PDA

View Full Version : Conficker wakes up



dspari1
April 10th, 2009, 06:08 AM
http://www.cnn.com/2009/TECH/04/09/conficker.activated/index.html

It's good to be a Linux user these days. :popcorn:

samrat1985
April 10th, 2009, 06:10 AM
All hail linux!! ;)

wolfen69
April 10th, 2009, 06:12 AM
meh

Mokoma
April 10th, 2009, 06:19 AM
yeah enjoy the saftey why linux is in such a minority. when it hits the bigtime we get this **** too

Murrquan
April 10th, 2009, 06:58 AM
yeah enjoy the saftey why linux is in such a minority. when it hits the bigtime we get this **** too

Of course! Clearly there's no other reason for UNIX-like operating systems' safety and security than their relative obscurity. I see no logical correlation in the fact that the virus and malware threat to Mac OS X hasn't scaled up in direct proportion to its exploding market share (http://marketshare.hitslink.com/os-market-share.aspx?qprid=9), or the fact that there is a thriving industry for other Mac programs. ^.^

dspari1
April 10th, 2009, 06:58 AM
yeah enjoy the saftey why linux is in such a minority. when it hits the bigtime we get this **** too

I don't think Linux will hit big time as Windows to ever be a target, but Linux CAN get as big as MacOS X in popularity which would be enough to get the commercial support the we desire.

I would be more than happy with that.

Methuselah
April 10th, 2009, 07:03 AM
OMIGOSH!!11
Now I'll have to scan by Hardy installation...

Giant Speck
April 10th, 2009, 07:10 AM
Oh, damn. I guess I'll have to continue using Vista and 7 normally, since I don't have the Conficker "worm." Poor me. :(

Mokoma
April 10th, 2009, 07:11 AM
linux just needs two things

A) to be more accessible

B) be more widely known

if you had a choice between paying 70.00+ for the lastest windows/bugfix service pack(cough 7) or the cost of a cd and 20 minutes. which would you pick??

i know which id prefer

Methuselah
April 10th, 2009, 07:13 AM
Oh, damn. I guess I'll have to continue using Vista and 7 normally, since I don't have the Conficker "worm." Poor me. :(

Sorry to hear.
I understand that everybody doesn't get it, even in times of epidemic.
Apparently they make use of some kind of vaccine or 'patch'.

Giant Speck
April 10th, 2009, 07:19 AM
Sorry to hear.
I understand that everybody doesn't get it, even in times of epidemic.
Apparently they make use of some kind of vaccine or 'patch'.

Is there a suppository option? :)

MaxIBoy
April 10th, 2009, 07:43 AM
yeah enjoy the saftey why linux is in such a minority. when it hits the bigtime we get this **** tooTell ya what-- you find me a single example of a security hole in Linux that has gone unpached for more than 96 hours after it was first discovered, and I'll start doubting you slightly less.

arizonalarry2
April 11th, 2009, 07:33 PM
I think I just got the conficker virus - I've got popups saying my computer is infected with spyware and I need to download now - how can I get rid of this ? Ubuntu 8.0.4. with all the latest patches running FireFox 3.0.8

Methuselah
April 11th, 2009, 07:45 PM
Is there a suppository option? :)

Actually, yes. I don't know what they'll come up with next!
Apparently this medicine is quietly administered at night while you're sleeping, at which point it may cause your, erm, 'system' to restart.
Imagine your surprise the next morning when you discover that everything you've inges... pardon me, invested in the previous day's work has literally gone down the drain.

I, of course, have explicitly disallowed that option, which, surprisingly, is normal procedure unless you protest.
I don't want strange things to be put in my system at night while I sleep without my permission!
Of course, YMMV.

CarpKing
April 11th, 2009, 07:47 PM
I think I just got the conficker virus - I've got popups saying my computer is infected with spyware and I need to download now - how can I get rid of this ? Ubuntu 8.0.4. with all the latest patches running FireFox 3.0.8

Those popups are fake. If you were on Windows the popups themselves might install spyware if you click them wrong; on Linux they're just an annoyance.

arizonalarry2
April 11th, 2009, 07:51 PM
Those popups are fake. If you were on Windows the popups themselves might install spyware if you click them wrong; on Linux they're just an annoyance.


That's a relief !

I was thinking of upgrading to 8.10 anyway, would I be safe to assume I can backup all my personal data and it will be virus free when I restore it on the new system?

days_of_ruin
April 11th, 2009, 07:54 PM
That's a relief !

I was thinking of upgrading to 8.10 anyway, would I be safe to assume I can backup all my personal data and it will be virus free when I restore it on the new system?

You don't have viruses, don't worry about it.

arizonalarry2
April 11th, 2009, 07:56 PM
You don't have viruses, don't worry about it.


Okay, that's good to hear - thanks !

ibuclaw
April 11th, 2009, 08:03 PM
Okay, that's good to hear - thanks !
Although one person must question the types of sites you go on if you are getting those sorts of popups. ;)

Have you tried the Firefox Extension NoScript? That ought to stop everything apart from the sites you whitelist.

[EDIT]
If you are a Windows User, these are two links for you to test whether or not you have Conficker on your machine (you must visit them while in Windows).

http://four.cs.uni-bonn.de/fileadmin/user_upload/werner/cfdetector/

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

Regards
Iain

Fenris_rising
April 11th, 2009, 08:07 PM
'Entering smug mode' :mrgreen:

CJ Master
April 11th, 2009, 08:08 PM
I think I just got the conficker virus - I've got popups saying my computer is infected with spyware and I need to download now - how can I get rid of this ? Ubuntu 8.0.4. with all the latest patches running FireFox 3.0.8

Although noscript is the cream of the crop for security purposes, it's also annoying as heck. If you just want the popups and adds to stop you should download "Adblock Plus"

Npl
April 11th, 2009, 08:13 PM
The Conficker worm is finally doing something--updating via peer-to-peer between infected computers and dropping a mystery payload on infected computers
Oh no, they are trying to kill the innocent easter-bunny!

justsomedude
April 11th, 2009, 08:13 PM
Tell ya what-- you find me a single example of a security hole in Linux that has gone unpached for more than 96 hours after it was first discovered, and I'll start doubting you slightly less.

The user. :)

collinp
April 11th, 2009, 08:17 PM
The user. :)

The user is a inherited security hole of any and all software, does not count.

|{urse
April 11th, 2009, 08:34 PM
@Hellow

Lol the user mos def does count. I could probably talk my way into just about any system with a little social engineering. I will grant that even that is much harder to do w/ a *nix user though.

bashveank
April 11th, 2009, 08:40 PM
Tell ya what-- you find me a single example of a security hole in Linux that has gone unpached for more than 96 hours after it was first discovered, and I'll start doubting you slightly less.

The conficker hole was patched ages ago, Windows update is on automatically download and install by default on Windows XP, Vista, and 7. So clearly, patches don't matter, it's the user's competence and will to install the patch.

WalmartSniperLX
April 11th, 2009, 08:47 PM
I hope my bank servers don't use Windows Server. :lolflag:

And those popups are probably saved in your browser cache or cookies. Just delete all temp files in your /home/usr/.browser folder and you should be good. Most browsers let you do this in the menu.

init1
April 11th, 2009, 08:48 PM
Tell ya what-- you find me a single example of a security hole in Linux that has gone unpached for more than 96 hours after it was first discovered, and I'll start doubting you slightly less.
Even when a hole does get patched, there are still be plenty of users who won't get it in time. Not all distros have automatic updates, and some people disable them on the distros that do.

MaxIBoy
April 12th, 2009, 01:26 AM
Windows tends to discourage automatic updates by pushing out possibly-defective antipiracy measures. I remember when WGA was first released as an update for Windows XP, and it was billed as a "security update." Then, I read the description: "Checks to see if you've got a legit copy of Windows." And the file was over a gigabyte! I thought, "wait, this is accomplished from within the browser whenever I download something from Microsoft's website, and it only takes six seconds or so! Why do they need a gigabyte for this? I don't trust it." Later, I found out that WGA does indeed phone home from time to time. Keep in mind that this was billed as a "security update."



This is why so many users turn of automatic updates in Windows. Linux distros tend no to do this kind of thing, so users don't turn the updates off. Also, old kernels are still updated. Even the 2.6.26 kernel is still being updated, as far as I know. These updates don't add features, but they do fix bugs and security holes.

Perhaps some other components of the Linux desktop don't have as stellar of a track record, but the fact remains that even for them, security holes are almost always patched preemptively, before they are ever exploited "in the wild."

SomeGuyDude
April 12th, 2009, 01:30 AM
Of course! Clearly there's no other reason for UNIX-like operating systems' safety and security than their relative obscurity. I see no logical correlation in the fact that the virus and malware threat to Mac OS X hasn't scaled up in direct proportion to its exploding market share (http://marketshare.hitslink.com/os-market-share.aspx?qprid=9), or the fact that there is a thriving industry for other Mac programs. ^.^

What's Apple's market share again? Less than 10%?

Yeah, any budding hacker who wants to cause nationwide pandaemonium would totally work to hit as much at 9.7% of computers, almost none of which are in an enterprise setting.

happysmileman
April 12th, 2009, 01:39 AM
Even when a hole does get patched, there are still be plenty of users who won't get it in time. Not all distros have automatic updates, and some people disable them on the distros that do.

Yes, but if the user chooses not to update it's their own fault, and that goes for Windows too.

The difference is that for Windows there very often isn't a fix available at all for a very long time, which you can't blame on the user.

MaxIBoy
April 12th, 2009, 01:42 AM
What's Apple's market share again? Less than 10%?

Yeah, any budding hacker who wants to cause nationwide pandaemonium would totally work to hit as much at 9.7% of computers, almost none of which are in an enterprise setting.Any budding cracker would love to go after more than 10% of all computers, especially when all of them are running nearly identical software, none of them have security software, and all of the users complacently think they're invincible.

Fact: OS X is inherently secure, but it's an up-and-coming target for trojan horses concealed in pirated software. Mac users do not take any security precautions, so they're easy targets for such attacks.

We have much to learn from this.


However, I still maintain that Linux is more secure than OS X. Linux and OS X both still have the advantage of inherant security. The difference: OS X is (except for the kernel) completely proprietary, so it can't be patched as quickly, and it makes the design choice of hiding as much as possible from the users, discouraging pro-active security precautions.

cardinals_fan
April 12th, 2009, 01:56 AM
The user is a inherited security hole of any and all software, does not count.
If this were true there would be almost no security problems. UNDERSTANDING is the key.

3rdalbum
April 12th, 2009, 04:19 AM
Any budding cracker would love to go after more than 10% of all computers, especially when all of them are running nearly identical software, none of them have security software, and all of the users complacently think they're invincible.

Fact: OS X is inherently secure

Darwin is pretty well secure. The OS X-specific parts of the operating system are badly architectured and badly implemented, so much that they don't respect the Unix-y security system underneath.

Past OS X flaws have included:

1. transmitting e-mail passwords in cleartext 6 months after the flaw was fixed upstream
2. Allowing any program to tell any Cocoa program running as root to execute a shell script, and then shipping a program that runs as setuid root; so with a single Applescript command any program or user can run commands as root. An Apple engineer expressed concern about this to his colleagues, 3 years before the tech media discovered it.
3. Allowing the Guest login to set cron jobs, allowing them to continue to run programs on the machine after they have left (Ubuntu has a guest session but does not allow it access to any delayed execution services).
4. Safari would automatically open shell scripts inside compressed archives that the user downloads
5. A limited user could open a setuid administration program, and then could run the terminal application from the Apple menu; the terminal application would run as root.
6. You can still gain root by dropping crafted files into the world-writable Libraries directory
7. Not a security flaw, but if you try to save a file in Leopard, it will delete the original and then write a new copy. A power outage at the wrong moment will cause the loss of your files. Enterprise users who have lost files are still demanding a "please explain". Leopard also does/did a similar thing when moving files from a local disk to a remote disk.

Dumb mistakes like these would give me ulcers about using OS X. Those are the worst security flaws that I've heard of in OS X; who knows what else is lying underneath the surface?

juancarlospaco
April 12th, 2009, 04:51 AM
But OS X dont have AppArmor and SELinux.
Chuck Norris uses SELinux

Peasantoid
April 12th, 2009, 04:58 AM
Huh.
Here comes the [Windows users'] pain.