Years-Old Conficker Worm Still a Threat 71
RedEaredSlider writes "The Conficker worm is still a threat, even though it is more than two years old and nobody has used it in a botnet attack yet. The problem is that so many machines are infected (largely because many don't realize it) and it's such a flexible piece of malware."
If security programs dont get it right ... (Score:4, Interesting)
of course it still a problem, especially if you read what happened to me this morning.... .... his is Win7 using Trend Micro (included when buying the dell) . When I turn Trend Micro off it performs well, loads the web-pages at the same speed as mine does.
Our sales directors computer (dell) has real trouble accessing the net (very very slow) whenever he tethers his laptop with his Galaxy S. I have the same laptop and phone but use Fedora14 and tethering gives me real good speed (considering)
So there would be no surprise to me if a lot of machine run without virus/internet security because those machine become a real hog/snail/whatever .... so users cant be bothered!
China loves Conficker (Score:5, Interesting)
The college (part of a larger university, but separate for IT purposes) I work at in Beijing has a choice between two different free (Chinese produced) antivirus/antimalware products. The one that detects Conficker is on the computers of the people designated "sysadmins" (discussion for another day as to what qualifies as a sysadmin at this school) and any computer I am required to use as a function of my work (not including my personal notebook, which the admins aren't allowed near). The software that doesn't detect Conficker (or quite a few other 2+ year old baddies, in spite of being "up to date") is on everyone else' computer. As best as I can determine, this is to give the appearance of justifying the positions of the 5 sysadmins needed to support less than 50 computers (not including the lab computers which require minimal support because they suck so badly the students would rather go to an internet cafe to do their work, if they can't afford to use their own computers). Someone let me know when an opening at Tsinghua U. is available.
i confirm this (Score:3, Interesting)
i know someone who works at a huge support center for a certain cellphone carrier. this person has informed me that they spend a good deal of their day telling people to shut off antivirus in order to get their "Modem Cards" (apparently the fashionable name amongst the masses) to work.
Re:The real issue: (Score:5, Interesting)
The real issue: software industry releases insecure products and blames ordinary users for not being IT security experts which is what it takes to be truly secure.
WGA/pirated copies of Windows (Score:3, Interesting)
One problem is the low-end users who have systems they have bought from a "friend" which turns out to have a WGA-failing pirated copy of Windows. Windows Updates refused to allow it to be patched, leaving it to sit there waiting to be infested.
What Windows needs to do with WGA is give a grace period (60 days?) and warned if you do not get this copy legally licensed within X days then it will stop working (just like beta demo copies). After that time, have it just start up, explain the error and shut back down after 60 seconds. Not popular, but it would keep the bad machines offline. It would force the users to either get legit Windows installs which would have patch support, and/or they'd move to Linux which would also have patch support.