[LINK] Conficker, boots April First

Karl Auer kauer at biplane.com.au
Sun Mar 22 19:53:51 AEDT 2009 

On Sun, 2009-03-22 at 08:36 +0000, stephen at melbpc.org.au wrote:
> Computer Experts Unite to Hunt Worm

... and in the whole article, no mention of the fact that no operating
system other than Microsoft Windows is affected by or even threatened by
the worm.

<rant>

> The inability of the worlds best computer security technologists to gain 
> the upper hand against anonymous but determined cybercriminals is viewed 
> by a growing number of those involved in the fight as evidence of a 
> fundamental security weakness in the global network. 

How DARE they suggest such a thing. The fundamental weknesses are in the
targeted operating system, and have *nothing* to do with the network.

> For example, the Conficker worm already had been through several versions 
> when the alliance of computer security experts seized control of 250 
> Internet domain names the system was planning to use to forward 
> instructions to millions of infected computers.

I'm not up on the Conficker thing, so maybe this is me displaying that
ignorance, but it seems to me to be extraordinarily unlikely that
anything to do with the DNS would have any relevance to a worm. I
suppose the DNS port might be used in some way, as it swans through most
firewalls, but "domain names"?

> of the program, Conficker C, expanded the number of the sites it could 
> use to 50,000. 

Whoops! Now it's "sites". What?

> That step made it virtually impossible to stop the Conficker authors from 
> communicating with their botnet.

Are they looking for a cure that doesn't involve the infected machines?

> attacks that could disrupt not just countries, but the Internet
> itself.

Good - maybe that'll finally get us some legislation that makes
Microsoft responsible for the puddle of poo that they have the
effrontery to call a secure operating system. Or makes Windows users
responsible for the actions of their Internet-connected machines.

</rant>

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

GPG fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF

More information about the Link mailing list