My monthly IT news letter for the University.
Microsoft has thrown in the towel! They give up! When it comes to spyware and rootkits, Micorsoft can no longer keep up. "Game Over, Man! Game Over!"
So, what's an IT guy to do? What does the helpdesk people tell their customers?
Microsoft's Malware Solution: Rebuild!
Microsoft Says Recovery from Malware Becoming Impossible! Offensive rootkits, which are used hide malware programs and maintain an undetectable presence on an infected machine, have become the weapon of choice for virus and spyware writers and, because they often use kernel hooks to avoid detection.
More than 20 percent of all malware removed from Windows XP SP2 (Service Pack 2) systems are stealth rootkits.
"When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World
Rootkits are easy to find and get. Just try
www.rootkit.com/ and get all the info you need to hack the world! No wonder Microsoft is mad!
What is a root kit, you ask?
Ein Rootkit ist eine Sammlung von Softwarewerkzeugen, die nach dem Einbruch in ein Computersystem auf dem kompromittierten System installiert werden, um zukünftige Logins des Eindringlings zu verbergen, Prozesse und Dateien zu verstecken.
Well, that clears that up!
Be afraid, be very afraid!
A root kit hooks itself into the operating system's Application Program Interface (API), where it intercepts the system calls that other programs use to perform basic functions, like accessing files on the computer's hard drive. The root kit is the man-in-the-middle, squatting between the operating system and the programs that rely on it, deciding what those programs can see and do.
US-Cert has a very good article on rootkits and botnets that some of you might read. Don't forget to put your seat belt on first.
www.us-cert.gov/cas/tips/ST06-001.html The key distinction between a computer virus and a rootkit relates to propagation. Like a rootkit, a computer virus modifies core software components of the system, inserting code which attempts to hide the "infection" and provides some additional feature or service to the attacker (the "payload" of a virus). A computer virus can have any sort of payload. However, the computer virus also attempts to spread to other systems. In general, a rootkit limits itself to maintaining control of one system.
Like YOUR system!
Can you say SONY? I knew you could.
Hundreds of thousands of networks across the globe, including many military and government networks, appear to still contain PCs with the controversial copy-protection software installed by music discs sold by media giant Sony BMG. What makes Sony's CD digital media software particularly nasty is that using expert tools for removing the parasite risks leaving you with a Windows PC that's useless, and that requires a full reformat and reinstall.
In other words, you buy a CD, you put the CD into your PC in order to enjoy your music. Sony grabs this opportunity to sneak into your house like a virus and set up camp, and it leaves the backdoor open so that Sony or any other enterprising intruder can follow and have the run of the place. If you try to kick Sony out, it trashes the computer.
And what else? If you lose the original CD or it's stolen, you lose the right to any digital copies you've made. You can't keep your music on computers at work. You must delete your songs if you move out of the country or if you file for bankruptcy or contract AIDS.
ACK!
At this point I put on some relaxing music.
OH WE'RE NOT GONNA TAKE IT
NO, WE AIN'T GONNA TAKE IT
OH WE'RE NOT GONNA TAKE IT ANYMORE
Today's problems are just going to get much worse! We can no longer treat our beloved PC's like toasters! (Put data in, pull handle and get information out!)
Each one of us needs to learn how to drive a computer responsibly! Being clueless is no longer an excuse!
Now the flip side.
WHAT YOU DON'T KNOW SURE CAN HURT YOU
WHAT YOU CAN'T SEE MAKES YOU SCREAM
WHAT YOU DON'T KNOW SURE CAN HURT YOU
WHAT YOU DON'T HAVE IS WHAT YOU DREAM
TWISTED SISTER
Always practice safe computing!
Wear an Anti-Static Wrist Band before you work on your computer. Have a good, strong password of 80 or more characters combining letters, numbers, symbols, and funny renditions of your Mother-N-Laws name. Keep all important data encrypted with a symmetric cypher with 128 bits, an asymmetric cypher with 3072 bit keys, and an elliptic curve cypher with 512 bits. And last but not least do the computer safety 3 step! Patches, Antivirus and firewall!
Remember! It's all up to you to keep the cyber world at bay and your pets safe.
If Edward R. Murrow were alive today, he would probably say,
"This instrument can teach, it can illuminate; yes, and it can even inspire, but it can do so only to the extent that humans are determined to use it to those ends. Otherwise it is merely porn in a box."
"Good night, and good luck."
