Cyber Woes... They Are Plentiful, Yes!
"The numbers of bot-infected PCs is rising"
That is ever since the original prank
-and unoriginal prankster-
that gave birth to the abomination
known to us all as...
the computer virus!
(Then again - so many nerds
are making a LIVING now
by dealing with the perennial problem...!)
That is ever since the original prank
-and unoriginal prankster-
that gave birth to the abomination
known to us all as...
the computer virus!
(Then again - so many nerds
are making a LIVING now
by dealing with the perennial problem...!)
It all makes us wonder all the more
which one we really want then...
a Bill by-product - or a Steve salver?
Check out the comments section
and the links - for more arguments!
which one we really want then...
a Bill by-product - or a Steve salver?
Check out the comments section
and the links - for more arguments!
Labels: 25th anniversary of the computer virus, Computer Problems Solvers, hijacked PC networks, Malware R Us, PC vs MAC, Security Updates, Spam
posted by Luminous (\ô/) Luciano™ at 2:56 PM
2 Comments:
Prank starts 25 years of security woes
By ANICK JESDANUN, AP Internet Writer Sat Sep 1, 2:33 AM ET
NEW YORK - What began as a ninth-grade prank, a way to trick already-suspicious friends who had fallen for his earlier practical jokes, has earned Rich Skrenta notoriety as the first person ever to let loose a personal computer virus.
Although over the next 25 years, Skrenta started the online news business Topix, helped launch a collaborative Web directory now owned by Time Warner Inc.'s Netscape and wrote countless other computer programs, he is still remembered most for unleashing the "Elk Cloner" virus on the world.
"It was some dumb little practical joke," Skrenta, now 40, said in an interview. "I guess if you had to pick between being known for this and not being known for anything, I'd rather be known for this. But it's an odd placeholder for (all that) I've done."
"Elk Cloner" — self-replicating like all other viruses — bears little resemblance to the malicious programs of today. Yet in retrospect, it was a harbinger of all the security headaches that would only grow as more people got computers — and connected them with one another over the Internet.
Skrenta's friends were already distrusting him because, in swapping computer games and other software as part of piracy circles common at the time, Skrenta often altered the floppy disks he gave out to launch taunting on-screen messages. Many friends simply started refusing disks from him.
So during a winter break from the Mt. Lebanon Senior High School near Pittsburgh, Skrenta hacked away on his Apple II computer — the dominant personal computer then — and figured out how to get the code to launch those messages onto disks automatically.
He developed what is now known as a "boot sector" virus. When it boots, or starts up, an infected disk places a copy of the virus in the computer's memory. Whenever someone inserts a clean disk into the machine and types the command "catalog" for a list of files, a copy gets written onto that disk as well. The newly infected disk is passed on to other people, other machines and other locations.
The prank, though annoying to victims, is relatively harmless compared with the viruses of today. Every 50th time someone booted an infected disk, a poem he wrote would appear, saying in part, "It will get on all your disks; it will infiltrate your chips."
Skrenta started circulating the virus in early 1982 among friends at his school and at a local computer club. Years later, he would continue to hear stories of other victims, including a sailor during the first Gulf War nearly a decade later (Why that sailor was still using an Apple II, Skrenta does not know).
These days, there are hundreds of thousands of viruses — perhaps more than a million depending on how one counts slight variations.
The first virus to hit computers running Microsoft Corp.'s operating system came in 1986, when two brothers in Pakistan wrote a boot sector program now dubbed "Brain" — purportedly to punish people who spread pirated software. Although the virus didn't cause serious damage, it displayed the phone number of the brothers' computer shop for repairs.
With the growth of the Internet came a new way to spread viruses: e-mail.
"Melissa" (1999), "Love Bug" (2000) and "SoBig" (2003) were among a slew of fast-moving threats that snarled millions of computers worldwide by tricking people into clicking on e-mail attachments and launching a program that automatically sent copies to other victims.
Although some of the early viruses overwhelmed networks, later ones corrupted documents or had other destructive properties.
Compared with the early threats, "the underlying technology is very similar (but) the things viruses can do once they get hold of the computer has changed dramatically," said Richard Ford, a computer science professor at the Florida Institute of Technology.
Later viruses spread through instant-messaging and file-sharing software, while others circulated faster than ever by exploiting flaws in Windows networking functions.
More recently, viruses have been created to steal personal data such as passwords or to create relay stations for making junk e-mail more difficult to trace.
Suddenly, though, viruses weren't spreading as quickly. Virus writers now motivated by profit rather than notoriety are trying to stay low-key, lest their creations get detected and removed, along with their mechanism for income.
Many of the recent malicious programs technically aren't even viruses, because they don't self-replicate, but users can easily get infected by visiting a rogue Web site that takes advantage of any number of security vulnerabilities in computer software.
Although worldwide outbreaks aren't as common these days, "believe it or not there's exponentially more malware today than there ever was," said Dave Marcus, a research manager for McAfee Inc.'s Avert Labs. "We find 150 to 175 new pieces of malware every single day. Five years ago, it would have been maybe 100 new pieces a week."
Symantec Corp. formed the same year Skrenta unleashed "Elk Cloner," but it dabbled in non-security software before releasing an anti-virus product for Apple's Macintosh in 1989. Today, security-related hardware, software and services represent a $38 billion industry worldwide, a figure IDC projects will reach $67 billion in 2010.
Even as corporations and Internet service providers step up their defenses, though, virus writers look to emerging platforms, including mobile devices and Web-based services like social-networking sites.
"Malware writers can't assume you are on PCs or won't want to limit themselves to that," said Dave Cole, Symantec's director of security response.
That's not to say Skrenta should get the blame anytime someone gets spam sent through a virus-enabled relay or finds a computer slow to boot because of a lingering pest. After all, there no evidence virus writers who followed even knew of Skrenta or his craft.
Fred Cohen, a security expert who wrote his Ph.D. dissertation in 1986 on computer viruses, said the conditions were right, and with more and more homes getting computers, "it was all a matter of time before this happened."
In fact, a number of viruses preceded "Elk Cloner," although they were experimental or limited in scope. Many consider Skrenta's the first true virus because it spread in the wild on the dominant home computers of its day.
"You had other people even at the time saying, `We had this idea, we even coded it up, but we thought it was awful and we never released it,'" said Skrenta, who is now heading Blekko Inc., a month-old startup still working in stealth mode.
And where was his restraint?
Skrenta replied: "I was in the ninth grade."
There never was adequately sufficient surveillance and monitoring in public schools - I always said that!
...
BBC NEWS
Last Updated: Monday, 19 March 2007, 09:56 GMT
'Surge' in hijacked PC networks
The number of computers hijacked by malicious hackers to send out spam and viruses has grown almost 30% in the last year, according to a survey.
More than six million computers world wide are now part of a "bot network", reported security firm Symantec.
Computer users typically do not know that their PC has been hijacked.
More than a third of all computer attacks in the second half of 2006 originated from PCs in the United States, the threat report said.
While the total number of bot-net PCs rose, the number of servers controlling them dropped by about 25% to 4,700, the twice-yearly report said.
WHAT IS A BOTNET?
A large number of hijacked computers under the remote control of a single person via net-based command and control system.
Hi-tech crime: A glossary
Symantec researchers said the decrease showed that bot network owners were consolidating to expand their networks, creating a more centralised structure for launching attacks.
Ollie Whitehouse, senior consulting services director at Symantec, said: "This rise in the number of infected computers can certainly be attributed to the rise in the online population of countries like China and Spain, in Europe.
"There is almost an educational curve that the users and service providers have to go through. Unfortunately when certain countries go through rapid increases in connectivity and availability of technology that curve is not always kept up.
Alfred Huger, vice president of Symantec Security Response, said online criminals appeared to be adopting more sophisticated means of "self-policing".
He added: "They're launching denial-of-service attacks on rivals' servers and posting pictures online of competitors' faces.
"It's ruthless, highly organised and highly evolved."
Cyberthreat experts to meet at secretive conference
At a hush-hush security confab on Microsoft's campus this week, there'll be tough talk on beating botnets and keeping cybercrooks at bay.
By Joris Evers
Staff Writer, CNET News.com
Published: January 22, 2007, 4:02 AM PST
Tell us what you think about this storyTalkBackE-mail this story to a friendE-mailView this story formatted for printingPrint Add to your del.icio.usdel.icio.us Digg this storyDigg this
Internet security experts are gathering at a secretive conference later this week to strategize in their fight against cybercriminals.
The meeting on Thursday and Friday at Microsoft's Redmond, Wash. headquarters is slated to bring together representatives from security companies and government and law enforcement officials, as well as others involved in network security. The agenda focuses on botnets and related topics, seen by experts as a prime threat to the Internet.
High Impact
What's new:
Secretive conference being held at the Microsoft headquarters to focus on botnets, seen by experts as a prime threat to the Internet.
Bottom line:
The two-day event is an effort to let those battling cybercrooks team up and pool their knowledge.
More stories on this topic
"Unlike most other security conferences, we allow only members of the different relevant groups access, and we discuss organized crime and threats across borders…with a strong lean toward how we can make things better," said Gadi Evron, an evangelist at security firm Beyond Security and organizer of the event.
Botnets are networks of hijacked computers, popularly called zombies. Cybcercrooks use these networks to relay spam, bring down Web sites, distribute spyware and perform other nefarious acts. Microsoft has fingered zombies as a top threat to Windows PCs.
In the battle between cybercrooks and those protecting the Internet, the bad guys are often at least one step ahead. Authorities are cracking down and have had successes in catching, prosecuting and convicting phishers and bot herders in recent years. But criminals are organizing better and moving to more sophisticated tactics, including the use of peer-to-peer technologies in their bot software. The gathering this week is the good guys' effort to team up.
"These events have been a great way to build trust in the security community, which can lead to collaboration and data sharing. This helps in the overall efforts to combat the cybercriminals," said Dave Jevans, chairman of the Anti-Phishing Working Group, who is slated to speak at the event later this week.
The two-day meeting is held behind closed doors. "For reasons of practicality as well as to help members feel safe to share and work in our environment, some privacy is required," Evron said. "Not everything can be common knowledge if we are to be successful in combating these threats."
It is not unusual for such meetings to be confidential. After all, it doesn't make much sense to let the criminals in on the efforts being made to catch them. Also, this isn't a new thing for Microsoft--the company regularly holds meetings at its campus that require a nondisclosure agreement.
Scheduled presentations at this week's event include two talks by Microsoft on security vulnerabilities that have no patch, known as zero-day flaws, and the software maker's response to those. There has been a significant rise in the use of zero-day bugs in cyberattacks. Criminals often exploit security holes to add PCs to their botnets.
"Microsoft will be presenting our analysis of trends and patterns in its security response process," a company representative said. "Additionally, we will be reviewing vulnerability exploitation trends, with a specific focus on the usage of zero-day vulnerabilities, to attack customers."
Microsoft also said it is "proud to sponsor the workshop, which provides an opportunity for the security operations community to discuss security trends, share information and plan for the future."
Trojan horses, phishing and spam--oh my
Aside from various talks specifically on botnets, other presentations dive into Trojan horses, new styles of denial-of-service attacks, spam, phishing and weaknesses in protection technologies such as sandboxes and virtual keyboards on banking sites, according to the event agenda.
Douglas Otis of Trend Micro plans to give a talk on how e-mail authentication technology called Sender ID could be abused to launch denial-of-service attacks, he said. Sender ID is a specification pushed heavily by Microsoft for verifying the authenticity of e-mail by ensuring the validity of the server from which it came.
Jevans of the Anti-Phishing Working Group plans to present a multiyear overview of phishing statistics and discuss new trends in the data-thieving scams, he said. These new trends include use of subdomains, more man-in-the-middle style attacks and changing attack patterns to also focus on smaller banks and payment services, he said.
Alex Shipp, a senior antivirus technologist at e-mail security company MessageLabs, is scheduled to deliver a talk on Trojan horses targeted at a small number of companies or even individual. It is an update to a presentation he gave at the Virus Bulletin conference last year. These targeted Trojan horse attacks are considered dangerous because they could evade traditional protection mechanisms trained to look for known attacks or mass attacks.
Now on News.com
Students seek gear with get up and go The iPod is growing up Geotagging links photos to locales Microsoft stumbles in Open XML standards vote Extra: Plane carrying Steve Fossett missing
But Shipp also hopes to leave with answers to a number of questions. Ultimately, the event should better arm attendees in the fight against cyberattacks, he said
"What are the bad guys doing now and how can we stop them? Can we do better than we are currently or do we need a seismic shift in the way we do things now to solve the problems? What kind of co-operative efforts can we put in place that would benefit us all?" are some of those questions, Shipp said.
Among those scheduled to attend are representatives from security firms such as Symantec, Trend Micro and Websense, as well as people from AOL, Cisco Systems, Microsoft, Sun Microsystems and Qwest. Government and law enforcement expected to attend include the Federal Bureau of Investigation, Secret Service and United States Computer Emergency Readiness Team, or US-CERT. Various universities are also expected to send representatives.
"Cooperation at all levels, technical, legal, government, is needed to contain the problem," said Righard Zwienenberg, chief research officer at Norman Data Defense Systems, who is slated to speak on sandboxes at the event Thursday. "Without worldwide laws and cooperation, we might lose the battle in the end."
Tell us what you think about this storyTalkBackE-mail this story to a friendE-mailView this story formatted for printingPrint Add to your del.icio.usdel.icio.us Digg this storyDigg this
More from News.com on this story's topics
* Create an email alert | RSS Feed Security
* Create an email alert | RSS Feed Security threats
* RSS Feed Zombie/botnet
* Create an email alert | RSS Feed Microsoft
7 comments
Post a comment
TalkBack
Force Telcos and ISPs to toe the line...
dargon19888
Jan 22, 2007, 2:24 PM PST
Follow the money
Jimmu410
Jan 22, 2007, 8:37 AM PST
Education
Michael00360
Jan 22, 2007, 6:30 AM PST
Copyright ©2007 CNET Networks, Inc. All rights reserved.
7 things about computers that drive you crazy...
...and how to fix them
By Gerry Blackwell
Email This Article IM This Article Print This Article Add to del.icio.us
Does your computer drive you nuts sometimes? Of course it does. Here are seven of the most aggravating problems, and how to prevent them.
Problem #1:
Unwanted email spam clogs your mailbox. (Spam now makes up more than 83 per cent of all messages sent.)
How to fix it: Start by asking your Internet service provider what it's doing about the problem - many don't delete or flag mail from known spammers. You can also use your email software's filters to automatically delete messages that are from designated senders, or that have certain words in the subject line or body text. (Microsoft Outlook and other popular email programs have filters, and the Help feature will guide you in setting them up.) Special spam-filtering software such as ZoneAlarm Security Suite can do an even better job. An ounce of prevention? Don't publish your email address on the web, and before giving it out on a website, read the site's privacy policy to ensure your address won't be sold or traded. Finally, never reply to spam messages - even if they provide a link that promises to unsubscribe you.
Problem #2:
Your computer is infected with a virus - a malicious program sent to you by email, an instant-messenger program, file-sharing systems or other means. These viruses activate automatically, making your computer malfunction or destroying data.
How to fix it: Anti-virus software from Norton, McAfee and ZoneAlarm can all but eliminate this problem. Once installed and turned on, these programs monitor email and other virus sources, and delete or disable bugs when they arrive. They also automatically download and install updates (since new viruses emerge weekly). For Windows users, make sure Automatic Updates is turned on in Windows Update (look for Windows Update in the Start menu or visit www.update.microsoft.com). For Mac OSX users, open the System Preferences utility from the Apple menu. Select Software Update. Make sure the Check for Updates box is activated, and choose Daily. Check the Download Important Updates in the Background option.
Problem #3:
Your system has suddenly or gradually become frustratingly slow, or it crashes all the time.
How to fix it: If you're not using Windows XP, think about upgrading - XP is more stable than earlier versions. (Or switch to a Mac, which is even more stable.) If the problem is recent, scan your system with your anti-virus software. It could also be spyware - software planted by websites to collect information. Anti-spyware software from McAfee, ZoneAlarm and Norton can root it out.
If your hard drive is getting full, use the Windows Disk Cleanup feature (Start/Programs/Accessories/System Tools). Programs such as McAfee QuickClean can also help, but use them cautiously - you don't want to delete something essential. Finally, the problem could be poorly written shareware you've recently downloaded from the web - uninstall it and see if that helps.
Problem #4:
The report you need to submit tomorrow is gone - the system crashed, or you saved a newer version over the one you need. How to fix it: Programs such as Microsoft Word save files as you work and can automatically recover them after a crash. Make sure they're set to save every few minutes (in Word, select Tools/Options/Save). Rescue programs such as Norton GoBack may recover inadvertently deleted files - but no guarantees. Prevention is better: use Windows Backup (Start/Programs/Accessories/System Tools) or a specialized program such as Acronis True Image or Norton Ghost.
Problem #5:
You can't remember where, or under what name, you stored a file, and the Windows or Mac file-search utilities are painfully slow.
Fix: Tools from Google and Yahoo! (free at www.google.com/downloads and desktop.yahoo.com) constantly scan your hard drive, indexing files as you create or modify them. Web-style keyword searches find files, emails and web pages in seconds. Google even caches (saves) earlier versions of files, making it easy to recover if you inadvertently delete something.
Problem #6:
You can't remember all your user name and password combinations.
How to fix it: Don't write them down. Use the same ID and password for all websites that demand passwords only for their own security, not yours - that is, to track registered users rather than to protect your banking or other confidential information. For the user ID, use a nickname or email name. For the password, invent a mnemonic - the first letters of words in a familiar song, for example. "O Canada, our home and native land" becomes "ocohanl" - easy to remember, hard to guess. On your own computer, always click on the box that says "Remember this password."
For bank accounts and other high-risk situations, use the same kind of mnemonic but invent a few passwords and swap them regularly. Adding easy-to-remember numerals - your birth year, for example - makes them even harder to guess. If you want to eliminate password woes altogether, consider a fingerprint reader ($75 from Microsoft and others). Just a touch and you'll be logged in automatically.
Problem #7:
Pop-up and animated banner ads on the web are driving you crazy.
How to fix it: If you're using Windows XP, upgrade to Service Pack 2 (using Windows Update - see above). Also, download either Mozilla Firefox (for PCs) or Safari (for Macs); both of these have built-in pop-up blockers. You can also download ad-blocking software from the web, but be warned: they typically require some configuration. Many, including AdSubtract ($30 US from www.trendmicro.com) and Privoxy (free from www.privoxy.org) can block most ads, not just pop-ups, and can target sites you specify.
First published in Chatelaine.com's March 2006 issue
© Rogers Publishing Ltd.
Average (8 Ratings)3.5 out of 5 stars
1 star
My Rating:Change Rating
Rate It:
5 stars
Buying a Home Computer:
PC or Mac?
Just in time for back to school and with so many home computer options on the market, do you find yourself scratching your head as to what is best suited to yours and your family’s needs?
Our editorial team has consulted top dog, Brendan Duddridge, Chief Technology Officer at Shop To It, for his recommendations on a basic home computer set-up that will suit families with children right through to university graduation. Of course, being the basics, these recommendations may not be suitable for families using high-end design applications or other software requiring superior memory and processing power.
As for the burning debate: Mac vs. PC? Each has their loyal supporters. Probably the Mac’s healthiest feature is they are virtually indestructible by pesky viruses that can be contracted via email or the Internet, unlike on a PC if your anti-virus software is not current. Plus, the Mac can also run Windows!
And the PC’s strongest selling feature? Familiarity, maybe. The majority of the world’s computer users have worked in a Windows-based PC environment since they learned to type and are therefore confident in the environment.
Today, more than ever, the PC and Mac worlds move closer together in user-popularity, and here we examine the requirements for your basic home computer for both.
For more details, photos and links, click here:
Mac vs PC
Component:
Desktop
Staying put in the family den?
iMac Desktop Computer
$1099.99
* 1.83GHz Intel Core 2 Duo Processor
* 512MB Memory
* 160GB Hard Drive
* Display - Built-in 17-inch (viewable)
* Audio - Built-in stereo speakers, Built-in microphone
* Communications - Built-in wireless
* Built-in iSight camera…
VERSUS
Acer Desktop Computer
$650.75 - $757.62
ViewSonic LCD Monitor
$179.97 - $217.73
See It!
* Windows® Vista™ Business
* 3.20GHz Intel®
Celeron® D352
* 512MB Memory
* 80GB Hard Drive…more details
* Monitor sold separately
Laptop
Will your home computer ever need to be portable?
MacBook Laptop
$1449.99 - $1521.08
* White 13.3-inch glossy display
* 2.16GHz Intel Core 2 Duo
* 1GB (2x512MB)
* 120GB Hard Drive
* Built-in iSight camera
* Intel Graphics Media Accelerator 950
* Built-in stereo speakers, built-in microphone
* Built-in Wireless…
VERSUS
Toshiba Satellite Notebook
$961.42 - $1173.00
* Windows® - Vista™ Home Premium
* 1.73GHz Intel Centrino Core™ 2 Duo
Processor T5300
* 1GB (512MB x 2) Memory
* 160GB Hard Drive
* Built in webcam
Software
Depending on your requirements you may need software beyond what your computer comes with at time of purchase. These needs will differ for Macs and PC’s.
Office for Mac - Student Teacher Edition
$177.00 - $187.99
Microsoft Office for Mac is a popular Office Suite that consists of Word, Excel, PowerPoint, and Entourage (Outlook for Mac), and is available in a discounted Student Teacher Package. Should you require a Windows environment in which to work you can download Bootcamp for Mac (free) that allows you to work in either Windows or Mac at any one time, or you can purchase Parallels Desktop for Mac that will allow you to run Mac and Windows environments simultaneously.
VERSUS
Microsoft Office 2007 Standard
$473.01 - $515.99
Some PC’s may not be preloaded with a Microsoft Office type software. In this case you will be required to purchase and load it yourself for basic email, word processing, presentation building, and spreadsheet functionality.
Printers
There are so many great options on the market today that your choice probably will boil down to personal preference. Most printers are both Mac and PC compatible. There are 2 major options available.
HP OfficeJet Pro Colour Inkjet Printer
$239.00
Inkjet Printers
IInkjets are usually the less expensive option but can be slower to print, and may also be expensive in on-going ink replacement costs.
VERSUS
Canon Brother HL Colour Laser Printer
$572.32 - $938.40
Laser Printers
Lasers are generally more expensive and are historically faster to print than inkjet printers. (DUH - see "printers for dummies"...?)
....
Post a Comment
<< Home