×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

250 comments

vlad (-1)

Anonymous Coward | more than 2 years ago | (#36112734)

i don't see what this story has to do with vlad and his constant farting

My understanding of this... (-1)

Anonymous Coward | more than 2 years ago | (#36113764)

My understanding of this is that this is more about the shit-eating than the farting. But what the fuck do I know.

And this is a surprise? (3, Insightful)

black6host (469985) | more than 2 years ago | (#36112738)

What would one expect as usage of XP decreases and Win7 increases?

Re:And this is a surprise? (5, Insightful)

Khoa (935586) | more than 2 years ago | (#36112774)

What would one expect as usage of XP decreases and Win7 increases?

The changing usage rate between the two OS's is controlled for. FTFA: It's infection rate per 1000 machines.

Re:And this is a surprise? (0)

Anonymous Coward | more than 2 years ago | (#36112908)

That's odd, I don't see it controlling for more people with a complete lack of computer skills switching operating systems.

Re:And this is a surprise? (1)

Anonymous Coward | more than 2 years ago | (#36113034)

Nor does it account for malware authors tailoring their crap for Win7/Vista instead of wasting time on XP.

FWIW, XP infections tend to be far worse than the stuff that does get on Win7 and Vista. Nasty rootkits/viruses exist for both, but XP has its system files hijacked much more frequently, it seems. Most Win7/Vista infections I come across are just fraudware. Still annoying, still not a good thing by any stretch of the imagination, but at least they are easier to clean up.

Re:And this is a surprise? (0, Flamebait)

Anonymous Coward | more than 2 years ago | (#36113260)

That's odd, I don't see it controlling for more people with a complete lack of computer skills switching operating systems.

Is Microsoft marketing still using this script?

The day you guys come up with something apart from "Blame the operator" is the day Microsoft has a chance of making a secure OS.

Re:And this is a surprise? (2)

Mordok-DestroyerOfWo (1000167) | more than 2 years ago | (#36113344)

A drunk driver smashing his car whether it be a Pinto (XP), a Gremlin (Vista), or a Toyota (7) is still at fault even if the basic design of the car may lead to more serious consequences. There is no service pack for sheer idiocy and short of a walled garden stupid people will always find a way to get themselves infected.

Re:And this is a surprise? (1)

CapOblivious2010 (1731402) | more than 2 years ago | (#36113500)

Absolutely right - stupid people will always find a way to get themselves infected.

So, by my amazing powers of deductive reasoning, I conclude that we need to find a way to help people NOT be stupid! Now we could just tell them not to be stupid, but that's not going to help much (but apparently it makes you feel all superior, so that's a plus I guess). We could send them to class to learn all about rootkits and system files and malware and phishing and whatnot... but most people wouldn't go, and the few that did probably wouldn't remember most of it. So probably the best we can do is try to make it clear what's potentially harmful, and what's not.

Sadly, though, MS is terrible about this - there are too many easy ways to get infected ("would you like to install this codec?") and too many things that are perfectly harmless yet still pop up scary-looking warnings (ever tried opening an XML file in IE?). MS apparently thinks that if they pop up warnings everywhere, then whatever happens they can just blame the user.

...and I bet you thought you'd never agree with MS on anything!

Re:And this is a surprise? (1)

CrazyDuke (529195) | more than 2 years ago | (#36114030)

"MS apparently thinks that if they pop up warnings everywhere, then whatever happens they can just blame the user"

Hey, that's how it works in office politics. Management tells everyone to do foo, not bar. Then, actively impedes the careers of people unless they do bar, not foo, even promoting those that do it well. ...all off the official record, of course. Then when shit happens, management says, "Look; we told them not to do it, not our fault!"

"...(but apparently it makes you feel all superior, so that's a plus I guess)."

Actually, it makes me feel very, very goddamn lonely. In the jungle at night and you can hear the predators circling alone. ...nothing super about it.

But, for what it's worth, I consider ignorance to be a status (I don't know. But, I can find out!), and stupidity (I don't know, and I don't care!) to be an attitude.

Re:And this is a surprise? (3, Insightful)

smash (1351) | more than 2 years ago | (#36114150)

There's no reason codecs (or ANY SOFTWARE) installed on linux or any other OS can't own the user's data or operating system either.

There are three ways people get owned: remote exploits (count the number on 7 vs linux in the past 2 years - they're not so far apart), application exploits (again, count em) and user stupidity (no solution, other than sandboxing the user to contain the damage).

Even with a sandboxed app, it still has access to all of the data you have in the sandbox. If you've downloaded and installed a "virus scanner" and enabled it to access your entire filesystem, you're fucked.

Re:And this is a surprise? (3, Insightful)

TheCouchPotatoFamine (628797) | more than 2 years ago | (#36113516)

This is nonsensical. But to extend your analogy, it's as if microsoft's vehicle has no brakes. nothing to stop the user from smashing into anything after they've touched the gas. You act like it's just perfectly normal that drive-by downloads from IE aren't avoidable by a bit of proper engineering from the "car maker".

While it's possible for user to be misguided, the majority of errors come from the computer being complicit in allowing bad actions to happen merely so that a fringe of "convenience" can let users operate without having to remember their passwords, for instance.

Marketing wins over engineering, and THAT'S why you have crap OS's and apps that have exploits attached, like burrs. Walled gardens from single corporations aside, communities SHOULD run app-repositories of trusted code and that's obvious. Bad engineering, both technical and social...

Re:And this is a surprise? (0)

Mordok-DestroyerOfWo (1000167) | more than 2 years ago | (#36113802)

I tend to agree with you on all of your points, I switched my parents to Ubuntu several years ago and haven't had more than two service calls since. While I'm certainly no Microsoft apologist, I do in my own cynical view hold users somewhat responsible for irresponsible behavior. To use a labored non-car metaphor, it is definitely legal to walk through downtown Detroit at midnight wearing all of your bling and bragging about how much money you have, but the rational side of you has to assume that there is going to be trouble. There is nothing inherently wrong with running XP sans service packs, IE6, and clicking "yes" on every dialog box that pops up, but you have to share some of the responsibility for your actions.

Re:And this is a surprise? (2)

smash (1351) | more than 2 years ago | (#36114158)

Give them root access / log them in as root for a fair comparison to the typical windows user's setup and see how long that lasts.

Re:And this is a surprise? (1)

smash (1351) | more than 2 years ago | (#36114122)

he day you guys come up with something apart from "Blame the operator" is the day Microsoft has a chance of making a secure OS.

If you're running as a non-admin with UAC and firewall on, win7 is as secure as anything else.

If you're the type of person who sees "free shit" (trojans) and runs to install them because they're free, you're going to get owned irrespective of what you run. Linux (or OS X for that matter) doesn't get this type of infection yet because it isn't targeted in this manner yet.

Re:And this is a surprise? (1)

Anonymous Coward | more than 2 years ago | (#36112928)

Without any evidence to back my statement up, I would make the assumption that more XP machines are in a corperate environment and more Win7 machines are in a home environment. Corperate environments are usually controlled and less likely to get malware.

Re:And this is a surprise? (5, Informative)

Missing.Matter (1845576) | more than 2 years ago | (#36112968)

While the article says that the number of Win7 infections have gone up while the number of WinXP infections has gone down, the infection rate on XP is still higher at 14 per 1000 compared to 4 per 1000 in Win7.

Re:And this is a surprise? (3, Interesting)

sortius_nod (1080919) | more than 2 years ago | (#36113202)

Corperate environments are usually controlled and less likely to get malware.

That's not true at all. Having worked support in various corporations I can assure you that the infection rate is still very high. I remember working for a large bank and they had conficker on 1500 servers and 20000 workstations. This is supposed to be a sterile environment as it's a bank, not so. Where you have staff who aren't exactly computer literate you will have large infection rates.

Re:And this is a surprise? (1)

Labcoat Samurai (1517479) | more than 2 years ago | (#36113412)

less likely

That's not true at all. [...]the infection rate is still very high.

So... minor nitpick, but he didn't say it wasn't high, he said it wasn't *as* high. Are you saying that the infection rate is equivalent? I mean, by pure virtue of people looking at more porn on their home computers than work computers, I'd expect it to be lower, even if you don't account for security and firewalls and whatnot that are erected as IT practices.

Re:And this is a surprise? (1)

Dthief (1700318) | more than 2 years ago | (#36112962)

yes, but fewer are making malware for XP, because of the lower usage and move to Vista & 7 so although the numbers are normalized, the obvious trend of people focusing on the more popular versions to infect is exactly what one would expect "as usage of XP decreases and Win7 increases"

Re:And this is a surprise? (1)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#36112998)

Depends on how OS agnostic the malware is: For basic trojan/social engineering style stuff, I would tend to expect that anything designed to work with 7's somewhat tighter security structure would also work with XP. Only for things that require exploits specific to particular versions would a focus on 7 be directly protective of XP.

I suspect that the fact that 7 now means "home user" while XP is increasingly the domain of control-freak corporates has a lot to do with it.

In other news, Model-T fords (1)

unassimilatible (225662) | more than 2 years ago | (#36113088)

have less accidents than Honda Accords, per 1000 vehicles. Hmm....

Re:In other news, Model-T fords (1)

rhook (943951) | more than 2 years ago | (#36113540)

If you read the article you will see the XP has 14 infections per 1000 machines while Windows 7 only has 4 infections per 1000 machines.

Re:And this is a surprise? (1)

cpu6502 (1960974) | more than 2 years ago | (#36113176)

If this keeps-up my WinXP computer will actually be *safer* than the my recent Win7 purchase.

Of course the safest OS I own is GEOS-64. No viruses whatsoever on 8 bit machines! And the second-safest is the 64-bit AmigaOS (because very few use it). Looks like XP is headed down the path of security through obscurity.

Re:And this is a surprise? (1)

golem100 (581505) | more than 2 years ago | (#36113800)

Oh Yea? Think again Buckwheat! I've got a little "zoo" of well over 20 unique Boot Sector Virii for the C=64. I have well over a a hundred virus variants for the Amiga... [then again--I was a Production Engineer at Commodore responsible for the Duplication Masters] If ever you get too smug with your Mosaic/Voyager Browser on a network segment that I control--you will see GURU Meditation so fast the the capacitors in your Monitor will POP! As for GEOS--got the source code. I'm sure there is something "interesting" that could be exploited at 2400 baud... [anybody got a simulation of Quantum Link running???] Now, VMS 3.5, there was a "virus proof" OS... No wait--3 of the 5 machines on my cluster got the Morris Worm--Sigh!

Re:And this is a surprise? (1)

Luckyo (1726890) | more than 2 years ago | (#36113470)

Point is that much if not most of modern malware is done in the name of profit. As a result, the higher installed base goes, the more effort will be done to infect the machines.

In this regard, both absolute amount and amount proportional to total installed base should shift towards w7, as has happened.

Re:And this is a surprise? (0)

Anonymous Coward | more than 2 years ago | (#36113542)

The changing usage rate between the two OS's is controlled for. FTFA: It's infection rate per 1000 machines.

And what's the point? I bet Commodore 64s have a lower infection rate per thousand as well. I'm just saying this isn't a surprising outcome and I honestly don't know why anyone would expect anything different.

Re:And this is a surprise? (-1, Offtopic)

VortexCortex (1117377) | more than 2 years ago | (#36112894)

Would one expect that overall total infection of Windows machines to increase 10%?

Wouldn't 30% - 20% == 10% ?

Of course not, W7 is the most secure operating system MS has ever made.

Re:And this is a surprise? (0)

Anonymous Coward | more than 2 years ago | (#36112924)

You, good sir, do not understand how percentages work. At all. XP installed base is probably much bigger than Win7, so 20% XP may be > 30% Win7. Also, it is interesting to see this, as it gives you an estimate of how much and how fast hackers target a new OS based on installed base.

Re:And this is a surprise? (1)

sjames (1099) | more than 2 years ago | (#36113078)

There are way too many confounding factors. First, the rates are based on detection by a single tool (where it is installed) without knowing the absolute numbers (rather than per 1000) it's hard to say much about the overall condition.

It could mean an absolute drop in infections, a simple shift in infections, or even that virus writers are getting better at evading the Malicious Software Removal Tool.

Re:And this is a surprise? (0)

Anonymous Coward | more than 2 years ago | (#36112930)

You can't just add and subtract percentages unless they're percentages of the same number. I don't think the number of Windows 7 systems is equal to the number of Windows XP systems.

Re:And this is a surprise? (1)

Gadget_Guy (627405) | more than 2 years ago | (#36114134)

Wouldn't 30% - 20% == 10% ?

It does not work that way. In absolute numbers the XP infection rate went down from 18 to 14 PCs per 1000, while Windows 7 went up from 3 to 4 PCs per 1000. If you say it in percentages then it seems like the infection rate went up more than it went down, but look at the actual figures and you find the reverse. This is a bit of a misleading article really, because a drop of 3 PCs per 1000 does not equal an increase of 10%.

Also, when you read the security report you see that the most commonly detected threat family was JS/Pornpop, which is the javascript trickery to get porn advertising to pop-under you other windows. Including that sort of vulnerability is a bit silly really.

Probably the most notable finding (to me at least) was this good news story about Adobe security:

The number of Adobe Acrobat and Adobe Reader exploits dropped by more than half after the first quarter and remained near this reduced level throughout the remainder of the year.

Re:And this is a surprise? (-1)

Anonymous Coward | more than 2 years ago | (#36112898)

Fanboy excuse du jour

But but but Windows 7 and security and sandboxes and aslr and blah blah blah. Face it, Windows is as holey as swiss cheese. Nothing has changed and as long as you fanboys keep believing that $WINDOWS_NEXT will cure all the problems of $WINDOWS_NOW it won't ever change.

What's that? Do I hear them Windows 8 drums beating off in the distance?

Re:And this is a surprise? (1)

kevinmenzel (1403457) | more than 2 years ago | (#36113064)

You're assuming that the OS is the biggest hole. It's not. The USER is. No amount of protection will stop malware instalation that the user initiates. If they want to see that video their friend posted on facebook of Osama being shot, they damn well will do whatever they need to. What's that? New video codecs are needed? OK download this, install as admin... Do you seriously think the same thing couldn't happen on Linux? Or OSX? "You must download this file and type sudo blah blah blah at the console..." So long as the user has administrator access to their machine, they are the biggest attack vector. You can solve this problem in two ways. A) Walled garden. So, for instance, iOS. Because - by design - the user isn't intended to admin their iOS device - an exploit first has to be found that specificially allows the user to admin the machine as part of an attack. These vectors exist, but there aren't as easy to exploit as if the user had the ability to admin by design. B) Eliminate all the stupid users. This is frowned upon by society. Seriously - how many people can be convinced to follow an arbitrary list of steps in order to fix a problem that is bugging them? When Apple made the top menu bar transparent in OSX, there were many pages with a list of instructions on how to adjust this - but how many people who followed those lists REALLY understood those lists? Do you think if someone had made "OSX Transparency Util" which was actually malware and included "1) Download OSX Transparency Util" and "2) Install OSX Transparentcy Util as Admin" as the first two instructions - people would stop and thing "No... no... I shouldn't do that..."? If the util actually did what was advertised - hey - bonus! And probably not difficult to code! The "People want x, so I'll promise to deliver x, and give y" is a huge problem in the Windows world. But I don't see how Microsoft - or anyone designing any OS for home use - is supposed to stop this. Users can install user-mode malware, and users with admin access - even if they aren't admins - can probably elevate their current access, if they know an admin password, to install system-level malware.

Re:And this is a surprise? (1)

oakgrove (845019) | more than 2 years ago | (#36113196)

couldn't happen on Linux? Or OSX?

Seems to me the exploit writers would have a much harder time if the market was split between a half dozen linux distros, windows, os x, android, chromeos, and the ipad. I'm doing my part.

Posted from my Xooml

Re:And this is a surprise? (2)

hairyfeet (841228) | more than 2 years ago | (#36113216)

Not to mention TFS is badly written. if you look at the actual figures Win 7 32 bit infections rose from 3 per 1000 to 4 per 1000 whereas XP went from 18 infected per 1000 to 14 per 1000 which is pretty damned good numbers for Windows 7, especially considering how many completely clueless users are picking up Windows 7 right now. So to only have an infection rate of 4 per 1000 when you have the "granny demographic" that still haven't figured out the difference between memory and HDD space? I'd say those numbers are excellent.

And if there are any MSFT devs here? Please for the love of all that is good and decent in the world don't fuck shit up for Win 8 okay? you FINALLY after all these damned years came up with a kick ass UI that lets those with years of experience work faster while still letting those like my dad that are clueless find things easily. It is intuitive, it is nice, it runs great and is stable. So look, I know you guys have a tradition of borking the OS after a good release, but just....just don't, okay?

If you want a killer feature for Win 8 old Hairyfeet will give you one, make something like Homegroup so those like my dad can simply connect their work and home PCs without knowing more than "clicky clicky" and a password/dongle combo. Just have it save an encrypted token onto any flash stick so they can bring it home and plug it in, answer a few questions, and have access to their files from work. That would be kick ass and easily worth paying to upgrade to Windows 8 WITHOUT borking everything. So please, you have a good thing here, don't fuck it up!

Re:And this is a surprise? (1)

CastrTroy (595695) | more than 2 years ago | (#36113286)

I got a feature. Multiple Desktops. Unix/Linux has had this feature for longer than I can recall. I wish Windows would support this natively. No, none of the current hacks that provide similar functionality work as well as the same features on Linux.

Re:And this is a surprise? (1)

hairyfeet (841228) | more than 2 years ago | (#36114012)

Ya know, I've heard Linux guys blab about this one for but you know what? We Windows users DO NOT WANT and have no desire for alt tabbing all over the damned place. I mean I have to deal with users that won't open control panel because they think it is scary, can you imagine what kinds of support calls you'd be getting if shit could open on desktop 3 and they are on desktop 1?

But if you truly want that shit you CAN have it without a bunch of hacky bullshit. Hell you can even have the desktop look and act like KDE on gnome if you want. As with everything in Windows (and Apple from what I've been told) you simply have to pay a third party for that, as natively you get one way and one way only.

So here you go friend [astonshell.com] have fun, no need to thank me. The program you want is fourth from the top, they even have a 30 day free trial. light on resources, solid as a rock, but if you want the whole smash I'd go ahead and pick up the shell replacement along with the virtual desktop, as they really mesh together well and give you pretty much complete control over the UI. Personally I like the new Windows 7 UI enough it is the first time I've ever not switched out my shell, and this is someone that ran BB4Win way back in the day since I hated the Win UI. I'd say they finally nailed it so most likely they'll completely bork it up again for Windows 8, sigh. At least Win 7 is supported until 2020 so by the time Windows 9 rolls around it ought to be good again.

Re:And this is a surprise? (1)

drsmithy (35869) | more than 2 years ago | (#36113234)

What would one expect as usage of XP decreases and Win7 increases?

The commonly accepted "wisdom" on Slashdot is that marketshare is irrelevant. Ergo, infection rates should not change.

Re:And this is a surprise? (0)

Anonymous Coward | more than 2 years ago | (#36113602)

That the infection rates stay the same? Or are you suggesting that antivirus users don't upgrade to 7?

Yes but... (0)

Anonymous Coward | more than 2 years ago | (#36112748)

Does it run Linux?

Sensationalist article much? (4, Insightful)

ferongr (1929434) | more than 2 years ago | (#36112780)

TFA: As ComputerWorld reports, during the second half of 2010, the data shows that 32bit Windows 7 computers were infected at an average rate of 4 PCs per 1,000, compared to 3 PCs per 1,000 that took place during the first half of 2010.

A difference of 1 thousandth is beyond statistical significance. How did this entry even get to the frontpage? It boggles the mind.

Re:Sensationalist article much? (1)

Anonymous Coward | more than 2 years ago | (#36112878)

It's a small percent of a HUGE number. Windows 7 has sold over 300 million copies so far. Is an increase of 300,000 infected PCs really insignificant to you?

I'd like a difference of one thousandth of the US federal budget to go to me. It's "beyond statistical significance", so no one will care, right? Hell, I'd settle for just a thousandth of Bill Gates' remaining net wealth.

Re:Sensationalist article much? (0, Informative)

Anonymous Coward | more than 2 years ago | (#36112938)

I'm not sure you understand statistics very well.

Re:Sensationalist article much? (1)

Anonymous Coward | more than 2 years ago | (#36112984)

Depends on the sample size. If the actual rate has increased by 0.1%, then yes, it's significant. If the infection rate for 10,000 computers climbed from 30 to 38, I'm not sure if the data can fairly be generalized to represent an actual change. The article mentions the numbers come from microsoft, but actual statistics are sorely lacking.

Lies, Damn Lies,etc.

Re:Sensationalist article much? (3, Informative)

John Hasler (414242) | more than 2 years ago | (#36113006)

That is not a difference of one thousandth. It is a difference of 33%.

Re:Sensationalist article much? (0)

Anonymous Coward | more than 2 years ago | (#36113084)

That is not a difference of one thousandth. It is a difference of 33%.

And its a difference of INFINITE percentage compared to the first half of 2009!!!!

Freaking people and their misleading way to present data.

Re:Sensationalist article much? (1)

dhavleak (912889) | more than 2 years ago | (#36113264)

Not sure if you're joking or serious. You know it's both right? 3 thousadths of win7 PCs used to be infected, now 4 thousdandths are infected. That's a difference of 1 thousandths, or 33%, depending on how you choose to represent it.

Lastly -- that's only for 32-bit win7. 64-bit win7 is more resiliant according to the article, but not enough data to work out exactly what that means (before and after numbers from x64 win7 not provided, relative installed base of 32 and 64 bit win7 not provided).

Re:Sensationalist article much? (1)

Idbar (1034346) | more than 2 years ago | (#36113432)

That is actually a one thousandth difference. You're mistakenly confusing it with a 33% "increase". You may as well go ahead an say it was a whole 100% computer.

Re:Sensationalist article much? (0)

Anonymous Coward | more than 2 years ago | (#36113042)

TFA: As ComputerWorld reports, during the second half of 2010, the data shows that 32bit Windows 7 computers were infected at an average rate of 4 PCs per 1,000, compared to 3 PCs per 1,000 that took place during the first half of 2010.

A difference of 1 thousandth is beyond statistical significance. How did this entry even get to the frontpage? It boggles the mind.

mod up parent

Re:Sensationalist article much? (1)

Anonymous Coward | more than 2 years ago | (#36113086)

Oh noes, noobs on statistics! The other Cowards brought it up, here's my take:

A difference of 1 thousandth is beyond statistical significance.

A difference of 1 thousandth is a difference of 1 thousandth. This difference may or may not be statistically significant, as significance just means that something is unlikely (which has to be specified further) to have occurred by chance.

4 PCs per 1,000, compared to 3 PCs per 1,000

But a rise from 3 to 4 is an increase of one third. The question is: is this huge increase statistically significant--or is it mere chance?

Huge sample size (1)

pavon (30274) | more than 2 years ago | (#36113186)

According to the Microsoft Report [microsoft.com] this is based on a sample size of 600 million computers. That is plenty large enough for the results to be statistically significant.

It was trollish for the summary to omit that Windows 7 still has 1/5 of the infection rate of Windows XP, though.

Re:Sensationalist article much? (2)

stms (1132653) | more than 2 years ago | (#36113230)

What boggles my mind is that Microsoft can announce "3 or 4 in 1000 computers running Windows are infected" and think anyone will believe them.

Re:Sensationalist article much? (1)

dhavleak (912889) | more than 2 years ago | (#36113304)

I could believe them.. you think it's less than that? I know Win7 is pretty rock solid, but users will still find ways to defeat security measures, y'know..

RTFA (0)

Anonymous Coward | more than 2 years ago | (#36112788)

Seriously windows 7 went from 3/1000 to 4/1000 on 32bit and 64 bit is hovering around 2.5/1000 xp is something like 14/1000 down from 18/1000 i imagine because the people with those really infected computers had to go out and get new ones with windows 7.

Re:RTFA (3, Insightful)

snowraver1 (1052510) | more than 2 years ago | (#36112834)

I have a HARD time believing that only 14 in 1000 windows XP machines are infected.

Re:RTFA (4, Informative)

Penguinisto (415985) | more than 2 years ago | (#36113020)

I have a HARD time believing that only 14 in 1000 windows XP machines are infected.

The reason why they came up with that number is in TFA:

"Microsoft calculated the infection rates using its Malicious Software Removal Tool (MSRT) by detecting and deleting selected malware such as fake antivirus programs, worms, viruses, and trojans."

In other words, they used their internal tool, which would certainly not catch all the bugaboos lurking in a given box.

Re:RTFA (0)

Anonymous Coward | more than 2 years ago | (#36113070)

In other words, they used their internal tool, which would certainly not catch all the bugaboos lurking in a given box.

And more importantly, wouldn't include unlicensed installations.

Re:RTFA (2)

MobileTatsu-NJG (946591) | more than 2 years ago | (#36113256)

I have a HARD time believing that only 14 in 1000 windows XP machines are infected.

That's because you read a lot of sensationalist Slashdot headlines.

Re:RTFA (5, Interesting)

hairyfeet (841228) | more than 2 years ago | (#36113438)

Let this old PC repairman enlighten you as to why those numbers as so low on XP. It is because the data is collected using the Malicious Software Removal Tool, which any repair guy that has had one of the bazillion "Razr1911 WinXP Pro Corp SP2" boxes cross their desks know that they all have Windows Updates turned off (to keep from getting WGA'd) and are infected with more viruses than a Bangkok Whore.

I'd love to see the numbers of XP infections pre WGA and after, along with how many pirate versions are out there. Because while I can understand MSFT wanting to stop piracy (but IMNSHO they royally fucked up by getting rid of the Win 7 HP $50 upgrade, as that thing turned more pirates into legit users than I'd ever seen) but anyone who has worked repair for any length of time knows there are a shitload of pirate Windows out there and nearly all have updates off.

It isn't just the "Crazy Dave's house of whitebox" BTW, it is all those that decided they didn't want to pay for an upgrade that got their "smart PC friend" who has every Razr1911 version on a spindle, and there are even plenty out there that have legit keys that aren't being used because the guy they took it to has a Razr1911 automated install and simply never bothered to change the keys, or the box had XP Home and all they had was the Razr XP Pro. Finally you have all those pre Vista Cheapo Best Buy and other retail joints that have autoupdates turned OFF for some damned reason, probably to cut down on those "OMG my PC has a yellow thing in the right corner OMG!" support calls.

In the end I can tell you I probably get 3 minimum cross my desk a week that haven't ever seen an update, and most are infected all to hell. I see so damned many PCs missing tons of updates that I keep WSUS Offline [wsusoffline.net] on my network fully loaded with every update for every OS from Win2K Pro to Win 7 X64, just so I don't have to waste time and bandwidth on updating all these damned machines. MSRT might give you a tiny taste of what is going on, but since WGA I'd say its data really isn't worth much.

Not just windows 7 (-1, Troll)

Anonymous Coward | more than 2 years ago | (#36112794)

Kathleen Fent's infection rate has also climbed. DO NOT BAREBACK.

people will say OK to anything (0)

Anonymous Coward | more than 2 years ago | (#36112808)

The problem is the expectation that users will know when to say yes to a UAC prompt. Until users start saying cancel to UAC prompts they don't fully understand, malware will only increase.

If you don't know, don't pres OK.

Re:people will say OK to anything (0)

Anonymous Coward | more than 2 years ago | (#36112946)

OK.

Re:people will say OK to anything (2)

0123456 (636235) | more than 2 years ago | (#36113156)

The problem is the expectation that users will know when to say yes to a UAC prompt. Until users start saying cancel to UAC prompts they don't fully understand, malware will only increase.

Have you ever seen a UAC prompt you do understand?

Normally it's along the lines of 'Do you want to allow TrojanHorse.exe to: Access local disk?' What the hell is that supposed to mean? Is it trying to write to a file in its own Program Files directory, or is it trying to overwrite Windows core DLLs and install a root-kit? If I can't tell, how can Joe Sixpack?

Re:people will say OK to anything (2)

kevinmenzel (1403457) | more than 2 years ago | (#36113352)

I understand that I'm being asked to trust the actions of "TrojanHorse.exe". Which is what UAC really does - tells the user that the application is about to do something that requires you trust the application. It doesn't tell you what that application is going to do, just asks "Hey, do you trust this? It's doing things which are outside the bounds of normal trust". So the question isn't "Can I understand the prompt" per se - because it's always a relatively simple question. More often it's a question of "Should I trust this program?". On the install end, most installers throw UAC, so it's not particularly helpful. But these days, most applications DON'T throw UAC during normal operation. So the utility of UAC is "Before I click yes to this, I should reevaluate that I trust this program, because it's asking for special permissions to do something".

Some programs are going to require admin access to do certain things. The programs that the average slashdot user might use are actually probably more likely to legitimately require elevation to run properly compared to the programs the average user SHOULD be using. So it's actually probably harder for us - given the prompt's lack of detail - to reevaluate that trust - but it's - generally speaking - more black and white in normal user land.

It's not perfect. UAC could give more details, and then us nerds could create websites saying "Oh, app such and such asking for x, y, but not z is probably reasonabl" and then users could check the list, and blindly follow it... but is that better for them? Another list to blindly follow?... I dunno. This is why ChromeOS and iOS and the like take off with users. Any admin type access is "omgbad". That will never be true on a system that you actually administrate.

(UAC has the benefit, btw - of not actually just being "Cancel or Allow" if the user faced with the prompt is a normal non-admin user. It requires elevation to an account with that access. So if Joe Sixpack has a son that knows computers - maybe Joe should be running as a non-admin account - but I'm not going to ask that every machine in the world has users shipped as non-admin accounts as default - because those users are also the admins of those machines, and will have the admin password anyway... so... it doesn't actually change anything in that scenario, it's just replacing "press ok" with "type Username/password and press OK" - which is frankly, the same thing.)

what is malware? (1)

stanjo74 (922718) | more than 2 years ago | (#36112826)

In other words, software written to run on Win7 runs on Win7. If I run a malware and it infects my files, is this MS problem? And what is a malware - is Symantec Antivirus malware - it sure does slow my computer down. Did any malware infect system files without user permission - this is the question. There is no answer...

Re:what is malware? (2)

CannonballHead (842625) | more than 2 years ago | (#36113002)

This. It's hard to criticize a company for users who are ignorant or stupid (the former is understandable; the latter isn't). Statistics that are generic like this COULD point to something... but they might not, too. For example, if I came up with a statistic that said that Ford cars were crashed 10% more often than Chevy cars ... well, *maybe* there's a defect in Ford cars. Or maybe more Ford drivers are insane. Who knows?

Unfortunately, we automatically go to "ah-ha, must be a defect" as a conclusion. Unless the company in question is Google. :)

Nothing new here. (1)

Xeranar (2029624) | more than 2 years ago | (#36112850)

Windows 7 is now closing in on the dominant OS as XP finally tottles off to die. This is news, how?

Re:Nothing new here. (0)

Anonymous Coward | more than 2 years ago | (#36112980)

Windows 7 is now closing in on the dominant OS as XP finally tottles off to die. This is news, how?

Whatever!

I'm going to keep my Windows machines on XP FOREVER and according to the stats, eventually the infection rate will go down to ZERO and I'll be invincible!

Aahahahahahahahahahahahahaha!

The most secure Windows ever! (1)

HangingChad (677530) | more than 2 years ago | (#36112862)

"Microsoft released data today showcasing that Windows 7's malware infection rate has climbed by more than 30% during the second half of 2010...

In fairness it was the most secure Windows ever. It lasted longer than XP.

UAC (1)

Anonymous Coward | more than 2 years ago | (#36112886)

One problem is that UAC is so badly implemented that people who would ordinarily have no problem with it will turn it off entirely.

Why can't I whitelist apps like Visual Studio, for instance? Why isn't there an option on the UAC alert dialog that says "Do not ask me again for this application"?

I suspect that most Microsoft devs work with UAC turned off. If the order came down from above that nobody in the company was allowed to turn off UAC, I'll bet the system would become both more usable and more secure very quickly.

Re:UAC (1)

DJRumpy (1345787) | more than 2 years ago | (#36113012)

The problem with giving application level authorization is that a common virus always represents itself as the original program you think it is. If you allow program 'x' to bypass UAC then that becomes an immediate vector of infection.

Re:UAC (2)

istartedi (132515) | more than 2 years ago | (#36113296)

virus always represents itself as the original program you think it is

Then don't authorize the application. Authorize a secure hash of the application's executable, which is computed when it's loaded into memory. It shouldn't add that much time to application startup on modern hardware.

Re:UAC (1)

chuckugly (2030942) | more than 2 years ago | (#36113458)

Still wouldn't help much if, as is often the case, the malicious code is injected and executed AFTER load time, during operation. It's a tough problem to solve unfortunately.

Re:UAC (0)

Anonymous Coward | more than 2 years ago | (#36113028)

It could be that whitelisting applications is too hard to implement securely, or maybe they don't want to make it easy for applications to continue to misbehave and require UAC prompts.

Re:UAC (1)

cyber-vandal (148830) | more than 2 years ago | (#36113098)

Not letting you easily run Explorer.exe as admin is more stupid. I know it can be done but it's a pain and should instead just ask for credentials if you want to write to a directory that the standard account doesn't have permissions on.

Re:UAC (1)

DarkOx (621550) | more than 2 years ago | (#36113152)

No it might miss the security/usability trade off mark for but its actually not that badly implemented. Take Visual Studio and try to write a program that can circumvent UAC. Really try it, you will FAIL. It was specifically engineered to be difficult for malware that is not already running highly privileged to disable, or to "click yes" on the users behalf. Its very effective at that. What you want is for them to open up a whole bunch of new surface area to attack which would lessen the value of UAC as a security measure. If you want to run and interactive session as a privileged user and still be secure I don't care what OS you are using UAC is going be the price tag.

Sudo for instance is not nearly as strong as UAC in many regards, especially if you have the timeout configured. Its also not nearly so hostile an environment as the windows eco system tends to be.

Re:UAC (1)

techno-vampire (666512) | more than 2 years ago | (#36113248)

Sudo for instance is not nearly as strong as UAC in many regards, especially if you have the timeout configured.

Which is why I don't use it on my Fedora box. I've given out accounts on my home box to a few friends, so they can do network trouble-shooting (pings and traceroutes) over a different ISP and/or backbone segment. None of them have the root password. When I need to do something that requires escalated privileges, I use su for multiple commands or su -c for a single command. The only reason I'd ever use sudo if I had the root password is if I were working someplace that made that company policy. (Yes, I've heard of places like that.) At home, it's my box, my rules and my rules include "no using sudo."

Re:UAC (3, Informative)

Man On Pink Corner (1089867) | more than 2 years ago | (#36113374)

I'm a little unclear on how authorizing on a per-application basis, using a hashed ID as the other user mentioned above, would open up a significant attack surface. I agree that UAC works, and that it isn't easily circumvented... but still, I should have the ability to disable it on a per-application basis, and optionally for any processes spawned by that application.

Obviously that''s an insecure practice on my part and should be done only with care, but turning UAC off entirely really does expose a huge attack surface, and that's what I'm doing now, along with a few million other Windows users who might or might not understand the implications of what they're doing.

Re:UAC (0)

Anonymous Coward | more than 2 years ago | (#36113986)

So you're saying it would be a good idea to hash the executable and every single dynamic library the process may load at any time in the future? ie: every single library that the escalated process has read access to. That'll go down well. Look ma! It only took 6 hours to start my app! I only had to hash every file on my hard drive to do it!

Re:UAC (1)

ben.craig (2133680) | more than 2 years ago | (#36113340)

For the Visual Studio example, most users won't need to escalate. The two things I can think of off the top of my head that would require escalation from Visual Studio are profiling and attaching to a process from another user (including the "real" admin). Compiling / linking doesn't require an escalation, and debugging an application that you launched doesn't require an escalation.

And as I understand it the Microsoft devs go one step above UAC. They usually run as a limited user, so that you can't just click the "ok" button, you have to type in the admin password to escalate.

Re:UAC (1)

dhavleak (912889) | more than 2 years ago | (#36113346)

AFAIK, in Win7 UAC uses both whitelists, and blacklists, and is also configurable in terms of what it will prompt you for (haven't looked up level of granularity.. couldn't really be bothered)..

Why on gods green earth do you run Visual Studio elevated? IIRC there was a bug that requried that some time ago, but has been fixed since a very very long time.

Except (5, Interesting)

Dunbal (464142) | more than 2 years ago | (#36112922)

Microsoft calculated the infection rates using its Malicious Software Removal Tool (MSRT) by detecting and deleting selected malware such as fake antivirus programs, worms, viruses, and trojans.

One VERY important point is that Microsoft's Malicious Software Removal Tool considers certain programs which can be used to bypass Windows Activation as "malware", which is probably skewing the results.

Re:Except (3, Informative)

Brian Recchia (1131629) | more than 2 years ago | (#36113504)

Almost everybody who pirates Windows 7 does so using Windows Loader which, once they started encrypting it, has never been targeted by MSRT.

Re:Except (1)

Anonymous Coward | more than 2 years ago | (#36114064)

Is there any antivirus program left that doesn't consider keygens, cracks and packers as malware? Serious question.

So newer is NOT better? (4, Insightful)

metalmaster (1005171) | more than 2 years ago | (#36113134)

The article doesnt cover this, but im inclined to believe that malware authors have an easier time and higher infection rates when they target 3rd party software packages. As far as i know, the biggest thing to change from XP to Win7, from the user standpoint, is the more in your face security model. That makes the malware authors jump through extra hoops if they wanna get their code executed silently. However, attack a bug in a PDF reader or browser and things can be made to look like business as usual

Re:So newer is NOT better? (1)

sabt-pestnu (967671) | more than 2 years ago | (#36113368)

Humans are always going to be the weak link. Cause too many alerts, get the operator to shut that alert mechanism down, and hey, presto!

UAC window, anyone?

Re:So newer is NOT better? (2)

metalmaster (1005171) | more than 2 years ago | (#36113464)

That was sort of addressed in transition from Vista to 7. Vista would throw up a UAC prompt if you looked at your monitor the wrong way. Windows 7 only does so when you sneeze

Windows XP still dominates the market; not 7 (0)

Anonymous Coward | more than 2 years ago | (#36113236)

If you look at 2011 market share numbers MS Windows XP is still dominating the market. It probably will be until we get closer to 2014 when Microsoft discontinues support.

and.... (1)

smash (1351) | more than 2 years ago | (#36114098)

... even with those figures, i'm still repairing a lot more Windows XP machines.

If you turn off UAC / run as admin, and put a retard at the controls, Windows 7 will get infected by "free antivirus" software just as easily as anything else.

This is more a symptom of it being adopted by regular end users rather than bleeding edge types than any new inherent security problems discovered in 7.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...