20 Years of Innovative Windows Malware 82
Posted
by
CmdrTaco
from the innovate-this dept.
from the innovate-this dept.
snydeq writes "InfoWorld's Woody Leonhard takes a look at the past 20 years of innovative Windows malware — an evolution that provides insights into the kinds of attacks to come. From macro viruses, to interstitial infections, to spray attacks, to industrial espionage, 'there's been a clear succession, with the means, methods, and goals changing definitively over time,' Leonhard writes, outlining the rise of Windows malware as a succession of ingenious breakthroughs to nefarious ends."
Good ole' days... (Score:2)
Re: (Score:1)
I remember the good old days when viruses spread by hand.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
That's "cooties", not "viruses".
On the other hand, Windows users always have cooties.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I remember getting by Stealth virus in college. We had to use McAfee VirusScan to clean up our 3.5" floppy disks. Ugh.
Re: (Score:2)
Back in the Win 3.x days my boss has brought 99% of infections to the company because he had to stick his floppy into every slot he could find...
Re: (Score:1, Insightful)
You know what else are huge targets, and far more valuable than windoze boxes? LAMP servers.
You're a moron.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
What is really telling is that there are now social engineering attacks to get access to people's windows machines. People actually cold call saying how they are from "Microsoft Tech Support" and try to get you to (a) pay for 'warranty' and (b) give them access to your machine using logmein123.com. I've actually had to fix a system because the person just did what he was told to do. Unbelievable. You can't secure a system from it's own administrator, so if the administrator is an idiot, his box is as good a
Re: (Score:1)
Re:Let the windows hate begin (Score:4, Insightful)
Re: (Score:3)
With all respect, that's an absolutely facile statement.
1. Add up the total number of devices that run some kind of Linux kernel in this world and it would certainly exceed the number of instances of OS X being used and may even give Windows a run for its money - I'm talking everything from DVD and media players, through car engine management systems to Internet servers. The number of desktop instances of Linux is probably very small in comparison, I agree, but they could all suffer from security exploits.
2
Re: (Score:1)
And maybe even a few arguing an overall moribund history of patching known holes.
Re: (Score:1)
Why not blame the OS and the CPU architecture underneath?
System security shouldn't be something users should ever have to worry about. While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."
x86 CPUs kind of suck for security. Windows as an OS really sucks for security.
Re: (Score:3)
What ? That's like saying steering isn't something car drivers should ever have to worry about.
The end user is the single biggest security risk in any remotely modern system.
What security features were missing until Windows 7 ?
Re: (Score:1)
What ? That's like saying steering isn't something car drivers should ever have to worry about.
The end user is the single biggest security risk in any remotely modern system.
70% of malware results of drive-by infection. [cyveillanceblog.com]
This is more akin to the idea that I shouldn't worry about hitting the gas or brake pedal in fear of blowing the engine.
What security features were missing until Windows 7 ?
A real UAE implementation, NX, ASLR, etc? Windows Vista had some of these features but they sucked, and Windows 7 still sucks by a large margin, Windows 7 just sucks a whole lot less.
Re: (Score:3)
So, an application problem, then ?
I assume you mean UAC. Windows NT has had this since day one, Vista and 7 just made it more automatic.
So did other OSes until about the same time. Are you asserting their security, also, was "a giant sign that says, "Please don't own this box."" ?
Re:Let the windows hate begin (Score:5, Insightful)
System security shouldn't be something users should ever have to worry about. While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."
Absolute rubbish! And that's coming from me, a mostly Linux user.
Microsoft made some design mistakes in Windows and cocked up on marketing making people believe that it is entirely possible to use Windows as an inexperienced user and never have to worry about security. In Vista they tried to counteract that bad information by annoying everyone with "in your face" security reminders called UACs, realised they'd gone too far with that and backed off a little in Windows 7. (And that *really* is the extent of my Vista and Windows 7 knowledge because I've not yet used either.)
But even up to and including XP, if it's patched up to the latest Service Pack and patch version, has a firewall activated, a virus checker and sits behind a NAT router on the Internet, then that system is going to be pretty safe just sitting there.
The fact is, that XP machine will get viruses and malware because an inexperienced user has not understood what he's doing or has been tricked into clicking something he should not have done. Sorry, but if you insist on downloading cracked games and cracked software from BitTorrent, then you're going to be putting viruses onto the machine that will end up trashing it, it's that simple.
But, on the other hand, if you get rid of applications like Outlook and IE that hook deeply into the core system, replace them with standard applications like Thunderbird and Firefox (or countless other web and mail clients) that sit *on top* of Windows, rather than *within it*, then that's already going to block a lot of malware getting onto the system in the first place. Then take care with email attachments, stay aware from dodgy software and sites, and like me you'll have several XP systems that haven't seen a virus in years.
Ever OS (yes, even Linux) has security weaknesses that can be opened up by a user who is not sure about what he/she is doing.
Windows is *not* an easy system to maintain, XP needs as much care and attention from an administration and day-to-day maintenance perspective than anyone of my Linux servers do, maybe even more so in my case because I'm much better at automating stuff in shell/Perl scripts on Linux than I am on Windows.
But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it, and your comments don't honestly do any justice to the number of really good Windows sysadmins who make a pretty good job of keeping it secure, in my experience.
Re: (Score:2)
Please elaborate on how Outlook and IE "hook deeply into the core system".
Re: (Score:2)
I don't claim to be a Windows expert.
As I understand it, some Microsoft applications have deep hooks into the core OS or libraries that give them higher privileges that what the user running them has - the best analogy I can give is "sudo" in Linux. It is those elevated permissions that allow some scripts or malware to exploit.
As I also understand it, Outlook and IE can run scripts without too much intervention that can use those elevated permissions also.
Other than that, I can only speak from years of expe
Re: (Score:2)
How did you come to "understand" this patently false proposition ?
Re: (Score:2)
I'm going to leave it there with this thread, I think.
This is beginning to feel too much like I'm talking to ELIZA [wikipedia.org].
Re: (Score:2)
Look, it's a pretty simply question. You are asserting that certain Windows applications have "deep hooks" into the OS. WHY do you believe this to be true ? What evidence is there that it is true ?
I can tell you right now that your belief is false. I am curious as to how you reached it, however.
Re: (Score:2)
The assertion is that IE has "deep hooks into the OS" that enable "higher privileges", not that it is one of the included components of a default Windows install.
Re: (Score:2)
But even up to and including XP, if it's patched up to the latest Service Pack and patch version, has a firewall activated, a virus checker and sits behind a NAT router on the Internet, then that system is going to be pretty safe just sitting there.
This is what I'm talking about. Users are users, they're not a thing for OS vendors to abuse. They live lives outside of the realm of computing too.
But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it, and your comments don't honestly do any justice to the number of really good Windows sysadmins who make a pretty good job of keeping it secure, in my experience.
I'm speaking purely in the user space sense. Users shouldn't have sysadmin skills.
Sysadmins on the other hand, are paid to support and keep systems running. Non-sysadmins typically are already working one maybe two jobs, why are we advocating that they also do technical support for free?
Re: (Score:2)
Yes, but the core point I am trying to make is that you simply cannot make a simple statement that an OS is inherently insecure - it very much depends on what other layered security defences are placed around it.
I would hope that these days, virtually everyone with an Internet connection is using an ISP-supplied NAT router because that alone adds a whole heap of good security protection over any computer just connected to a USB ADSL modem.
Re: (Score:2)
But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it,
While I agree that this is part of the problem, the idea does not take into account the serious system security flaws that failed to even involve the user, skilled or otherwise.
From the article:
The root of the problem? In those days, Outlook used Internet Explorer to display HTML-based emails. Even though you never saw IE in action, it was there, lurking in the background, running VBS programs without permission. Years later, the Klez worm used the same approach, but with a different security hole.
Re: (Score:2)
Re: (Score:1)
Re: (Score:3)
Don't bother. It's practically an article of faith around here that Windows is badly-made, that Microsoft is a malicious, profiteering drag on innovation, and that Windows OS security is responsible for the spread of malware. This view might have been partially accurate 15 years ago, but in 2011, the worm has turned. Companies are made up of people, and people change and mature. Microsoft is trying to be a good corporate citizen these days, and frankly, I'd be far more worried about Apple, both from a t
Re: (Score:3)
If by "article of faith" you mean "consistent with the long history of this corporation, its products, and its business practices" then I agree. The tone with which you make that statement reminds me of a saying: I'm sorry if the correct way of doing things offends you.
The only thing
Re: (Score:2)
Can you highlight the aspects of Apple's marketing where they "unambiguously state that their products may endanger the user if the user does not learn about and follow good security practices" ?
Re: (Score:2)
Can you highlight the aspects of Apple's marketing where they "unambiguously state that their products may endanger the user if the user does not learn about and follow good security practices" ?
Oh I get it. This is more "us and them" fanboyism. It's like when I say that something Obama does is bad for the country, somebody who likes the Democrats has to chime in and say "oh yeah well Bush did this and that and it was bad too!" as though that makes it okay. Like it's a big imaginary zero-sum balance sheet, so if I criticize "one side" I must also be supporting "the other side". You're either with us or against us, right? It's a rejection of objectivity and I refuse to validate it.
Why would you
Re: (Score:2)
No. I'm merely wo
Re: (Score:1)
>Apple made a wise move by basing OSX on BSD Unix. They won't end up reinventing Unix that way and they are starting with a mature codebase that has already experienced a great number of security attacks. Of course that isn't and won't be perfect, but it would be worse still if they started from scratch.
But the world is evolving. Even windows now has a mature code-base that was NT (which further contains significant bits of OS/2). The problems encountered and solved 10 years ago don't apply today. Tech
As a Windows Admin (Score:2)
I'd have to say Windows 7 is not too difficult too bad these days.
The biggest problem I have always had with Windows though is the way it manages applications. There are far too many install vectors, from a single binary to various packaged installers.
Microsoft should have secured this better and reduced the options to developers for installing applications. All it does is confuse the user, and make it more difficult for heuristic scanning to determine what is legitimate or not, plus it allows developers to
Re: (Score:2)
What ? I can get applications onto a Linux or OS X systems via a binary in a zipfile/tarball, via a package manager like Fink/apt/RPM, via a packaged installer, by a simple drag & drop from a disk image, by compiling from source, from a shell archive, and probably others I haven't thought of.
Your argument is ridiculous on its face. There are *more* "install vectors" on Linux and OS X than there are on Windows.
Re: (Score:1)
I disagree. They are the same, which is too many.
Odd... I just watched a similar article... (Score:1)
Re: (Score:1)
Dumb security (Score:2)
The losing strategy of trying to enumerate all the bad software [ranum.com] in existence is so stupid because bad software outnumbers good software, so why can't we enumerate all the good software - all versions?
In theory you can never be sure that you've removed malware. A compromised computer is compromised forevermore.
I honestly think with enough smart people, the right technology and software you can make malicious software less of a problem. Here's an example:
rather than installing the antivirus on your PC, you ta
Re: (Score:1)
Better Link (Score:5, Informative)
I wish they'd link to the print page: http://infoworld.com/print/151021 [infoworld.com]
At least this way you avoid the obnoxious SIX pages layout for what could fit in a single page easily. I know, I know... The submitter is always an InfoWorld employee and /. editors don't know the meaning of the word "edit", but hey, I can still ask? Beg, maybe?
Re:Better Link (Score:4, Informative)
Re: (Score:2, Funny)
Don't take this the wrong way, but does it kill you to hit the print button yourself? I mean, sheesh. I know, I know... you're being tracked as you move your mouse to the button, etc.
Re: (Score:1)
Re: (Score:1)
'Software improves over 20 years' (Score:2)
20 Years of malware (Score:1)
Let's see...There was DOS then Windows 3.x, Windows 95, Windows NT, Windows 98, BOB, Windows ME, Windows 2000, Windows XP, Vista, and Windows 7. I think that's a little more than 20 years actually.
Moore's Law of Malware (Score:1)
Someone smarter than I am may have an (informed) opinion about whether malware and other types of attacks will have a Moore's Law-like life cycle. Are the bad guys winning? I'd say that they're winning if they will predictably make use of publicly networked computers in business or at home more trouble than it's worth.. Adding to the bad guys' risks are the good guys who are dancing with the devil with their untapped treasure trove of personal information.
20 years! (Score:5, Insightful)
Why have we put up with 20 years of Windows virus's for so long?
TWENTY YEARS!
What a complete waste of time. And my time is worth much more that the paltry licence fees I have shelled out over the years!!!
Is there any way to say that this is not an epic fail for the Win16/32 platform? On other platforms (Mac, Linux, other Unix's) the total amount of malware is hardly about 100 items in that time... Even if it is around 1000 (I really don't know) it is insignificant in comparison.
I have had not one malware issue in ten years of hosting Linux servers and five years as a Desktop OS on multiple PC's. My last Windows issue was a false positive: AVG thinking it had found a torjan in hal.dll and "healing" it. Thanks AVG. Several hours of work to restore that machine... (the re-imaging broke).
No Windows on every one of my desktops thanks!
Re: (Score:2)
Re: (Score:1)
You will be Really Impressed with my use of Capitals then! And my confusion with ei and ie! Just wait till you see me write in French!!!
Actually, I was trying to figure out the plural of Unix - is it Unixes or Unices. I figured Unixs would be wring but I guess Unixes is more proper.
Cheers, ;)
Well... (Score:2, Funny)
...at least something about Windows is innovative.
20 years ago ? (Score:2)
So before 1991 malware wasn't innovative?
(I don't really know, I wasn't dealing with "windows" back then, but I was dealing with viruses.- I thought the disk-validator type virus was particularly nasty. Workbench 2 fixed that backdoor, but there were a lot of people running WB1.3 amigas.