Site Search


Saturday, 17 January 2009

Yet another Windows worm.

As news spreads of yet another massively spreading Microsoft Windows worm infects every machine it comes into contact with via several different methods such as USB sticks is it not time that Microsoft realises it has lost this game of cat and mouse?

As I am sure some of the more technological mined people know not all the blame can be laid at Microsoft's door but just as certainly some of it can. Microsoft's unending quest for an operating system, rotten at its core, to be an ease of use operating system the  doors that remain in the kernel core and DLL files are just as culpable as the user-base of it.

The new worm wreaking havoc on Microsoft Windows machines is called Cornficker (also known as Downadup and possibly other names as well) is a case of same old same old as far as the worm code is concerned as apparently it is a rework on some much older worm code base. So, why are we subjected yet again to an estimated 3.5 million Microsoft Windows machines being infected with a variation on a theme worm such as this Cornficker is?

There is one main reason why the infection is so quick and prolific and that reason is the general population not installing critical updates that became available as lng ago as last November. So, the blame game surely points at users. Yes? Well, yes and no. Yes because when Microsoft declares something as critical it is worse than that. They have regularly claimed some patch or other as being severe when the world plus dog knows it to be a very very critical hole indeed so when Microsoft say some patch or other it is  critical then it is indeed very very deeply critical. No because if Microsoft did it right they would force ALL critical patches onto user machines and not even give the user a sniff about doing it either. There are those who claim such a  strategy as that is open to abuse and that anyway Microsoft can't do this without the express consent of the machines owner as it could fall foul of various Laws governing remote access, and more importantly changing files on a remote machine which could be classed as hacking,

But those who create such a fuss about a forced installed patch are surely missing the point. For every one of those who complain about such a thing tens of thousands of machine get infected to create yet another botnet on the back of Microsoft's operating system. I have long held that the vast majority of compromised machines are compromised because of user incompetence. When I have build a machine for someone and at their behest installed a Microsoft operating system one of the first things I do is turn on auto updates. If, as is invariably the case, the machine comes back "because it is running slower now" the very first thing I do is check that auto updates are still set to on. Then I check the the virus and malware programs are still being run and still set to auto update their definitions files. Invariably it is these three things that have been turned off due to them "being an annoyance". So, that is a clear case of user stupidity and has nothing whatsoever to do with anything Microsoft may or may not have done.

So, in the end who should get the blame? Microsoft for not forcing such critical updates and patches onto people who know no better and also users for being stupd enough to turn off the very applications designed and installed to protect them from such things as this latest worm. Now, I have been building and using machines since before the very first IBM machines rolled into the general public view and, of course, I am acutely aware of user borne stupidity. For me though the blame lays half way between Microsoft and their users of.

One thing that is for sure over this latest mess is that once again Microsoft Windows, for all its stupid users, it shown to be the broken by design mess it really is.


Noctris said...

I think it is completly irrational to "FORCE" updates on a server. We build a lot of custom software including services that run on servers. Most of the time patches leave our stuff alone and we hum along however SOMETIMES.. well.. things break when installing a new update.. and if microsoft forces these updates.. our time would be spend running behind the facts trying to get our customers back up cause an update broke our software.. This is something ALL software companies would have to handle..

In the end, it's the "owner" of the machine/software that has to fix this.. when my car breaks down because i refused to go to the garage even though they called me several times, sent me letters and mails.. is it the garage fault cause they didn't just come and pick my car up and maintenance it, or is it my fault for refusing to go ?...

Jeepster said...

irrational or not it would be better for the Internet as a whole if forced updates, where deemed absolutely critical, were the norm.

Servers, such as those running on Microsoft Windows, should be no different. I am of the mind set that says GUI's on servers are bad anyway but that is not the issue here.

Are you saying that worms such as this are okay? Or are you just against forced update because some have been known to break somethings? If either of these are yes then forgive me for saying so but you are as much a part of the problem as your everyday user.