A Worm's Worm 345
Carnildo writes "There's a new worm out, according to the Register, but one with a twist. This one, called 'Dabber', infects computers by exploiting a security hole in the Sasser worm."
E = MC ** 2 +- 3db
Sasser exploit (Score:1, Insightful)
geez (Score:3, Insightful)
So, naturalists observe, a flea... (Score:5, Insightful)
And these have smaller still to bite 'em;
And so proceed ad infinitum.
- Swift
what Microsoft is thinking (Score:4, Insightful)
Just like the Anti-HIV Virus! (Score:5, Insightful)
Re:Antivirus! (Score:2, Insightful)
Nah, let's not fool ourselves. This is probably just so that you can run a Sasser removal tool, find nothing and feel yourself at ease thinking your machine is clean :(
This is *almost* a wonderful thing (Score:5, Insightful)
Dabber than installs itself and deletes the registry keys of Sasser and other viruses.
This is fantastic! It is a virus, that infects only virus infected machines, and then removes all other virii. What a great solution to rapidly spreading worms.
If users are too lazy or ignorant (in the nice sense of the word) to patch their systems, then just relase another virus to do it for them.
Except that...
It [then] creates a backdoor on infected machines on TCP port 9898 allowing hackers to download additional code...
They just couldn't stop at doing a good thing, could they...
Seems Like (Score:2, Insightful)
Not really surprising (Score:5, Insightful)
Re:Ugh... (Score:5, Insightful)
heh.. sure, right. God knows that unless you have a masters in CS your only chance to program something like code red, blaster, or sasser is by hacking "together code snippets [you] find on the web" Christ, 3 years into a CS major, and aside from the calculus I have yet to make any large leaps in knowledge over what I already knew several years ago.
Maybe that's what grad school is for?
Re:Ugh... (Score:4, Insightful)
Re:This is *almost* a wonderful thing (Score:2, Insightful)
Re:This is *almost* a wonderful thing (Score:4, Insightful)
Re:DMCA violation? (Score:5, Insightful)
Re:Ugh... (Score:5, Insightful)
Re:Ugh... (Score:0, Insightful)
Phages? (Score:5, Insightful)
This goes on to remind me of that recent anti-HIV virus that's been in the news.
Re:Actually sounds like somebody trying to fix thi (Score:2, Insightful)
Sounds like our new potential AIDS cure [slashdot.org].
Re:We've been down this road before (Score:3, Insightful)
It was a misguided attempt to stop msblast but it caused a lot of problems itself. We never had a problem with msblast but nachi essentially shut down a couple of our routers and cost us plenty in man-hours to clean up.
I doubt that Dabber is the same deal though. If it were you would expect it to have an expiration date.
Re:Ugh... (Score:5, Insightful)
No, but the remainder of your undergraduate education will benefit if you continue to hope that this is true.
Every year in my EE and CS programs I figured that 'next year' would be the year I'd really learn something useful, but that day never arrived. Nonetheless I managed to graduate, get a high-paying job, and get laid off 20 months ago after 3 years of 15 hour days. Now I think about taking classes at the community college, welding maybe, but I just can't get up the energy to do it.
You see, you are wrong in assuming that calculus is the only thing you've learned so far. You've also learned The Secret a year earlier than most people.
You know those tests they do on rats, where they put them in a maze, and if they do the wrong thing they get an electric shock, but if they do the right thing they get the cheese?
The Secret is this:
You are the rat.
The electric shock is *always* on.
***There Is No Cheese***.
Re:This is *almost* a wonderful thing (Score:2, Insightful)
There are a few problems with this, the main one being noone is taking responsibility for protecting their own machines. Another problem is that with people accepting certain worms to clean their computer, it would open up a (hate to say it, no pun intended) whole new can of worms. Some people would think "my computer has spyware on it, a worm is attacking me that says it will clean it up, ok!" Script kiddies would jump at a new header for e-mail viruses and such...
Why not? (Score:4, Insightful)
If the outcome is gonna be the same, might as well be an asshole.
heh (Score:1, Insightful)
Re:Ugh... (Score:4, Insightful)
I learned lots of useful things in undergrad. I use them roughly 7-9 hours a day, doing a job I actually enjoy.
And I got an EE degree. Maybe it's because I'm not a programmer.
Maybe you just worked for a shitty company? (And before you get pissy about it, I work for a Fortune 100 company - it ain't just small company's that can be decent to work for.)
I dropped Comp Sci (Score:4, Insightful)
The fact is that if you challenge yourself you can learn everything you'd learn in college on your own for a lot less money. In the field of technology you have to be able to teach yourself anyway or you'll find you've become obsolete.
I switched to education because I think it'd be a more entertaining and fulfilling career than sitting behind a computer all day.
"Maybe that's what grad school is for?"
Save your money. If you want to learn how to program just buy the books and come up with projects.
The reason I know as many languages as I do is because I'm always coming up with ideas. I then figure out what language would be best to implement it and learn the language.
You're better off specializing in an area (like math or physics) and then learning how to program on the side so you can utilize that skill in your profession. You don't need a comp sci degree to write modeling programs for a chemistry application. You need a chemistry degree so you understand what the program needs to do. In programming knowing what you need to do is 90% of it. The other 10% can be learned as you build the program.
Think about it. Little kids can program. It's really not that hard. But little kids don't know enough about chemistry to use their programming skills to write chemistry programs.
If you don't understand chemistry nobody really cares if you can do magic in C++ because you don't have the knowledge to make your programs do what a chemistry program needs to do.
It's the same reason the FBI doesn't care if you were on a police force. An FBI agent needs to know things you can't learn being in the police force. And what you need to learn in the police force can easily be taught to you by the FBI.
Ben
Re:what Microsoft is thinking (Score:4, Insightful)
It scanned for machines with the RPC blaster vulnerability or a webdav vulnerability, infected them, and then downloaded the RPC patch from windows update and installed. Next time the machine rebooted, you were secure. It also had a self kill on 1st jan 2004.
The perfect anti-worm, yes? Except it was very aggressive with the ping scanning, and a few infected machines on a network could end up cripping it. Add to that, if a machine got infected with nachi, yet windows update wasn't directly available (login proxy for example) then the amount of bandwidth consumed could be huge. From the ISP's point of view, welchia was a worse worm than blaster. From the managers point of view, at least it was obvious if someone had blaster. With welchia, if you didn't have competent inhouse IT staff (and an awful lot of small companies don't) it was hard to find why your network was running rather slow.
In response to just turning on autoupdate, corporates often don't use windows update, but SUS or ghost or the like to roll out patches - once they've been fully tested. Don't forget, microsoft patches regularly break other applicatons. LSASS (sasser) update, for example:
"According to the article problem may arise on Windows 2000 operating systems if any of three drivers (ipsecw2k.sys, imcide.sys, dlttape.sys) are loaded. People might experience lockups at boot time, the inability to log on, or 100% CPU utilization."
Antiworms are a possible solution, but as with this new one leaving a big backdoor, so far they've been as bad as the virus they supplant. What they should do, at most, is a popup every time you logon saying you are infected with virus bob, list the symptoms, and tell them they have to go to this location to get the patch and the removal tool.
Re:OS Popularity? (Score:3, Insightful)
On the other hand, though, I'd be utterly amazed if worm writers don't take apart existing worms when preparing to write a new one. Learn from what has gone before and all that. I'd expect that what's happened is not just that Sasser is so widespread that someone decided to exploit it, but that someone was studying it, noticed the exploit, and went for a quick and easy route to write a new worm.
Re:OS Popularity? (Score:1, Insightful)
Why would that be surprising? If the installer base of Linux is 8% vs 80% Windows. Then only 10% of the Windows machines have to be affected to get an equal installer base. Ditto for the Mac.
Re:Ugh... (Score:3, Insightful)
I'd say it's crazy. Dude, come on, C++ OO programming at 7? That's a little hard to believe unless you're a genius. At 7 you don't have the concepts needed to do advanced programming. Heck, most kids only learn to read at 6 or 7, and this is the bright kids. You can't say he's been alive for 7 years now, and C++ can be mastered in 2 years, so he should be a guru by now. It just doesn't work that way, you need to accumulate knowledge and develop the mind in a certain way.
Logo at 6 or 7 I can believe. Basic between 8 and 10, likewise. C++ and OO from 12 up, fine. But C++ and OO at 7, I don't believe.
I'm not saying that kids aren't bright enough. Yeah, a kid of 5 can be pretty damn bright, and they have logic. But they don't have the analitical thinking and the power of abstraction. You have to train for that and you will achieve along with other various concepts about computing and math and logic and a lot more. You can't just pound abstract thinking into a 7yr old, that's why Logo teaching uses the little leaping frog stories. Also, they can't teach themselves, like another commenter said, they have to be taught, they don't have the critical mass of knowledge that will allow a person to evolve by itself in a certain field.
I'm a fairly bright person. I learned Basic at 10, it was taught to me, and let me tell you, in the beginning half the time it was like floating through a haze, doing things intuitively rather than knowingly, with only glimpses of the abstractions behind it all. Took me another 3 or 4 years to finally get the hang of this whole programming thing and to gradually develope appropriate patterns of thought that eventually allowed me to move to C and other languages.
I'm not exactly Einstein, granted. Perhaps a gifted kid, with high IQ and talent for programming (some don't have it, no matter how smart they are), properly instructed in a proper learning curve (Logo, Basic, C) can make faster progress from a younger age. But let's not get crazy.