Forgot your password?
typodupeerror
Security Operating Systems Software Windows Worms

Computer Viruses Broke 100,000 In 2004 214

Posted by timothy
from the research-purposes-of-course dept.
Sammy at Palm Addict writes "The count of known computer viruses broke the 100,000 barrier in 2004 and the number of new viruses grew by more than 50% according to news from the BBC. The BBC also reports that 'phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% with attacks are becoming increasingly sophisticated.'"
This discussion has been archived. No new comments can be posted.

Computer Viruses Broke 100,000 In 2004

Comments Filter:
  • Easy enough (Score:3, Informative)

    by Anonymous Coward on Wednesday December 29, 2004 @01:01PM (#11210132)
    They broke 100,000 in 2003 as well.
  • by WormholeFiend (674934) on Wednesday December 29, 2004 @01:03PM (#11210150)
    They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!
    • They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!

      Wow, not even I can get my own confidential data from my frozen Windows OS... stupid computer.
      • Have you ever heard of data recovery services? It's an industry that wouldn't exist and prosper without Microsoft.
        • Nerd (Score:2, Insightful)

          Yea... because hard drives never fail outright or suffer physical damage that prevents normal access to the data on them..... in fact, when that happens, it's because your neighbor's computer running Windows picked the lock on your front door, went into your den, and damaged the drive on your 1337 Lunax machine, right?
    • Shouldn't these be called 'Windows viruses'? It's not clear what their count entails, but the viruses listed seem to all be Windows-centric.

      And no, this is not a troll--I use Windows, too. But this language reinforces the idea that the problem is with any and all computers, which hinders adoption of alternatives. (C.f. the growth in non-IE browsers once the problems with IE were understood by more people.)

      • The first sentences is as follows:

        The last 12 months have seen a dramatic growth in almost every security threat that plague Windows PCs.

        I believe they are trying to say that the viruses that they are talking about in the article are indeed "Windows Viruses"

        • I believe they are trying to say that the viruses that they are talking about in the article are indeed "Windows Viruses"

          Indeed they are. I was looking for an 'except linux/OSX/etc' paragraph and missed the 'we're talking about Windows' one. It's the /. story that perpetuates the 'computer virus' language, not the article. Go figure.

    • Yeah. I actually like how there's enough phishing now that I get IMs or such every once in a while.

      Then, I go through all of the HTML and JavaScript code, figure out exactly who's behind it, and notify each and every one of their ISP and/or upstream providers. Whee! Bye-bye Phish!
  • by geeksdave (799038) on Wednesday December 29, 2004 @01:04PM (#11210152)
    That is not a small number... that is a very large number!!! Ack poor compy.
  • by Anonymous Coward
    Oh the humanity! I have to run my virus scanner 24/7 now. When will the.. [POST ABORTED: VIRUS DETECTED].
  • by i_want_you_to_throw_ (559379) on Wednesday December 29, 2004 @01:05PM (#11210166) Homepage Journal
    Now how many non Windows viruses were there? You could probably count them on one hand. Let's give credit (or blame) where it is due.
    • Congratz! Yes... the virii are mostly windows, and yes, many are due to vuln in Windows, but think! MOst of the users (esp stupid users) are WIndows users... nevermind... I give up Rah Rah Linux, if Linux can't do it no one can Can't beat em Join em.
    • And what's the market share of Windows these days?

      Try to compare apples to apples...

      Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.
      • by Anonymous Coward
        Bollocks. Apache has many times more installations than IIS, yet you have more IIS exploits than Apache. Marketshare != Exploit/Attack share.
        • Bollocks back at you AC! Exploits and viruses aren't the same thing, although the article doesn't seem to mention the difference.

          Viruses don't need to do anything tricky to propagate, they're just programs that people run. If I want to make a virus, why the hell would I do X amount of work to make it run on Linux when I could expend the same amount of effort to make it run on Windows? Just by switching I can increase my target base by a huge amount.

          Exploits are different, they are based on actual softw
      • That wouldn't take into account the human factor in spreading these, that being the cluelessness of the average user, or complacency of an admin.
      • by Daniel Dvorkin (106857) * on Wednesday December 29, 2004 @01:39PM (#11210524) Homepage Journal
        And what's the market share of Windows these days?

        Try to compare apples to apples...

        Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.


        Last I heard, there were something like 100 known Linux viruses, and 20 known Mac OS X viruses. Assume the current desktop market share is 3-5% each for Linux and Mac, and Windows still comes out "ahead" by quite a large margin. On the server side, of course, things look even worse for Windows.
        • Last I heard, there were something like 100 known Linux viruses, and 20 known Mac OS X viruses.

          Where did you hear that? My count is 3 trojans and no worms or viruses for MacOS X. 530 and worms and viruses (mostly slapper variants) for Linux and innumerable trojans.

          What MacOS X viruses exist? I don't even know of any proof of concepts.

          • Searching for this very info, I found a note [newsforge.com] that claims 496 Linux virus-like things as of "November of last year". I still haven't found a reputable number that shows how many there actually are today, but 530(Lnx) and 28(Mac) will work fine for now.

            If desktop market share (ms) is around 5% as suggested in one of the GPs, there are about 10x as many infections per virus on a Windows system as there are on Linux. If it's closer to 10% ms (as suggested in several articles w/ Win @ 85% ms), then the ratio
          • The .dmg script vulnerability could have become a worm had Apple not squashed it so quickly.

            According to Symantec, there is one [symantec.com] but I can't see why the classify it as a virus - it looks like a trojan horse.

            At least we know people are trying to write one - just having a heck of a time at it.
          • You mean Mac OS 9, there are none for OSX.
    • by Xeo 024 (755161) on Wednesday December 29, 2004 @01:24PM (#11210367)
      Linux vs Windows Viruses [theregister.co.uk] (from 2003 but still relevant).

      Some things (from the article) worth noting:

      To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it, writes SecurityFocus columnist Scott Granneman.

      "There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."

      It says 60,000 viruses for Windows in 2003, which escalated to 100,000 in 2004. There haven't been that many major viruses released for Linux/Unix/Mac so let's add a modest 15 to each number listed in 2003.

      So, the list comes to:

      Windows: ~100,000
      Mac: ~55
      Unix: ~20
      Linux: ~55

      and that's being really generous to Windows. Also, keep in mind what it says above: "Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."
      • None of the Unix or Linux viruses became widespread

        I'd believe the statistics in this article if it weren't for this last statement. Remember a famous worm, spread through unix sendmail, some time around 1988?

        http://en.wikipedia.org/wiki/Morris_worm [wikipedia.org] - It exploited a number of unix vulnerabilities, along with guessing common passwords. Luckily for us, he supposedly made a mistake in the reproduction rate and the worm ended up spreading to every connected computer in a matter of days.
        His intent was to mak
    • Everyone here whose linux machine is running a rootkit *RIGHT NOW* raise your hand!

      What, you say? No viruses for Linux? If a rootkit doesn't count as "spyware", I don't know what does...

      Do you have any exposed ports to the internet leading back to your UNIX box? Do you run old versions of php and apache?

      Do the following:

      Download ROOTKIT HUNTER [rootkit.nl] now.

      run 'rkhunter --update'

      run 'rkhunter -c' and scan your system

      when rootkit is found, reinstall OS, and restore critical data from backups

  • But... (Score:4, Funny)

    by Anonymous Coward on Wednesday December 29, 2004 @01:06PM (#11210173)
    I'm running Windows XP. Bill Gates says I'm safe from viruses.
  • by Anonymous Coward
    Does this mean Microsoft will take back that quote about how its the user's fault or the one that security isn't that important?
  • In the next few years we will see the emergence of an even more extreme battle of "Freedom of the Internet" vs. "Risk of Use" as people try ot lockdown the internet to prevent damage done when morons open up that "I Love You" E-mail.
  • URGENT! (Score:5, Funny)

    by Prince Vegeta SSJ4 (718736) on Wednesday December 29, 2004 @01:06PM (#11210183)
    All slashdot users

    Phising scams are becoming more prevelant on the internet and world wide web. Unfortunately, they are now starting to show up on 'Blogs as well.

    Do to the dedication of security we in the OSS community have, we are updating our servers and account information.

    Please click the following link [slashdot.org] and verify your account information, password, and private PGP key.

    In order to Verify your identity, please have your Visa or Mastercard account number ready

  • not suprising (Score:5, Informative)

    by spac3manspiff (839454) <spac3manspiff@gmail.com> on Wednesday December 29, 2004 @01:07PM (#11210193) Journal
    The most common sentence i heard from relatives this holiday was,
    "Can you please fix my computer".
    "I accidently clicked something and my computer is slow".
    • Not surprising indeed. I was asked to fix my in-laws machine that had NAV 2004 on it, but no SP2 for XP. I checked the properties of his internet connection, and as soon as that connection was enabled, billions of packets started going out to the internet with nothing in return. Computer: Zombified!

      Had to break the bad news to him that the machine had to be reformatted and reinstalled, and I was flying back that night.
    • I spent hours fixing my little brother's (14 yrs old) computer. Firstly they are on dial up so that was why it took so long.. just downloading Spybot etc.

      My mother told me that they had just gotten a phone bill with calls to Germany on it but they didn't know anyone in Germany and didn't make the calls.. plus no one was home when the calls were made. I told her all about dialers and the such and sure enough there were some installed on their computers.

      My mother is going to retire soon and needs a co
      • Re:not suprising (Score:2, Insightful)

        by isecore (132059)
        I spent hours fixing my little brother's (14 yrs old) computer. Firstly they are on dial up so that was why it took so long.. just downloading Spybot etc.

        As a fellow roaming techsupporter (parents, witless friends) let me give you a little advice:

        Invest in one of them small USB-memory drives. 128 megs is fine, go for more if you feel like splurging.

        I've quickly discovered that these things are solid gold when dealing with different computers in different locations. Just slap Ad-Aware, Spybot and whateve
    • Accidentally

      Have you noticed that when it comes to computers the relatives always replace had a major lapse of common sense and with accidentally?

      "So, you accidentally received a piece of mail from someone you didn't know, you accidentally opened it up to see what it was, you accidentally moved the mouse over the attachment, and then you accidentally double-clicked on the attachment just because it was there? Oops! I accidentally just formatted your hard drive. Do you have your installation CD?"
      • Re:not suprising (Score:4, Insightful)

        by Wordsmith (183749) on Wednesday December 29, 2004 @01:39PM (#11210526) Homepage
        And can you tell me what about common (non-geek) sense suggests that opening up an e-mail and the included file should be at all hazardous? Common sense suggests you should jsut get to see what's in the file. If it's junk, you'd delete it.

        Unless you've been specifically told otherwise, it wouldn't seem dangerous at all. When you open junk mail at home, or mail from a sender you don't recognize, you don't expect it to take pictures of your house and mail them back to the sender. You don't expect the opened mail to leave dogcrap on your doorstep or make your refridgerator stop working. It seems like a fairly harmless thing to do.

        It's only because of severe design flaws in e-mail programms and OSes that there's an issue.
  • Distinct virsues? (Score:5, Insightful)

    by Rick Genter (315800) <rick@genter.gmail@com> on Wednesday December 29, 2004 @01:08PM (#11210204) Homepage Journal
    Should we really consider the dozens of variants of Bagle, Netstky, etc. separate viruses? Just because the anti-virus vendors choose to implement recognition of these variants by separate signatures, are they really different viruses?

    I think it would be more interesting to know how many new virus/worm/trojan families were released year-to-year.
    • Some deviant ass-crust actually re-wrote each of those variants to be different, i.e. varying payloads, damages, etc. So, yes, they are unique and thus have different signatures. The different names the various anti-virus makers use to refer to the SAME variant obviously should not be counted, but all the variations of a given virus should be, because they ARE in fact different virii than their original versions.

  • double counting? (Score:3, Insightful)

    by Lawrence_Bird (67278) on Wednesday December 29, 2004 @01:09PM (#11210213) Homepage
    are they all unique? Or are many of them variants on an original? Seems to me we should only be counting big version
    numbers and not the updates
  • by Lisandro (799651) on Wednesday December 29, 2004 @01:09PM (#11210219)
    That would be an interesting figure, and i guess it'd be pretty high. The ammount of mail traffic due to zombie machines spamming is amazing.
  • by bigdaddyhame (623739) on Wednesday December 29, 2004 @01:10PM (#11210221) Homepage
    Does the article mention how many of those >100,000 affected the Mac OS platform?

    The Top 10 List reads like the leader board at a chess competition.

    1) Netsky-P
    2) Zafi-B
    3) Sasser
    4) Netsky-B
    5) Netsky-D
    6) Netsky-Z
    7) MyDoom-A
    8) Sober-I
    9) Netsky-C
    10) Bagle-AA
  • by sci50514 (722502) on Wednesday December 29, 2004 @01:10PM (#11210224)
    I feel so cheated. My office Symantec Corporate Edition listed only 68585 viruses. Where are my other 31415 virus definition? :)
    • Man, you need to run Live Update. Mine lists 68,603. You're missing out on 18 viruses!

      When was the last time you ran Live Update? Yesterday? You've got to keep up to date with these things!

  • by derxob (835539)
    If computer viruses were detrimental to our health, we'd all be dead. Although, if computer viruses were actually deadly, think of how much smaller this number would be..
    • if computer viruses were actually deadly

      It reminded me of this from a few years ago regarding solid programming.

      If houses were built like software, then the first woodpecker that came along would destroy civilization. They were not too far off.. There has been a lot of repairs and patches applied just to keep it standing a few days longer.
    • Speak for yourself, None of my systems have contracted one.
  • complacency (Score:4, Interesting)

    by Anonymous Coward on Wednesday December 29, 2004 @01:11PM (#11210237)
    Just because you have an ultra-secure computer doesn't mean you should be complacent about theft of confidential data.

    One of my buddies got his credit identity stolen a few months ago, he figures, by someone at a store who processed his credit application when he bought a home theatre system (Zero interest! Don't pay til way later!).

    By the time collection agencies were knocking at his door, that store had closed.
    • Do you have a credit card from a company that likes to send you handy "checks" that can be written against your account?

      All it takes is one punk to grab your mail and you have a problem.

      Your mail can even be delivered to the wrong house and you can be compromised.

      The fact is, we are not currently setup to deal with identity theft. We have a bunch of half measures that easily circumvented by anyone who thinks about it.
  • Most listed, especially in the top 10, are just trivial variations of a previous virus/worm.

    So it's kind of like MAME supporting umpteen billion different rom sets, when most of them are clones or revisions of an original game.

    You could probably release 100,000 variants of NetSky if you wanted to, just by embedding random payloads.
  • The first thing I thought when I saw the headline was 'broke 100,000 what?'. The headline should have been better, like 'crossed the 100,000 barrier' or just 'crossed 100,000'.
  • by blair1q (305137)
    You know, I'm beginning to think these computer things aren't all that secure.

    (p.s. I put a router between my computer and my cable modem, and I don't click on executable links unless they're from a trusted source and confirmed as having been sent deliberately; I have never--not ever--had a virus or a break-in on this subnet.)
  • by WidescreenFreak (830043) on Wednesday December 29, 2004 @01:18PM (#11210300) Homepage Journal
    The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.

    But quite frankly the ISPs and of course the individual users are to blame as well.

    Why don't broadband ISPs require boradband firewalls? Only recently have some of them started to incorporate firewalled modems, and even then they're only sent to new customers. Would this mean that existing customers would have to spend money for a new router at the ISPs demand? You bet. But given the choice between disconnection or buying a $50 router, I'm sure that the vast majority would find a way to get that $50.

    Additionally, most virii are sent over SMTP ports since they contain their own SMTP servers. I would not be against shutting down direct-from-client SMTP as long as those who run their own mail servers have the option of having their specific connection opened for SMTP traffic.

    Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?

    At this point I would actually welcome something like a drivers license for broadband access. You don't gain the ability to use a broadband connection unless you prove to the ISP that you know the rules and that you are informed of how to be a responsible Netizen, including the use of firewalls, virus scanners, and alternate products like Mozilla, Eudora, Firefox, and others. If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.

    If people were made aware that any virus or worm outbreak cause by them would mean the complete loss of their Internet connectivity, I think we'd see the number of virus infections drop dramatically.

    But have an ISP do the responsible thing at the risk of pissing off customers? No, they'd rather spend billions of dollars a year on mail storage, spam-fighting hardware and software, increasing bandwidth usage, and always-rising amounts of mail to abuse@isp.net...and of course pass those charges onto us.
    • I'm sure that the vast majority would find a way to get that $50.

      Nope. They would not. They would cancel their subscription and either switch to competiton who will give them a free router, or re-signup with the provider to get the 'firewall' enabled modem. Simple laws of economics.

      Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?

      Noble goal.. What about AIDS or teen
    • You don't gain the ability to use a broadband connection unless you prove to the ISP...

      Amen, I finally got my wireless network up and running securely with the proper (at least the best I can do with a consumer grade device) security.

      Windows really pisses me off, SP2 Crashed my computer after I tried to update. ARGHGHDFHZ, anyway, as soon as everything is running smoothly, Guess how many networks I see (just using windows utility) - five, including mine.

      Guess How many of the 5 were secured: Mine

      Gues

    • The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.

      Gotta agree. But the firewall is only a band-aid to the real problem. If Microsoft fixed their security model, we wouldn't see the viruses in the first place. Look at how many Linux viruses there are then look at how many of them exist only on 5 machines or fewer. That's a lab.

      Viruse

    • At this point I would actually welcome something like a drivers license for broadband access...

      Why not require they run Linux instead?

      Knowing most ISP's, they'd implement a "broadband drivers license" in such a manner that it refused a connection to anyone who wasn't running the latest version of Windows, with all the system-slowing anti-virus, anti-spyware, anti-adware, firewalling software that is required of Windows users. Oh, and you can add DRM to that as requirement as well.

    • They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.

      And even with SP2 it only works for incoming traffic, incredible they can get away with calling it a Fire Wall.

    • ISP's typically don't want to handle the support. Many of them won't even handle spyware removal.

      If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.

      My idea is to give the users a certain amount of time to buy a router (either from the ISP or at your local store). After the time expires, face a larger reconnection charge if you are shut down for abuse. The ISP could even go as far as getting custom firmware for their routers. But it would only work i
  • what viruses? where? (Score:4, Interesting)

    by gobbo (567674) <wrewrite@gmail.cSTRAWom minus berry> on Wednesday December 29, 2004 @01:19PM (#11210307) Journal
    I've gotten so cozy in my nearly MS-free world since I managed to offload the last W2K machine that I forget about the risks, and how that antiviral cruft soaked up CPU and RAM.

    Until, that is, I open an MS Office document with macros, then the whole sense of dread and ire comes back; and I'm always surprised and annoyed when the latest worm brings local networks staggering to their knees.
    • I've gotten so cozy in my nearly MS-free world since I managed to offload the last W2K machine that I forget about the risks

      Hehe. I know exactly what you mean. At home it's all non-MSFT and I get spoiled by how fast my computers are. And I can focus on doing things with my system instead of endless patching and virus definitions and all the constant tweaking you have to do to a MSFT box.

      Then going to the customer site and it's like running in sand. You catch yourself sitting there thinking, "Did i

  • by Kjella (173770) on Wednesday December 29, 2004 @01:19PM (#11210310) Homepage
    100, 100.000 or more... viruses are quite easy to contain because they are unquestionably nuked as such. What I don't like is all the other semi-legitimate software (hello adware, hello malware, hello spyware) which can fuck up your computer almost as bad or worse, except they come with an EULA.

    I think all software should come with a self-signed key. By default it should allow upgrades by the same key (version 1.0->version 1.1), but not let other programs update eachother (e.g. explorer hooks, IE hooks, grab default applications, overwrite system libraries etc.)

    I'm talking about all optional here, not DRM. I would love to have it such that I could install apache on my linux box, and not have it overwritten by anyone but apache (without my explicit permission) as well. Right now, once you have root, it is enough. But proper rights should be "need-to-have". Give a program permission to install itself, but don't fuck the rest of the system? Today, that can't be done.

    Kjella
  • 100000 virus == two's complement overflow for the 32bit OS on which they thrive. The number of computer virii is as misleading as the medical alternative considering the human toll that is exacted.
  • by Luscious868 (679143) on Wednesday December 29, 2004 @01:24PM (#11210359)

    What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems. I really wish that Microsoft would include some basic type of anti-virus / anti-spyware utility with the operating system.

    Yes, there would probably be a huge outcry about antitrust violations, but I believe the bottom line is that Microsoft has a duty to ship an operating system that is as reasonably secure as possible without including so many features as to push other vendors out of the market. I think the firewall in Windows XP SP2 is a good example of a compromise. The firewall includes enough basic features so that users aren't completely hanging out there in the wind, yet does not provide such a robust feature set so as to push third party firewall vendors out of the market. The disk defragmentation utility is another good example of a compromise. It has enough basic features to be useable, but not enough so as to push third party vendors out of the market.

    Microsoft could do it if they wanted to, even if there was an outcry from vendors. Look at what they did with I.E. when they decided they wanted a piece of the browser market. For a more modern, post anti-trust trial example, look at what they are doing now with Windows Media Player. Yeah, the EU is calling them on it, but I think a real case could be made that a basic anti-virus / anti-spyware utility is as important a part of basic system security as a firewall.

    Of course, if Microsoft just fixed I.E. and Outlook / Outlook Express, viruses and spyware wouldn't be as much of an issue, but we all know about how likely that is to happen.

    • If you were paying attention, you'd have noted that not only is MSFT developing it's on AV tool but they also plan their own spyware scanner/remover.

      Windows 3.0 had MSAV, are any /.ers old enough to remember that? They abandoned it, deciding it was too much work to maintain something that, at the time, wasn't viewed as a necessary compnent. And it wasn't needed, in a simpler, kinder, pre-internet world.
    • What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems.

      I've never had any antivirus software installed. Never. At home I've run Windows 2003, XP, 2000, NT, ME, 98, 95 and 3.1.

      I've also never had a virus. Ever. Safe browsing habits, proper choice of application software and a hardware firewall are enough. Anti-virus is mainly for those who are not knowledgeable enough to perform the above. While this is a large num
      • Many viruses use standard ports to call home.

        If you are using only a hardware firewall you could already be owned and your computer could be seen by your firewall as an overactive mailer...
        • If you are using only a hardware firewall you could already be owned and your computer could be seen by your firewall as an overactive mailer...

          It needs to somehow get installed on my machine before it can call home, and that hasn't happened. I know because I periodically use Symantec's online virus scanner, and it's never found anything. And it does work because I've used it to diagnose other peoples infestations.
    • How about they focus on making a more secure OS and leave the virus hunting to those who specialize in it.

      In other words, MS needs to focus on fixing the OS and the rest will fix itself.
  • by ratboot (721595) on Wednesday December 29, 2004 @01:27PM (#11210399)
    Viruses still exist because programmers still use obscure C functions full of holes and obscure processors full of executable stacks.

    Please programmers, read the electronic paper "Smashing The Stack For Fun And Profit" (->Google).

    zzz
  • In the wild? (Score:3, Insightful)

    by slavemowgli (585321) on Wednesday December 29, 2004 @01:30PM (#11210424) Homepage
    How many of those are actually found in the wild? 100,000 is a big number, but ultimately meaningless when you want to assess the risk posed by viri etc. Throwing around big numbers like that is more the realm of marketing than that of engineering. :)
    • How many of those are actually found in the wild?

      Granted, 100,000 may not currently be in the wild, but I saw 33 different varieties of Windows viruses (over 3500 actual files) bouncing off my email gateway last week and not one Linux, Mac or other OS virus.

  • The number sounds like FUD, once we get past the variants how many truely original viruses are there? I would imagine that very few original viruses have ever been created, the overwhelming majority are nothing more than variations on someone else's work.
  • I think the vast majority were malware and spyware. What is the difference between malware and a vius? Nothing really, it's just a trojan virus. So I feel this is understandable.

    But, I am fuck1ng sick of the AOL commercials that talk about you losing all of your data and photos due to a virus. I posted about this before, I feel this is just wrong, to my knowledge there hasn't been a widespread virus in years that formatted your HD.
  • by rah1420 (234198) <rah1420@gmail.com> on Wednesday December 29, 2004 @01:33PM (#11210459)
    from TFA: [bbc.co.uk]

    On the positive side, Finnish security firm F-Secure said that 2004 was the best-ever year for the capture, arrest and sentencing of virus writers and criminally-minded hackers.

    In total, eight virus writers were arrested and some members of the so-called 29A virus writing group were sentenced.


    Eight? EIGHT??

    (deep sigh)
  • Is there really a need for viruses to get data?

    "Sure sir, two AA batteries, now if I could just get your phone number, home address and date of birth for a survey we're conducting!" ... survey...

    Clever wording for DATA MINING...

    Tom
  • by YukiKotetsu (765119) on Wednesday December 29, 2004 @01:40PM (#11210537)
    These things are looking more and more realistic/genuine all of the time. The last I got I opened up the email just to take a look, and the reply to address was "cgi.ebay.com/cgi-bin/"whatever else... it looked so nearly authentic it was scary. Everyone sees the cgi-bin at the ebay page, so having the name cgi.ebay.com was just... yah... I see why people fall for these, they are just uninformed, thinking someone actually was trying to steal their eBay account and such. What needs to be done is when you sign up for stuff, you are required to read aloud to a microphone some statement about how the company will never send you emails to verify account information, social security numbers, and so on. It's the only way to guarantee they read it, but perhaps they still wouldn't understand it. It's just scary. What we need is to make a global law about these things as well... if you are found doing this sort of act, you and your whole immediate family is executed in front of a live TV audience. I bet it'd get higher ratings that Survivor!
  • In my opionion virus (plural) nearly died out. What they now refer to as virus is mostly a worm; I haven't seen many digital parasites that integrate themself into binaries for several years now, and those things that open servers and copy themself from system to system are worms, they don't infect other binaries (cells), they just sit in the system (organism).
  • ...with attacks are becoming increasingly sophisticated.

    Yeah, by sophisticated they mean its one where they put @citibank.com in the reply-to address of the email so you know its legit!

  • Despite the brahuhahas from MS marketing about "Trusted Security" initiatives, the viruses are proliferating out of control and in many cases slipping beyond the reach of many anti-virus detectors found today.

    I find it incredulous that insufficient efforts were made to for the Microsoft Dutch Boy's skinny fingers flailing in vain to stopping this rising tide against the proverbial leaking dike of viruses.

    Hello? Microsoft? WHat do you say to that?
  • Take out all the substrains created by script kiddies who took the original code and edited it a bit to make their own strains and knockoffs, and we're left with what, twenty thousand strains?

    Gaobot alone has what, ten thousand variants? Symantec's up to something like Worm.Gaobot.BGC to describe the strains now, which is 26^3 or something like that.

    The real problem is the whiny little bratty script kiddies who make the damn knockoffs of the viruses and worms (ESPECIALLY the Bagle and NetSky groups), not

FORTRAN is for pipe stress freaks and crystallography weenies.

Working...