backdoor Windows machines
> A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn.
Well, DOH !!!
A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn. The supposed PowerPoint presentation file – called Real kamasutra.pps.exe* – supposedly demonstrates different sexual positions. The file does include a NSFW slideshow of 13 different positions, but this …
Microsoft eventually gave up on auto-running whatever removeable medium you stick in the machine. It was a daft idea and ten years of security holes eventually rammed the message home.
The same will happen for hiding file extensions, eventually. Till then, we have stories like this.
it goes all the way back to DOS and the 8.3 filename, and there are so many assumptions built on it that MS probably can't change it...
i) every 8.3 filename has an extension that might indicate what type of file it is... but there is no registration of standard extensions
ii) Windows: you will ONLY use your data files with one application, the registry associates known extensions with the relevant application
iii) Windows 95: long filenames still have extensions (for compatibility) but they can also use "." elsewhere
iv) technical details will be hidden from users
The result is a user interface that does not provide sufficient information about what will happen when the user does something. Double-clicking on a icon might load the file in your favourite application, or run the file, or load the file in a completely different application that has managed to change the association in the registry...
Next time you release an update for your software, stick an up-to-date, use-one-time anti-virus scan option in it. If the PC has no anti-virus on it, ask the user if they want a one-off system clean.
You will take every system your software updates out of any botnets it is part off. And then keep doing it, each time you release an update, to help persuade users to update.
For users, if you have no anti-virus, just download MSE and bloody use it, you spanners. It is free, it costs nothing, zero, zippo, zilch, bugger-all, nowt. Download it and run a full scan. It is no better and no worse than the one you got free with your PC six months ago and never paid the subs for. Just do it. Not having anti-virus is like leaving your front door open.
For Microsoft. Install MSE by default with your OS/updates, do the option thing you do for browsers for other anti-virus products and do the world a favour.
FFS. It's not rocket science.
The A/V vendors could use this as advertising for their full-strength products, so they have some incentive to participate.
Unfortunately, until all common Linux distributions will run windows application out of the box with the ease of windows, you won't manage to get people to switch.
I'm not up to date with the current state of WINE, and I've never actually played the following, but the point holds: Does it play crysis? (and for that matter, does it play whatever is the current leader in PC gaming technology?)
When Linux can manage this task, Then Linux will be an alternative for the common home PC user. Unfortunatly, at that time, Linux will probably have gained all the problems of windows too.
As long as file extensions are hidden by default, scammers will take advantage of it. And, as long as people need to run their computer with Administrator rights just to get their programs to run, scammers will be sending out trojans like this.
Sooner or later, people will get tired of wasting disk space, CPU time and money on anti-virus, anti-malware and anti-spyware programs and switch to an OS that's secure by design and Windows will go the way of the Dodo. Think of it as the computer equivalent of evolution in action.
"Why should I read file extensions when software can do that and warn me?"
Er, because it doesn't? Well, Windows doesn't, anyway.
"Any file that is an exe dressed up to look like a jpg or .pps or .doc is pretty obviously a boody trap and should raise a few red flag and be treated with more caution than the regular nanny warning."
Fair point. Has anyone got a list of the AV programs that don't automatically quarantine such flagrant malware when "heuristic checking" is switched on?
However My AV Vendor won't actually stop this glaringly obvious one as it's like the sign "free beer tomorrow". However the problem always is between the chair and the keyboard (or touchpad). That factor is very difficult to deal with unless you lock the system, even then they'll unlock it and still get caught out.
I'm waiting to see Oohlook.doc.tar being sent to me...
Beer, as there's no WINE here.
Biting the hand that feeds IT © 1998–2021