FBI Headquarters in Washington D.C.

Summary: No solution in sight for Windows botnets, no matter who is in charge

THE DDOS ATTACKS against us are carried out by Microsoft Windows boxes. The economic damage and downtimes these monsters are causing never have Microsoft shell out a single penny.

Let's take a quick look at some security news in order to shed light on Microsoft's position. This one is priceless:

Malware found on brand new Windows netbook

[...]

Security vendor Kaspersky Labs found malware on new Windows XP netbook, just out from the factory. The firm is warning users to take extra precautions, and ensure virgin systems are malware free before connecting them to the Internet.

The Seattle press is writing about the FBI, which possesses a key to Windows:

Computer virus strikes U.S. Marshals, FBI affected

[...]

Law enforcement computers were struck by a mystery computer virus Thursday, forcing the FBI and the U.S. Marshals to shut down part of their networks as a precaution.

"Computer virus," eh?

Does that affect "computers" or just those running the program called Microsoft Windows? Why do they constantly refuse to utter this more specifically? As Glyn Moody ranted the other day, "Conficker still infecting 50,000 PCs per day - http://bit.ly/JpG1a not true: it's infecting 50K *Windows* machines per day"

Here is more about the FBI, courtesy of CNET (Associated Press does not wish to be cited).

The FBI and the U.S. Marshals Service were forced to shut down parts of their computer networks after a mystery virus struck the law-enforcement agencies Thursday, according to an Associated Press report.

What operating system? Again, no word. This is not the place to be agnostic if the public can be educated so as to make more informed decisions in the present or future. From The Register:

US military shows off hack-by-numbers battlefield gadget

As the US military strives to boost its ability to wage cyber warfare, it's looking for ways to make it easier for non-expert soldiers on the front lines to wreak havoc on enemy networks.

Now we are getting somewhere.

Carla refutes some FUD about GNU/Linux:

Note the emphasis on vague scare tactics and the lack of any actual data or information. This Softpedia article also spreads Kaspersky fluff, which makes me sad because I like Softpedia's Linux news and reviews a lot. It references this Kaspersky blog entry:

"At the moment we know of around 1000 cases of sites infected with Trojan-Downloader.JS.Iframe.auy. There are also several hundred servers infected with Trojan-Mailfinder.Perl.Hnc.a and Trojan-Dropper.Linux.Prl.a, which are actively spreading spam. The days of *nix systems not being targeted by malware writers are long gone."

Uh huh. Again heavy on scare, light on details. How do these *nix boxes become infected in the first place? What *nix boxes where? Unlike Windows, Linux and Unix do not auto-execute any random executable that happens to wander by. I did both Web searches and searches on Symantec, F-Secure, and other vendors to learn more about these big scary *nix threats, and they don't even include them in their threat lists. A Web search turns up the blog and some Russian sites. Searching Kaspersky's own threat list does not find anything mentioned in the blog, except variants on Trojan-Downloader.JS.Iframe.auy:

More security news for (near) completeness:

• Microsoft warns of new flaw in Internet Information Server
• Security Researcher: Microsoft Downplaying IIS Vulnerability
• Microsoft warns of security flaw in IIS
• Why the Conficker Worm Is Still Plaguing Windows Users

The more things change, the more they stay the same. Microsoft's promises should be voided given that Vista 7 might be even less secure than predecessors. There is a lot of evidence already. ⬆