Don't Just Plug Random Crap Into Your Computer

from the just-don't dept

There's been a lot of talk about how iPods and other portable devices pose a security risk to companies, as employees may store important company documents of them. Now there's fear that such devices could upload malware and infect corporate systems. A team of security specialists recently demonstrated exactly how such an attack might work. First they collected a bunch of cheap USB drives, the type a company might give out for free as a promotion. After loading malware onto them, they simply scattered a bunch of them around the parking lot of a bank at 6:00 AM, when nobody was watching. As the employees got to work, they found the drives just sitting there, and one by one plugged them into their computers as they day went on. What's funny is that the employees knew there was going to be a security test happening, and yet they still didn't find it suspicious that several USB drives just happened to be in the parking lot when they got to work. It's unfortunate, but it seems that the typical office employee just doesn't understand or care about security. Recall the studies suggesting how easy it is to get employees to give up their passwords in exchange for a cheap gift. While that lesson may seem obvious, just wait for the fearmongering about USB drives, totally missing the point.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Bob, 8 Jun 2006 @ 8:06pm

    If they would take an hours pay every time someone did something they shouldnt do at work people would be less likely to do things like this.

    link to this | view in thread ]

  2. identicon
    Eric, 8 Jun 2006 @ 8:06pm

    USB?

    Wow, First post! There will always be things to worry about in the computer world. End of story!

    link to this | view in thread ]

  3. identicon
    Eric, 8 Jun 2006 @ 8:06pm

    Damn!

    BOB!

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 8 Jun 2006 @ 8:25pm

    http://it.slashdot.org/article.pl?sid=06/06/08/2151222&from=rss
    Slashdot had the exact same story a lot earlier.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 8 Jun 2006 @ 8:25pm

    Slashdot article
    Slashdot had the exact same story a lot earlier.

    link to this | view in thread ]

  6. identicon
    ForkInEyeBoy, 8 Jun 2006 @ 8:55pm

    also, don't just stick random things in your eye.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 8 Jun 2006 @ 9:01pm

    And watch for things that might kill you

    link to this | view in thread ]

  8. identicon
    Christopher, 8 Jun 2006 @ 9:02pm

    Funny Videos Are A Much Greater Security Risk

    Have you noticed that it is the office workers who have the largest collections of 'funny videos'?

    Hopefully you also thought about the capacity for many video formats to contain executable code or link to certain webpages.
    Most videos are distributed as either MPEG variations (safe, I think) or Windows Media Video. Windows Media Video used to contain the capacity to run executable code (much like the Windows Metafile Exploit debacle recently) and still retain the capacity to link to pages, which most likely will open in internet explorer.

    Linking to about: pages with html tags will dynamically create a web page based on the tags you specify... and local pages are not filtered, and can easily access the hard disk through massive holes in the so called 'sandbox' which microsoft tacks on to most of its products once the hype has died down and the crashing/virus infections have begun.

    Therefore video distribution could pose a massive threat to computer networks. With video, a user wouldn't notice the extra MB or so containing a virus/trojan/codec exploit.

    Not a foolproof idea... just something to think about! ;-)

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 8 Jun 2006 @ 9:08pm

    Re:

    taking money will only make people mad. Give people bonuses for having a month or a quatrer without a security issue.

    link to this | view in thread ]

  10. identicon
    valhella jones, 8 Jun 2006 @ 9:51pm

    there will always be security threats yes, but a breach of common sense will bring down a system faster than any virus. In fact thats the best way to plant one.........

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 8 Jun 2006 @ 9:55pm

    Thats why you always have to use protection. I wrap a condom around unknown usb devices.

    link to this | view in thread ]

  12. identicon
    HardCoreRaw, 8 Jun 2006 @ 10:17pm

    Unsafe USB practices...

    Well considering most online users can't stand the feel of the Internet through a condom, I will stick with virus scanners and self administrated treatments... condom free :p

    link to this | view in thread ]

  13. identicon
    FullOFMyself, 8 Jun 2006 @ 10:29pm

    Insertion

    Also, don't stick random things in your anus. Unless you really want to compromise the security of your rectum.

    link to this | view in thread ]

  14. identicon
    FullOFMyself, 8 Jun 2006 @ 10:32pm

    Lifetime supply of windy farts

    And you think that your boyfriend would be turned on my an anus that resembles a gopher hole or cave or other hollow abyss that smells like poo.

    link to this | view in thread ]

  15. identicon
    FullOFMyself, 8 Jun 2006 @ 10:32pm

    Lifetime supply of windy farts

    And you think that your boyfriend would be turned on my an anus that resembles a gopher hole or cave or other hollow abyss that smells like poo.

    link to this | view in thread ]

  16. identicon
    Security Expert, 8 Jun 2006 @ 11:52pm

    Secure Hole

    Personally I'd much rather think about bangin some intern (with condom) than worry about security. Those numb nuts in IT are working hard to make sure you get a good laugh once in a while. Cheers! : P

    link to this | view in thread ]

  17. identicon
    ElectricMayhem, 9 Jun 2006 @ 2:45am

    Security

    Reading this lot and then referring back to other threads on the same subject just demonstrates to me how little you guys out there think of your work etc. Who's to blame....probably the bosses who treat you all like animals, pay you badly and abuse you.....so they only have themselves to blame but will they turn the mirror on themselves....doubt it....they'll just blame you lot and bring in silly rules to try and bring you all to heel and in the process just piss you off even more......nice circle guys.....resign and work for yourself....I do and it's great.....!! anyhow....I'm off for a couple of hours to sit in the park and sunbathe whilst i dream up my next money making stratagy...it's a tough life but hey.....xxxx

    link to this | view in thread ]

  18. identicon
    Muff, 9 Jun 2006 @ 5:27am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    link to this | view in thread ]

  19. identicon
    Muff, 9 Jun 2006 @ 5:27am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    link to this | view in thread ]

  20. identicon
    Muff, 9 Jun 2006 @ 5:28am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    link to this | view in thread ]

  21. identicon
    Chris G, 9 Jun 2006 @ 5:31am

    Re: No surprise here

    >>>>>I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses...

    You don't know what you're talking about. Simply connecting to the Internet will not infect you with "spyware and viruses".

    link to this | view in thread ]

  22. identicon
    non-IT, 9 Jun 2006 @ 5:34am

    Look in the mirror

    A certian computer company who shall remain nameless [It has a 2 letter name :) ] was infected with a worm/virus after a head IT-Engineer brought his personal laptop in an logged onto the network.

    To make it even funnier: Two employees brought in a copy of the ant-virus for IT to use. (after looking over it for validity, though these were trusted techs) IT informed them they were going to us their disk (IT's) and not the Techs disk. An hour later one of the techs saw IT using the disk he brought in, exept IT had used a marker and re-labled it as an "IT anti-virus disk" or something similar.

    link to this | view in thread ]

  23. identicon
    Zeviel, 9 Jun 2006 @ 5:35am

    Security Issues

    its not the technology that's dangerous but the technology's user that kills things. as the article says there will be a mass fear of usb drives or some other tech item instead of teaching the users how to use the items effectively.

    link to this | view in thread ]

  24. identicon
    flatloop, 9 Jun 2006 @ 5:50am

    This isn't about computer security...

    It's about stupid people. People who don't bother to know or find out what the consequences of their actions are. There are no security measures for stupid people, EOE won't allow us to not hire them. If you don't believe it's stupid people, look at the degenerate responses above concerning anal sex.

    link to this | view in thread ]

  25. identicon
    Bill Krues, 9 Jun 2006 @ 5:53am

    Here is the solution

    The solution:
    http://www.sonarware.com

    Software that will restrict these devices for all people, except people you want to have access.

    link to this | view in thread ]

  26. identicon
    Rob, 9 Jun 2006 @ 6:41am

    Re:

    Hahahahaha

    link to this | view in thread ]

  27. identicon
    Junyo, 9 Jun 2006 @ 6:46am

    Wasn't there a Techdirt article about cameraphone bans last week that pretty much said that companies shouldn't worry because this sort of thing was inevitable? Now we're told that companies can't rely on their employees to have the common sense of a kumquat, yet any bans or restrictions fall into the category of "fearmongering". So my suggestion is a policy of total freedom, let employees do whatever they want, run their (and your) livelihoods into the ground with blantant stupidity or malice, but with the caveat that any such error in judgement will result in a smack in the face with the flat of a shovel. You can't eliminate stupidity, but you can make it painful.

    link to this | view in thread ]

  28. identicon
    Wizard Prang, 9 Jun 2006 @ 6:57am

    Externalities

    I disagree. Before our networks were locked down, some of my colleagues could not resist the temptation to install every cutesy thing that they saw... (Dolphins! Webshots! Free Spongebob Screensaver!) and could not understand why their machines were not working properly. The techs that repaired their machines told them again and again not to install that crap, but since they could not enforce the rules, the crap was soon back, often within a week. The Techs changed tactics and started imaging their machines... and then when the users broke them it was a simple matter to restore... and all their recent documents (which they were SUPPOSED to store on the network), were gone. There was much weeping and wailing and gnashing of teeth, but the crapware installations soon stopped. If they crap up their machines then they should have to bear part of the cost in some way. At one place I used to work, if you left your machine logged in someone would send a message to everyong in the office saying that you were buying the drinks on Friday at lunchtime. Everyone got caught... once. Then you learned to lock your screen Whether it is security of policy, people start caring about this sort of thing when it costs them.

    link to this | view in thread ]

  29. identicon
    Wizard Prang, 9 Jun 2006 @ 6:59am

    Externalities (Reformatted)

    I disagree.

    Before our networks were locked down, some of my colleagues could not resist the temptation to install every cutesy thing that they saw... (Dolphins! Webshots! Free Spongebob Screensaver!) and could not understand why their machines were not working properly.

    The techs that repaired their machines told them again and again not to install that crap, but since they could not enforce the rules, the crap was soon back, often within a week.

    The Techs changed tactics and started imaging their machines... and then when the users broke them it was a simple matter to restore... and all their recent documents (which they were SUPPOSED to store on the network), were gone. There was much weeping and wailing and gnashing of teeth, but the crapware installations soon stopped.

    If they bugger up their machines then they should have to bear part of the cost in some way. At one place I used to work, if you left your machine logged in someone would send a message to everyong in the office saying that you were buying the drinks on Friday at lunchtime. Everyone got caught... once. Then you learned to lock your screen.

    Whether it is security or policy, people start caring about this sort of thing when it costs them.

    link to this | view in thread ]

  30. identicon
    Zeroth404, 9 Jun 2006 @ 7:19am

    Run a secure Operating System, and don't run as root/admin, and backup your work. This should be policy. This "test event" would never have been an issue.

    link to this | view in thread ]

  31. identicon
    Ochito, 9 Jun 2006 @ 7:39am

    Re: Re: No surprise here

    No, YOU don't know what you're talking about. Stick a Windows machine, any pre XP SP2 flavor directly on the Internet (not behind a NAT router), with the OS freshly installed, and leave it for an hour or two, then come back and run your mouth off. If your computer is even able to do that, I mean.

    link to this | view in thread ]

  32. identicon
    phoenix, 9 Jun 2006 @ 7:56am

    Re: no surprise here

    You still don't know what you are talkin about I'm a repair tech and just putting a pre xp machine on the net will not allow the machine to be infected. As long as it is not an HP or Compaq os, they come with their own spyware.

    link to this | view in thread ]

  33. identicon
    phoenix, 9 Jun 2006 @ 8:14am

    Re: no surprise here

    Well, I'm sorry eb but I have left at the very least a dozen pre xp computers online before for hours and never had a problem. The sites you mention I'm sure, only tell you that to further their own products.

    link to this | view in thread ]

  34. identicon
    Simple Minded, 9 Jun 2006 @ 9:33am

    Re: Re: No surprise here

    Chris- if you really want to test your theory take your PC uninstall all anti-spyware / anti-virus software then plug it up to the internet and let it run idle for a day... I recommend you have a good backup of your data though. Re: No surprise here by Chris G on Jun 9th, 2006 @ 5:31am >>>>>I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses... You don't know what you're talking about. Simply connecting to the Internet will not infect you with "spyware and viruses".

    link to this | view in thread ]

  35. identicon
    Intergalactic Hussy, 9 Jun 2006 @ 9:40am

    Good thing I got my own.

    link to this | view in thread ]

  36. identicon
    dnorle, 9 Jun 2006 @ 9:44am

    Re: Re: no surprise here

    I believe the original comment was referring to XP machines, pre SP2. Pre XP machines run fewer services out of the box and are not targetted by hackers because there are fewer connected to the Internet. That doesn't mean they're completly safe, but there is no debating the risk connecting an unpatched XP system to the Internet without some sort of firewall, these systems can and will be infected if left on the Internet long enough.

    link to this | view in thread ]

  37. identicon
    mobius, 9 Jun 2006 @ 9:56am

    Just use Macs. problem solved.

    link to this | view in thread ]

  38. identicon
    DMD, 9 Jun 2006 @ 10:01am

    Re: Re: no surprise here

    Sorry to say, but phoenix is right. I have been a network engineer for many years and ochi-whatevers comments are just NOT true. His comments are based out of fear bred from a simple lack of knowledge. The "internet" does not infect your machine, stupidity does. I have thousands of machines that will attest to that and I guarantee you won't find virii or malware on any of them. Try to be at least aware of the facts before displaying your ignorance.

    link to this | view in thread ]

  39. identicon
    phoenix, 9 Jun 2006 @ 10:05am

    Re: no surprise here

    Thank you DMD it's about time someone else with a brain got into this.

    link to this | view in thread ]

  40. identicon
    Johnny, 9 Jun 2006 @ 10:06am

    Re: Security

    Well said, Mr. Mayhem. Bravo!

    link to this | view in thread ]

  41. identicon
    phoenix, 9 Jun 2006 @ 10:13am

    Re: no surprise here

    LOL, Sorry I just get so frustrated with peoples ignorance of computers and how they act and work.

    link to this | view in thread ]

  42. identicon
    screenshot, 9 Jun 2006 @ 10:31am

    I've seen a freshly installed XP (original version) get infected by a worm while attempting to use Microsoft Update to load the current security fixes required to block that worm. Happened within 5 minutes. Had to aquire a disk with a newer XP to get a system that stayed clean.
    Now that a few years have passed, that worm is no longer as common so I could avoid infection now. No telling when some other exploit will do the same thing with the current generation of PCs.
    The hubris of phoenix and DMD will one day bite them.

    link to this | view in thread ]

  43. identicon
    Zeroth404, 9 Jun 2006 @ 10:33am

    Here are the FACTS:

    A.) You never want to be without a firewall, no matter what OS you're running.

    B.) An unpatched Windows system, no matter what version, will not last as long as a Linux/Solaris/BSD/etc machine when hooked up to the internet.

    link to this | view in thread ]

  44. identicon
    monkey, 9 Jun 2006 @ 10:59am

    xp viri

    some malware that installs if you have typical pre service pack xp on an internet connection without security.
    mydoom
    sasser
    blaster/lovesan
    funlove
    gaobot.


    could be a long list if I had the time. Too many of my clients run asr and think they're done. gotta go fix em

    link to this | view in thread ]

  45. identicon
    phoenix, 9 Jun 2006 @ 11:00am

    Re: the facts

    The real fact is this most people don't know how to run linux or any of those for that matter, and yes you should always have a firewall. However patching or updating windows no matter how tempting usually ends up creating other problems, and I'm speaking from 10 years experience.

    link to this | view in thread ]

  46. identicon
    Dork, 9 Jun 2006 @ 11:01am

    Stupid employees

    Well I have a simple solution for these wreckless employees.

    For example: If all employees are required to follow a protocol to fill out their work hours, they should be required to practice safe computing.

    Why are time cards accurate and closely observed? Because their paycheck is determined by such attention.

    All that is needed is the threat that if certain security protocols are not followed, it will be reflected in their paychecks. The costs incurred to remedy their carelessness will paid by the employee.

    Simple: they do the damage...they pay for it.

    Would an employer keep an employee who breaks the front window just because they feel the need?

    link to this | view in thread ]

  47. identicon
    Edward B., 9 Jun 2006 @ 11:39am

    Re: Re: Re: no surprise here

    Network engineer, eh? Thousands of machines, eh? So you'd probably NEVER let a freshly reinstalled XP (no SP or SP1) get connected to the internet without a firewall or AV -- probably not even a way to do so on your network without reconfiguring. However, the point that the OPs were making is that many consumers do precisely that. They have a system problem, restore back to the original system disk, and end up with a vulnerable computer connecting to the internet with no protection at all. No firewall and AV + unpatched XP = quick virus infection by one of the varieties that actively scan. If the consumer surfs the internet while waiting for all those security patches to install, here comes the spyware/malware. Add that there are varieties of virii now that "cooperate" with spyware/adware by each reinstalling the other if it's removed, and you have a nasty combo that a regular consumer is not able to handle. Of course YOU've never seen this problem because you know better, but even though you haven't seen the problem doesn't mean it doesn't exist.

    Oh, and BTW? If you have users on those thousands of machines, I wouldn't guarantee that there is NO malware on ANY of them -- just my experience in call centers... ;-)

    link to this | view in thread ]

  48. identicon
    Henry Troup, 9 Jun 2006 @ 11:41am

    Hazards of just connecting

    ...infected by a worm while attempting to use Microsoft Update to load the current security fixes required to block that worm

    Me too.

    The logs of my firewalls reflect constant port scanning. XP SP2 is somewhat hardened, a very good improvement over all previous Windows versions. But far too many services are still enabled by default, and far too little information is available on most of them. When (not if, when) the next exploit shows up in a default service, there will be another flurry.

    SQL Slammer is still out there! One infected machine is all it takes. One old app package that installs an unpatched MSDE could leave you vulnerable.

    link to this | view in thread ]

  49. identicon
    phoenix, 9 Jun 2006 @ 11:44am

    Re: Re: no surprise here

    He's right about that. If you have users on them then I'd bet my last dollar that there is malware, spyware or viruses on them. Referring to earlier what I was saying is if you just put a freshly installed machine on the net and don't browse around it won't get infected, because the net itself can't infect you. You have to visit a site or download something that installs it.

    link to this | view in thread ]

  50. identicon
    Anonymous Coward, 9 Jun 2006 @ 12:02pm

    Re: Re: Re: No surprise here

    Keep telling yourself that you can so easily be infected by installing an OS and plugging in a CAT5 cable. Let's see what type of job that gets you. You might make it in, but you won't be there long with that level of expertise.

    link to this | view in thread ]

  51. identicon
    ebrke, 9 Jun 2006 @ 12:03pm

    Re: Re: no surprise here

    Try reading the reports at the links, why don't you.

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 9 Jun 2006 @ 12:06pm

    The sheer lack of knowledge in these sorts of conversations astounds me. The *nix users always show their faces and they always claim a variant of Linux or BSD is superior, yet they will never understand in their lifetime that Linux or BSD is not anymore secure than another OS out there. There are just not billions of users attempting to be malicious towards those OSes, because you don't attack a minority. Simple and indisputable fact.

    link to this | view in thread ]

  53. identicon
    phoenix, 9 Jun 2006 @ 12:11pm

    Well alright looks like we have another person posting with some real knowledge.

    It's true, why attack an os group so small that you probably won't even make the local eight o clock news.

    link to this | view in thread ]

  54. identicon
    Anonymous Coward, 9 Jun 2006 @ 12:26pm

    Re: Re: Re: no surprise here

    You are kidding me right? Do you actually believe everything that you read? These articles offer no real evidence or facts to support their accusations and theories.

    "While most break-in tries fail, an unprotected PC can get hijacked within minutes of accessing the Internet."

    Unfortunately, what you did not notice is that this sentence was purposely written to confuse. It should have said, while most break-in tries fail, an unprotected PC can get hijacked within minutes of accessign the Internet, after the user opens a web browser, an email, installs software, opens a file whether over a network share, on another partition or disk (or in other ways).

    "Simply connecting to the Internet — and doing nothing else — exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously."

    Well OBVIOUSLY. No one that I have noticed has disputed this fact and it is indeed a fact. Do these attempts render any results or infect a cleanly installed machine where no software has been installed, no webpage has been accessed, or no email attachment has been opened? No. Nor do these websites ever come out and say so, they leave their sentences completely open to mean just about anything.

    Do any of you know anything about TCP/IP? You should learn. TCP/IP is the equivelant to a shipwrecked sailor, armed with a machine gun loaded with unlimited flares firing in every possible direction as quick as possible advertising his prescence in all directions, 24 hours a day, 7 days a week. Does every single thing you see in a firewall log consitute as an ATTACK? NO. It does NOT.

    link to this | view in thread ]

  55. identicon
    Anonymous Coward, 9 Jun 2006 @ 12:33pm

    Oh and another thing to shun your little theory that these sources of yours are so grand. USAToday lists a table of data showing attacks from Sept 10 to Sept 25. XP SP1 shows 139,024 attacks and XP with ZoneAlarm shows 848.

    Wow, you mean to tell me that ZoneAlarm prevents an attempt at an attack from ever even occuring! That is amazing! So by using ZoneAlarm I get attacked less! Wait, I thought ZoneAlarm was a firewall designed to block attacks not stop them entirely.

    That is just sad. Who do they have writing these articles anyhow?

    link to this | view in thread ]

  56. identicon
    phoenix, 9 Jun 2006 @ 12:33pm

    You see it's like I said. The statements in those articles are almost always used to further their own software and or agenda.

    link to this | view in thread ]

  57. identicon
    phoenix, 9 Jun 2006 @ 12:35pm

    Well I'll tell ya this not a single computer leaves my store without zonealarm on it.

    link to this | view in thread ]

  58. identicon
    Anonymous Coward, 9 Jun 2006 @ 12:45pm

    I had the Wall of Shame installed at a client site once. It was just a huge board that greeted everyone in the lobby with "The following people infected the company with a virus or malware:" and a list of names.

    It got taken down as the worst offenders were in management.

    link to this | view in thread ]

  59. identicon
    phoenix, 9 Jun 2006 @ 12:50pm

    LOL!!!! Ouch.

    Just out of the blue, what's your favourite scanner?

    link to this | view in thread ]

  60. identicon
    Anonymous Coward, 9 Jun 2006 @ 1:16pm

    Re: no surprise here

    >>> Do these attempts render any results or infect a cleanly installed machine where no software has been installed, no webpage has been accessed, or no email attachment has been opened?

    Yes, they can.

    I understand the point that you and Phoenix are trying to make, but the fact is that you are just plain wrong. While it's true most malware gets installed unwitingly by users, other attack vectors are indeed possible.

    A fresh install of XP *can* be compromised from the network, without any user even having logged in. The way this type of attack works is by exploiting bugs network services that are running on a cleanly installed system. Many worms have done exactly this, by exploiting holes in NetBIOS.

    It's the same type of attack generally used against *nix systems, and it doesn't necessarily require any stupid action on the part of the user.

    link to this | view in thread ]

  61. identicon
    Anonymous Coward, 9 Jun 2006 @ 1:22pm

    To further what I have been saying, you also have to understand that attacks, attacks that lead to compromised systems, vulnerabilities and actual local user "caused" infections are entirely different occurences.

    Also, understand the difference between an operating system that is "superior" and "more secure". Linux is "more secure" because it is the minority. Users participating in malicious activity our out to gain something, whether it is money or to simply wreak havoc. The majority want to gain something. Now, would you make an attempt on 10,000 machines or 900,000,000 machines? By attacking 900,000,000 machines you would have a far better chance of gaining access.

    Make no mistake, there are no amazing super-being programmers out there, all working together on a single operating system. Reality is no motion picture. Microsoft is not an evil corporation hiring programmers with a specific tailored lack of skill in specific areas to create an OS that is inferior. Those programmers at Microsoft are human beings just as those working on open source software, Linux, BSD and other operating systems.

    I would like to know where Linux programmers are requiring super-genes that make them so much better?

    Also, those running alternative opreating systems such as Linux or BSD are typically 99.999% of the time either gurus or corporations with data that requires security. Either one of these entities almost always take large steps to secure their systems. Why would you attempt to access systems which you know is most likely going to be secured when you can attack many systems whose users almost always have no concept of security - whose concept of security is installing software from any and every source on the Internet that claims to provide a working service for free.

    If you were walking the street and someone you did not know approached you and proclaimed "Hi! I just wanted to introduce myself as a courtesy to you out of the goodness of my heart and offer my services to you free of charge. I noticed that your home has no security system! Just say "yes" and I will ente your home and guard you from any and all intruders. Again I will not charge you a dime, I will not ask you for your credit card number or any identifying information.

    You say yes, and you return home robbed of everything you own. Except, computer users never know they are robbed. They don't know their keystrokes have been logged, or data has been sent across the Internet with personal information. They don't notice the information is gone, because it isn't. It has only been copied. These actions take place invisibly. Except on the Internet millions do this everyday. Why? The simple fact is because of their lack of understanding.

    As USAToday even said, 90% of systems connected to the Internet are running the Windows operating system. Whether this percentage is 100% correct I doubt highly, but it's a good estimate. Therefore, there will be more attacks on systems running Windows just due to the fact that there Windows is operated on the majority of systems.

    For example, if you have 10 Europeans visit a foreign country and 2 are infected with a virus. If you have 15,000 Americans visit that foreign country 3000 may be infected with a virus. Same percentage of infections, but significantly more people infected (20% infection rate).

    Does this make Europeans more "immune"? Absolutely not.

    link to this | view in thread ]

  62. identicon
    Anonymous Coward, 9 Jun 2006 @ 2:30pm

    Re: *nix versus windows

    I can't decide if it's amusing or sad to watch people argue about things they don't really understand.

    How does one ensure a networked host is secure? There are tons of things you could check, but perhaps the two biggest things might be:

    1) Disable all network services except those which are absolutely necessary.

    2) Audit running network services to ensure they are free of bugs and properly configured.

    The main reason *nix is considered more secure has to do with the relative difficulty of performing these tasks on windows compared to *nix.

    The focus in windows is on "ease of use" for the end user, and the end result of this focus is that important security related config data gets scattered all over the filesystem and registry. Often this data can only be read or modified with a GUI config applet, which makes automation of security audits difficult or impossible.

    Microsoft also loves to create lots of undocumented features and APIs, which the administrator has no way of knowing about. These invariably end up being used to turn on or reconfigure some network service without the administrator's knowledge or consent, potentially exposing the host. This sort of behavior would NEVER be tolerated by *nix customers, but we've grown to expect it from windows. Why? Because Microsoft claims they do these things to make the system more user friendly... again different focus.

    Lastly, the networking code itself is far more mature in *nix, since it was there from the very inception. TCP/IP wasn't supported in windows until decades later.

    Sure, any *nix system can be vulnerable, but the point here is that the *nix administrator generally has an easier task than his windows counterpart if he/she is asked to confirm with some certainty that the system has been secured.

    link to this | view in thread ]

  63. identicon
    Some Guy, 9 Jun 2006 @ 3:41pm

    Re: Re: Re: No surprise here

    I can't believe than some people here are so ignorant that they don't even understand the scope of their actions when connecting an unprotected pre-SP2 Windows XP computer directly to the Internet un-NAT'd or firewalled.
    Why do you even bother installing patches if you can't get malware installed by not doing anything? How moronic!
    I have absolutely no patience for people who claim to understand network security and don't.

    Please refer to one example:
    http://www.microsoft.com/technet/security/bulletin/ms03-043.mspx

    Do you know what buffer overrun means? Probably not, but hopefully you know how to Google it.
    Do you know what allows remote code execution means?

    Wow... you really need to get out of the IT field if you in fact are in it.

    link to this | view in thread ]

  64. identicon
    FullOFMyself, 10 Jun 2006 @ 2:31am

    Hey FLATLOOP

    Just because I talk about buttholes, it doesn't mean I have a prostate.

    link to this | view in thread ]

  65. identicon
    shadowdeamon, 11 Jun 2006 @ 9:01am

    Re:

    I mostly agree except that outside of the corporate world you'll find somwhere in the 90 percentile of end users are running as an admin instead of a user. Most don't even bother to create a password for login.

    This is where the Linux desktop is superior. Of course, I could run as root, and I have seen some noobs misconfigure their systems using only a root account leaving themselves completely vulnerable. No system is idiot proof and just when we think we're getting there, they build a better idiot. :)

    BTW - I'm a Linux noob myself, just installed my system in March.

    link to this | view in thread ]

  66. identicon
    cleatus, 2 Sep 2006 @ 1:38am

    Re: Re:ha!

    im sorry but it is not funny so please dont laff sur.

    link to this | view in thread ]

  67. identicon
    Roberto, 22 Sep 2006 @ 9:22am

    USB Security

    While this does pose a problem, there is a bigger question of security risks being posed by tech support. Why are these people having access to this much stuff, and why are there not being more measures taken to prevent this kind of thing? It all comes down to this statement: "Give a stupid person a shovel, and there will be crap everywhere." And why is there not addequate virus, and malicious program prevention? It is gonna take a little more scripting, but it can be done. This question is just that, an inquery, but think about it: Don't let stupid people have admin access. End of story.

    link to this | view in thread ]

  68. identicon
    Adam Lloyd, 4 Mar 2007 @ 4:34am

    Don't Just Plug Random Crap Into Your Computer

    well it depends like I like random crap for the usb like usb Rcket lancher usb lights but if you see a random us drive you wouldn't pick it up and put it in your computer

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.