Tag Archive for Windows

| October 6, 2011
Comments Off on 40 Years of Malware – Part 3

40 Years of Malware – Part 3

40 Years of Malware - Part 32011 marks the 40th anniversary of the computer virus. Help Net Security notes that over the last four decades, malware instances have grown from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Fortinet (FTNT) marks this dubious milestone with an article that counts down some of the malware evolution low-lights.

The Sunnyvale, CA network security firm says that viruses evolved from academic proof of concepts to geek pranks which have evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and almost all viruses developed for the sole purpose of making money via more or less complex business models. According to FortiGuard Labs, the most significant computer viruses over the last 40 years are:

See Part 1 HereSee Part 2 Here – See Part 3 Here  – See Part 4 Here

Code Red Worm2001 – E-mail and the Internet become primary transmission vectors for malware by 2001 as scripts automatically load viruses from infected Websites. The Code Red worm targeted Web servers and not users. By exploiting a vulnerability in Microsoft IIS servers Code Red automatically spread to nearly 400,000 servers in less than one week. The Code red worm replaced the homepage of the compromised websites with a “Hacked By Chinese!” page.  Code Red had a distinguishing feature designed to flood the White House Website with traffic (from the infected servers), probably making it the first case of documented ‘hacktivism’ on a large scale.

Shortly after the September 11 attacks, the Nimda worm (admin spelled backward) infected hundreds of thousands of computers worldwide. Nimda is one of the most complicated viruses, having many different methods of infecting computers systems and duplicating itself.

Microsoft SQL Server2003 – Widespread Internet attacks emerge as SQL Slammer (or Sapphire) infects the memory in servers worldwide, clogging networks and causing shutdowns. on January 25, 2003, Slammer first appeared as a single-packet, 376-byte worm that generated random IP addresses and sent itself to those IP addresses. If the IP address was a computer running an unpatched copy of Microsoft’s (MSFT) SQL Server Desktop Engine, that computer would immediately begin firing the virus off to random IP addresses. Slammer was remarkably effective at spreading, it infected 75,000 computers in 10 minutes. The explosion of traffic overloaded routers across the globe, which created higher demands on other routers, which shut them down, and so on.

The summer of 2003 saw the release of both the Blaster and Sobig worms. Blaster (aka Lovsan or MSBlast) was the first to hit. The worm was detected on August 11 and spread rapidly, peaking in just two days. Transmitted via network and Internet traffic, this worm exploited a vulnerability in Windows 2000 and Windows XP, and when activated, presented the PC user with a menacing dialog box indicating that a system shutdown was imminent.

The Sobig worm hit right on the heels of Blaster. The most destructive variant was Sobig.F, which generated over 1 million copies of itself in its first 24 hours. The worm infected host computers via e-mail attachments such as application.pif and thank_you.pif. When activated, the worm transmitted itself to e-mail addresses discovered on a host of local file types. The result was massive amounts of Internet traffic. Microsoft has announced a $250,000 bounty for anyone who identifies Sobig.F’s author, but to date, the perpetrator has not been caught.

Sasser shutdown2004 – The Sasser worm built on the autonomous nature of Code Red. It spread without anyone’s help by exploiting a vulnerability in Microsoft Windows XP and Windows 2000 operating systems called the Local Security Authority Subsystem Service or LSASS. Microsoft Security Bulletin MS04-011 here. This is the first widespread Windows malware, made even more annoying by a bug in the worm’s code, that turned infected systems off every couple of minutes.

This is the first time that systems whose function isn’t normally related to the Internet (and that mostly existed before the Internet) were severely affected. Sasser infected more than one million systems. The damage amount is thought to be more than $18 billion.

Bagle was first detected in 2004, it infected users through an email attachment, and used email to spread itself. Unlike earlier mass-mailing viruses, Bagle did not rely on the MS Outlook contact list rather it harvested email addresses from various document files stored in the infected computer to attack. Bagle opened a backdoor where a hacker could gain access and control of the infected computer. Through the backdoor, the attacker could download more components to either spy and steal information from the user or launch DDoS attacks.

MyDoom is another mass-mailing worm discovered in 2004. It spread primarily through email but it also attacked computers by infecting programs stored in the shared folder of the Peer-to-Peer software KaZaA. MyDoom slowed down global Internet access by ten percent and caused some website access to be reduced by 50 percent. It is estimated that during the first few days, one out of ten email messages sent contained the virus.

2005 – In 2005 Sony BMG introduced secret DRM software to report music copying; Other rootkits appear, providing hidden access to systems.

MyTob appeared in 2005 and was one of the first worms to combine a botnet and a mass-mailer. MyTob marks the emergence of cybercrime. The cybercriminals developed business models to “monetize” botnets that installed spyware, sent spam, hosted illegal content, and intercepted banking credentials, etc. The revenue generated from these new botnets quickly reached billions of dollars per year today.

rb-

By 2005 cybercriminals are starting to put all the parts together, Slammer proves that Microsoft systems can be used to spread attacks, Blaster and SoBig improved the infection rate, Bagel began to mine the targets for data and install backdoors so the attackers could continue to re-use the victims’ systems. MyDoom stated to use the first social network, the P2P networks for attacks. Sony proved that rootkits could be widely distributed and MyTob was the first of the modern botnet, leading the world into today’s monetized cybercrime age, described in part 4.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
| July 28, 2011
One comment

Tablet Notes

Tablet NotesTablet adoption is reportedly outpacing the take-up rates of smartphones, computers, mp3 players, or game consoles. Adoption is underway in a variety of sectors beyond the consumer segment, into retail, industrial, education and business. The demands for mobility and real-time access to data are driving the tablet market.  Sales are expected to exceed 147 million by 2015.

Microsoft: It’s Not Too Late To Win In Tablets

Microsoft logoThe financial geniuses at Citi (C) that brought us the housing bubble also believe that Microsoft (MSFT) can still win the tablets wars. The BusinessInsider cites a report by Citi that says despite being late into the market Microsoft can become “#2 behind iPad” for these reasons:

Tablets are too expensive – Citi notes gadgets need to fall below $300 before they really take off. Until they reach that cost, Microsoft has time to reach people who haven’t jumped on the iPad bandwagon.

Android tablets are not very good – Citi believes that Android tablets won’t take off like Google’s (GOOG) Android Smartphones.

Android faces legal challenges – Android tablet makers are already facing a bunch of intellectual property suits from Apple (AAPL), Nokia (NOK), Oracle (ORCL), and Microsoft. Citi thinks Microsoft is hoping for royalties of $7.50 to $12.50 per unit. That would erase some of the cost-advantage of shipping Android.

Apps – Microsoft has an army of 6 million .NET developers who could start developing touch-optimized apps for Windows tablets. Plus, Citi says Microsoft can make Office an exclusive for its tablet and exploit its Xbox business to offer exclusive big-ticket games.

Enterprise – IT departments already know how to deploy, update, and push apps out to Windows PCs, so a Windows-based tablet should be easier to deal with than other tablets. Microsoft will also probably make Office an exclusive to its tablets and could create a technology where a tablet can “extend” a PC by giving them access to locally stored files. Citi does note that the “bring your own device” trend might favor the iPad instead, but this trend is still in the early days and not proven.

Citi predicts that about 75 million tablets will ship in 2013 and that Microsoft will have a “meaningful share” of those.

GigaTrust Brings Enterprise Rights Management To Apple’s iPhone And iPad

GigaTrust logoGigaTrust, a publisher of Enterprise Rights Management (ERM) content protection software that enhances and extend Microsoft (MSFT) Active Directory Rights Management Services (AD RMS) announced the release of the GigaTrust for iPhone and iPad mobile devices. The product consists of a client and “Mobility Server” that enables persistent content protection for the Apple (AAPL) iPhone and iPad equivalent to that provided by GigaTrust for the Research In Motion’s (RIMM) BlackBerry smartphone and Windows Desktop according to DarkReading.

Reportedly GigaTrust for iPhone and iPad protects content at rest, in transit, and in use, allowing users to securely deliver and persistently protect emails while they are being read on the device. Additionally, iPhone and iPad users can apply GigaTrust protection to outgoing emails and email responses.

Mobile Security: The Great Misconception

Smartphone securityResearch from Kaspersky Lab shows that many users feel more secure using mobile devices than PCs to surf the Internet and that most consider the risk of losing personal data higher on computers than on their mobile devices. The report noted by ITnewsLink says there has been a recent increase in the number of attacks on mobile operating systems like Google’s (GOOG) Android and Apple’s (AAPL) iOS, and experts expect to see considerably more in the future. Despite this, users in the Kaspersky Lab survey feel more secure accessing the Internet via a mobile device.

In the survey, users consider the risk of losing personal data lower on a mobile device than on a PC – despite the fact that around a fifth of all smartphone users has already experienced the loss or theft of a mobile device. The majority of users reported they store personal data, such as photos, emails or contact details, on their mobiles. Around one-third also save login information, such as PIN codes or passwords, for services on their mobile devices, demonstrating a large gap between secure reality and user perception

Next! Turns Your iPad into a Real Productivity Tool

Leftturn Labs logoAppScout says Next! For iPad is proof that the iPad can do work The app is a getting-things-done (GTD) styled app that will help keep your projects organized, keep your tasks from overwhelming you, and keep you moving towards your goal.

Next! can help you organize your to-dos and projects. AppScout says it doesn’t have the same features as a project management suite like Microsoft Project, it’s perfect for those projects that are essentially a long series of tasks to be completed with due dates and dependencies for each of them.

You can take notes, store documents relevant to your project, and tag items that you want to review with others, all from your iPad. Next! will even serve as a light document management system, giving you a central place for all of your project-associated documents, images, and files that you’ll need to refer to as you do the work.

Since the app follows the GTD philosophy it allows you to create action lists based on when the tasks will be completed as opposed to an arbitrary priority list. Your tasks can be adjusted as they get nearer or come into focus. You also get overall project status and health bars that show how far you’ve progressed towards completing your tasks and how closely you’re tracking to your schedule.

Next! is available in the iTunes App Store for the introductory price of $9.99.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Tablet computing | Tags: , , , , , , , , , , , , , ,
| May 4, 2011
One comment

Another Go at Virtualization

Another Go at VirtualizationA New York start-up called NeverWare is trying to break the Microsoft (MSFT) upgrade loop. Each time a new version of Windows is released, many computer users find that their hardware is suddenly outdated. NeverWare is targeting cash-strapped schools that cannot afford to upgrade to the latest hardware with each major Microsoft software release. NeverWare is offering a possible solution a virtualization server that lets even decade-old PCs upgrade to the latest Windows 7 operating system reports MIT’s Technology Review.

Neverware logoTechnology Review says that the NeverWare server, called the JuiceBox a100, does the hard work of running the latest operating systems for many aging computers on the same network. To users of those old computers, it will feel as if the PCs are running the latest version of Windows, when in fact they are accessing it over the network. Their typing and mouse commands are sent to the software on the server, and the imagery for their display is sent back. This is called virtualization.

Once connected to a JuiceBox virtualization server, a PC doesn’t even need a hard drive, or any local software at all according to the article. NeverWare’s founder, Jonathan Hefter, says a 10-year-old desktop computer running Windows 98 would work just fine. He’s targeting the U.S. education market and institutions in the developing world with the technology. “Schools can’t afford to upgrade PCs, and developing countries can’t afford PCs, so if we can use the power of the cloud, we can move to a more efficient model of computing, Mr.  Hefter says. Several New Jersey schools. are testing JuiceBox servers to power networks of desktops in two

NComputing logoAnother company, NComputing, also uses servers to offer “virtual desktops” to multiple users and supplies its technology to some schools around the world. Mr. Hefter says in the article that, NComputing’s approach requires a new device that links a user’s keyboard, mouse, and monitor to a distant server over the Web. He claims that one NeverWare JuiceBox is larger than an NComputing device, but then it only takes one JuiceBox to “upgrade” a network of tens of computers.

Joyojeet Pal, professor of computer science and engineering at the University of Washington, thinks NeverWare’s approach has potential. “What this project seems to offer is an alternative to an online operating system like Google’s (GOOG) Chrome OS,” Mr. Pal says. Google’s approach requires users to use Web versions of software packages, rather than providing access to traditional software. However, Mr. Pal says, the cost of maintaining an outdated machine could still be considerable due to the need for repairs and labor, for example.

rb-

Mr. Hefter is right with his comparison of US education and third wold education. The way the Republicans are attacking teachers and ravaging budgets the third-world nations will soon be better off.

Thin clients and virtual desktops have been around for a long time. It may stick this time because the economics are right and the technology is adequate.

What do you think?

Has the time of virtual desktops finally arrived?

Is it because of the technology? The economics?

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| April 18, 2011
Comments Off on Microsoft Struggles – Exchange Next Cash Cow?

Microsoft Struggles – Exchange Next Cash Cow?

Microsoft Struggles - Exchange Next Cash Cow?The Royal Pingdom reports that Microsoft’s Windows 7 has just overtaken Windows XP as the top operating system in the US. The article cites stats from StatCounter that say as of April 7, Microsoft Windows 7 reached a 31.71% of share, while Windows XP held a 31.56% share.

On a global scale, StatCounter reports that Windows XP still enjoys a significant advantage of 16.1% over Windows 7.Windows 7 takes the lead

The Business Insider noted that investor Roger McNamee a man who Bill Gates credited as a sounding board for his 1994 book “The Road Ahead” told CNBC that Microsoft’s Windows is a dying business.

I think Microsoft Windows, this is the cycle where it stops growing… The availability of iPads and smartphones is allowing corporations to trade down and eliminate the thousand dollars per year of supporting a Windows desktop. And this is the year where Windows has fallen below 50% of internet connected device down from 97% a few years ago.

Despite this, Mr. McNamee would still buy Microsoft (MSFT) because of the company’s strong position in an email.

When you’re a monopolist in an important category — and they are for sure a monopolist relative to email with Exchange — they’re going to be able to crank prices on Exchange. I actually think Microsoft is a buy.

Mr. McNamee is a smart guy who took an early huge stake in Facebook for Elevation Partners. However, the Business Insider thinks that Exchange as a replacement for the Microsoft Windows business is bizarre for a bunch of reasons:

  • Market share. Exchange Server has the majority market share — most estimates put it above 70% and higher in larger enterprises. But it doesn’t have the 90%+ share that Microsoft has enjoyed with Windows for the last 20-plus years.
  • Sales. Windows had about $18 billion in sales last year. The last time Microsoft revealed Exchange numbers was FY’07 when it had sales of $1.5 billion projecting forward, Exchange would have had $2.8 billion in sales in FY’10.
  • Margins. Windows has one of the greatest operating margins of any legal business in history – up to 80%. Exchange sells in lower volumes, faces more competition, and requires longer and more personalized sales cycles, which almost certainly means it’s got lower margins.
  • Competition. Older messaging systems like Lotus are slowly dying, but Exchange faces serious price pressure from Web-based email providers, particularly Google’s Gmail. Microsoft has responded with Exchange Online, its own hosted service, but it’s already had to lower prices on the service once.
  • Strategy. Windows pulls through sales of Office and other desktop software, which in turn pulls through sales of business servers (including Exchange). Its ubiquity helps Microsoft sell Windows Server and other enterprise software. Its huge margins allow Microsoft to pour money into projects like search and Xbox, which pressure the competition.
  • If Windows dies, Microsoft will have to do a lot more than monopolize email to replace it.

rb-

Bill and Steve chat

But Mr. Gates Sir, If I could just get my hands on Jobs, I’d…

Microsoft has had a long struggle to get Windows XP out of the enterprise, and with PC sales dipping the MSFT recovery will be harder thanks to the rise of the iPad. I would rather put my money on the Ballmer Boys to stage a spectacular comeback with Windows Phone Windows 8 than to turn Exchange into a cash cow like Windows.

What do you think?

Will Microsoft be able to continue its hold on the corporate desktop?

Can Exchange become the next great money-maker for MSFT?

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| July 31, 2010
Comments Off on Apple Has Most Holes

Apple Has Most Holes

Apple Has Most HolesSecurity company Secunia is reporting that Apple (AAPL) software has the most security vulnerabilities. According to the recent Secunia Half Year Report 2010 (PDF) Apple has displaced Oracle as the company with the most security vulnerabilities in its software over the first half of 2010. Microsoft retains its third-place spot.

WiredApple logo points out that this does not necessarily mean that Apple’s software is the most insecure in practice. The report takes no consideration of the severity of the flaws, it points at a growing trend in the world of security flaws: the role of third-party software. Many of Apple’s flaws are not in its operating system, Mac OS X, but rather in software like Safari, QuickTime, and iTunes. Vendors like Adobe (with Flash and Adobe Reader) and Oracle (with Java) are similarly responsible for many of the flaws being reported. The top ten third-party applications, ranked by total number of reported vulnerabilities:

1. Mozilla Firefox
2. Apple Safari
3. Sun Java JRE
4. Google Chrome
5. Adobe Reader
6. Adobe Acrobat
7. Adobe Flash Player
8. Adobe AIR
9. Apple iTunes
10. Mozilla Thunderbird

Secunia logoTo illustrate this point, ars technica says the report includes cumulative figures for the number of vulnerabilities found on a Windows PC with the 50 most widely used programs. Five years ago, there were more first-party flaws (in Windows and Microsoft’s other software) than third-party. Since about 2007, the balance shifted towards third-party programs. Secunia predicts that third-party flaws will outnumber first-party flaws by two-to-one by the end of 2010.

Secunia also makes a case that effectively updating third-party software is much harder to do; because Microsoft’s Windows Update and Microsoft Update systems will offer protection for around 35% of reported vulnerabilities, patching the rest requires the use of 13 or more updating systems. Some vendors—Apple, Mozilla, and Google, for example—do have decent automatic update systems, but others require manual intervention by the user.

Steve Jobs

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
« Older Entries   Recent Entries »