We live dangerous times for computing...
http://www.f-secure.com/v-descs/sobig_f.shtml
Again, keep your machines (windows) up to date and protected with decent antivirus program.
Virus warning: Sobig.F
what's the trouble ? I never received a mail with such a funny attachement and if I would, I'd never open it anyway - why should I ?
Of course there is some danger for people who exchange data with just those general subjects if the adress is faked by the worm.
On the other hand, when following the link above, I couldn't help but think the company itself (or some 'freelancers') is responsible for that sh*t.
It's a tremendous amount of business they trigger by that hysteria.
My reasons: of course I was curious what's all that about, but before I got any information they suggested more than 5 times what a fantastic system they had, and if I wouldn't want to subscribe ?
The info finally was rather thin and the most dangerous action the worm takes is open your machine for downloading a trojan. But since that requires a certain port it can easily be prevented.
The more general denial of service attacks simply reveal the quality of the 'industry standard'. If anyone hangs his company systems on such a weak rope, well - he gets what he deserves.
Why the hell isn't anyone sueing the OS makers for their backdoors ??? Why is that simple note one the licence ...software can't be written ... blah, blah' not declared as non-businesslike by law ?
In any industry you're responsible for the damage you cause (at least to some degree), but not in IT.
my 2 cents, Tom
Of course there is some danger for people who exchange data with just those general subjects if the adress is faked by the worm.
On the other hand, when following the link above, I couldn't help but think the company itself (or some 'freelancers') is responsible for that sh*t.
It's a tremendous amount of business they trigger by that hysteria.
My reasons: of course I was curious what's all that about, but before I got any information they suggested more than 5 times what a fantastic system they had, and if I wouldn't want to subscribe ?
The info finally was rather thin and the most dangerous action the worm takes is open your machine for downloading a trojan. But since that requires a certain port it can easily be prevented.
The more general denial of service attacks simply reveal the quality of the 'industry standard'. If anyone hangs his company systems on such a weak rope, well - he gets what he deserves.
Why the hell isn't anyone sueing the OS makers for their backdoors ??? Why is that simple note one the licence ...software can't be written ... blah, blah' not declared as non-businesslike by law ?
In any industry you're responsible for the damage you cause (at least to some degree), but not in IT.
my 2 cents, Tom
How about introducing a 'surf license'. It would allow you to go online with a pc, like a driving licence allows you to drive a vehicle on the road. I get sick when I see people online, without (or even refusing to install) firewall or anti-virus.
By far the most of my friends' machines are infected with a virus, many have a nice collection running. Their anti virus software hasn't been updated since I've installed it on their machines. The firewall annoys them so they get rid of it, giving spammers & hackers carte blanche. Many don't even know how to do a Windows Update.
I got fed up with fixing other people's pc just because they are too lazy to install a firewall or virus scanner. Cos they don't care in the first place. Their ignorance annoys me so much they can now sort out their own misery. I don't care really if their pc attacks the winupdate site or infects fellow ignorants' machines. Most of them just want to download mp3's & play online games. And I'm no longer interfering with them. Ignorance is bliss.
By far the most of my friends' machines are infected with a virus, many have a nice collection running. Their anti virus software hasn't been updated since I've installed it on their machines. The firewall annoys them so they get rid of it, giving spammers & hackers carte blanche. Many don't even know how to do a Windows Update.
I got fed up with fixing other people's pc just because they are too lazy to install a firewall or virus scanner. Cos they don't care in the first place. Their ignorance annoys me so much they can now sort out their own misery. I don't care really if their pc attacks the winupdate site or infects fellow ignorants' machines. Most of them just want to download mp3's & play online games. And I'm no longer interfering with them. Ignorance is bliss.
sorry at0mic, I didn't want that - I have neither firewall or anti-virusOn 2003-08-23 11:57, at0mic wrote:
... I get sick when I see people online, without (or even refusing to install) firewall or anti-virus.
From time to time I use one of the promo virus checkers on mag CDs, but they never found anything.
I receive some spam, but since I've set activeX 'only on confirm' the amount seems to have dropped significantly.
Could it be the outdated Win98 stuff protects me ?
Well, and I'm supporting a small company network running without activated Firewall for a couple of years now.
I know this may read idiotic and ridiculous today, but please tell what an intruder could do in an Apple network under OS-8 and 9 with TCP fileservices deactivated.
I get your point in some practical context, but that's definetely the wrong way.
The internet has become a vital and crucial part in business today and it's not tolerable that software vendors publish such an insecure bs.
Or is it intended to promote that Digital Rights Manegement plague and take over complete control ???
be careful, Tom
-
paulrmartin
- Posts: 2445
- Joined: Sun May 20, 2001 4:00 pm
- Location: Montreal, Canada
I kind of agree with at0mic but with a different way of applying the idea. Maybe internet providers should include firewalls and anti-virus programs with the initial installation of the connection. Of course I realise that the initial cost of getting a connection would jump but the users would be more secure, right? One thing against that idea would probably be SUPPORT. I can imagine at0mic's friends all calling up support at the same time because their firewalls aren't responding the way they want. Internet providers don't want to spend the money for support, i don't think.
Anyways, people who get viruses are, most of the time, the ones who just don't READ. The computer's a toy or a business tool but it STILL COMES WITH A MANUAL!
(this message addresses itself to idiots who might stumble onto this page, maybe they'll learn something)
_________________
Paul R. Martin - Are we listening?
<font size=-1>[ This Message was edited by: paulrmartin on 2003-08-23 21:10 ]</font>
Anyways, people who get viruses are, most of the time, the ones who just don't READ. The computer's a toy or a business tool but it STILL COMES WITH A MANUAL!
(this message addresses itself to idiots who might stumble onto this page, maybe they'll learn something)
_________________
Paul R. Martin - Are we listening?
<font size=-1>[ This Message was edited by: paulrmartin on 2003-08-23 21:10 ]</font>
To astroman,
It's very often discussed whether antivirus programmers also write viruses. That would make perfect sense.. for awhile. But I know there are so many bad-willing virus writers that the professionals in these good-willing (and yes, money-making) companies are busy for only trying to help people.
And hey, they give a tool to clean these viruses (sobig and msblast) for free! (Ok, i didn't try but i think they are free)
To paulmartin,
Some providers in Finland do offer some anti-virus and firewall tools (for extra cost, of course) but it's a...doesn't work in the long run. Companies just cannot take the responsibility of making customers computers secure.
No car alarm or security items can make it sure nobody will steal it. No body guard will make sure nobody will shoot you. No antivirus make sure you won't get infected, no firewall makes sure you won't be cracked.
It's just what level of safety you are willing to take (and pay).
A free firewall does a good job, as having a secure email client and not opening ANY attachments prevents you from 97% of any viruses... but if someone really wants to harm you, (s)he will bomb your door and then no antivirus nor firewall helps...
It's very often discussed whether antivirus programmers also write viruses. That would make perfect sense.. for awhile. But I know there are so many bad-willing virus writers that the professionals in these good-willing (and yes, money-making) companies are busy for only trying to help people.
And hey, they give a tool to clean these viruses (sobig and msblast) for free! (Ok, i didn't try but i think they are free)
To paulmartin,
Some providers in Finland do offer some anti-virus and firewall tools (for extra cost, of course) but it's a...doesn't work in the long run. Companies just cannot take the responsibility of making customers computers secure.
No car alarm or security items can make it sure nobody will steal it. No body guard will make sure nobody will shoot you. No antivirus make sure you won't get infected, no firewall makes sure you won't be cracked.
It's just what level of safety you are willing to take (and pay).
A free firewall does a good job, as having a secure email client and not opening ANY attachments prevents you from 97% of any viruses... but if someone really wants to harm you, (s)he will bomb your door and then no antivirus nor firewall helps...
you're right, Spoimala - and my comment was more intended as some irony.
The exact reason why these programs work are for one part careless users pulling the trigger=double click before thinking, and on the other hand an OS that allows to hide the worm in it's own complexity.
Of course you could do the exact same thing on a Mac under OS9. An attached application gets exectued the same way and might also try to access running mail applications. But there's no way to hide this action.
It's not the point if Mac is better or not. It's just different and shows there are ways to have 'secure' internet handling.
There is absolutely no technical reason why the M$ OSes don't handle it in a similiar way, but instead open the complete machine to hidden remote access.
While we single users may care about protection of our systems, a company simply cannot, for time and complexities sake.
They HAVE to subscribe such services and I really don't understand why they do - all responsibles from the information departements know where the flaws are.
Still they don't complain about the source but fight the symptom and even pay for that.
cheers, tom
The exact reason why these programs work are for one part careless users pulling the trigger=double click before thinking, and on the other hand an OS that allows to hide the worm in it's own complexity.
Of course you could do the exact same thing on a Mac under OS9. An attached application gets exectued the same way and might also try to access running mail applications. But there's no way to hide this action.
It's not the point if Mac is better or not. It's just different and shows there are ways to have 'secure' internet handling.
There is absolutely no technical reason why the M$ OSes don't handle it in a similiar way, but instead open the complete machine to hidden remote access.
While we single users may care about protection of our systems, a company simply cannot, for time and complexities sake.
They HAVE to subscribe such services and I really don't understand why they do - all responsibles from the information departements know where the flaws are.
Still they don't complain about the source but fight the symptom and even pay for that.
cheers, tom
MS is walking on the edge of usability's razor: when made something easy and handy, the gap of insecurity is waiting...
Microsoft's biggest mistake (?) was trying to do as easy and maintainable OS as possible. With tons of automation possibilities and fully programmable applications... they just forgot that the doors that are hidden from end users are there, and easy to misuse for crackers.
One by one Microsoft is disabling (or making non-default actions) those features that were ground-braking and solemnly announced when they arrived.
Linux (and Mac) are said to be more secure, but who can say they are easier to use, giving more automation possibilities etc?
Microsoft's biggest mistake (?) was trying to do as easy and maintainable OS as possible. With tons of automation possibilities and fully programmable applications... they just forgot that the doors that are hidden from end users are there, and easy to misuse for crackers.
One by one Microsoft is disabling (or making non-default actions) those features that were ground-braking and solemnly announced when they arrived.
Linux (and Mac) are said to be more secure, but who can say they are easier to use, giving more automation possibilities etc?