Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Is Sobig really that big?

Reply
Thread Tools

Is Sobig really that big?

 
 
Rupert
Guest
Posts: n/a
 
      08-22-2003
While I know any additional emails that are not wanted is a burden on the
internet infrastructure and a right pain in the ass, I was wondering how
significant a loading is the sobig virus?

http://www.computerweekly.com/Article123133.htm reports that the ratio of
spam to legitimate e-mail in the UK rocketed from 24.5% in January to 36.3%
by March, and it is likely to exceed 50% this month [july] so taking the
March figures of 36% for every 100 emails, 36 are spam.

Now http://edition.cnn.com/2003/TECH/int...rus/index.html
reports that at the worst being experienced from sobig is 1 in 17 or as a
percentage 5.9% so the sobig virus is at it's worst adding just an
additional 6 emails per 100? - so hardly a cause for significant concern?

I know of course that we should not condone the writing of viruses, nor
should we go easy of MS - for despite their best efforts, and I am sure they
do not do it deliberately - for not providing secure systems, maybe we are
spending too much time panicing over viruses and spending more effort
fighting spam?




 
Reply With Quote
 
 
 
 
The Other Guy
Guest
Posts: n/a
 
      08-22-2003
While the difference may be statistically significant, the infrastructure
can easily cope with it. Where it can't, it is simply a case of failing to
keep up with the times (Just like Telecom).

The finger can't be pointed at Microsoft for the Sobig virus as it does not
exploit a weakness in the OS (Like Blaster), only the stupidity of people.
The same would apply to Linux if it were as widely used as some would like.
The fact that e-mailing people randomly will most likely result in the
receiving system being Windows shows nothing more than Microsoft has done
things right to get in to the position they are in.

The Other Guy

"Rupert" <(E-Mail Removed)> wrote in message
news:bi48qn$qvk$(E-Mail Removed)...
> While I know any additional emails that are not wanted is a burden on the
> internet infrastructure and a right pain in the ass, I was wondering how
> significant a loading is the sobig virus?
>
> http://www.computerweekly.com/Article123133.htm reports that the ratio of
> spam to legitimate e-mail in the UK rocketed from 24.5% in January to

36.3%
> by March, and it is likely to exceed 50% this month [july] so taking the
> March figures of 36% for every 100 emails, 36 are spam.
>
> Now http://edition.cnn.com/2003/TECH/int...rus/index.html
> reports that at the worst being experienced from sobig is 1 in 17 or as a
> percentage 5.9% so the sobig virus is at it's worst adding just an
> additional 6 emails per 100? - so hardly a cause for significant concern?
>
> I know of course that we should not condone the writing of viruses, nor
> should we go easy of MS - for despite their best efforts, and I am sure

they
> do not do it deliberately - for not providing secure systems, maybe we are
> spending too much time panicing over viruses and spending more effort
> fighting spam?
>
>
>
>



 
Reply With Quote
 
 
 
 
Joy
Guest
Posts: n/a
 
      08-22-2003

"The Other Guy" <(E-Mail Removed)> wrote in message news:3f45c1a6$1@slave...
> While the difference may be statistically significant, the infrastructure
> can easily cope with it. Where it can't, it is simply a case of failing to
> keep up with the times (Just like Telecom).
>
> The finger can't be pointed at Microsoft for the Sobig virus as it does

not
> exploit a weakness in the OS (Like Blaster), only the stupidity of people.
> The same would apply to Linux if it were as widely used as some would

like.
> The fact that e-mailing people randomly will most likely result in the
> receiving system being Windows shows nothing more than Microsoft has done
> things right to get in to the position they are in.


Well, yes, they've virtually cornered the market. It's the cost of
antivirus software which is the difficulty, it's not ignorance. I know two
people who don't have it because of cost and they both know they should have
it. Firewalls are catching on, we've told heaps of people to get zone alarm.
At the moment, many people are too scared to turn on their pc's. They are
not pc savy and fear they will be victims and then the only recourse they
have is to head off to the nearest service shop and pay for the fix. They
feel very unconfident.
There should be a fail-safe system for them. It takes a long time and a big
investment of time for average people to become confident with pc's.
Joy


 
Reply With Quote
 
The Other Guy
Guest
Posts: n/a
 
      08-22-2003
The Sobig.F network propagation code is faulty, the primary propagation
mechanism is by users executing the attachment and infecting their machine.
Root access is largely irrelevant, and not required for this sort of
propagation. Root access would assist in harvesting e-mail addresses, but
that is all.

All that is required is to be able to save the attachment and execute it.
Users can save to their own directories where they have permissions, and
execute the code there.

The only way to prevent this type of propagation would be to prevent all
outgoing IP communication by default, not just those ports above 1024. All
popular Linux distributions allow outgoing IP by default, and making it easy
enough for the pleb to use Linux would require this to be the case.
Therefore, in this case PEBKAC errors will apply equally well to Linux and
to Windows, assuming equal usage of both platforms.

Sobig does not exploit a bug in either Windows or any e-mail clients. I have
quite happily being using my work PC running an old version of Outlook
Express, without a virus checker installed, and have no fears of getting
this virus.

Sure, a few small defautl configuration changes may help, but there is
nothing specific to Windows about it.

The Other Guy

"Howard Johnson" <(E-Mail Removed)> wrote in message
news:b6k1b.13163$(E-Mail Removed)...
>
> "The Other Guy" <(E-Mail Removed)> wrote in message news:3f45c1a6$1@slave...
> > While the difference may be statistically significant, the

infrastructure
> > can easily cope with it. Where it can't, it is simply a case of failing

to
> > keep up with the times (Just like Telecom).
> >
> > The finger can't be pointed at Microsoft for the Sobig virus as it does

> not
> > exploit a weakness in the OS (Like Blaster), only the stupidity of

people.
> > The same would apply to Linux if it were as widely used as some would

> like.
>
> We hear this claim here a lot, holding Microsoft blameless for the

unfenced
> pool and blaming the toddler, and claiming that an unfenced Linux pool

would
> be just as bad.
> Linux is just an operating system kernel, the servers compiled and

installed
> to run on Linux are quite flexible, but distributions of Linux is are not
> default installed to share the root directory read write with a couple of
> clicks, likewise the execution of attachments to email with root

privileges
> is not impossible to configure, but unlikely. Maybe possible on Lindows, I
> don't know
> I use both, and I can see how the Sobig virus variants work as executable
> attachments, and infect open Windows directory shares. This situation did
> not happen by random chance, it happened because of Microsoft policy
> unfortunately.
>
> > The fact that e-mailing people randomly will most likely result in the
> > receiving system being Windows shows nothing more than Microsoft has

done
> > things right to get in to the position they are in.

>
> The fact that the receiving system is likely to become infected and
> propagate the virus shows that they have done something wrong.
>
>



 
Reply With Quote
 
The Other Guy
Guest
Posts: n/a
 
      08-22-2003
Correction -

The reference to restricted ports should indicate 1024 and lower, not "above
1024".

The Other Guy


"The Other Guy" <(E-Mail Removed)> wrote in message news:3f45d99e$1@slave...
> The Sobig.F network propagation code is faulty, the primary propagation
> mechanism is by users executing the attachment and infecting their

machine.
> Root access is largely irrelevant, and not required for this sort of
> propagation. Root access would assist in harvesting e-mail addresses, but
> that is all.
>
> All that is required is to be able to save the attachment and execute it.
> Users can save to their own directories where they have permissions, and
> execute the code there.
>
> The only way to prevent this type of propagation would be to prevent all
> outgoing IP communication by default, not just those ports above 1024. All
> popular Linux distributions allow outgoing IP by default, and making it

easy
> enough for the pleb to use Linux would require this to be the case.
> Therefore, in this case PEBKAC errors will apply equally well to Linux and
> to Windows, assuming equal usage of both platforms.
>
> Sobig does not exploit a bug in either Windows or any e-mail clients. I

have
> quite happily being using my work PC running an old version of Outlook
> Express, without a virus checker installed, and have no fears of getting
> this virus.
>
> Sure, a few small defautl configuration changes may help, but there is
> nothing specific to Windows about it.
>
> The Other Guy
>
> "Howard Johnson" <(E-Mail Removed)> wrote in message
> news:b6k1b.13163$(E-Mail Removed)...
> >
> > "The Other Guy" <(E-Mail Removed)> wrote in message

news:3f45c1a6$1@slave...
> > > While the difference may be statistically significant, the

> infrastructure
> > > can easily cope with it. Where it can't, it is simply a case of

failing
> to
> > > keep up with the times (Just like Telecom).
> > >
> > > The finger can't be pointed at Microsoft for the Sobig virus as it

does
> > not
> > > exploit a weakness in the OS (Like Blaster), only the stupidity of

> people.
> > > The same would apply to Linux if it were as widely used as some would

> > like.
> >
> > We hear this claim here a lot, holding Microsoft blameless for the

> unfenced
> > pool and blaming the toddler, and claiming that an unfenced Linux pool

> would
> > be just as bad.
> > Linux is just an operating system kernel, the servers compiled and

> installed
> > to run on Linux are quite flexible, but distributions of Linux is are

not
> > default installed to share the root directory read write with a couple

of
> > clicks, likewise the execution of attachments to email with root

> privileges
> > is not impossible to configure, but unlikely. Maybe possible on Lindows,

I
> > don't know
> > I use both, and I can see how the Sobig virus variants work as

executable
> > attachments, and infect open Windows directory shares. This situation

did
> > not happen by random chance, it happened because of Microsoft policy
> > unfortunately.
> >
> > > The fact that e-mailing people randomly will most likely result in the
> > > receiving system being Windows shows nothing more than Microsoft has

> done
> > > things right to get in to the position they are in.

> >
> > The fact that the receiving system is likely to become infected and
> > propagate the virus shows that they have done something wrong.
> >
> >

>
>





 
Reply With Quote
 
Mainlander
Guest
Posts: n/a
 
      08-24-2003
In article <(E-Mail Removed)>, http://www.velocityreviews.com/forums/(E-Mail Removed) says...
>
> "The Other Guy" <(E-Mail Removed)> wrote in message news:3f45c1a6$1@slave...
> > While the difference may be statistically significant, the infrastructure
> > can easily cope with it. Where it can't, it is simply a case of failing to
> > keep up with the times (Just like Telecom).
> >
> > The finger can't be pointed at Microsoft for the Sobig virus as it does

> not
> > exploit a weakness in the OS (Like Blaster), only the stupidity of people.
> > The same would apply to Linux if it were as widely used as some would

> like.
> > The fact that e-mailing people randomly will most likely result in the
> > receiving system being Windows shows nothing more than Microsoft has done
> > things right to get in to the position they are in.

>
> Well, yes, they've virtually cornered the market. It's the cost of
> antivirus software which is the difficulty, it's not ignorance. I know two
> people who don't have it because of cost and they both know they should have
> it.


What???

It costs about $100 to buy NAV, and then there are also free antivirus
packages, $100 is cheap for software.

If people are not going to get AV software, there are still other things
they can and should do if they have any brains, like tell their mail
program to cut off the attachments.

> Firewalls are catching on, we've told heaps of people to get zone alarm.
> At the moment, many people are too scared to turn on their pc's. They are
> not pc savy and fear they will be victims and then the only recourse they
> have is to head off to the nearest service shop and pay for the fix. They
> feel very unconfident.
> There should be a fail-safe system for them. It takes a long time and a big
> investment of time for average people to become confident with pc's.
> Joy


There is a fail safe, it is to unplug the computer from the internet.

If people aren't PC savvy and don't know how to protect their computer
against viruse etc they should be using a web tv or a fax machine
instead.
 
Reply With Quote
 
Joy
Guest
Posts: n/a
 
      08-24-2003

"Mainlander" <*@*.*> wrote in message
news:(E-Mail Removed). nz...
> In article <(E-Mail Removed)>, (E-Mail Removed) says...
> >
> > "The Other Guy" <(E-Mail Removed)> wrote in message

news:3f45c1a6$1@slave...
> There is a fail safe, it is to unplug the computer from the internet.
>
> If people aren't PC savvy and don't know how to protect their computer
> against viruse etc they should be using a web tv or a fax machine
> instead.


Pardon me, I don't agree. You don't need to spend hours and hours learning
how to use a microwave oven. Some pc's should be just as simple and even
then people will need help. They deserve to surf just like everyone else.
Joy


 
Reply With Quote
 
Nathan Mercer
Guest
Posts: n/a
 
      08-24-2003
"Howhard" <(E-Mail Removed)> wrote in message
news:A0j1b.123519$(E-Mail Removed)...
> But I agree with your point. Its spam that going to be the death of email

as
> we know it now.


Hopefully not for not too much longer. Maybe another 2-3 years?


 
Reply With Quote
 
Mainlander
Guest
Posts: n/a
 
      08-25-2003
In article <3f4850e2$(E-Mail Removed)>, (E-Mail Removed) says...
>
> "Mainlander" <*@*.*> wrote in message
> news:(E-Mail Removed). nz...
> > In article <(E-Mail Removed)>, (E-Mail Removed) says...
> > >
> > > "The Other Guy" <(E-Mail Removed)> wrote in message

> news:3f45c1a6$1@slave...
> > There is a fail safe, it is to unplug the computer from the internet.
> >
> > If people aren't PC savvy and don't know how to protect their computer
> > against viruse etc they should be using a web tv or a fax machine
> > instead.

>
> Pardon me, I don't agree. You don't need to spend hours and hours learning
> how to use a microwave oven. Some pc's should be just as simple and even
> then people will need help. They deserve to surf just like everyone else.
> Joy


A microwave oven is no comparison. It has the hardware encoded with no
ability to run user programs or be reprogrammed. A computer is user
programmable which is what makes it vulnerable to intrusion. If your
microwave oven had a floppy disk drive and could run programs off a disk
you put into it then it would be just as vulnerable to a virus.

The PC is a complex learning curve simply by virtue of its versatility.
An apt comparison would be the difference between learning to ride a
bicycle and learning to drive a car. The cost of the PC hardware and the
rate at which it depreciates are further issues. Why spend big money on a
PC when you can get a fax machine that does all you ever want for
communication in NZ for a couple of hundred dollars.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem in running a basic code in python 3.3.0 that includes HTML file Satabdi Mukherjee Python 1 04-04-2013 07:48 PM
Re: SOBIG-F SECOND WAVE ATTACK - M$ Windows William Poaster Computer Support 24 08-24-2003 05:27 PM
New Sobig variation on the loose W32/Sobig.F-mm Lord Shaolin Computer Security 7 08-21-2003 11:04 PM
Sobig, can it infect WITHOUT opening Trent Computer Support 0 08-21-2003 01:27 AM
[Alert] SoBig Worm Spreading Online Boomer Computer Support 0 08-20-2003 06:30 AM



Advertisments