Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • WinDeals
  • E-Books
  • Lounge
  • Polls
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>The state of the computing industry

Windows Secrets Newsletter • Issue 38 • 2004-09-23 • Circulation: over 400,000

Table of contents 
  • Top Story: The State of the Computing Industry
  • Patch Watch: Viewing a JPEG can infect PCs that lack new MS patch
  • Insider Tricks: How to pick the best online music service
  • Wacky Web Week: For that special someone — enormous germs
 
Top Story

The State of the Computing Industry

By Brian Livingston

I like to think back on the good old days, when the worst thing Windows might do to us was crash.

Now we have to defend ourselves against invisible programs that silently take over our PCs, record our keystrokes to capture our banking passwords, use our bandwidth to send out junk e-mails that can’t be traced back to the senders, and then bury us in the spam we receive in turn from all the other PC users whose machines have been similarly hacked.

This week, Symantec, the antivirus and security company, released its sixth semiannual Internet Security Threat Report. It says the firm found a vast increase in the number of “bot networks” that are under the control of hackers. Each network consists of thousands of machines that have been infected with Trojan horses and are now controlled by criminals.

During the first six months of 2004, Symantec detected a rapid growth of bot networks from fewer then 2,000 to 30,000. The number of PCs in each network is said to average around 2,000. Multiply the number of networks by the average population of controlled machines and it works out to 60 million “zombie” PCs — that we know about.

Symantec found one bot network consisting of 400,000 zombies, according to an article by John Markoff in the New York Times. Each network can be used to broadcast spam, launch devastating denial-of-service attacks against Web sites the hackers don’t like, and more.

What’s going on here?

Is this it? Are we just going to face more and more attacks as our computer resources spiral more and more out of our control?

It seems to me that the computing industry is in denial of how bad the attacks on our PCs and our lives have become. Things aren’t going to get better without radical changes to bring about a safe and sane computing environment. The first step is for us to stand back and survey just how bad the situation has become.

What follows, therefore, is my first State of the Computing Industry report — a quick and dirty overview of the maddening crisis that has engulfed us.

I focus in this report on four areas — viruses, spam, phishing, and adware — although an entire book could be written on all the problems that “making computers easier and more fun” has brought down on our heads. Here we go; I hope you’re sitting down.

Viruses
  • Four and a half times more viruses and worms targeted Windows systems in the first half of 2004 than the same period of 2003, according to the Symantec report. That’s 4,496 new viruses and worms this year so far. More info

  • About 1 in 12 e-mails carried viruses in the first six months of 2004 that are capable of penetrating firewalls meant to keep them out, according to an analysis of 5.6 billion e-mails by monitoring firm MessageLabs. Up-to-date antivirus programs are capable of stopping most such viruses at this point — but the viruses are growing stronger every month. More info

  • There are now 1,740 known, unpatched security flaws in Windows and other operating systems, according to statistics collected by US-CERT, a nonprofit security coordination center. That’s more than a 300% increase over the 417 vulnerabilities that were known to researchers as recently as 1999. More info

  • Access to zombie-PC networks is being sold and traded among hackers for about 10 cents per compromised machine, according to reports in The Register, a British high-tech news site. More info
Spam
  • Spam exceeded 70% of all e-mail in July 2004, the highest rate ever detected by MessageLabs. It’s over 80% of the e-mail received by Internet service providers AOL and MSN. That compares with the halcyon era when only 7% of all e-mail was spam, as measured by Brightmail as recently as April 2001. More info (click the “Spam” tab for statistics)

  • About 60% of all spam is now sent via zombie-infected machines, according to Spamhaus.org, a respected antispam service. Besides using their bot networks to send spam, spammers last year started directing their zombie armies to flood and disable the servers used by antispam groups. Four such antispam organizations were forced to shut down in 2003 alone due to these denial-of-service attacks. More info

  • A single U.S. ISP, Comcast.net, sends 700 million spam messages a day, out of a total of 800 million daily outgoing messages. This enormous spam outflow is generated by the large number of ISP users whose PCs have been hijacked by zombie software, Comcast network engineer Sean Lutner told News.com in May. More info

  • Almost 1/6 of all spam now conforms to SPF (Sender Policy Framework), according to an analysis by e-mail service provider MX Logic. SPF is an identification system that’s been promoted since last year to prevent malicious people from “bouncing” junk e-mail onto innocent victims. The spammers have adopted the SPF system, to make their e-mail appear legitimate, much more quickly than respected corporations, only a small minority of which have implemented SPF to date. More info
Phishing
  • More than 1,974 unique phishing attacks were reported in July 2004. Phishing occurs when spammers send official-looking e-mails, posing as messages from a bank asking customers to “confirm” their accounts by entering their passwords. The spammers capture and use these passwords, which are dutifully provided by up to 5% of the victims who are contacted, according to Antiphishing.org, a coalition of financial institutions and major e-commerce sites. More info

  • Phishing attacks are growing at a rate of 50% PER MONTH, the group’s figures indicate. Although we often hear that Web sites that collect password data for phishers are in Russia and other non-Western countries, 35% of phishing sites are actually located in the U.S. More info (PDF file)

  • Thirty percent of American consumers have experienced online identity theft, according to a survey by the Gartner Inc. consulting firm. Ninety percent of those cases occurred in the past year alone. More info
Adware
  • Adware is exploding on users’ PCs, with security firm McAfee alone finding more than 14 million instances in March 2004, up from fewer than 2 million just last August. Adware is often called by other names, including spyware and malware. Since these categories overlap, I use instead the general term “adware,” which I define as “programs that are installed on a user’s PC for the financial benefit of a sponsor without the user’s full knowledge and consent.” Putting the approval language into a license agreement and then asking users to click OK on the entire license is not full knowledge and consent. More info

  • More than 20% of PCs tested by PCPitstop have active in memory one or more programs the company defines as “spyware.” Such programs always reduce the performance of the affected machines but often have much more serious side-effects as well. (PCPitstop is an online service that diagnoses more than 1 million machines per month.) More info

  • In surveys, 74% of users whose PCs are running adware from Claria (formerly Gator) said they had no knowledge of it being installed. The figure is 87% for adware from WhenU. In papers filed for a court case in 2003, Gator executives said only 16% of their 27 million “users” were unaware of the presence of the program on their machines, according to an article published by Forbes Magazine. Even when such adware runs perfectly and doesn’t negatively affect a PC’s reliability, serious issues of privacy and security are raised. More info

  • In the worst cases, adware installs via “drive-by downloads,” exploiting weaknesses in Internet Explorer that allow Web sites to run programs on users’ PCs without them even clicking “OK.” Programs downloaded in this way, as explained in Christian Wagner’s spyware/adware/malware FAQ linked to at the end of this paragraph, can operate like the worst traditional viruses. The downloaded programs may install keylogging software to capture user passwords, send personal information back to a central server, and more. (The recent Service Pack 2 for Windows XP closes some but not all of the security flaws in Internet Explorer.) More info

You CAN and MUST protect yourself

Regular readers of the Windows Secrets Newsletter know that they can protect themselves from the above threats by maintaining what I call a “security baseline.” Every PC and computer network should be running at least the following five protective measures:

1. A hardware firewall to keep hackers from accessing your PC from the Internet;

2. A software (or “personal”) firewall to prevent any undetected Trojan horses from sending out your personal data or anything else;

3. An antivirus program that’s set to constantly update its virus signatures to detect threats in e-mail messages and shared files;

4. An antispam program to reduce junk e-mail, which is a common method of delivering viruses into PCs; and

5. An antiadware program to remove adware and guard against its re-introduction into your PC in the future.

A special report on the security baseline, and a review that names the best products in each of the categories above, is in our June 3, 2004, issue.

What percentage of PC users do you think have all five of the above protections in place and working? How many consumers do you think even know that all of these five defenses are needed? Not many.

More importantly, how many computers that retailers sell to consumers have all five of the above protections installed and working when the PC goes out the door? My guess is, “Almost none” — and that’s the problem in a nutshell.

Every high-tech seller seems to want someone else to be responsible for taking, and paying for, the security steps that will make PCs and the Internet safe to use. If computer professionals, manufacturers, and retailers won’t give consumers PCs armed with a comprehensive security baseline, why do we think consumers will figure it out and do it themselves?

I’m sorry, but saying, “You shouldn’t click any links you don’t trust” isn’t an acceptable response to the millions of people who’ve already been victimized by the insecurities that were designed into Windows and the Internet.

The industry’s leaders must work together and pay the tab

I believe the responsibility to clean up this mess resides squarely on the shoulders of our computing giants — the Microsofts and AOLs of the world. They’ve made billions of dollars by selling people on Windows and the Internet. They’re the only entities with the financial resources to take Windows and the Internet back from the scum who are now wreaking havoc.

The industry giants, of course, want someone else — consumers, corporations, the government — to pay to make computing safe again. But it’s ridiculous to think that millions of private individuals, or, worst of all, the governments of the world, can handle this task.

The U.S. Congress would probably make the situation worse with new legislation, just as Congress unwittingly legalized opt-out spam in the U.S. when it passed the infamous CAN-SPAM Act in 2003. The bill bears numerous provisions that were lobbied for by the Direct Marketing Association, an advertising interest group that Microsoft is a member of.

Taking back the Internet will require drastic changes in Windows and the way the Internet itself works. I’ve previously editorialized about one such step, involving digital signatures to identify the source of e-mail, called Domain Keys. It’s being promoted by Yahoo.com and other computing groups — but Microsoft and AOL, after promising to work together on such systems, now don’t agree and are pushing their own, incompatible technologies.

Our industry’s 600-pound gorillas may not be able to come together and agree on the solutions we need to restore basic safety and reliability to our computing lives. But if we don’t at least demand that they do so, we’ll watch the Internet slide further and further down the rat hole it’s already in.

To send us more information about this, or to send us a tip on any other subject, visit WindowsSecrets.com/contact. You’ll receive a gift certificate for a book, CD, or DVD of your choice if you send us a comment that we print.

(A portion of the above report was originally presented in a keynote address by Brian Livingston at the SMB Nation Conference in Seattle, Washington, on Sept. 10, 2004.)
 
Patch Watch

Viewing a JPEG can infect PCs that lack new MS patch

MS04-028 (833987): Microsoft issued on Sept. 14 a set of critical security patches for a flaw in numerous Microsoft products, including several versions of Windows, Office, and various digital-media-related products.

The flaw, identified in Microsoft security bulletin MS04-028, is deemed “critical.” Merely displaying an infected JPEG file (a common image file format on the Web) in Internet Explorer, a Microsoft Office application, or any other application that relies upon Microsoft technology, could silently give control of a PC to an attacker.

In just the few days since Microsoft released information about the flaw, at least one proof-of-concept exploit has been released on security lists on the Web. Security experts are warning that an actual “in the wild” exploit is probably now only a few days away. For this reason, we believe it is essential that all affected Windows users install the patch as soon as possible.

Aside from the severity of the flaw, two issues stand out.

First, the sheer number of affected Microsoft products is daunting. To help you eyeball the list, we’ve compiled an easy-to-read rogues’ gallery (easier to read, anyway, than what Microsoft has in its bulletin, in our opinion). This is shown below, with hyperlinks to information on each different patch that’s required to close the security hole.

Second, if you own more than one of the affected products, you’ll have to install multiple patches. No rest for Windows users.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Insider Tricks

How to pick the best online music service

With the recent release of Microsoft Windows Media Player 10, Windows users suddenly have a lot of choices when it comes to online music services.

Though Apple’s popular iTunes Music Store — which works solely with the company’s equally successful iPod portable audio player — might seem like an obvious choice, the service comes with a few shortcomings that are addressed by Microsoft’s partners.

In a special report on media players in the paid version of the Sept. 9 newsletter, we said people who don’t already own an Apple iPod should probably pick Windows Media Player 10 or RealPlayer 10.5 as their software of choice.

In this issue, we evaluate today’s online music download services themselves, comparing how they stack up against each other.

Each store is graded on a number of criteria. This includes the size and quality of the music libraries, compatibility with portable devices, and the number of unique extras they offer over the competition.

Also important is music discoverability. Services with radio, subscription, or community-based features make it much easier for you to find new music that you’ll want to buy. Boring and stark online services might turn you off and send you running to the mall.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Wacky Web Week

For that special someone — enormous germs


It’s a little late for Valentine’s Day and too early for Christmas. But it’s just the right time to be thinking about which of your loved ones you could give stuffed animals that look like disease-causing microbes — enlarged one million times.

The site of toymaker Giant Microbes says it now has available “The Common Cold, The Flu, Sore Throat, Stomach Ache, Cough, Ear Ache, Bad Breath, Kissing Disease, Athlete’s Foot, Ulcer, Martian Life, Beer & Bread, Black Death, Ebola, Flesh Eating, Sleeping Sickness, Dust Mite, Bed Bug, and Bookworm (and in our Professional line: H.I.V. and Hepatitis).” How sweet. We’re making our list and checking it twice. More info

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.56
  • LizaMoon infection: a blow-by-blow account 4.46
  • RPV: Win7′s least-known data-protection system 4.35
  • Recovery: the last step in total data security 4.31
  • The sorry tale of the (un)Secure Sockets Layer 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Get wired performance from your Wi-Fi network 4.24
  • Caution: Bumps in the road to IPv6 4.23
  • Patch Watch adds problem-patch update chart 4.23
  • ZeuS Trojan reinvents itself as bots rock on 4.22
  • Pros and cons of a ‘keyfile’ password 4.21
  • April brings showers of browser patches 4.20
  • Readers comment on the LizaMoon infection story 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • The advanced system-recover toolkit 4.18
  • One year and 99 security bulletins later 4.18
  • Don’t pay for software you don’t need — Part 3 4.17
  • What to do when Windows refuses to boot 4.17
  • Make the most of Windows 7′s Libraries 4.16
  • Keeping you up to date: say no to .NET — again 4.16
  • Internet Explorer gets another round of patches 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Big-time Wi-Fi security for the small office 4.14
  • Office File Validation patch leads to problems 4.14
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb