Viruses: Microsoft is the problem, folks
Aug. 22nd, 2003 03:22 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
giza1994: People laugh at the GoodTimes virus, because everyone knows viruses can't spread through email!
1995: Word macro viruses first created, and now viruses are easier to write than ever before. Meanwhile, Microsoft has plenty of time to figure out how to prevent them, especially since their users hardly ever use macros in the first place, and especially not to, say, destroy the Windows registry or something.
1996: Macro viruses spread to the extent that Microsoft distributes them as well--unwittingly, we hope.
1997: Word '97 released; the dawn of VBA viruses.
1998: With over 1,000 word macro viruses out there, it's worth making virus scanners for them!
1999: Melissa word macro virus spreads over email and infects Word thanks to Microsoft; as they mention, if you don't use Outlook, you're safe. If you do use Outlook, you might get infected without ever looking at the attachment yourself; previewing it may be enough.
2000: The love bug virus spreads over email thanks to Microsoft Outlook, and causes an estimated $8.7 billion in damage.
2001: Code Red spreads, attacking Windows NT and 2K. Sircam emails itself absolutely everywhere, again thanks to Microsoft.
2002: Klez and Nimda spread.
2003: You guessed it, even still yet more viruses spreading faster than ever, thanks to Windows, Outlook, Word, blah, blah, blah.
(Courtesy of Slashdot)
And what's Microsoft done about their products being able to spread viruses and worms so easily? Not much. For a company where "security is their top priority" (or whatever Gates is spewing now), their actions speak louder than their words. Their actions state that they don't give a crap about their customers or the havoc that their negligently desisgned programs wreak on the Internet. Their actions state that they would rather add new bells and whistles into the latest copy of MS Office and MS Lookout! (er, Outlook), as opposed to fixing some serious problems that have been inherant in the systems for several years.
I run Linux at home, and I still suffer. I've had hundreds of copies of the latest worm e-mailed to me since the beginning of the week. At work, our company has gotten THOUSANDS of copies of the worm e-mailed to us. It costs us disk space, bandwidth, and lost employee productivity to deal with the problem.
Thanks, Microsoft. Thanks for creating a mess that the rest of us have to clean up.
Essay question: When automobile makers make products that spew obnoxious amounts of pollution into the atmosphere, they get in trouble. Why is it okay that Microsoft be allowed to make products that spew obnoxious amounts of crap onto the Internet?
1995: Word macro viruses first created, and now viruses are easier to write than ever before. Meanwhile, Microsoft has plenty of time to figure out how to prevent them, especially since their users hardly ever use macros in the first place, and especially not to, say, destroy the Windows registry or something.
1996: Macro viruses spread to the extent that Microsoft distributes them as well--unwittingly, we hope.
1997: Word '97 released; the dawn of VBA viruses.
1998: With over 1,000 word macro viruses out there, it's worth making virus scanners for them!
1999: Melissa word macro virus spreads over email and infects Word thanks to Microsoft; as they mention, if you don't use Outlook, you're safe. If you do use Outlook, you might get infected without ever looking at the attachment yourself; previewing it may be enough.
2000: The love bug virus spreads over email thanks to Microsoft Outlook, and causes an estimated $8.7 billion in damage.
2001: Code Red spreads, attacking Windows NT and 2K. Sircam emails itself absolutely everywhere, again thanks to Microsoft.
2002: Klez and Nimda spread.
2003: You guessed it, even still yet more viruses spreading faster than ever, thanks to Windows, Outlook, Word, blah, blah, blah.
(Courtesy of Slashdot)
And what's Microsoft done about their products being able to spread viruses and worms so easily? Not much. For a company where "security is their top priority" (or whatever Gates is spewing now), their actions speak louder than their words. Their actions state that they don't give a crap about their customers or the havoc that their negligently desisgned programs wreak on the Internet. Their actions state that they would rather add new bells and whistles into the latest copy of MS Office and MS Lookout! (er, Outlook), as opposed to fixing some serious problems that have been inherant in the systems for several years.
I run Linux at home, and I still suffer. I've had hundreds of copies of the latest worm e-mailed to me since the beginning of the week. At work, our company has gotten THOUSANDS of copies of the worm e-mailed to us. It costs us disk space, bandwidth, and lost employee productivity to deal with the problem.
Thanks, Microsoft. Thanks for creating a mess that the rest of us have to clean up.
Essay question: When automobile makers make products that spew obnoxious amounts of pollution into the atmosphere, they get in trouble. Why is it okay that Microsoft be allowed to make products that spew obnoxious amounts of crap onto the Internet?
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2003-08-22 12:49 pm (UTC)Personally, I have experienced neither the Blaster nor the SOBIG.F worm. I witnessed only one instance of it where someone's infected computer tried to send it with my address on it, it bounced, and then came back to me. I deleted it without infection. That's the only one I saw. Even at work, where I have three Windows PCs, I've been unaffected.
If your mailbox is filling with SOBIG and Blaster, MS isn't sending them. Your friends and others who have your email address who couldn't be bothered to maintain/upkeep their PCs or not click on or use software/software settings that open attachments are to blame.
Know your software and how to use it. Know how to prevent infection. Stay updated.
(no subject)
Date: 2003-08-22 04:19 pm (UTC)So how is it Microsofts fault if people deliberately disable the safety features it puts in to prevent things like this from happenening?
Of course, maybe you think Microsoft should be just using a more secure design. Okay, what's your proposed solution?
Microsoft add built in anti-virus software and drive all the other anti-virus companies out of business?
Add built in firewall software and drive all the other firewall companies out of business?
Remove the open API's from all their applications so no non-Microsoft programs can interface with them?
The only way Microsoft can tightening up security further is by doing the things that people keep suing it for claiming it's monopolistic behavior. Making the Operating System open to other applications means making it open to malicious applications like virii.
(no subject)
Date: 2003-08-22 06:39 pm (UTC)>features it puts in to prevent things like this from happenening?
You make the assumption that people "deliberately" disable the auto-updater. I don't think that the typical end user *knows* what it is they are disabling. All they know is that they dialed in over a modem, and something popped up on their screen with a very slow moving bar, and it keeps them from getting their work done. End users don't know anything more about the inner workings of computers anymore than I know about the inner workings of my air conditioner.
>Of course, maybe you think Microsoft should be just using a more secure
>design. Okay, what's your proposed solution?
Precisely what you said: they should be using a more secure design. As a programmer, I can tell you that security has to be designed in the product from the ground up. Data that comes outside sources, such as from the user or from the network inherantly cannot be trusted, because the person sending the data may be malicious. Microsoft's problem here is that they are so interested in getting the product out the door so they can get marketshare that security is an afterthought (http://www.cnn.com/TECH/computing/9909/28/ms.security.idg/). I find that to be a horrifying programming practice.
>Remove the open API's from all their applications so no non-Microsoft
>programs can interface with them?
Do you mean these "open APIs" (http://www.users.qwest.net/~eballen1/nt.sekrits.html)? Granted, the article in question is about Windows NT, but I see no reason why anything would have changed for Windows 2000.
Heck, let's give M$ the benefit of the doubt, and assuming that all of Windows 2000 is open. The problem is, they keep changing the rules. As a friend of mine who used to do application development on Windows put it, "this system call is different on 98 than it is on 95, and doesn't exist at all on NT", which neccessitated him writing some elaborate function to act as a wrapper. This leads to more complex code (in both Microsoft and non Microsoft authored applications), and complexity leads to bugs, which in turn lead to security holes.
I could go on and on about other issues that I have with the company, but I think that's beyond the scope of the current thread, so I'll stop here. :-)
(no subject)
Date: 2003-08-22 08:52 pm (UTC)I don't know too much bout computers and software, but it seems to me that MS is intentionally creating flaws and stuff. Plus the fact that new versions of software contain very little improvements, sometimes worse features, like every year just to make moola money.
And what do I base all this great info on? Why Southpark the Movie of course :) It's about as valid as any other source out there, probably moreso considering.
I think what you're missing is...
Date: 2003-10-03 07:07 am (UTC)