Okay, thanks a lot you fucking asswipes. Thanks for causing our internet service to go down today. Thanks for screwing around with a bunch of people just for kicks.

Today, all morning, I tried to get online. I was connected, but I couldn't access a single website. I called tech support, and it seems that their servers were hit by the msblast thing. So the whole service was down-people couldn't get connected, people getting knocked off, and people having the same problems I did.

Now, it's not THAT big a deal, just a minor annoyance for someone, really. But really, when you knock out an ISP for an entire area...why do people create this shit? Why do people crack into computers and do malicious damage? What's in it for them?

*I used the correct term, "cracker", rather than "hacker." PLEASE, do NOT turn this into a cracker vs. hacker debate, or I will ask the mods to close this.

Because they can. I guess.

I think it makes them feel powerful to know how much damage their 'talent' can do.

How annoying.

Hehehe.

I saw "Fucking crackers" and thought, "Since when did Guinastasia become an old black man?"

Reiterate what Lobsang said 'Because they can' and also probably to make some sort of 'dig' at Bill Gates, one of the hidden messages in the worm was Billy Gates why do you let this happen.... Or something to that effect.

Originally posted by Guinastasia
*I used the correct term, "cracker", rather than "hacker." PLEASE, do NOT turn this into a cracker vs. hacker debate, or I will ask the mods to close this.

And here I came into the thread thinking you were lumping me, a white guy, with biographers of biological terrorists.

Now I know better... ;)

Yeah, what Delly said. I think many of them are young enough, immature enough, and plain ol' silly enough to genuinely see themselves as vigilante good guys. We can only hope that the smarter and/or more decent ones realise that this sort of shit can even cost lives, and that they'll have some sort of rudimentary remorse finding its way into their heads. Either that, or they just grow out of it.

But I'm not defending them. They are indeed fucking asswipes, and need a good kick up their teenage khybers.

Did you ever think maybe Gates and Microsoft intentionally set it in motion. Who else would know how to exploit the Windows "backdoors" so well? It's the best case for Paladium and "Trusted Computing" that they could make.

I deal with crackers and virus writers all the time... who in their right mind spends all that fucking time writing a virus? It's offical... you have no life...

Well, that's one of the more ref---Ow! HEY! STOP THAT!

Originally posted by Read_Neck
Did you ever think maybe Gates and Microsoft intentionally set it in motion. Who else would know how to exploit the Windows "backdoors" so well? It's the best case for Paladium and "Trusted Computing" that they could make.

I'm sure that Micro$oft loves to spend all the extra money on programming a fix, then getting the word out there with all the negative plublicity.

Personally, I suspect that the most magnificent "virus programmers" in the world are probably hired by Symantec and McAfee. I rather think that it's THEY who actually release the worms. Sends their stock through the roof I find.

Originally posted by Guinastasia
Now, it's not THAT big a deal, just a minor annoyance for someone, really. But really, when you knock out an ISP for an entire area...why do people create this shit?

Another good question would be what kind of ISP would let this happen? My service sure didn't go out, and I'm assuming it's because BellSouth actually knows how to keep its systems updated. Unfortunately, it's about the only thing they know how to do right, but you take what you can get...

Originally posted by Boo Boo Foo
...release the worms...
Heh. Poor BBF makes an intelligent point, but I just pick up on the above and giggle stupidly. This is what over a decade of Simpsons-watching'll do to a bloke. :D

It's Stargate. I don't know what exactly happened, just that they were hit with it.

"The idea that Bill Gates has appeared like a knight in shining armour to lead all customers out of a mire of technological chaos neatly ignores the fact that it was he who, by peddling second-rate technology, led them into it in the first place." - Douglas Adams

Truer words were never spoken.

No, fuck the incompetent admins. First of all, this patch has been available for a MONTH. Second of all, what kind of fucktarded admin has a server (or any system), let alone something MISSION CRITICAL, outside a fucking firewall? This leaves aside, of course, the idiocy of using a Windows box for a server. Urge to kill rising...

Originally posted by Guinastasia
It's Stargate. I don't know what exactly happened, just that they were hit with it.
That's horrible! Dr. Jackson's trapped over there now? Well, he's smart. He'll find a patch and get Colonel O'Neil and the troops back home.

Release the worms! Release the viruses! Release the worms with viruses in their mouths so when they sneeze, viruses come out!

Originally posted by Read_Neck
Did you ever think maybe Gates and Microsoft intentionally set it in motion. Who else would know how to exploit the Windows "backdoors" so well? It's the best case for Paladium and "Trusted Computing" that they could make.

Dont forget the molemen that finance the nefarious schemes with all the underpants they stole in phase 1 of their plan.

Whoops time for my meds.

Hell, keep 'em comin', I'm making a good living here. ;)

You people still use Windows?

Yes, rjung. Call us nutty, but many of us prefer not only having the widest selection of software for any OS in the world available at our fingertips, but also being able to build our own computers with exactly the parts we want for half the price of a Mac. Also, I think you know this already, but if everyone was using Macs, they're be plenty of nasty viruses available for them. But, hey, if security through obscurity is your thing, good for you.

He may be a Linux d00d. Then all those benefits, well except for software, apply to him as well

Nah, he was Mac evangelizing in another thread earlier today.

Originally posted by FordPrefect
He may be a Linux d00d. Then all those benefits, well except for software, apply to him as well All those benefits are beginning to also apply to Windows users who are at least 3 years behind the times. And we get to have the wide selection of software too! :)

Originally posted by neutron star
Yes, rjung. Call us nutty, but many of us prefer not only having the widest selection of software for any OS in the world available at our fingertips, but also being able to build our own computers with exactly the parts we want for half the price of a Mac.
Then don't go crabbin' when you get stung by the skript kiddies. ;)

Also, I think you know this already, but if everyone was using Macs, they're be plenty of nasty viruses available for them.
Speaking as a guy with a Masters in computer science and fifteen years working in the field, I don't think this is the case -- UNIX-based operating systems (such as MacOS X, Linux, and Sun Solaris) are much more secure and resilient to rogue programs than anything Microsoft has ever made. To do the kind of damage that Windows users endure would require either root access or administrative permissions to run as sudo, neither of which is easily obtained without the user knowing about it.

But keep believing this myth if it makes you feel better. ;)

Part of the reason ISPs are feeling the burn on this is that a ton of their bandwidth is being taken up as their subscribers' unpatched machines are being hit left and right with connection attempts due to the Blaster worm and RPC exploit.

Originally posted by rjung
Speaking as a guy with a Masters in computer science and fifteen years working in the field, I don't think this is the case -- UNIX-based operating systems (such as MacOS X, Linux, and Sun Solaris) are much more secure and resilient to rogue programs than anything Microsoft has ever made. To do the kind of damage that Windows users endure would require either root access or administrative permissions to run as sudo, neither of which is easily obtained without the user knowing about it.

Well, I'm not going to butt heads with your education and experience or anything, but, *nix root exploits do exist, do they not? And don't you think that if 95% of the people in the country were running *nix-based OSes, we'd have a hell of a lot more people looking for those exploits?

Now, I'm not saying that Microsoft is perfect. I'm not saying there's any reason in the world for Windows 2000 Pro or Windows XP to have a fucking TFTP server in their default installs (not to mention the next-to-useless Messenger service).

I am, however, saying that there are damn good reasons that we continue to put up with it, and all the snide, one-line posts in the world aren't going to change it. I like playing new games. I like having tons of free software choices. I also like when those free programs are intuitive and pleasant to use, which pretty much rules out most Linux programs I've tried.

Most 'root exploits' in *nix involve users attempting to get into your box and su to root so they can have full and total control.

It requires an individual effort on the part of the person hacking the box, since it's fairly rare that the security on two different *nix boxes will be exactly the same.

There are security advantages to *nix in that you can refuse to allow users to compile binaries and force them to use just what you give them, which means that unless a cracker gets a precompiled binary to run in there, if he has execute permission on files you didn't give to normal users, running a rooting tool will be much more difficult.

You can knock it if you want, but there are definite stability and security reasons that root nameservers and such don't run Windows.

catsix speaks the truth. Most security issues on *nix machines are from social engineering or from password cracking programs that find idiots with simple passwords. Traditionally a source of problems were from people who never changed the root passwords shipped with the system, but that is pretty much fixed by requiring new passwords.

I've been using Unixes for over 20 years and never suffered a minute of downtime from a worm or virus. I didn't get hit by the Morris worm because I was working at Bell Labs at the time, and he fixed the sendmail bug when he interned there.

In a way I think we owe this guy our thanks. He could have made his code do some really nasty things. A lot of people got a lesson without losing much if anything.

The last time my *nix box went down, it was because the firefighters sprayed water on it while trying to put out the fire in the building that housed the box.

No real point to this post, just must *wiping tear from eye* express my fondness for a computer that runs for a year or more at a time.

Unix. Rebooting is for adding new hardware.

I gotta pitch in about the latest Linux desktop distros. Due mostly ,I think, to the newer kernels Mandrake,RedHat and Suse are every bit as simple to install and use as Windows. The real strength of Linux is that it's a "transparent" OS. Nothing is hidden. I do not advocate Linux for everyone but if it had a 20-30% market share Microsoft might be forced to "polish" their software a little more before they put it on the market.

Well... yes, unix is more secure in general because of some architectural reasons. But the real reason it doesn't get beat up as bad is because Microsoft has the market, and just like far more people write useful software for Microsoft, well far more people write nasty software for Microsoft as well. Same thing with Macintoshes. You want wide market acceptance for your worm? Write for Microsoft.

Unix has had plenty of it's spills as well over the years, including the recent slapper worm. Apache, OpenSSL, Sendmail -- each of these have had plenty of famous vulnerabilities that plenty of Hackers (that's what I said) have taken advantage of.

Here's a little experiment for you Bill H. Install a user controllable firewall (I'm a fan of Sygate Pro) that allows you to write your own rules. Then install a browser such as Opera or MozillaFirebird that is not Windows integrated. Block everything except that browser. Use nothing but that browser for 24 hours and then check your traffic/packet logs. Pick a few entries and do a Reverse Lookup. The default XP firewall blocks inbound traffic only and does not even moniter outbound traffic. See the problem yet?

Guess I don't follow your point, Read_Neck. And I'm pretty steeped in this stuff. Seems you're pointing out that the XP firewall is less active than a Sygate firewall, which is true. But I really don't see how that refutes (or even relates) to my point. Wanna elaborate?

Originally posted by catsix
There are security advantages to *nix in that you can refuse to allow users to compile binaries and force them to use just what you give them, which means that unless a cracker gets a precompiled binary to run in there, if he has execute permission on files you didn't give to normal users, running a rooting tool will be much more difficult.
Sorry, but "cite"? You can compile binaries on a unix system any number of unusual ways which can't be prevented, including 'cat'. The only way you can prevent it is by disallowing all write access to the filesystem, which is just as much an option in windows.

Originally posted by rjung
To do the kind of damage that Windows users endure would require either root access or administrative permissions to run as sudo...or a server with a buffer overrun (apache, sendmail, sshd, gnome, ftpd, to name a few). The way people break into windows boxes is not inherently less likely on a unix box. IIS has a long way to go before it catches up with the number of holes sendmail has had over the years, and the holes are due to precisely the same errors. To suggest that unix is immune to this is silly.

Don't get me wrong. I'm a unix nerd. But I'm an honest unix nerd. If unix were to appear on 90% of the desktop machines in the world, it sure as hell wouldn't look like the well-secured unix servers you're used to. It would have shitloads of poorly-tested user-level fluff with security holes in it. And it would have shitloads of script kiddies looking for those holes.

Originally posted by Voyager
In a way I think we owe this guy our thanks. He could have made his code do some really nasty things. A lot of people got a lesson without losing much if anything.
I'd thank a guy who wrote a virus to automatically patch the computer.

Originally posted by ntucker
If unix were to appear on 90% of the desktop machines in the world, it sure as hell wouldn't look like the well-secured unix servers you're used to. It would have shitloads of poorly-tested user-level fluff with security holes in it.
Why? What law is there that would mandate a consumer-level UNIX box to have all sorts of insecure crap loading it down?

I remember an interview with the CEO of SouthWest airlines 10 years ago. They asked him, "Why do you keep cutting the sitting space down, reduce the meal quality, etc.?" And he replied, "Because that's what the people want." And it was true. People would rather pay a cheaper fare than have a wider seat.
rjung wrote
Why? What law is there that would mandate a consumer-level UNIX box to have all sorts of insecure crap loading it down?
Well, because that's what consumers demand. Yes, really.

People want features, and they're willing to have them at the cost of instability and lack of reliability. Companies that deliver features faster sell products, and companies that deliver stable versions don't.

Security is merely one of those stability features. Yes, everyone wants it, but they'd rather have new features.

That does seem to be changing somewhat, as security problems are growing more severe recently.

Originally posted by Sterra
I'd thank a guy who wrote a virus to automatically patch the computer.

One should be careful what one offers. I believe this latest worm does just that, this Saturday. All at once.
Of course, I could be full of shite, too, since my source is a radio 'personality' with the tech savvy of your average AOLer.




Oooo, my first post and it's in the Pit.:eek:

Originally posted by Bill H.
Guess I don't follow your point, Read_Neck. And I'm pretty steeped in this stuff. Seems you're pointing out that the XP firewall is less active than a Sygate firewall, which is true. But I really don't see how that refutes (or even relates) to my point. Wanna elaborate?

My point was to see how many Windows services access the net without your knowledge and where they go. If you don't use Internet Explorer,Windows Explorer starts accessing. Why?

Read_Neck, guess I still don't get how that's related to either:
a) what I said
b) the topic of unix vs. windows re: security, or most importantly
c) the OP relating to security and worms in general.

And for what it's worth, I don't know of even one worm that takes advantage of your browser sending out undesired traffic. And I'm somewhat knowledgeable about things worm-like. Could you elaborate on the security threat you're concerned about, and how it relates to any of the topics here?

Originally posted by rjung
Why? What law is there that would mandate a consumer-level UNIX box to have all sorts of insecure crap loading it down? Note that I didn't say it would be mandated, just that that's what would happen. Bill H. put it very well: that's what the consumers want.

My point regarding Unix isn't that it's a perfect operating system, because it isn't.

It just seems to me through years of experience with both Unix and Windows that it is far, far easier to implement custom security on a *nix box than it is on a Windows box.

And I have seen *nix boxes where the only user with write access was root, specifically because they had to be secure. If the name of the game is security, I'd still rather lock down a *nix box than a Windows box.

I firmly believe *nix is great for servers, but it's not something I'd want to give all of my users. For as many ways as there are to easily improve upon an OS like *nix and to shape the security as the admin sees fit, there are ways for lusers to fuck it up.

Given my choice, I'd rather fix the fuckup of a luser on a Windows box than a *nix box.

I'm lucky I'm still running WindowsME, but my sister, who just got a laptop, is running XP, which means she may get hit. (And for some reason her burner stopped working).

She's also have a hell of a time downloading the patch-it keeps stopping on her. *sigh*

My uncle claims we're going to get hit Saturday and Sunday with the second wave.

Originally posted by Boo Boo Foo
... release the worms...

Sounds like the beginning of the world's slowest fox-hunt.

Guin:

Check your e-mail. I can help you out with that patch for your sister.