You catch 'em, we kill 'em

I'm glad I'm mad - it is better than being dperessed.....

, posted: 27-Nov-2008 22:34

Some one once said depression is just suppressed rage so for me better angry than depressed.

To answer a comment or two:


>It's got to be better to them than the
alternative of people switching to truly free software like GNU/Linux.
If >you're sick of security software, cd keys, and product activation
sucking your life away, I'd highly encourage you >to give a Live CD from
one of the popular distributions a spin.

I still have my original Caldria Debian CDs circa 1993/4. A 386 PC - two CDs and away I went - green screening across the universe.  unfortunately I live in a world were the accounting packages for business are still mostly Windows Oriented - thus my enjoyment in working hard with Win PCs.




Jones, on 26-NOV-2008 22:33

IP:, user id: )

>Wow, you are angry. About something being free? :-)

My junkie friends all have a monkey on their back and some moon faced troglodyte gave it to them for free in the guise of helping them - should I not be angry about the free gift they got?

The govt introduced legislation making it easier for younger girls to get on the game - and it cost me nothing. That doesn't make me happy either. Nor does the prick on P down the road who freely pulled a machete on me and threatened to slice my f*ging head off - for free mind you. Are you suggesting I should be thankful for all free gifts -indescriminately of the giver and purposes of said free 'gift'?   Oh yes - my nursing friends at th STD clinic - they'll all tell you about the free gift that jsut keeps on giving yet I know very few people who were happy to receive that for free -infact most of them are pretty miffed about it.

Re my anger.

I actually have a lot of time for microsoft in many areas - but not in the area of security. Their security has cost more businesses more money and more pain through dowwntime, exploits and loss of income by paying people like me to fix stuff that should neve have been broke in the first place.  I praise them for creating gui layout standards such as File, Edit, View etc and bringing order and consistency to the industry. I praise them for VB as it is a good little language that really stepped up GUI / RAD developement. I praise them for desktops for the average Jo Person - windows has opened computing up for the non geek in massive ways. However their monopolisitic stlye and completely screwed way of thinking about security is a complete nightmare.

Again - I would not take finiancial advice from a bankrupt - neither will I trust M$ with security - and this offering will do nothing to improve the Windows PCs lot and will do lots to hurt vendors who are making a difference in the spyware / malware world. Should even one sale (and believe me it will be more than that)   be lost to legit and effective security vendors then they are one step closer to failing as a business.  M$ have set out to hurt legitimate businesses and providers - with a product which will not be up to snuff (going by their previous effrots to date).

Lastly - and I'm sure Mel Gibson wouyld be proud of me for my conspiricy theory slant here - since when has M$ given anything away that is not designed to tie you in tighter with their system, pull you away from the competition and improve their bottom line? Nothing is free when it involves M$. Their overriding mantra is world OS domination. Their history and stlye confirm it more and more and more. This might not cost $$$ to buy (yet) but believe me - it will not be free - not buy a long shot.

Yup - I am not thankful for this free gift at all. however should you like free gifts of security software then the good folks at WinAV antivirus ssytems will happily scan your Pc for free. Give em a call - they are waiting with open arms too.

Here beginnith a rant - jones - i dont know if you are trolling for effect or completely ignorant to the state of play security wise with M$ systems but I'll take your one report and raise you thousands more saying different.

do you think of the desktop vulnerability report and the security
intelligence report, they seem to >make MS security record look quite
good really.

I worked for the Dept of stats for 9 months - believe me - i dont
trust stats - seriously - you are aware there are actually closer to 6
million kiwis dont you? - and no I'm not kidding.

MS Security record looks good? Huh??? What platform planet are you from?

Lets give a few raw examples of data - I'll let you draw your own conclusion.

My business - over 300 virus busts / removals in the last year. All M$ - none for Mac (OSX, OS9, OS8), none for Linux, none for AIX, None for as400, none for RS6000, none for OS/2 none for Novell, none for BSD, none for java Desktop ... Did I miss anyitng there?  Nope!! Oh and in case you are wondering if i am big noting my self - i really have worked on all those types of systems. 

This source - Kapersky labs. Please note the win32 growth - please note the massively smaller growth for non MS operating systems. And no - these stats are not a reflection of which OS is used the most - they are a reflection on the growth in the number of types and instances of malware for OS - independent of how many users there are. If you take these numbers and then weight them according to the growth of usage of each desktop then the skew increases rapidly in favour of non Win32 platforms being more secure and Win32 being less.  Win32 systems ar elosing ground to non M$ desktop systems (and boy dont the numbers rack up when we talk about server stats right her as well - can anyone spell samba, lotus notes, ximian, postgres....).

Number of new malicious and potentially unwanted programs according to platform targeted

  2H 2007 1H 2008 Growth
2007% 2008% "+/-"
Win32 130131 432862 232.60% 96.00% 98.30% -2.27%
Other 5362 7449 38.90% 4% 1.70% 2.27%
Total 135493 440311 225%      

Now back to your question - have i seen reports regarding how secure windows is? ... hang no!! - I'll go looking again. Oh look another H1 report - Kapersky again.

The table below groups all operating
systems and platforms attacked during the first six months of 2008
according to the operating system ultimately under attack. For
instance, JS and VBS falls into the Windows group, Ruby and Perl into
the *nix group and so on.

Nix (Linux, Perl, PHP, Ruby, Shell) 230 0.052%
Mac (OSX, Mac) 20 0.005%
Mobile (J2ME, Symbian, WinCE, Python) 88 0,02
Other (DOS, IIS, Multi, MySQL) 51 0.012%
Windows 439922 99.912%

Oh crud - I've run out of fingers and toes - how many attacks via windows does that show again for H1 2008?
Funnily enough it is within 0.2% of my own inhouse statistics quoted above - and my stats were independently reached before seeing this.

More reports - gotta find reports vindicating windows - my rage must be quenched.

I know - the top virus reports for the last year -that'll show how safe windows is: Site: Eset.

Virus CountInfection Ratio (%)Infection Ratio
 01. Win32/Netsky.Q worm1 954 6100.050 %1/ 2.0 ths

 02. Win32/Zafi.B worm1 709 6250.044 %1/ 2.3 ths

 03. a variant of Win32/Stration.XW worm981 9170.025 %1/ 4.0 ths

 04. Win32/Stration.ABF worm738 7590.019 %1/ 5.3 ths

 05. Win32/Stration.XW worm407 7980.010 %1/ 9.5 ths

 06. HTML/Phishing.gen trojan324 1200.008 %1/ 12.0 ths

 07. Win32/Spy.Goldun.NDO trojan123 3990.003 %1/ 31.5 ths

 08. Win32/Netsky.D worm120 9040.003 %1/ 32.2 ths

 09. Win32/Bagle.HE worm83 4440.002 %1/ 46.6 ths

 10. Win32/Mytob.BK worm76 9280.002 %1/ 50.6 ths

 > OTHER VIRUSES687 1840.018 %1/ 5.7 ths

> TOTAL THREATS 7.2 mil0.185 %1/ 539.5
Total clean messages 3881.5 mil  
Total messages 3888.8 mil  

Whoops - 9 out of 10 - thanks M$ - Again - the gift that keeps on giving. I forgot to add symbian Os to the list of Os we worked with - they contribute one virus to the list under the other viruses categroy.

Look  - i could ridicule M$ security until the stars fall and Jesus returns. The short and the long of it is that M$ security sucks. It sucks because of ideology which is reflected in M$ practice.

M$ dont change ideology therefore their practices are like their patch updates - throwing more crud and rubbish on top of a tottering heap of  insecurity.

Now we are being thrown more free m$ security.  that is bad because:
It hurst legit vendors who actually know what they are doing
It lulls jo average user into a very false sense of security
It is a response not born out of care for their users but as an action at least partly predicated on their failure to flog their pay for product (one care) successfully.

It will hurt users. The bloat will make life more difficult for legitimate users, programmers, sys admins and people to do their jobs. The last free stuff we got from M$ looks like the following.
Defender - bloated, sucky, ineffective
MSRT - bloated, slow, sucky ineffectiv
Access Control Lists (ACLs) - flawed from birth why wont they use the same stlye as other Os
System ACLs (SACLs)
Discretionary ACLs (DACLs) 
Security Identifiers (SIDs),
User Access Control (UAC)
And the list goes on - all without adding effective security benefit and slowing down the rate of virus /malware infection (see graph above) but while reducing the ability of users to do their jobs increasing software failure, bloating network systems, crapping out network connections, killing legit processes and increasing failure rates / Pc down time.

Now!!! ( i hear someone scream ) UAC, ACLs etc are all good things -
That is true theoretically. But it is only as good as the foundation it is built on and the Win32OS security is flawed from the ground design upwards. We still have legacy code or methodology built into vista to allow backwards compatibilty for other OS all the way back to DOS legacy artifacts of style, implementation and requirements.

Until they throw away every last line of code, completely remove all requirements and provsions for backwards application compatibility and rebuild from the ground up their security model is screwed - therefore adding ACLS, SACLS, SIDs etc is window dressing - an elegant tower built atop a jelly foundation. Look out folks - the titanic is sinking but the band still plays. Why dont they put down their instruments and help launch a few more lifeboats?

An excellent article - dated but still as valid can be read here.
and another one around called why OSX server better than M$ - good technical comparison.

Lastly - does it strike anyone else that m$ seem indecently eager to start telling us of the wonders of windows 7 when their latest and greatest baby is only just clear of the caul and being thumped by every malware bully in town? Me thinks their free security upgraded wonder has turned out to be a whimp - the peewee hermin of the OS security world.  Time to move on and hope Win 7 will fix it hey Bill?

M$ free stuff is another body guard / 1000 pound gorilla all designed to stop the principal being attacked or hurt. If M$ re-write their Os correctly (ie why are OS threads all based on a single, high privledged thread? - exploit the child - misuse the parent) then they have taken the gun off the attacker and can free the monkey on your back leaving you to get on with life. However, free monkeys keep appearing and boy they weigh heavily. a free monkey is still anothe monkey on your back - and as my junkie friends tell me , "somebody is always happy to put a monkey on your back for free - its getting rid of it later that costs you lots." Why should I be thankful for another free monkey?

Other related posts:
Ever wondered how the Pope, Stewart island and plague victims can be in the same post? wonder no longer :)

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and placed in the moderation queue for the blog owner's approval.

Your name:

Your e-mail:

Your webpage:

nunz's profile

Shane Hollis
New Zealand

Shane started Virusbusters twelve years ago to provide fixed price IT support for home users.

Daily battles through the world of viruses, spammers and other malware has left an indelible impression on him so he decided to try to give back some of the help he has received over time.

Hopefully crazy ideas, virus removal tips and other help can be found in this new blog. who knows, it might even be worth reading one day.