EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

02.13.09

Botnets and Bounties Versus Real Security

Posted in Finance, Microsoft, Security, Windows at 7:14 am by Dr. Roy Schestowitz

THERE ARE many reports this week about Windows security problems, but one that really stood out is this one from yesterday:

Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of the virus writers behind the infamous Conficker (Downadup) worm.

This was also covered in:

So Microsoft plays sheriff and puts money on people’s heads rather than actually produce secure and robust systems. That’s the equivalent of jailing many people for possession of illegal drugs rather than looking for ways to prevent the trafficking of such drugs. It completely ignores the causes and instead addresses an outcome. The outcome is not just tens of millions of hijacked computers in this case; the ‘outcome’ is also teenage cyber-criminal who are empowered by badly engineered systems. Will there be a bounty presented to combat each and every Windows virus that exists (there are over a million, including variants)?

In other news, 8 “critical” vulnerabilities have just surfaced in Microsoft software.

Microsoft Patches 8 Critical Vulnerabilities

Microsoft Tuesday patched eight vulnerabilities — three of them marked “critical” — in the company’s Internet Explorer (IE), Office, Exchange and SQL Server software.

“Critical” is the highest degree of severity in Microsoft’s scale, so it’s only reasonable to expect larger botnets. Speaking of which, Microsoft is again addressing the wrong problem in the wrong way when it tries to take apart botnets rather consider the reasons for their creation in the first place.

Microsoft has beefed up the Malicious Software Removal Tool (MSRT) that ships with its Windows operating system so that it will detect and root out the notorious Srizbi botnet code.

“This month’s MSRT takes on one of the largest botnets currently active worldwide,” wrote Microsoft spokesman Vincent Tiu in a blog posting Tuesday, the day the update to the software removal tool was released. “Win32/Srizbi has been accused of being responsible for a huge chunk of spam e-mail messages sent in the years after its discovery,” he added. “We hope to make a positive impact with the addition of Win32/Srizbi into MSRT.”

This is also covered here.

In other security-related news:

i. Fake Infection Warnings Can Be Real Trouble

Michael Vana knew something was up when he saw the pop-up from “Antivirus 2009″ in the middle of his screen. The former Northwest Airlines avionics technician guessed that the dire warning of a system infection was fake, but when he clicked on the X to close the window, it expanded to fill his screen. To get rid of it, he had to shut down his PC.

ii. Fraudsters cream opposition in cybercrime wars

The celebration of Safer Internet Day on Tuesday was marked by warnings that cybercriminals are staying ahead of defenders in their attempts to defraud or otherwise abuse internet users.

iii. Germany deploys cybersoldiers

GERMANY HAS REVEALED that it has a team of 76 soldiers who are trained to defend the country from cyber attacks and software piracy.

Once again, Windows and the Web are unable to play nice with each other:

New Windows virus attacks PHP, HTML, and ASP scripts

Researchers have identified a new strain of malware that can spread rapidly from machine to machine using a variety of infection techniques, including the poisoning of webservers, which then go on to contaminate visitors.

The malware is a variation of a rapidly mutating virus alternately known as Virut and Virux. It has long proved adept at injecting itself into executable files, which are then able to attack uninfected machines through network drives and USB sticks.

A reader has just alerted us that a man is moving from the Ministry of Finance to Microsoft, hinting at possible government connections. Microsoft has already 'pulled an EDGI/MOU' around there.

Regarding news coverage like this one, wrote the reader, “the non-cached page has some nasty tricks to wipe out non-Javascripted browsers.” Further he added: “I have often wondered if the sudden push to web 2.0 is to compensate for loss of access that various interests have as people depart Microsoft Windows. The reasons for snubbing client-side javascript are still valid, perhaps more so than years past. Certainly there has been no value added. What does get added, aside from slowness and loss of functionality, is a whole slew of ways to remotely access content or activities on the client.”

Those who want a secure system ought to look at GNU/Linux.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. Jose_X said,

    February 13, 2009 at 7:20 am

    Gravatar

    Don’t bad guys sometimes get more motivated when there is a bounty on their head?

    The FOSS way is better. They give. They open up. They give you reasons to be a white hat. They also allow for many white hats so as to keep black hats in check/ineffective. The varied ecosystem limits damage. Etc. Etc.

  2. Roy Schestowitz said,

    February 13, 2009 at 7:30 am

    Gravatar

    Someone has just raised the valid point that it’s important for Microsoft to point its finger at someone, so the company pays up.

    Hospitals across the UK become botnets due to Conficker? Don’t blame Microsoft. Blame… *that* guy.

    If you leave your door open every night, expect intruders to come through the door one night.

  3. Jose_X said,

    February 13, 2009 at 7:39 am

    Gravatar

    PHP and HTML.. like apache and firefox and ?? are having their names tarnished through associations with Microsoft. It seems whenever Microsoft messes up, they pull down these guys so as to appear to stay even.

    Not smart to embrace a viper.

    These devs should dissociate themselves with Microsoft.

    Tomorrow, these apps may need a paying license simply to run on MSware and maybe even on wine http://boycottnovell.com/2009/02/04/the-api-trap-part-1/ . In any case, why support their monopolies http://boycottnovell.com/2008/11/25/jose-on-mono/ . And let’s not forget the deception that defines Microsoft http://boycottnovell.com/2009/02/08/microsoft-evilness-galore/ .

  4. Jose_X said,

    February 13, 2009 at 7:52 am

    Gravatar

    >> Don’t blame Microsoft. Blame… *that* guy.

    From the article: “This month’s MSRT takes on one of the largest botnets currently active worldwide,” wrote Microsoft spokesman….

    -> Microsoft is taking on bad guys for people’s sake. Microsoft is helping us fight the evil forces of humanity. [Shoot that robot.]

    Anyway they try to spin it, this doesn’t change: Microsoft keeps tons of secrets to themselves (until these escape) so that they can take much more of all our money. The result is that there are fewer people equipped to defend against attacks because Microsoft is not sharing.

    Anyway you look at it, Linux is more responsive to security/safety needs because it’s secrets belong to everyone (and not just to greedy employees and criminal spies).. not coincidentally, making it less expensive than Windows in many ways.

    I wonder if this Conficker tapped into an MS secret or vuln or design flaw that Microsoft can’t afford (isn’t willing) to really fully fix.

  5. Roy Schestowitz said,

    February 13, 2009 at 7:55 am

    Gravatar

    Some holes are designed to be there for the secret services. It was officially confirmed more recently.

  6. Jose_X said,

    February 13, 2009 at 8:11 am

    Gravatar

    >> Not smart to embrace a viper.

    In the future, I’d expect WinFOSS (and not MS’ apps) to be affected by certain types of malware (because of vulnerable system hooks given to FOSS by Microsoft).

    Thus some FOSS devs sell out to Microsoft (and enrich their hostile closed monopoly platforms to the detriment of Linux&friends) only to be betrayed. ..Tell me something new.

    Speaking of betraying “partners”… and of having their hand forced too early, initiating costly ventures, and unbridled ambitions: http://www.reuters.com/article/ousiv/idUSTRE51B7K620090213 “Microsoft to open own stores, take on Apple”

    Besides their own brand, they will probably do more new partnering (eg, with companies run by their ex-execs) to produce brand name FOSS derivatives to eliminate the vanilla apache, php, etc.

    To get into MS’ store, you will need to kiss their ring and take you seat back in the auditorium (for the most part, unless you are an ex-softie — though these too will be sacrificed as necessary).

    Just what we need. Microsoft’s arrogance, bullying, and profit-hoarding, extended into more areas affecting consumers and existing markets.

What Else is New


  1. Patent Extremism: Stacking the Panels, the Surveys, the Hearings, the Debates

    Projection tactics would have the public believe that those who oppose corruption are simply radicals; patent polarity has come to the point where if one isn't a "true believer" in blackmail (patent trolls) or opposes bribery, then one is simply a "fringe" and akin to terrorists



  2. Links 24/6/2019: Linux 5.2 RC6, Skrooge 2.20.0, ZFS vs. OpenZFS

    Links for the day



  3. The EPO Needs a President Who Obeys the Law, Not One Who Obeys Battistelli

    Succession based on nepotism at Europe's second-largest institution served to shown how inherently broken things had become and why cover-up of injustices is nowadays paramount (not fixing the flaws/ills but merely perpetuating them)



  4. With Water (Treatment) Already Patented It Won't Take Long for Patents (and Patent Royalties) on Air

    A 'paper economy' is what Europe turns into if the current trajectory is followed (led by lawyers, not producers)



  5. Bill Gates Said He Was on a “Jihad” Against GNU/Linux, But GNU/Linux Users/Developers Engaged in Self-Defense Are Foul-Mouthed 'Microsoft Haters'?

    Microsoft, which routinely commits very serious crimes, tries to come across as some sort of philanthropy whereas those who share their work with the public (for greater good) are described as erratic, rude and unworthy of respect from corporations (outcasts basically, deprived of income source)



  6. What Patents the EPO Has Just Awarded (With a Special Reward), Not Just Granted

    The EPO's practice of elevating some patents over the other patents (European Patents) is perhaps more of a societal liability than the EPO cares to realise



  7. Required Reading: Mental State of Team Battistelli/Campinos

    On the heels of yesterday's article about Team Battistelli/Campinos, here are some recommended/required papers on the problem which likely plagues the Office



  8. Links 23/6/2019: Wine 4.11, FreeBSD 11.3 RC2

    Links for the day



  9. Microsoft Apparently Did a Patrick Durusau on Wim Coekaerts to Broaden Its Control Over GNU/Linux

    Microsoft tactics for defection and takeover of the competition (without coming across as hostile) aren't new tactics; internal documents from Microsoft explain how to achieve this



  10. EPO Directors Would be Wise to Rebel Against Team Campinos While They Still Have the Job

    As the EPO continues its bold journey towards dictatorship (where presidencies are passed between friends and ‘circles’ are former colleagues or close confidants) Techrights urges those who have power to speak out — e.g. EPO judges and Directors — to do something before it’s too late



  11. American Front Group Open Invention Network (Riding the Linux Brand) is a Proponent of Software Patents in Europe

    The impact of American multinationals in Europe is difficult to deny; in fact, we're observing the same old lobbying/lobbies still working hard albeit more covertly (typically using front groups)



  12. Say 'Hey Hi' to Software Patents

    Using the “AI” (“HEY HI”) hype the ‘community’ of patent maximalists hopes that every little (and possibly very old) algorithm will suddenly sound amazing and innovative — to the point where it becomes unthinkable to deny a patent monopoly on it



  13. A Personal Note From Ted MacReilly (How Microsoft Works Against GNU/Linux)

    A tongue-in-cheek write-up highlighting the ways Microsoft insiders think and how they strategise against GNU/Linux and Free/libre software



  14. The Linux Foundation's New Vice Chair, Wim Coekaerts, Worked for Microsoft

    The Linux Foundation is boosting the Microsoft boosters and calls that "community"



  15. Links 21/6/2019: GNOME 3.33.3, 32-Bit Support Further Neglected, DragonFlyBSD 5.6.1 Released

    Links for the day



  16. Leaked: Harassment of EPO Directors by Team Campinos

    “New BIT organisation and staff changes,” a novel kind of newspeak, means that Directors are being severely punished without due process at all (“hidden disciplinary measure without disciplinary proceedings”)



  17. Patent Professionals in Europe Have Devolved Into a Marketing Industry

    Lies, buzzwords and hype waves is all that the patent bubble in Europe boils down to these days; loads of bogus patents get granted only for European judges to smack these down (if one can afford the court battle)



  18. Almost Six Months After Iancu Said He Would Make Software Patents Great Again Nothing Has Actually Changed

    We're just a fortnight away from the ludicrous plan of Iancu celebrating 6 months (without accomplishing anything)



  19. Links 20/6/2019: Kubernetes 1.15, Alpine 3.10.0 and Librem 5 June Software Update

    Links for the day



  20. Ignore the EPO's Dumb Festival and Focus on the Abuses Against the Workforce and Its Quality of Work

    Don’t lose sight of the appalling behaviour of the management of the EPO; the last thing it wants is press coverage about its gross abuses and corruption — an aspect it spent literally millions of euros to bury (gaming the news cycle)



  21. Microsoft Attempting to Destroy the Careers of Its Critics, Including Free Software Proponents

    Microsoft isn't changing and has not changed; the tactics described above are still being used, even by its "Open Source" (or "Open at Microsoft") people, who did this to me



  22. Links 19/6/2019: Linux Mint Vs Vista 10, Qt 5.13 Released

    Links for the day



  23. The Linux Foundation's Business Model

    The Linux Foundation's plan, illustrated



  24. Links 18/6/2019: i386 Abandoned by Canonical and a New osquery 'Community'

    Links for the day



  25. Indifference or Even Hostility Towards Patent Quality Results in Grave Injustice

    The patent extravaganza in Europe harms small businesses the most (they complain about it), but administrative staff at patent offices only cares about the views of prolific applicants rather than the interests of citizens in respective countries



  26. Links 18/6/2019: CentOS 8 Coming Soon, DragonFly BSD 5.6 Released

    Links for the day



  27. 'AI Taskforce' is Actually a Taskforce for Software Patents

    The mainstream media has been calling just about everything "HEY HI!" (AI), but what it typically refers to is a family of old algorithms being applied in possibly new areas; patent maximalists in eastern Asia and the West hope that this mainstream media's obsession can be leveraged to justify new kinds of patents on code



  28. Patent Maximalism is Dead in the United States

    Last-ditch efforts, or a desperate final attempt to water down 35 U.S.C. § 101, isn't succeeding; stacked panels are seen for what they really are and 35 U.S.C. § 101 isn't expected to change



  29. Links 18/6/2019: Linux 5.2 RC5 and OpenMandriva Lx 4

    Links for the day



  30. Weaponising Russophobia Against One's Critics

    Response to smears and various whispering campaigns whose sole purpose is to deplete the support base for particular causes and people; these sorts of things have gotten out of control in recent years


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts