Storm Worm Being Reduced to a Squall 183
Rumours of financial schemes surrounding the botnet aside, PC World has an article that should lower the blood pressure of some SysAdmins. The Storm Worm botnet is apparently shrinking. A researcher out of UC San Diego who has been tracking the network has published a report indicating it is now only 10% of its former size. "Some estimates have put Storm at 50 million computers, a number that would give its controllers access to more processing power than the world's most powerful supercomputer. But Enright said that the real story is significantly less terrifying. In July, for example, he said that Storm appeared to have infected about 1.5 million PCs, about 200,000 of which were accessible at any given time. Enright guessed that a total of about 15 million PCs have been infected by Storm in the nine months it has been around, although the vast majority of those have been cleaned up and are no longer part of the Storm network."
Re:Spread of Windows (Score:2, Insightful)
WGA raises the barrier of casual copying to lusers who's skill wouldn't have been enough to stop them getting pwned by some virus, and being incorporated into a botnet.
Re:Spread of Windows (Score:3, Insightful)
Re:Spread of Windows (Score:1, Insightful)
don't be sure (Score:5, Insightful)
Furthermore, the storm virus is known to be updatable. Is it possible it was updated to be even less obtrusive, thus escaping detection in other ways? Maybe it has gone into dormant mode, because the creator doesn't need so many computers at the moment.
One interesting innovation of the worm, quoted from the article:
I think some part of me must be sick or something, because when I read about this I almost hope the worm will get bigger, become unstoppable, and reveal windows for the insecure piece of crap that it is. Linux, BSD, OSX, Solaris, and heck even Minux could clearly stand up to a threat like this much more easily than Windows.
Re:Spread of Windows (Score:2, Insightful)
Re:don't be sure (Score:5, Insightful)
> almost hope the worm will get bigger, become unstoppable, and reveal windows for the
> insecure piece of crap that it is.
Already been done. Nobody cares.
Re:Spread of Windows (Score:1, Insightful)
Mac and Linux users (Score:1, Insightful)
Just breathed a collective sigh of relief...
Oh wait, maybe they were just rolling their eyes and sighing. Honestly, don't mean to troll, but you Windows users put up with so much trouble an annoyance just so you can avoid learning how a computer actually works...
Methinks you guys would be better off just biting the bullet and switching. Sure, Macs are more expensive, and Linux has a steep learning curve, but isn't it worth avoiding all of the frustration you're going experience over the rest of your tech lifetime? Or are you one of those folks who relishes the semi-annual Windows reinstall? Perhaps you like paying an annual license fee to keep your computer from getting infected with a virus?
When you think about it, even if you don't factor in the cost of your time, Microsoft Windows systems are easily the most expensive systems to run on the planet, and the least useful (unless you expect your corporate users to play games all day...) Microsoft has been leveraging fear of the unknown to blackmail and intimidate non-technical users into supporting their monopoly, and the only winners I see in the whole thing are Microsoft and Intel. The users aren't any better off, and sysadmins risk their careers (not to mention their marriages!) on the capricious reliability and security of Windows systems.
But I guess that's why there's an old saying: Fool me once, shame on you. Fool me twice, shame on me . Microsoft fooled me once. I'm not getting fooled again.
Re:Bullshit (Score:3, Insightful)
Re:Mac and Linux users (Score:4, Insightful)
Re:Mac and Linux users (Score:4, Insightful)
Yes, those systems are more secure than Windows. No, they are not secure enough to deal with the assault of a wave of moronic users. Feel free to dream of an exodus away from Windows, but understand that nothing will change, even if your dream comes true.
Re:Spread of Windows (Score:3, Insightful)
Why would anyone think that? Windows is Windows whether it's pirated or paid for. Is a drunk weaving through heavy traffic at 135kph any more or less of a menace if he's driving a stolen car rather than a car he "owns"?
Re:don't be sure (Score:5, Insightful)
Heh, I knew someone was going to trot out this old troll. The point is, it would be much easier to secure unix-type systems than windows-type systems. Compare Microsoft's budget to that of OpenBSD; now tell me, which is more secure?
For it to be effective as a virus, it is going to have to install itself to startup somehow. What is going to do, add a line to my .bashrc? Add a script to /etc/rc.d? It can't do that, only root can, and I don't browse the internet as root. Nobody does.
You may say, "it will prompt you for the password and idiot users will just type it" but you are showing your Windows bias. On windows, you get so many popup prompts that many users just ignore them and do whatever they ask. OSX has shown that it can be done differently, however. Ask any average OSX user what they would do if a downloaded attachment asked them for their root password, and they will say something to the effect of, "Freak out and delete it immmediately." It's because the warnings and prompts in OSX don't become annoying.
Security on Windows is hard. For any vulnerability, it takes a lot more effort to fix on Windows than a similar vulnerability in a Unix system. In unix-world, fixing the OS is an option.
Re:Oblig. (Score:3, Insightful)
I think the problem of viruses would be greatly reduced if people were less ignorant about how their behavior causes them to get viruses.
Windows can be an okay operating system security-wise, if people didn't do these things:
Run Internet Explorer: IE is buggy and and insecure. If everyone replaced it with Firefox with the NoScript plugin installed, you could watch how much fewer viruses there would be.
Run Outlook or Outlook Express: Mail programs shouldn't have scripting abilities that can take control of the entire OS. Watch how much fewer viruses would exist if people would run Thunderbird instead.
Download programs from untrusted sites: Lots of random malware, spyware and viruses are installed because users the latest 'cute' or 'cool' thing their friend told them about.
Enable VBA macros to autorun in Microsoft Office documents. Turn off macros.
Run as Administrator: Either learn how to use your OS properly or upgrade to Vista. Seriously.
Eliminate these behaviors and you will have removed the most common vectors of infection on Windows machines.
Re:Mac and Linux users (Score:2, Insightful)
Re:Spread of Windows (Score:3, Insightful)
Re:Oblig. (Score:3, Insightful)
She kicks yes and saves to the desktop and now she's stuck it won't install, the easy way around it is to switch users to admin, (wait for all of the crapware to auto-load) and try to remember what site and plug-in she needed and of course she can't. So Now She gets and inspiration, and clicks though my computer, Documents and settings to her user area and access is denied! Curses, not she whiches users back and try to right click the installer and chicks run-as admin, still admin has insufficient privileges to open the file, Aunt Millie is stuck and from now on Aunt Millie is going to run as Admin because its easier and her computer is going to be part of the next bot net.
The problem is you say so many legacy apps need to run as root but in windows their is no root, root is the trusted superuser in *nix, in windows there is admin, the untrusted semi-superuser. Root is your Priest/Rabi Doctor and Lawyer all rolled in to one in the computer context, root is privileged as in Dr-patient privilege, Admin is the asshole one level up trying to get leverage over you or the car mechanic in a one horse town ready to cut your fan belt in the blink of an eye as you pass through.
OBTW do you know how to install software saved on a LUA's desktop? Took two years but I figured it out.