Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Computer Viruses Broke 100,000 In 2004

timothy posted more than 9 years ago | from the research-purposes-of-course dept.

Security 214

Sammy at Palm Addict writes "The count of known computer viruses broke the 100,000 barrier in 2004 and the number of new viruses grew by more than 50% according to news from the BBC. The BBC also reports that 'phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% with attacks are becoming increasingly sophisticated.'"

cancel ×

214 comments

Sorry! There are no comments related to the filter you selected.

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11210128)

omg dp

Easy enough (3, Informative)

Anonymous Coward | more than 9 years ago | (#11210132)

They broke 100,000 in 2003 as well.

Re:Easy enough (1)

lateral (523650) | more than 9 years ago | (#11210455)

They broke 100,000 in 2003 as well.

No they didn't, the 100,000 refers to the total number of different known viruses.

L.

netcraft confirms (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11210136)

netcraft confirms that phishing is fun as evidanced by the 30% increase in the last year

Viruses vs Car (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11210143)

You know things are bad when the amount of viruses has surpassed the amount of miles on my overused '96 Chevy.

My computer is acting weird (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11210147)

I'm running W2k SP2 on a P3. Lately, when I boot up, the "Windows is starting..." window has an orange bar with flashing garbage characters in it... I can not figure this one out. Can one of the 100000 viruses be the cause of that?

Re:My computer is acting weird (4, Funny)

Niffux (824706) | more than 9 years ago | (#11210187)

That would most likely be either the 5408th, 37322nd, 56446th or the 74353rd.

Re:My computer is acting weird (0)

Anonymous Coward | more than 9 years ago | (#11210288)

If the score for your post was indicative of the humor factor, then it is incredibly low. I either laughed way too long, or not enough.

-AC

my confidential data (4, Funny)

WormholeFiend (674934) | more than 9 years ago | (#11210150)

They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!

Re:my confidential data (1)

EnronHaliburton2004 (815366) | more than 9 years ago | (#11210218)

They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!

Wow, not even I can get my own confidential data from my frozen Windows OS... stupid computer.

Re:my confidential data (1)

WormholeFiend (674934) | more than 9 years ago | (#11210319)

Have you ever heard of data recovery services? It's an industry that wouldn't exist and prosper without Microsoft.

Computer viruses? (1)

OECD (639690) | more than 9 years ago | (#11210227)

Shouldn't these be called 'Windows viruses'? It's not clear what their count entails, but the viruses listed seem to all be Windows-centric.

And no, this is not a troll--I use Windows, too. But this language reinforces the idea that the problem is with any and all computers, which hinders adoption of alternatives. (C.f. the growth in non-IE browsers once the problems with IE were understood by more people.)

Re:Computer viruses? (1)

Omniscientist (806841) | more than 9 years ago | (#11210372)

The first sentences is as follows:

The last 12 months have seen a dramatic growth in almost every security threat that plague Windows PCs.

I believe they are trying to say that the viruses that they are talking about in the article are indeed "Windows Viruses"

Re:Computer viruses? (1)

WhiplashII (542766) | more than 9 years ago | (#11210472)

Just think - and now they want your stereo and VCR to be running Windows, internet connected...

Re:Computer viruses? (1)

OECD (639690) | more than 9 years ago | (#11210505)

I believe they are trying to say that the viruses that they are talking about in the article are indeed "Windows Viruses"

Indeed they are. I was looking for an 'except linux/OSX/etc' paragraph and missed the 'we're talking about Windows' one. It's the /. story that perpetuates the 'computer virus' language, not the article. Go figure.

Re:Computer viruses? (1)

navigator (94769) | more than 9 years ago | (#11210648)

"Shouldn't these be called 'Windows viruses'? " ... or maybe 'windows pains'

Re:my confidential data (1)

orangesquid (79734) | more than 9 years ago | (#11210363)

Yeah. I actually like how there's enough phishing now that I get IMs or such every once in a while.

Then, I go through all of the HTML and JavaScript code, figure out exactly who's behind it, and notify each and every one of their ISP and/or upstream providers. Whee! Bye-bye Phish!

Re:my confidential data (0)

Anonymous Coward | more than 9 years ago | (#11210519)

omg dude you're l33t.

Quoth Strongbad (4, Funny)

geeksdave (799038) | more than 9 years ago | (#11210152)

That is not a small number... that is a very large number!!! Ack poor compy.

Computer Over (1)

Rosyna (80334) | more than 9 years ago | (#11210729)

Virus = Very Yes

Virus writers should be executed (0, Flamebait)

Anonymous Coward | more than 9 years ago | (#11210153)

If they start beheading virus writers it would solve the problem

Re:Virus writers should be executed (0)

Anonymous Coward | more than 9 years ago | (#11210182)

There are very few virus writers,
Since most viruses are just simple modifications of exsisting ones tweeked by clueless script kiddies!

I say execute the script kiddies, at least the origional virus writers show skill in some cases that might be able to be redirected unlike these skill-less script kiddies

When will it stop? (1, Funny)

Anonymous Coward | more than 9 years ago | (#11210154)

Oh the humanity! I have to run my virus scanner 24/7 now. When will the.. [POST ABORTED: VIRUS DETECTED].

Could we have a distinction here? (4, Insightful)

i_want_you_to_throw_ (559379) | more than 9 years ago | (#11210166)

Now how many non Windows viruses were there? You could probably count them on one hand. Let's give credit (or blame) where it is due.

Re:Could we have a distinction here? (1)

MandoSKippy (708601) | more than 9 years ago | (#11210214)

Congratz! Yes... the virii are mostly windows, and yes, many are due to vuln in Windows, but think! MOst of the users (esp stupid users) are WIndows users... nevermind... I give up Rah Rah Linux, if Linux can't do it no one can Can't beat em Join em.

Re:Could we have a distinction here? (1, Interesting)

Meostro (788797) | more than 9 years ago | (#11210215)

And what's the market share of Windows these days?

Try to compare apples to apples...

Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.

Re:Could we have a distinction here? (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11210249)

Bollocks. Apache has many times more installations than IIS, yet you have more IIS exploits than Apache. Marketshare != Exploit/Attack share.

Re:Could we have a distinction here? (0, Troll)

stratjakt (596332) | more than 9 years ago | (#11210336)

Apache is not Linux
IIS is not Windows

What about the recent rash of tens of thousands of PHP based forums going down? Oh, that's PHPBB's fault, not Apaches.

But when a poorly written web-app running on IIS get's hacked, it's somehow Windows fault?

Re:Could we have a distinction here? (2, Interesting)

Meostro (788797) | more than 9 years ago | (#11210439)

Bollocks back at you AC! Exploits and viruses aren't the same thing, although the article doesn't seem to mention the difference.

Viruses don't need to do anything tricky to propagate, they're just programs that people run. If I want to make a virus, why the hell would I do X amount of work to make it run on Linux when I could expend the same amount of effort to make it run on Windows? Just by switching I can increase my target base by a huge amount.

Exploits are different, they are based on actual software errors that shouldn't be. Exploits are solely the result of poor programming / design, and I agree that they are not in any way related to market share.

The article doesn't differentiate anything, but I would add: Worms are another matter, since they are viral exploits... that's where there's a real grey area, as you could legitimately classify them under either type.

Re:Could we have a distinction here? (1)

0racle (667029) | more than 9 years ago | (#11210259)

That wouldn't take into account the human factor in spreading these, that being the cluelessness of the average user, or complacency of an admin.

Re:Could we have a distinction here? (0)

Anonymous Coward | more than 9 years ago | (#11210383)

Number of Windows users: 100,000,000
Number of Windows viruses: 85,000
1176 users per virus

Number of Linux users: 10,000
Number of Linux viruses: 170
58 users per virus

Re:Could we have a distinction here? (1, Funny)

Anonymous Coward | more than 9 years ago | (#11210489)

Has Netcraft confirmed this?

Re:Could we have a distinction here? (4, Interesting)

Daniel Dvorkin (106857) | more than 9 years ago | (#11210524)

And what's the market share of Windows these days?

Try to compare apples to apples...

Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.


Last I heard, there were something like 100 known Linux viruses, and 20 known Mac OS X viruses. Assume the current desktop market share is 3-5% each for Linux and Mac, and Windows still comes out "ahead" by quite a large margin. On the server side, of course, things look even worse for Windows.

Re:Could we have a distinction here? (4, Informative)

Xeo 024 (755161) | more than 9 years ago | (#11210367)

Linux vs Windows Viruses [theregister.co.uk] (from 2003 but still relevant).

Some things (from the article) worth noting:

To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it, writes SecurityFocus columnist Scott Granneman.

"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."

It says 60,000 viruses for Windows in 2003, which escalated to 100,000 in 2004. There haven't been that many major viruses released for Linux/Unix/Mac so let's add a modest 15 to each number listed in 2003.

So, the list comes to:

Windows: ~100,000
Mac: ~55
Unix: ~20
Linux: ~55

and that's being really generous to Windows. Also, keep in mind what it says above: "Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."

Re:Could we have a distinction here? (1)

Prophet of Nixon (842081) | more than 9 years ago | (#11210447)

Hmm, I quit using macs around 94, but I remember there being several hundred viruses even at that point... though I doubt most of them would work on OS-X these days.

Re:Could we have a distinction here? (2, Interesting)

Xeo 024 (755161) | more than 9 years ago | (#11210558)

According to this [corante.com] , this [masternewmedia.org] , and this [aroundcny.com] there are no viruses for OS X at all.

The first link even links to an old /. article [slashdot.org] . :)

Re:Could we have a distinction here? (1)

aslate (675607) | more than 9 years ago | (#11210380)

How about asking: Is the percentage of non-windows viruses out of them the same as the percentage of non-windows machines? Then you might have a bit more context in your figures.

Re:Could we have a distinction here? (1)

DanielJosphXhan (779185) | more than 9 years ago | (#11210448)

With the flaws of modern operating systems in mind (more complex and more exploitable bugs than ever), I've always wondered about the incredibly complex systems presented in movies based in the future.

Star Trek, for instance: I'd love to see an episode where someone had to access the source code of the beam-down-thingy, recompile it, and test it on hamsters because some expendable crewman opened up an email from Earth called "REALLY COOL SCREENSAVER LOL"

But then, maybe that's a bit to close to real life, except for the mysteriously disappearing and re-appearing part.

Re:Could we have a distinction here? (0)

Anonymous Coward | more than 9 years ago | (#11210540)

I'd love to see an episode where a klingon warriror viciously enters a petite little vulcan chick from behind. Her deafening screams ringing throughout the ship as she recieves the full klingon girth.

Is it just me?

China: Source of Viruses, Malware, & Spam (0)

Anonymous Coward | more than 9 years ago | (#11210463)

The reality is that the bulk of viruses, malware, and spam hails from mainland China [phrusa.org] . Here, "bulk" is adjusted for GDP per capita: e.g, take the net number of viruses and divide by the GDP per capita.

How can you defend yourself? Go to CNET [cnet.com] and download the most popular anti-spyware product produced by a commercial company. Also, buy a commercial anti-virus product: e.g. McAfee. Never respond to e-mail that requests personal information; reputable companies never ask for personal details by e-mail.

Re:Could we have a distinction here? (1)

Momoru (837801) | more than 9 years ago | (#11210536)

I'm certain there were a much higher percentage of viruses for windows, even if you factor in the number of people who use each. Though I don't think you can look at that alone and place blame on the operating system. If Linux were to become the most popular OS out there, there would be more viruses written and ran on it as well. If anything i suspect there may be more because the source isnt as tightly held...if you grandma cant tell the difference between a real screen saver and a virus, why would she know a legitimate install of apache from a trojan horse disguised as apache?

Re:Could we have a distinction here? (1)

mattyrobinson69 (751521) | more than 9 years ago | (#11210791)

because she's really cool and installed apache from portage?

if you ask me, i recon all distro's will/should end up with package systems like emerge/apt-get with central repositry's. It would make software much more accountable, especially if her (graphical) package management system does hash checking (i didn' say md5 checking because of the recent article about it).

obviously its not impossible to add your own packages to your local portage and emerge it, or to compile it yourself, but for all that effort, i think grandma would rather not see britney spears naked.

But... (4, Funny)

Anonymous Coward | more than 9 years ago | (#11210173)

I'm running Windows XP. Bill Gates says I'm safe from viruses.

microsoft's famous quote (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11210176)

Does this mean Microsoft will take back that quote about how its the user's fault or the one that security isn't that important?

Re:microsoft's famous quote (0)

Anonymous Coward | more than 9 years ago | (#11210258)

Nah, it's still the user's fault for running Windows.

Inevitable (1)

JossiRossi (840900) | more than 9 years ago | (#11210179)

In the next few years we will see the emergence of an even more extreme battle of "Freedom of the Internet" vs. "Risk of Use" as people try ot lockdown the internet to prevent damage done when morons open up that "I Love You" E-mail.

Re:Inevitable (1)

conteXXt (249905) | more than 9 years ago | (#11210637)

AOL come.....AOL go

problem?

URGENT! (4, Funny)

Prince Vegeta SSJ4 (718736) | more than 9 years ago | (#11210183)

All slashdot users

Phising scams are becoming more prevelant on the internet and world wide web. Unfortunately, they are now starting to show up on 'Blogs as well.

Do to the dedication of security we in the OSS community have, we are updating our servers and account information.

Please click the following link [slashdot.org] and verify your account information, password, and private PGP key.

In order to Verify your identity, please have your Visa or Mastercard account number ready

Re:URGENT! (1)

eobanb (823187) | more than 9 years ago | (#11210494)

Ah, and just think, on a board with any less smart people, this would be modded down...well, either that or they'd complain that the link doesn't work.

Re:URGENT! - I believe you meant this... (1)

fracai (796392) | more than 9 years ago | (#11210502)

Please click the following link [gator.com] ^H^H^H^H^H^H^H^H^H^H slashdot.org] and verify your account information, password, and private PGP key.

not suprising (5, Informative)

spac3manspiff (839454) | more than 9 years ago | (#11210193)

The most common sentence i heard from relatives this holiday was,
"Can you please fix my computer".
"I accidently clicked something and my computer is slow".

Re:not suprising (1)

JJRRutgers (595466) | more than 9 years ago | (#11210333)

Not surprising indeed. I was asked to fix my in-laws machine that had NAV 2004 on it, but no SP2 for XP. I checked the properties of his internet connection, and as soon as that connection was enabled, billions of packets started going out to the internet with nothing in return. Computer: Zombified!

Had to break the bad news to him that the machine had to be reformatted and reinstalled, and I was flying back that night.

Re:not suprising (1)

Squareball (523165) | more than 9 years ago | (#11210357)

I spent hours fixing my little brother's (14 yrs old) computer. Firstly they are on dial up so that was why it took so long.. just downloading Spybot etc.

My mother told me that they had just gotten a phone bill with calls to Germany on it but they didn't know anyone in Germany and didn't make the calls.. plus no one was home when the calls were made. I told her all about dialers and the such and sure enough there were some installed on their computers.

My mother is going to retire soon and needs a computer since her computer is going back to her company. After telling her how my mac hasn't had a single popup window or spyware/adware installed on it she is now going to buy a mac. BTW after 5 hours on my brother's computer there were still things I couldn't seem to get rid of. I gave up but his computer was running a good 40% faster after removing all that crap. No lie.

Re:not suprising (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11210534)

You do realize that it's possible to protect a computer without bothering to switch from x86 to PPC, right?

I use Windows because I'm a gamer. I love Linux. I love the idea behind the open source community. But I also wanted to play Half Life 2.

It's very simple to correct these problems. I use Firefox, and I check Windowsupdate on a weekly basis. With the exception of cookies, I havn't had anything detected from Spybot in the past year or so, since I switched to Firefox.

Re:not suprising (2, Insightful)

isecore (132059) | more than 9 years ago | (#11210626)

I spent hours fixing my little brother's (14 yrs old) computer. Firstly they are on dial up so that was why it took so long.. just downloading Spybot etc.

As a fellow roaming techsupporter (parents, witless friends) let me give you a little advice:

Invest in one of them small USB-memory drives. 128 megs is fine, go for more if you feel like splurging.

I've quickly discovered that these things are solid gold when dealing with different computers in different locations. Just slap Ad-Aware, Spybot and whatever else pieces of software you need onto that thing, and take it with you. Works like a charm. Then all you need the Internet for is for definition-updates and even those don't take years to download over Dial-Up.

Re:not suprising (3, Insightful)

WidescreenFreak (830043) | more than 9 years ago | (#11210361)

Accidentally

Have you noticed that when it comes to computers the relatives always replace had a major lapse of common sense and with accidentally?

"So, you accidentally received a piece of mail from someone you didn't know, you accidentally opened it up to see what it was, you accidentally moved the mouse over the attachment, and then you accidentally double-clicked on the attachment just because it was there? Oops! I accidentally just formatted your hard drive. Do you have your installation CD?"

Re:not suprising (3, Insightful)

Wordsmith (183749) | more than 9 years ago | (#11210526)

And can you tell me what about common (non-geek) sense suggests that opening up an e-mail and the included file should be at all hazardous? Common sense suggests you should jsut get to see what's in the file. If it's junk, you'd delete it.

Unless you've been specifically told otherwise, it wouldn't seem dangerous at all. When you open junk mail at home, or mail from a sender you don't recognize, you don't expect it to take pictures of your house and mail them back to the sender. You don't expect the opened mail to leave dogcrap on your doorstep or make your refridgerator stop working. It seems like a fairly harmless thing to do.

It's only because of severe design flaws in e-mail programms and OSes that there's an issue.

Re:not suprising (1)

WidescreenFreak (830043) | more than 9 years ago | (#11210642)

To an extent that is true, but you are living in a fantasy world if you think that e-mail will ever be able to go back to such innocence any time soon.

Distinct virsues? (4, Insightful)

Rick Genter (315800) | more than 9 years ago | (#11210204)

Should we really consider the dozens of variants of Bagle, Netstky, etc. separate viruses? Just because the anti-virus vendors choose to implement recognition of these variants by separate signatures, are they really different viruses?

I think it would be more interesting to know how many new virus/worm/trojan families were released year-to-year.

double counting? (2, Insightful)

Lawrence_Bird (67278) | more than 9 years ago | (#11210213)

are they all unique? Or are many of them variants on an original? Seems to me we should only be counting big version
numbers and not the updates

How many of these viruses are linked to spam? (2, Insightful)

Lisandro (799651) | more than 9 years ago | (#11210219)

That would be an interesting figure, and i guess it'd be pretty high. The ammount of mail traffic due to zombie machines spamming is amazing.

obligatory comment (5, Funny)

bigdaddyhame (623739) | more than 9 years ago | (#11210221)

Does the article mention how many of those >100,000 affected the Mac OS platform?

The Top 10 List reads like the leader board at a chess competition.

1) Netsky-P
2) Zafi-B
3) Sasser
4) Netsky-B
5) Netsky-D
6) Netsky-Z
7) MyDoom-A
8) Sober-I
9) Netsky-C
10) Bagle-AA

Symantec cheated me! (5, Funny)

sci50514 (722502) | more than 9 years ago | (#11210224)

I feel so cheated. My office Symantec Corporate Edition listed only 68585 viruses. Where are my other 31415 virus definition? :)

Percentage of Windows Boxen (0)

Anonymous Coward | more than 9 years ago | (#11210230)

I couldn't find the percentage of these viruses that were affecting Windows. I'd like to see a list of the top 10 Windows viruses and the top 10 Linux viruses (viri?). It should also include the dollar impact estimates of each. I realize Linux has a smaller market share, but I think even if you adjust for this, the impact on Linux would be extrememly small compared to Winders. Somebody do this in the next 30 minutes, please and thank you.

Re:Percentage of Windows Boxen (2, Insightful)

PyroPunk (545300) | more than 9 years ago | (#11210393)

I always see these comments, but I want to know; if the mass of people using Windows today all switched over and were using Linux tomorrow, do you honestly think all of a sudden the computer world would be a safer place? Do you envision this utopia where all users suddenly start keeping their machines up to date to thwart off the latest exploit? Would we suddenly have ma and pa computer user logging into application.bugzilla.com and filing bug reports? If a trojan/worm/virus/etc was sent out and the user got infected and a dialog popped up saying they had to enter their root password to run it, do you think these same users that download everything off the net, always just click "yes" without reading anything, are going to say "if I log in as root I can cause serious damage" and not log in as root? no, a majority of them will log in as root and get exploited.
The only difference I see will be all the Linux zealots either a) switching to another OS because now it's not 1337 to be running Linux or b) the same people that blame Microsoft for all the users problems, will now start blaming the user (instead of blaming Linux).

Re:Percentage of Windows Boxen (0)

Anonymous Coward | more than 9 years ago | (#11210445)

"I always see these comments, but I want to know; if the mass of people using Windows today all switched over and were using Linux tomorrow, do you honestly think all of a sudden the computer world would be a safer place?"

Yes.

Deadly (1)

derxob (835539) | more than 9 years ago | (#11210231)

If computer viruses were detrimental to our health, we'd all be dead. Although, if computer viruses were actually deadly, think of how much smaller this number would be..

Re:Deadly (1)

Technician (215283) | more than 9 years ago | (#11210513)

if computer viruses were actually deadly

It reminded me of this from a few years ago regarding solid programming.

If houses were built like software, then the first woodpecker that came along would destroy civilization. They were not too far off.. There has been a lot of repairs and patches applied just to keep it standing a few days longer.

Re:Deadly (1)

0racle (667029) | more than 9 years ago | (#11210515)

Speak for yourself, None of my systems have contracted one.

complacency (4, Interesting)

Anonymous Coward | more than 9 years ago | (#11210237)

Just because you have an ultra-secure computer doesn't mean you should be complacent about theft of confidential data.

One of my buddies got his credit identity stolen a few months ago, he figures, by someone at a store who processed his credit application when he bought a home theatre system (Zero interest! Don't pay til way later!).

By the time collection agencies were knocking at his door, that store had closed.

They'll steal it from your mailbox. (1)

khasim (1285) | more than 9 years ago | (#11210587)

Do you have a credit card from a company that likes to send you handy "checks" that can be written against your account?

All it takes is one punk to grab your mail and you have a problem.

Your mail can even be delivered to the wrong house and you can be compromised.

The fact is, we are not currently setup to deal with identity theft. We have a bunch of half measures that easily circumvented by anyone who thinks about it.

How many original viruses are there, though? (1)

stratjakt (596332) | more than 9 years ago | (#11210257)

Most listed, especially in the top 10, are just trivial variations of a previous virus/worm.

So it's kind of like MAME supporting umpteen billion different rom sets, when most of them are clones or revisions of an original game.

You could probably release 100,000 variants of NetSky if you wanted to, just by embedding random payloads.

Which OS ? (0)

Anonymous Coward | more than 9 years ago | (#11210262)

Not to be on the Anti-MS--slashdot-bandwagon ; But I am wondering what the percentages are for the different OS's :

It's only once in a few blue moons I'm hearing about virii for other OS's than Windows ; So anyone can hook me up with some figures ?

Better headlines please. (2, Insightful)

northcat (827059) | more than 9 years ago | (#11210276)

The first thing I thought when I saw the headline was 'broke 100,000 what?'. The headline should have been better, like 'crossed the 100,000 barrier' or just 'crossed 100,000'.

Re:Better headlines please. (1)

uarch (637449) | more than 9 years ago | (#11210368)

or just 'crossed 100,000'

Crossed 100,000 what?

Did they bless 100,000 pilgrims?
Did they anger 100,000 people?

Yeah, yeah, -1, offtopic :(

Re:Better headlines please. (1)

rah1420 (234198) | more than 9 years ago | (#11210485)

'broke 100,000 what?'

Broke 100,000 opinions that computing is safe from compromise.

Hmm (1)

blair1q (305137) | more than 9 years ago | (#11210282)

You know, I'm beginning to think these computer things aren't all that secure.

(p.s. I put a router between my computer and my cable modem, and I don't click on executable links unless they're from a trusted source and confirmed as having been sent deliberately; I have never--not ever--had a virus or a break-in on this subnet.)

So, who's responsible? (5, Insightful)

WidescreenFreak (830043) | more than 9 years ago | (#11210300)

The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.

But quite frankly the ISPs and of course the individual users are to blame as well.

Why don't broadband ISPs require boradband firewalls? Only recently have some of them started to incorporate firewalled modems, and even then they're only sent to new customers. Would this mean that existing customers would have to spend money for a new router at the ISPs demand? You bet. But given the choice between disconnection or buying a $50 router, I'm sure that the vast majority would find a way to get that $50.

Additionally, most virii are sent over SMTP ports since they contain their own SMTP servers. I would not be against shutting down direct-from-client SMTP as long as those who run their own mail servers have the option of having their specific connection opened for SMTP traffic.

Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?

At this point I would actually welcome something like a drivers license for broadband access. You don't gain the ability to use a broadband connection unless you prove to the ISP that you know the rules and that you are informed of how to be a responsible Netizen, including the use of firewalls, virus scanners, and alternate products like Mozilla, Eudora, Firefox, and others. If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.

If people were made aware that any virus or worm outbreak cause by them would mean the complete loss of their Internet connectivity, I think we'd see the number of virus infections drop dramatically.

But have an ISP do the responsible thing at the risk of pissing off customers? No, they'd rather spend billions of dollars a year on mail storage, spam-fighting hardware and software, increasing bandwidth usage, and always-rising amounts of mail to abuse@isp.net...and of course pass those charges onto us.

Re:So, who's responsible? (1)

tomcio.s (455520) | more than 9 years ago | (#11210461)

I'm sure that the vast majority would find a way to get that $50.

Nope. They would not. They would cancel their subscription and either switch to competiton who will give them a free router, or re-signup with the provider to get the 'firewall' enabled modem. Simple laws of economics.

Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?

Noble goal.. What about AIDS or teen pregnancies? We are tought about them at a very young age and yet both still exist/happen. The problem lies with the user's indifference.

At this point I would actually welcome something like a drivers license for broadband access.

Listen to the radio. See how many car accidents licenced drivers have caused in your area this moring. This is not the answer nor a deterrant.

and of course pass those charges onto us.

Now you got it.. It's called business :-)

You are right in your reasoning. The only weak link is people. I used to think the same until I have helped some 'users'.

I like this analogy:
For a computer guy, a virus is like a stalled engine to a mechanic. Both professionals know what to do in the respective cases, but don't ask them to fix the other's problem, they will be lost at the onset. And if that is the case with professionals, what can be said about laymen?

Re:So, who's responsible? (1)

Prince Vegeta SSJ4 (718736) | more than 9 years ago | (#11210650)

You don't gain the ability to use a broadband connection unless you prove to the ISP...

Amen, I finally got my wireless network up and running securely with the proper (at least the best I can do with a consumer grade device) security.

Windows really pisses me off, SP2 Crashed my computer after I tried to update. ARGHGHDFHZ, anyway, as soon as everything is running smoothly, Guess how many networks I see (just using windows utility) - five, including mine.

Guess How many of the 5 were secured: Mine

Guess how many of the remaining networks windows would log me into automatically, if I chose that option: All of them!

Guess how many I could use their broadband connection on - 3.

This was done w/o any hacker type intent or anything else, windows would automaticaly search for any BSSID and log onto the strongest.

Of course my BSSID is turned off, so people can't see me w/o a little effort. I'm thinking about posting a note at the mailboxes in my subdivision which says:

  • If your wireless network is named linksys, MSHOME, netgear, or INTERNET. you are giving away free interent services to everybody in the neighborhood, and they can enter your computer, install viruses, steal your personal data and financial information and even cause a visit from the FBI, if someone uses your connection for FILESHARING. Please contact me for a security audit of only $59.95.

by the way (1)

Prince Vegeta SSJ4 (718736) | more than 9 years ago | (#11210699)

I do use MAC address filering, Reserved IP addresses, WPA TKIP, NO BSSID, although any other tips woudl be great.

And no, I'm not posting from my home network smartypants

what viruses? where? (3, Interesting)

gobbo (567674) | more than 9 years ago | (#11210307)

I've gotten so cozy in my nearly MS-free world since I managed to offload the last W2K machine that I forget about the risks, and how that antiviral cruft soaked up CPU and RAM.

Until, that is, I open an MS Office document with macros, then the whole sense of dread and ire comes back; and I'm always surprised and annoyed when the latest worm brings local networks staggering to their knees.

I don't really care about viruses... (3, Interesting)

Kjella (173770) | more than 9 years ago | (#11210310)

100, 100.000 or more... viruses are quite easy to contain because they are unquestionably nuked as such. What I don't like is all the other semi-legitimate software (hello adware, hello malware, hello spyware) which can fuck up your computer almost as bad or worse, except they come with an EULA.

I think all software should come with a self-signed key. By default it should allow upgrades by the same key (version 1.0->version 1.1), but not let other programs update eachother (e.g. explorer hooks, IE hooks, grab default applications, overwrite system libraries etc.)

I'm talking about all optional here, not DRM. I would love to have it such that I could install apache on my linux box, and not have it overwritten by anyone but apache (without my explicit permission) as well. Right now, once you have root, it is enough. But proper rights should be "need-to-have". Give a program permission to install itself, but don't fuck the rest of the system? Today, that can't be done.

Kjella

100k means unhappy customers (1)

OffTheLip (636691) | more than 9 years ago | (#11210316)

100000 virus == two's complement overflow for the 32bit OS on which they thrive. The number of computer virii is as misleading as the medical alternative considering the human toll that is exacted.

It's time Windows included a basic anti-virus tool (2, Interesting)

Luscious868 (679143) | more than 9 years ago | (#11210359)

What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems. I really wish that Microsoft would include some basic type of anti-virus / anti-spyware utility with the operating system.

Yes, there would probably be a huge outcry about antitrust violations, but I believe the bottom line is that Microsoft has a duty to ship an operating system that is as reasonably secure as possible without including so many features as to push other vendors out of the market. I think the firewall in Windows XP SP2 is a good example of a compromise. The firewall includes enough basic features so that users aren't completely hanging out there in the wind, yet does not provide such a robust feature set so as to push third party firewall vendors out of the market. The disk defragmentation utility is another good example of a compromise. It has enough basic features to be useable, but not enough so as to push third party vendors out of the market.

Microsoft could do it if they wanted to, even if there was an outcry from vendors. Look at what they did with I.E. when they decided they wanted a piece of the browser market. For a more modern, post anti-trust trial example, look at what they are doing now with Windows Media Player. Yeah, the EU is calling them on it, but I think a real case could be made that a basic anti-virus / anti-spyware utility is as important a part of basic system security as a firewall.

Of course, if Microsoft just fixed I.E. and Outlook / Outlook Express, viruses and spyware wouldn't be as much of an issue, but we all know about how likely that is to happen.

Re:It's time Windows included a basic anti-virus t (2, Insightful)

stratjakt (596332) | more than 9 years ago | (#11210412)

If you were paying attention, you'd have noted that not only is MSFT developing it's on AV tool but they also plan their own spyware scanner/remover.

Windows 3.0 had MSAV, are any /.ers old enough to remember that? They abandoned it, deciding it was too much work to maintain something that, at the time, wasn't viewed as a necessary compnent. And it wasn't needed, in a simpler, kinder, pre-internet world.

phishing... (1)

deathazre (761949) | more than 9 years ago | (#11210379)

my school email account caught an ebay phish the other day. The fact that the headers showed it coming from south korea kind of gave it away.

scary thing is, it seemed to make use of the nasty just-about-any-browser spoofing vulnerability that was found not too long ago.

strcpy, providing freedom to crackers since 1972! (4, Insightful)

ratboot (721595) | more than 9 years ago | (#11210399)

Viruses still exist because programmers still use obscure C functions full of holes and obscure processors full of executable stacks.

Please programmers, read the electronic paper "Smashing The Stack For Fun And Profit" (->Google).

zzz

Link to paper (1)

sczimme (603413) | more than 9 years ago | (#11210592)


Smashing the Stack for Fun and Profit [insecure.org]

The original link is here [phrack.org] . This was originally published in Phrack #49 on 08 November 1996. It is still a relevant and useful article.

In the wild? (2, Insightful)

slavemowgli (585321) | more than 9 years ago | (#11210424)

How many of those are actually found in the wild? 100,000 is a big number, but ultimately meaningless when you want to assess the risk posed by viri etc. Throwing around big numbers like that is more the realm of marketing than that of engineering. :)

Number sounds like FUD (1)

onyxruby (118189) | more than 9 years ago | (#11210437)

The number sounds like FUD, once we get past the variants how many truely original viruses are there? I would imagine that very few original viruses have ever been created, the overwhelming majority are nothing more than variations on someone else's work.

Viruses? Or spyware and malware? (1)

Anubis333 (103791) | more than 9 years ago | (#11210457)

I think the vast majority were malware and spyware. What is the difference between malware and a vius? Nothing really, it's just a trojan virus. So I feel this is understandable.

But, I am fuck1ng sick of the AOL commercials that talk about you losing all of your data and photos due to a virus. I posted about this before, I feel this is just wrong, to my knowledge there hasn't been a widespread virus in years that formatted your HD.

Scarier than the number of virii is this stat... (2, Informative)

rah1420 (234198) | more than 9 years ago | (#11210459)

from TFA: [bbc.co.uk]

On the positive side, Finnish security firm F-Secure said that 2004 was the best-ever year for the capture, arrest and sentencing of virus writers and criminally-minded hackers.

In total, eight virus writers were arrested and some members of the so-called 29A virus writing group were sentenced.


Eight? EIGHT??

(deep sigh)

Need? (1)

tomstdenis (446163) | more than 9 years ago | (#11210482)

Is there really a need for viruses to get data?

"Sure sir, two AA batteries, now if I could just get your phone number, home address and date of birth for a survey we're conducting!" ... survey...

Clever wording for DATA MINING...

Tom

Antivirus (1)

HadenT (816717) | more than 9 years ago | (#11210533)

High number of viruses/malware should be signal that antivirus software won't be good solution forever.
IMO, instead of brute signature detection, various sandboxes should be used: e.g. one should be able to run any app in virtual environment, any file application deletes or changes is only marked as such in sandbox config, network access should be blocked using custom setup etc.
Thus if I'm happy with application, and start trusting it (by checking what it has tried to do) I merge changes and release it from sandbox, if not - remove it and diffs of any changes it tried to do.
App itself sees merged state at all times, possibilities are endless, like groups of sandboxes etc.

eBay phishing scam I got (3, Insightful)

YukiKotetsu (765119) | more than 9 years ago | (#11210537)

These things are looking more and more realistic/genuine all of the time. The last I got I opened up the email just to take a look, and the reply to address was "cgi.ebay.com/cgi-bin/"whatever else... it looked so nearly authentic it was scary. Everyone sees the cgi-bin at the ebay page, so having the name cgi.ebay.com was just... yah... I see why people fall for these, they are just uninformed, thinking someone actually was trying to steal their eBay account and such. What needs to be done is when you sign up for stuff, you are required to read aloud to a microphone some statement about how the company will never send you emails to verify account information, social security numbers, and so on. It's the only way to guarantee they read it, but perhaps they still wouldn't understand it. It's just scary. What we need is to make a global law about these things as well... if you are found doing this sort of act, you and your whole immediate family is executed in front of a live TV audience. I bet it'd get higher ratings that Survivor!

IT 101 (1)

Karifan (844479) | more than 9 years ago | (#11210566)

Its has been proven time and time again that the problem is "Between the Keyboard and the Chair"
So I suggest that the ppl who extract/spread the viruses and have no idea how they got them, Pack up the PC and ship it back to the store cause they are too [)^/\/\-/\/ stupid to use em

Proving I'm not a karma whore... :) (1)

dodongo (412749) | more than 9 years ago | (#11210657)

broke the 100,000 barrier


Why do we refer to things that are not barriers as barriers? This talk goes on all the time on the site, and honestly, we can all do better than that. Let me explain:

A barrier is some thing, physical, abstract, whatever. Some property of the barrier or something associated with the barrier in some way prevents something from happening, or some condition from being reached.

The speed of light, for example, so far as we know it, is a barrier -- according to current understandings of the world, stuff cannot (normally, at least) travel faster than light. Ergo, c is a barrier.

The speed of sound is also a barrier. Typical aircraft encounter tremendous stresses as they approach the speed of sound. For a long time, we couldn't go faster than sound. But now, there is an understanding of how to design a body to break through that barrier. It still exists as a barrier, though: try and crank a 747 up to Mach 1 and watch what happens.

OK, so you see? A barrier has some property that prevents something else.

There is no barrier out there that prevents the creation of the 100,000th computer virus. There is nothing actively precluding another virus from being created.

At least not as long as IE is in the wild. :)

In other news... (0)

Anonymous Coward | more than 9 years ago | (#11210661)

...the number of Mac OS X viruses remains at 0, frustrating antivirus software vendors worldwide.

And by the way, that's not just due to marketshare. If the rumored $499 Mac mentioned in a story earlier this morning is real, that will do quite a bit towards proving that OS X security is not due to obscurity.

Virus vs. Work (1)

wertarbyte (811674) | more than 9 years ago | (#11210694)

In my opionion virus (plural) nearly died out. What they now refer to as virus is mostly a worm; I haven't seen many digital parasites that integrate themself into binaries for several years now, and those things that open servers and copy themself from system to system are worms, they don't infect other binaries (cells), they just sit in the system (organism).
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>