February 3rd, 2004 10:28 PM
Will there ever be a "cure" for Viruses?
Given the increased chatter once more due to mydoom I was wondering what peoples views were on the subject of whether or not there will come a day when we no longer have to worry about viruses? or whether they will be able to be dealt with easily.
It seems that the handling of computer viruses is similar to that of biolgocial viruses. Cures are few and far between, instead we develop ways to deal with things (I think Cholera was the last virus that was actually cured, Aids, cancer etc... all have drugs which help you to live longer but do not for the most part cure the diseases). So, does the computer virus industry behave in the same way as the drug companies? Is the money to be made from fixing inherently insecure applications and providing patches? rather then providing a way to remove, or at least greatly reduce, the threat of viruses? (Yes, is the simple answer to that)
Personally I think we will never see and end to the current situation (at least not for a long time). Operating systems continue to be full of holes which for the most part seem to be due to poor coding. We then have an entire industry that thrives on the FUD from viruses. Anti-virus companies roll out new products every year offering the latest and greatest solutions to the problem, but which require a paid subscription at some point to maintain your signatures. Consulting companies tout huge figures around as the result of virus attacks, leading to new contracts with companies who are scared to death that the next virus will be the one that makes their servers self destuct. OS vendors release new 'improved' versions, which turn out to be full of the same holes as before, just in a different disguise, and so the cycle continues. This cycle creates alot of cash so why stop that by providing users with stuff that actually works as it should and is problem free. True there are OS's out there that are for the most part immune from viruses due to their architecture, but the cost of these makes them totally impractical for all but the largest corps.
So, I fear that the cycle will continue, email virii are the equivalent of the common cold, a very commonplace occurence that you would think we would be able to deal with (yes, i know, 300+ versions of the common cold, but you get the point) and yet they continue to cause havoc on a regular basis. Now, many folks will say that the users have a part in this, that they should be educated in what to do (I myself have said this elsewhere on this site), but for those who don`t they should still be protected, you don`t need to know how to configure your Airbag in order for it to save your life in an accident, and who knows how seatbelts work? or for that matter who can fix their car? probably a very small percentage of those who drive, and yet cars seem to work ( for the most part) and their safety features save lives. End users should not need to know much in order to protect themselves, they are afterall, 'endusers'. so why can`t we make their lifes as easy as possible? Leave the tech stuff to those of us who want to do it. I think our culture is playing a part in this too, but thats an even longer discussion..
Sorry to rant, just wanted to get this out there and hear what others have to say.
Quis custodiet ipsos custodes
February 3rd, 2004 10:37 PM
I have to agree to a point. In fact, what I've been hearing is that viruses are going to get worse rather than better. Ease of use may not necessarily be the answer. While the comparison to a car is good, I don't need to be an engineer to understand the importance of viewing all the extensions of files I receive (why is this turned off by default? oh ya.. to remove those ugly extra info), I don't need to learn that not every file I receive is, in fact, for me (yes, Virginia! There are bad people out there) and I don't need to see everything in HTML (the schmuck that started this idea should be shot! Oh wait.. I think that was Billy).
In my opinion, humble or otherwise, one of the things that seems to continue to drive it is the quest to make things easier for users to use their computers. If a person can setup a machine/OS in a few minutes then the user views this as good. If we can help the user by making repetitive tasks easy then that's good. What is often forgotten is that what is used to make things easy (a simple scripting language so that it doesn't cause huge overhead) or hiding all those "nasty, ugly details", tends to open the door for viruses to come in.
If users are "forced" to understand things better then maybe we might have a hope to slowing things down. I'm not too hopeful however. IIRC, the "I love you" virus cost well over $1 billion USD in "guessetimates". I'm hearing 25 times as much for MyDoom (don't ask; I swear they pull these out of their ... well, you know).
And that's not a good thing. (Yes, Martha, not everything is good).
February 3rd, 2004 10:53 PM
I agree with you in that trying to make it easy is part of the problem, although perhaps computers should be easy ,at least home computers for people to type letters and play games - these folks need computers that are the same as any other household appliance, you switch it on, do your stuff, then switch it off and don`t worry about it. Although I don`t think we are ever going to get to that point as a computer is slightly more complicated then a toaster, sure would stop a lot of these problems though.
Mi2g are quoting $37bn (I think) as the MyDoom estimates, thats being pulled deep from within there you know where....
Quis custodiet ipsos custodes
February 4th, 2004 01:27 AM
I think that if the common user recieved any sort of advice or guidance on things such as how to safely use a computer, everyone would be better off. Take school for example. Schools pimp the Internet as the new frontier for learning and business tomorrow. Yet they don't let you check e-mail. They tell you nothing about e-mail. They don't really tell you that e-mail can have viruses in it. They just say "don't check e-mail at school," and the problem is solved. If the education system could find some point in middle school or somewhere to tell students about computers, then along with saying "here is how you right align text in MS Word" they need to say "Not everything is perfect. Disable HTML e-mail in Outlook, and don't click .EXE/.BAT/.VBS attachments in e-mails because anyone who has any sense will WinZip the files before sending them anyways."
Until that happens, I can see that any software maker will be happy to offer yearly or monthly upgrades/updates. There really isn't much reason that todays AV/Firewall solutions can't detect something abnormal. Does your firewall really have to think that you send 500 e-mails a second on your Cable/DSL Internet connection unless you make a firewall rule saying you don't? And why would your AV solution assume that MS Outlook doesn't have any flaws and let that old buffer overflow HTML e-mail with .EXE attachment through its filtering proxy?
But I don't want to take too much of the blame off of the home user. If they are ignorant to what is going on, then we are all in trouble. But if they can be educated at some point in time, everyone will be much better off. And then this cycle might be broken from within...
February 4th, 2004 03:03 AM
On page 2, there's an "estimated cost" of the worst viruses:
After years of success deploying more effective and smarter defenses, anti-virus researchers contacted last week in the wake of the MyDoom outbreak acknowledged for one of the first times that the battle may be getting away from them.
Sobig ($37.1 billion)
MyDoom ($22.6 billion)*
Klez ($19.8 billion)
Mimail ($11.5 billion)
Yaha ($11.5 billion)
Swen ($10.4 billion)
Love Bug ($8.8 billion)
Bugbear ($3.9 billion)
Dumaru ($3.8 billion)
SirCam ($3 billion)
February 4th, 2004 05:49 AM
Actually MsM users wanted that [ a ton of other features ] so in reality it's not entirely their fault. Users have to start taking responsibility for their own ignorance.
What is a big corparation like MS gonna do when people whine about wanting new features and security at the same time ? Then once someone finds a flaw & exploits that new feature people bitch and complain and try and put the blame on MS. Isn't that being a hypocrite in a someway ? There's not much that you can do especially when your trying to please everyone. Hell you could hire the best security experts, programmers etc but someone will still find a flaw and complaing about it.
and I don't need to see everything in HTML (the schmuck that started this idea should be shot! Oh wait.. I think that was Billy).
As for companies such as Symantec, Sophos, Trend etc etc they could sell better av software. Why dont they sell it ? Well personally cause many regular users wouldn't really care to purchase it. Some people will say : Why spend $40-50 when next year the product will be out-dated and new software will be out ?
But tim_axe is on the right track.
Educating users when their children would be the ideal time. Especially since at a young age most children would be very intrigued in wanting to learn. For example I know my niece gets very interested when ever she sees me on the computer. I'll take the time and do my best to try and explain to her the dangers [ in an easy way she's only 3 but very bright ] such as : viruses and the sort. And what could happened if you opened an e-mail sent from joewhoever. You get the point.
Too conclude my rant which went all over the place ... [ Sorry if I got off topic ... bad habit ]
There will always be people who are security conscious and care, admins, programmers doing there best to improve code and make it more secure etc etc .... but also ....
There will always be people out there who dont appreciate others hard work and wont care so in the end everyone who does and doesn't care will suffer the consequences of others selfish actions.
Humm me starts to wonder what Tony will say ?
February 4th, 2004 10:31 AM
Is it their fault or the fault of the manufacturers who encourage users to believe that anything is possible? Remember Where do you want to go today and Start me UP!? I think that manufacturers are encouraging users to think they can have anything. Perhaps that's a true thing but...
..users wanted that [ a ton of other features ] so in reality it's not entirely their fault. Users have to start taking responsibility for their own ignorance.
While it's not bad to have features, I think it's bad if the manufacturer's don't do some thinking about what the risks are. Like why did Outlook, in it's original implementation, have VB script not only enabled by default but you can't turn it off?! Right now, I have Outlook Express (it's not 2003 so don't send me that link) and I can't turn off receiving HTML. I can turn sending it but not receiving it (I hate HTML email).
Neg, holy ****! I didn't realize that SoBig had been "SoBad". $37Billion eh? geez. No wonder last year was the Yeay of the Virus. I guess this year will be the Year of the Virus and Phishy. Maybe the Phish can eat the Bug.
February 4th, 2004 11:09 AM
It is hard to say who is "guilty".
Let's get back to cars... you don't have to know how airbag and seatbelt works, but what we all first learn when we sit in the car with instructor is "fasten your seat belt"!
And we have to remeber that first cars didn't have seatbelts and aibags... but when ther started to be faster and faster... and more and more people started to die in car accidents, manufactures were under preasure to make more safe cars... but it still doesn't stop people to die in car accidents...
maybie, when people start to die because of computer viruses in larger number, software and hardware manufacturers will be under greater preasure... but, do we have to wait for that? No, I think that our little and humble community can make a difference. Our knowledge is our obligation. I can't make a big difference alone... I live in relative small town... in countre where law is just imaginary. Neither could anyone else, no matter if she/he live in New York, Paris, or Khandahar(Afganistan).
But if we try to act together, there might be something. AO is not that little as it could look like when we just count memebers... Each memeber is not just number... Each memeber has some specific knowledge, or contacts, or both... So, we all have to ask ourselves: What I can do myself, and what all of us can do together?
For start we could spend more time teaching people we know...
And we could try to make more preasure on MS, SCO, IBM, HP, DELL etc.
Why is linux so stable and secure? Because so much people work on it. Let's spread that on other OSes. Those who work for companies that sell computers, let's put links on educative sites, tips&trics etc. in favorites of new computers... Let's teach our costumers. Ask your HQ, if they want to invest in some kind of script "Computer security for EndUsers".
How about that? Any more ideas?
Make your knowledge your deadliest weapon.
February 4th, 2004 12:19 PM
I doubt that MS and the other OS manufacturers will ever open up their OS's like Linux, for now (at least) there are still big bucks to be made from operating systems so why open them up which will eventually lead to them being free?
I agree that user education is a big issue, but the reality is that many people don`t want to know about their computer, they just want to switch it on, play quake, or send an email, then turn it off, so we need to keep the amount of stuff we need to teach this people as low as possible.
As for the industry, a good opensource, free, virus scanner could shake things up a little, free subscriptions (forever) and something that as Tim_axe said will notice when you send 500 emails a second.
Going back to cars, the thing that made everyone use the safety features was that in an accident you die, computer viruses so far have not had that affect, and given the way things are at the moment i doubt that a virus resulting in a death would change end users habit, instead the end users family would sue the OS producers, and the Government would introduce some useless regulations for the Computer industy (and probably put us on Orange alert).
I agree with ikalo that if enough people speak up about this then something could be done, and if we are able to help people then so much the better, but you`d need AO to get as much press as Microsoft for it to attract all those AOL users.
And I still don`t know where that $37 bn figure come from, lost hours due to having to restore backup tapes? No company I work with, nor anyone where I know someone works, was affected, so someone somewhere must have been hit hard.....
Quis custodiet ipsos custodes
February 4th, 2004 12:23 PM
There is no cure for user stupidity
There is no cure for user stupidity
to quote SecurityFocus's Tim Mullen:
quote from http://www.theregister.co.uk/content/56/35300.html
We are suffering through yet another email-borne virus (this one called Novarg) whose infection has reportedly trumped out all others in the infamous history of malicious computer code.
Was the vector some l337 0-day 'sploit? Nope. Was it a complex multi-layer program leveraging several unpatched vulnerabilities? Nope. It was -- wait for it -- an executable attachment in an email. What genius! The author of Novarg (or MyDoom, or whatever you want to call it) really put his noodle to the test when he cooked this one up, huh?
I would like to think that in this day and age people would know better than to open executables in an e-mail. I'd also like to be able to flap my arms and fly to the moon. Opening attachments in e-mail is one par with group needle-sharing after having unprotected sex in a Third World orgy.
Yet, with an estimated 30 per cent [peak] of world-wide e-mail traffic being Novarg, it is clear that millions are willing to blindly point-and-click their way into infection while a tempest of white noise rages in the part of their brain where conscious thought should be.
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !