“According to an article in Information Week, Microsoft is aware that the ‘Kama Sutra/Blackworm/MyWife’ worm will hit on Friday, overwriting office documents, but will not release a patch until its regular monthly patch release on February 14th. Unless, that is, you subscribe to one of Microsoft’s pay security services, in which case your machine will have the worm removed in advance.”
Nice business model. Seriously, is Microsoft the MOB?
This reminds me of the Hitchhiker’s Guide to the Galaxy.
Interesting, but how?
Somehow this tactic reminds me of the US government. “We know terrorists are going to hit a major target in the US, but we aren’t going to do anything about it until such and such.” (World Trade Center) “We know the levies in New Orleans are weak and that a hurricane is coming, but we aren’t going to do anything to reinforce them. We also aren’t going to notify FEMA of the survivors until a week after.” (Hurricane Katrina)
The reason OS X doesn’t have viruses like Windows is because OS X isn’t the same OS and it’s designed to be more secure.
If you take comfort in the fact that only “a few thousand” people had their files deleted in Europe (what’s the number in the U.S.?) by this Windows virus, you are like a battered wife.
I read that Texas is suing Sony for spyware installed by their audio CDs.
This crap doesn’t happen on OS X because it can’t happen.
The reason OS X doesn’t have viruses like Windows is because OS X isn’t the same OS and it’s designed to be more secure.
If you take comfort in the fact that only “a few thousand” people had their files deleted in Europe (what’s the number in the U.S.?) by this Windows virus, you are like a battered wife.
I read that Texas is suing Sony for spyware installed by their audio CDs.
This crap doesn’t happen on OS X because it can’t happen.
<zealot mode activated>
A few thousand is a drop in the ocean on Windows. On the Mac, the percentage would be whole lot closer to a whole number.
Got any proof tha OS X is bulletproof? Not that viruses can’t do damage, but that they can’t propagate at all, not because of the mostly technically minded userbase, but because of the OS?
<end zealot mode>
Seriously though, when the average user is on a Mac, you’ll see it become the target more often.
Everybody on Windows are logged in as admin because they have to.
Admin has way too much unrestricted power on Windows, e.g. no “sudo”.
ActiveX has way too much power on Windows, it can even update the OS itself, i.e. any page in the internet has a potential power to destroy your PC. How stupid isn’t that?
Someone said to me that Windows wasn’t really designed for bigger networks, Microsoft almost missed the internet-revolution entirely (I can dig up a few articles if you like), so in the internet is it actually a wide open target (well, was at least).
I know no other OS which is as badly designed, e.g. the BSD engineers had the hostile environment, which internet is, in mind from the beginning (I can dig up a few articles about this too if you like).
Someone said to me that Windows wasn’t really designed for bigger networks, Microsoft almost missed the internet-revolution entirely (I can dig up a few articles if you like), so in the internet is it actually a wide open target (well, was at least).
Windows XP is actually NT 5.1, NT WAS designed with corporate networks in mind. Windows ME, 98, 95, 3.11 were not.
Windows XP is actually NT 5.1, NT WAS designed with corporate networks in mind. Windows ME, 98, 95, 3.11 were not.
Well, a LAN like a corporate network could be considered somewhat more secure, but according this source did MS begin development 1988 and sold the first version 1993 which means it’s pre-internet, which can in part explain why it has been such an easy target.
Windows XP is actually NT 5.1, NT WAS designed with corporate networks in mind. Windows ME, 98, 95, 3.11 were not.
Well, a LAN like a corporate network could be considered somewhat more secure, but according this source did MS begin development 1988 and sold the first version 1993 which means it’s pre-internet, which can in part explain why it has been such an easy target.
Microsoft didn’t put much of a development effort into NT until 4.0. Before that MS was putting more resources into WFW and DOS. 1993 is not pre-internet either. NT 4.0 was pretty decent, the real mistake MS made was when it wrote IE 5.0 and 6.0 with ActiveX, which pretty much gave anyone writing a webpage to execute anyting they want on a visitor’s computer. Now that MS has closed the ActiveX invititation Windows is OK with security. I don’t think MS is completly in error for not releasing a patch for this virus, considering I could write a similar one in visual basic in a couple hours, what we really need is a patch for peoples’ brains who are stupid enough to execute a mystery attachment without being fully aware they have more than likely just opened the door for a virus. Then again, MS should really try to work on preventing people from doing such a thing by tracking attachments and putting up a big fat warning dialog saying, “You are about to do something stupid. Opening mystery e-mail attachments is a dumb idea. If you are sure you want to do this, enter “*” in the text box below.” *is some randomly generated bunch of characters, this way they will be forced to read the dialog.
You forget that MS was VERY late, Bill thought the CD-ROM was the future according to some sources.
Now that MS has closed the ActiveX invititation Windows is OK with security.
Are you 100% sure?
I don’t think MS is completly in error for not releasing a patch for this virus, considering I could write a similar one in visual basic in a couple hours
And you don’t think there’s a serious flaw (at least) in Windows then?
what we really need is a patch for peoples’ brains who are stupid enough to execute a mystery attachment without being fully aware they have more than likely just opened the door for a virus.
Why are you (and MS) putting such a burden on the user’s shoulders, and such a light one on the OS? It seems like weak excuses to me, considering that Windows continues to be the only target (to 99.999% or something).
My advice is to demand more from Microsoft or use something else than Windows.
You forget that MS was VERY late, Bill thought the CD-ROM was the future according to some sources.
Now that MS has closed the ActiveX invititation Windows is OK with security.
Are you 100% sure?
I don’t think MS is completly in error for not releasing a patch for this virus, considering I could write a similar one in visual basic in a couple hours
And you don’t think there’s a serious flaw (at least) in Windows then?
what we really need is a patch for peoples’ brains who are stupid enough to execute a mystery attachment without being fully aware they have more than likely just opened the door for a virus.
Why are you (and MS) putting such a burden on the user’s shoulders, and such a light one on the OS? It seems like weak excuses to me, considering that Windows continues to be the only target (to 99.999% or something).
My advice is to demand more from Microsoft or use something else than Windows.
Yeah but there was still those *#&$ AOL disks being mail everywhere which ran on DOS at the time, fortunately you could erase those disks and use them for something else.
MS is okay with security in that I can go on the internet without instantly having a virus after visiting three websites.
I could write a similar virus for OSX too, Linux is different because it never *#(# executes anyting you click on.
At some point the user should have to think for themselves, not opening mystery attachments IS that point.
At some point the user should have to think for themselves, not opening mystery attachments IS that point.
Well, yeah, you can argue this all you want, but it’s an ongoing problem and it has no easy solution. Yes, users need education, and many people are doing what they can about it. But there are still millions of users out there who have almost no idea what they’re doing when they click the Connect button, and will click on almost anything. There are still people who don’t know that you shouldn’t open mysterious attachments from mysterious addresses.
It is for these people that the safeguards are necessary. If the user hasn’t learned that opening this attachment will erase their hard drive, THAT FILE SHOULD NOT BE ALLOWED TO ERASE THE HARD DRIVE. Never. Ever. In a million years. The OS has as much responsibility to be safe and secure as the user. To Microsoft’s credit, they are slowly realizing this and changing the way things are, but things just shouldn’t be like that in the first place.
Got any proof tha OS X is bulletproof? Not that viruses can’t do damage, but that they can’t propagate at all, not because of the mostly technically minded userbase, but because of the OS?
Got any proof I can’t fly?
Got any proof that the OS X user base is “mostly technically minded”?
For a virus to spread, the OS needs to give it the ability to spread. OS X doesn’t. This is why there is no virus that sends itself to every person in your Address Book on OS X. There may be the ability to copy itself to another volume that the logged in user has privileges for, but that’s it.
Liam, why do you think OS X has ZERO viruses simply because there are 25 million users versus Windows’ hundreds of millions of users? You have ZERO evidence to back up your position, and yet I have the evidence that after five years there are still ZERO viruses for OS X.
Your position is that OS X has ZERO viruses simply because there is nobody out there who wants to write one. Do you have any proof that there is nobody out there who wants to write one? And don’t you think all of this security notoriety OS X is getting would spur someone to write a virus?
Your position is that there are no proportions—that there is some magical number that OS X needs to hit before there is a single virus. You also ignore the technological differences between the two operating systems.
The reason my first Windows XP PC started bringing up ads on my screen that I couldn’t even quit was because Windows XP was designed with a messaging system for admins and advertisers learned how to blast their ads out and Windows XP systems on the Internet would display their ad to me. This messaging program was on by default.
OS X doesn’t have this messaging system.
The reason you don’t use Internet Explorer to view “shady sites” is because IE has technologies that are different than OS X’s browsers.
In this article from Paul Thurrott, we learn that Paul got a trojan horse and couldn’t get rid of it:
On Sunday night, while preparing for a trip Monday to New York, the notebook I had planned to bring was suddenly struck by the most malicious software (malware) I’ve ever encountered. This Trojan horse got through my defenses despite the fact that I was running the Release Candidate 1 (RC1) version of Windows XP Service Pack 2 (SP2) with the firewall turned on. It was infuriating, and after hours of investigating, deep cleaning with various antivirus and spyware products, and consulting with my technical guru (Storage Update’s Keith Furman, a lifesaver), I finally gave up. As I write this commentary, I’m heading to New York by train, using a different machine, and my infected laptop is home, awaiting a complete wipeout. I never did completely clean up the machine, and I’m still frustrated by the defeat.
Liam, if your point that OS X has ZERO viruses simply because there are only 25 million users of it, why do devices with fewer users have viruses, like the Symbian OS on cell phones?
Even AOL has/had fewer clients and was frequently attacked.
This was written for both platforms. Sony was however unable to make it as effective on OSX. On windows when you inserted the CD the autoload would install the app automatically and completely silently.
OSX rootkit can only be started by browsing the CD and looking for start.app. Double clicking on it. Then you have to enter your logon name password and then it installs. This is just an example of how OSX is much more secure by design.
