Linked by Thom Holwerda on Fri 8th May 2009 22:48 UTC
Privacy, Security, Encryption The past few years, it seemed as if virus writers had moved away from doing actual damage to systems to instead focus on stealth, so that infected machines can silently, and unknowingly, be used for all sorts of malicious practices. Sadly, there are still those crackers out there that prefer the old-fashioned approach to these matters. The result: 100000 ruined Windows machines.
Order by: Score:
Perversely
by Dasher42 on Fri 8th May 2009 23:45 UTC
Dasher42
Member since:
2007-04-05

This is a good thing. Virii that kill their hosts die out in both computers and nature.

Reply Score: 4

RE: Perversely
by Hypnos on Sat 9th May 2009 06:06 UTC in reply to "Perversely"
Hypnos Member since:
2008-11-19

Why ebola never turned into a plague -- burns itself out.

BTW, the plural of "virus" in English is "viruses;" in Latin, the plural is "viri."

Reply Score: 2

RE[2]: Perversely
by weorthe on Sat 9th May 2009 07:12 UTC in reply to "RE: Perversely"
weorthe Member since:
2005-07-06

There is no plural for "virus" in classical Latin. In modern Latin, it would be "vira."

http://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us

Edited 2009-05-09 07:26 UTC

Reply Score: 7

RE[3]: Perversely
by Hypnos on Sat 9th May 2009 07:56 UTC in reply to "RE[2]: Perversely"
Hypnos Member since:
2008-11-19

I stand corrected -- thanks!

I did look up the word in the Latin dictionary, and I declined it as a masculine noun. But as the Wiki page explains, that is not recommended because there are no recorded examples of pluralizing neuter nouns ending in "-us".

Edited 2009-05-09 07:59 UTC

Reply Score: 3

RE[4]: Perversely
by wanker90210 on Sat 9th May 2009 10:04 UTC in reply to "RE[3]: Perversely"
wanker90210 Member since:
2007-10-26

Anyone else thinking or a particular scene in "Life of Brian"?

Reply Score: 4

RE[5]: Perversely
by dylansmrjones on Sat 9th May 2009 11:04 UTC in reply to "RE[4]: Perversely"
dylansmrjones Member since:
2005-10-02

Haha.. I watched that scene just yesterday ;)

Reply Score: 2

RE[3]: Perversely
by sbergman27 on Sat 9th May 2009 17:42 UTC in reply to "RE[2]: Perversely"
sbergman27 Member since:
2005-07-24

Personally, I think it would be much better for us to drop all the pedantic anal-retention regarding pluralization and other silliness, and standardize this stuff. It is the pedants who are responsible for much of the mess that the English language has become. Pluralization should involve adding an 's' (or 'es' if the word already ends in s). What's the point in maintaining all the cruft regarding where the word originally came from and how pluralization was done in that, possibly even dead, language? It makes no sense other than possibly to give certain people a smug sense of being educated because they say indices instead of indexes, or radii instead of radiuses. This is English, not Latin, or French, or German, or freaking Dutch. And in English these are now English words and should be pluralized in the way English normally handled pluralization. (And don't even get me started on "words" like 'boxen'!)

Of course, I'm also in favor of complete reform regarding our rampant irregular verb problem, and a proponent of phonetic spelling. I suspect that much of this will happen over time. As English has spread around the world, and is brought into heavier daily use by the popularity of the Internet, more users of English are naturally using the forms which seem most logical and sensible, eschewing the ridiculous old cruft that 'educated' people cling to. And the pedants are loosing some of their influence.

Reply Score: 3

RE[4]: Perversely
by EvilPixieMan on Sun 10th May 2009 00:27 UTC in reply to "RE[3]: Perversely"
EvilPixieMan Member since:
2009-01-27

You're from the US, aren't you?

Reply Score: 2

RE[4]: Perversely
by EvilPixieMan on Tue 12th May 2009 20:57 UTC in reply to "RE[3]: Perversely"
EvilPixieMan Member since:
2009-01-27

Steve,
The language we share has a rich and varied history, with words of many origins. It is complex, but at the same time that is what gives it the richness it has.
My comment about your origin (since you ask) was because it is just SO seppo to want to reform the entire thing into a bland broth of phonetics.
Its been done once already. Further bastardisation will only widen the gulf between "US English" and the English spoken by the rest of the world. Will that really simplify things?
Besides, the last attempt at changing spelling to match pronunciation has only further skewed the pronunciation of many words. You buggers speak funny as it is ;)

Reply Score: 1

RE[3]: Perversely
by unclefester on Sun 10th May 2009 12:15 UTC in reply to "RE[2]: Perversely"
unclefester Member since:
2007-01-13

Virus is a actually a created 20th century English word with a Latin stem meaning alive. The original scientific term is filterable virus. The correct plural is viruses.

Reply Score: 2

RE[4]: Perversely
by weorthe on Sun 10th May 2009 15:37 UTC in reply to "RE[3]: Perversely"
weorthe Member since:
2005-07-06

I was only talking about the Latin terms. The English plural is viruses of course.

Reply Score: 2

RE[2]: Perversely
by UglyKidBill on Sun 10th May 2009 00:05 UTC in reply to "RE: Perversely"
UglyKidBill Member since:
2005-07-27

errr... but virii is the proper plural in l33t, wasn´t it? ;-)

Reply Score: 1

RE: Perversely
by Gone fishing on Sat 9th May 2009 14:05 UTC in reply to "Perversely"
Gone fishing Member since:
2006-02-22

This is a good thing. Virii that kill their hosts die out in both computers and nature.


In nature this is a mistaken view - it is true that viruses that adopt a typical long term parasitic relationship with their host will tend to become less virulent as the virus has a vested interest in its hosts survival, sometimes to the point where the virus ceases to be pathogenic, the integration of viral code into the human genome illustrates this.

However, this isn't the only strategy - a virus that uses its host only briefly has no interest in its hosts survival, only rapid and effective transmission. For example very rapid dispersal and rapid transmission coupled with a high mutation rate - the common cold, or high virulence and rapid dispersal such as smallpox or rabies.

Fortunately I can't envisage the computer equivalent of rabies so hopefully no one will get bitten by a PC foaming at the mouth.

Reply Score: 3

v whatever...
by celt on Sat 9th May 2009 00:33 UTC
RE: whatever...
by google_ninja on Sat 9th May 2009 01:47 UTC in reply to "whatever..."
google_ninja Member since:
2006-02-05

I wish i could mod this down more then once.

Reply Score: 2

RE: whatever...
by lqsh on Sat 9th May 2009 01:57 UTC in reply to "whatever..."
lqsh Member since:
2007-01-01

I hate to blatantly agree, but alternatives to Windows are out there...

Reply Score: 5

RE[2]: whatever...
by jptros on Sat 9th May 2009 05:44 UTC in reply to "RE: whatever..."
jptros Member since:
2005-08-26

Yes, I'm sure the majority of people who this affected care about alternatives enough to want to bother trying to use them. This has less to do with Windows and more to do with the person operating it. But that's alright, even though alternative operating systems don't cure ignorance feel perfectly welcome to keep inviting them over to your platform so the cross-hairs of the mal-ware developers and bad press will shift somewhere else for a change.

Reply Score: 4

RE[3]: whatever...
by kaiwai on Sat 9th May 2009 06:35 UTC in reply to "RE[2]: whatever..."
kaiwai Member since:
2005-07-06

Yes, I'm sure the majority of people who this affected care about alternatives enough to want to bother trying to use them. This has less to do with Windows and more to do with the person operating it. But that's alright, even though alternative operating systems don't cure ignorance feel perfectly welcome to keep inviting them over to your platform so the cross-hairs of the mal-ware developers and bad press will shift somewhere else for a change.


If you took the time to notice there is a trailing dots afterwards to indicate the simple problem: the end user moves operating systems and they can't run the software they like from the vendors they trust (aka, I want PrintShop Pro but the company doesn't make a version to run on the operating system I'd like to run), the hardware - even when the operating system is bundled with the hardware isn't fully supported (HP claiming SLED supports their laptop but the reality is that it is mired in problems).

With that being said, however, you are right - the weakest link is the end user; the patch that stops the conflicker worm from being spread was released October 28, 2008 last year and yet we have people here bending over backwards to justify the laziness of end users.

To those who blame the operating system company after they release an update months before the worm/exploit hits the web: Is it the fault of the oven company when someone puts on a dinner, walks away, and then the food gets burnt? is it the fault of the microwave company when the microwave blows up because someone puts a metal dish in it?

Edited 2009-05-09 06:39 UTC

Reply Score: 5

RE[4]: whatever...
by Drumhellar on Sat 9th May 2009 08:21 UTC in reply to "RE[3]: whatever..."
Drumhellar Member since:
2005-07-12

Is it the fault of the oven company when someone puts on a dinner, walks away, and then the food gets burnt? is it the fault of the microwave company when the microwave blows up because someone puts a metal dish in it?


Um... Yes?


j/k

Reply Score: 1

v Observation ...
by Moulinneuf on Sat 9th May 2009 08:56 UTC in reply to "RE[3]: whatever..."
RE[4]: whatever...
by porcel on Sat 9th May 2009 13:28 UTC in reply to "RE[3]: whatever..."
porcel Member since:
2006-01-28

Yeah, except for the fact that Microsoft patches are notorious for breaking stuff in all kinds of ways.

Suddenly, a piece of software that you have been running for years and on which an entire company depends, no longer works. Suddenly, a patch to w2k3 server makes it very hard for winxp clients to connect to a windows domain the first time, throwing an rpc error, unless you know the specifc steps to work around it.

So, give it a break. Lots of people cannot afford to upgrade the instant that patches are released becasue all too often shit breaks.

And dont tell me to get a backup server to test patches on, becasue there are too many servers each with its specific function and purpose and it simply isn't financially feasible to have two of everything.

We have progressively moved to linux on most of our servers and have had zero issues with patches in five years.

Reply Score: 6

RE[5]: whatever...
by kaiwai on Sun 10th May 2009 00:52 UTC in reply to "RE[4]: whatever..."
kaiwai Member since:
2005-07-06

Yeah, except for the fact that Microsoft patches are notorious for breaking stuff in all kinds of ways.

Suddenly, a piece of software that you have been running for years and on which an entire company depends, no longer works. Suddenly, a patch to w2k3 server makes it very hard for winxp clients to connect to a windows domain the first time, throwing an rpc error, unless you know the specifc steps to work around it.

So, give it a break. Lots of people cannot afford to upgrade the instant that patches are released becasue all too often shit breaks.

And dont tell me to get a backup server to test patches on, becasue there are too many servers each with its specific function and purpose and it simply isn't financially feasible to have two of everything.

We have progressively moved to linux on most of our servers and have had zero issues with patches in five years.


I understand where you are coming from but at the same time I find it difficult to understand why you would keep with third party vendors whose products are of such low quality that it breaks on updates. What that tells me, when they do break is that they aren't programming according to what has been documented and instead using undocumented hacks, failing to update their software when Microsoft fixes up win32 errors (and update the documentation on their MSDN website to reflect those changes).

Heck, I remember when Windows XP SP2 was released there was a list of 'safe win32 API calls' which they encouraged third party vendors to use over the unsafe ones - did anyone in the third party software community listen to them? it seems that all the advice and suggestions of Microsoft fall on deaf ears because programmers in these third party software companies think they know better than Microsoft.

You as an end user/customer have to start putting the hard work on these third party vendors whose software breaks when you apply updates to get their act together; unless you make some noise, the third parties will never get the message to shape up.

Reply Score: 2

RE[3]: whatever... - it would be different
by jabbotts on Sat 9th May 2009 16:00 UTC in reply to "RE[2]: whatever..."
jabbotts Member since:
2007-09-06

The security by design of other platforms combined with the larger developer base and rate of bug patching... I'd be very interested to see the outcome if/when other platforms become targeted more directly.

Apple faithful will benefit from that company being forced to focus on security more. The more libre platforms already enjoy attention to security with the exception of a few distributions that break it intentionally.

Reply Score: 3

Not a bad thing
by kajaman on Sat 9th May 2009 03:58 UTC
kajaman
Member since:
2006-01-06

..they could still send out spam, steal credit card numbers or attack someone's servers.

Die, you unpatched machines, die!

Reply Score: 2

I wonder...
by darknexus on Sat 9th May 2009 04:02 UTC
darknexus
Member since:
2008-07-15

From the sound of the rather broken translation, it seems the kill switch works by messing up the registry. Would booting under last known good configuration let you get your system booted again, at least temporarily? It didn't say whether it attacks the backup registry files. I'd be surprised if it didn't, but malware writers have missed the obvious before.
I'm very glad of two things. One is that I do not use Windows, and the other is that at least this malware doesn't do any actual hardware damage. Anyone remember some of the old DOS viruses that actually destroyed certain types of hardware by corrupting its firmware? Granted, modern oses don't usually allow that type of direct hardware access, but still... if a driver did allow it, malware could use it for nasty purposes.
Hopefully this one dies out like most other viruses that kill their hosts, but somehow I don't think so. This one doesn't automatically kill every system it's installed on, the killswitch is under the control of the hacker and, I would assume, could actually be applied to specific machines not just the entire botnet.

Reply Score: 2

RE: I wonder... - small vocabulary detail
by jabbotts on Sat 9th May 2009 21:58 UTC in reply to "I wonder..."
jabbotts Member since:
2007-09-06

It doesn't take away from your point but it's a matter of using the correct terms being that this is a technology site.

I think you mean "criminal" not "Hacker". The latter being an enthusiast mind set not inherently criminal in nature. If someone's running a botnet, they aren't a hacker, they're just another criminal playing with scripts. There is nothing elegant, creative or witty about releasing botnet malware or any other viral code on public networks.

http://blogs.techrepublic.com.com/security/?p=1400

or

http://catb.org/jargon/html/H/hacker.html

where you meant

http://catb.org/jargon/html/C/cracker.html

or simply "Criminal" as we don't really need a new word to describe the act of harming others for profit or thrills.

Reply Score: 3

Were I to create a botnet
by Moredhas on Sat 9th May 2009 05:10 UTC
Moredhas
Member since:
2008-04-10

Were I to create a botnet, I would include a killswitch for it and charge a subscription fee to the organisations that wanted to use it. The killswitch would be there to deal with non-paying clients by shutting down the botnet. If it's easy enough to rerelease the virus or worm into the wild, it's not a major loss.

Edited 2009-05-09 05:11 UTC

Reply Score: 3

jabbotts Member since:
2007-09-06

Years ago I had a friend playing with a bit of shareware he had written. He was musing about a killswitch instead of a simple expiry time period on his shareware; it would overwrite the fat table with 0s.

He didn't ever release his code with such a bomb in it but I think that's along the same lines.

Reply Score: 2

steogede2 Member since:
2007-08-17

Years ago I had a friend playing with a bit of shareware he had written. He was musing about a killswitch instead of a simple expiry time period on his shareware; it would overwrite the fat table with 0s. He didn't ever release his code with such a bomb in it but I think that's along the same lines.


If he seriously considered putting a kill switch in a piece of shareware - he is probably writing viruses and selling botnets for a living now (or working for microsoft).

Reply Score: 1

jabbotts Member since:
2007-09-06

Well, he is writing software but nothing so dramatic or remotely malicious. We all do stupid things in highschool. It's the one's that don't ever grow beyond that which become a problem.

Reply Score: 2

Ruined?
by Traumflug on Sat 9th May 2009 10:13 UTC
Traumflug
Member since:
2008-05-22

Thom,

I have no idea why you consider these machines as "ruined". If such a bot goes down it's most likely a good thing. How else would the semi-ignorant webmaster get pushed to actually fix things instead of looking away?

When reading how this guy just deleted unwanted files without taking further action this almost made me laugh. What kind of sillyness is this? Are we really expected to send sensitive data to people which don't even know how to turn the key in their vault's lock?

With some luck, a culture of setting botted servers offline will evolve. Kill the botnets by their own weapons. This would undoubtly give the evils a hard time.

Traumflug

Reply Score: 1

RE: Ruined?
by orestes on Sat 9th May 2009 21:51 UTC in reply to "Ruined?"
orestes Member since:
2005-07-06

Exactly. I'd much rather see infected machines disabled or directly damaged than have them doing christ knows what to the rest of the net.

Who knows maybe it'll teach them to secure their systems properly next time

Reply Score: 2

v Comment by Redeeman
by Redeeman on Sat 9th May 2009 14:35 UTC
Sadly?
by RMSe17 on Mon 11th May 2009 19:11 UTC
RMSe17
Member since:
2006-03-06

Sadly..?
So you would rather welcome a stealthy rootkit that leaves your computer performing just fine, while it steals all your passwords, accounts, and whatever other info that you happened to have placed on your computer?

I would much rather have a virus that casues my computer to BSOD as soon as it got infected, at least then I dont have to worry about working on an infected machine. I can just boot up to a livecd, copy off all my documents and data, and wipe out the windows/boot partitions and start fresh.

I think most people would agree...

Reply Score: 1

exaggerated?
by faflu on Mon 11th May 2009 20:02 UTC
faflu
Member since:
2009-05-11

I'm from Poland working in IT and I think I should hear something about "dying" 100000 windozes, but I only heard about it from OSnews. At least the number of killed machines doesn't look plausible.

Reply Score: 1

Anyone interrested in fewer Botnets?
by Mystif on Mon 11th May 2009 21:21 UTC
Mystif
Member since:
2008-05-12

If this virus has a kill switch maybe others do as well? It would be a shame to force a whole bunch of people to reload there OSes, etc. but think about the implications of taking down massive numbers of machines "unwitting" participating in all kinds of suspicious behaviors.

If the users of most of these machines brought them back online with protection to prevent it from happening again the impact on reducing cyber-crimes could be quite impressive. ...at least until the criminals regroup.

I don't know if this is a good idea or a positively evil one...

Reply Score: 1