In millions of Windows, the perfect Storm is gathering

[dreamdancer]

A spectre is haunting the net but, outside of techie circles, nobody seems to be talking about it. The threat it represents to our security and wellbeing may be less dramatic than anything posed by global terrorism, but it has the potential to wreak much more havoc. And so far, nobody has come up with a good idea on how to counter it.

It's called the Storm worm. It first appeared at the beginning of the year, hidden in email attachments with the subject line: '230 dead as storm batters Europe'. The PC of anyone who opened the attachment became infected and was secretly enrolled in an ever-growing network of compromised machines called a 'botnet'. The term 'bot' is a derivation of 'software robot', which is another way of saying that an infected machine effectively becomes the obedient slave of its - illicit - owner. If your PC is compromised in this way then, while you may own the machine, someone else controls it. And they can use it to send spam, to participate in distributed denial-of-service attacks on banks, e-commerce or government websites, or for other even more sinister purposes.

Storm has been spreading steadily since last January, gradually constructing a huge botnet. It affects only computers running Microsoft Windows, but that means that more than 90 per cent of the world's PCs are vulnerable. Nobody knows how big the Storm botnet has become, but reputable security professionals cite estimates of between one million and 50 million computers worldwide. To date, the botnet has been used only intermittently, which is disquieting: what it means is that someone, somewhere, is quietly building a doomsday machine that can be rented out to the highest bidder, or used for purposes that we cannot yet predict.

http://observer.guardian.co.uk/business/story/0,,2195730,00.html

 

[Levitikuz]

get a new computer.....

 

[PhenoMenal]

Bots/botnets have been in existance since the 90s, it's now nearing the end of 2007, so your love of this one particular "Storm" bot which does nothing that no other bot can do is a bit uhhh... weird, lame, and homoerotic.

 

[dreamdancer]

this one seems to be in stealth growth mode at the moment - wonder who the target is when it flowers?

 

[panopticist]

Ouch. Windows takes another hit...

At least PC manufacturers are starting to provide alternate OS's to be pre-installed on their machines.

 

[gmb]

Reminds me of the CIH virus several years ago. Big deal, but minimal impact. People's PCs can be affected, and private data compromised, but it's really a drop in the bucket compared to the number of PCs that already are affected by some sort of spyware/malware. Thankfully, the big companies are smart enough to run Unix/BSD/Linux on the computers that really matter. I'm still trying to convince my old lady that we don't need our Windows partition.

 

[panopticist]

Unix FTW!

Can't wait till Leopard drops at the end of the week...

 

[gmb]

Still working on getting Slack 12 setup. Need to configure some rc.d stuff because ndiswrapper is working, but I still can't ping the gateway. Oh well. In the mean time, Ubuntu is a nice alternative.

 

[HCSmyth]

Oh well the whole world is ending in 2012 any way. It the meantime it will suck to have interrupted porn and online gaming access when these bots do attack crippling the World Wide Interweb.

 

[Verite]

Funny, this is nothing more than a variant of the NuWar virus. This has about as much impact as any other old ass virus.. none. Any virus update or scan done in the last 11 months would catch it.

McAfee's NuWar info page
http://vil.nai.com/vil/content/v_140835.htm

McAfee's info on the NuWar Storm variant
http://vil.nai.com/vil/content/v_141316.htm

 

[DogBoy]

Foot and mouth means i cant eat beef, Avian flu means i cant eat fowl and now i cant look out the bloody window. Jesus.

I'm about to wipe my backside on some babywipes, if anyone has any horror stories about this innocuous looking sanitary wipe please let me know ASAP as i cant sit here much longer with these dead legs.


My anus needs you!, wet wipes, are they safe to wipe with or should i return to douching on the pedestal rug?

 

[nycdfan042]

The perfect storm is brewing all over San Diego!!!!!!!!!!! my thoughts go out to everyone in that area! its lookin like the ingredients for one of those fire hurricane things....hope everyone gets out ok

 

[dreamdancer]

A technique for cracking computer passwords using inexpensive off-the-shelf computer graphics hardware is causing a stir in the computer security community.

Elcomsoft, a software company based in Moscow, Russia, has filed a US patent for the technique. It takes advantage of the "massively parallel processing" capabilities of a graphics processing unit (GPU) - the processor normally used to produce realistic graphics for video games.

Using an $800 graphics card from nVidia called the GeForce 8800 Ultra, Elcomsoft increased the speed of its password cracking by a factor of 25, according to the company's CEO, Vladimir Katalov.

The toughest passwords, including those used to log in to a Windows Vista computer, would normally take months of continuous computer processing time to crack using a computer's central processing unit (CPU). By harnessing a $150 GPU - less powerful than the nVidia 8800 card - Elcomsoft says they can cracked in just three to five days. Less complex passwords can be retrieved in minutes, rather than hours or days.

It is the way a GPU processes data that provides the speed increase. NVidia spokesman Andrew Humber describes the process using the analogy of searching for words in a book. "A [normal computer processor] would read the book, starting at page 1 and finishing at page 500," he says. "A GPU would take the book, tear it into a 100,000 pieces, and read all of those pieces at the same time."

Benjamin Jun, of Cryptography Research based in San Francisco, US, says massively parallel processing is ideally suited to the task of breaking passwords. And, while concerned about the development, Jun also pays tribute to the achievement: "A number of us have been following advances in those platforms, and there's a lot of elegant, intelligent design."

Password cracking can be used to unlock data on a computer, but will not usually work on a banking or commercial website. This is because is takes too long to run through multiple passwords, and because a site will normally block a user after several failed attempts.

http://technology.newscientist.com/...rdcracking-chip-causes-security-concerns.html

 

[gmb]

Now you just have to find a place that will allow you to connect 100,000 times in a row. Brute force cracking is always the "Plan B" method, but nowadays arbitrary code is becoming much more popular as the primary choice.
By the way, just compiled kernel 2.6.23. Had problems with ALSA and Synaptics touchpad, but all is well. I may actually go back to an older kernel(2.6.22.16 or something). Having problems with ntfs-3g and fuse on this new kernel. Maybe we should have an ICLUG(Icmag Linux Users Group?). I don't know..just an idea.

 

[PhenoMenal]

Modern crypto algorithms have pretty much taken brute force out of the equation - even with advanced/parallel processing. Weak passwords are still weak passwords though.

 

[Verite]

And I just cracked 50% of them by typing in nothing or 'password'.