Wouldn't
Wouldn't
deltree / rmtree *.* /s be better?
A surprisingly simple disk-wiping malware has set off alarm bells in Iran after surfacing in the Middle East nation. The software nasty deletes everything on storage drives attached to infected Windows PCs on specific dates, according to the Iranian security emergency response team. The malware was detected in one or more …
You would be surprised at the number of people, who should know better, who try a 'recovery CD' when something goes wrong and proceed to overwrite large portions of the HDD and previous file system tables and only THEN worry about what happened to their data.
Possibly recovered - if you happen to know someone who enjoyed doing those really large jigsaw puzzles, with names like "The World's Largest Jigsaw Puzzle" where all the pieces look the same. A moderately large, moderately fragmented disc with the File Table missing would be an excellent Christmas present for them.
Personally, I'd recommend imaging the disc and restoring from backup...
Presumably because the list of software produced by their friends is even shorter than the list of friends?
Given the development of such highly specialised code as Stuxnet, it seems probable that even if the Iranians used some flavour of Linux, those behind Stuxnet will work out how to cause trouble. The supposed security advantages of Linux probably won't help much if you've got the Israelis and the Yanks working together on it.
"Presumably because the list of software produced by their friends is even shorter than the list of friends?" -- well, there is that, but, if they are capable of developing nuclear power and (alleged) a nuclear weapons program; surely they can knock up an OS of their own.
"The supposed security advantages of Linux probably won't help much if you've got the Israelis and the Yanks working together on it." -- Absolutely, but, at least it would be more secure than the current system where a 12 year old skiddie can get access, as is the case with Windows.
"The supposed security advantages of Linux" -- supposed?
"if they are capable of developing nuclear power and (alleged) a nuclear weapons program; surely they can knock up an OS of their own."
You'd have thought so, but there's surprisingly few ground up OS's developed that I've noticed, and I guess this reflects the fact that a true home brew needs the OS authors to write drivers and apps, so that altogether it is rather more than a trifling endeavour? And that assumes that you can write drivers for OEM hardware without their cooperation. Obviously if you just roll your own Linux flavour, that's a lot easier, but you're then making yourself vulnerable to the many clever people who know different flavours of Linux.
That Linux is more secure I don't dispute - but if placing money on Iranian Linux security holding out against the Israelis, I wouldn't put my money on the penguin.
""The supposed security advantages of Linux" -- supposed?"
Sticking to servers...
Linux is definitely better than Windows and maybe even that Apple thing, but it is unarguably not as good as some other open offerings (both historically and currently) - even when ignoring 'special purpose' operating systems.
Linux is good, but it is far from the best that is out there.
Downvote away if you really think GNU/Linux is as secure as secure gets.
Well, that's a part of it. But in the case of Iran, there's more to it than that. Remember there are also sanctions based on human rights violations. Note that I'm not claiming the sanctions have any chance of improving the situation, just that the US government has an additional restriction on them.
"I'm sure the CIA and the NSA are only too happy to pay Microsoft to give Windows to the Iranian government for free."
Probably broadly correct, though I doubt they'd be that obvious as it's likely to raise suspicion. More probable that- as part of their you-scratch-my-back-and-I'll-scratch-yours arrangement- MS simply agree to not cause any problems for people trying to install and activate pirated Windows and other products in Iran.
If I were the Iranians (OK, apart from being less of a dick-dead than their example so far) I would go for Linux simply because it is open enough to allow a reasonable chance of an un-tainted OS for secure use.
Note, however, that is not saying Linux is totally secure, nor is it saying that Iranian BOFH are good enough to secure a working Internet-connected system against probing by NSA, Mossad, etc.
All it says is you can check for most obvious back door-like features, something you can't really do with Windows or OSX, and the history of UNIX/Linux is based on default-to-secure behaviour, which has taken MS time to catch up with.
Wait, why are -we- using Windows, then?
Big respect for the suggestion that Microsoft Windows cannot be sold to Iran due to concern for human rights. After all, it violates mine. If this is written down somewhere, I want to know particularly if there is a right to not have the PC freeze from time to time for a full minute for NO REASON. Maybe I should move to Iran and get liberated.
This post has been deleted by its author
Deleting data is very obvious, easily detected and easily repaired. What a pro would do is want access to data, to analyse for secrets without the owner knowing it is happening, or to make small corruptions to the data which renders it useless or misleading but which the owner does not realise until they go to use it. I suspect this is some Saudi or Israeli skiddie/hacktivist getting his lulz rather than the CIA, NSA, MI6, the Mossad, etc.
Perhaps, though this sort of harassment combined with other efforts might prove more effective then either technique on its own. Depends on the goal, after all. I would guess you are right, but there is the possibility that the information was extracted and this was done to obscure the act - a bit like setting a building on fire to hide a theft.
nah... much more fun was using a basic hex editor to edit command.com's references to config.sys and auto exec.bat to a hidden system directory with two text files named anything you like.
Leave the existing autoexec.bat and config.sys in the root folder and watch your 'tech' colleagues get mightly confused why they couldn't update their systems.
it did have the added benefit in some cases of protecting some machines from their 'technical users'.
I like big .bats and I can not lie
You other coders can't deny
That when a script executes with itty bitty waste
And a C:\ prompt in your face
You get sprung, wanna pull out your tough
'Cause you notice that .bat was stuffed
Deep in the files it's tearing
I'm hooked and I can't stop staring
Oh baby, I wanna exec you
And pipe your output...
Even Mac boys got to shout
Baby got .bat
This post has been deleted by its author
This is one of the millions of trivial Windows viruses that are cranked out by bored 12 year olds in their bedrooms. It clearly isn't targeted at Iran, if it's common there it's only because every copy of Windows in Iran is pirated and as such can't get the normal Microsoft security updates. When the other commentors point out that using Linux wouldn't have protected the Iranians against Stuxnet, they are correct but that's entirely beside the point. There is no easy solution to protecting your systems against a determined attack by major nation states but it's pretty easy to protect yourself from 12 year olds. In most of the world a legal copy of Windows, getting the standard security updates, won't be particularly vulnerable. However a legal copy of Windows isn't an option for Iranians unless Steve Balmer has a secret desire to spend the rest of his life in a windowless cell beneath Florence Colorado. They do have the option of rolling an Iranian Linux distribution because there is no way to prevent the Iranians from downloading the source code and compiling their own. A supported Linux distro isn't vulnerable to the machinations of script kiddies.
From BOFH 2006, episode 8:
"Well I logged in as root earlier and I was just going to try that ps thing you mentioned, but instead I accidentally typed in 'nohup cd /; rm -rf * > /dev/null 2>&1 &' "
"Okay." he gasps, "Just type in fg."
"fg, ok, oh bugger, I accidentally typed control-d instead."
"I...well, I suppose we could have a lesson on reinstalling a box from scratch," he sniffs.
Have a Linux box I was going to wipe & re-install so thought I would try basically the above approach. Was quite surprised how far it got, eventually all of the text vanished from the Gnome desktop being replaced by small blank boxes (guess that was the fonts gone!) and finally it froze. Rebooted with a live CD to inspect the file system and only a handful of directories still existed (those with open 'files' before it finally stopped), but not any files as far as I remember.
Was impressed by its thoroughness!
The font thing is interesting; it implies that the system is constantly re-rendering the contents of the window. Windows doesn't do that - it requires explicit repaint calls IIRC. So you could roast the fonts and a word processor would look normal until you tried to edit it or scroll the page, I think.
Re: "if they are capable of developing nuclear power and (alleged) a nuclear weapons program; surely they can knock up an OS of their own."
I'm pretty sure Seiemens developed their nuclear power. That said, as bad as running Windows for anything important is, hardy anybody likes to reinvent the wheel. Very few people start an OS and few of those reach a useful state.
Re: comments about FAT and such... first, FAT doesn't mean "Windows 95 or older", NT3.5, 4, 2000, XP all supported NTFS but also FAT installs. I've seen FAT installs of Windows 2000 (I don't know why). Secondly, though,from the description in the article this virus was deleting THE USER'S OWN FILES. So, NTFS, ACLs, and proper filesystem permissions, won't do dick against this particular type of attack.
Well... I feel smug now for using Linux... DEL *.* does nothing, I tells ya. Nothing!! Wait, rm -R *? I have no idea what you're talking about 8-). (But seriously, a .sh file won't run without the execute bit turned on. But, if I were running random executables under Linux something naughty could wipe my home directory if it wanted.)
bitch, bitch, bitch.
Somebody goes and assumes something positive about a Windows Admin and all you can do is complain.
Yes, technically you can use FAT on all those other systems. But no competent Admin ever would, so yes, FAT means Windows 9x in the practioner's world.