maybe a GD question, but why the the latest virus become the biggest ever seen? What is so different about it?
After all these years I am shocked that people
(i) open attachments without scanning
(ii) use outlook express
(iii) don’t use a firewall
How exactly does the sobig virus spread?
(i) I do not open attachments without scanning them first.
(ii) What’s wrong with OE?
(iii) I use Zonealarm but a virus which arrives attached to an email is not going to be stooped by a firewall.
In all my years of Windows computing I have never had an antivirus program installed (as they cause more grief than do good) and I have never been infected.
So far I have heard the recent XP msblast.exe worm was the worst.
Because it’s well-written code, relies on human foibles, gullibility and ignorance, and is up against poorly-written Microsoft code. 30 high-security patches released by MS this year alone!
There is no test or license required to either purchase or use a personal computer, nor to subscribe with an ISP, nor to use a word-processor or browser or other computer software.
Many people have cars, but don’t have the foggiest notion of how they work or how to maintain them. They aren’t necessarily “stupid”, just ignorant. Same with users/owners of personal computers.
Many of these ignorant-about-PCs-yet-not-necessarily-stupid people can also manage to type properly and use standard grammar.
A more constructive question might be:
“Why are people still producing these destructive programs?”
The most annoying thing about the Sobig virus is that email addresses are farmed and culitvated by the virus to basically send out shitloads of infected spam emails with attachements which have .pif extensions.
The problem with this of course is that the virus pretends the email came from someone else, so it sends the spam email to Person A but fakes it’s ID as being Person B. Often, Person A gets really pissed of with Person B as a result, and all along Infected Computer X keeps doing it’s shit.
Unfortunately, there’s a real high chance that the owner of Infected Computer X is sufficiently dumb that they’ll be totally unaware that they’re machine is infected and is sending out thousand upon thousands of spam virus emails.
I have a number of professor friends in the social sciences. Some of these folks get hundreds of emails a day from collegues, students, institutions, etc … and they seem to very often have attachements. It is not uncommon for them to get email with attachments that are important, and from a person they don’t recognise.
Since they are opening many attachments from people they don’t know every day, they can accidentally open a virus that had a rather official looking title.
As to why they don’t have better security set up, they are not computer experts and don’t feel like they have the time to learn these things.
Even if the virus-laden e-mail looks like it came from someone that you know, why are people on unpatched M$ systems still opening unrequested, unexplained file attachments, particularly those with questionable file extensions?
Patent stupidity. Yes, gluteus maximus, it’s stupidity.
You don’t have to understand internal combustion to drive a car, but if you see a sign which says “do not enter, severe tire damage” continuing in that direction is a sign that you’re just too dumb to be permitted behind a wheel. Every single time one of these virii is released, from way back with Miranda or whatever the one was that the little putz in the Philippines named after his unrequired love, it’s on every major newscast, in every major newspaper with the exact same warnings – don’t open unrequested attachments or any file that you don’t know the the origin and purpose of. Use anti-virus software. Download the patches from M$.
The only way that these virii could still be spreading at the rate that they are is through people ignoring those warnings at alarming rates. And that, given the stakes at hand (this thing is apparently shutting down ATM networks and airline systems) is stupidity.
Unless, of course, there is some better explanation for failure to heed constant, highly publicized warnings which are extremely difficult to miss and even harder to misunderstand.
I received two infected e-mails from people who have contacted me before on one of my web pages. I didn’t open them because I happened to be checking e-mails online (most of which would have been filtered out before reaching my home computer) and I knew from the subject line and the paperclip icon that they were spam. I can see how people would open an attachment from someone they know. (I put a couple of posts on my message board to tell people about the virus and to urge them to run their virus checkers.)
As for OE, I know better than to use it on my own PC but the worldwide company I work for uses it. They can’t change several thousands email addresses at this point. And nobody who works there gets a choice about using it or not–you get hired and it’s sitting there on your computer.
I know that Windows by default hides the extensions of file names (the part after the dot) when you look at files in Explorer. The very first thing I always do when working with a new install is to turn off that option, and show all file extensions. Isn’t it true that Outlook Express, if file extensions are turned off, will show just the first part of the file name of an attachment, and hide the extension? This would make a file called “DETAILS.PIF” appear as just “DETAILS”. I can see how your average computer user might double-click this, if it looks like it came from someone they know.
I don’t understand how this virus propagated itself - I got around 600 messages due to this virus, and the first 400 had no attachment - just the rest of the message as described by sailor above. Then the next 200 had the attachment. But if it didn’t start out by sending the attachment, how’d it spread so quickly?
What do you scan them with, if you don’t have any antivirus programs installed?
Exactly CurtC, I turn off that hide file extension option right away too. I’m sure this option helps these viruses as people click an executable when they think it is a picture.
With any of the free, online antivirus scans like http://www.pandasoftware.com/activescan/com/
Free, allways up to date, and doe not interfere with the running of your computer. I run that once in a while just to make sure I am clean.
Let’s get one thing straight: nothing about Sobig has anything to do with security holes in any Microsoft products. (Blaster is another matter.) You can’t blame Microsoft if you get infected with it.
Allowing arbritrary code to open internet ports doesn’t qualify as a security hole in your book?
So sailor, every time you get an e-mail, you connect to the pandasoftware site and have it scan? This doesn’t seem very practical.
I’ve got a couple of questions that might sound really stupid:
I’ve received 3 of these emails since yesterday, whereas other people say they are receiving 1000+ a day - why have I received so few - would it be because I’m running Zone Alarm (I didn’t think that Zone Alarm was effective for email viruses)?
When these 3 emails came in, they appeared on the preview screen (I use Outlook Express), but I didn’t double click on them - just deleted them. Does this mean that I haven’t been infected by them?
Hope someone can help!
The problem with this approach is that the time to learn these things is almost always far less than the time needed to fix a problem that could easily have been prevented by learning these things.
I’ll tell you two things which are really NOT practical:
Spam and suspicious emails get filtered or deleted without further inspection.
Plain text emails and those with JPG, GIF and other non-executable attachments do not need to be scanned and that makes up 99.9% of my emails. I do not need to run executables from other people and they know better than to send me “a cute screensaver”.
Once every few months I may need to check on some file (usually helping someone else do something with their computer) and then I just go to Panda and scan it or email it to myself using hotmail or any of the other services which scan attachments. it only takes a minute and is well wroth the wait.