|
Randy Cassingham's BlogHistorical Details and Author's Notes from This is True®
|
Are You Responsible for Spam?
So if True's readers are the "Cream of the Crop" (as I have said many times), what does that make the rest of the online population? About as scary as the Waterbury School Board. This week the online security firm Sophos threw up its corporate arms in disgust over the continued proliferation of viruses and "worms" online.
Free Weird Newsletter
"The criminals responsible [for such malware] are obviously making money from their code, otherwise they'd give up the game," said Sophos senior technology consultant Graham Cluley. So what to do? "Hackers seem happy to primarily target Windows users and not spread their wings to other platforms. It seems likely that Macs will continue to be the safer place for computer users for some time to come," and thus Cluley recommends everyone get Macs instead. Yeah, sure, Mr. Clueless: people can't be bothered to simply run the update programs included with their computers, but they will spend thousands to upgrade their hardware and buy all new software.
Here's the reality: most of the malware out there is exploiting weaknesses in Windows, Internet Explorer and other parts of your computer that have already been patched by Microsoft. Because so many people have not updated their systems, which is free, various worms and viruses are able to get in. In the old days, the risk was "it'll erase everything on your hard drive!" Others could point their fingers at the victims and laugh over their foolishness. Now, we're all the victims of foolish computer users' laziness: instead of erasing files, malware is much more likely these days to take over your computer and use it to send spam. Having spam sent from thousands of compromised slave computers spread all over the world makes it harder to stop, which is why it's still so prevalent. And if one of those computers is cleaned up? No worries: the spammers have thousands of others waiting to step right in and take up the load.
This is serious stuff, folks: if you are not keeping your computer secure, you are enabling spammers to clog everyone else's mailboxes. Indeed I have no doubt that scores of This is True readers currently have infected computers.
There is something very easy to do right now to help if you use Windows: open your Internet Explorer browser. Go to the Tools menu and click on Windows Update. Then follow the prompts to update your computer. It might take several iterations of this to completely update your system. If you haven't done it in a long time and you're on dial-up, it could take several hours to download all the patches. Do it, even if you have to leave it running when you go to bed. Again, this is free. While you're there you have the opportunity to turn on "Automatic Updates" to ...yep... get future updates automatically. If you want more control choose "Download updates for me, but let me choose when to install them." It's just not worth the risk to not do it. Let alone that you're putting everyone else at risk if you don't.
That's the very least you can and should do. For more, read up on the subject at Ask Leo, True's official computer support geek. Next, you can scan your computer for hidden spyware and such.
And last, if you don't already understand how to protect yourself from spam and other e-mail pests, don't do anything else online until you do. My own Spam Primer site is a great place to start. Just as one example of the important topics covered there: "phishing". "Phishers" are unbelievably persistent: so far this year, there have been over 500 attempts just to get my Paypal password alone -- an average of more than two-and-a-half times per day! Now and then they're so convincing even I have had my heart skip a beat, thinking there's something wrong with my account there. Nope: they "got" me for just a second. And 99.9% of you are easier targets than I am. The Internet is just like the real world: varied and wonderful, but dangers lurk. There's no need to be paranoid, but there is a need to protect yourself.
RSS
Most Recent Comments
Posted by Chris, Melbourne (AU) on July 15, 2008:
Diana of Ontario, your ideas are excellent. (I've been doing and advising the same for years.) Personally, I don't bother with the automatic updates; but anybody with a completely unpatched XP system - and I presume the older Windowses are even more at risk, but I won't say anything about Vista - anybody with unpatched XP on the internet is both foolish and naive.
A couple of weeks ago, my laptop needed to be sent off to Sydney for IBM service. In the meantime, I needed a lappy to take with me on the bus (as an aside, I'm typing this message while sitting on a bus - on my own laptop again - and it runs XP). I borrowed another ThinkPad from a family member, removed the hard drive, and put in a new one. Since I didn't have access to my usual facilities, I just carried a Windows XP install CD with me on the bus, and installed Windows immediately prior to using it. Knowing full well that I was going to be at extreme risk, I strongly restricted the things I did. How long did it take before the system was compromised? About TWO MINUTES. I wish I'd timed it down to the second, because it was so quick that the HH:MM clock on the start bar just wasn't accurate enough to say how long it took.
The next time I needed a spare laptop (I repartitioned and formatted the hard disk as soon as I got home, without connecting the laptop to the network), I installed XP and then applied Service Pack 2. This was an improvement; in fact, it took TWENTY minutes before I was compromised. Wow, a 900% improvement!! But still hardly something I'd recommend. By comparison, I've been using my main laptop for over a year now; when I set it up, it had all Windows updates to that point applied, but I've not applied any more since. So far... not compromised. System's running fine.
So what does this mean? I think it means that there are people out there who port scan huge blocks of IPs, looking for systems that can be attacked by the oldest exploits in the book; the newer exploits aren't worth their while to look for. So if you have a Windows computer, you NEED to apply at least SP2 and all the current "Critical" patches; but Automatic Updates isn't nearly as important.
One point to note: The attacks took place without me ever touching IE, MSN Messenger, Outlook, or any of the above. These are the patches necessary if you want to run Windows with only trusted software. (In this instance, I was running RosMud++, a MUD client written in pure C++, and to which I have the full source - I KNOW that it's not going to cause problems.) If you use Firefox, keep an eye on the updates; if you use IE, you probably need more of the Windows Updates. Don't sue me for advising against WU when you went browsing dodgy sites and got "got" by some rogue ActiveX control! :-)
The unfortunate reality is that Windows core services have MANY vulnerabilities. It's not possible to enumerate them all; the only thing to hope for is that Microsoft release patches for them before TOO many crackers start exploiting them. Alas, Microsoft are none too swift in releasing patches... so the best thing to do, if you're going to use Windows, is to have a combination of a software and a hardware firewall. With that, you may not be 100% safe, but you're pretty close to it.
Posted by Eric, Shrewsbury MA on July 15, 2008:
At work I did an update for Windows XP and it so totally trashed my system IT just gave me a new system rather than fix it.
I decided from that point on I would turn off automatic update at home and I haven't updated since. Of course I have a hardware firewall and run anti-virus software so that runs a lot, but I can't afford to lose my whole system and I'm not turning automatic update on until I get a new computer, if then. Or, until a virus trashes my system more thoroughly than Microsoft Update did.
---
My guess: the earlier trashing happened because the system was already infected by a virus. -rc
Posted by Graham Cluley, Sophos on July 16, 2008:
Yes, you're right that keeping up-to-date with security patches and browser updates helps lessen the chance of infection. Unfortunately, however, many home users still seem to be getting infected by malware which logic suggests that there is no reason for them to get infected by (if they have been practising safe computing tips).
Therefore, it is these home users - who keep getting hit, time and time again - who might want to consider switching to Mac next time they upgrade their PC... not because Apple Macs are better, but simply because there are less bad guys targeting them.
We've tried educating these people about patches and updates and safe computing, and it just hasn't worked... so maybe rather than bashing our heads against a brick wall we should just suggest that they go to a place where they are less likely to get hit in the eye by an arrow.
My name is spelt Cluley by the way, but well done on a very funny pun.
Cheers
Graham Cluley, senior technology consultant, Sophos
---
I have fixed the unintentional misspelling, though left the intentional one; I'm sure you've heard that pun many times, so I appreciate your sense of humor.
Yes, I agree that there are fewer malware authors targeting the Mac platform -- currently. If numbers were to reverse, leaving Windows a tiny portion of the market and Mac strongly dominant, that targeting will also reverse. People will have spent many thousands only to become a target again, putting them back on square 1 -- and leaving us with a problem again. Escalating the war doesn't really solve anything.
A crackpot theory? Nope: before the PC became dominant the Mac was indeed in this position. Viruses were unheard of anywhere but the Mac. I'm not sure how old you are, but I certainly remember it. -rc