You've Got 'Mydoom'!

The Wall Street Journal ^ | Friday, January 30, 2004 | PAUL KEDROSKY

[presidio9]

A new Internet worm is burying businesses in e-mail. The appropriately named "Mydoom" is the fastest-spreading online outbreak in history. Estimates are that in its first two days Mydoom hit 142 countries, and was to be found in one in 12 e-mail messages. As many as 100,000 Internet-connected computers world-wide are infected, and more are becoming so all the time. If nothing changes, eventually a worm like Mydoom will cause serious damage. Perhaps a power grid will go down; or an air-traffic-control system will go awry; or a 911 system will collapse. It's only a matter of time.

[from occupied ga]

Or they can start acting like real cops.

What? Start shooting the innocent?

[theDentist]

It is like the cops using a gallery of pictures of prior criminals to stop crime. What happens when someone new comes along?

True, but not entirely. When a fix comes along that doesn't mean the virus disappears. Like real ones, it's still trying to infect others... it's not dormant, just waiting to infect a machine that hasn't protection.

[RightthinkinAmerican]

Cry me a river, lefty.

[MEG33]

You mean you have to actually click on the attachment to get mydoom?How many times do we have to be told to not do this?

[Snuffington]

Antivirus vendors can remain part of the problem, by playing at being police online. Or they can start acting like real cops.

Ya' know, let's leave that to the real cops. Anti-virus software vendors do a pretty good job given their privtae sector constraints. The notion that they're to blame for not pre-emptively stopping new viurses and worms is silly. Utopia isn't the goal. Just reasonable security. And that's more likely to evolve in small increments than great leaps.

[mewzilla]

The first is that you can't train people to stop doing dumb things. E-mail users have been told over and over not to open unknown attachments, and yet they continue to do so. But short of making it impossible for people to send documents around in e-mail, you can't legislate against stupidity.

Sigh...

[from occupied ga]

Facts is facts, Jack

[Eala]

The argument is largely sour grapes from Microsoft competitors and EU regulators. While Microsoft's software is dominant, that dominance comes with immense productivity benefits. People can sit down at almost any computer anywhere and immediately become productive using software with which they're familiar.

Don't know about anyone else, but I rarely use anyone else's computer. Especially when traveling. (Last time I did, two years ago, I discovered that German keyboards are very difficult to use if all you've ever worked on were American keyboard layouts. I was far from "immediately productive"...)

[Eala]

The argument is largely sour grapes from Microsoft competitors and EU regulators.

ping

[FourPeas]

So, what exactly, does this guy propose would have prevented MyDoom or Blaster or BugBear? How would security be proactive?

[The Great RJ]

True the anti-virus providers are into fire fighting rather than fire prevention, but they still do a good job. The problem however, is the thousands of computer users who do not take even the most minimal precautions and allow this stuff to spread. I have many friends that have no clue about not opening e-mail attachments, either do not have anti-virus software or have failed to turn it on or update it, do not have a firewall and have never updated the operating system to plug the various security holes.

A good friend who is an IT professional for a large insurance company could not believe the mess in his company caused by the "love bug" virus a few years ago. What really amazed him was that someone would not see a problem with 30 e-mails in their in-box all with "I love you" in the subject line including one from the company CEO and would go ahead and open them.

Nothing can be made idiot proof--at best only idiot resistant. The resourcefulness of idiots is without limit.

[Salo]

BS - the attachments are not documents, they are programs. You can have your email gateway strip them and allow documents through.

But short of making it impossible for people to send documents around in e-mail...

[thoughtomator]

The argument is largely sour grapes from Microsoft competitors and EU regulators. While Microsoft's software is dominant, that dominance comes with immense productivity benefits. People can sit down at almost any computer anywhere and immediately become productive using software with which they're familiar. That wasn't possible 20 years ago in a world fractured by a dozen widely used varieties of computers.

Those of us who are actually familiar with Microsoft OSes (and other software) know that it is their deliberate choice of marketing strategy which makes securing their OSes impossible. The very Borg behavior that made them dominant also made it inevitable that they would be completely incapable of creating a secure system. Openings intended for assimilation are easily exploited points of attack, and MS can't shut them down without breaching its own contracts.

But what do I know, anyway? I've only worked with every Microsoft OS ever created, including DOS ones, been an application programmer, technical support, and network admin for these inevitable blue-screen-of-death devices.

[mewzilla]

[JimRed]

Antivirus vendors have built sizeable businesses around selling tools that screen for viruses.

So, when viruses proliferate, that's a good thing for the anti-virus folks? Are they, just maybe, (like DemocRAT politicians)the ones creating the problem, to sell us a solution?

[Salo]

MS has the list of "unsafe attachments" here. Block these attachments and you should be safe.

[PBRSTREETGANG]

How would security be proactive?

Time to contact the pre-cogs in the Pre-Crime Unit.

[thoughtomator]

It's easy to prevent those viruses. Either a) don't have stupid computer habits, or b) if you're not computer literate enough to know what not to do, get a non-Microsoft OS.

[Houmatt]

What a load of bull. This is not because of Microsoft. This is being done by kids, only because they can, and for no other reason.