04.09.09
When Does it Become Appropriate to Take Windows off the Information Highway?
Summary: Today’s news about Conficker and its effects on those sharing the road and paying the toll
MY REGULARLY-ALLOCATED DNS server was hardly reachable for several hours this morning (again). Only later did I discovered a possible cause, which may agree with last week's multitude of reports about DNS and DDOS attacks:
• Conficker begins stealthy update
The Conficker worm has started to update infected machines with a mystery package of data.
Computer security firms watching the malicious program noticed that it sprang into life late on 8 April.
• Conficker wakes up, updates via P2P, drops payload
• Mafiaboy: Conficker Was a Ruse
According to Calce, you need to look no further than the Conficker worm, and the worry generated by its expected activation last week, to see why things haven’t changed much since 2000.
• Conficker botnet stirs to distribute update payload
More news on the effect of Windows malware:
• New e-crime units nabs nine banking Trojan suspects
Investigators reckon the group of UK-based eastern European nationals used malware planted on compromised machines to steal login credentials and plunder online banking accounts.
Will this ever end? Or will it end the Internet as we know it? █
Yfrwlf said,
April 10, 2009 at 2:01 am
From the Mafiaboy article: “a government entity needs to step in and certify all code that runs on the Internet.”
New standards which are safer for anyone to use is fine, but government certified programs? Lol…and programs don’t run “on” the Internet…oiy. So he’s saying DNS and web servers need better protocols? Is that really the problem? Or maybe that the entire way computers communicate needs to be rethought perhaps? There will always be programs that have buffer overrun issues, only way to stop that is to maybe have better compilers/programming languages/program testers or something.
Also, he calls for virus scanners being kept up-to-date. Well duh, unfortunately there will never be an end to that, because someone can always program something that will do something annoying to a user who runs it. I think one thing saving Linux from more viruses is it’s lack of desktop use in comparison to other systems, and the fact that even with desktop use, most users no doubt pull their software from their distro’s sheltered repository. I can make a “virus” that wipes your ~/.mozilla dir.
Actually, to save me the trouble, just run rm -R ~/.mozilla yourself. 
Yfrwlf said,
April 10, 2009 at 2:03 am
And just to be sure, I wasn’t trying to be mean, just pointing out Linux viruses are possible, it’s just that updating/patching software to prevent them in an open community will happen much faster than with closed software.
Roy Schestowitz said,
April 10, 2009 at 2:21 am
Replication of malicious code is what doesn’t work well on GNU/Linux.
Yfrwlf said,
April 13, 2009 at 1:02 pm
Like a worm for instance? A completely automated way of taking over a computer with no user interaction helping it along whatsoever? Yeah that sounds right to me, and just because of the open nature of Linux and other open OSes means holes like that will get patched faster. Just the nature of “openness”.
There are a lot of companies out there trying to update their old closed way of doing things to harness this amazing new strange thing called the Internet. They don’t want to be open though, and don’t want to change, so it’s an uphill battle for them.
Roy Schestowitz said,
April 13, 2009 at 2:54 pm
Yfrwlf ,
It’s also the process of development, not just the patching. At Microsoft, for example, nobody is really allowed to work with the entire secret code, maybe for fear of leaks.