US Leads the World In Malware Creation 126
PetManimal writes "Symantec says that China, Russia, and the other developing countries usually blamed for the increasing amount of malware are not the biggest culprits. The security software company released a report (PDF) claiming that the US leads the world in a number of malware categories, ranging from the 'amount of malicious activity originating from their networks' to 'underground economy servers.' Preston Gralla says the US lead should come as no surprise, considering the capitalist way of life and the high level of technical knowledge. He also suggests that the some of the 'criminals' may actually be Internet entrepreneurs who crossed over to the dark side: 'It's an inevitable result of a thriving free market and tech expertise. An underground economy often mirrors the legal, above-ground one. Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.'"
Old Scratch (Score:2)
Re: (Score:1)
Offshoring & downturn perhaps (Score:2, Insightful)
Re: (Score:1, Funny)
Never released it, though.
US leads world in baby-food manufacturing software (Score:2, Insightful)
Re: (Score:1)
Not just the US (Score:4, Informative)
In NA, its mainly spyware or extortionware.
From the East a majority of them are keyloggers, dialers.
Re: (Score:1, Insightful)
You're talking out of your ass.
Re: (Score:2)
Sure I'll bite, since AC trolls now get modded insightful.
Why don't you post your experiences to the contrary while logged in instead of AC?
Oh, you've got nothing to say?
I repair PCs for a living, and this is from my firsthand experiences of spyware ridden boxes, if you believe or have observed otherwise, do share.
Re: (Score:2)
I think the lack of paid up subscriptions for AV software in Russia may also show a lot being proxied there in bots. This alone may cause the assumption much of your SPAM is from some
Look who's calling the kettle black. (Score:5, Funny)
Re: (Score:3, Insightful)
Re: (Score:2, Funny)
Re: (Score:1)
These same employees were transferred and employed to creating and upgrading Symantec products. Thus leading to all products appearing like malware.
misguided? (Score:4, Interesting)
Is malware even illegal? How is malware different from say, an automatic update or some other less than desirable software? Just because something is annoying doesn't necessarily mean it's illegal and that the author is a criminal.
Re: (Score:2, Insightful)
Re: (Score:2, Insightful)
I assume you're thinking adware which is in rare cases only annoying, most cases privacy invading, and many cases illegal anyway.
Re: (Score:1)
Everything you want to know about Windows malware (Score:5, Informative)
In short order, you will probably have so much adware, malware, Trojans, and keyloggers on the VM, it's nearly impossible to ever clean it out (AFAIK you really can't with any reliability say that a machine once rooted is 'clean' until you zero the drive and reinstall from media). Monitoring the network connections and traffic that the VM makes is also pretty interesting. (Its easiest if you set up the VM's virtual interface with a different IP than the host machine's physical interface.)
If you want to go for a second round, Google "adware removal" and download or run the first half-dozen or so tools that you see; chances are at least some of them will make the problem worse.
The benefit of doing this in a VM is you can trivially roll the system back to an uncorrupted state, and just banish the thing altogether when you're done entertaining yourself. It really caused me to appreciate two things: one, reminding me why I don't use that OS at home, and two, the absolutely ridiculous amount of effort that must be spent (patching, updating, firewalling, antivirusing, user training) to keep the billions of Windows machines that people depend on from succumbing to the same fate in a matter of minutes.
Anyone who doesn't use Windows on a regular basis should do that every year or so, if only for the "there, but for the grace of God..." value.
Re:Everything you want to know about Windows malwa (Score:2, Interesting)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
The use of crackz and warez sites is just to accelerate the process. Unless you confine your browsing to only the most trustworthy sites on the net, you'll eventually get infected.
Re: (Score:1)
But anyway, I really only included that st
Re:Everything you want to know about Windows malwa (Score:1)
I think that you have hit upon it. A computer behind a NAT firewall can stay uninfected (even without AV software) if a user restricts her/his browsing to the more mainstream segments of the web. From my experience, computers with spyware/malware/trojans/viruses mostly have contracted the problem from at least one of the following ways:
Re:Everything you want to know about Windows malwa (Score:2)
Good thing I wasn't using VMWare-NAT (Score:1)
I prefer to let the VM's virtual network interface talk to the LAN and get its own DHCP lease and IP address, just to make it easier to determine what traffic is coming from the host and what's from the guest, if I want to analyze traffic at the router or somewhere else downstream. I'm not sure what VMWare's lingo is for this type of setup, but it's pretty t
Re: (Score:2)
Also, moot for this, but some malware behaves differently under VMWare. Not out of bugs, but to help prevent analysis.
Re:Everything you want to know about Windows malwa (Score:2)
I just listen to the Security Now podcast. Did you know about the virus-like behavior that simply arose because of a bug in Windows? It's called "Free Public WiFi" [wordpress.com]
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Engineers vs Programms (Score:3, Interesting)
adware and 'malware' at times.
a good software engineer, that is a 'real engineer' would refuse to create such a product, as they are sworn to protect the public interest at all costs.
A programmer mind you, unless they are ethical, goes where the money is.
Lets call the industry what it is, and the workers what they are. Engineers != programmers.
Engineers can be held accountable, in many ways. Programmers on the other hand, can always hide behind the shield of the corporation.
Re:Engineers vs Programms (Score:4, Insightful)
Oh yeah... that's right, they were mostly Engineers. Spare us the high-and-mighty talk. Just becuase there's an old Freemason-like order with fancy rings involved doesn't mean engineers are some kind of uber-moral fraternity.
No offense to the good-hearted engineers out there reading this.. I just don't like the uppity attitude of some 'engineers' who think that computing science, along with every other realm of human endeavour other than those blessed by the local Engineering faculty, are something akin to making cute little blocks with playdough.
Parent: get off your high horse. Lots of people, no matter their vocation, have to pay the bills, and some are just attracted to the darker side, no matter their training.
Re: (Score:1, Insightful)
You truly are out of your fucking skull. The idea that an engineer has to take any such oath is suppurating bullshit of the highest water.
Like some engineer's going to take a bullet for me (your words, "at all costs", not mine).
Resume playing with yourself.
Re: (Score:1)
Re: (Score:2)
More like some are attracted to money.
Any one else remember a similar story a while ago regarding most spam kings coming from the US too? (http://www.spamhaus.org/rokso/)
I think I see a pattern, I wonder if it has anything to do with the US being the birthplace of unrestrained capitalism?
Re: (Score:3, Insightful)
It is not your title ie engineer or programmer that makes you ethical - it is your beliefs and integrity!
Good engineer != ethical engineer unless you specifically define good to equal ethical in which case you have committed your statement to a state of circular definitions, and then your argument is effectively useless
The same would hold true for your 'real engineer' argument.
As for the line
Re: (Score:1)
Actually licensed engineers have additional standards they must meet, things that non-licensed engineers or programmers don't have to.
Re: (Score:2)
Yes but as you have admitted it's the "licensed engineer" not the "engineer" that requires an additional standard.
So my original statement stands the title "engineer" or "programmer" would have no legal bearing.
If you wish to contend that there is special circumstances for licensed engineers then you are modifying your original claim significantly from all good software engineers to only licensed engineers.
And currently there are not very many states or countries that require {or even have} software
Re: (Score:2)
Please note - this started as a discussion about software engineers not engineers in general. If you wish to expand this discussion from it's original scope ie software engineers then please make that intent clear. Taking a single sentence out of context and altering it's scope to encompass all engineers does not make for a clear intent.
*********
Many states require engineers in certain fields to have a license. Now while many of your post's statements do/may hold true for licensed engineers, they do not
Yeah, software! (Score:3, Funny)
Re: (Score:2)
(confused)
Re: (Score:3, Interesting)
I was watching a lecture by Neil DeGrasse Tyson wherein he made the point that the country that discovered something gets to name it. The Muslim world named most of the stars in the sky. The Greeks named most of the constellations. The US named most of the heaviest elements on the table, so we get names like Californium and Berkelium.
And since we made the Internet, we get to name it. That's why there's .co.uk and not .co.us. And it's also why .gov is the US government and not .gov.us. Just like every posta
Oh, yeah! Teh U-S Rulz! W00T! We Rock! (Score:5, Funny)
That said . . . in your face, China, Russia and the other developing countries - in your face!
Oh, and a slight aside to the /. eds - I suspect that both the Chinese and the Russian people would be *ahem* amused at having their respective countries referred to as "developing countries". Just sayin'
Re:Oh, yeah! Teh U-S Rulz! W00T! We Rock! (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
While I realize that there are philosophical differences over cultural values and all that, I think it's foolish to say we can't make judgments on what constitutes a "better" life.
I think, for example, that it's pretty fair to say that a life of hard labor in a concentration camp would suck ass compared to the life of just about anyone outside of said concentration camp.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re:Oh, yeah! Teh U-S Rulz! W00T! We Rock! (Score:5, Interesting)
"Invest in the 4th largest world economy. Before it's number 1. China"
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Numbers Game..... (Score:2, Insightful)
How many people buy a computer without knowing how to use one safely? How many of those people buy a computer and run around on the internet as administrator?
Anytime you have a large number of users who do not understand or care to secure their computers, you will have higher numbers of those users who have been owned.
Windows? (Score:4, Funny)
Re: (Score:1)
Re: (Score:1)
For the sake of completeness :
- If we all ran Multics there wouldn't be any malware
- Don't run punched cards you get in the mail
- Remember to reinstall from a clean set of tapes every week
Did I forget anything ?
Remove all financial incentives for malware... (Score:2)
Fat chance of that happening at all, huh?
Re: (Score:1)
Excellent! (Score:4, Funny)
wonder (Score:1)
Critical Problem? (Score:2, Interesting)
US Leads the World In Malware Creation!?! (Score:1, Flamebait)
Re: (Score:2)
For a day to day assessment for the USA's position with regard to DoS attacks, botnets, phishing, and scanning, check out this page [arbor.net] and look at the bottom chart. You can see the number one ranked country, ASN, and host for each category.
WTF? (Score:2, Interesting)
You could say the same thing about crack dealers or contract killers, am I supposed to be sympathetic to them too?
I'm not bothered by the legal aspects as much as the ethical ones. If someone is hurting someone else, they're doing something wrong. End of story.
LK
Re: (Score:1)
Not saying I disagree with you, but unless you are a pacifist, you can't really make a statement like that.
Also, what about in self defence?
I'm sure you could make an argument about the lesser wrongness, but I won't buy it.
Re: (Score:1)
I'm more of an isolationist.
Also, what about in self defence?
I'm sure you could make an argument about the lesser wrongness, but I won't buy it.
You don't have to buy it. I'm not trying to convince you.
If inaction will cause more misery and death than action, the only right thing to do is to take action.
If someone were trying to rape your wife or mother, she or you would be perfectly justif
We're #1! (Score:1)
And I'm Proud To Be an American... (Score:1)
And there ain't no doubt I love this land. God bless the USAAAAAAAAAAA!!!!</lee-greenwood>
And the difference is what, again? (Score:4, Insightful)
And they're different from the kind that run companies to the ground, create loopholes to avoid domestic workers, and fake their deaths to void convictions? Somehow the differences aren't stacking up.
It's an inevitable result of a thriving free market and tech expertise.
Apparently the Midwest hasn't gotten the memo on that one, since the 2001 recession is still going, continued by 2003's wave of job theft. There are some things that Ivy League economists will never understand. Thriving and "free market" somehow just aren't mixing in places that get the idea of not treating businesses like $DEITY.
An underground economy often mirrors the legal, above-ground one. Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.'
Wasnt that covered in Enron, Worldcom, HP (Hurd and Fiorina), and about any organization that uses loopholes to offshore work? That seems to point to a "misguided entrepreneur" as being one that has some morals left in them, not someone who's gone criminal.
This is my apprentice... (Score:1)
This is my apprentice, Darth Malware. He will find your lost revenue.
It's the other way round. (Score:2)
Scratch an entrepreneur who is willing to ignore good business practices and ethics to get rich quickly, and you'll most likely find a criminal.
Microsoft (Score:2)
Spot on (Score:3, Insightful)
I would say quite often in fact, but that's just my opinion. I think there is something in what serves as the basic moral code in American-style business, that makes it difficult to know where the line goes. Now don't take this as an attack on Americans or even America in general, but the kind of business ethics that is tought to American MBAs etc, is scarily devoid of what normal people would consider good moral.
I once read about a class situation at one university - I don't recall the exact circumstances, but perhaps somebody else recognises it. The professor asked the class 'You are in charge of marketing a new medicine, and you receive reports that this medicine may be dangerous. What is the right thing to do?' Most would say things like 'We have to hold back and find out whether this product is actually dangerous and perhaps stop selling it' - but the 'right' answer, according to the professor was 'You keep on selling as much as possible until the company is forced to stop. Your only concern should be the shareholders' profit'
This story, I think, tells just how twisted things can be. When young people are told that they have to commit moral and ethical suicide like this, how should they be able to see the fine line between being a creative entrpreneur and an outright criminal? If the size of the profit is what determines how 'right' or 'good' your actions are, then surely crime is perfectly justfied law abiding citizens are simply idiots, little better than cattle?
Re: (Score:2)
Re: (Score:1)
Hold on there, Comrade... (Score:2)
Um, what? Perhaps he means that since we have food to eat and our basic needs are taken care of, that we naturally spend our time writing malware. Apparently people should never have liberty and prosperity, since they obviously lead to (or are intrinsically) vice!
How about reporting what percentage of a country's total software output is malware? Or at the very least, acknowledging th
Collaboration is actually distributed by now (Score:1)
Say what?! (Score:4, Interesting)
If Americans did have a high level of technical knowledge, the amount of spyware infections (and related matters) would be significantly lower. Considering we lead the world in malware creation, that argues for a lower level of technical knowledge.
Punch the monkey to win money! Give us your email address and we'll send you free offers! Install this program to prevent infections!
Let's put it this way: I went to the dentist recently and the girl who was going to scrape my teeth asked what I did and where I worked. When I told her I work in IT and for a specific government agency, she said that she wished she knew more about computers but she didn't have the time to figure them out.
So, we have someone who admits they don't know enough about a subject yet aren't willing to take the time to learn more about it. Yup, this America. If it isn't easy, we're not interested.
Re: (Score:1)
1.) The US does have a fairly high level of technical knowledge. Perhaps the average person off the street couldn't write malware, but there are tons of self-taught and university educated people in the US that could. The knowledge required is widely available and not too difficult to procure.
2.) Just because someone would like to know more about something but doesn't take the time to learn about it hardly means they're lazy or stupid. It simply means their priorities are different. I'd love
wooo! (Score:2)
Malicious Activity, not Malware! (Score:4, Insightful)
We're Number One! (Score:2)
We're Number One! (Score:1)
Well, it's kind of natural given the new economy. (Score:1)
The past six years has been rather hard on the American programmer.
We were pretty much always looked down on by the rest of society as a bunch of geeks, and no small number of us were picked on growing up just because we were studious and not particularly into sports. For a few years in the late nineties, we got a little bit of respect, and it was good. But we got deluged with carpetbaggers who claimed to be programmers after a weekend HTML course, until the word "programmer" barely meant
Re:Well, it's kind of natural given the new econom (Score:1)
It seems all the sciences/engineering/tech fields got hit. Anything where lots of effort went into training.
I can understand the businessmen and their concerns about getting cheaper skilled labor. Its the same concern I have when I can get cheaper stuff.
My main concern is with Congress, and how they've been passing all this one-sided law.
Outsourcing labor, Fine! But what happens if I try to buy a CD which is cheaper in China than here? Can't do that! Its a
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2, Funny)
Criticism is equal to hate when your IQ is below 60. Or if you're a member of the Bush administration.
Sorry for the repetition.
Re:No surprise here. (Score:5, Insightful)
Since September 11, 2001.