25% of Worms Spread Via USB

An anonymous reader writes "In 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices connected to computers, according to PandaLabs. This distribution technique is highly effective. With survey responses from more than 10,470 companies across 20 countries, it was revealed that approximately 48 percent of SMBs (with up to 1,000 computers) admit to having been infected by some type of malware over the last year. As further proof, 27 percent confirmed that the source of the infection was a USB device connected to a computer."

there is nothing new under the sun

[buddyglass]

Way back in the day it was infected floppy disks. Given people now use USB drives like we used to use floppy disks, it only makes sense that malware would (once again) use them as a distribution method.

Re:Surprise?

[oodaloop]

Oh, whoops! Was I standing on your lawn? Sorry 'bout that.

Re:No, really?

[operagost]

None that I know of, but today's USB drive is yesterday's floppy.

Re:No, really?

[HiThere]

Well ... modems used to connect over the serial port. I seem to remember a few viruses that spread that way.

Re:Surprise?

[Rich0]

Or, go ahead and have an auto-install process, but don't make it "look for a file on any removable media and run any executable that it references."

Instead, when you insert a disc have the OS's package manager look for an installer file in the proper format, and then the package manager asks the user if they want to install the file. Don't have every software vendor writing their own installers.

Oh, Windows doesn't have a package manager? Well, we should fix that as well. There is no reason that software should need its own install executables. An installer needs to get files into the right (ie standards-driven) process on the drive, and initialize global settings. There is no reason that a centralized package manager can't do that (just look at any linux distro). As a bonus uninstalls become trivial without any vendor support.