Recent Comments

Print This Post Print This Post

Conficker worm fizzles… for now

The news has been full lately with hyperbole regarding the Conficker series of worms. If you believed some pundits, the Internet should have ground to a halt today as millions of infected computers picked up their new instructions for the coming armageddon. What really happened was… not much of anything. But that doesn’t mean the risk is gone…

Like most worms and viruses, the Conficker series of worms relies upon a combination of exploitable software flaws and user error. Also like most worms, the target of all variants of Conficker is Windows. This is primarily for several reasons: firstly, Windows is the most widely used operating system by a huge margin. When you are dealing in small percentages, it makes sense to pick the platform where “small percentages” still means tens of millions of machines. Second, users of Windows include the highest percentage of “naive” or downright ignorant users and malware depends of poor computing habits to propagate. Finally, early versions of Windows were full of atrocious security flaws and design shortcomings.

To avoid Conficker, all you have to do is keep your computer patched up (In Windows XP turn on automatic updates and have them installed weekly) and run an up to date (I.E.: virus signatures no more than a month old) anti-virus program. That’s it, and you will be basically safe from the worm itself, assuming your machine doesn’t already have it. The problem is, just as with driving, no matter how safe you are, your safety can be compromised by all the other ignorant (and in some cases downright stupid) users you share the “road” with. If 99% of the Windows users out there follow those two “simple” good practices I’ve mentioned above, that still leaves as many as 10 million PCs that can be infected by malware like the Conficker worm.

And therein lies the problem: first, a lot fewer than 99% of all Windows users follow good practices. A distressingly high percentage of users actually go out of their way to sabotage all of the automatic update, security, and anti-malware features of the OS. Estimates suggest that as much as 30% of all Windows users still haven’t applied the patch that was released in October of 2008 that would block Conficker’s main infection vector (MS08-067). Further estimates suggest the total number of computers running some variant of the Conficker worm exceeds ten million, making it the most “infectious” malware this decade.

So what is the big deal if your machine is not infected? Most worms today are designed to turn the infected machines into a controlled “army” or botnet for some sort of purpose. Even a few hundred thousand computers, if centrally coordinated and directed to a specific task, can wreak havoc on the functionality of major parts of the Internet. A few million could temporarily shut down the core of the Internet for hours, even significantly disrupt “normal” operations for days if the worm is capable of being dynamically reconfigured as Conficker is. Conficker is particularly tricksy: its latest variants not only kill running anti-virus software on infected machines, they also reconfigure the host to make it more difficult to download patches and anti-virus software updates. So once you have it, getting rid of it can be beyond the capabilities of the “normal” user.

The risk of your particular computer being infected is the smaller part of the problem, and is something that basic computer health practices can reduce to virtually nil. The real problem is all the millions of *other* users out there who don’t know enough or simply don’t care. Conficker is still out there on several million machines, quietly waiting for instructions to do… something. No one knows exactly what. Even once it is activated, I’m pretty confident that the world won’t come to an end, business will still continue to be conducted on the Internet, websites will still be reachable (although some might not be). And willfully ignorant or naive users will continue to think that patching their machines once a year is “good enough”, and up to date anti-virus software is “too expensive”. The hidden cost of the disruptions, however, will be in the tens of millions of dollars.

4 comments to Conficker worm fizzles… for now

  • Judy

    if i click on the Recent Books section(on the rt side of the page) will it just give me a synopsis of the book? don’t like to click on anything these days without clearing it with someone who knows

  • Hi, Judy!

    Those links to “Recent Books” are safe: since I actually run this site, I make a reasonable effort to insure that everything that appears here is reasonably safe. The links will take you to a page here on my site regarding the book which *might* have my review of the book. However, since I haven’t written many reviews, probably it will just show a picture of the cover 🙂 Here is one of the rare ones where I actually wrote a review: The Sharing Knife. There is a link from there that will take you to the Amazon books page for that book, which usually has a synopsis and reviews.

    Most of what I read is “fluff”: fantasy or science fiction, usually with fairly easy to get into stories. A warning that several of the recent books I’ve read are actually fantasy/”erotica” by Laurell Hamilton. Elves, vampires, and werewolves having sex, sort of mixed in with a detective/mystery story. I got into her books a couple of years ago and they are sort of like popcorn.

    The Garrett, PI series by Glen Cook is fun: imagine a Mike Hammer type detective story set in a fantasy world with trolls and dwarves. Glen Cook is a very good writer, in my opinion, and if you like his Garrett, PI series and want something more serious you could check out his Black Company books.

  • Did he ever finish the “Black Company” series? I seem to remember him getting them to a point where they had to go into the south / swamp and face the dark queen or some such ( it’s been close to 20 years, ) and then … nothing. After about 8 years I quit waiting for any follow up books to come out.

  • Well, the last Black Company book was written in 2000, so I’m pretty sure you’ve missed a few. Here’s the list=> http://www.glencook.org/index.php/Main_Page#The_Black_Company

    I don’t recall which book was the last that I read: I think I’m pretty far behind myself. I got into the Garrett series and sort of forgot Black Company until recently: I will have to go back probably to the Books of the South at least, even though I’m pretty sure I read them.

Leave a Reply

%d bloggers like this: