In the aftermath of the worm

by William Grosso

Related link: http://news.google.com/news?num=30&hl=en&edition=us&q=cluster:www%2einfoworld%2e…




One of the interesting things about viruses are the, ahem, extreme reactions. There's always a lot of blame being directed at Microsoft (basically for building a petri dish into every machine) and there's usually a lot of people blaming end users who open such e-mails (on the grounds that, at this point, they ought to know better).


This article is interesting, though, because it adds the cost of patching for viruses into the total cost of ownership for Windows. Has that been added into TCO equations before?


And there were two completely new (to me) reactions:


John Dvorak has, in a fit of full-on mouth foaming, suggested that pc users should be licensed like car drivers. I don't think licensing works unless the technology is stable, but Dvorak is apparently claiming that a driver's-license level knowledge of computer systems from 2001 would have helped here.


The most interesting reaction was the idea of building a second worm, though. What does the second worm do? It goes around killing the first worm and installing microsoft security updates.


This latter worm actually bothers me more than the original. All of a sudden, the internet turned into a giant game of core war


Any other new and interesting ways to cope with the worm?


5 Comments

anonymous2
2003-08-21 11:26:15
Come, let use reason together...
Linux lovers have nothing to be smug about. Ashcroft is coming!
kollivier
2003-08-21 15:21:33
LOL! And a better idea than Dvorak? =)
You need to be an MSCE now to run Windows? ;-) Somehow that's a world I wouldn't want to be a part of.


What Microsoft should do is release a new, free, game demo and send it to everyone. (Maybe an Office 2003 demo for corporate workers/parents/etc.) Give it away in stores, in magazines, etc. Do an AOL marketing campaign, basically. When you insert the CD, before installing the software, a warning appears about your machine not being secure, and prompts you to secure the system. "We have detected that a number of important security updates are not present on this machine. Installing them would improve overall computer performance and help stop the spread of viruses. This will only take a moment, and will greatly reduce the risk of your computer system being compromised. Would you like to do this now?" Click yes, and it closes port 139 and all ports if no services are running on them, patches Outlook/Outlook Express to lock out PIF/BAT attachments, etc.


Why can't Microsoft do this? I bet many people would just click yes, or next, as it is the common behavior and most people do it without thinking. Most people are happy to receive free software and would be glad to install it, Microsoft would get much less egg on their face, and my %&*($#&* broadband connection wouldn't slow to a crawl.

anonymous2
2003-08-21 16:29:50
LOL! And a better idea than Dvorak? =)
Wouldn't this be too expensive? I mean, by the time the CD was printed and distributed it would be out of date. Microsoft would have to issue new CDs ever 3 months. That means they would have to count on people being interested in a demo of Office 2003 4 times a year.


kollivier
2003-08-21 23:38:27
LOL! And a better idea than Dvorak? =)
It would be expensive, but not that expensive, and I think after the first CD alone there would be a dramatic improvement. The best thing that anyone could do to Joe Sixpack's computer would be to lock open ports and set higher security on their email client. (So that it scared the pants off them when they tried to run, say, a PIF file.)


Doing these two things alone would have a major impact. The impact of releasing CDs quarterly, IMHO, is not as compelling but if it were cost effective, it couldn't hurt. They could also put updates onto the free space on their software CDs as well - even if they get old quick, the fact is that most people probably aren't running Windows Update at all, much less regularly. And a software install is an ideal time to bug them - they stopped what they were doing to install the software, so you're not catching them, say, in the middle of checking email with some annoying "Update now!" dialog.


Plus, Microsoft may actually generate sales based on these demo CDs, so it wouldn't be a total loss. And there is some good evidence that the CD model works - how many AOLers just popped in the CD and signed up to try? If it's easy and free, and offers some value, the end user is often compelled to at least try it.

jwenting
2003-08-22 01:10:24
worm removing worm
The second worm that removes LovSan hit the net just a day after LovSan itself.
It behaves and spreads in the same manner, except it also updates Windows to prevent further infections and kills LovSan.


One has to wonder who created it...
While I do not condone such practices, it seems to me that with the incredible laxness of the average user when it comes to keeping their system up to date it might not be the best way to spread updates and anti-virus software.
Those users would never install the updates on their own (even with Windows being able to be set to auto-update many users turn it off because they consider it annoying (or are incorrectly afraid for their privacy)).
This is of course an issue not limited to Windows users. Many *nix machines are gaping holes just waiting to be exploited, their owners basking in a false sense of security for not running
Windoze and other M$ products" as they'd say it.