Windows Infected in 12 Minutes 355
Uber-Review writes "The speed with which PC's can become infected has now shortened. If your Windows computer is not properly protected,it will take 12 minutes before it becomes infected, according to London-based security company, Sophos. They have detected 7,944 new viruses in the first half of 2005, a 59% increase over the same time span last year."
Nice... (Score:5, Funny)
Re:Nice... (Score:5, Funny)
Re:Nice... (Score:3, Funny)
I have yet to see a dupe within 12 minutes.
Maybe they just need to try a little harder.
Re:OT: Your sig (Score:4, Funny)
>Has it occurred to you that your sig is lying? There's no provision in the PATRIOT act that says you can't talk about it. You're just adding to the incoherent ramblings of the Left, which nobody listens to. There are plenty of real problems with the PATRIOT act, but your sig does nothing to address them. It's actually hurting by further making its opposition look like idiots.
Oh wise AC, verily, my slashdot sig is not doing enough to change society's problems. For that, I apologize profusely.
Re:Nice... (Score:2, Funny)
Holy Dupes, Batperson! (Score:5, Informative)
Not to mention the original article was a lot better, and not a link to yet another news aggregrator that in turn links to another site: http://www.globetechnology.com/servlet/story/RTGAM .20050704.gtvirusjul4/BNStory/Technology/ [globetechnology.com]
Woop-de-freaking-doo. (Score:5, Insightful)
Re:Woop-de-freaking-doo. (Score:5, Interesting)
not always enough - hardware firewalls are better (Score:5, Insightful)
Good design practice should prevent this but it'll never be quite as good as a hardware f/wall. Decent FW devices can be found for very cheap prices now.
If you really can't run a hardware firewall due to a need for many open incoming posrt, the 2nd-best solution is to use a modem with routing ability and direct ports 445, 593 and 135-139 to a dead address (remember to send them to an address outside the router's DHCP range so that address can never be assigned to an unprotected machine). These ports represent Windows file/print sharing, RPC Endpoint mapper (a major exploit target) and RPC comms ports. Killing those 5 ports stops 80-90% of remote attacks, although if you are running a web server, but not actually serving remote users, block ports 80 and 8080 as well to kill frontpage server extensions overflow attacks.
Re:not always enough - hardware firewalls are bett (Score:5, Informative)
1. Go to new site
2. Plug PC into modem
3. Configure modem
4. Plug phone line into modem
5. Download latest windows patches
Note that at stage 5 the PC is already protected by a firewall. Just need to AV and patches to protect against email, adware etc.
But then I also configure Thunderbird - which limits the email viruses as well (the number of times I've been called becuase a user can't open an email containing a virus
Re:not always enough - hardware firewalls are bett (Score:3, Funny)
XP SP2
and if you don't have:
install XP, then switch on the damn firewall before you plug in the bloody ethernet cable
Re:Woop-de-freaking-doo. (Score:3, Insightful)
I installed Linux about a year ago and was infected due to an exploit in the ftp server before I could get everything current, so this is far from a Windows only issue.
Re:Woop-de-freaking-doo. (Score:2)
As anti-Windows as I am, I think the argument that Windows gets attacked a lot is weak. At least based on my personal experience.
variants... do they count? (Score:5, Interesting)
ogg
They do on Windows. (Score:3, Informative)
So new signatures have to be downloaded.
The problem is that any error in that and you're vulnerable to these "new" viruses/trojans/worms.
The real problem is that the infection routes on Windows still haven't been closed.
Do you remember 'Get the Facts'? (Score:2)
If you do, you'll also remember that they actually count.
Internet Storm Center is tracking "survival time" (Score:5, Informative)
Re:Internet Storm Center is tracking "survival tim (Score:5, Funny)
Shameless parody of the 'beer is good for you' joke
Re:Internet Storm Center is tracking "survival tim (Score:5, Insightful)
An Ebola type strain of computer virus might actually be a public good. It would kill off these flu ridden beasts, put them out of their misery and prevent them from continuing to harm the rest of the herd.
Ra's al Ghul anyone?
Re:Internet Storm Center is tracking "survival tim (Score:2)
As the family's official computer nerd, I'm called upon to fix all the infested and/or dead boxes. I've rebuilt my sister-in-law's box several times now due to spyware and virus infections. This last weekend I said "screw it" and refused to fix her stupid Windows ME box, and said it was scrap unless I could install XP SP2 and give her the windows firewall. (Before the Linux
Re:Internet Storm Center is tracking "survival tim (Score:3, Insightful)
The first one start immediately tying is shoes, preparing himself to make the run of is life.
The second one say: "What the hell are you doing, do you really think you can run faster than the lion?"
The first guy answer: "I am not planning to run faster than the lion but faster than you!"
Nits: picked (Score:2, Informative)
And in a related slashdot story (Score:5, Funny)
new virus (Score:2, Funny)
Time Loop (Score:5, Funny)
That's what's happening on
Blog's Up! [whattofix.com]
Re:Time Loop (Score:5, Funny)
Perhaps we are indeed violating the Prime Directive in the most appalling manner by allowing geeks from your time to view 'Star Trek' unabatedly. Your knowledge of events and technology that occur and exist in our time grows ever greater.
With this in mind, please disregard this comment. It does not exist.
Re:Time Loop (Score:2)
That's what's happening on
Only 12 minutes (Score:5, Funny)
Re:Only 12 minutes (Score:3, Funny)
news? (Score:2)
I know Windows PCs get infected quite easily, but do we really have to:
1. repeat this statement every few days?
2. quote numbers from an organisation which is served well by making this look as bad as possible and present it as fact?
What'd I'd like to know (Score:4, Interesting)
For years I have run Windows straight out of the box (no firewall, no security software, nothing), and I've only ran into two viruses -- one through Kazaa, and one through IRC (both my fault).
I can understand that Windows is vulnerable -- but if I've managed to run Windows for many years without any major problems, then I'm curious what they are doing during these 12 minutes to arrive to such a conclusion.
Re:What'd I'd like to know (Score:2, Insightful)
If you don't seek the spyware/malware/viruses you often do not find them.
Re:What'd I'd like to know (Score:2, Informative)
For years I have run Windows straight out of the box (no firewall, no security software, nothing), and I've only ran into two viruses -- one through Kazaa, and one through IRC (both my fault).
You must run Windows Update religiously. Last year there was a worm, and if you hadn't already updated your machine, it was more or less impossible to avoid, because the time it took to download the update (a couple of minutes) was way more time than was necessary for your machine to be compromised and auto-reboot
Re:What'd I'd like to know (Score:2)
I think that is a fair question to ask. I was playing with BitComet last week, linked to Bitracker, or one of the other popular BT sites, and spent three days cleaning up the mess it left behind. In
Re:What'd I'd like to know (Score:5, Insightful)
Re:What'd I'd like to know (Score:2)
Re:What'd I'd like to know (Score:4, Interesting)
I've had my "NAS pr0n box" (an old Athlon 1600+ w/250GB worth of misc drives) running un-updated WinXP Pro (the "reset5" 30-day hack precludes updates) for over a year on the same static IP, open to the whole intarweb, and it hasn't picked up a single virus. I use it for torrents, eMule, kazaa-- basically all and sundry untrustworthy site scouring-- and still it works. I recently installed McAfee on it, just to see what viruses I'd "collected", and there's nothing! I think the biggest deciding factor in how fast your exposed windows machine gets "pwned!" is whether or not it's in the IP address range assigned to a large ISP that caters to the Unwashed Masses (e.g. Comcast). Using an ISP that markets to the bespectacled nerd crowd puts your IP address in a range that probably won't be tapped for a "zombie harvest".
Re:What'd I'd like to know (Score:3, Informative)
I was running a Win98 PC as a gateway for the kids PCs connection at home, and it was generally fine, the odd virus, but nothing major.
However, when I put in Win2K (SP1, no firewall or AV initially installed), it was virtuall unusable within an hour.
According to the firewall, the machine gets attacked/probed maybe up to a hundred times a day, its ridiculous.
Re:What'd I'd like to know (Score:2)
Uh (Score:5, Insightful)
+Pete
Re:Uh (Score:2)
Other way. (Score:2)
Re:Other way. (Score:2)
H*LL, in the US cities of that size (London) tend to spread over multiple STATES.
So is Taiwan ... (Score:2)
Actually to maintain proper parallelism, it should be the island of Formosa with Oxfordshire.
London in England? (Score:2, Funny)
Eat Your Own Dog Food (Score:5, Insightful)
Editors - Question (Score:5, Insightful)
Do the editors of Slashdot actually read the site regularly? If not, should they be posting articles to the front page?
Followup question: Isn't this common sense?
Re:Editors - Question (Score:2, Funny)
Re:Editors - Question (Score:3, Insightful)
So when they post something they may just have missed it the first time: after 250 potential articles, you may skip over some posted during your holiday.
That said, procedures should include a quick check on the keywords. It would improve quality.
Re: (Score:2)
Re: (Score:2)
Re:Editors - Question (Score:2)
As far as technical fixes go, that's easy: add a "dupe" field to posts, and let users filter them out. Since it is claimed that the editors know it's a dupe most of the time, that would solve the
Re:Editors - Question (Score:2)
Another way to do it: only regged users can submit stories.
When a person submits a dupe, ban the fucker from submitting anything for the next 180 days.
Re:Editors - Question (Score:3, Insightful)
Blue screen (Score:5, Funny)
Windows is stable! (Score:5, Funny)
Obligatory "here's a patch" post... (Score:4, Funny)
*dodges flying tomatos*
OK, OK, here's a patch [freebsd.org].
*runs*
Wow, thirty posts about it being a dupe. (Score:5, Funny)
Advice (Score:2, Informative)
And in related news..... (Score:5, Funny)
The internet is not a nice place. Evolve or die.
Re:And in related news..... (Score:2)
email dangers and within 12 minutes? (Score:2, Interesting)
So apparantly people start an email client _on average_ within 12 minutes after an install and catch a virus? That is pretty rough, and IMHO unrealistic. I don't know what most people do, but I'm usually still install drivers, turning off teletubby mode etc.
Sounds like the vendors included a few old worms that snatch chronically unpatched systems, and gave it a spin to boost antivirus sales.
Re:email dangers and within 12 minutes? (Score:2, Informative)
12 minutes is faster??? (Score:3, Interesting)
How about Fedora? (Score:2)
Re:How about Fedora? (Score:2)
Consider your advice trashed.
Fedora, like practically every other Linux, installs a firewall by default. While not perfect at its default setting, it's probably as good or better than the XP firewall. And 4 has presumably been patched against pretty much all current threats.
Also, we don't know what kind of cable modem he's using. If it's one of the better ones, it comes with a built-in firewall. Even the el cheapo hardware devices these days usually includes a firewall that protects against tons of standa
Re:How about Fedora? (Score:2, Interesting)
But theoretically, those ports should be closed on Fedora already. And since most internet attacks are meant for Windows anyways, I should be safe not using the hardware router. But the truth is I
Re:How about Fedora? (Score:2)
Finally! (Score:3, Funny)
There's no way linux can beat windows speed record now!
pre sp1 (Score:5, Insightful)
By "Windows" they mean Windows XP pre-service pack 1 which was released in 2001.
So, what they're saying is: "if your unpatched 4 year old operating system is connected to the internet, it'll get infected pretty quickly."
Granted, pre-sp2 versions of XP has security that wasn't exactly the greatest and, granted, post-sp2 it still isn't perfect (and I'm not defending that) - but the above statement is like saying "if your vanilla install of Redhat 7.2 is connected to the internet, it'll get infected in a couple of hours".
The latter isn't fair to Redhat and so I don't see why it's particulary fair to Microsoft either.
Re:pre sp1 (Score:2)
Re:pre sp1 (Score:2)
Neither is XP pre-sp1. As I said, it was released in 2001 (same time as 7.2). The latest version is Windows XP SP2.
You can easily download the latest version of whatever distro you want.
When you do, you're then compairing a distribution released in 2005 with a distribution released in 2001. Your comparison becomes null and void because it is unbalanced (and unfair).
Either compare Windows XP pre-sp1 with Redhat 7.1 or compare Windows XP SP
Re:pre sp1 (Score:3, Insightful)
If the average user can't be bothered to go to the effort of obtaining a service pack on CD (or downloading it and burning it to one themselves, for that matter), what makes you think they'd take up such an offer?
i am now convinced (Score:3, Insightful)
i'm a casual reader, and the dupes jump out glaringly at me just from reading the titles of articles
you would think then that an editor would have a little more exposure than me to the content coming into and out of slashdot, no?
hey editors: you have meta-moderation, how about meta-editting?
from your logs, identify readers who have read the website daily for a few months, and just as you randomly nab people for meta-moderation, randomly nab this pool of readers to review a story before it is published for dupes
leave the story in a holding area for a few hours, and if 5-10 of these regular readers look at it and don't have any dupe complaints, send it to the front page
because you have serious problem with all of these dupes
you need a solution
In related news of today... (Score:2)
These infections are mostly direct host-to-host infections by Sasser, right?
12 Minutes? (Score:2, Funny)
These guys don't know what they're talki... [NO CARRIER]
Okay, This Is How It Works (Score:3, Funny)
1) Start
2) Post dupe.
3) ???
4) Profit!!!
Of course it's faster! (Score:2)
Of course it's faster now than before! What did you expect? Considering how much Microsoft has invested in improvements, of course it's become more efficient!
--
This article needs a disclaimer (Score:2)
While I'm sure their numbers are pretty much correct, it's worth noting that Sophos sells a network anti-virus product and that may be coloring their findings.
Only fair to mention it, just like it's fair when some company says Windows NT has a lower TCO than Linux...and the funding for the study came from Microsoft.
Most retarded story. (Score:3, Interesting)
Big suprise, the world most popular OS has the largest number of virus's written for it. Another big suprise, leave your machine unpatched and unprotected on a network and it'll get infected.
-Rick
Re:Most retarded story. (Score:2, Funny)
You must not be from around here.
What was the methodology? (Score:3, Insightful)
It would be very easy to build up a system and get it infected though use, but there is no real information to tell us how real world it is, just to scare us (or make us happy we use a different OS).
Prediction (Score:2)
Suggestion (Score:3, Interesting)
Incompetence (Score:2)
-b
NATing Router? (Score:2)
Re:er, dupe (Score:3, Funny)
Re:er, dupe (Score:3, Funny)
Re:er, dupe (Score:3, Funny)
Re:I'm a little sceptical (Score:2, Interesting)
It's even faster if you have a static I.P.
I know, i was testing some vpn inside my company and i hooked the laptop to my external hub and it took about 20 minutes to get a worm, and i wasnt doing anything and my win2k was fully patched.
Re:I'm a little sceptical (Score:2, Insightful)
Re:I'm a little sceptical (Score:2, Insightful)
Anecdotal evidence does not make their result any more reliable. I can find dozens of people who will provide an example of just about anything happening. It doesn't make it any more
Re:oi vey... (Score:2)
Re:oi vey... (Score:2)
Re:oi vey... (Score:4, Interesting)
It is certainly easy to get infected while using e-mail or surfing. But now that SP2 comes with a firewall turned on by default, shouldn't it now be impossible to infect a SP2 machine without some sort of user intervention?
Does the SP2 firewall have some holes pre-poked in it already? Are there flaws in the firewall?
Re:I just installed Redhat 5 (Score:2)
How long before Minix gets owned?
Re:I just installed Redhat 5 (Score:2)
Yeah, but what does it run?
Oh, well, if there's no software for it, I suppose it can't get owned due to flaws in that software.
Re:Yeah - that's about how long it takes to boot i (Score:3, Funny)
Right.
WinXP boots to the desktop quickly, allowing the luser to screw himself more quickly.
Oh, wait, I forgot - XP SHOWS the desktop quickly, but you still have to wait up to a minute for anything else to happen as Windows fumbles around in the background trying to find the rest of the system - including the DSL connection.
God knows what the security state is as XP stumbles around back there dragging in useless services and pumping out thousands of log entries that no customer actually ever asked for. Fo
Re:Irony (Score:2)
How ironic.
--
--
Re:How can Windows be secured? (Score:2)