[LINK] Conficker, boots April First

Richard Chirgwin rchirgwin at ozemail.com.au
Sun Mar 22 20:20:42 AEDT 2009 

Karl Auer wrote:
> On Sun, 2009-03-22 at 08:36 +0000, stephen at melbpc.org.au wrote:
>> Computer Experts Unite to Hunt Worm
> 
> ... and in the whole article, no mention of the fact that no operating
> system other than Microsoft Windows is affected by or even threatened by
> the worm.

Oh what a relief. So it doesn't hit Linux? Oh dear, I miss out again.

> 
> <rant>
> 
>> The inability of the worlds best computer security technologists to gain 
>> the upper hand against anonymous but determined cybercriminals is viewed 
>> by a growing number of those involved in the fight as evidence of a 
>> fundamental security weakness in the global network. 
> 
> How DARE they suggest such a thing. The fundamental weknesses are in the
> targeted operating system, and have *nothing* to do with the network.

Both the "world's best computer security technologists" and the media
(in this case) are playing a game called story placement. Those who
place the story *do* have an interest in getting the story "out" and
they *don't* have an interest in a Microsoft attack.

The inaccuracies you complain of, below, stem from careful story
placement: the most favoured outlets are those who have the least
capacity to give an informed, critical assessment of a technical question.

RC

> 
>> For example, the Conficker worm already had been through several versions 
>> when the alliance of computer security experts seized control of 250 
>> Internet domain names the system was planning to use to forward 
>> instructions to millions of infected computers.
> 
> I'm not up on the Conficker thing, so maybe this is me displaying that
> ignorance, but it seems to me to be extraordinarily unlikely that
> anything to do with the DNS would have any relevance to a worm. I
> suppose the DNS port might be used in some way, as it swans through most
> firewalls, but "domain names"?
> 
>> of the program, Conficker C, expanded the number of the sites it could 
>> use to 50,000. 
> 
> Whoops! Now it's "sites". What?
> 
>> That step made it virtually impossible to stop the Conficker authors from 
>> communicating with their botnet.
> 
> Are they looking for a cure that doesn't involve the infected machines?
> 
>> attacks that could disrupt not just countries, but the Internet
>> itself.
> 
> Good - maybe that'll finally get us some legislation that makes
> Microsoft responsible for the puddle of poo that they have the
> effrontery to call a secure operating system. Or makes Windows users
> responsible for the actions of their Internet-connected machines.
> 
> </rant>
> 
> Regards, K.
>

More information about the Link mailing list