools
by PlatformAgnostic on Wed 1st Apr 2009 18:40 UTC in reply to "RE[4]: April Fools"
PlatformAgnostic Member since:
2006-01-02

What makes you think NASA writes bug-free code? They just test their code, have some redundancy in their systems, and don't have to put up with malicious users.

Reply Score: 4

RE[6]: April Fools
by sbergman27 on Wed 1st Apr 2009 19:14 UTC in reply to "RE[5]: April Fools"
sbergman27 Member since:
2005-07-24

What makes you think NASA writes bug-free code?

I've been following NASA lately. There's some really exciting stuff going on. For example, the Kepler mission is going to give us a remarkably reliable statistical map of "Earth-like" planets in their stars' "habitable zones" in just 3 or 4 years. But... as Thom asserts... it's not bug-free code[1]:

http://www.nasa.gov/mission_pages/kepler/news/keplerm-20090330.html

My assertion is that software projects, including those at Microsoft (and yeah, Mozilla), have come to expect that we won't roast them for being careless. (Hell, we heap praise upon Mozilla for being careless... after they release the fix.) And the more lax we become in our insistence upon quality, the more lax they will become in their development and release practices.

I used to despise DJ Bernstein and his attitudes. These days I'm not so sure.

[1] It is, however, well thought out and resilient.

Edited 2009-04-01 19:24 UTC

Reply Score: 3

RE[7]: April Fools
by PlatformAgnostic on Thu 2nd Apr 2009 01:38 UTC in reply to "RE[6]: April Fools"
PlatformAgnostic Member since:
2006-01-02

Some of it is not just carelessness. Security bugs usually arise when people have subtle misconceptions about the contracts of the functions they call (or the functions are misspecified). You really can't get anything done if you spend all of your time reading every callgraph down to its leaves.

Microsoft (particularly the Windows team) tries its hardest to catch all of these security defects by banning certain unsafe standards, by encoding the contracts in a static anotation language that is checked by machine before code is allowed into the main branches, and by fuzzing and heavily reviewing parsers, protocols, and externally-facing code. It's still possible to miss something, however.

I wish DJB luck in 'putting the security industry out of business.' I'm afraid though that to truly do that, we'd need to ensure that all network-facing software is written by a small cadre of uber-programmers, reviewed by another set of uber-programmers, and fuzzed/tested extensively. Even if you can get Linux and Windows written by those kinds of people, you still need to deal with the third-party and LOB applications of the world who don't have the same incentives and resources.

Reply Score: 2

RE[5]: April Fools
by NiceGuyEddie on Wed 1st Apr 2009 22:58 UTC in reply to "RE[4]: April Fools"
NiceGuyEddie Member since:
2006-03-22

Because bug-free code is impossible to write. Only agencies like NASA can write bug-free code


I assume that your irony levels are somewhat on the high level there!?

Reply Score: 2

RE[4]: April Fools
by BluenoseJake on Wed 1st Apr 2009 17:58 UTC in reply to "RE[3]: April Fools"
BluenoseJake Member since:
2005-08-11

Listen BlownoseJoke,

Blaming the users for the holes in Windows security is lame. Why are there holes in the security in the first place?


Why are there security holes in Debian? Fedora? OS X?

Because all operating systems have holes, and all need patches. Believing that Windows is the only OS with security holes and patches issued is what's lame. Here are some pages. Read them and become at least a little knowledgeable:


List of recent security updates for Debian Stable:
http://www.debian.org/security/

Fedora 8:
https://admin.fedoraproject.org/updates/

OS X:
http://support.apple.com/kb/HT1222

FreeBSD:
http://www.freebsd.org/security/advisories.html

Windows:
http://www.microsoft.com/protect/computer/updates/bulletins/default...

Oh, and please, grow up. I didn't call you any names, I just yelled some common sense at you.

Reply Score: 5

RE[5]: April Fools
by Bill Shooter of Bul on Wed 1st Apr 2009 22:32 UTC in reply to "RE[4]: April Fools"
Bill Shooter of Bul Member since:
2006-07-14

And for fun

OpenBSD ( the uber secure OS)

http://www.openbsd.org/security.html" http://www.openbsd.org/se...

Reply Score: 2

RE[4]: April Fools
by flanque on Wed 1st Apr 2009 20:41 UTC in reply to "RE[3]: April Fools"
flanque Member since:
2005-12-15

Yeah.. I will blame people for not updating their system, visiting pr0n and warez sites then receiving virii which disables security updates, using pirated Windows, thinking they're smarter than the hacks out there so they don't need anti-virus or updates, etc.

OK fine your arguement about the hole shouldn't be there in the first place is true, but if we waited until every product was 100% bug free we'd still be using Windows 1.0, we'd have not have moved away from the first kernel release in Linux or have wonderful products like the iPhone or TiVo.

Reply Score: 3

RE[5]: April Fools
by sbergman27 on Wed 1st Apr 2009 20:51 UTC in reply to "RE[4]: April Fools"
sbergman27 Member since:
2005-07-24

Yeah.. I will blame people for not updating their system, visiting pr0n and warez sites then receiving virii which disables security updates,

Might as well go ahead and blame people who notice that the allowed updates *observably* trash their systems more than any malware they perceive.

Reply Score: 3

RE[6]: April Fools
by flanque on Wed 1st Apr 2009 20:58 UTC in reply to "RE[5]: April Fools"
flanque Member since:
2005-12-15

sbergman27, to be completely honest I have NEVER seen any update from Microsoft that trashes someone's system, either personally or professionally.

I'm in the support field and served years at the desktop level and am currently on the server level and I quite simply haven't seen it happen at all.

Maybe it has happened at some point in time but it's by no way the norm in my experience.

I do recall occassions where patches don't do what they're intended to do, but nothing to the extent where users systems are trashed.

If it were really a common problem we'd see a lot more media attention and it'd be far more commonly known within the community of people who actually participate in applying these patches on mass (thousands of machines in my case).

Reply Score: 2

RE[7]: April Fools
by sbergman27 on Wed 1st Apr 2009 21:04 UTC in reply to "RE[6]: April Fools"
sbergman27 Member since:
2005-07-24

sbergman27, to be completely honest I have NEVER seen any update from Microsoft that trashes someone's system, either personally or professionally.

Well, personally and professionally, the number one reason I have heard from people for turning off updates is that a previous one "trashed their system". Maybe it did. Maybe it didn't. But you really can't blame people who feel helpless anyway from taking an "If it works, don't fix it" attitude.

Reply Score: 2

RE[7]: April Fools
by darknexus on Wed 1st Apr 2009 21:39 UTC in reply to "RE[6]: April Fools"
darknexus Member since:
2008-07-15

Oh, I have. Anyone remember what happened, initially, when you tried to install IE7 on XP via Windows Update, and you got unlucky enough to have it error out half-way through the installation? That caused one hell of a mess on any system affected. Been there, done that. It was fixed fairly quickly, but not quickly enough to prevent a lot of people's systems from getting screwed up.
Plus, Microsoft's method of releasing updates and additional patches leaves a lot to be desired. What, may I ask, is the point of having .NET Framework and then on top of it have to download hotfixes or service packs (.NET is merely an example here, there are others)? Novel idea, why not, when a service pack is released, repackage the whole thing with the service pack slipstreamed into it? Leave the hotfix up for those who've already installed the base package, but for those who didn't, we wouldn't have to run cycle after cycle of windows update checks to make sure we've got all the patches, meanwhile having to deal with their temporary files that are left over and weren't deleted when they should have been?

Reply Score: 2

RE[6]: April Fools
by BluenoseJake on Wed 1st Apr 2009 23:02 UTC in reply to "RE[5]: April Fools"
BluenoseJake Member since:
2005-08-11

That can also happen to any OS, just like the xorg update that trashed Ubuntu a few versions back.

Reply Score: 2

RE[7]: April Fools
by sbergman27 on Wed 1st Apr 2009 23:09 UTC in reply to "RE[6]: April Fools"
sbergman27 Member since:
2005-07-24

That can also happen to any OS, just like the xorg update that trashed Ubuntu a few versions back.

I'm not sure what your point is.

You might as well go ahead and blame people who notice that the allowed updates *observably* trash their systems more than any malware they perceive.

Edited 2009-04-01 23:09 UTC

Reply Score: 2

RE[7]: April Fools
by darknexus on Thu 2nd Apr 2009 00:11 UTC in reply to "RE[6]: April Fools"
darknexus Member since:
2008-07-15

Of course it can. I was merely pointing out that I have seen a Windows update hose the system, and that it is certainly possible.

Reply Score: 2

v RE[2]: April Fools
by satan666 on Wed 1st Apr 2009 17:04 UTC in reply to "RE: April Fools"
It's still young
by StychoKiller on Thu 2nd Apr 2009 00:44 UTC
StychoKiller
Member since:
2005-09-20

Boy a worm barely crawls out of its egg and everyone expects to see beautiful spotted wings. Why not let it graze peacefully on hard disk data until it reveals how poisonous it truly is? ;)

Reply Score: 3

Inexcusable
by irbis on Thu 2nd Apr 2009 08:55 UTC
irbis
Member since:
2005-07-08

From the story:

among those lax people are several government agencies. The UK Ministry of Defence has been infected, including a number of Royal Navy warships (...) and the Bundeswehr (that's the German army).

Cheesh... Defence and army people should certainly know better. That is simply inexcusable from them, especially as the security hole was patched before the worm got out and all you had to do was to keep your machines up-to-date. And this is not the first time we read news like this.

Don't those people responsible for the critical army IT systems understand anything about secure computing? What if there was a serious accident with those weapons because of their lax and ignorant attitudes? What if a war broke out and the systems were expected to work? And why on earth don't they use computer systems that are well known to be much less vulnerable to malware? Too much corporate lobbing and pressure in the government and in the defence ministries?

Reply Score: 3

RE: Inexcusable
by linux4life on Thu 2nd Apr 2009 22:15 UTC in reply to "Inexcusable"
linux4life Member since:
2009-04-02

I work as a web dev for the US Air Force and I can tell you exactly what the problem is; the whole chain of command issue. What I mean is that a guy like me has to put in a request for something and the request has to work it's way up the chain of command because the first person you asked won't give you an answer for fear of being chewed out by their superior for overstepping authority.

So up and up the request goes, and eventually, down it comes through the chain again once an answer has been given. This takes days, months, even YEARS in some cases. The IT guys in my detachment that I work with have been trying to get everyone to upgrade to IE7 and to delist Firefox as unstable for the work environment. They put that request in quite some time ago.. and I can still hear it crawling up the chain ever so slowly....

Reply Score: 1

AV companies
by EmptiusBranius on Thu 2nd Apr 2009 12:07 UTC
EmptiusBranius
Member since:
2008-07-09

Aren't these written by Symantec / AV companies... You know, if the tire repair business is slow, throw nails in the streets and advertise more.

Reply Score: 1

symantec norton
by eksasol on Sun 5th Apr 2009 21:03 UTC
eksasol
Member since:
2009-04-05

I think the Norton people secretly release it to improve their software sales.

Reply Score: 1