Another Windows Macro Virus Wreaks Havoc 381
mbruns wrote in to send us a CNN Story
and a Symantic Bit about
a new Melissa-esque virus that alters users win.ini and
deletes files. Of course, only people who use that "Other"
OS are at risk.
Re:nailed us (Score:1)
LockMart knows about crashes though. (Score:1)
You folks realize that..... (Score:1)
Then again almost all viruses fall prety to idiots who click on these blatent
Is there a virus pattern matcher for sendmail? (Score:1)
Just Pondering
tOdd
UNIX was the first worm victim (Score:1)
That's what people get for misusing E-Mail (Score:1)
Re: Boeing and M$ got it too (Score:1)
If you believed the last post, you should believe this one too.
Re:Compaq shut it's mail down. Us too. (Score:1)
Re:Uninformed Linux attack dogs (Score:1)
They should require action on the part of the user
make them executible.
Office macros should be limited in scope to prevent a program deleting files. I agree that that it must have seemed like a good idea to do this originally but really the security issue was clearly not thought out.
Now that KDE and GNOME are fully embracing the idea of corba connections between components, I hope that the issue of security won't be over-looked.
Regarding MS and it's employees being "evil", actions speak louder than words. It appears to many of us that MS's motto is "if it's good enough to take a lot of users" we'll destroy the company. Or MS needs a new revenue stream, make sure new office documents are not backwards compatible. That way people have gotta upgrade.
But mostly it is the basic idea of "join with us - it is much easier that way". We don't want to be consumed!
Re:Uninformed Linux attack dogs (Score:1)
You take the easy way out with "but the user should be aware of the dangers". That is not fair. As a designer you know what might happen when you double-click on a
Presenting dialog boxes whenever a user does something that might have disastrous effects even worsened the situation. The users have gotten accustomed to this, and now they think "when this is going to do anything bad, it is going to warn me".
Sure it might have seemed a nice idea to have all this functionality in the mailer, but you should have thought of the consequences and have rejected the idea. Implementing it and blaming the user for the consequences is what you get flamed for.
Re:Uninformed Linux attack dogs (Score:1)
You were saying that these virii/torjan/whatever explore the lack of information of the user rather than weeknesses of the OS. But Microsoft designs software for the user, not for the pro coder. So it must be aware that 95% (or 98%) of its userbase is computer-illiterate. It is therefore a design flaw to allow them to do things for which they are not prepared or trained for, especially when that can harm them and the machine they are using. IT IS THE FIRST RULE OF ENGINEERING, man. It is like putting a kid inside a car with auto gears. Real easy to drive to hell.
Software engineering is not only about software, it is also about engineering. Ever heard of bulletproofing?
A.
Re:Uninformed Linux attack dogs (Score:1)
You're a worker bee, unlikely to make any significant changes to how the company operates. There is little you can do or can do about people's attitude about Microsoft. We do not blame you for the fault. Did we say xxxx name is stupid. We said Microsoft is stupid and arrogant to release buggy products when they can spend just a bit more time and money to make it stable and good.
I apologize that you may have hurt in the process, but any worker bees like you at Microsoft has little in terms of how they promote their business model.
This is a market questions. Little do I care about how you feel or what you do. Just that Microsoft need to maintain a higher standard because over 90% of users use their software. Since you stated users are "stupid"; then it is your creation of Outlook that should help them, but you come back and slap them in the face and say they are "stupid".
Flame me. I'm bored.
Kent
newyen@hotmail.com
Re:Uninformed Linux attack dogs (Score:1)
As for your points about being offended about peoples poor opinion of Microsoft, I'm a little surprised. I'm about to graduate with a CS degree and I'm looking at potential employers. I am disgusted by Microsoft's monopolistic behavior in the past in areas such as:
But it boils down to the following two points:
I would not want to work for such a company that has these flaws as I don't think that they treat me well. The only counter argument that I've heard is that the pay is good.
enjoy your 30 pieces of silver, but don't bitch when people have repugnance for such a dishonorable and dishonest company.
--sam
Fundimental Problem / monoclonal agriculture (Score:2)
Certainly, a problem like this could occur on any platform. But a problem that only attacks Linux users with Netscape would spread far less even if Linux was 90% of the marketplace because in that Linux is an open and competitive platform for third party products AND distributions, there will never be a single mail client and single distribution for such a virus, worm, or trojan to depend on.
Wrong!!!! (Score:3)
Uninformed Linux attack dogs (Score:4)
I read slashdot because I have immense respect for the geek community and I'm a part of that community. But how do you suppose it feels to know that most of you despise me purely for the name of my company? There are 20,000+ geeks who work for Microsoft. All evil clones?
Let's establish a few hard facts about the "security holes" that allowed Melissa and this worm.
1) In both cases the attack was made through Outlook. In the case of Melissa, the attack was *entirely independent* of the OS. If Outlook were ported to Linux (assuming it could supply our browser needs, which judging from Netscape's half-@$$ attempt at S/MIME I sorely doubt) the e-mail servers would have been just as clogged. In the case of today's worm, the executable could very easily have deleted the user's *.c, etc files outright rather than installing itself somewhere. Why? Because...
2) In both cases the user had to voluntarily *choose* to run the virus with their own permissions. For goodness sake, the email says, "take a look at these zip files" but the attachment is an exe! Only a clod would fall for such as obvious imposture. And if you are such a novice as to run the "zips" we alert you that running unsigned exe's is dangerous as they "may include viruses or scripts". There's a similar warning when Melissa starts its mailings. You have to click OK to proceed. Microsoft can do a lot in the way of security, but we can't cure willful dumbness. The user doesn't read the caution and it's our fault? What do you want us to do? Say it twice?
3) The exploited aspects our our program were not "holes" in the sense that locking up when you receive a malformed packet would be a "hole". Every aspect of these viruses can be and is used in a positive way by people in the field. Face it, some businesses want more out of their e-mail client than plain text and remote calls to vi. Power can always be abused. The power to cut down a fifty-foot oak is the power to conduct the Texas Chainsaw Massacre as well. If somebody you don't know hands you a chainsaw and tells you to hold the blade while you turn it on, and if you do it despite the warning labels, then don't blame the manufacturer when you lose your frickin hand!
It makes me tired to read posts from people who obviously have never even seen Outlook's splash screen let alone written a VBA scriptlet. If you want to use elm, well whatever. But don't pretend you know what you're talking about when you so obviously do not.
Re:Closed source == unknown security (Score:1)
Re:yes it happens (Score:1)
Re:yes it happens (Score:1)
Now watch as this virus takes down whole offices of Windows 9x networked machines.
Re:Virii and platforms (Score:1)
404 (Score:1)
http://www.microsoft.com/info/pr ivacy_security.htm [microsoft.com]
404 as of about 11:30am EDT.:)
--------------------------
Your Favorite OS Sucks.
^D
The only real way to prevent local DOS attacks (Score:1)
--
Re:Virii and platforms (Score:1)
Re:Unix/Linux is vulnerable (Score:1)
Sure, Linux/UNIX is more safe when running unchecked programs, but it is still incorrect to say that it is a completely secure environment to run unchecked code in. Unchecked code is dangerous, no matter what OS you're running.
Re:Virii and platforms (Score:1)
Re:Virii and platforms (Score:1)
...phil
Re:It's not a virus (Score:1)
And for anyone so silly to think Linux or any other OS isn't as vulnerable
>>
Yes, it would be silly to claim that Linux is invulnerable to viruses. But I certainly do think that Linux is nowhere near AS vulnerable as Windows or MacOS is.
Re:Closed source == unknown security (Score:1)
Re: MacOS (was; Harm to consumers) (Score:1)
I think even with the popularity of windows, Macintosh has 800x as many viruses. Its just too easy:
1) no memory protection.. you can alter anything in memory if you want.
2) toolbox- interrupt-driven drawing and system code with a patchable table.. I want to make the text drawing functions say 'iM 'lEEt' instead of what you want it to say
3) no file protection.. you can easily destroy sytem files as well as user files
Shoot, they have viruses that are SO creative for the mac (like the oscar virus) that people purposely install them because they are so coll. How is that for ironic?
(Whoaa, that is cool, can I get a copy of
-David
Re:It's not a virus (Score:1)
That is because you can't even find out what day it is with the date/time control panel unless you are an administrator. I hate NT.
Re:Exactly! And Cindy gets what she deserves! (Score:1)
funnily enough, spammers never seem to give me
their real email addresses when spamming me.. you
cannot ask them to stop, but you also couldn't
buy the thing they are advertising IF YOU WANTED
TO..
*grin*
Re:Is there a virus pattern matcher for sendmail? (Score:1)
How about 'no executables' for starters, then start working down to
'No VBScript' and 'no macros'
I want an option to turn off all macro support in Office.
Re:I'm sick of this. (Score:1)
you have to understand that my users have a child-like understanding of the evils of the world... "Oh look, didn't the administrator say something about running executabelle.. somethings? Oh well, the icon is sooo cute, all nice and shiny,
(Speaking from my admin days)
-David
Re:Slashdot is in (Score:1)
just, luckily because I run linux, I am not ignorant.
Re:Us as well... (AC because I can't reveal who I (Score:1)
My guess...Microsoft.
HAHAHAHAHA That would be sweeeeeet!
----
"Wars, conflict, it's all business. One murder makes a
villain. Millions a hero. Numbers sanctify."
AMaViS (Score:1)
Re:Lockheed Martin got it too (Score:1)
When everyone stops using Windows. Maybe 2004.
--
Get your fresh, hot kernels right here [kernel.org]!
Re:Virii and platforms (Score:1)
if you did "find . -type f -exec grep "@" {} \;" though
Re:Conspiracy theory (Score:1)
Re:Unix isn't invulerable (Score:1)
Re:Closed source == unknown security (Score:1)
Re:Lockheed Martin got it too (Score:1)
This will stop when clueless users finally learn that there's a REASON you're not supposed to just run things that come in the email.
Or we could solve it using a Darwinian approach. To: all From: info@nih.gov Subject:Health hazards of email
Warning, reading email is hazardous to your health and can cause life threatening brain blockage. Anyone who frequently reads email should stick their tongue in a lamp socket at least twice daily as a protective measure.
Re:You folks realize that..... (Score:1)
And 99% of these Virus wouldn't work at all due to the fact most Unix/Linux/BSD users do not operate their systems as the root user, and the remaining 1% wouldn't cause the kind of hardcore damage that we're becoming used to seeing with the new generation of virus that run on Microsoft-based OS's.
Re:Unix isn't invulerable (Score:1)
With the Windows port of Perl most likey so if Windows had $HOME directorys. With the Linux/Unix/BSD Perl ports? Not so fast. How would you get the Perl script to obtain the root privages it would need to delete the users's $HOME directory if you don't have root acess?
Re:who uses c/cpp/asm anyway? (Score:1)
Really looks like this thing could've been written by one of those former temps that Microsoft tried to screw over doesn't it?
After all revenge is a dish best servered cold....
Re:Uninformed Linux attack dogs (Score:1)
Sure you clowns do. Otherwise why would this kind of stuff still be going on *YEARS* after Office and the rest of your shoddy crap has been released and these problems exposed? The problem is that you people just don't give a shit.
Re:Virii and platforms (Score:1)
Bourne shell can be used as a cross-Unix system testing enviroment. There is nothing stopping someone from doing the same thing for trojans.
It would actually be EASIER as Unix is built for autamation.
Re:Virii and platforms (Score:1)
cd ~/Mail
grep "@"
For which mail clients would this not produce a useful list of new victims?
Re:Benevolent Virus? (Score:1)
Phil Fraering "Humans. Go Fig." - Rita
How it works.... (Score:1)
http://www.news.com/News/Item/0,4,37687,00.html
Unix/Linux is vulnerable (only if root is dumb) (Score:2)
Exactly. Under Linux, I can run unchecked programs as user=jailbird'/group='playpen' and not worry about my kernel being hacked.
Under DOS/Win31/Win9x, I CANNOT RUN ANY PROGRAM IN A SECURE ENVIRONMENT. This is what the M$ supporters Just Don't Get(tm).Where everyone is a God, no one is safe. When everyone is the superuser, no computer is safe.
Would there *really* be lots of Linux viruses? (Score:3)
1. The majority of Linux software is free (speech) software, which means that it has a lot of eyes looking at it for bugs. Further, it's also free (beer) software, meaning that its developers are less likely to be under pressure to ship a product which is not up to professionally dignified standards. Hence, fewer security holes get into released (non-beta) products..
2. Because the software is free, and because of packaging systems like Debian's APT which make upgrading easy, it is easy for users of Linux-based OSes to keep current. Further, because of freedom and an Internet-centric distribution model, developers can release patches quicker. This means that once a security hole is found, it has a shorter "useful life" to a cracker.
3. Because the Linux security model is more paranoid than Windows's, a Linux-based worm needs to actually exploit a security *hole*, i.e. *bug*, rather that using the inherent misdesigns of the system in the way Melissa does. (Read the Melissa source, if you can find it. It does not use any buffer overruns or other holes; it uses *only* standard APIs in standard ways.)
4. Finally, if Linux-based systems become established on the corporate desktop, they will come with a change in culture. Like any artifact, WIndows exemplifies and reinforces certain philosophies, ideas, and cultural roles. Linux-based OSes follow different ones. While I can't promise (nor even expect) that Linux dominance would come with radically greater user empowerment and desire on the part of the user to *learn* rather than to *fear* the system, I can only hope that it would teach the users *something*. Not to run untrusted executables, maybe?
Re:Unix/Linux is vulnerable (only if root is dumb) (Score:1)
Re:Rob doesn't track AC posts (Score:1)
I work for a hospital. Do we cause people to get sick when revenues go down? That's the dumbest conspiracy...
Harm to consumers (Score:3)
And yet the Department of Justice still needs to prove that Microsoft's business practices are harming consumers?
Re:Virii and platforms (Score:4)
It's not fair to say that a ten-line script can infect a Unix system -- the mere fact that there is such a wide range of flavors of Unix available is enough to guarantee that a single ten-line script won't work on more than a small percentage of Unix systems out there. Besides, with Linux, holes are patched and patches are distributed as quickly as they're found -- often within hours of the dicovery of a security hole.
If there were as many flavors of Windows as there were of Unix, if Windows vendors had to continually compete to make their systems faster and leaner and more stable and more secure, I guarantee you that you wouldn't see viruses and trojan horses such as this one proliferate nearly as much.
The Reuters News Feed Error (Score:2)
The appropriate Hacker's Dictionary sections:
Virus
"Unlike a {worm}, a virus cannot infect other computers without assistance. It is propagated by vectors such as humans trading programs with their friends (see {SEX})."
Worm
"A program that propagates itself over a network, reproducing itself as it goes. Compare {virus}. Nowadays the term has negative connotations, as it is assumed that only {cracker}s write worms."
Re:Uninformed Linux attack dogs (Score:1)
So what are you people coming up with to deal with these things?
Personally, I would like to see a sandbox (compare with java's security model) if possible built into some future windows release - that way, untrusted programs could be run in a secure environment (where they would be prevented from messing with any files/registry keys outside a certain hierarchy, and also prevented from other things at the users' discretion) - I know that this goes against the (Microsoft) corporate policy of only doing signing-based security, but there are problems with the current signing security that I won't go into here. (Basically, signed
Re:A Cold Hearted Hacker (Score:1)
Why not didn't Mitnick do the same to solaris?
Re:Unix/Linux is vulnerable (only if root is dumb) (Score:1)
Re:Unix isn't invulerable (Score:1)
I remember a writeup of the Melissa virus in a decidedly non-techie UK Sunday paper, which hit the nail on the head saying "In computing as well as in biology, monocultures are a bad thing"
Why bother with the social engineering? (Score:1)
I'm wondering why they waste all that effort.
Just name the file molest_my_hard_drive.exe and put in the message:
Please open this file. I'm an aspiring virus writing script kiddie and really want this to get spread far and wide so that I can get arrested. It would really help my self esteem, and might even make me feel 31337. Don't forget to let it run for a few hours before calling your MIS department.
I guarantee that it would have the exact same effect.
Re:Virii and platforms (Score:1)
I always recommend that UNIX/Linux folk read the IDG book, 'The Unix-Hater's Handbook', for a scathing discussion of UNIX's security model. Lots and lots of the comments apply mainly to UNIX circa 1991 and are obviated by things like Perl, Ptyhon, and Java, but there's a lot there that will improve your perspective on things.
For all that Microsoft made mistakes in NT, and for all that NT has had less time to mature than UNIX has, and for all the times that Microsoft acts like the company that brought CP/M and single-user computing generally to the masses, elements of the NT security model are actually superior to the stock UNIX model in many ways, the lack of a necessarily all-powerful root account and setuid scripts/files being one of them.
The biggest protection Linux has from viruses is that it is not an effective monoculture the way that Windows/Office is, and that there isn't the rampant cross-application integration/incest that Windows depends on.
Benevolent Virus? Guerilla Attck? (Score:1)
It might be interesting to read this [geek-girl.com].
It seems that the virus is also found in mails from some engineers from microsoft which might mean that this virus is constructed to hit Microsofts source.
I'm not such an conspiracy believer, but this could explain why this virus is explicitely hitting code files, which is not anything normal windows users would have a lot on it's disk
Virus capability is a function of focus for any OS (Score:2)
Keep in mind that the original research of virii was done on IBM and Honeywell mainframes. Despite the generally high level of security on those systems, the researchers doing the work did manage to write virii (probably would be called worms today) that successfully infected their targets.
It happens today that the vast majority of computers in use are Wintel, and for a number of reasons which I am sure you can fill in the bad guys therefore focus most of their efforts on Wintel. And indeed, Win(x) does have serious vulnerabilities. But if the bad guys ever turn their focus to Linux/*nix, then you will see more Linux/*nix attacks of this type. Perhaps fewer will make it into distribution, perhaps fewer will succeed. But if so the ones that do make it will be that much more destructive.
Disagree if you wish, but before turning on the flamethrower remember that arrogance it the surest path to a security breach.
sPh
So fix the defaults. (Score:1)
You know that the typical user will just run everything they get.
You know that they will click the OK button without reading the dialog boxes.
These points have been demonstrated over and over again. They cannot be disputed.
So you should set the defaults so that they don't get a chance to run the executable unless they have specificly enabled that ability. And you shouldn't prompt them to change that default. If they don't know that they can change it, and they don't know how to go about changing it, it should stay turned off.
The people who want to use it can then turn it on, and the rest of the lusers won't be hurt by this feature that they aren't using anyway.
Why should you do this? Because you're credibility is on the line. Because the world is watching MS products delete user files, and they don't find it very funny. They aren't going to care that the users all pressed the okay button. They are going to ask why it was so easy. And if there is a way to turn off that warning, if users can say they didn't get that warning this time, it will be worse.
Take a clue from something simple like the setup/config for pine. You have to turn things on if you want to use them. If you don't know to look at the setup/config you might never know about them. Until they are turned on, you are never prompted for them. They just aren't there.
An ounce of prevention (Score:1)
Virii and platforms (Score:2)
I have read, however, that viruses can in fact be written for UNIX platforms, and have actually read a ten-line example script to show how it could be done. This inspite of the security structures built into UNIX's multi-user environment. It was rather frightening. There's not a whole lot of literature on this subject that is easily found, what do Slashdotters know about it?
It's not a macro virus (Score:2)
You forward root mail to a user account (Score:2)
You'd best read your root mail somehow - cron misfunctions, or people warning you about problems with your system, are often things you don't want to ignore.
Unix isn't invulerable (Score:4)
That invulnerability doesn't apply to worms (like this, like Melissa). All you need for a worm to work is a homogenous network environment to infect and an exploit to use for the infection. Maybe Unix users are really more savvy and won't fall for trojan horses (the easy "exploit"), but there was a worm created that spread via the imapd hole last year, and any similar exploit allowing so much as a "nobody" shell to be opened on your system could be used for the same purposes.
Do you know what services are running on your Linux box, and have you shut down the ones you don't need? Do you subscribe to bugtraq, redhat-watch-list, or whatever security mailing list is kept up for your distribution?
These were good ideas before, to prevent single crack attempts when exploits were found. Now they're much more important good ideas, as any cracker above the "script kiddie" level is going to be using self-propagating code to start forest fires of attacks.
Maybe the majority of those attacks will be stupid "email attachment" worms like those currently plaguing Windows, and thus incapable of harming system files... but if someone exploits the backticks in
For school & work Linux systems I created a preconfigured freshrpms package which includes a cron job to regularly check the redhat errata, download any updated packages, and mail root when something new appears. It's a step in the right direction - Linux is a secure system because bugs are so quickly found and fixed, but it won't be publically perceived as a secure system if security-unconscious newbies never see or apply those fixes.
Re:It's not a virus (Score:2)
Do explain.. How does NT have better file security?
Re:Benevolent Virus? (Score:3)
Something funny to do would be to delete ms office itself, not the associated files.
elitists? (Score:5)
Just because someone doesn't know what you consider to be common sense isn't a reason to hurt them. New users need to be educated and computer security policies need to be implimented. It's not the users' fault that they use MS Office. It's what they were told to use, so they happily use it, unaware of the bugs in it. And they don't care. They just want to finish up a presentation or a word document and get on with their lives. Not everyone's life revolves around computers. Some people work away from monitors for long periods of time.
Re:Closed source == unknown security (Score:2)
I guess you are right. In the OSS case, software installation proceeds along these steps:
Okay, hands up any OSS advocate that actually performs step 2.
OSS does _not_ provide more security than the effort you are willing to put into it does.
Nothing to do with Root/Admin authority (Score:2)
If you think the discussion is over because root is sacred, you should look into how these kinds of viri work.
In an NT system, the virus can only delete the files for which the user has write access. There is no comprimise of "system" security.
The fault lies with poor design on Microsoft's part. The fact that there is no Linux equivalant only proves that noone has a macro-enabled Office suite running on Linux.
Well - look out - here comes Corel Office. Can you execute malicious viruses there? Nobody really knows because they only have like 2% of the market. Although, it might be worth it to someone to teach Linux users a lesson or two.
--
Actually ... (Score:2)
Office 2000 (released just now) supposedly contains features which prevents Macro viruses. Perhaps this was unleashed by some unnamed party to speed up Office 2000 deployment.
(All of you paranoid Microsoft haters should feel ashamed that you didn't think of that first!)
--
Re:Uninformed Linux attack dogs (Score:2)
Very good point. Outlook gives you the "virus" warning when opening *.TXT and *.JPG files - enough to drive you nuts.
Also, by default with Win 9x/NT, the file extension is not shown (I don't know if this applys to Outlook). All you see is a little WinZip icon. So it's conceivable that a new users could double-click on the icon not knowing it's an executable.
As for this being an Outlook specific virus, my understanding is that (unlike Melissa), it's not. If the uneducated masses (the "clods") started using Linux, they'd be just as suceptable to "Hey - you don't know me, but run this executable!" form of attack.
The fault really falls on the IT department's shoulders for not educating their user base. The only place Outlook comes in is that it's training costs are supposedly lower, and so many companies think they can get away with reducing that to no training at all.
--
Re:Unix/Linux is vulnerable (only if root is dumb) (Score:2)
Uhh, Windows NT has only been out since 1993. The file permission system is argueably better than unix's.
(If you folks are really interested in effective Linux advocacy, you should take on Windows NT rather than the end-of-the-line, broken-for-backwards-compatibilty Win 9x. It's a more credible comparison, and will make you sound less like a raving moron.)
--
Re:maybe (Score:2)
Yeah, it's not a "bug-fix", it's a "feature"!
Considering that O2000 comes on two or three CDs, maybe calling it a "patch" is the right word either.
(O2000 allows a developer to sign macro code, so along with the bug-fixes, I'd classify this as a feature.)
--
Re:maybe (Score:2)
I should comment that I have no idea how this would work because there's no existing Microsoft certificate infrastructure in place. Perhaps the same way as ActiveX signing ("Always trust content from Microsoft Corporation?"), but getting that to work right with a private certificate is a big deployment hassle.
Note that the reason Lotus Notes is largely immune from macro virus attacks is that it has a built-in certificate infrastructure (can't login without it). It's unlikely that the Fortune 500's favorite mail system is going to get outlawed.
--
Re:NT gots beter file permissions subsystem ... (Score:2)
Find an NT box and look at the stock permissions. There's holes for sure, but your post is largely FUD.
--
Conspiracy theory (Score:2)
Rob doesn't track AC posts (Score:2)
BTW, conspiracy theory #2: Do Symantec and McAfee write viruses to boost up sales? Hmm...
Re:Uninformed Linux attack dogs (Score:3)
I see a bigger problem here (Score:3)
Re:Benevolent Virus? Not Quite! (Score:3)
They are, respectively, C program, C++ program, and assembler program source files. Not nice at all.
But my Java programs are safe
(Oh, and
Microsoft's philosophy (Score:2)
23.1.7: Application features
Applications that have a lot of features sell better than ones that have few features. However, there is little or no correspondence between the quality of said features and the profitability of an application. Thus, programmers should concentrate on creating many new features as quickly as possible. If the features don't actually work, customers will simply have to avoid using them.
Thank you for infecting me (Score:3)
OK, let the flames begin.
I want to thank whoever wrote the virus as I was infected by this and had my .doc and .xls files zapped. The recovery was easy enough and since I don't use those programs all that much I wasn't a major loser in this.
1. I now have an even greater incentive to get the tape drive I should have gotten long ago to back my system up.
2. I now also have an even greater incentive to De-windows my machines and make the move to Linux. So, I signed up for the Linux Basic Course at TMCC [tmcc.edu] here in Reno that will be given by Jay at Aztech [aztech-cs.com] and Sam at USAWorks! [usaworks.com], the bigwigs at our local LUG [rlug.org]. They've been gently prodding me for long enough now anyway.
I got the virus from someone at one of our military installations and I can only imagine that it's run quite ramapantly through the US Federal Goverment as almost all our government installations use MS exclusively. Whoever wrote that it affected only MS Outlook users was wrong. I don't use Outlook or MSIE, I use NN4.6 and the virus did share the negativity with me. However, it is true that only MS Outlook users can resend it.
Anyway, thanks again, anonymous programmer, you did me a favor.
New Linux Feature. (Score:2)
I am an avid Linux user, at home and work. However, I have no illusions that Linux/Unix security is better at preventing viruses from infecting a machine. According to "A Short Course on Computer Viruses" (see below book info), the smallest virus which only reproduces was a bourne shell script of 8 characters. Though you need about 5 lines for one which will replicate, evolve, do data diddling for damange and work on most Unix systems. I am no expert on viruses, but from what I have read, viruses easily cross user bounderies and security levels. The problem is that no modern OS's have any sort of mechanism to maintain integrity of files. This is usally handled by 3rd party add on applications, like virus scanners, tripwire, etc...
Anyhow, for those of you who wish to read more about viruses, and interesting/sneaky things which can be done with them, check out:
A Short Course On Computer Viruses
Dr. Frederick B. Cohen
ISBN 0-471-00769-2
Re:Compaq shut it's mail down. (Score:2)
I'd check again; if anyone had a network drive mapped out to the Samba server, your files on there were at risk (assuming that the user had write privs. on the Samba side).
A Nastier Virus Still.... (Score:2)
1. Someone finds a bug in IIS/Win2000 that allows a malformed web request to run arbitrary code delivered by the attacking system.
2. A virus/worm is written that delivers itself to the victim system via this expoit. I imagine a small bit of seed code would exploit a buffer overflow or some such, and would then download the entire package from a web page on the attacking system.
3. The main package runs and sets up a similar web page on the new system, and then starts a process that probes for other NT systems that it can attack.
Something like this could sweep like wildfire through the Internet, taking down every single NT web server. Scary thought. If I were an NT admin, it would keep me up at night.
Now keep in mind that I have no knowlege that such a bug exists, nor am I advocating its exploitation if it does. But given MS's track record with security and the closed source nature of Windows, this kind of thing very well COULD exist.
I think I'll be sticking with Linux.
Thad
Re:Slashdot is in (Score:2)
While it is true that this type of attack depends heavily on the unwitting participation of the victim, it is also true that Windows leaves itself much more open to exploitation. At least on a Linux box when Average Joe User runs some milicious code, it does NOT alter core system functionality.
Linux (and UNIX) is inherently more secure than Windows and can do a much better job of protecting the user from his or her own stupidity.
Thad
Re:Slashdot is in (Score:2)
On the contrary, I understand the problem all too well. I have administered large networks of Windows PCs and UNIX workstations. With UNIX, the worst the user can do is nuke their own files... then I have to restore them from backups. On a windows PC, they hose the entire OS to the point that it must be reinstalled, allong with all of their apps and data. This would happen all too often! The same argument holds true for home systems. In most families I've talked to, there is one person who acts as *system administrator* and the others are just users. I'm the sysadmin for my family (even though it is scattered all over the country), and believe me, I wish they were all running Linux. Windows eats its own head way too easily. I've spent long hours talking relatives through problems that would never occur on Linux.
Thad
nailed us (Score:2)
Re:Closed source == unknown security (Score:2)
I'm sick of this. (Score:2)
Just my two pennies.
Mark
Exchange/Outlook Only (Score:2)
Benevolent Virus? (Score:3)
Okay. Whoever wrote this has a GREAT sense of humor. Besides the fact that it purports itself via address-book resends, much like the Melissa virus, it destroys files associated with M$ Office. It's not fatal; it's not going to crash your OS, it's not going to reformat your hard drive. It just deletes M$ Office files.
Legality be damned, this guy is doing us all a favor
Word docs "vital data" ? (Score:2)
and
and PowerPoint files."
Fairly clear what that CNN reported recognises
as valuable data
actually delete something valuable like source
...