40th Anniversary of the Computer Virus 60
Orome1 writes "This year marks the 40th anniversary of Creeper, the world's first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proofs of concept, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex business models."
Core War (Score:5, Interesting)
I'm too young (alive in 1971, but only a kid) to remember Creeper, but I remember Core War in the early 1980s, a game inspired by Creeper and Reaper. The programs written for Core War were the conceptual ancestors of the modern virus, competing in Darwinian fashion to destroy each other and take over the system's core memory. Different coding strategies were involved, such as writing a program to be self-repairing vs. keeping it simple and small enough to evade detection vs. brute force offense and defense be damned, etc. All perfectly harmless... but I can't help wondering how many 1980s virus coders learned some of their craft from Core War.
Something wonderful has happened (Score:3, Interesting)
Your AMIGA is alive !!!
Virus Control Improvements (Score:5, Interesting)
In 2006 or so I went to a conference in Redmond (WinHEC, I believe) where one of Microsoft's security team managers presented and overview of the virus threat to the desktop market. One of the things Microsoft had recently learned is that the majority of exploits were coming from hackers that had reverse engineered Windows patches to identify where Microsoft was correcting buffer overflow issues. Based on that knowledge, hackers knew un-patched versions of Windows could be exploited.
The strategy at MSFT became somewhat simple at that point: minimize the time between a security update's release and its application on 100% of networked computers. The presenter could show that MSFT had brought this average time down from months to weeks back then. Its clear to me that Microsoft has continued to make gains in this space over the years.
Lastly, the presenter showed that the exact same process applied to Linux. Few hackers find vulnerabilities to poring through an entire operating system's code base. They reverse-engineer patches and then hunt for un-patched systems. Microsoft claimed to be ahead of Linux in their ability to mass-apply security patches and he showed results that a Linux honeypot would be compromised slightly quicker that Windows, although not significantly so. I found the author credible in his data but recognize that he had an agenda with his presentation.