Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Malware Scanner Finds 5% of Windows PCs Infected

timothy posted more than 3 years ago | from the is-this-an-adequate-sample? dept.

Microsoft 232

BogenDorpher writes "According to statistics generated by Microsoft's new free malware scanning and scrubbing tool, Safety Scanner, one in every twenty Windows PCs are infected with malware. Microsoft's Safety Scanner was downloaded 420,000 times in just one week of availability and it cleaned up malware or signs of exploitation from more than 20,000 Windows PCs, according to statistics generated by Microsoft's Malware Protection Center. This resulted in an infection rate of nearly 5%." That seems an awfully low number, based on how quickly Windows machines are scanned for plunder after going online; though it's a few years old, here's a report that suggests (as of 2007, at least) a grace period of less than 10 seconds. That was just one instance, and an intentionally vulnerable machine, but have improvements in security software software, and in Windows itself, made things so much better since then?

Sorry! There are no comments related to the filter you selected.

Security has improved (1, Interesting)

Anonymous Coward | more than 3 years ago | (#36277388)

Most of the malware now is either socially engineered or exploiting third party software (Flash and PDF, I'm looking at you!). Frankly, every OS is vulnerable to those two and finally even Apple noted they're starting to get that problem on Macs.

Re:Security has improved (1)

stanlyb (1839382) | more than 3 years ago | (#36277406)

Facebook? Twitter? Google even?

Re:Security has improved (0)

underqualified (1318035) | more than 3 years ago | (#36277956)

Adobe, I'm looking at you!)

There. Fixed that for you.

Re:Security has improved (0, Redundant)

im_thatoneguy (819432) | more than 3 years ago | (#36278176)

I agree. This "A Windows machine will be pwned in less than 30 seconds" is complete and utter bullshit.

I've never taken any precautions when setting up a PC and I've plugged it into the internet while installing windows without any additional firewalls and I've NEVER had a computer automagically compromised without executing something or clicking a compromised link.

Re:Security has improved (2)

Securityemo (1407943) | more than 3 years ago | (#36278252)

How would you know? A sufficiently full-featured 0day exploit/rootkit payload could have compromised the system without you ever noticing, exchanging information with the outside world using data steganographically encoded into banner ad traffic at the network driver level. Better break out the kernel debugger. :D

Re:Security has improved (4, Informative)

SuricouRaven (1897204) | more than 3 years ago | (#36278266)

It used to be true, back before everyone used a home router that acted as a firewall. I remember a couple of times years back when I installed Windows XP, connected up the cable/ADSL modem to get a service pack in, and the system was infected before the service pack had finished downloading. Back then infection was often via exploting the many explotable services windows runs, which was only possible when there was no firewall (The Windows one wasn't enabled by default back then, and in any case makes exceptions for those exploitable services!). Today, as most users have a firewall even if they don't know what one is, the main vector is the web - either malicious websites, or exploits served up as ad-banners.

Re:Security has improved (2)

Samantha Wright (1324923) | more than 3 years ago | (#36278360)

And also herd immunity: you're less likely to get infected if everyone else is exempt from being capable of infecting you. Firewalling routers really don't get enough love for their role in reducing the internet's trash density.

Re:Security has improved (4, Informative)

hairyfeet (841228) | more than 3 years ago | (#36278370)

Bingo! As someone who fixes these things every week while there are still plenty of Adobe exploits I've noticed since Win 7 came out they simply haven't been using OS exploits like they used to, now they run social engineering because it is always easier to take control if the user helps you and by appealing to their greed, desire, or fear it really ain't hard to get them to go along.

The big attack vectors i'm seeing day after day, in no particular order, is: 1.- The "you want teh hot lesbos? you need to run our Iz_not_Viruz_iz_codec.exe to play teh vidz!" 2.- The "ZOMg you got teh viruz! To fix run our Iz_not_Viruz_iz_cleanerz.exe to get rid of it ZOMG!" 3.-The "Use the new Limewire (Iz_not_Viruz_iz_Limewirez) to download teh latest Titney_Spearz.mp3.exe tunez today!" and 4.-"Hey my BFF sent me a funny cat video! It says I should run Iz_not_Viruz_iz_LOLCatz to see teh kittiez!"

As you will notice with ALL of the above you simply don't have to bother with an exploit for ANY of those, as the user IS the exploit and is the weakest link. The last major "WTF?" that MSFT had, the "Hey lets run everybody as admin!" officially died with Vista and since 7 doesn't bug the crap out of folks with "Cancel/allow?" boxes every three seconds UAC has been left on and along with low rights mode in IE and Chromium based is doing a good job, as we saw by the numbers released the other week where there are only 4 per 1000 7 machines infected VS 14 for XP.

But as long as you have people willing to ignore or even turn off their AV (as I had the other week with a customer and the "Iz_Not_Bug_Iz_Limewire") because a malware writer waved a cookie in front of them then frankly I don't see what else can be done besides what MSFT is already doing with the free MSRT and MSE. And as we have seen with first MacDefender and now MacGuard (which doesn't even need the password anymore) on OSX and the nasty Android trojan apps it doesn't matter whether you are on an alternative OS or not, all that matters is whether or not the bad guys want in bad enough to do the work and whether you have any users who'll run "Iz_Not_Bug_Iz" style apps. sadly I've found that WAAAY too many are more than happy to do just that.

Re:Security has improved (-1, Troll)

ozmanjusri (601766) | more than 3 years ago | (#36278438)

Most of the malware now is either socially engineered

Standard Microsoft reputation management response to malware discussions.

The day Microsoft stops trying to deflect blame with this tired old furphy, and starts taking Human Factors science seriously, is the day Windows starts becoming secure.

Somehow.. (1, Offtopic)

taosk8r (56641) | more than 3 years ago | (#36277390)

I think this is more likely to have proven that the McAfee tool is crap.

Malwarebytes is pretty good, and I've heard Bullguard can sometimes get stuff that cannot.

Re:Somehow.. (1)

dwywit (1109409) | more than 3 years ago | (#36277574)

Combofix FTW. Although it wouldn't remove a "Windows Risks Prevention" I encountered last week. It took rkill, a registry patch, and MBAM to remove it for good.
 
This was a machine "protected" by Bullguard.

Re:Somehow.. (1)

Pseudonym Authority (1591027) | more than 3 years ago | (#36277962)

I prefer to use Common Sense 2012 edition, and not download that hot_sex_underage.avi.exe on LimeWire or winrar-pro-full-crack-keygen.exe from The Pirate Bay, use Foxit Reader\Sumatra for casual PDF reading, and enable loading plugins on demand for Opera.

Re:Somehow.. (1)

networkzombie (921324) | more than 3 years ago | (#36278058)

It is never that simple. Do you have Adobe Flash installed on your Windows computer? If yes, then you are vulnerable. When you enable a plug-in for Opera, do you verify that all of the ads on that site you are visiting are from reliable sources? Doubleclick, Dailymail, Yahoo, Fastclick, and Google ads have all served up malware at least one time. Do you check the HTML code for the site to make sure they were not hacked to serve up malware? Google is still scrambling to clean their images search function. Never underestimate the people who write malware for money. They have unlimited resources and are beyond the reach of authorities (Ukraine, Russia). The only safe computer is one sealed in cement at the bottom of a lake. Confidence is your enemy. Reliable backups are your friend.

Re:Somehow.. (2, Informative)

SuricouRaven (1897204) | more than 3 years ago | (#36278280)

I'm a bit of an expert. Professional IT technician, confident in using all versions of windows, linux and OSX. I code. I've done a bit of cracking myself - nothing major, but I know how exploits work. I'm careful. I don't get dodgy executable code from disreputable sites. I've got a good firewall, a squid proxy configured with a long blacklist of ad-servers.

I still got infected yesterday with the loathed fake-antivirus (The author is actually known, but in Ukraine). Sneaky thing managed to trick me by taking the filename SkypeUpdate.exe - so when it popped up with the permission request from windows, I just thought it was Skype running another update and clicked ok.

Took me twenty minutes to kill the thing. Finding and deleting the executable was easy enough, but it has the niftily evil trick of making itsself the default file association for .exe files... thus making it impossible to run them. In the end I had to use a command prompt to launch firefox and notepad, find a .reg file online that would reset the associations, paste it into notepad and use that to fix the association. I'm still not sure I found all the damage.

Re:Somehow.. (3, Interesting)

wesleyjconnor (1955870) | more than 3 years ago | (#36278464)

What browser are you using 'bit of an expert'? I haven't run antivirus for 10 years and i've never been infected, I torrent things daily and i've seen some of the seediest burrows of the web. Navigating the web is a sixth sense grown over years of use, same as any skill. You know a good torrent just by looking at it, you know a dodgy website as the first image loads. You have been doing this so long you don't even SEE the ads in a page. Amateur hour is over.

Re:Somehow.. (1)

hawkinspeter (831501) | more than 3 years ago | (#36278532)

That sounds like the problem is with windows not having proper package management. On linux, you'd be getting the updates through the package manager, so you'd immediately know that SkypeUpdate.exe was fake.

Do you run firefox with adblock and noscript? That's probably the best way to defeat 99.9% of accidental infections.

How many are Macs? (0, Funny)

Anonymous Coward | more than 3 years ago | (#36277392)

5% of PC's are malware infected and 5% of PC's are Macs. Coincidence much?

Re:How many are Macs? (2)

tverbeek (457094) | more than 3 years ago | (#36277446)

Pretty much, yeah.

Re:How many are Macs? (2)

Hylandr (813770) | more than 3 years ago | (#36277940)

It's interesting to note that the number of infected pc's is exactly 5% of the computers that had that tool installed. Not 5% of all machines as the article implies.

Slow night on slashdot?

- Dan.

Of those who actually asked for help (4, Insightful)

betterunixthanunix (980855) | more than 3 years ago | (#36277394)

So a significant number of computers that downloaded the malware removal tool had malware on them. How is that surprising? Unless the installation of this tool is uniformly distributed amongst Windows users, which TFA is not entirely clear on...

Re:Of those who actually asked for help (4, Insightful)

kvvbassboy (2010962) | more than 3 years ago | (#36277450)

What? I would say that it's the other way around. I would guess that the actual infection rates are higher. I bet that many of the people who didn't download this tool are probably the same people who are running an expired version of McAfee on their Windows XP without any Service Packs applied.

Just recently, my parents were complaining about how their computer was behaving very slow and strangely. The number of malware, crapware and toolbars I had to uninstall via remote desktop using Teamspeak (we live on different continents) was enormous. Lol!

Re:Of those who actually asked for help (0)

Anonymous Coward | more than 3 years ago | (#36277930)

linux.. stupid. thinkpenguin.com or somewhere similar.

The end of the article notes... (4, Insightful)

Sir_Sri (199544) | more than 3 years ago | (#36277396)

"Safety Scanner, which replaced an older online-only tool, uses the same technology and detection signatures as Microsoft's free consumer-grade Security Essentials antivirus program and its Forefront Endpoint Protection product for enterprises."

considering that by now everyone should run SOME anti virus, of which MSE is a legally free option, and that something which uses MSE's signature database finds 5% of machines have been compromised I don't think says much about computer security as a whole. Obviously there are a lot of users who *still* don't have anti virus software, which isn't really news. But MS can't exactly go including free anti virus in their OS without screams of anti trust.

Re:The end of the article notes... (0)

jackbird (721605) | more than 3 years ago | (#36277516)

They could make MSE available on XPx64, though...

(suggested alternatives welcome)

Re:The end of the article notes... (4, Funny)

Samantha Wright (1324923) | more than 3 years ago | (#36277570)

Well. First you'd need some malware that actually runs on XP x64...

Re:The end of the article notes... (4, Funny)

lowlymarine (1172723) | more than 3 years ago | (#36277844)

Well at least that would finally make SOMETHING that runs on XP x64.

Re:The end of the article notes... (1)

tibit (1762298) | more than 3 years ago | (#36277742)

It isn't?!

Re:The end of the article notes... (0)

Anonymous Coward | more than 3 years ago | (#36277766)

Nope, XP thru 7 on 32-bit, but Vista and 7 only for 64.

Re:The end of the article notes... (1)

Sir_Sri (199544) | more than 3 years ago | (#36277954)

There are programs that run on XP64 that don't work on XP32 or 7-32/64?

Even then, XPx64 isn't exactly accounting for that 5% of installed that have been compromised.

I think kaspersky and the paid version of AVG both supported XP 64 at one point. Whether or not you could find anything that does anymore is another matter.

Yes. (4, Insightful)

artor3 (1344997) | more than 3 years ago | (#36277398)

That was just one instance, and an intentionally vulnerable machine [four years ago], but have improvements in security software software, and in Windows itself, made things so much better since then?

Yes.

Is it really surprising that computers with service packs, hot fixes, virus scanners, and firewalls are significantly more secure than those without?

Of course, it's also worth noting that the real infection rate is probably at least a little bit higher. The people who don't download this particular scanner are the same ones who wouldn't download the aforementioned service packets, hot fixes, virus scanners, and firewalls. The unanswered, and perhaps unanswerable, question is how many such people are out there.

Exactly (4, Interesting)

Giant Electronic Bra (1229876) | more than 3 years ago | (#36277458)

All this really 'proves' is that 95% of the people who are smart enough to download a free AV program didn't have an infection. Lets see, who uses those? Oh, I know! People who take precautions... When do they do it? BEFORE they get infected, lol.

While it is an interesting datapoint to hobknob about, this actually says ZILCH about Windows infection rate, except it probably can't possibly be LESS than 5%.

Re:Exactly (2, Insightful)

Anonymous Coward | more than 3 years ago | (#36277768)

You can't draw that conclusion, either. You say that the people who download virus scanners are the smart ones who take precautions. That makes sense. But another big group that downloads virus scanners is the people who have reason to believe they have a virus. For all we know, 5% could be artificially LARGE because of that.

We just can't draw these sorts of conclusions from this study.

Re:Yes. (1)

jhoegl (638955) | more than 3 years ago | (#36277526)

I find that saying an unprotected computer connected to the internet does not follow todays current norm.
People have routers, or windows firewall (default), or both.
To say a windows machine is vulnerable today is ignorant of the knowledge of hacking.
As long as they have a firewall and dont open ports, they should be fine.

Basic hacking requirement... you have to have an open port and a service on that port that has an exploit of some type.
This is why website hacks, browser exploits, emails to get people to click, and social engineering are so important to hackers. Most people already have protection against direct attacks.

Re:Yes. (2, Insightful)

Anonymous Coward | more than 3 years ago | (#36277678)

Exactly, it wasn't AV that killed worms, it was the NAT routers which became standard PC equipment for non-techies between ~2002-2004.

On the LAN side Windows can still be pwned as easily as before, you basically have instant shell access to any networked Windows machines.

Re:Yes. (1)

jhoegl (638955) | more than 3 years ago | (#36277880)

Why was I modded down?

Re:Yes. (0)

Anonymous Coward | more than 3 years ago | (#36278170)

Why was I modded down?

Because you touch yourself at night.

Re:Yes. (4, Insightful)

Penguinoflight (517245) | more than 3 years ago | (#36277638)

Don't forget about those who have viruses but the malware removal tool was unable to either detect or remove them. If you can't churn out a virus that can beat the standard set by microsoft you're in the wrong business.

Re:Yes. (1)

geniice (1336589) | more than 3 years ago | (#36277754)

Not really. Malware aims a low hanging fruit and people taking active steps to protect their system are in all probability not worth the hassle (and downloading a onetime scanner is pretty active). The tool is also new so malwear writers probably haven't reacted to any great extent yet.

Re:Yes. (1)

Anonymous Coward | more than 3 years ago | (#36277858)

On the other hand, don't forget about those who simply install AV because they suspect they have a virus. It's like saying 25% of people have an STD because 2000/8000 people who attended an STD clinic have one.

The information isn't even new either. Lets break it down into useful stats and consider how many of those users were using UAC, and which OS they were using. It wouldn't surprise me if most infections were still on Windows XP

Re:Yes. (0)

Anonymous Coward | more than 3 years ago | (#36277854)

There is still something wrong in the way these tools work. Even with all of that I still see PC's get infected. I've tried a few sandboxing programs with Firefox and still see users get infected. I've killed anything on the firewall that has an executable signature and still see them get infected.
I've locked out program installs and turned on several features of Windows 7 and still get calls on infected PCs or catch them at the firewall.

We need a better paradigm but I'm just not able to come up with one.

Re:Yes. (1)

TheLink (130905) | more than 3 years ago | (#36278254)

There's already a better paradigm on some phones. Basically the application declares upfront want sort of sandbox/permissions it needs to run. And if that is OK according to the system's settings, the OS will run the app while enforcing the sandbox.

Because the permissions are declared explicitly, it should be much easier for an "expert", or even someone with "common sense" to certify that the sandbox makes sense for the app, and maybe even digitally sign the app and its request.

So an organization (or "The Family Admin") can lock down a computer system so that only apps that request "safe sandbox templates" can run or install.

And the nerds like us, can set our systems up so that we can choose to run an app with a sandbox template of our choice (e.g. guest sandbox - looks like a new machine, no data about you available, no changes affect your "real system", once you're done with the program, it's gone).

I proposed something like this to Ubuntu and SuSE years ago: https://bugs.launchpad.net/ubuntu/+bug/156693 [launchpad.net]
https://bugzilla.novell.com/show_bug.cgi?id=308760 [novell.com]

That said, people are still going to type in their passwords and send them to the wrong places- the sandbox stuff won't prevent it. I'm not sure of a good way to prevent this. Maybe the OS/browser could keep hashes of the user's passwords and if something typed matches a known password hash but might be sent to an unexpected site/context it can warn the user (are you sure you want to send your "Bank" password to Elbonia?"). Problem is some bank sites use fancy schemes for users to enter their passwords involving onscreen keyboards with some rearranged keys etc.

Re:Yes. (0)

Anonymous Coward | more than 3 years ago | (#36278244)

no, not significantly more secure. but significantly slower yes.
trouble is, all those things will protect you from 'weaker' viruses, not the tough ones.

datum (1, Offtopic)

tverbeek (457094) | more than 3 years ago | (#36277416)

I fixed one this afternoon: my parent's WinXP computer. Adjust your stats accordingly.

That's Nothing! (1)

Anonymous Coward | more than 3 years ago | (#36277428)

According to Mac Defender, 100% of all Macs are infested with malware.

Meanwhile.... (1)

PessimysticRaven (1864010) | more than 3 years ago | (#36277430)

Every new Hotmail account comes complete with no less than 10 emails promising 'bigGer Pen1s 4 hur plezures!" within the first thirty seconds of initial login.

Only 5% of machines that have it installed (0)

Anonymous Coward | more than 3 years ago | (#36277436)

So it has been downloaded 420k times, so it is 5% of a very small and selective proportion of the installed base

Bad sampling techniques ... (2)

MacTO (1161105) | more than 3 years ago | (#36277442)

Maybe the number is accurate, maybe it isn't. But the one thing that strikes me is that this is not an entirely random survey since there are too many factors that can affect the sampling. Examples: people who do not update their software (including but not limited to this scanner) are probably more likely to have an infected machine, making the number low. Yet institutional PCs that are professionally managed (and are likely to use third party solutions) are probably less likely less likely to be infected, making the number high. So that 5%, as good or as bad as it may sound to you, is actually just a number thrown around by the marketing department.

Re:Bad sampling techniques ... (1)

PessimysticRaven (1864010) | more than 3 years ago | (#36277456)

Best I can tell, this is only really polling the people that CHOOSE to report it. So, yes, to second that, bad form on reporting. Shocking, I know.

"as of 2007" (5, Informative)

QuasiSteve (2042606) | more than 3 years ago | (#36277466)

Honestly? "as of 2007"? In computer terms, that's several lifetimes.

Not only that, but just because the news article linked to has 2007 at the top, doesn't mean the findings were from 2007. The news article in which the author "just read an incredible scary article" links to said incredible scary article - http://news.bbc.co.uk/2/hi/programmes/click_online/4423733.stm [bbc.co.uk] - from 2005. So not only was the news article writer 2 years behind the times, you're now suggesting that we should believe that you find it incredulous that things may have improved in 6 years' time?

In that time Windows 7 and Vista have been released - both with far better security models out of the box. Even Windows XP saw a reasonable update with SP3.

Then again, by April 2005, SP2 was also distributed and guess what it enabled by default? Windows Firewall. The worm in the original article, Sasser, would not have gotten very far.

Then again, Sasser would not even have been on the system if they bothered to install the update that fixed the hole that Sasser would eventually exploit.

It's just not a very convincing example to begin with, and certainly not one you should be citing 6 years later.

Re:"as of 2007" (0)

dragonturtle69 (1002892) | more than 3 years ago | (#36277520)

Not sure about Vista's PE2, but 7's PE3 has a firewall. That would eliminate how XP was infected before the installation was completed, which was still a problem in 2007.

Of course, the submitter is lumping Win* together in the commentary.

Re:"as of 2007" (1)

Anonymous Coward | more than 3 years ago | (#36278146)

Not sure about Vista's PE2, but 7's PE3 has a firewall. That would eliminate how XP was infected before the installation was completed, which was still a problem in 2007.

Of course, the submitter is lumping Win* together in the commentary.

The problem was that during the first version of XP's installation, it would bring up the TCP stack before firewalling the system. This was fixed with the release of Service Pack 1, but if you install from an original CD you will of course still be vulnerable.

And that's assuming that you're connected directly to the internet, as opposed to connecting through a router running NAT on its internal firewall. If you have a router, it's already a non-issue. IF you're that worried about it, download the XP service pack 3 installer and burn it to disc and quit using that ancient original version. It'll also be a lot faster since you don't have to patch through 3 service packs and all the hotfixes and updates.

Re:"as of 2007" (1)

Deathlizard (115856) | more than 3 years ago | (#36277584)

On the one hand, pulling out the dead horse that is "X seconds to XP infection" and beating on it in 2011 is a new low. Even for Slashdot. On the other hand, I wouldn't be caught dead with Windows XP in this day and age even with all the patches.

Malware authors know the insides of XP so well that you have to do so many things to make a secure windows XP build that it isn't worth the time, Especially since you can install Win 7 64bit and its pretty much secure out of the box. It's much harder to root due to UAC (when turned up to full) and 64bit driver protection, it's got limited malware protection from Defender out of the box and it can run IE9, which has a lot more features in stopping malware from downloading payloads or even getting a payload in the first place if TPL's and file reputation are used. Also the system restore actually works so most non rootkit damage can be rolled back reliably.

As for the safety scanner Microsoft has, If you're running that scanner, chances are you think your system is infected. I'd be more concerned that it's that low, which tells me that the scanner is missing key virus infections. Actually my experience with it, it missed a key infection on a virus laden PC. (to be fair, it was rootkitted). MS seriously needs to release a bootable scanner similar to their system sweeper found in the Diagnostics and recovery Toolset (which found the rootkit that safety scanner missed). That and actually make a tool that reliably removes Alureon (AKA TDSS)

Re:"as of 2007" (1)

yuhong (1378501) | more than 3 years ago | (#36277772)

Yep, I think it is well known now that installing XP RTM and connecting it directly to the Internet without patching is not safe.

Re:"as of 2007" (2, Interesting)

VortexCortex (1117377) | more than 3 years ago | (#36277616)

In that time Windows 7 and Vista have been released - both with far better security models out of the box. Even Windows XP saw a reasonable update with SP3.

With great new code-bases comes great vulnerability.

I just "removed" (and by remove I mean re-format re-flash BIOS and reinstall Windows) a bit of malware (Banker Rootkit Variant) that exploits a Java vulnerability via applet (JRE was up to date, but the old exploitable versions are still there, and can be targeted -- remove them now), then installs a rootkit via kernel driver -- Somehow miraculously bypassing the fact that drivers must be signed on 64bit MS OSes -- Oh, it's not that special it just disabled UAC first via the registry (ran a .reg -- Yes, seriously, WTF MS), then enabled "debugging mode" which disables the signed driver checks (I know, right?), then it installs a new root certificate authority in the web browser and updates the hosts file so that when you connect to several banking websites it can intercept the traffic with no security warnings in the browser -- Hint: always view the cert before you enter you credentials.

You can tell me that the brand spanking new batch of code is "more secure" than some other batch of code only after they've both been in use for the same period of time, and I can compare the numbers. "More Secure" can not be claimed until it is proven.

IMHO, Why throw out XP64/32? (sp3 is basically just an update roll up, not a whole new codebase -- 1045 days left, BTW) They were finally getting a lot of the bugs hammered out. If we did that with Linux / Unix every couple of years they would be a security clusterfuck too. (scares me that Torvalds is thinking of retiring the 2.6 kernel to move to 2.8 or 3.0...)

Re:"as of 2007" (0)

Anonymous Coward | more than 3 years ago | (#36277746)

You weren't tipped off by the desktop-background text overlay indicating non-signed driver support? Then again with kernel access that warning could be removed or hidden.

p.s. this is why anyone with half a clue disables any and all browser plugins.

Many still stuck in 2007 (1)

dbIII (701233) | more than 3 years ago | (#36277668)

"as of 2007"? In computer terms, that's several lifetimes.

Wrong.
There are plenty of MS Windows XP machines that have not been patched since 2007. Also how many Microsoft based machines have you seen with spreadsheets etc newer than MS Office 2003?

Using old OS and Office Programs is no indication (0)

Anonymous Coward | more than 3 years ago | (#36277700)

"as of 2007"? In computer terms, that's several lifetimes.

Wrong.
There are plenty of MS Windows XP machines that have not been patched since 2007. Also how many Microsoft based machines have you seen with spreadsheets etc newer than MS Office 2003?

Although there may be more Windows XP machines than all versions of Apple combined, it does not mean that the XP machines have gone unpatched since 2007.

Secondly, Although MS Office 2003 is several lifetimes ago for Office productivity suites, as well, it still is not an indicator that the Office 2003 system is not unpatched.

Observation gives the indication (2)

dbIII (701233) | more than 3 years ago | (#36277872)

it does not mean that the XP machines have gone unpatched since 2007.

No, what does tell me and should tell you is simple observation. Many XP machines in homes do not have automatic updates turned on and have never been updated after the day they were purchased. There are also a vast number of cracked copies of XP out there which have never been updated because the users are worried that an attempt to download updates will identify their XP as copies instead of purchased software.

Re:"as of 2007" (1)

mgblst (80109) | more than 3 years ago | (#36277752)

I count every install of Vista as an infection.

Or.. "Scanner finds 95% Windows PCs not infected"? (1)

NotQuiteReal (608241) | more than 3 years ago | (#36277484)

Same thing, right?

I don't know anyone who actually runs this. (1)

osssmkatz (734824) | more than 3 years ago | (#36277486)

While I am glad that the online safety scanner can now clean infections, and will probably consider it in the future, it isn't a very widely used tool because of the windows live branding, rather than as a Microsoft product. Trend Micro Housecall has been around for longer. I wish more antivirus's would scan for lack of service packs or security vulnerabilities.

information is insufficient (4, Insightful)

belmolis (702863) | more than 3 years ago | (#36277492)

We don't have enough information to estimate the infection rate. For one thing, we don't know how good the scanner is. If it misses a lot malware, the infection rate may be much higher. We also don't know what kind of sample the downloads comprise. If only people who think they have an infection are downloading it, then the sample is biased high and the real infection rate may be much lower. Since it only detected infections in 5% of cases, either the scanner is very bad or people are downloading it as a precaution, not once they think they have an infection. If they're downloading it as a precaution, that probably means they are particularly security conscious, in which case the sample is probably biased toward a low infection rate. Overall, it looks like without more information the percentage of machines found to be infected by this scanner tells us very little.

Re:information is insufficient (1)

Anubis IV (1279820) | more than 3 years ago | (#36277540)

Well said! I was about to make similar comments, but I see that you already did so, and far better than I would have. My first thought was that this was an indication that people who are security conscious still have an infection rate of 5%, but it could easily go other ways, depending on the biases, such as the ones you mentioned.

NAT to the rescue! (4, Insightful)

ka9dgx (72702) | more than 3 years ago | (#36277508)

The IP6 folks hate NAT, but it's the only thing that's saving personal computing at the moment. Because random inbound connections don't has through NAT devices, any home PC behind one is MUCH safer than one directly on the internet. It sucks in terms of the end to end utility of the internet, but it's the tradeoff most users are willing to make for reasonable safety.

Re:NAT to the rescue! (4, Interesting)

WuphonsReach (684551) | more than 3 years ago | (#36277582)

Outbound-only IP6 firewalls will offer the same level of security as NAT. With a few other advantages as well.

What will remain to be seen is whether the firewall devices can be:

- Properly configured or come with sane defaults.
- Fail in a safe manner rather then suddenly just allowing every connection through.
- Can't be switched to completely transparent by attack software.

It will be interesting in a few years as IPv6 finally takes off. I think the 3rd option is going to be the interesting one. In a IPv4 NAT'd network, the attacker has to (a) know the internal IPs and (b) add an inbound port forward to the NAT device. In the IPv6 firewall scenario, because the devices inside the network already have routeable addresses, if they can open up the firewall then they win.

The saving grace will probably be the sheer size of the address pool in a local network. Unless you sniff the traffic (or look at DNS or ARP), knowledge of active IP addresses is hard to come by via scanning. Scanning a 2^64 range for active hosts will take a few years, which will slow down any worms that attempt to spread in that manner.

A few years, as in enumerating 2^64 addresses and processing 1 million per second means you need about 585,000 years. There are ways to fine that down such as only searching the list of valid MAC addresses, which cuts the size down to 2^40 to 2^48. And you could fine that down even more by only looking for popular MAC addresses, which would probably make it 2^36 to 2^40 roughly. Scanning 2^32 @ 1 million / second takes about 80 minutes, 2^36 is 19 hours, 2^40 is 305 hours. Of course, attempting to scan 1 million hosts per second would bury most boxes and would probably require 10Gbps to pull off.

Compare that to today's networks where the local network segment usually only has 256 to 4096 possible addresses. Multiple orders of magnitude easier to scan.

Re:NAT to the rescue! (1)

skastrik (971221) | more than 3 years ago | (#36278326)

Collections of active IP addresses will be readily available tomorrow, just as rainbow tables and collections of active email addresses are today.

The saving grace will probably be the sheer size of the address pool in a local network. Unless you sniff the traffic (or look at DNS or ARP), knowledge of active IP addresses is hard to come by via scanning. Scanning a 2^64 range for active hosts will take a few years, which will slow down any worms that attempt to spread in that manner.

Re:NAT to the rescue! (2, Informative)

Anonymous Coward | more than 3 years ago | (#36277586)

NAT is NOT security. If you want security, the most basic setup is called a stateful firewall. You may want to read about it.

http://en.wikipedia.org/wiki/Stateful_firewall [wikipedia.org]

Even better, close down all services that you do not need listening. Application level firewall is another good idea.

If your security is NAT alone, then it's a sad state of affairs. NAT masks security, nothing more..

PS. For the all NAT-lovers, there exists an IPv6-NAT too. So saying that IPv6 == cannot have NAT is wrong. On Linux, steteful firewall is a prerequisite for NAT capability anyway.

Re:NAT to the rescue! (2)

ka9dgx (72702) | more than 3 years ago | (#36277840)

I know that NAT doesn't help security against an advanced persistent threat, but it does scrape off the top 99% of all attacks, which is a big plus.

A stateful firewall can scape off another 99%

Locking down each service with AppArmor can scrape off another 99%

Which means you'll still have no effective security against an advanced persistent threat... you'll only be stopping 99.9999%, not all of it.

Capability based security might give you another 99%, which is good, but not enough.

Re:NAT to the rescue! (0)

Anonymous Coward | more than 3 years ago | (#36278206)

On Linux, steteful firewall is a prerequisite for NAT capability anyway.

Um, yeah it's like that on all systems. NAT is the mechanism your Stateful Firewall uses if you want to put it in front of multiple devices, you only don't need NAT if you're only firewalling a single system.

Saying that it's not security is simply showing you don't really understand what NAT actually does, and are focused primarily on the politics of what it's usually used for.

And just for the record, quoting Wikipedia makes you look like either a Dick or an Idiot. Here is what you're really using as a source of proof of your claims:

References
        ^ "Who Invented the Firewall?". TechWeb. 2008-01-15.
        ^ "Check Point Software Technologies Ltd. Awarded Patent For Stateful Inspection Technology". Check Point. 1997-03-17.
        ^ "Network connectivity may fail when you try to use Windows Vista behind a firewall device".
        ^ "A painful Vista networking bug".
        ^ Review of Tomato firewall "...both L7-Filter and IPP2P are explicitly unmaintained. Given the steady stream of security updates for protocol dissectors in WireShark, your editor has a hard time believing that these other classifiers can be completely free of security issues."
        ^ Hacker pierces hardware firewalls with web page

Really? A techweb article, a couple stories about Windows networking bugs, and a REVIEW of Tomato? And a link, not to the actual patent, but a STORY about someone getting a patent? Seriously, you can do better than that with 30 seconds on Google. This type of bullshit is why Wikipedia is a neat idea, but in practice falls short of anything really useful.

Re:NAT to the rescue! (1)

VortexCortex (1117377) | more than 3 years ago | (#36277722)

I wonder if all these dropped unsolicited packets I'm seeing bounce off my firewall/NAT are what's causing my bandwidth usage measurements to be so much less than my ISPs capped bandwidth meter is showing... As for "end to end" blockages -- If you don't know how to port-forward, enable UPnP -- everything supports it these days, even ports of old games like Doom. However, being behind an ISPs NAT is unbearable -- that's why ip6 is needed, so that we don't end up behind an un-configurable ISP NAT router.

Even after the IP6 transition, I'll still use my firewall PC to block unsolicited packets, scan for malware, logging, access restrictions/time limits, etc. Besides, It's a part of the atmosphere... flayed and mounted on Lexan hanging from my wall (with lots of carefully routed wires and a few pretty lights that blink intermittently) -- I find wallputers more interesting/functional at than most paintings, plus it's easier to clean, takes up less space and promotes a cozy cyber-punk feel. Guests always ask "What's that?!" "Never seen a firewall?" I say. (It also helps weed out the geek girls from the uninteresting variety -- the latter never approve of "the lab" aka home office/electronics workshop, with 8 wallputers).

P.S. Just because NAT implies stateful firewall, doesn't mean you can't have the benefit of a firewall sans NAT.

Re:NAT to the rescue! (2)

0123456 (636235) | more than 3 years ago | (#36277898)

As for "end to end" blockages -- If you don't know how to port-forward, enable UPnP -- everything supports it these days, even ports of old games like Doom.

Never, ever, ever enable UPnP if you care about security. Allowing random applications to open up random ports is just asking to be pwned.

Re:NAT to the rescue! (1)

GravityStar (1209738) | more than 3 years ago | (#36278358)

Explain this to me; why is UPnP so insecure? UPnP can only be switched on by a random application if that application has access to the LAN. That application is then _already_ running locally on one of the machines on the network. It can _already_ connect to random machines/ports. If that application now wants to exploit a vulnerability on one of the machines connected to the LAN, it can do it directly, no need to configure any port forwarding to let yet something else in.

I haven't yet read any realistic argumentation on why UPnP is dangerous (and I looked!). Mainly just FUD. The only security issue I can see is that _after_ the baddies take over your PC, they can open up ports.

Re:NAT to the rescue! (1)

GravityStar (1209738) | more than 3 years ago | (#36278368)

Besides, It's a part of the atmosphere... flayed and mounted on Lexan hanging from my wall (with lots of carefully routed wires and a few pretty lights that blink intermittently) -- I find wallputers more interesting/functional at than most paintings, plus it's easier to clean, takes up less space and promotes a cozy cyber-punk feel.

Your ideas are intriguing to me and I wish to subscribe to your newsletter.

Re:NAT to the rescue! (1)

FrootLoops (1817694) | more than 3 years ago | (#36278288)

but it's the tradeoff most users are willing to make for reasonable safety.

I'd bet almost nobody consciously chooses NAT for security. They choose it because the numbers are running out, pure and simple.

Not serious (2)

lucm (889690) | more than 3 years ago | (#36277558)

> though it's a few years old, here's a report that suggests (as of 2007, at least) a grace period of less than 10 seconds.

These numbers mean nothing. Just like statistics about domestic abuse ("1 women in 3 is victim of abuse"), that kind of thing cannot be measured so someone comes up with a pseudo-scientific number and everybody keeps repeating this stuff ad nauseam like Rush Limbaugh on election week.

Individual malware is having way too much exposure in the media for its actual damage. In an era where legitimate companies such as Facebook or Google are cornering the market on privacy violation and shameless data-mining, nobody gives a sh*t about Uncle Joe's private information. Credit card numbers are traded by the thousands and it is not cost-effective to try to harvest valuable information from individual PC - financial institutions and service providers (PSN!) are a much better target.

The name of the game is now large-scale deployment and a botnet that does not protect its nodes does not live long enough to justify an article on Wikipedia. Actually for home users I would even argue that being part of a botnet can be a good thing - the operators know what malware is serious and they have a financial stake in maintaining a healthy network of zombies; they will keep the basement wannabes away. On a global scale they are the one with the best interest for home PC security - much more than most PC owner themselves. It's like joining a gang when you go to jail for a long time - be part of the swarm and the odds that you end up becoming a silent farter are much lower.

All are... (0)

Anonymous Coward | more than 3 years ago | (#36277572)

All Windows PCs are infected...Windows IS a virus! Or at least malware/spyware!!

The name "Safety Scanner" sounds like Malware (2)

Salvo (8037) | more than 3 years ago | (#36277576)

Even if it isn't actually MalWare, the name "Safety Scanner" is as suspect as "Windows Recovery" or "MAC Defender".
I would have thought Microsoft's marketing department (arguably one of the greatest marketing departments in Info Tech), could have come up with something less dodgy than "Safety Scanner".

Maybe the people who were inclined to download and install "Safety Scanner" are the same people who are inclined to download and install "Windows Recovery". Making the estimate of 5% high.

Conversely, maybe the people using "Safety Scanner" were more conscientious about Computer Security and were seeking out extra protection. Making the estimate of 5% low.

Re:The name "Safety Scanner" sounds like Malware (0)

Anonymous Coward | more than 3 years ago | (#36278328)

I kno I kno "Smart Scanner"

how much of that is boader line stuff (0)

Anonymous Coward | more than 3 years ago | (#36277670)

how much of that is boarder line stuff flagged as Malware?

Malware? Scareware? (3, Insightful)

sillivalley (411349) | more than 3 years ago | (#36277710)

Ran this thing on a server that lives in the closet. It complained that my custom hosts file was very suspicious. It also didn't like the VNC client.

So this machine was infested with malware? I don't think so!

Yet another scareware scanner!

Response to previous comment elsewhere (0)

Anonymous Coward | more than 3 years ago | (#36277792)

In another post I stated

"The question here is why hasn't Microsoft made their Windows XP more secure by now? WinXP has been around for quite some time now, considerably longer than Win7, so they have had plenty of time to do it. Could it be that they are not focusing on XP security partly because doing so would make people less likely to switch to Win7?"

http://news.slashdot.org/story/11/05/12/210202/Win-7s-Malware-Infection-Rate-Climbs-XPs-Falls

Someone responded

"Yea they should keep making Windows XP more secure. And while they are at it they should keep patching the bugs in Windows 98 and ME as well."

My response to that is

As far as I'm concerned, so long as they own the copyright on it and so long as they don't release it under a CC license, which prevents others from working on it, they should be responsible for it. If they own it, it's their responsibility to maintain it, at least until the copyright expires or until they relinquish their ownership of it. After all, it's still licensed to their users by them, why should they continue to be the license holder if they aren't going to service it?

Re:Response to previous comment elsewhere (1)

kevinmenzel (1403457) | more than 3 years ago | (#36278310)

Because there is a guaranteed timeline for how long the product will remain serviced, and that was available knowledge when you bought the damn prodcut. AND it was EXTENDED past the original announced date.

Stop complaining about XP security. The Windows model has and likely always will be a series of paid upgrades in order to gain not only the latest features but also the latest security updates after a certain point. It's not like that was a recent change to their business model, that's how it's always been. Since Windows 1.0. So I mean, really, do suck it up.

Re:Response to previous comment elsewhere (1)

Anonymous Coward | more than 3 years ago | (#36278334)

First, they've made XP more secure. Compare SP3 with vanilla XP.

Second, Microsoft runs a business. If you're looking for a system developed under a cooperation model, there are many open source systems available for you to choose, although there are good reasons why almost nobody wants any of them on their desktops.

10 seconds, back in 2007...not true now, though. (4, Informative)

Shoten (260439) | more than 3 years ago | (#36277810)

One big thing has happened since 2007: Windows has started shipping with the Windows Firewall turned on by default and blocking inbound requests. Since network-spreading worms were the primary contagion factor back in 2007, this made a huge impact all by itself. Also, the growing prevalence of dynamic NAT in households (usually from the wireless routers that everyone has these days) also contributes to this.

10 seconds - a load of horse manure! (2, Insightful)

Retron (577778) | more than 3 years ago | (#36277886)

Those "Windows machines get attacked in 10 seconds" type things are utter rubbish. It was quoted at a recent security conference I went to and I interrupted the speaker about it as it's a blatantly false claim.

I have an unpatched Windows 2000 machine behind a cheap Netgear router. It's never once been attacked and it sits on the Internet 24/7 sending weather data to an FTP site. It doesn't get used for anything else and it's been up for four years now. The hard drive is too small to install the service packs (the machine is a P133 from 1996).

Furthermore, I don't know what ISP these people are using but I get a couple of port scans a day (at most) coming into my router. I'm on a static IP too.

It's my opinion that the 10-second claim (or 4 minutes, as in the one I heard at that security conference) was made up by a security vendor in order to hawk their products. The claim has then been spread over the years, Chinese Whispers style, until it's accepted as a truth.

Re:10 seconds - a load of horse manure! (1)

metrix007 (200091) | more than 3 years ago | (#36277896)

You seem like a tool. The 10 second thing was accurate for a long time, even if it was an average. What kind of tool interupts a speaker instead of asking a question at the end?

Re:10 seconds - a load of horse manure! (1)

Retron (577778) | more than 3 years ago | (#36277974)

LOL, cheers for that troll reply. I put my hand up rather than blurting it out, as the speaker said when they started that if you had a comment or observation to make then you should put your hand up and he'd ask you to share it with the others (if it sounds school-like, it was a schools security conferenec).

The 10 second thing has never been true in general - at least not since 1995, which is when I first went online. The only change I've seen over the years is that rather than a single probe at a port you might now get several at once.

Note that I'm not saying that security is irrelevant, as it's clearly very important. I just have an issue with that utterly rubbish "A Windows machine gets probed within x seconds/minutes" line. It's simply not true and never has been. (Well, unless x is 604800 or something!)

Re:10 seconds - a load of horse manure! (2)

jim_kaiser (1696460) | more than 3 years ago | (#36278250)

LOL, cheers for that troll reply. I put my hand up rather than blurting it out, as the speaker said when they started that if you had a comment or observation to make then you should put your hand up and he'd ask you to share it with the others (if it sounds school-like, it was a schools security conferenec). The 10 second thing has never been true in general - at least not since 1995, which is when I first went online. The only change I've seen over the years is that rather than a single probe at a port you might now get several at once. Note that I'm not saying that security is irrelevant, as it's clearly very important. I just have an issue with that utterly rubbish "A Windows machine gets probed within x seconds/minutes" line. It's simply not true and never has been. (Well, unless x is 604800 or something!)

Dude... get your facts right. Maybe your closet server is on a safe network already. My experience at my university around 2004, before some of the major SP's, was exactly in line with the 10 seconds rule. All you needed was to plug the network in and lo and behold, before you could think about updating your AV definitions! The only way was to make a CD of latest AV. Those were the days, when running a Windows machine was impossible without an AV and a firewall like Zone Alarm. Remember Zone Alarm?

Re:10 seconds - a load of horse manure! (1)

yuhong (1378501) | more than 3 years ago | (#36278050)

I have an unpatched Windows 2000 machine behind a cheap Netgear router.

That is because it is behind a router that is an NAT, blocking the attack.

Re:10 seconds - a load of horse manure! (1)

maxwell demon (590494) | more than 3 years ago | (#36278316)

I have an unpatched Windows 2000 machine behind a cheap Netgear router.

I highlighted the relevant poar for you.

No,. your Windows computer isn't on the internet. It is on the LAN. The LAN is connected to the internet. And it does NAT on the border. There simply is no way your computer could be accessed from outside.

why do i need a subject line? (1)

pyster (670298) | more than 3 years ago | (#36277926)

While I agree the numbers seem low, its not because 'computers are scanned when they go online'. How many people these days connect their computer directly to the internet? Most machines are behind nat, which while not a complete security measure any any means, it does off protect for out side scanning.

Infections mostly come from browser based and download/execute attacks.

Ignoring 3rd party crapware (4, Insightful)

Khyber (864651) | more than 3 years ago | (#36277980)

These are likely not so bad without exposure to Adobe and Java.

Let us be honest for once.

Information insufficiency (2)

Asmahuq (2208338) | more than 3 years ago | (#36278026)

I think lack of information can make a biased output about infection rate. So infected rate that is proved by this scanner gives us a little part of whole scenario. http://www.pranon.com/ [pranon.com]

100%! (1, Troll)

purpledinoz (573045) | more than 3 years ago | (#36278274)

I would argue that 100% of Windows machines are loaded with malware, called Windows.

Re:100%! (0)

Anonymous Coward | more than 3 years ago | (#36278312)

I would argue that you're a very young troll.

MS Safety Scanner reports details? (0)

Anonymous Coward | more than 3 years ago | (#36278298)

So, what TFA is saying is 100% of people who use the Ten Day Trial of Microsoft Safety Scanner, and windows update, have their information reported to Microsoft, who then in turn filters it and releases a vague portion of the information back to the public without details of what was actually detected, thereby creating FUD, and eliminating joe 6-pack from spinning any feedback at all.

virus collectors should not drink all of the 3 day old urine up, or pop all their fart balloons when using this scanner one must maintain a cloned backup of the virus collection beforehand in case the 10 day trial scanner should delete something and sneakily report it back for more statistic fud without being asked.

With secunia, a command line scanner, and process hacker, you can make it leave the virus collection alone, patch more than just the os, and spin a bit of feedback in a friendly volunteer community when need be, and maintain control of process's and resources down to their dirty basic details all while sipping your favorite drink in your underwear.

MSRT Installations (1)

RobbieCrash (834439) | more than 3 years ago | (#36278428)

Though it doesn't name it in TFA, I'm betting that this also has something to do with the Malicious Software Removal Tool [microsoft.com] that is a part of normal Windows updates. This is downloaded and installed and run by default if you let Windows Update do its thing without manually configuring which update to install and which to ignore.

When this is run, and it detects known malware, it reports the infection and the full version (Major release, SP number, and updates that are installed) to Microsoft and attempts to remove it.

Since it's run in quiet mode at installation, I'm inclined to believe that this 5% number is pretty reliable on Windows 7 machines, somewhat reliable on Vista machines, and of marginal reliability in regards to XP boxes. Due to the nature of Windows Update settings on those OS', ranging from On by default in Vista and 7, to on if you made it so in XP.

As a sysadmin that helps look after over 10,000 desktops and close to 500 servers, I'm even more inclined to believe that 5% is accurate. Compared to what I was seeing 5 years ago, Malware is /much/ less common now. Despite the fact that it's craftier. Windows users, while still apt to click on everything that they're asked to click on, have a harder time wrecking their systems due to the security subsystem changes that have been made in Vista and 7.

Is Windows secure? Fuck no. Is it infinitely better than it was when XP came out? Unquestionably, and anyone that disagrees with that is too busy trolling Microsoft to see that they have made significant improvements.

Re:MSRT Installations (2)

benjymouse (756774) | more than 3 years ago | (#36278542)

Though it doesn't name it in TFA, I'm betting that this also has something to do with the Malicious Software Removal Tool [microsoft.com] that is a part of normal Windows updates. This is downloaded and installed and run by default if you let Windows Update do its thing without manually configuring which update to install and which to ignore.

If you had bothered to read just the first 2 paragraphs of the computerworld article linked to you would have noticed this:

Microsoft cited that statistic and others from data generated by its new Safety Scanner, a free malware scanning and scrubbing tool that re-launched May 12.

And if you follow the link to the actual software, Microsoft Safety Scanner, this is the introduction:

Microsoft Safety Scanner

Do you think your PC has a virus?

The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software.

Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.

The Microsoft Safety Scanner is not a replacement for using an antivirus software program that provides ongoing protection.

So no, this is *not* based on reporting back from MSRT. This is reporting from a tool which is labelled as a diagnostics one-off tool (works for 10 days) for users who think that their computers *may* be infected. Drawing any conclusion about infection rates from a self selected population is stupid if not outright dishonest. Timothy who wrote the hit-paragraph about the time2pwn of an unpatched XP box is most certainly being deliberately dishonest as a slashdot editor should be able to display a minimum of common consideration.

As usual the headlines are skewed by editors trying to drum up clicks and thus advertising revenue. The *text* of the original article is actually fair to the point that this is a self-selection and never claims what is in the headline. The CW editor obviously took a little liberty on the title. The title used at the front page and on slashdot is even more skewed with no basis at all, not in the article and not in reality.

67MB ? (1)

Hamsterdan (815291) | more than 3 years ago | (#36278490)

And only valid for 10 days. No updates, have to re-download the whole thing to have the new definitions. It's *bigger* than most AV software...

What the heck MS ????

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?