More than 60 percent of compromised Windows PCs scanned by Microsoft’s Windows Malicious Software Removal Tool between January 2005 and March 2006 were found to be running malicious bot software, the company said. The tool removed at least one version of the remote-control software from about 3.5 million PCs, it added. That’s compared with an overall 5.7 million machines with infections overall. “Backdoor Trojans […] are a significant and tangible threat to Windows users,” Microsoft said in the report.
People take their drive license in order to be allowed to drive. That’s because driving may put the life of others in danger as long as our own!
It should be the same exact thing with computers. Being ignorant can be quite hazard to you, your business or anyone interacting with you. So, it should be demanded a computer license in order to use a computer.
Afterall, Windows has a lot of problems with security. But not _everything_ is Windows’ fault. The user contributes a lot to this cumbersome spread of virus and maliciousware. And this is costing millions… the money they’d recover could be used for a much more noble cause, like feeding the poor people around the world.
I disagree. While, it is easy to coax a username and password from a newbie, it is then up to the security of the underlying OS with what these people do with the details.
Merely having a username and password to a linux/bsd/macosx machine will be of zero concern to anyone apart from that one user.
Windows on the other hand is like a swiss cheese.
You cannot have TOTAL computer/internet security without users educating themselves to certain degree. While MS has much to do to improve it’s security and relability (without question), users do play a significant role in the number of viral infections and bots that infect their PC’s. And, as we all know, it’s more than just opening attachments or clicking on links.
“Merely having a username and password to a linux/bsd/macosx machine will be of zero concern to anyone apart from that one user.”
Not entirely true. Having the username and password, then installing software under the user and running a crontab. Guess what, you have the same effect. Most users don’t look at logs unless they get suspicious. Not every Linux/bsd/MacOS user are admins, so they would not even know any better. In this case the security of the underlying OS has no bearing on the outcome. Same applies with a rootkit, as the only way to effectively get rid of it is to reinstall the system.
emmm nope
tech savvy users “should” have something like gkrellm running on the desktop, and at a glance you can see how many users and processes are running. anything out of the ordinary can be picked up right away.
for example
user David
user Postfix
user mysql
user mythtv
140 processes
now, someone installs software and sets a crontab, the processes suddenly go to 145. not easy to spot, but if you get to know your own personal system, it is easily spotted in a glance of less than a second
to remove a rootkit, run rkhunter.
“now, someone installs software and sets a crontab, the processes suddenly go to 145. not easy to spot, but if you get to know your own personal system, it is easily spotted in a glance of less than a second
to remove a rootkit, run rkhunter.”
You are talking tech savy users. I am talking the average user that does not know such tools even exist, or how to use them. As for rkhunter, I am not comfortable with it as I can’t be sure it will replace every one of the thousands of files put in place by a rootkit. Either way, re-installing the system is easier and much less time consuming.
“top” and “tail -f” are all that are needed. No need to use X11 or GTK libraries, ESPECIALLY for a system intended as a server, the more software you have, the more likely there is a security flaw in code running on your system.
Rootkit removal is stupid and useless, yes, it may fix any immediate threat you faced, but if someone compromised your system, there is no telling what the hell they could’ve done in there. Unless you have the ability to securely whiteroom md5 every file on your system against a known good copy, they could still all well have full access.
A 5+ year old threat, and the best that MS can do is come up with a detection and removal tool? With all the regularly released software updates, daily anti-virus updates, and general public awareness I can’t see blaming the user. Really now, who should be liscensed?
In case you haven’t noticed, MS is working on a new version of the Windows operating system (Vista) that will address many, if not most, of these security problems.
People are licensed to drive because they can endanger their lives and the lives of others!
I haven’t heard of anyone dying because a couple of Zombie Windows’s Box. In fact, having a Windows Zombie Box is only a danger to some billionaires who doesn’t want to loose their precious money & power.
My 2 cents!
Remember the blackout of 2003? Well the same company had a nuclear plant (thankfully offline) that got infected by one of those famous early 2000s windows viruses – because there was a link between the monitoring computers and the office computers, that bypassed the secure closed network the monitoring computers were supposed to be on.
End result was that monitoring was off, and was only discovered when some old non-computer monitoring equipment was checked. Imagine if the plant had been operational…
They run Windows on their damn nuclear reactor monitoring
computers?
Screw them….. Fire the authority who took such a decision. I think the license of the power company should be revoked.
Fire the authority who took such a decision. I think the license of the power company should be revoked.
why ?
Microsoft marketing deptartment makes all decision makers believe that Windows is the most secure system,
and that it is the best system for all uses. They also point out that Windows is more secure with every release/update.
The sad part is that they believe them.
My washing powder washes whiter than before…. where my clothes always dirty before ?
Microsoft marketing deptartment makes all decision makers believe that Windows is the most secure system
Really? Could you point me to some documentation which shows that? I’d really be interested in reading it.
are you flamebaiting or just having a laugh?
that is the whole point of the “get the facts” campaign.
if you do keep your head in the sand, here it is…
http://www.microsoft.com/windowsserver/facts/topics/security.mspx
Edited to tone it down a bit
Edited 2006-06-13 16:14
They run Windows on their damn nuclear reactor monitoring
computers?
Screw them….. Fire the authority who took such a decision. I think the license of the power company should be revoked.
Does the Windows AUP not explicitly state that Microsoft products should not be used in mission critical systems?
Edit: I can’t find a quote to verify this. All I can find in Microsoft Eulas is about Java not being suitable for use inthese environments.
Concerning mission critical systems: the British navy chose Windows 2000 as the OS on which to run their Type 45 Destroyer combat management system!
http://www.theregister.co.uk/2004/11/05/mod_oks_win2k_warships/
A group of BAE engineers who wanted to implement a UN*X alternative were quoted as saying Windows was not even warranted by Microsoft for safety-related use (so this might support your memory of the Windows AUP).
Bullcrap! The report from the blackout specifically stated it was not a virus.
Bullcrap! The report from the blackout specifically stated it was not a virus.
^^^^^^^^^^^
I never said the blackout was caused by a virus. I said the same company suffered from a Windows virus infection in an offline nuclear plant.
Using Windows 2000 in such an environment is suicide. Try OpenBSD instead.
Imagine a space craft running Windows. It would probably be a very interesting experience when entering the atmosphere of Earth during a BSOD.
“Imagine a space craft running Windows. It would probably be a very interesting experience when entering the atmosphere of Earth during a BSOD.”
If you still actually GET a BSOD, then you need to take a basic computing course, as you definitely do NOT know how to use windows.
That’s BS.
Whether or not you know how to use it is irrelevant.
BSOD’s in Windows usually stem from bad drivers and/or bad hardware.
There is very little one can do to create BSOD’s in Windows.
However, most kernel panics in Linux stems from wrong kernel configuration or boot configuration, e.g. you screwed up before restarting. In this regard there is very little you can do wrong with Windows. You cannot compile your own Windows kernel, and most people don’t even know what a bootloader is, so they aren’t touching it anyway. If they need a bootloader they are pretty much geeks and will use GRUB or LILO.
True enough about the bad drivers. That was not what your post conveyed is all. My point is the chances of a BSOD appearing on Windows XP, even due to bad drivers, is slim to none. At least in my experience anyway, with the possible exception of using experimental drivers, which would not be used in the situation you described.
As well true about kernel panics. Which is why I use Suse mainly, as the default kernels for Slackware, Debian, and Ubuntu kernel panic right off the install sources so I can not even get to install. That kernel I have no control over, at least if I do, I don’t know how to and have not found any documentation on.
Was this a US plant or somewhere else?
If it was a US plant, I wonder why the NRC approved the use of Windows? My brother is a lead developer operating systems for nuclear power plants (no Windows for them). He had to go through hell just to get approved to use an LCD display and color in the interface he was developing. It had not been approved before to do so, so the NRC was very reluctant to allow it.
The most commercial software I’ve heard of running in the nuclear power plant industry is the use of Visual Studio, because there are certain libraries that have been approved and standardized by the NRC (all ANSI stuff – nothing special like .Net) and the compiler itself. There are others, but that is the most well known.
Generally nuclear plants also run on embedded systems, not somthing you load up from an HD and install through CDs.
I would be surprised to hear that this is a plant in the US, of course there was that plant in Ohio (Davis Betsy) that havd a huge hole in the top of the reactor and they were running the damn thing so anything is possibile I guess.
I would be surprised to hear that this is a plant in the US, of course there was that plant in Ohio (Davis Betsy) that havd a huge hole in the top of the reactor and they were running the damn thing so anything is possibile I guess.
Ironically that is the plant the OP is referring to.
The core systems don’t run on Windows, but Slammer snuck into the network via an “unmonitored” T1, found an unpatched server and created network havoc and congestion that caused indirect failure of the monitoring gear on the same network. This happened prior to the big blackout.
http://www.securityfocus.com/news/6767
As for the blackout itself, nobody with any credibility or legitimacy believes it was a Microsoft virus that caused it. There were some working theories that Blaster may have been a contributing factor (one of many in a perfect storm of bad circumstances) only in that it may have prevented PC’s used for communications at one of the plants from operating properly, but in no way was Windows running mission critical gear.
Still, it’s interesting food for thought on the indirect impact that unsecured systems/networks can have even on isolated secured ones.
Just my 2c…
People take their drive license in order to be allowed to drive. That’s because driving may put the life of others in danger as long as our own!
It should be the same exact thing with computers.
Yes and anybody smart enough not to use Windows would be forced to take a stupid entry level computer course and part with good money, just to gain useless knowledge about an OS they don’t even (want to) use.
Maybe it would even take some similarly stupid step up course when MS decides to release a new GUI flavor.
In Europe there is something called the ECDL (European Computer Drivers License) which is such a silly Microsoft Appliction centric course. Utterly useless for anybody not on MS Windows with MS Office.
Please keep the world free from stupid computer licenses.
Edited 2006-06-13 14:08
The idea of having to get a license for a computer is completely unacceptable.
I understand why you have that idea (having thought so myself many times), but it’s the wrong way.
The right way would be to use the schools and colleges to educate the coming generations in how to use computers properly. They don’t have to learn how to code, but it should make them capable of handling a wide array of systems, GUIs, consoles, as well as several “Catastrophe” situations.
I have to agree with you on that. There are plenty of appliances that can cause bodily harm if not used properly. For example, you can cause a fire if you don’t clean the lint trap on your clothes dryer. Should we issue “drying licenses”? Of course not. It’s a matter of educating people.
What you need to do is lobby your local MP/Senator/King/Dictator etc.
For too many years, computer courses have been teaching children where the word count is in MSWord, and how to autocalculate in MSExcel.
These kids leave school thinking they know how to use computers, when in fact they are trained monkeys
Exactly.
While taking a 2-year HF (Higher Preparation) in Denmark I took the Computer Science Class the 2nd year. I learned absolutely nothing, and I’m sure those who knew less than me got a wharped sense of what CS actually was.
But they did learn how to create IE-only websites.
Maybe license isn’t the proper term. Put it this way: common-sense guidance for using a computer.
Simple stuff like not opening attachments from people you don’t know, starting to effectively recognize SPAM, avoid installing everything you see on the net, etc..
There are problems that only concern Windows and that’s pretty obvious. I, myself, only use GNU/Linux and Mac OS X but we must recognize that certain problems can affect every OS. Running a script file on *nix could erase, at worst, your home directory — where people usually keep their documents. Or it could spread your documents over the net.
So, as you see, no matter the operating system there are common lessons that everyone should take.
Running a script file on *nix could erase, at worst, your home directory
Unless you’re in the sudoer’s list on a system with the no-password-required version of sudo,
or you’re in a group that has read/write access to sensitive data on the system that’s not in your home directory, like, say, a database,
or naively set up root with no password,
or have xhost access to someone’s box,
or set up ssh credentials to allow password free log in to sensitive accounts from your account,
or, by dumb luck, happen to be on a system with a privilige escalation exploit possibility.
and it can be argued that the sort of denial-of-service attack such a script could mount might be more harmful than the loss of a user’s data.
As someone who spent days cleaning up vaxen/unix boxes after the original internet worm attack, I’m not a big believer in the myth that <your favorite OS> is more secure than <the OS you hate most>.
“may put the life of others in danger”. What are you? a facist? You want ‘Minority Report’ to come reality with pre-crime and crap? Yea, let’s put everyone under 24/7 curfew because they “may” cause someone injury.
How about liberty and freedom instead?
If someone fcks up and causes injury, punish them. but don’t punish everyone for those peoples incompetence.
Actually, most money was lost due to worms which attacked
Windows vulnerabilities directly, without user intervention. But obviously nobody wants money from Microsoft. And nobody claims people shouldn’t be allowed to connect to the internet with Windows or Internet Explorer.
I just can’t hear this “computer license” crap any more.
Er, privacy? I thought the removal tool did one thing – remove the “flavour of the month” virus. What’s it doing indexing the other programs running on my system?
If the removal tool doesn’t remove a particular virus, it should not be counting them either.
I didn’t think microsoft would already go on the charm offensive, with statistics about how good they are at removing stuff that shouldn’t be there in the first place..
Seems like the hype of their new virus and spyware software, shipping at somepoint, has begun.
I am not a fan of Windows, but this statistic is sort of self-generating: 60% of people who ran a tool specifically designed to detect and remove malware, found malware.
This is an item that people who suspect a problem use to check for and fix that problem. I would be more concerned about the inexperienced computer users who don’t even know about this tool.
A better analysis of this problem would be if a large population of random PCs were checked. Or, even better, if Microsoft did a daily check and report using this tool on every XP machine, instead of doing the daily checks with WGA.
Perhaps the next statistic will be that 80% of people running a defragmenter found that their drives were fragmented?
I really like the link at the end of this story. It says:
Back to Security
😉
People want computers to be idiot proof and easy to use like any other appliance.Truthfully, they are not.
People just need to spend some more time educating themselves to what its about.I am a linux user and telling people , oh just switch to Linux will not solve their problem instantly.
Using any operating system to a decent level of proficiency takes effort.Thats the real security right there.
A driving license for Windows – the problem is with all the security problems of Windows, Windows is no longer a suitable OS for the non-technical. You need to run a firewall, setup and understand the rules, run an up-to-date AV and keep it fully patched, etc. This takes time and is beyond many users, who just want to turn their PC on and use it like a tool – TV, typewriter, etc and why not?
Many people would be much better off running Linux. By way of illustration a friend was continuously pestering me to fix his PC, viruses, ad ware, instability etc. Eventually I’d had enough and installed Xandros (he’s had no problems for over a year). He can write his email, type letters, use a spreadsheet, and surf the net.
It’s a shame, that something such as getting SUSE to play DVDs is so complicated – and yes changing the synaptic sources to download libdvdcss in Ubuntu is way beyond the abilities of many PC users.
Windows looks easy and isn’t – Linux can be more difficult than it ort to be.
I have a question about Unix security and swiss cheese:
Can a non-root user launch executables that they download from the internet? As far as I can tell, they just have to set the executable bit and they’re off to the races.
Also, are there spots where users can put per-user auto-launch commands? As far as I know, there are a couple of places including WM-specific startup folders and .bashrc files.
If both of the above are true, then it’s just about as easy to get a trojan backdoor on linux as on windows. Why exactly do you need to compromise root for it to be a problem? Now, if there are any elevation of privilege attacks, the trojan could eventually get root. I have little idea of how X is architected and I haven’t learned what privileges normal users have to attach a debugger to random programs, but it is conceivable that this trojan could insert some code into a process or hook some X window messages, and get root access the next time the user performs an admin task.
The privilege escalation thing might not work, but does a trojan really need to be running as root for it to be a problem?
Can a non-root user launch executables that they download from the internet? As far as I can tell, they just have to set the executable bit and they’re off to the races.
Well, you have to admit that is one more step than a Windows user needs.
Windows allows (in my opinion) too many things to be executable by default.
It is possible to mount the home partition as non-executable. Definitely great for businesses and control settings to eliminate any foreign code being run on the system. I tested a similar setup on Windows XP and was unable to configure a folder to function fully w/o executable permission (downloading a file into the folder required “modify” persmission which auto-enabled “executable” permission).
While I *believe* most *nix systems do allow executable permission by default in the home folder and your scenario *could* be played out, it does require MUCH more effort from a user compared to simply visiting a website (even a trusted site such as the Yahoo Mail interface ( http://www.zdnetasia.com/news/security/0,39044215,39367249,00.htm )). In addition, even *if* the user account did get infected, it is *only* the user account that is impacted. As a result, once detected, it can be removed without having to do a full system restore (which is very common on Windows).
In Europe there is something called the ECDL (European Computer Drivers License) which is such a silly Microsoft Appliction centric course. Utterly useless for anybody not on MS Windows with MS Office.
To be fair to the ECDL, it was always intended to be an application centric course, intended to teach people the basic computer skills required in a typical office. It makes sense that they’d use Windows and MS Office, simply because they’re the OS and apps that the majority will encounter in the workplace if they have to do some wordprocessing or spreadsheet work.
Since other applications such as OpenOffice or SmartSuite are pretty similar, learning the basic features of MS Office is hardly a complete waste of time for someone who is totally computer illiterate. Basic skills gained from the ECDL, such as how to create, save and open documents, change font type and size in a document, carry out simple calculations in a spreadsheet, etc. are highly transferable. Despite it being based on MS software, organisations that use alternatives are generally happy to accept the ECDL as evidence of competence with computers, and will often send computer illiterate staff on the ECDL course.
A few years ago everyone in my workplace without the ECDL was automatically signed up for the course. It was a little annoying having to take such a basic course when my level of ability with the software was far more advanced, but since all the ECDL modules can easily be completed in an afternoon it wasn’t much of a hardship. More advanced users may find it a waste of time, but in my experience the ECDL was very, very helpful to a lot of the other people who were taking it. For example, several people who’d been typing letters in Word for years had never discovered basic features such as copy and paste, the ability to align text, or the spellchecker; they’d basically been using their PC like a typewriter and the ECDL made them much more efficient. If nothing else it helped to demystify computers for the completely computer illiterate who’d been avoiding using computers at all costs, in my opinion that’s a very good thing.
Maybe there should be a home computing centric course similar to the ECDL that covers security and basic maintenance of the system. Of course anything like that wouldn’t be compulsory, but I imagine it would be quite popular considering all the recent virus and security scares.
I bet there are a lot windows zombies.About time they assure people don´t have to game online with admin-rights because otherwise the stupid anti-cheat pinkbuster doesn´t work.
They are the biggest threat to the internet and e-commerce, their owners aren’t alone in their grief when they plug it into the net, we all suffer. Won’t someone think of the bandwidth? Much less the extortion.
One point that many people here seem to be missing is that part of the reason the various *nix’s have less security problems is the simple fact that in order to use them proficiently you need to know a lot more about how things work then you do with a Windows system performing the same tasks.
This is not to say that all nix users are smarter then all windows users because this by no means the case, there are many educated Windows users and truthfully, they rarely encounter these security problems because they know how to keep the system up to date and know what not to do.
There simply is a much higher saturation of computer savy people in the nix (percentage wise) crowd and hence they generally know more of what they can and cannot do.
I have a Win2k installation at home, I’ve been running for a couple of years with no major issues. I don’t have an antivirus running all the time, but I do a system-wide scan every few month. All I have is a firewall and that is more than enough. I’ve never had a virus, or a any kind of malware running on my computer. Over the time I’ve found that there are a few basic rules, that the common user doesn’t take into account: like not opening attachements from people they don’t know, surfing the web with IE, not using firewall, opening all kinds of crap from p2p networks and so on.
I’ve learned this stuff from experience, by trial and error, but it seems that some people never learn.
And I don’t think the *nix solution of running as non-root is the answare. That way, crapware would only affect your homedir, but this is exactly where you keep all the important stuff.