Category: Malware

More fun with Gates & Ballmer…

The Zeus Trojan – the God of botnets.

NetWitness found a botnet with control of 74,126 Windows systems spread around 196 countries. These systems are found at medical companies, insurance companies, educational institutions, energy firms, financial companies, Internet providers, and government agencies.

And here:

Prevx came upon a cache with logon credentials for 74,000 FTP accounts. These accounts were for companies such as NASA, Cisco, Kaspersky, McAfee, Symantec, Amazon, Bank of America, Oracle, ABC, BusinessWeek, Bloomberg, Disney, Monster, and the Queensland government.

You know, you start to become jaded concerning the security of the most popular OS on planet Earth.

The OS that 90% of the people viewing this blog use.

The OS that your company runs on.

The OS that your government runs on.

The OS your school, college or university runs on.

The OS that your bank probably uses.

The OS that despite being quite clearly not fit for use, somehow continues to be used, because so many people’s lives dependent on it.

What people? Well you, me, the IT department that won’t even let you change your desktop pattern wallpaper at work, your parents, your friends, the guy you overheard talking in the bus queue this morning about how his computer has become unusable again, or the other guy he was talking to who said that all he had to do was:

a) pay for more security software

b) visit this site that tells you how to solve your latest Windows problem in 38 easy steps

c) buy a new computer

d) don’t do anything on your computer to do with online banking or payments of any kind.

And, yes that last group of people who benefit from the crap that Gates & Ballmer peddle every day – the criminals and ne’r-do-wells that use the money they generate from hacking your computer to buy & supply drugs to your kids, fund terrorism, and various other nasties.

Lots of fun for all concerned.

Thank you Mr Gates and Mr Ballmer for all this, and thank you Apple for allowing me to write this blog on a computer that is not affected by any of this.

Sorry for being so jaded, but I don’t see anyone, anytime soon kicking Windows technology out of the door.


Teflon Microsoft…

Teflon Microsoft

Courtesy of the ever-incisive Rixstep:

Reinforcing my previous post concerning the apparent invisibility of our friends at Redmond – why does no-one dare to question the insecure system that allowed all this?

China hack into over 30 western companies due to flaws in Microsoft Windows – how much more serious does this have to get?

Why does nothing seem to stick to this company?

The best (for them) days work Microsoft ever did, was to convince everyone that they are blameless for the security holes in their software.

Microsoft’s subtle trick…

The Devil

I remember a Christian once saying to me that the best day’s work that the Devil ever did, was to convince everyone that he didn’t exist.

A similar analogy, is that the socialists have convinced everyone that George Orwell’s book ‘1984’ was about fascism, when actually it’s about the dangers of unrestricted socialism (IngSoc, stands for Engligh Socialism).

These thoughts were piqued when I read a newspaper article in the UK’s DailyMail newspaper, outlining the experience the reporter had when they accidentally clicked on a spammer’s email.

The chaos that ensued, highlighted the dangers of clicking on these sorts of emails, and the article well worth a skim:

Courtesy of the UK’s DailyMail newspaper:

I always like to read articles like this because they show the computer experiences of your average Windows user; and I mean the really average Windows user.

The average Windows user makes up the majority of Microsoft customer base, and this article perfectly illustrates the clever trick that Microsoft has played upon them.

The article in question is basically about someone who received an email that asked for all sorts of personal information. This email was a spam email, but the user dumbly accepted it as legitimate, and duly got conned – malware was installed and all sorts of chaos ensued.

Now you can comment on the ineptness of the user, but this article isn’t about their stupidity, it’s about the person that they ultimately blamed.

It’s a big, long article that goes into great detail about what happened to them, but nowhere and I mean nowhere in the article is the word ‘Windows’ or the word ‘Microsoft’ mentioned. Not once.

Ultimately the person who they blamed was – Yahoo. They blamed the email service for failing to filter out the email.

Not themselves for being so inept, not Microsoft for selling them an OS with security holes, but Yahoo. Poor Yahoo.

From the article:

Finally on Monday, three days later, smooth-sounding Jessica from ‘the Yahoo concierge service’ called to help me get back into my account and reassure me that Yahoo took such violations very seriously.
She would not be drawn on who might be responsible at Yahoo for stopping hackers. I wanted to know why Yahoo’s own filter system hadn’t spotted a bogus email sent in their name and taken it out before I opened it.

And here lies the biggest trick that Microsoft has made – they’ve made themselves invisible.

They’ve subtly altered people’s perception of computing so that they are blameless.
They’ve convinced the average Windows user that security holes are a way of life, and it’s not their fault, but it’s the fault of:
  1. You for not constantly being on your guard to make up for the fact that an email link can allow remote software to be installed.
  2. The ‘bad guys’ who send out these emails and take advantage of the security holes in Microsoft software
  3. The email provider for not filtering out the ‘bad guy’s’ emails.
All this is very depressing, but even more depressing are the 30 or so comments to this article from more ‘average Windows users’.
They all comment on the dangers of email, how they had spam before, and how they ultimately accept it as a way of computing life.
To add insult to injury, a drone from Sophos gives 3 golden rules for online safety – not one of them states to give up Microsoft software and choose Linux or Apple.
I’m fully aware that phishing emails are a malware-vehicle that could be used on these platforms as well, but the security hole that this email exploited was for Windows – as most, if not all of them are.

The many ages of a switcher…

Tell me you problems

When I’m bored (I mean really bored), I spend a few 1/4 hours surfing the Apple discussion boards, and nestled in amongst the questions, bugs, answers and advice I come across postings from recent switchers to the fairer platform.

What’s odd is that these postings have very similar topics and all seem to be categorised around repeating experiences.

1) The brand sparkling new switcher. This person has really only just got their Mac that weekend and they’re still breathless from the experience. They love it (of course), but want to know the following:

a) what applications there are to function the same as Wordperfect and Paint,

b) why the menubar is always at the top and why can’t it be moved,

c) how to turn off mouse-acceleration,

d) where can they get Anti-virus/malware programs.

2) The settling down switcher. This person has had their Mac for a few weeks and has learned to live the Mac-way, rather than trying to customize their Mac into a Windoze clone. The questions however continue.

a) Why can’t they change the size of the fonts in the menus,

b) Can .exe files run on a Mac,

c) Can they delete the Apple applications they don’t want,

d) They really need an Anti-virus/malware program, where can they get it from.

3) The Mac-tinkerer. This person has grown comfortable with their Mac and has successfully transfered all their pirated music/pron photos etc over. Now down to business:

a) I want to be able to delete anything on my Mac, how do I become an Administrator so I can do this?

b) I want to edit my swap file but I don’t see any way to do this, how?

c) I want to edit the registry, where is it located?

d) Are you really sure I don’t need anti-virus/malware?

e) I’ve been using my Mac for a few weeks now and need to defragment my drive, what programs are available?

4) My Mac has slowed down I must have a virus, yes a virus PLEASE HELP! Because every problem they have ever had with Windows was down to a virus/malware/spyware/keystroke logger, they are convinced that as soon as the beachball occurs, they must have a virus. Helpful Mac-users point out:

a) You don’t have a virus

b) Really no you don’t

c) Post exactly what your symptoms are and we can find out what the slowdown is caused by

d) No, really you don’t have a virus

e) Ah, the reason why your computer has slowed down is because you’ve put 180gb of pirated movies/music on your Mac and there’s only 1gb of space left.

5) OMG! My Mac’s not working PLEASE HELP! This person has decided that even though they are happy with their Mac, they want to make it better, and has accidentally deleted:

1) The Finder

2) The Terminal

3) The Library folder

4) All of the above

and of course they don’t have a back-up. They curse the day they ever bought a Mac and complain profusely that this never happened on Windows.

I know that’s there’s a bit of exaggeration here (only a bit mind), but every one of the above true observations, is centered around this concept:

To a Windows user, the fun in using a computer comes from keeping it running, installing and updating Antivirus, editing key files to squeeze out 1.7% extra speed, configuring arcane files, messing around under the hood.

Not actually using the computer to learn or create something. Sure they probably do some of that along the way, but first and foremost a computer needs careful nurturing before you can do any of that silly creative nonsense.

If you could define a Mac, it would be that it arrives, out-of-the-box, ready for you to use, ready to have some fun.

Aah, the wonders of ‘open’…

google malware

MacDailyNews – Malware designed to steal bank information pops up in Google’s Android app store

I’ve posted previously about the viewpoint of certain Mac-gurus (Inak-cough!-hto), that Apple’s over zealous closed system for the iPhone is something they should abandon and allow the users to decide whether or not they can run ‘x’ software on ‘their’ phone.

Apple have stated previously that a phone is not like a computer and you shouldn’t be allowed to just run anything on it – I agree.

Along comes Google with their ‘open-and-not-like-the-horrible-closed-iPhone’ GooglePhone, and this is the result, and as if to add insult to injury you have to do this:

If you did download the Droid09 app, please remove it from your phone and take it to your mobile provider to ensure it’s completely removed.

Not only do you have to delete it, you have to take it to your mobile provider to ensure it’s totally gone.

Take note of my emphasis – not only can you not be sure it’s gone by deleting in the UI, but you have to take it into the place you bought it to sort this problem out.

If something went wrong with an iPhone, you’d take it to an Apple Store, who’d be briefed on the problem and be able to sort it out there and then. Can you imagine taking your phone back into a high street phone provider and asking the untrained, minimum-wage spotty teenager to help you?

Ah, but at least you have an open phone… can’t use it reliably because it’s full of malware, but at least you haven’t got one of those ‘closed’ iPhones…

Posted using ShareThis