[PCWorld]

Post your comments for Conficker Worm: Not Finished Yet here

[jinx101]

The media trumped it up as the next Y2K, it didn't happen and now they're saying "oh oh, but it could" to cover for their sensationalism leading up to this... it's like saying "I'll give it a 50% chance"... that way, you're never wrong because it will either happen or it doesn't.

[xiaoeco]

Did everyone miss the point of this virus?
The virus didn't have to have a malicious payload to be a success. It's a success by infected up to 12 million computers. The authors of this virus now just have to show companies any bit of the coding so secure millions of dollars from people with the inclination to form a botnet or to send out their own program.
I don't think the point of the virus was for the writers to send out their own stuff, but rather to create a market and interest in their ability to propagate whatever payload they so desire.
Maybe the justice department will offer them multi-million dollar contracts to protect against people like themselves?

[HarveyDanger]

Does anyone edit these articles anymore?
This is the third article in a row I've read with some kind of grammatical or typographical error.
Come on, you guys are supposed to be professionals.

[ITGUY]

O.K. If all that is mostly ever necessary to prevent infestation by this and many other threats from the internet is to keep anti-virus and operating systems patched why isn't there some mandate that all the ISP's in the world conform to a strict set of rules that include blocking all and any threats coming and going through their networks?

[jinx101]

@ITGUY: IMO, ISP's should be blocking that traffic. Corporate and educational networks often block the suspected traffic from coming in. Once it's in, it's another story but often times they can identify infected computers, cut them off and fix them (on an ISP, some other type of notification would have to be sent).

[Fwippy]

@ITGUY -
Are you saying that you'd like to have to report detailed information about each connected machine to your ISP to be able to log on? And the ISP should be able to dictate what valid patches and operating systems are, no doubt in the process annihilating many embedded networking solutions?
Privacy issues aside, I wonder how you think it would be possible for a user without the latest patches to get them. Unless you'd like to see Microsoft sending CD's by mail to every customer twice monthly.
Not to mention that the notion of identifying "threats" requires deep packet analysis and incredibly sophisticated software, adding more overhead to the ISPs and giving them a reason to raise rates again.
And all this, you want 'mandated,' presumably by the UN or some other international authority with the power to enforce it.

[spottydog]

Speaking of Y2K. Was I the only one who changed the clock on my PC to see what would happen? I mentioned it to other people around me at the time and they were all too scared in case their PC crashed.

[OldSimTech]

Does any one know what size this Conficker is how much Memory does it take up? What format is it running in? What part of memory is it hiding in? So it uses a peer-to-peer (p2p) protocol to communicate with other infected machines. Saw some one said it put pictures up on the sceen on the lap top. Does it do different things to differt computers? Sounds like we don't know much about it yet?

[ITGUY]

@Fwippy, I am not suggesting that end users should not maintain their computers. If they don't they are taking a chance that they could get infected period. What I am saying is the common demoninator is the ISP, everyone has to go through one to get connected. In theory, it would make sense to do whatever it takes to prevent millions of end users from getting infected and re-infecting millions more by identifying a threat pattern and stopping it before it reproduces (or at least in some reasonable amount of time once detected). Sure this would be difficult, and costly, but impossible? I for one would rather have my ISP here in the US do everything in its power to safeguard what comes in and out , and would pay more if I knew it was working. My guess is that most others around the world would too.

[xiaoeco]

Haha... Did you read what you are suggesting? The ACLU would have a field day with that garbage. Not because they are "protecting" anything, because it's literally impossible to protect against all viruses at all times... They have to be detected and documented before you can block anything.... Not to mention they use protocols and ports that are actually left open for good reason sometimes. Then you put in the fact that you are suggesting that all the ISPs in the US should reserve the right to restrict your unbridled access to the internet and filter your traffic. Does Privacy mean anything to you? Why don't you move to China, so you can have youtube censored to protect the government's agenda and then come back to talk about how you think someone should play big brother.

[coastie65]

spottydog said:

Speaking of Y2K. Was I the only one who changed the clock on my PC to see what would happen? I mentioned it to other people around me at the time and they were all too scared in case their PC crashed.

:D Hey spottydog, Actually at least one other member that I'm aware of did the same thing. I had entertained the idea, but all my security stuff is and has been up to date, so figured it would be a bust anyway. Had one member that ran his computer naked of any kind of security stuff and had his girlfriend log into as many site as possible. Don't know what the results were, but I would be surprised if there weren't at least a few Vundo type things in there as well as a possible ZLOB or two. :D coastie

[ITGUY]

@xiaoeco, it would be unrealistic to think that all viruses could be
blocked always, it would not be unrealistic to block harmful malicious
or unauthorized transmission from cyber criminals once a pattern has
been identified. If you seriously don't think that everything on the
net is not already being monitored by big brother, try having a
conversation about planning an attack on a Govt official and see how
long it takes to have a visit from the Feds. The way I look at it is
the criminals have a free ride to steal your freedom while crapping on
privacy with an open door policy to do what ever they can while you're
watching you tube. If I had a choice to use an ISP that can identify
and prevent the unauthorized malicoius code from spreading itself
further I would use it. I know which ISP's the cyber criminals would
choose-the same ones that are protecting your so called privacy while
they're cleaning out the bank account.

[case1239]

Why is this such a big deal? This is easily removed and easily detected. Most popular anti-virus solutions have updated their definitions to remove all three known variants, and plenty of custom removal tools are available at any number of sites. All it takes is a bit of work.

[terrymurf]

Are you one of the people who makes the editing marks in the library books I occasionally find when he discoversa typo or a misspell? I've alway's wondered if they came back and checked out those same books expecting the mistakes to be corrected. You've got to relax, this is a forum, not a school assignment don't be so anal.