telegraph.co.uk — Security analysts at F-Secure believe more than 8.9 million computers have been infected by the virus, a worm, which is known variously as Conficker, Kido or Downadup, and targets the Windows operating system
Jan 19, 2009 View in Crawl 4
archiesteelJan 20, 2009
Kazbaeden: I don't disagree that popularity affects the severity of malware epidemics, but to claim this is the only reason Windows gets more of this type of attacks is to bury one's head in the sand. There are fundamental architectural realities that make Unix-based OSes less vulnerable to malware, and more precisely less likely to help propagate them. Refusing to acknowledge this - presumably because Windows is your OS of choice - is not helping to find a solution to this problem.
archiesteelJan 20, 2009
Lanlost: my sarcastic comment about people not being allowed to criticize Windows was mostly in response to the fact that many of my comments got modded down very quickly, even if they were reasonable and only mildly critical of Microsoft. I personally don't have a fanboy mentality: an OS is a tool, and I use both Windows and Linux on a daily basis (and OSX once in a while). My ideal world would be one where Windows, Linux and OSX had comparable market shares (instead of the 91/7/2 situation we have now).You completely misunderstood my point about file being made executable through their extensions. *Of course* a file that doesn't have executable code won't execute even if it has a.exe, .com, .scr or .bat extension (there might be others - those are the ones that come to mind at this moment). That's not the issue at all.The problem is that a file that contains executable code *will* have its "executable" status set only through the file extension. Compare this to a downloaded file with executable code in a *nix system (let's say a virus, for the sake of argument): even though the file contains an executable program, it will *not* be able to run (and wreak havoc on your system) *unless* the executable bit has been set by the user. The problem with Microsoft's method is that it removes this additional safeguard, i.e. a downloaded file cannot be executed right away, not matter what its file extension is.While this may seem innocuous, it isn't. A lot of trojans use this by tricking the user into double-clicking the file (which may be disguised as a movie or image file, especially with the default setting that hides file extensions altogether). Savvy computer users are likely not to be fooled, but less experienced one will likely end up with an infected PC.This is a separate issue from Windows' spaghetti-like code base, which as you correctly point out is due to Microsoft choice to offer as much backward compatibility as possible, but it's still a serious issue (partly addressed by security enhancement in Vista, I must admit).Anyway, thanks for taking the time to respond to my post in such a thoughtful manner. I hope I cleared up any ambiguities as far as my argument goes. Note that I still suspect there are a couple of MS employees digging down anything that's critical of MS, but of course I have no way of knowing this for sure, so I'll just have to carry on and speak my mind as I always have.PS I don't judge people because they use Windows (though as far as games are concerned my Xbox360 and Wii take care of things); I just wish some people would recognize that, in some cases, Linux is a viable and even superior alternative.Peace.
archiesteelJan 20, 2009
magamiako, I was going to respond to you, but bejayel said more than I would have in less words, so let me simply reiterate his points.
drrlvnJan 20, 2009
If it weren't for WGA and the likes it would have been automatically updated for everyone (or is that auto-update mechanism only used for pushing new useless products at users so that marketing could say it had trillions of downloads?). I guess it's a matter of priorities.
mrbitchJan 21, 2009
@ bejayel RE: " For instance, the way this worm acts (by embedding itself into an important windows service and modifying the registry) would be absolutely impossible on a *nix system. Not only does linux not use something so stupid as the registry, but the worm would not be able to access the userspace necessary to embed itself in system services."This "difference" between a *nix based OS and Windows OS is the main reason why Windows is less secure BY DESIGN.
mrbitchJan 21, 2009
@ Mistuke RE: " if mac and linux has the exposure that windows had the same would be happening to them."<a class="user" href="http://www.theregister.co.uk/2004/10/22/linux_v_windows_security/">http://www.theregister.co.uk/2004/10/22/linux_v_wi ...</a>Myth :- Windows only gets attacked most because it's such a big target, and if Linux use (or indeed OS X use) grew then so would the number of attacks. Fact :- When it comes to web servers, the biggest target is Apache, the Internet's server of choice. Attacks on Apache are nevertheless far fewer in number, and cause less damage. And in some case Apache-related attacks have the most serious effect on Windows machines. Attacks are of course aimed at Windows because of the numbers of users, but it's DESIGN makes it a much easier target, and much easier for an attack to wreak havoc. Windows' widespread (and often unnecessary) use of features such as RPC meanwhile adds vulnerabilities that really need not be there.
jvortegaMar 9, 2009
Dealing with Conficker on a Network. <a class="user" href="http://blog.sekiur.com/2009/02/step-by-step-in-dealing-with-conficker/" rel="nofollow">http://blog.sekiur.com/2009/02/step-by-step-in-dea ...</a>
jasonh1234Apr 2, 2009
1. Have you ever installed any of the following? a.) A Video Card, b.) A Hard Drive, c.) RAM2. Are you using a browser other than Internet Explorer?3. If not, have you changed internet explorer's start page from MSN or do you at least know how to?4. Do you know how to change your desktop wallpaper?If you answered no to one or more of these... You probably do not know what Windows Update is, and you probably have one or more viruses on your computer already. Do yourself a favor, quit throwing away your "broken" PCs and buying new ones... just get a Mac. Trust me, you'll thank me later.Or keep paying me to come fix your PC. Up to you.
teksqrMay 14, 2011
Protect your computer check for free option at http://www.teksqr.com/2011/05/secure-and-protect-your-computer-from.html