Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Death To Virus Writers

timothy posted about 13 years ago | from the perhaps-the-buried-head-desert-ants-method dept.

It's funny.  Laugh. 237

davemie writes: "Looks like everyone is out to get the virus writers now!. But it sure is funny when a friend double-clicks on that latest virus and sends everyone in the company a copy. You get to slag him/her off for the rest of the week :-) 'Virus writers are the lowest form of life. AnchorDesk's David Coursey says we should put them out of their misery with a quick, permanent solution. Why waste time and money with due process?' I spent a total of an hour and forty minutes on hold making two different calls to the ISP which serves my mail. Both times the polite phone reps I eventually reached were shocked to find that there was an Outlook-borne nastiness filling up customers' mailboxes.

cancel ×

237 comments

Sorry! There are no comments related to the filter you selected.

Re:Better solution (1)

Anonymous Coward | about 13 years ago | (#64280)

Put virus writers and spammers into gladiator contests. Once they've whittled down to one surviving spammer or virus writer, shoot him.

If you want a real party, invite trolls too.

Lowest form of life? (3)

Anonymous Coward | about 13 years ago | (#64283)

What about MSCEs?

Better solution (5)

ptomblin (1378) | about 13 years ago | (#64286)

Put virus writers and spammers into gladiator contests. Once they've whittled down to one surviving spammer or virus writer, shoot him.

--

Use them for food...... ? (1)

bobalu (1921) | about 13 years ago | (#64291)

Whoops, guess I read that wrong, but hey it seems to work anyway...

Re:Hmmm. Might not take much, either. (2)

alumshubby (5517) | about 13 years ago | (#64298)

I can just see it now -- one Navy SEAL to another: "You mean we made it through BUD/S so we can snuff pimply-faced pencil-necked geek kids??"

Hmmm. Might not take much, either. (4)

alumshubby (5517) | about 13 years ago | (#64299)

I can just see it: A "Special Presidential National Security Finding" or some such that gets virus writing equated with more conventionally understood varieties of terrorism. Somewhere, late one evening, four black-clad operators slip silently into a house, shoot the dog with a suppressed .22, and disable the house security system. Down the hall, in a bedroom, a teenage boy is working on uploading his latest bit of MS Word or Outlook hell. The plastic bag full of ether-soaked paper towels descends swiftly and soundlessly over his head. His body is never found...

Re:wrong problem (5)

astrashe (7452) | about 13 years ago | (#64300)

I agree with 90% of what you're saying here. But I believe MS deserves special credit for the virus plagues we've seen.

Why? Because the vulnerability of MS machines to viruses is a direct result of business considerations colliding with technical/security ones, and the business considerations rolling over the others.

MS's whole schtick is to leverage dominance in one product to another. That's why they're so into integration. It just doesn't make any sense to have an email program automatically open a file that someone sends you -- at least not for many kinds of files. And it doesn't make sense to have complex vb macros in word processor documents.

Think about how much pain office macro viruses have caused, and how little benefit the average person gets from them. One user in 10,000 probably writes vb code to manipulate office documents. I'm not saying don't make word scriptable -- let people program it through COM. But that would put Delphi on an even footing with VB.

Despite the flames you read here, MS has some of the smartest tech people on the planet. Plenty of people inside of MS knew it was stupid to make an email system that would run programs that come in through the email. People outside of MS complained about it from the start. But the business logic won.

As far as I'm concerned, they don't get nearly enough grief for this stuff. It's different from a buffer overflow in IIS. That's an honest mistake, and you're right, there are plenty of those in Linux.

MS's decision making process about security is corrupt. You can see it in these macroviruses, and you can see it in their lame explanations for why they're pulling Java out of the OS. The security policy dances to the tune of the business logic people. They don't care about the billions it costs their customers.

I know they fixed the outlook hole. And I would even say that they have the right to leave java out, as long as OEMs have the freedom to put it in. (Whether or not they really do -- contract aside -- remains to be seen. If I were at Dell, I'd be afraid of po'ing MS, no matter what their press releases say.) They are getting better on security. After years of outlook viruses they plugged the hole -- for the small percentage of users smart enough to dl the patches.

Let's roast them for their real problems. Because when the press gets bad, they do respond, and that will make the world a better place. As everyone who uses the product knows, the MS-SQL Server story was BS, a cheap shot. This is proof that there are still plenty of fair shots to go around.

Re:You'd think outlook would filter this by now. (2)

Griim (8798) | about 13 years ago | (#64301)

They do have this, however, you have to upgrade to Office Security Patch 1/1a, and then possibly apply Office Service Pack 2. However, most people never bother doing this, and their website doesn't exactly make it easy to obtain these (let alone figure out what exactly it is that you need).

Re:Another reason to use Linux? (1)

gorgon (12965) | about 13 years ago | (#64306)

A: Because Linux does not run a stable, feature-complete Internet browser You haven't tried mozilla recently, have you? Nevermind netscape 4.7x and others which are both stable and feature-complete for reasonable definitions of the term.
or office suite;
StarOffice is overly feature complete. Many of the other free alternatives are also feature complete for the average user.
a full-featured version of AOL Instant Messenger;
What is Gaim lacking that you need? I don't use IM, so I wouldn't know.
Quicken or a feature-complete variant thereof;
What features that you need are missing from GNUcash or Kapital?
any of the games that have come out in the last six months;
Hasn't Tribes 2 been out less than 6 months?
programs to interface with many of the peripheral devices that I bought.
Any specific examples? Support for new hardware in Linux is probably as good as in Windows 2000 or NT.

--
I hope we shall crush in its birth the aristocracy of our monied corporations ...

Take the bullets out of the gun? (2)

Wee (17189) | about 13 years ago | (#64310)

Or wear a bullet-proof vest? I'd rather not get shot than try to protect myself during a shooting.

Why not just stop using Windows and/or (especially) Outlook? Keep trying to protect yourself against MS products, you have a life-long uphill battle ahead of you. Jeez, if you can't give up Windows, use Eudora. It works better than Outlook and it's reasonably safe.

I can't believe people are still willing to get hit with this kind of crap over and over and over...

-B

Short skirts? (1)

Pope (17780) | about 13 years ago | (#64311)

That'd be a damn shame if she had no BUTT as you say... :)

Re:Liable (2)

Pope (17780) | about 13 years ago | (#64312)

I personally think it's much worse when some group of idiots declare war on abortion-providing doctors in the name of "God" and start killing them.

Person(s) responsible for virus-writing should be held in jail for an amount of time to make them think twice about it. But actual killing is silly, but makes for humourous articles.

Re:You'd think outlook would filter this by now. (2)

Brento (26177) | about 13 years ago | (#64315)

You would think that MS would have put in something to stop this by now. Maybe a "are you really sure?" "are you really really sure?" type nested dialog boxes...

Office XP goes even further than that. I was thrilled to find that the default installation completely blocks a lot of types of attachments, including exe's, vbscripts, etc. You can't even open them if you want to! The only way around it is to edit the registry. Now, don't get me wrong, I don't want the junior users editing the registry either, but at least it's a step in the right direction.

On a related note... (2)

Hobart (32767) | about 13 years ago | (#64318)

AnchorDesk writer David Coursey probably also advocates that Ralph Nader shouldn't have gone after Ford about the Pinto, and instead should have written an article called "Death to Bad Drivers who Rear End People!"

Give me a break. It's not the virus writers that are the problem -- it's a shortcoming of the infrastructure in place that allows them to happen. We've got to focus on working to fix that, and it'll take time to do.

If the new Ford Focus has a remote keyless auto-starter that can crash and leave the car unstartable by any kid with an RC car controller, who's at fault then?

(For that matter, if someone started a chain letter telling people to first mail copies to 10 of their friends and then to pour a bag of sugar into their gas tank to reduce emissions, who's to blame then?)

"The first fact to face is that UNIX was not developed with security, in any realistic sense, in mind; this fact alone guarantees a vast number of holes. (Actually the same statement can be made with respect to most systems.)"
-- Dennis Ritchie, 1979

Re:The Armys' response (2)

wiredog (43288) | about 13 years ago | (#64320)

It's an official use. You'd be surprised how many .mil people, and contractors, read slashdot. They need to know this.

That's my story, and I'm sticking to it.

Re:Hmmm. Might not take much, either. (2)

wiredog (43288) | about 13 years ago | (#64321)

It is interesting to note that virii and trojans are a part of cyberwar. So a Presidential Finding sending out the assassins is not that far fetched.

The Armys' response (5)

wiredog (43288) | about 13 years ago | (#64322)

This came recently...

From: NISA CIRT

Sent: Thursday, July 19, 2001 8:04 PM

Subject: CIRT ALERT: Web Traffic Limited to Military Sites Only

** Unclassified - For Official Use Only **

As of 1900 hours, 19 July 2001, the Joint Task Force-Computer Network
Operations (JTF-CNO) has ordered that the DoD gateways be disconnected
from the Internet on TCP port 80 (protocol http) from now until a time to
be announced. The reason for this outage is the proliferation of the Code
Red worm.

All traffic between military installations will continue without
interruption. However, access to domains other than *.mil will be
limited. This restriction means that connections through a commercial
ISP, such as AOL or Earthlink, will not be available. Your military
organizations web-based Outlook will not be accessible from a commercial
ISP. Furthermore, if you are connecting from your office, you will not be
able to access *.com, *.net or other non-mil domains.

Any questions regarding this outage should be directed to the agency or
service CERT or JTFCND.

** Unclassified - For Official Use Only **

Not /just/ death for virus writers. (2)

devphil (51341) | about 13 years ago | (#64323)


Not even /just/ death for virus writers /and spammers/.

Instead, death after a year of torture. Recorded on film, and shown to teenagers on the first day we give them access to Visual Basic. Sorta like driver's ed class.

Man... (5)

Palshife (60519) | about 13 years ago | (#64325)

Viruses have just lost their mystique. I remember my Dad telling me about Michelangelo back in the 80's. I remember being so impressed that something so devilish and evil could really exist.

I suppose that's why I became a programmer.

No, wait. It was for the babes.

Freakin script kiddiez.

Re:punishment... (1)

vrt3 (62368) | about 13 years ago | (#64327)

Someone always has to be first. If the first 42 don't post and/or get killed, you are the first and you will get killed. Sorry, it was nice to know you.

Re:The real issue (1)

cdrudge (68377) | about 13 years ago | (#64330)

Sadly though, I have co-workers who whould write a sentence similiar to that line.

Sircam victims violate the DMCA (5)

bwt (68845) | about 13 years ago | (#64331)

The DMCA bans distribution of TPM circumvention devices absolutely, without regard to knowledge or intent. It treats circumvention devices on par with stolen property in this regard. Since Sircam forwards one file off of your computer it circumvents login and read permissions that control access to a copyrighted work.

Thus everyone who executes (falls victim) to the sircam virus is guilty of a 1201(b) violation for distributing circumvention devices.

Obviously anyone who receives the trojan email has a cause of action, but actually anyone who uses the TPM in questions does too. That is, everyone who uses a computer that is susceptible to sircam can sue anyone who fell victim to it (in addition to the person who wrote it).

Anybody know anyone at the MPAA, RIAA, or Adobe that got hit?

Re:lame... (1)

pogle (71293) | about 13 years ago | (#64332)

Yup, I agree. Poor quality, low budget humor, stealing badly from Swift's writings, glossed over some political commentary on the death penalty. Must be nice to have such a big audience to bitch to, most of us just have coworkers and family.

Don't get me wrong, I appreciate lots of humor, including a lot of bad movies and such. I have a soft spot for a lot of bad movies and books. But this one didn't even evoke a grin, just a disgusted shake of the head.

Whatever (1)

Jailbrekr (73837) | about 13 years ago | (#64333)

Don't kill the virus writers. Kill the people responsible for writing "productivity" software that can be easily exploited by the virus writers......

God Bless Microsoft!!! (5)

toupsie (88295) | about 13 years ago | (#64342)

If it weren't for the shoddy products released by Microsoft and the people that abuse the holes in those products, I wouldn't be able to put food on my table. I never get upset when a new virus/worm or security hole is found in Windows or Outlook. To me its a happy day because I get to hear my favorite sound, "Cha-Ching!".

The last thing in the world I want is Linux/BSD/Mac OS to become the mainstream operating system of choice. With Microsoft ruling the roost, I will never be poor. Instead of punishing these virus/worm writers and the script kiddies, I would like to erect a monument to praise their work. Without them, I would be destitute.

Another reason to use Linux? (1)

rsmith (90057) | about 13 years ago | (#64343)

Q: Why do you use Linux?

A: It does not run Outlook.

Should be a requirement for a reliable OS, really :)

Careful... (2)

DrCode (95839) | about 13 years ago | (#64347)

...I know this is supposed to be funny, but what if that teenager is just working on his open-source MP3 player, and his name was phoned in by one of his classmates who didn't care much for computer geeks.

Or what if MS tries to convince the public that Linux is a primary hacker tool, and gets it declared illegal. They already have been making noises about it being communist and un-American. If you think the notion of the police breaking in your door to confiscate your Linux system is preposterous, try growing a couple pot plants in your living room.

Guess you need a gooder spellchecker (1)

sparcy (98419) | about 13 years ago | (#64348)


And my advice to you is this: Learn to write more
gooder, as this message makes you look like a dope, and please kill yourself.
ummm, and this person if criticizing the writer of the virus? Guess someone needs some gooder spellchecking software.

Re:wrong problem (2)

AirP (99063) | about 13 years ago | (#64351)

What? That's like saying... she was wearing a short skirt, she had that rape coming... And the thing of leaving the door open.. you could also say... we'll you didn't have enough security on that door, you only had 5 padlocks on it... that's easy enough for a burgular/hacker to get thru. The thing is this... it isn't their property... so they shouldn't be messing with other people's stuff. Hell, if we went with your logic... I could train a monkey to just go and open unlocked windows... steal everything and it's all fine because the window wasn't locked. Damn... no matter what.. IT ISN'T THEIR PROPERTY... NO IFs ANDs or BUTTs!

Is a virus worse? (1)

bill_kress (99356) | about 13 years ago | (#64352)

Is a virus that starts some second process on your computer actually so much worse than a website that pops up hammer-the-gopher adds?

I don't have a problem with the viruses, I can avoid them. It's sites like the authors that start new advertising popups for every page I visit that bothers me.

How is this not a virus? It's just not persisted.

So, can we kill these guys too? Please???

Virus Writers (2)

cybercuzco (100904) | about 13 years ago | (#64353)

Wouldnt this mean wed have to Kill Linus? After all, Mundie says that the GPL is a "viral" Liscense. Logically, everyone who writes under the GPL is writing viruses, and therefore, a witch! Throw her into the pond! ::shakes head:: sorry, MP flashback.

wrong problem (5)

egomaniac (105476) | about 13 years ago | (#64356)

Tempting as it might be to go after the virus writers when something like this happens, the real problem is the buggy insecure code which lets it happen in the first place.

I'm not just picking on Microsoft - open-source projects have had their fair share of security holes as well.

But the fact is that Outlook, ISS, and various other products didn't even have security as an afterthought, it was just no thought at all. The charge shouldn't be "kill the virus writers", it should be "stop buying unsecure software".

After all, if you left your front door open for a week, and someone made off with your stereo, I'd argue that you had it coming. I'm not sure viruses are any different -- we just need to secure our damned software.

Re:Man... (2)

jgerman (106518) | about 13 years ago | (#64366)

That's cuz these outlook things are not really viruses. Coding and examining viruses in the eighties was a good way to learn to code. It took skill and knowledge to fool around with them. You learn alot about assembler writing a second virus to kill off the first.

He is obviously an idiot with wreaked logic. (2)

aralin (107264) | about 13 years ago | (#64367)

He is preaching for clearing the gene pool and asks for bombing universities and killing hackers instead of retarded adults who even commited some serious crimes. This seems to me like a good contribution to Darwin theory.

Economic crime? (2)

aralin (107264) | about 13 years ago | (#64368)

When the viruses cause so much problems and economic damage, why not punish in first place the company that came with operating system that created the whole anti-virus business and keep most people using their wrecked OS in places where such virus can result in economic harm?

And why do not kill the admis that deploy such OS anywhere where its infection based on core insecurity of the operating system can cause economic harm?

Re:rehabilitation may sometimes be possible (1)

notfancy (113542) | about 13 years ago | (#64370)

A classic example of the cart not knowing how to pull the horse. I'd rather kill the writers of that filthy email client, who in their infinite wisdom decided that putting VBScript and attachment autorun on it was a Good Thing

Re:wrong problem (1)

Master Bait (115103) | about 13 years ago | (#64371)

Right. I've got Linux on this side, and a Mac on that side. Why should I shed a tear for those Microsoftian victims?

They're just the self-perpetuating IT underclass. They have their little virus problem, we don't. We get things done, they're busy reinstalling their system.

Some are at the top of the pyramid, and the unwashed masses are at the bottom.

Aside from that, Microsoft is (maybe) going to face a REAL problem selling their new .NET Centralized Virus Repository & Enabler infrastructure to a millions of scared clients. Surely there is a Horatio Alger story in there somewhere for those who see the light.


blessings,

Let the virus writers -stay- this stupid. (2)

pi_rules (123171) | about 13 years ago | (#64376)

As was mentioned in another aticle on Slashdot the other day in the comments (forget which article it was attachd to): Let the virus writers stay uncreative.

Really... you don't want this to turn into a challenge. Let things stay this easy to write; you'll only end up infecting the people silly enough to double-click random binaries from their Outlook client.

There's no good reason that they can't implement some really creative worm that would work cross-platform and cross-client. Yes, it would be hard but you don't want a worm running out, downloading C compilers for the specific platform, compile worm, link itself, run as a background process, and go on finding hosts around it to infect. Make the bugger look for common Linux services holes, email it self to people in your inbox who run Outlook (Just look at the message headers)... infect an IIS webserver nearby, begin propogating... then unleash some unholy attack to DoS networks everywhere.

Nope... I'd rather we just left it nice and easy for them to write a trojan that's Win32 only, and requires human intervention to activate it.

Death? Certainly! (2)

RevAaron (125240) | about 13 years ago | (#64378)

My my! Our little timothy spent an hour and forty minutes on the phone! SHEESH! That certainly does warrant taking someone's life. I mean, just think- I bet there were people who had to spend *ghasp* 3 HOURS! on the phone! Someone's gotta tell me why this guy isn't dead already! Let me at 'em! Man, I had to wait in line at the store the otherday- anyone want to join me in a mob lynching?!

David Coursey is a fool (1)

bildstorm (129924) | about 13 years ago | (#64381)

I subscribed to Anchordesk back before David Coursey took over. At that point it was a reasonable publication that had some neat tips and such.

David Coursey writes his Anchordesk stuff every day with lots of extremely pro-MS and dummied down PC tips. He thinks PCs only run Windows, so you can tell his grand intelligence. With the way he talks about it, I'd swear he used to be a Mac user (Mac vs. PC) who was then brainwashed by MS to talk about PCs.

Anyway, I don't generally have any problems with receiving viruses. My friends aren't that dumb. Most use webmail, Eudora, or Linux. I have Outlook because I've used it in an office situation, but I'm not really interested in the latest fake pic of Anna Kournikova or whatever.

Can we shoot idiots like David Coursey and his friends instead? Running a computer is NOT like taking an SAT (which isn't hard either).

Virii != skill (not anymore anyway) (1)

M_Talon (135587) | about 13 years ago | (#64383)

I remember back in the days when I first started messing with computers. A virus back then was a nasty piece of work that lived on an EXE file or in the boot sector of the disk. It jumped from program to program, or disk to disk, and could wreak all sorts of havok to the unsuspecting person. They were tiny bits of code with a purpose, engineered especially for the job at hand. It didn't matter what mail program you were running. Some of the things attacked on the first read of the infected disk in the floppy drive. While a certain level of gullibility was required, it certainly took a lot less dumbness to pass a virus around (don't have updated AV software and pass an infected file on disk or over a network).

Nowadays, most of the virus attacks are merely variations of the same thing. Hide an attachement in email and let it do its damage by mailing itself to the world via a particular mail program. They even make kits for people to download to mutate these worms (I hesitate to put them in the same context as the virus of old). It takes no programming skill to make one, and requires such a high level of ignorance on the recipient's part. There's no glory in it.

"Look at me, I fooled a bunch of ignorant MS users into spreading my hacked version of ILOVEYOU with a header of Britney Spears on it"

Yeah, real cool. That's why everyone calls them "kiddies". You want real respect, make a boot virus or something like that. Something that doesn't require the user to be a total technophobe to spread. Then you might get an ooh or an ahh.

lame... (2)

No Such Agency (136681) | about 13 years ago | (#64386)

What a pointless piece. We're all frustrated about how quickly virii can waste time and money, abetted by dumb users, but death? Silly and obnoxious. It's not like many virus writers are that different from your average hacker: they are not gang raping babies, or beating up old ladies for their social security cheques. They are writing code! Granted, it's the code equivalent of spray painting obscenities on public buildings, or slashing people's tires in the parking lot, but I seriously doubt a computer virus , trojan or worm has ever caused a death or serious bodily injury (I don't count bruised fists from pounding on desks, or pulled-out hair here). It's vandalism, just of a type that's very hard to police and prosecute.

Re:Linux as an antivirus tool. (1)

Sonicboom (141577) | about 13 years ago | (#64392)

Xibby wrote:

It's been said by many many times: Linux makes an excellent antivirus tool. Why? Well, because...it's Linux.

What kind of logic is this??? Linux (like any OS) is susceptable to virii. It's just that the people writing the malicious code are designing their app to work on MS Outlook because it's a common mail client. If there was a growing TREND towards the use of another mail cleint, they'd find the exploitables of said client and write their code to accomodate the exploitables.

How about taking it a step further and having you Linux box scan all incoming e-mail for virisus? See Amavis and others.

Platform aside - whether you're using Linux/BSD/*NIX, NT or Netware... whatever... proactivity of the network admin is the key. A proactive admin would have scanners in place and have libraries updated on a frequent basis to help stop these incidents from happening.

Unfortunately, most companies will not give money to a budget for a PROACTIVE network admin... but they're the first to CRY when their PC's been whiped out...

It's all about knowing your operating environs and being proactive... not about just putting linux on an old PII and using it as a mailserver. If an admin doesn't know squat about Linux and puts an "out of the box" Redhat w/Qmail install online - they'll have more problems to worry about than a virus.

Its not the virus's fault (1)

jessh (144140) | about 13 years ago | (#64395)

I know it cant acount for every situation but if people would just put some thought into the design of their mail clients and operating systems then there wouldnt be much these virus's could do. If you dont give random applications the ability to screw up your system then you dont really even need a virus scanner. That is why i run a real Operating system (and a real distribution of it for that mater SLACKWARE!!!!!!! (sorry i jsut had to use this chance to shamelessly promote my favorite distro))

Death for this guy (2)

JonesBoy (146782) | about 13 years ago | (#64398)

Funny how this article comes up with a wonderfully informative popup for an X10 camera. I vote death to popup hosters!

Re:Viruses keep the economy going (1)

Kandy Neko (163489) | about 13 years ago | (#64402)

Well, sometimes that makes me wonder is who writing most of these viruses and how much they get paid.

Flag Your Friends....Write Viruses (1)

dthable (163749) | about 13 years ago | (#64403)

At least I know which friends I will not accept disks or files from. ;o)

Re:You'd think outlook would filter this by now. (1)

Meech (166762) | about 13 years ago | (#64407)

Outlook 2002 is so strict now, that remotely syncing a palm pilot is really hard to do. You have to accept a number of "do you want to do this" type messages, when before you could go on vacation and dialup to sync your palm, now someone has to be at the machine to accept the sync. This is a big pain in the ass.

The fact that ".exe" can not be opened is a good thing for the general idiot MS Office users, but to the advanced user it is a little too much.

"Viruses" can be funny... (1)

EvlPenguin (168738) | about 13 years ago | (#64408)

Here [slashdot.org] .

While not a "virus", that worm did provide a great amount of entertainment. Stupid people should not be allowed to use computers. But if that was so, Microsoft would still be writing code for Amigas.
--

The logic doesn't work... (1)

FortKnox (169099) | about 13 years ago | (#64409)

If you look at the logic of the article, it talks about the hours and money lost by the viri (even deleting the email costs money). Now if you think that time and money are reasons to kill, then /. should be removed from the 'net. Think about it. The millions of nerds that spend hours reading it at work. That's some serious time and money. Economic tragedy? Nahh....

--

Re:You'd think outlook would filter this by now. (1)

txsable (169665) | about 13 years ago | (#64410)

They do nested confirmation dialogs with Win32 installation programs. It shouldn't be too hard to implement the same thing for other protections! Just make sure that at least one of the boxes defaults to "NO" or "CANCEL"!

Re:You'd think outlook would filter this by now. (2)

MrBogus (173033) | about 13 years ago | (#64411)

Ignoring the controversial subject on whether blocking executable attachments is a good idea, I have to say the way that they implemented the "Object Guard" on the Outlook API is pretty lame.

You get this message that "Some unspecified program is trying access your address book" prompt, whether it's a VBScript virus or you are trying to use routing features from MS Excel etc. Meaning there is no way to have trusted code which actualy does office automation features without annoying the users to hell and just giving them another prompt to ignore. I figure the Virus Writer club will be back to their old tricks of sending Word or Excel-based viruses pretty quickly.

Not that it really matters -- The only think that "Melissa" and ilk prove is that a 12 year old can write a mail worm without warezing a copy of VisualBasic. It's not like reading the address book off disk or sending mail directly using MAPI or even the winsock is too difficult for the advanced 14 year old.

Re:Take the bullets out of the gun? (1)

Compenguin (175952) | about 13 years ago | (#64412)

Or just dont execute attachments. 90% of these "viri" have to be manually executed and are quite odvious that they are viri.

-Compenguin

Death to virus spreaders (5)

isomeme (177414) | about 13 years ago | (#64414)

I can understand where Coursey is coming from, certainly. Virus (and worm) writing is a blatantly antisocial activity with huge costs and light (if any) penalties, and it would be viscerally satisfying to shoot a few of the perpetrators.

Oddly, though, with this SirCam outbreak, I find more of my wrath landing on those who help spread the stupid thing. Every single one of the hundreds of emails I have received thanks to SirCam resulted from some otherwise intelligent person being incredibly negligent about network security. I have spent significant amounts of my own time paying for their lack of caution.

I have taken to sending a standard reply to each person from whom I receive SirCam, pointing out that connecting to the net without proper precautions in place is both silly and rude. I'm hoping to trigger a shame response that will motivate people to think about security enough to avoid being so rude again.

If we can foster a culture in which abetting the spread of a virus or worm though lax security is considered a serious social faux pas, we may have be able to contain them better. People are motivated by considerations of power, prestige, and group acceptance; push those buttons properly, and you can sculpt behavior as you will.

--

Re:Guess you need a gooder spellchecker (1)

IvyMike (178408) | about 13 years ago | (#64415)

"Oh, it's a joke. I get jokes! Bwahahahahaha!" -- Homer Simpson.

Re:David Coursey is a fool (1)

CalcMan (179244) | about 13 years ago | (#64416)

Damn straight, if people are that stupid they deserve it. and the SAT really isn't that much of a challenge. Basic algebra and geometry. and a computer well that is just point, click, crash, BSOD

Killing is too easy... (2)

Nos. (179609) | about 13 years ago | (#64418)

That doesn't make them suffer, we should force virus writers (at least those that release them) to work tech support at AOL!

Virus Writers? (1)

Archangel Michael (180766) | about 13 years ago | (#64419)

Windows is a virus. It infects everything. I wonder what this means for Bill Gates?

Viruses and bad software (4)

Alien54 (180860) | about 13 years ago | (#64420)

y'know, between viruses and bad software, Microsoft has made many consultants very well off.

Which is part of the problem. People who sell folks on bad solutions because it also spells job security

;-)

Check out the Vinny the Vampire [eplugz.com] comic strip

Its all getting easier (1)

haplo21112 (184264) | about 13 years ago | (#64421)

You think its bad now, Just wait, I have been looking at the asp.net stuff, and C#...wow the nastiness that stuff is going to introduce when XP hits along with this stuff. But don't worry, M$ took out Java becuase it could spread Virus's. I believe though that more fault lies in people and companies that are not running proper virus protection, and don't have proper policies. Half the nastiness that gets in most companies could be stopped if the companies would just have the servers scan for viruses and delete the attachments that are infected before they reached the users. Still further they would be stopped by enforced Virus protection on the desktop. The biggest purveyor of Viruses that is almost unstoppable is the people that have Outlook setup to grab their email from thier ISP. Our servers, and most virus protection never have a chance to look at that mail before they click on that infected document. SHUT OFF the DAMN SMTP port don't let anyone retreive mail from anywhere but the approved company servers. Don't een get me started on the Hotmail/Yahoo, webmail menace, they should get sued if they let a known virus reach your mailbox.

Viruses keep the economy going (1)

NixterAg (198468) | about 13 years ago | (#64426)

If it wasn't for viruses, all of my company's networking guys would have no clients to service. Faulty software and insecure networks are the bread and butter of the industry.

punishment... (4)

dfenstrate (202098) | about 13 years ago | (#64431)

is the same punishment strong enough for first posters?

The real issue (4)

BigumD (219816) | about 13 years ago | (#64436)

Don't bother killing the writers. Just the people who work in your company who really think that their friends would write them mail with " Hi Friend I need you help" as a subject line.

Viruses are bad (1)

canning (228134) | about 13 years ago | (#64441)

I'm still trying to open this loveletter and see Kournikova naked. I hate Outlook.

Linux as an antivirus tool. (2)

Xibby (232218) | about 13 years ago | (#64444)

It's been said by many many times: Linux makes an excellent antivirus tool. Why? Well, because...it's Linux. But really, because of it's immunity to viruses in the first place. (Let's ignore the spread of things like ramen as they work differently than Outlook Transmitted Diseases (OTDs))

Linux as you mail server? Check out Enhancing E-Mail Security With Procmail [impsec.org] to send this nasty crap to /dev/null automatically. If the user can't run it in the first place...

How about taking it a step further and having you Linux box scan all incoming e-mail for virisus? See Amavis [amavis.org] and others [freshmeat.net]

If you're using Linux as your file server, invest in some linux based antivirus software. Let linux scan away at your uses Windows files and keep them virus free using an OS they can't infect in the first place.

If you're a network admin, and you don't take counter measures from preventing your users from infecting themselves and others, your a part of the problem as the virus writer. Educate your users, use counter measure that prevent your users from getting the virus in the first place, etc. etc. etc.

rehabilitation may sometimes be possible (4)

tim_maroney (239442) | about 13 years ago | (#64447)

If we'd killed Rich Skrenta [skrenta.com] , we'd never have had the Open Directory Project [dmoz.org] .

How many virus writers go on to live normal, productive lives? How many never write another virus?

(Ah, to heck with it. Kill 'em all and let DoS sort 'em out!)

Tim

Hi! How are you? (1)

Bonker (243350) | about 13 years ago | (#64449)

Hi! How are you?

I send you this goatse.cx link in order to have your advice

See you later. Thanks

Attachment 1: http://www.goatse.cx [goatse.cx]

Juvenile mentality: (3)

Bonker (243350) | about 13 years ago | (#64450)

From the article:

Perhaps if we let a certain former Texas governor order the killing of virus writers, he might refrain from killing retarded adults, people who committed their crimes as juveniles...

The real kicker here is that most of the viruses out there have been created by... you guessed it... juveniles.

They're juvenile in mind if not in body at least...

There's a reason we call these people 'script kiddies'. Steve Gibson, of grc.org fame beleives that the k1dd3s DOS'ing his site are no older than 12 or 13. I would imagine that most of the people who downloaded this virus creation kit are just about as old.

Re:The real issue (3)

shyster (245228) | about 13 years ago | (#64451)

Sadly though, I have co-workers who
whould write a sentence similiar to that line.

I'm not surprised.

Re:The real issue (1)

ec_hack (247907) | about 13 years ago | (#64452)

Remember that at most places it is company policy that: All your email are belong to us.

Re:"Viruses" can be funny... (4)

H310iSe (249662) | about 13 years ago | (#64453)

no, really, they can be funny. I think virii (I insist that's the plural...) have a couple useful and worthwhile reasons for being. First, a friend in UChicago law school was in a large lecture with the 9th fed circuit judge as prof., big, somber lecture hall. One person on their legal-eagle laptop had apparently been checking email ... in the middle of class their laptop volume was turned up full blast and a recording started looping

'hey everybody, I'm looking at porn!'

I think that kind of virus is a high form of human pathos and should be encouraged, always.

Now I've had to deal with weeks and weeks worth of anti virus and anti anti virus (yea, McAfee is worse than the virii sometimes) crap but virii remind all of us that computers are, well computers and we're, well, the people. Do you understand? They reinforce the roles so often blurred or ignored, we must be the responsible, semi-cognizant ones in the relationship, we can't rely on them to think for us, etc. Basic hacker ethos. Virii are like big snow storms (or rolling blackouts), they shut things down, disrupt the normal clean flow of days and power and make people look around their momentarily decontextualized surroundings and maybe, think with some perspective.

Besides, with out the Anna virus we'd never know how many top executives are *eager* to look at tennis porn. Right?

I'm actually serious. Yes, they suck and yes they're mostly written my morons and yes PE infectors at least require a modicum of computer knowledge and yes destructive and yes. But I'd rather have them, at this stage in the game.

Re:The Armys' response (1)

rampant poodle (258173) | about 13 years ago | (#64460)

I think you will find that all traffic was stopped Thursday night. By sometime Friday only incoming HTTP requests were blocked. You can still read Slashdot from work but you can't get to your Exchange server from home.

Re:Kill BILL!!! (1)

WeirdKid (260577) | about 13 years ago | (#64463)

The REAL VIRUS is unlimited root access in Windows 95/98/ME.

... which, by the way, is soon to make an unwelcome comeback to a wider audience in XP.

I've got a better idea!!! (1)

El Camino SS (264212) | about 13 years ago | (#64464)

Don't encourage anyone to make viruses, genius. You need to get a grip, and write a program that actually does something other than make mayhem. Like hack Tribes 2, and make all of the players look like Kournikova.

Re:The Armys' response (1)

Dolly_Llama (267016) | about 13 years ago | (#64465)

** Unclassified - For Official Use Only **

What part of FOUO did you not understand?

Re:Lowest form of life? (1)

Nykon (304003) | about 13 years ago | (#64471)

BAHAHA yes Id have to agree on the evolutionary scale virus programmers are still much higher then MCSEs

Virus writers vs Spammers (1)

Nykon (304003) | about 13 years ago | (#64472)

I think Spammers are much more needy of death then virus writers. I rarely get a virus in my inbox and if I do I think the nakedgirl.jpg.doc.bat extention is a dead ringer not to d/l it:) Besides I have been ummune to most of these "viruses" becuase if I have to use a WIN PC I use netscpae anyway, and use Pine or Netscape on my Solari or Linux boxes. Nykon

Re:The real issue (1)

TheAlmightyQ (306969) | about 13 years ago | (#64473)

Sadly though, I have co-workers who would write a sentence similiar to that line.

Re:Guess you need a gooder spellchecker (1)

tb3 (313150) | about 13 years ago | (#64475)

Flip the sarcasm bit, and re-read it.

Re:rehabilitation may sometimes be possible (2)

tb3 (313150) | about 13 years ago | (#64476)

Yeah, I read somewhere that most virus writers stop and become more civilized when they discover girls....

Re:Viruses keep the economy going (2)

tb3 (313150) | about 13 years ago | (#64477)

I guess I'm not the only one who noticed the correlation between McAffee's IPO and the proliferation of virii.

Re:wrong problem (2)

tb3 (313150) | about 13 years ago | (#64478)

let people program it through COM. But that would put Delphi on an even footing with VB.

It is a COM object; I've programmed Word, Excel, and Outlook through the COM interface. But you still need some kind of record-and-playback keystroke macro system for eend users. Those things have been around since the DOS/WordPerfect/Lotus 1-2-3 days

MS has some of the smartest tech people on the planet

I need to see some proof of that one. Their top people have been 'retiring' in droves, and the major incentive to working at Microsoft has always been the stock options. Now that the stock isn't doubling every year, and the pay is still way below industry average, I wonder how many really bright people are left.

the MS-SQL Server story was BS, a cheap shot

Read the supporting documents, look at the code samples and the responses from the Microsoft tech support person, then come back here and say that. They screwed up, big time.

Re:wrong problem (2)

s20451 (410424) | about 13 years ago | (#64486)

Tempting as it might be to go after the virus writers when something like this happens, the real problem is the buggy insecure code which lets it happen in the first place.

Right! Attack the problem at its source, and kill all programmers. That'll solve both problems, since virus authors are programmers by definition.

The charge shouldn't be "kill the virus writers", it should be "stop buying unsecure software".

So since (as you yourself argued) all software is prone to security holes, we should stop using all software. Then destroy all computers and return the world to an agrarian utopia. Then I'll solve all my security problems with the customs devised under the feudal system -- with a mace to the head.

You'd think outlook would filter this by now. (4)

Opusnbill7 (442087) | about 13 years ago | (#64488)

You would think that MS would have put in something to stop this by now. Maybe a "are you really sure?" "are you really really sure?" type nested dialog boxes... :-D

Okay, you caught me. (2)

alexmogil (442209) | about 13 years ago | (#64489)

I'll stop writing viruses, okay? Just don't yell at me any more. Alex

Liable (1)

Dutchmaan (442553) | about 13 years ago | (#64490)

What happens when some nut actually goes out and kills some virus writer and sites that article as the reason why he did it...???

Seems to me in this day and age when commericial entities can be held responsible at least in part for criminal acts based on their content, that this article even made it past the editor.
--

Priorities... (1)

4mn0t1337 (446316) | about 13 years ago | (#64491)

Why devote energy to hunting down and killing virus writers when there are still so many spammers left to cull?

______

What's ironic is that... (4)

kypper (446750) | about 13 years ago | (#64492)

many virus writers are dumb enough to put their e-mail in the stupid code.

Screw 3...

Kill BILL!!! (1)

andres32a (448314) | about 13 years ago | (#64493)

Dont kill the virus writers... kill BILL!!! He came up with the non-user all root Desktop. If windows were only like linux (user permisions)there is no way in earth that my stupid, stupid, stupid sister could open a virus and actually do any damage with it...

The REAL VIRUS is unlimited root access in Windows 95/98/ME.

Re:The Armys' response (1)

Dutchie (450420) | about 13 years ago | (#64494)

It's an official use. You'd be surprised how many .mil people, and contractors, read slashdot.

Nooooo! Tell me this isn't happening! Mwahaha, the army uses slashdot now to broadcast messages to employees, what, is the Exchange server uhhh a bit slow or something? I'm going to write a virus and kill myself before I die laughing :) :)

  • Imagination is more important than knowledge.

Ritchie Quote (2)

blang (450736) | about 13 years ago | (#64495)

"The first fact to face is that UNIX was not developed with security, in any realistic sense, in mind; this fact alone guarantees a vast number of holes. (Actually the same statement can be made with respect to most systems.)"
-- Dennis Ritchie, 1979

That's the big difference between all non-MS operating systems and MS. The whole damn world knows that systems are insecure, and that safeguards must be taken, not only to avoid known exploits, but to be prepared for future exploits. MS shows no remorse or shame every time they're caught with their pants down. Microsoft attitude to security is the same as their attitude to bugs in general. If it sells, why bother fixing it?

I can guarantee you all that Microsoft will continue to ignore security. Untill the day when the computer security industry (antivirus software, firewalls, etc.) is so big that Microsoft decides to corner that market. What a sweet deal that will be for them. It's like having a pharmaceutical company releasing a plague so that they can sell you medicine.

Re:Virus Writers? (1)

lposeidon (455264) | about 13 years ago | (#64497)

hell ya. most people pay to get this virus... and they dont even know it.

NO!! (2)

Omnivorous Cowbird (457986) | about 13 years ago | (#64499)

I know this is a humor piece, but still...

There is a large tendency to over-regulate computers as it is (DMCA, etc.). The last thing anyone (sane) would want to do is give the over-regulation MORE power. Think of all the recent cases (DeCSS, Dmitry Sklyarov, etc.)... you do NOT want the people who thought stuff like this illegal to have the power of the death penalty in their hands.


______________________________________

Re:Another reason to use Linux? (1)

pmz (462998) | about 13 years ago | (#64500)

A: Because Linux does not run...

This argument is losing validity every day. Within a few years, all of the applications that tie us to Windows will be mature and useful under Linux. I long for the day that my household can be truly free of M$. That day will come; it is just a matter of time.

Don't kill them. Use them for good...... (1)

Anomynous Cowerd (464901) | about 13 years ago | (#64503)

Use the virus writers to make the spammers lives miserable. Instead of making worms that just send themselves to everyone in the victim's address book, make them do that AND send mail to domains in the Realtime Black Hole List or something. This could be fun and useful. Or maybe even a worm that uses Dialpad to call spammers at home from everyone's computers. It could be really useful.


~The Moron

Re:wrong problem (1)

MolecularBear (469572) | about 13 years ago | (#64509)

Also, one could argue that viruses play an important role in software quality control. The more security holes that are found via some CIS major's virus, the better. This forces software companies to correct current security problems and think about future security issues. The fact that MS has provided fertile earth for so many worms is an indication that they need to raise their security bar.

Re:wrong problem (1)

Swaffs (470184) | about 13 years ago | (#64511)

I thought we had this all sorted out. This worm/virus does not spread because of insecure software, it spreads because people are dumb enough to run attachments.

--

Re:Viruses keep the economy going (1)

Rebelace00 (470204) | about 13 years ago | (#64512)

This reminds me of a Quote from Scott Adams, which I can't fully remember, but it dealt with how companies make money, and involved the line " Tell people they stink, and then sell them deoderant."

If you think death to virus writers is radical... (1)

General8 (470466) | about 13 years ago | (#64513)

... then check this [cjb.net] out.

Re:Not /just/ death for virus writers. (1)

Nihilanth (470467) | about 13 years ago | (#64514)

(i may have repeated myself a bit here, since my earlier post -appeared- to have errored out, and did not appear in searches later on) Hardly any way to thank the people who expose sloppy programming and the "our users are stupid so they dont need well-written programs" mentality that today's corner-cutting implimentation processes inhabit. Of course, If i were uneducated about computers, and had a propensity to using them irresponsibly and foolishly (say, for example, infecting myself with a virus), i would probably try to cover this up with a lot of loud, angry ranting, calling for the virus' creator to be violently punished. Seeing as that's not the case, i'm horrified at the unenlightened comments by the person mentioned in the article here on slashdot. Who's to say that the next development in virus implimentation won't lead to advancements in remote-administration (as an example)? Only when complex systems are challenged and forced to innovate can they truely be improved. Complacent users who don't care enough to educate themselves as to the proper use of the equipment they've been priviliged to use are getting what they deserve. Likewise, Businesses who allow uneducated users to use company resources also get what they deserve. Viruses help promote education and innovation, and while i'm not arguing that people who malliciously attack computers should -not- be punished to the full extent of the law, that certainly does not include torture and execution. The fact that authors of virii are being verbally attacked is equally horrifying. More and more precident is being set for computer programming being protected as free speech (DeCSS comes to mind, although i think the media is strongarming the reasonable away from justice regardless), and this seems like a BIG step in the wrong direction. Imagine what kinds of software and logic innovations we would be missing out on, if a computer scientist trashed his work files for fear of criminal prosicution? We don't murder gun manufacturers when a shooting takes place, therefore it would be foolish to propose that a programmer be killed for writing a program that is used irresponsibly by someone else, or even to propose that a user be violently punished for using a peice of software maliciously. I can use SMS (a useful remote administration tool used by many businesses to automate and remotely perform administration tasks) to spy on people, crash systems, and steal information. Does that mean SMS's author should be held accountible? SMS, after all, is nothing but a trojan with a large footprint.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>