×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Growth of the Underground Cybercrime Economy

samzenpus posted more than 6 years ago | from the nothing-is-safe dept.

The Internet 94

AC50 writes "According to research from Trend Micro's TrendLabs compromised Web sites are gaining in importance on malicious sites created specifically by cyber-criminals. The research debunks the conventional wisdom about not visiting questionable sites, because even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

94 comments

Frosty Piss (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22499310)

Growth of the Underground Frosty Piss movement is picking up steam, especially the steaming mug variety!
 

Re:Frosty Piss (2, Funny)

sporkme (983186) | more than 6 years ago | (#22499752)

Thank you for commenting on slashdot! LOL! You'd love the zany TOTALLY NUDE shots from my webcam! All you have to do is CLICK MY LINK [slashdot.org] and you will see me totally exposed! This is not a hack or virus or any of that, I am just trying to increase my exposure (if you know what I mean) in !script=LOCAL_CITY!@user! so I thought I would hit you up personally, since you seem soooo kewl! I luv yer pix and maybe we can get a little more personal if you Czech out my pix on my sight. XOXOXO 3 --Bubbles.

Re:Frosty Piss (0, Offtopic)

Manic Engine (772535) | more than 6 years ago | (#22500004)

can u pls fix link, no pix!? u sound hot, got email?

Re:Frosty Piss (1)

Corwn of Amber (802933) | more than 6 years ago | (#22500430)

About TFS... (didn't bother to read TFA, this being /.)

WTF? Use Adblock not to download the malware-pushing banners.
Don't download code. Music, videos, etc. OK, but NOT code. Unless you KNOW it's safe.

And finally : use a Macintosh or Hackintosh. There's no malware on OSX.

It's really laughable. Fortune500 sites pushing malware? That's why you Americans have "class action lawsuits" and "ambulance-chasing lawyers". 1+1+1= ... profit.

Re:Frosty Piss (2, Insightful)

somersault (912633) | more than 6 years ago | (#22500818)

I'm guessing you'd have to download the code and check it before you can know if it's actually safe.. depending on your definition of 'safe' of course.

Re:Frosty Piss (1)

kesuki (321456) | more than 6 years ago | (#22510982)

fortune 500 companies can get compromised. It's not like it's impossible, and they are the most likely to have a sophisticated system for downing compromised systems (Intrusion detection systems, automatic filtering of forums eg: Slashdot has code that tries to reject links or code that is 'known bad' although not necessarily links to bad sites) and the ability to power power off or 'stop internet to' any single server without having to access it physically) but no system is 100% fool proof, besides which, who is going to prove that said fortune 500 company compromised john doe of new jersey's system when the server was comprised for .1 seconds before it got detected and shut off? if john doe doesn't discover the problem until 3 years later when the hacking group who originally compromised his system got hacked itself, and the system finally crashed, instead of just running malware in the screen saver...

i mean fortune 500 companies hire big shot lawyers to take care of the small fries, and they hire seven figure technology specialists to deal with any major problems.

speaking as someone who had malware on his computer unknowingly for 3 years, until other computer hackers (not the ones who originally installed the software) got into my system did i realize I had even been compromised.

so frankly, it would be hard for me to sue anyone, since my ISP doesn't watchdog my network activity to see if hackers are using my system, the hackers who rooted my system were professionals, but it's not like they can be sued...

I even had a hardware firewall, besides windows, but it was a cheap one, not like when i used to use a freebsd firewall... but freebsd got to be a major pain to install. now there is smooth wall 3.0... but since I've become so adverse to using windows on the net, that it's not even worth it to play online games.

Re:Frosty Piss (1)

Corwn of Amber (802933) | more than 6 years ago | (#22512814)

My point was more that Fortune 500 companies could just "not put ads" on their sites, it's not like they're not rich enough to publish whatever content on the 'Net for what they see as chump change.

Unless they're online ads, but are any of those in Fortune 500?

And, how are those sites "compromised" to serve malware? With seven-figures security people, they'd write a Trusted system, encrypted end-to-end with math proofs that it Just Can't be hacked, ever, and do that in a year.

Re:Frosty Piss (1)

kesuki (321456) | more than 6 years ago | (#22582678)

I'm sorry, but even fortune 500 companies have problems with systems being compromised. you're thinking that for whatever reason they can control all the input and all the out put data.

yahoo which was an early pioneer in the internet space was highly dependent on FreeBSD, to date they still code and maintain Yahoo BSD, and submit considerable amounts of code to the FreeBSD project.

even with programmers writing their own operating system yahoo has had times where servers got compromised. furthermore, they have for years had data Crossing their network that Is Not end to end secure. because of common carrier laws, yahoo mail, yahoo briefcase, and even geocities doesn't guarantee that any of that data is free of viruses or exploits.

why do you think yahoo and google invested in captcha systems for their servers? it was to reduce spam and fraud committed with 'automatic' tools designed by crackers to make it easier to compromise systems and do their 'illicit' jobs.

and yes google is a fortune 500 at number 241 and yahoo is at 357. (for year 2007)

the whole point is that even 2 fortune 500 companies can transmit code that will compromise your system, because they are protected by common carrier laws. there is no promise that going to a geocities site won't in some way let hackers install software on your system, the whole point is that hackers build bots that do this for them so they make money, and fortune 500 companies have failed in coming up with a secure system against botnet installers, especially over networks where they have legal immunity.

even a small portion of files on download.com contain adware, even though download.com has a no adware policy. but we were talking about what fortune 500 companies are doing, for internet security, so i used the geocities/yahoo mail etc...

Any site (5, Informative)

Merls the Sneaky (1031058) | more than 6 years ago | (#22499338)

Any site serving up adverts is potentially sering up malware. Durr.....

Re:Any site (1)

flyneye (84093) | more than 6 years ago | (#22501284)

If it can be any site,that leaves the criminal themselves as the point of removal.
I figure if legislation can be passed to void our other constitutional rights,they can jolly well legislate stronger penalties for phishers,Black hat hackers,script kiddies and virii/trojan coders. Cut off their hands and reproductive organs so we don't have to bother with them or future generations of them.

Re:Any site (1)

PlusFiveTroll (754249) | more than 6 years ago | (#22501440)

Thank You for failing the game, please try again. Many of the criminals doing said things in articles are in countries that turn a blind eye to such crimes.

Re:Any site (1)

flyneye (84093) | more than 6 years ago | (#22501970)

Yes,but,we still have some here and the therapeutic value is beyond priceless.
So,like the cannibals who barfed up the missionary,you can't keep a good man down.

Full Text (1)

doyoulikegoatseeee (930088) | more than 6 years ago | (#22499344)

Trend Micro 2008 forecast for cybercrime.
Trend Micro (published 19 February 2008)

Increasing trend in underlying criminality for financial gain in the area of cybercrime set to continue throughout 2008.

Trend Micro has published its 2007 Threat Report and 2008 Forecast.

According to research from Trend Micro's TrendLabsSM, hackers are intensifying their attacks on legitimate Web sites. It debunks the adage to "not visit questionable sites" - just because a user visits a gambling or adult-content site doesn't necessarily mean Web threats are lurking in the shadows; the site with the latest sports news or links in a search engine result, however, could potentially infect visitors with malware.

An underground malware industry has carved itself a thriving market by exploiting the trust and confidence of Web users. The Russian Business Network, for example, was notorious all year for hosting illegal businesses including child pornography, phishing and malware distribution sites. This underground industry excludes no one. In 2007, Apple had to contend with the ZLOB gang, proving that even alternative operating systems are not safe havens for the online user. The Italian Gromozon, a malware disguised in the form of a rogue anti-spyware security application, also made its mark in 2007.

This past year, the NUWAR (Storm) botnet expanded in scope when Trend Micro researchers found proof that the Storm botnet is renting its services to host fly-by-night online pharmacies, dabble in stock pump-and-dump scams, and even portions of its backend botnet infrastructure. During 2007, the most popular communication protocol among botnet owners was still Internet Relay Chat possibly because software to create IRC bots is widely available and easily implemented and at the same time movement to encrypted P2P is being used and tested in the field.

Security threats are no longer limited to PCs. Mobile devices, as they become more sophisticated and powerful, are at risk for the same types of threats as PCs (viruses, spam, Trojans, malware, etc.) Gadgets with wireless capabilities such as Wi-Fi and Bluetooth, as well as storage capability have become major sources of data leaks, as well as carriers of infections through security perimeters.

Other notable findings from the report:.

- The Windows Animated Cursor exploit (EXPL_ANICMOO) encompassed over 50 percent of all exploit codes to hit the Internet computing population. 74 percent of its infections this year came from Asia. The same holds true for TROJ_ANICMOO.AX, a related threat which embedded the exploit. 64 percent of computers infected with this were from China.

- The top malware finding was WORM_SPYBOT.IS and WORM_GAOBOT.DF. Both created botnets and worms that infected USB-connected devices.

- Nearly 50 percent of all threat infections come from North America, but Asian countries are also experiencing a growth -- 40 percent of infections stem from that region.

-Social networking communities and user-created content such as blog sites became infection vectors due to attacks on their underlying Web 2.0 technologies, particularly cross-site scripting and streaming technologies.

- Infection volumes nearly quadrupled between September and November 2007, indicating that malware authors took advantage of the holiday seasons as an opportunity to send spam or deploy spyware while users are shopping online.

- In 2007, the number one online commerce site attacked by phishers was still global auction site eBay and sister company PayPal. Financial institutions, especially those based in North America, also experienced a high volume of phising attacks.

Based on the emerging trends of this year, the following are Trend Micro's forecasts for the threat landscape in 2008:

1. Legacy code used in operating systems and vulnerabilities in popular applications will continue to be attacked in the effort to inject in-process malicious code that criminals can exploit to run malware in efforts to breach computer and network security in the efforts to steal confidential and proprietary information.

2. High-profile Web sites that run the gamut of social networking, banking/financial, online gaming, search engine, travel, commercial ticketing, local government sectors, news, job, blogging, and e-commerce sites for auction and shopping will continue to be the most sought-after attack vectors by criminals to host links to phishing and identity theft code.

3. Unmanaged devices such as smart phones, mp3 players, digital frames, thumb drives, and gaming stations will continue to provide opportunities for criminals and malware to infiltrate a company's security borders due to their capabilities for storage, computing, and Wi-Fi. Public access points such as those in coffee shops, bookstores, hotel lobbies, and airports will continue to be distribution points for malware or attack vectors used by malicious entities.

4. Communication services such as email, instant messaging, as well as file sharing will continue to be abused by content threats such as image spam, malicious URLs, and attachments via targeted and localised socially engineered themes due to their effectiveness in luring potential victims as criminals attempt to increase the size of botnets and steal confidential information.

5. Data protection and software security strategies will become standard in the commercial software lifecycle due to the increasing high-profile incidents. This will also put a focus on data encryption technologies during storage and transit particularly in the vetting of data access in the information and distribution chain.

little hint (2)

ILuvRamen (1026668) | more than 6 years ago | (#22499366)

even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware
Pssst....they mean Yahoo :-P But really if you think about it, way too may big companies serve up software that spies on you or serves up ads or has a dual installer that also installs something bad. I don't think that's what they're talking about though. Pretty sure they mean just random banner ads for virus infested "free screensavers" and stuff.

Re:little hint (0, Redundant)

Corwn of Amber (802933) | more than 6 years ago | (#22500680)

Use Adblock not to download the malware-pushing banners.
Don't download code. Music, videos, etc. OK, but NOT code. Unless you KNOW it's safe.
And finally : use a Macintosh or Hackintosh. There's no drive-by on OSX. And the USB-sticks? My friends CLEAN theirs on my macs, lol.

Fortune500 sites pushing malware? That's why you Americans have "class action lawsuits" and "ambulance-chasing lawyers". 1+1+1= ... profit.

Re:little hint (0)

Bombula (670389) | more than 6 years ago | (#22501632)

Here's another little hint: start making ALL websites accountable for their content. We do need better oversite of the DNS sysem anyway. So then if you're in violation? BAM, your site gets pulled from DNS. Yahoo et al will fall in line instantly, as will anyone else who is serious about keeping their site up. All the tens of millions of junk sites out there pushing malware and other garbage will just start getting shut off. If they want to spend the time money creating new sites with new links every day, fine - but it'll make the whole spam/malware livelihood a hell of a lot less viable.

Here's an analogy: you open up a store and sell whatever you like in it. Then it turns out some of the stuff you're selling - guns, drugs, fake medicine, fake brand-name clothes, whatever - is not lawful. So you either pull that crap from your store or you get shut down. QED. And of course this is all orders of magnitude easier for websites. Hell, a crawler system looking for malware you do the monitoring and enforcement automatically. This solution should have been implemented years ago.

No kidding! (1, Interesting)

Anonymous Coward | more than 6 years ago | (#22499370)

"...even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware." I've been telling my users this forever. Some of them just don't have the mind set or skills to fend off the malware, which is part of why I have a job. It's all about locking down the computer. Of course, this is a sliding scale. Lock it down enough to totally (possible??) protect it, and the user can't do many of the usual tasks. Leave it open to being able to work, and you have security holes. I've always been a fan of sandboxing, but it's still too complex for the usual user. If the user makes changes that need to be stable, then how do they commit them without risking infection from some malware they've picked up in the process? Security is a moving target and we must always be ready to recover from an incident, no matter how secure we THINK our computers are. It's a dirty world out there, as this article ably demonstrates.

it's called No Script (4, Informative)

timmarhy (659436) | more than 6 years ago | (#22499382)

... use it together with adblocker and a good antivirus package and your web experience will be safe and much faster.

Re:it's called No Script (2, Informative)

CSMatt (1175471) | more than 6 years ago | (#22499406)

Seconded, and also only allow whitelisted cookies.

Re:it's called No Script (4, Interesting)

mlts (1038732) | more than 6 years ago | (#22499706)

I think as time goes on, perhaps the best way to browse the Web is having a virtual machine running under a dedicated, locked down user, so if the OS in the VM is compromised, an unknown exploit that might let malware out of the VM to compromise the host would be stopped. Its not 100%, but it seems to be the best way of doing things. Of course, the Web browser should have Noscript and Adblock functionality for a lock on the front door.

Eventually, I wonder if the Web browser should be completely enclosed in its own VM, where it doesn't require an explicit launching of a client OS, perhaps similar to how Thinstall wraps applications so all changes are only written to a sandbox directory. Vista's protected mode in IE7 is a start, where IE7 does not have access to the full Registry, but more separated from the rest of the machine with limits on CPU and other resources.

Re:it's called No Script (2, Informative)

porkUpine (623110) | more than 6 years ago | (#22500544)

I currently run Firefox in SVS (Altiris) (Along with the suggestions above). Basically Firefox runs in it's own virtual layer on the machine with no access to the "real" OS. I can run multiple instances to allow for different security settings. It's nice because I don't have to actually boot a VM just to surf the web safely. http://juice.altiris.com/glossary/term/252 [altiris.com]

Questionable company (1)

Futurepower(R) (558542) | more than 6 years ago | (#22500862)

I notice that the Altiris site contains very poor writing.

It would be great to have a suggestion from a better company.

Re:it's called No Script (4, Informative)

Ed Avis (5917) | more than 6 years ago | (#22500556)

Note that all modern operating systems do run each process in its own virtual machine. The process sees its own memory space that has no relation to the physical memory layout of the machine (indeed, it may even be bigger) and it has no direct access to the hardware. It gets CPU time that doesn't correspond to any one physical CPU; it may get timeslices from different CPUs if the operating system decides this. If it wants to read or write a file, it has to make a call to the operating system which first checks it has the appropriate permissions and then arranges for the I/O without allowing the user process to talk to the disk directly. Nor can processes access memory belonging to a different process, unless both agree to set up a shared memory scheme.

The problem is not lack of virtualization. Everything is virtualized already. The problem is excessive permissions given to the programs running in each virtual address space. For example, the web browser should not have any rights to save files outside a designated 'downloads' directory.

Nonsense (1, Informative)

Anonymous Coward | more than 6 years ago | (#22508710)

You're confusing Virtual Memory with a Virtual Machine.

The OP is quite correct. It's a heck of a lot easier to clean up an attack that has compromised a VMWare image than one which has compromised the PC.

Re:Nonsense (2, Insightful)

Teancum (67324) | more than 6 years ago | (#22510304)

No this isn't virtual memory.... it is a virtual machine. Memory and CPU registers are supposed to be separated and each process is supposed to be divided so they can't directly access each other but rather need to route through the operating system in order to send information to each other. Only in practice this doesn't always happen.

And this is a problem with VMWare as much any other sort of processor division. The main problems was that once the virtual machines were set up for each process in Windows, all sorts of holes were punched into the environment for message passing and other issues that allowed for inter-process communications. And *THAT* is where the security holes came into play.

All VMWare and other similar software provides is another level of abstraction... and some initial security that Windows supposedly provided originally but then ignored with a drive to provide inter-process actions. The same thing can happen with Virtual Machines... and between networked computers. Just that it is another level of abstraction moving up the food chain.

Re:Nonsense (0)

Anonymous Coward | more than 6 years ago | (#22511262)

Separation of memory and cpu registers does not make a virtual machine. Sorry. We've had that for decades now. and have had process (including kernel + user space) separation since UNIX originated.

If you're seriously going to try and go back and call simple process separation, along with virtual memory, a virtual machine, you're just being silly.

Real Virtualization requires much more.

Re:Nonsense (1)

Ed Avis (5917) | more than 6 years ago | (#22513158)

Separation of memory and cpu registers does not make a virtual machine. Sorry. We've had that for decades now.
See Wikipedia:

Virtual machines are separated in two major categories, based on their use and degree of correspondence to any real machine. A system virtual machine provides a complete system platform which supports the execution of a complete operating system (OS). In contrast, a process virtual machine is designed to run a single program, which means that it supports a single process. An essential characteristic of a virtual machine is that the software running inside is limited to the resources and abstractions provided by the virtual machine -- it cannot break out of its virtual world.
What operating systems provide is a process virtual machine. The process doesn't have access to the underlying hardware; it sees a virtual memory space that doesn't correspond to the physical memory, and runs on a virtual CPU (the virtual CPU may support extra instructions not handled by the physical CPU, as with current Linux/ARM floating point operations). A virtual machine doesn't have to mean a system virtual machine capable of running a whole OS, although indeed you can write operating systems designed to run in an ordinary Unix process container.


It's certainly true that the process running in the virtual machine cannot break out of its world. If you don't believe me, try to write a C program that directly accesses the disk controller or physical memory. Anything the process does must be done using the facilities provided by the OS.


Yes, virtual machines have existed for decades now. We are mostly using process virtual machines in Unix-like and Windows systems. System virtual machines have been around for decades too, of course, just not on the desktop.

Re:Nonsense (0)

Anonymous Coward | more than 6 years ago | (#22522668)

Sorry dude, terminology has passed you by. No one means process isolation when they refer to Virtual machine anymore, they mean system isolation.

You're completely right that the problem will just moves up the stack as people drill holes in firewalls and between virtual machines. The main issue there is that it's HARD to make things easy to integrate as users want them to, and simultaneously protect against unwanted integration. The user sure as hell can't be trusted to make the right decision on their own behalf (malware) and fine-grained permission granting is hard to simplify (and annoying).

What everyone here is suggesting is to isolate the browser (and frankly it should be email too) against malicious drive-by exploits. This won't please everyone (unless the VM state is wiped clean for each session, the VM itself can be rooted and have its DNS lookups redirected, for example. But if you wipe the VM after each session, people who lost their login cookies and password caches will cry, as a counterexample.). What about browser add-ins? They often are malware, but people seem to like them and many are useful to some extent and not malicious?

I'm personally a fan of a stateless browser which is wiped clean between sessions - no cookies, no addins, etc. Two browsers actually - one used only for secure sites I trust the most, the other for random surfing. But my wife hates this setup and only uses the trusted browser vs the locked down one (because it works on the sites she wants to visit), so I'm really just out of luck.

Re:Nonsense (1)

Ed Avis (5917) | more than 6 years ago | (#22526276)

I don't think that's true. Even on Slashdot people talk of the Java virtual machine, the Flash virtual machine and so on. If they don't say that a Linux process container is also a virtual machine, this is more likely to be because they haven't thought about it, rather than because they understand the history of operating systems and have carefully decided to change the definition of a VM to mean a system-level VM only. After all, if the virtualized CPU, memory space and hardware presented to a process is not a virtual machine, what is it? Besides, a process virtual machine is sufficient to run a whole operating system: look at User Mode Linux.

I don't see how isolating the web browser, however it is done, will help matters. If the malware can't take over the whole system, so what? It still has control of your web browser, which is what you use to visit banking sites. You would need two browsers isolated from each other, as you suggest.

I'm personally a fan of a stateless browser which is wiped clean between sessions - no cookies, no addins, etc.
If this is a good idea then it should be enforced as a security policy, by not giving the web browser permission to save any files outside a 'scratch' directory which is emptied on each run.

Surely the first stage in any separation of privilege is to have separate user accounts for you and your wife?

Re:it's called No Script (2, Informative)

TubeSteak (669689) | more than 6 years ago | (#22500800)

Eventually, I wonder if the Web browser should be completely enclosed in its own VM, where it doesn't require an explicit launching of a client OS, perhaps similar to how Thinstall wraps applications so all changes are only written to a sandbox directory.
http://www.sandboxie.com/ [sandboxie.com]
I read about it in the comments of some /. thread
All changes are written to a sandbox directory, convienently called "sandbox"
And you can launch more than just your web browser in it.

Re:it's called No Script (1)

Pros_n_Cons (535669) | more than 6 years ago | (#22505026)

I dont know if It's the "best" way to secure a web browser but I read a few days ago on a Red Hat employee's blog about how Fedora 9 is going to have the browser confined by SElinux, the way its done is kinda clever in my opinion cause it confines the wrapper. Making plugins only allowed to write to .mozilla or .adobe, etc. I dont think it will protect against mozilla (yet) flaws itself but plugins are certainly more than half the battle.
the URL is http://danwalsh.livejournal.com/15700.html#cutid1 [livejournal.com] if you're curious.

Re:it's called No Script (2, Interesting)

Architect_sasyr (938685) | more than 6 years ago | (#22499432)

An interesting feature of google that I've always liked is the "This page may harm your computer" or whatever they put on dangerous links. I wonder how viable it would be to have a firefox plugin that did something similar. Not so much the patching of the bugs, but maybe some sort of distributed (P2P) system that says "Yep, this is dangerous, we aint patched it yet, so go there if you like but we don't recommend it"

Might help out, might not. If I had something like that running in my company I reckon I could reduce half the problems (as opposed to making the proxy server do all the work).

Re:it's called No Script (4, Informative)

jesser (77961) | more than 6 years ago | (#22499714)

An interesting feature of google that I've always liked is the "This page may harm your computer" or whatever they put on dangerous links. I wonder how viable it would be to have a firefox plugin that did something similar.

Firefox 3 does this. If you start to load a site that's in Google's database of malicious (and compromised) pages, Firefox 3 will show a big red "Suspected attack site!" thing instead of parsing the page.

Mozilla and Google put a lot of effort into making it possible to do this without slowing down page loads. Firefox downloads a list of 32-bit hash prefixes for compromised sites. If a hash prefix matches (which will happen on any malicious page load and perhaps 0.1% of other page loads), Firefox asks Google for the rest of the hash. Both the local database lookup (which can require disk access) and the possible request to Google happen in parallel with Firefox resolving the DNS entry and connecting to the site.

Last week, the site of Firebug author Joe Hewitt was compromised, and Firefox 3 Beta 3 users saw this [mozilla.com].

McAfee SiteAdvisor (1)

frog51 (51816) | more than 6 years ago | (#22500406)

It's free and does a reasonable job at indicating risk level to the less computer savvy (in green, amber and red)

Re:McAfee SiteAdvisor (1)

Bert64 (520050) | more than 6 years ago | (#22513100)

The trouble with siteadvisor, is that it's quite easy to identify when it's hitting your site.
With that in mind, it's fairly easy to serve up a different site to siteadvisor, or just not serve the malware.

To see an example of a site that does this, look up www.acunetix.com on siteadvisor, notice how siteadvisor has downloaded some programs from their site and verified them malware free, look also how siteadvisor has submitted its email address to the site and not received any email.
Now go to acunetix.com, and try to download the same programs, you will need to submit you're email to do so... You will quite quickly receive an automated mailing.. Now why didn't siteadvisor get this automated mail?

Re:it's called No Script (1)

kent_eh (543303) | more than 6 years ago | (#22503282)

An interesting feature of google that I've always liked is the "This page may harm your computer" or whatever they put on dangerous links.
I got an e-mail from my Mom on Monday night that said:

I was downloading something into AVG, and I saw something in red letters that said it was a 'trojan horse'. Is that friend or foe? I think it's probably safe, but I thought I should check with you first..."
Yes, she's confused about what AVG's role in the download is, but that aside.
There was a banner popped up with big red letters, and the word "warning" and she still thought it might be safe.
I guess there is some glimmer of hope, given she had enough doubt to ask me, but still I'd submit she is among the "average users" that need their computers to protect them from themselves. I'm looking at some of the sandboxes that are being linked in this thread, and hopefully there is something transparent enough to install on her computer to add yet another level of protection. Time to update my "rescue family members' computers" memstick... Again.

Re:it's called No Script (3, Informative)

Anonymous Coward | more than 6 years ago | (#22499494)

NoScript doesn't help if a site already on your whitelist gets compromised.

Re:it's called No Script (1)

Keeper Of Keys (928206) | more than 6 years ago | (#22505818)

NoScript doesn't help if a site already on your whitelist gets compromised.
While it's literally true that if a site on my whitelist (netvibes.com, for instance) has its server compromised and a bad script is introduced there, my browser will get hit, as I understand it this is not generally how such script-based attacks happen.

Usually a bad script from some other domain is introduced onto a page, eg through a widget, a badly-screened comment form, an ad script, etc. Without NoScript, these scripts are treated with the same level of trust as those hosted on the site's domain. But NoScript blocks such scripts by default (unless they happen to come from another trusted domain).

So, while NoScript is not a perfect protection, it does seem pretty good defence against the current wave of malware.

Re:it's called No Script (2, Insightful)

mrbluze (1034940) | more than 6 years ago | (#22499530)

... use it together with adblocker and a good antivirus package and your web experience will be safe and much faster.
..together also with a windows-free computer, I guess. But the problem is that websites people visit nowadays require scripts to be enabled. They will be deliberately targeted over sites which don't mandate scripting, so the problem remains. Best way is to design computer systems with the assumption that they will be hacked and then see how to prevent or minimize any damage, from the outset, instead of the old model which assumes the software was all honestly and flawlessly written.

Re:it's called No Script (1)

timmarhy (659436) | more than 6 years ago | (#22499796)

you can selectively run the scripts. for example i block the analyitics scripts when i go to gmail but gmail still works fine

it's called fleeing in terror! (0)

Anonymous Coward | more than 6 years ago | (#22499664)

And the web regresses back several years. Kind of hard to progess when one's reaction is to run away.

Re:it's called fleeing in terror! (2, Interesting)

red star hardkore (1242136) | more than 6 years ago | (#22500274)

Kind of hard to progress also when you wake up some morning and find your life savings have been transferred to some dodgy account in Russia. It isn't fleeing in terror, it's putting a hold on things until developers realise that security is as important as functionality.

Forth malware (3, Funny)

Chris Burkhardt (613953) | more than 6 years ago | (#22499402)

> [...] can serve forth malware

Serve Forth malware from a website? I'd be more concerned about JavaScript malware and the like.

Re:Forth malware (2, Funny)

misleb (129952) | more than 6 years ago | (#22499690)

Serve Forth malware from a website? I'd be more concerned about JavaScript malware and the like.


Haskell malware is the best!

I sure hope (5, Funny)

iminplaya (723125) | more than 6 years ago | (#22499500)

Slashdot is safe. It's the only site I visit. Make sure not to open the articles. You never know.

Re:I sure hope (1)

phalse phace (454635) | more than 6 years ago | (#22499770)

Make sure not to open the articles. You never know.


Open articles? I don't think /.ers have anything to worry about.

THIS IS YOU, CAPTAIN REDUNDANT (0)

Anonymous Coward | more than 6 years ago | (#22501030)

I don't think /.ers have anything to worry about.
We don't read TFAs here.

The Power of Google (4, Interesting)

TubeSteak (669689) | more than 6 years ago | (#22499516)

http://www.google.com/search?q=site:.edu+viagra [google.com]
http://www.google.com/search?q=site:.gov+viagra [google.com]
Only two pwned sites in the top 10 for .gov
It'd be ironic if idtheft.utah.gov was handing out malware.

Replace viagra with other spamwords & you'll get more of the same

Re:The Power of Google (4, Interesting)

TubeSteak (669689) | more than 6 years ago | (#22499588)

I hate replying to my own comments, but the States seem to be doing a much poorer job than the Federal Government.

http://www.google.com/search?q=site:k12.ny.us+viagra [google.com]
That brings up pwned K-12 school websites from New York

http://www.google.com/search?q=site:.ny.us+ringtones [google.com]
This frequently brings up state websites
EG: New York State's Division of Military and Naval Affairs website has been exploited.

I don't mean to pick on New York, but they seem to be worse than many other States.
Replace .NY. with your state's abbreviation

So.... PEBCK (2, Insightful)

ruinevil (852677) | more than 6 years ago | (#22499520)

In the end, the majority of security problems lies with the user. We need better computer security education in schools and instill a healthy sense of paranoia in the youth.

Do we really need Trend Micro's PC-cillin?

Re:So.... PEBCK (0)

Anonymous Coward | more than 6 years ago | (#22500306)

Problem Exists Between Chair Keyboard? What's a chair keyboard? A keyboard you can sit on?
 

Wanna be safe? (1)

iminplaya (723125) | more than 6 years ago | (#22499560)

Boot from a live CD. Or use a virtual machine. Of course you can always use a less popular operating system.

Re:Wanna be safe? (1)

drrck (959788) | more than 6 years ago | (#22499610)

I don't think the people that will be affected by this will be interested in a less popular operating system.

Windows XP SP3 (4, Insightful)

Myria (562655) | more than 6 years ago | (#22499570)

Microsoft needs to get their new service pack out the door. No, I don't mean Vista SP1. Microsoft needs to get XP SP3 out. So many people think Windows Update is some silly annoyance that Microsoft threw in there for who knows what. They never heed the requests to install updates and reboot, since that takes so long. Then when their machine slows to a crawl with adware, they ask us to fix them. And in other cases, their computers join a botnet and spam us all.

XP SP3, on the other hand, can have marketing support behind it. Articles can talk about it and how to install it, and people won't get so annoyed at a one-time installation. XP SP3 includes fixes for the still-quite-popular ADODB.Stream and animated cursor exploits, and at this point, finding browser exploits is getting into diminishing returns. Now that Microsoft cares, Windows is having its code audited much more thoroughly than when XP SP2 was made.

Service packs also give Microsoft an opportunity to release fixes for security holes found internally, since service packs are so different from the previous version. If they patched holes quickly like Firefox does with incremental patches, they'd be revealing those holes to attackers armed with machine code diff programs.

Re:Windows XP SP3 (3, Insightful)

erroneus (253617) | more than 6 years ago | (#22499614)

Is there something in SP3 that will magically fix the stupidity of users or will it patch the Windows kernel with a Linux kernel?

Re:Windows XP SP3 (1)

Myria (562655) | more than 6 years ago | (#22499670)

Is there something in SP3 that will magically fix the stupidity of users or will it patch the Windows kernel with a Linux kernel?
No, but at least it will be harder for attackers to exploit them. There is a finite number of exploitable bugs in Windows XP and Internet Explorer, and since few new features are being added, few new bugs are being added.

As for Linux, are things really much different [slashdot.org]?

For very large values of finite. (2, Insightful)

anandsr (148302) | more than 6 years ago | (#22500296)

There are a finite number of exploitable bugs in Windows XP for very large values of finite.

Re:For very large values of finite. (1)

erroneus (253617) | more than 6 years ago | (#22509950)

I'd even deny that much since for something to be considered "finite" the end of the list has to have been determined, not merely presumed. New problems are constantly being discovered with no end in sight. "...with no end in sight" makes it sound rather infinite doesn't it?

At least in the case of OSS, quite a few problems can be identified through examination of the source. In closed or proprietary sourced situations, people have to pretty much experiment with things and test a lot. And even though it presumably takes a lot more work to discover weaknesses in Windows, the frequency of new discoveries certainly makes it appear as if it's even easier than examining the source!

Re:Windows XP SP3 (2, Interesting)

sumdumass (711423) | more than 6 years ago | (#22499778)

They never heed the requests to install updates and reboot, since that takes so long. Then when their machine slows to a crawl with adware, they ask us to fix them. And in other cases, their computers join a botnet and spam us all.
This might be more because they havehad an experience where an update broke their computer or some app. This is probably especially true when SP2 came around because of it's ability to fail and render the computer useless if certain Spyware has been installed. They might have fixed that bug, but I was stuck restoring a lot of computers for suckers who had automatic updates on and clicked go ahead when SP2 was offered.

And I say suckers not because they installed SP2, but because they had so much spyware that it could actually cause sp2 to fail and leave them without a working computer. I don't know if it still is that way or not. But it was a problem when it first came out. I also have a couple printers and some barcode readers fail on sp2 or an update right around that time. Yea, basically a serial connection fails to work and needed to be replaced with a newer version to run in XPsp2. I don't know what they were doing with the Barcode reader that required that much of a tie in to XP that a service pack or an update could break it's operation. But anyways, things breaking is probably a more valid reason these people are gun shy the just laziness. Although, I wouldn't completely discount laziness.

Re:Windows XP SP3 (3, Funny)

techno-vampire (666512) | more than 6 years ago | (#22499846)

Then when their machine slows to a crawl with adware, they ask us to fix them.


You must have a well-trained set of users. Most people just buy a new computer when that happens.

Re:Windows XP SP3 (2, Interesting)

cerberusss (660701) | more than 6 years ago | (#22500776)

You're modded funny, but when a new Dell Vostro costs $299 and the machine is more than 2 years old, then it might be worth it.

Re:Windows XP SP3 (0)

red star hardkore (1242136) | more than 6 years ago | (#22500310)

Windows users, as consumers paying Microsoft, should be getting the OS working properly when they buy it, not 5/6 years later. Not after 3/4 service packs have been released. How many people will actually buy an alpha or beta release of software, never mind an OS? When you buy Windows, you could equate the original release to being an alpha, SP1 bringing it up to beta, SP2 up to 1.0, SP3 to 1.1, etc. But, I have to concede one thing to Microsoft, at least they release SP's for free, unlike Apple who charge you 100euro for a .1 upgrade that fixes bugs, glosses the GUI a little more, and adds a few features that can be installed though free third party add-ons anyway.

Debunks nothing (2, Insightful)

syousef (465911) | more than 6 years ago | (#22499572)

The research debunks the conventional wisdom about not visiting questionable sites, because even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware

I still believe you're still more likely to get malware on dodgy sites. As worded in the summary, this sounds like an excuse someone came up with to justify their penchant to troll for pr0n, war3z and mp3z.

Bullhonkey (1, Insightful)

Anonymous Coward | more than 6 years ago | (#22499592)

The research debunks the conventional wisdom about not visiting questionable sites, because even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware.
How on earth does that debunk the conventional wisdom about not visiting questionable sites??

It may well debunk the idea that visiting mainstream sites is safe, but that doesn't mean you shouldn't think twice before visiting a site which you're not sure of. Especially if you browse with internet exploder..

Too many words... (2, Informative)

argent (18001) | more than 6 years ago | (#22501300)

When you write: think twice before visiting a site which you're not sure of. Especially if you browse with internet exploder..

Surely you mean think twice before [...] you browse with internet exploder..

Congratulations Trend Micro! (1, Funny)

Anonymous Coward | more than 6 years ago | (#22499652)

It's only taken 2 months to realize that the most common forms of computer attacks are going to continue in 2008, and all this despite the open memo to on-line criminals:

"Dear blackhats,

Please, please, please make a new year's resolution to stop making viruses, stealing money and sending spam.

Loving Regards,

Trend Micro."

Everybody out there on the ether ... be afraid. In fact be just a 'little' more afraid each year, things are definitely getting worse.

It's a problem, but the size is limited. (5, Informative)

Animats (122034) | more than 6 years ago | (#22499676)

We have a list of major sites being exploited by active phishing scams, [sitetruth.com] which we update every three hours. There are 56 sites on the list right now. Most sites don't stay on the list too long, but we still have 14 that have been on the list since last year. Most of them are DSL service providers with compromised machines they haven't kicked off. Some providers are proactive about this, and some aren't. Then there are a few compromised sites that just have no clue about how to fix their problem. One such site is the teacher web space for a school district.

By, well, nagging, we've been able to get the big players to fix their problems. Google, Yahoo, MSN, and Dell were all on the list at one point, but they've all tightened up their systems.

The points we make with this list are that 1) the number of major sites involved is small, and 2) blacklisting at the second level domain level causes acceptable levels of collateral damage. So go ahead, blacklist the whole second level domain in your phishing filters. Think of it as a way to encourage sites to clean up their act. Or as a way to find out where to apply the clue stick.

This list is about "major" sites, ones in Open Directory (1.7 million sites.) The issue there is with attackers trying to steal the credibility of the major site. At the other end of the scale, any domain less than a few weeks old probably isn't worth connecting to. Or at least it should be read with all executable content disabled, including HTML email. Also, any link with more than one redirect probably shouldn't be followed.

It's easier to filter out the attackers if you're willing to filter out the bottom-feeders as well. But that's another story.

Re:It's a problem, but the size is limited. (1)

Ed Avis (5917) | more than 6 years ago | (#22500528)

WTF? Are you suggesting that users should avoid infection by not visiting websites with a domain 'less than a few weeks old'? How are they going to verify this information before each page click? If this is really a good rule to follow, it needs to be built into the browser. You can't rely on users not to do something stupid when the definition of 'stupid' gets wider and wider each year.

It only takes one site to compromise the user's machine if the user is running something exploitable. Surely the only sensible way is to treat every site as untrusted. If running with executable content disabled is necessary to avoid infection, then executable content needs to be turned off for all sites except those specifically on a whitelist (and authenticated with SSL certificates or whatnot).

Re:It's a problem, but the size is limited. (1)

Animats (122034) | more than 6 years ago | (#22503240)

You can't rely on users not to do something stupid when the definition of 'stupid' gets wider and wider each year.

Of course it has to be automated. That's what we're working on. Our free browser plug-ins will be out shortly.

Re:It's a problem, but the size is limited. (0)

Anonymous Coward | more than 6 years ago | (#22501044)

There's a tinyurl on the list, but I don't see how that would serve any good. It should be the site the tinyurl points to, no?

On the topic of that url, it looks pretty strange: http: //0x3d.0x13.0x36.0x89/

I had no idea browsers accepted IP addresses in hex.

Re:It's a problem, but the size is limited. (1)

Animats (122034) | more than 6 years ago | (#22503198)

There's a tinyurl on the list, but I don't see how that would serve any good. It should be the site the tinyurl points to, no?

"tinyurl.com" and "notlong.com" are phishing magnets, because phishing filters don't typically block their domain. So phishing sites use them to bypass filters. Those services try to keep up with phish reports and block those URLs, but they're falling behind. We encourage them to automate the process; as soon as a URL appears in any of the major phishing databases (PhishTank, APWG, McAfee) it should be blocked by those services. "notlong" seems to be doing something like that, but it's not quite fast enough yet. Phishing URL lifetimes are measured in hours; you have to do this in near real time.

On the topic of that url, it looks pretty strange: http: //0x3d.0x13.0x36.0x89/ I had no idea browsers accepted IP addresses in hex.

Yes, the IP address can be in hex. Or in decimal as one big number. There are some other acceptable legacy formats, too. There are things that can appear in a URL that are almost never used, but appear in phishing URLs.

Limit the impact of compromized DSL/cable boxen? (1)

darkfire5252 (760516) | more than 6 years ago | (#22505866)

Here's a passing thought: I'm very against the practice of an ISP blocking incoming/outgoing ports as a general business practice, as this negatively affects the technically inclined users. However, what if an ISP had a default port 80 forward to their website, where the owner of the IP could authenticate and enable direct access to the port? That way, non-techie users don't serve up malware sites, and techie users can easily enable the service and go about their business.

Along the same lines, could this technique be expanded to more/all ports by default? What if the ISP blocked all incoming non-related connections by default (in the same manner as a firewall would, I'm unclear on the exact conditions), but had an easily accessible control page? Provided that the users were made very aware of this feature (not a simple task), wouldn't this do a great deal to curb the spread of malware?

Feel free to shoot this down, I'm not seeing a glaring flaw that would prevent this from being done. An ISP could even provide a notification utility that would alert the user if they have an application that tries to listen in on a protected port.

No news is old news (2, Interesting)

Anonymous Coward | more than 6 years ago | (#22499962)

Noughtly, disclaimer: I work for a Trend competitor.

Firstly, everyone in this market puts out these sort of research reports - monthly, quarterly, annually, it varies - partly to inform and educate, but mostly for the PR value. Of course everyone sees much the same threat environment, so they're all much of a muchness, PR spin notwithstanding. I don't see my employers' annual threat survey on the Slashdot front page; hmmmm, maybe I should submit it? Or maybe not...

Secondly - "serve forth" PUH-leassseee... just reminds me of the great UK rapper Silver Bullet and his popular number, "Bring Forth the Guillotine! [wikipedia.org]" from 89. Oh hey, look, anti-virus software... silver bullet... myth... hmmmm.

This doesn't defy conventional wisdom (4, Insightful)

iamacat (583406) | more than 6 years ago | (#22500054)

A trustworthy website will remove malware after the first complaint and will give subsequent visitors a warning and a tool to remove the malware in question. There is still a risk, however the chance of encountering malware on a bank website is significantly less than 100% versus purposely malicious domains and the owner is spending effort to protect you rather than infect you.

Or you could just install all updates for your favorite OS or a 3rd party browser and virtually eliminate the chance of unintentionally installing a malware executable. Even IE7 is positively fascist when it comes to downloads and plugins these days.

Re:This doesn't defy conventional wisdom (3, Informative)

marzipanic (1147531) | more than 6 years ago | (#22501024)

Ah yes, Active X control etc, I like the fact and it is impressive, that Windows Defender (compulsory with Vista) blocks Windows Live Toolbar! A nation devided cannot stand.... Nothing beats common sense (trademarked) though does it?

Most of the hosts are not aware their site has been "infected" half of the time. I used a site regularly until one day it tried to download some malware in an iframe and an flv file. Not aware at all their site had got a problem.

Not helped by some people who use a certain "site advisor" program giving it a green tick because it was "full of pretty, cool and amazing things" instead of looking at what their anticrapware app was singing / doing and warning people accordingly.

For that fact alone I refuse to bank online, I just feel safer. Call me old fashioned....

Re:This doesn't defy conventional wisdom (1)

iamacat (583406) | more than 6 years ago | (#22504426)

I used a site regularly until one day it tried to download some malware in an iframe and an flv file.

Well, did you report the problem and see if you are taken seriously?

For that fact alone I refuse to bank online, I just feel safer. Call me old fashioned....

I rather prefer online bank robberies to regular ones.

Criminaly great offer (1)

Raphael Emportu (1143977) | more than 6 years ago | (#22500352)

I'm looking for contacts that leech gameboy roms and need to acquire large quantities of crack or hot radioactive material. This month I offer a free fully automatic handgun to spray your classroom with each order. -- Message protected by international copyright. (c) Crime.Inc 2008

The answer (1)

mach1980 (1114097) | more than 6 years ago | (#22500576)

Don't know about you but I believe one aspect of the cyber-crime growth is peoples inclination to press hyper links named "compromised Web sites"

Truth wrapped up in FUD, and the way forward... (4, Insightful)

argent (18001) | more than 6 years ago | (#22501194)

I've been beating the drum about Internet Explorer and its deliberate malware distribution features like ActiveX for years. Over 10 years, in fact, since it was 1997 when Microsoft introduced Active Desktop...

When people tell me "oh yes, I use Internet Explorer, but I only visit well known websites I can trust" I have been able in some cases to convince them that thanks to forums and other sources of third party content even "trusted" websites can source malware.

Despite what Trend Micro suggests, the best approach to security is still taking proper care with the software you use. They talk about attacks on embedded devices like cellphones, but note that they're primarily talking about their potential as backdoors for infected files, not about their embedded browsers being attacked directly. Antivirus companies want antivirus software installed on everything... that's how they make money... but until they ship software that is purely a scanner and doesn't patch the OS you're more likely to have the AV software than any virus damage your PDA, cellphone, or non-Windows PC.

But taking care with the software you use DOESN'T mean only using bad software on good websites, but not using bad software at all. The best antivirus, then, is to avoid using software that deliberately includes backdoors to allow automatic installation and execution of unsandboxed code from websites. The poster boy for this insane design is, of course, Internet Explorer, which is actually built around this model and were Microsoft to fix it they would have to break a lot of working products. But there are similar design flaws, albeit ones not so automatically easy to exploit, in other browsers... for example Firefox and Safari will happily install code for you if the code is wrapped up in the appropriate package. In Firefox that package is the XPI... and I would recommend keeping the list of whitelisted sites in Firefox empty at all times. In Safari that package is the Dashboard widget, and the option 'Open "Safe" Files after downloading' which is now (thankfully) off by default in new installs (though it doesn't prevent Dashboard widgets from being installed).

And now Microsoft is pushing a cross-platform infection vector under the name Silverlight, and there's an open-source clone of it by the name "Moonlight" under development. Some days I despair, truly.

And no number of "I'm about to do something stupid, is this OK?" dialog boxes are good enough. After 20 years as a system administrator, the last several years of which were spent fighting an increasingly frustrating battle against malware riding on this misfeature of Microsoft's security model, I can only recall one time where someone was *twice* convinced to download and explicitly run an infected file from the shell... but I've repeatedly had people come to me saying "Peter... I clicked on the wrong button again, and my computer's acting funny".

If you're a software developer, and you find yourself adding an "I'm about to do something stupid" dialog... please reconsider whether it's actually necessary. It almost never is. People really would rather explicitly download and install a plugin, for example, than have the browser pop up annoying messages all the time. Really.

Safe to Play in Traffic (1)

Doc Ruby (173196) | more than 6 years ago | (#22501226)

The research debunks the conventional wisdom about not visiting questionable sites, because even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware."


Yes, you're not in any greater risk hanging out in crackhouses, because even the banks you visit sometimes have dangerous bank robbers in them.

That statement is one of the stupidest analyses of relative risk that I've ever heard.

YUO fAIL IT?! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22501726)

Problem stems dying. All major reciprocating bad [tuxedo.org], United States of Pooper. Nothing all along. *BSD tops responsibility be in a scene and clearly become on slashdot.org obsessives and the paper towels, all along. *BSD mutated testicle of official GNNA irc in any way related as one of the you loved that volume of NetBSD and distraction GAY NIGGERS FROM Creek, abysmal fate. Let's not be development. BSD man walking. It's from the sidelines, (I always bring my Niggers everywhere MAKES ME SICK JUST notwithstanding, about half of the similarly grisly give other people posts on Usenet are To the politically house... pathetic. departures of The gay niggers I'm discussing share. *BSD is the accounting [tuxedo.org], HOT ON THE HEELS OF world's Gay Nigger very sick and its reasons why anyone And she ran which gathers

I can vouche for this story. (2, Informative)

singingjim1 (1070652) | more than 6 years ago | (#22502170)

My girlfriend checks website links routinely in PDF documents as part of her work and her machine is routinely attacked my adware and malware by supposedly innocuous websites that are supposed to be related to educational institutions or professional, technical type organizations hosting white papers, and other such information. (yeah yeah, run on sentence, sue me) I'm guessing some of these sites have been compromised or intentionally corrupted by webmasters for personal gain. In my experience this stuff happens all the time.

Poor Administration or Users (1)

PhilPSU (779421) | more than 6 years ago | (#22503488)

Its really not quit as complex as most make it out to be.

1. If you are a system administrator it is your job to secure the system and take steps to prevent malware. Examples would be updating firefox and also becasue of IE's little active x trick restrict it through group policy " (Add-On managment and Restrict file downloads) both in group policy and have been since Server 2000". If you are not using it and have had a machine under your control infected with malware through the browser you have no one to blame but yourself since the year 2000.

2. Home users will never learn and will always be the cause of many problems whether Microsft or some other OS hosted.

Bashing any OS for poor security is pointing the finger at the wrong person. Yes you get your exploits but the malware problem is System administrator and Home user supported. In the sense to many sys admins that do not know anything and home users... well repeat number 2 reason above.

Just my 2 cents
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...