# Microsoft considering making their own virusesâ€¦



## ADF (Feb 15, 2008)

Linky

Friendly viruses, so instead of â€˜forcing youâ€™ into Windows Update you will be hunted down and â€˜infectedâ€™ with the update without your consent.

Oh happy daysâ€¦

And what is to stop someone grabbing one of these things and learning how to better break into Windows based systems?


----------



## Ceceil Felias (Feb 16, 2008)

Well, I'd suspect that by the time you find it and look into it, the 'worm' has already infected most of the available targets and the available exploit is already useless. You'd have better luck learning something, if at a much higher risk, catching the worm itself. It'd be a nasty script kiddie prank, though.

I am worried regardless, though -- wouldn't the propogation require 'infected' computers and therefore become detrimental to performance? We've already had enough issues with Vista being a performance hog alone -- if Windows updates started acting in this manner as well, a vulnerable computer would rapidly become nothing more than a space heater and/or propogation for either 'friendly' or malicious worms, whichever got to it first.

Though, if they did take care of that potential performance hit, I suppose it would be a way to get those unpatched and vulnerable systems run by idiots out of the way. :F Systems that have other defenses would block Microsoft's 'worm' as well. However, going back to the first paragraph, unpatched machines with outside defenses could still be hit by a reverse-engineered worm via physical access, thus opening another venue for intranet attacks by so readily providing the baseline code at no risk.

So all in all, yeah. WTF.

I am wondering if there's any source other than that, though.


----------



## E-mannor (Feb 16, 2008)

i am glad mac's wont have these problems.

but seriously if they go through with that i have a feeling there are going to be a whole hell of allot of law suits.


----------



## Ron Overdrive (Feb 16, 2008)

Chalk up another reason why I hate microsoft and have abandoned windows for linux. Next thing you know the RIAA/MPAA will hop on board this list and start unleashing viruses that either remove non-drm media or infect them with it curtsy of M$.


----------



## Ceceil Felias (Feb 16, 2008)

E-mannor said:
			
		

> i am glad mac's wont have these problems.
> 
> but seriously if they go through with that i have a feeling there are going to be a whole hell of allot of law suits.


Yeah, they just have to deal with an update system that seems to have dick-all for error checking. Watched an eMac panic on init because of it.


----------



## Calorath (Feb 16, 2008)

It doesn't say 'AP' by the article, I doubt it's validity.

Regardless, the legal ramifications for arbitrarily distributing a self replicating self distributing program without the user's consent would be rather hefty I'm sure. Odds are if MS is truly researching such a development, it would be on a volunteer based system, much like how their 'SpyNet' system works in windows defender.

I do think it's a rather interesting approach to combat vulnerabilities that are discovered and exploited, as I've found the biggest culprit of poor windows performance is a poorly informed, or inept user.

Windows Update is your friend.


----------



## Rhainor (Feb 16, 2008)

Yet another thread where ADF complains about something computer-related.

My BS detector pinged on the article you linked, BTW, partly because they do not link to or cite any sources.


----------



## Xenofur (Feb 16, 2008)

probably not bullshit, source link: http://technology.newscientist.com/channel/tech/dn13318-friendly-worms-could-spread-software-fixes.html

also, to those complaining: stuff it.

EITHER your computer is up to snuff via windows update, thus secure and untargetable by the worm OR your computer is not fully patched and you're the kind of retard that necessitate such measures.


----------



## ADF (Feb 16, 2008)

Rhainor said:
			
		

> Yet another thread where ADF complains about something computer-related.



I'm a tech nerd doing a computing course so these sort of things attract my attention, sue me. I suppose a drama thread would be more to peopleâ€™s tastes judging the sheer number of responses to current ones have


----------



## Rostam The Grey (Feb 16, 2008)

From what I understand, this is being developed for businesses to distribute things on a network or multiple network system. It's a smart concept to save bandwidth and to spread the stress out some. But I wonder how they will lock this down so only approved 'worms' can do it....  Some kind of fee based Windows registration sounds like the ticket.


----------



## Calorath (Feb 16, 2008)

Rostam The Grey said:
			
		

> From what I understand, this is being developed for businesses to distribute things on a network or multiple network system. It's a smart concept to save bandwidth and to spread the stress out some. But I wonder how they will lock this down so only approved 'worms' can do it....  Some kind of fee based Windows registration sounds like the ticket.



Such a feature already exists, and it's free.
http://technet.microsoft.com/en-us/wsus/default.aspx


----------



## Janglur (Feb 16, 2008)

Welp guys, time to start learning Linux.


----------



## Calorath (Feb 16, 2008)

Janglur said:
			
		

> Welp guys, time to start learning Linux.



That would be about as productive and necessarry as giving a blind man reading glasses.


----------



## Paul Revere (Feb 16, 2008)

WHAT IN THE FUCK?!

FUCKFUCKFUCKFUCKFUCKUFCKUFKCUFKCUFKUFKUCFKUCFKUCFKU

Next thing you know, they'll be selling your "unused processor time" to anyone who needs the world's fastest supercomputer...


----------



## Coffee (Feb 16, 2008)

Well, I suppose it's only a matter of time from here before Gates takes over the entire world. Good lord, the consent issues /alone/ in this thing is enough to make you puke.


----------



## Calorath (Feb 16, 2008)

Coffee said:
			
		

> Well, I suppose it's only a matter of time from here before Gates takes over the entire world. Good lord, the consent issues /alone/ in this thing is enough to make you puke.



By the middle of this year, Bill Gates will have retired.


----------



## Rostam The Grey (Feb 17, 2008)

Calorath said:
			
		

> Such a feature already exists, and it's free.
> http://technet.microsoft.com/en-us/wsus/default.aspx



The point is to save bandwidth though and reduce server costs. The 'worm' would only require a single user PC on the network to be 'infected' to update all the PCs on that network. So rather than a single *server* in the US sending updates to all the PCs and Servers located all over the world, you have a single *PC* sending updates to all PCs and Servers located all over the world with a minimal amount of bandwidth used. Once a machine in the UK is 'infected', it 'infects' all the other local machines. Same for every other network.


----------



## Tycho (Feb 17, 2008)

Yay, panic and confusion, combined with flawed assumptions and conspiracy theory.

Sheesh.


----------



## Calorath (Feb 17, 2008)

Rostam The Grey said:
			
		

> Calorath said:
> 
> 
> 
> ...



The nature of WSUS is that it runs on a server within a corporate network, it downloads all the updates from Microsoft's site and distributes it to the entire network. An administrator can see the machines that were updated, and using it and other tools like GPO's it's easy to ensure client machines are updated and secure. Bandwidth would be saved.

Though you would know that if you actually _read_ from the link I supplied.  Of course WSUS requires a server, so it doesn't work in a peer to peer environment, but then... oh well.


----------



## Rostam The Grey (Feb 17, 2008)

Calorath said:
			
		

> The nature of WSUS is that it runs on a server within a corporate network, it downloads all the updates from Microsoft's site and distributes it to the entire network. An administrator can see the machines that were updated, and using it and other tools like GPO's it's easy to ensure client machines are updated and secure. Bandwidth would be saved.
> 
> Though you would know that if you actually _read_ from the link I supplied.  Of course WSUS requires a server, so it doesn't work in a peer to peer environment, but then... oh well.



Exactly, so you have to have a Server to run WSUS from and Bandwidth is not saved when you distribute it to other networks in the company such as overseas... If you had actually read what I was saying, you would know this. I work for a company that uses WSUS at the moment. We have several branches overseas. So our options are either buy a server for each branch or use a single server here to distribute it. It would be a lot more cost effective if a single machine could distribute everything for the entire company.


----------



## nrr (Feb 17, 2008)

ADF said:
			
		

> I'm a tech nerd doing a computing course so these sort of things attract my attention, sue me.


In other words, you're one of those retards who thinks computer science is about computers.



			
				Janglur said:
			
		

> Welp guys, time to start learning Linux.


lol, linux



			
				Calorath said:
			
		

> By the middle of this year, Bill Gates will have retired.


Bill Gates is a smarty man.


----------



## Calorath (Feb 17, 2008)

Rostam The Grey said:
			
		

> Exactly, so you have to have a Server to run WSUS from and Bandwidth is not saved when you distribute it to other networks in the company such as overseas... If you had actually read what I was saying, you would know this. I work for a company that uses WSUS at the moment. We have several branches overseas. So our options are either buy a server for each branch or use a single server here to distribute it. It would be a lot more cost effective if a single machine could distribute everything for the entire company.



I believe that active directory will replicate WSUS update files within the domain to the various DC's. And while that alone is a significant amount of bandwidth, it still is the best solution compared to individual PC updates (which I understand that's your only option currently?). 

Looking at it from a business perspective, if you're generating enough revenue to justify branch offices, then you're generating enough revenue to justify DC's ($10k is nothing to even a small business) for each branch, including the bandwidth between it and the main office. In fact, it's idiotic to not do such a thing, as even a day of downtime (broken link between branch and main office, for whatever reason) could result in a significant amount of revenue and productivity loss.

I fully understand that most companies do not have the funds to establish a server like that at branch offices, etc etc, it's frustrating, but then... thats why I'm not in the IT field.


----------



## ADF (Feb 17, 2008)

nrr said:
			
		

> In other words, you're one of those retards who thinks computer science is about computers.


Kindly keep comments like that to yourself, you made an assumption there and insulted me based on it.

No need, no need at all.


----------



## Rostam The Grey (Feb 17, 2008)

Calorath said:
			
		

> I believe that active directory will replicate WSUS update files within the domain to the various DC's. And while that alone is a significant amount of bandwidth, it still is the best solution compared to individual PC updates (which I understand that's your only option currently?).
> 
> Looking at it from a business perspective, if you're generating enough revenue to justify branch offices, then you're generating enough revenue to justify DC's ($10k is nothing to even a small business) for each branch, including the bandwidth between it and the main office. In fact, it's idiotic to not do such a thing, as even a day of downtime (broken link between branch and main office, for whatever reason) could result in a significant amount of revenue and productivity loss.
> 
> I fully understand that most companies do not have the funds to establish a server like that at branch offices, etc etc, it's frustrating, but then... thats why I'm not in the IT field.



Yes, you can justify paying for a server at each location. But why pay 50K every 2 years for new servers at 5 branches when you can do it with a different method for free? And the 'worm' doesn't care about uptime. Load it from any machine and it will spread over the entire network. I'm not saying use a single WSUS server, I'm saying the 'worm' is an excellent solution. The only problem I see is the security issue. How do you keep someone else from using the 'worm' to install something malicious.


----------



## nrr (Feb 18, 2008)

ADF said:
			
		

> Kindly keep comments like that to yourself, you made an assumption there and insulted me based on it.


I only have two things to state about this one.

For one, I make assumptions as a mathematician in training in order to prove things.  Without assumptions, I have no basis.  (For what it's worth, if you look at the connectives directly, my proof holds that my claim is true.  Go figure.)

Moreover, as far as insults go, this is nothing.  I'm calling you a slow individual, which is a statement that is neither insulting nor particularly demeaning.  Id est, it is a statement of fact as noted by the contextual clues.

Can you not handle the truth?


----------



## Pi (Feb 18, 2008)

E-mannor said:
			
		

> i am glad mac's wont have these problems.



Right, Macs will instead have problems where the kernel is vulnerable to shellcode injection by wireless and Apple will ignore the problem.


----------



## kitetsu (Feb 18, 2008)

Is there even anyone competent enough in this world to be able to write software 10 times the durability of MS and Mac? Fucking hell...


----------



## ADF (Feb 18, 2008)

nrr said:
			
		

> Can you not handle the truth?


I am not going to have a debate on this is an unrelated thread, troll elsewhere.


----------



## Calorath (Feb 18, 2008)

Rostam The Grey said:
			
		

> Yes, you can justify paying for a server at each location. But why pay 50K every 2 years for new servers at 5 branches when you can do it with a different method for free? And the 'worm' doesn't care about uptime. Load it from any machine and it will spread over the entire network. I'm not saying use a single WSUS server, I'm saying the 'worm' is an excellent solution. The only problem I see is the security issue. How do you keep someone else from using the 'worm' to install something malicious.



Yeah, I know there are other (less costly) 'solutions' for branch offices and scenarios like them, but, in the long run, it tends to cost a lot more overhead (time, and money) to maintain. But then that's the reason why I'm not in the IT field. Companies don't treat computers like a valuable tool, they don't always see it as a necessity like a vehicle fleet, or tools, or whatever. I can appreciate a business owner wishing to keep costs down, but most of them amount to 'cheap greedy bastards' and I refuse to work in that environment. 

When I /do/ end up doing IT work for someone. (I tend to set up domains for small companies on occasion.) It's all said up front. A server will cost at least $10k, and I'm $150/hr. You do it all *my* way, or you find someone else. The ones who do agree, end up very happy, with what amounts to very little maintenance on their Domains.


----------



## net-cat (Feb 18, 2008)

I, for one, would love to have a way to distribute updates over a local network without having to run all the computers on a domain with WSUS. I work at a computer repair shop and we do several Windows installs per day. Even if we _could_ convince all of our cheap-ass, $400-computer buying customers to go with XP Pro or Vista Business, they'd take issue if we signed their computer onto a domain. (That and there's no way we could afford the licensing required to put that many computers onto a domain.)

However, in my experience, Microsoft tries their damndest to not let that happen. (Silently makes changes to update files, uses just about every no-cache proxy directive known to man, shuts down utilities like Autopatcher...)


----------



## Calorath (Feb 18, 2008)

net-cat said:
			
		

> I, for one, would love to have a way to distribute updates over a local network without having to run all the computers on a domain with WSUS. I work at a computer repair shop and we do several Windows installs per day. Even if we _could_ convince all of our cheap-ass, $400-computer buying customers to go with XP Pro or Vista Business, they'd take issue if we signed their computer onto a domain. (That and there's no way we could afford the licensing required to put that many computers onto a domain.)
> 
> However, in my experience, Microsoft tries their damndest to not let that happen. (Silently makes changes to update files, uses just about every no-cache proxy directive known to man, shuts down utilities like Autopatcher...)



I think those precautions are intentional, to ensure that updates come only from either a MS server or an authorized WSUS server within a domain. Which honestly I -like- that feature. It makes it harder for a malicious user to abuse the update process. While I understand that from a end user perspective, the overhead in bandwidth may be excessive, Technically that isn't MS's problem though. Though, this 'worm' idea may prove to be a solution to it, perhaps.


----------



## net-cat (Feb 18, 2008)

I see the security concerns. And really, I don't mind having to click a "This site is not an authorized update provider. Continue anyway?" prompt. The time saved by being able to download hundreds of megs of updates from a server on a 100 Mbps LAN instead of 1.5 Mbps DSL is... incomparable.

Besides. Isn't that how Microsoft thinks security is supposed to work anyway?


----------



## Brooklyn (Feb 18, 2008)

Paul Revere said:
			
		

> Next thing you know, they'll be selling your "unused processor time" to anyone who needs the world's fastest supercomputer...



People already do that. It's called Folding@Home, SETI@Home, etc.


----------



## Calorath (Feb 18, 2008)

net-cat said:
			
		

> I see the security concerns. And really, I don't mind having to click a "This site is not an authorized update provider. Continue anyway?" prompt. The time saved by being able to download hundreds of megs of updates from a server on a 100 Mbps LAN instead of 1.5 Mbps DSL is... incomparable.
> 
> Besides. Isn't that how Microsoft thinks security is supposed to work anyway?



That would be a rather nice feature, I agree. I think though, the necessity of such a thing is rare in the grand scope of things.

 MS is actually really good with security and design. The biggest problem with MS security is the uses running it. They just don't know how to do it. I've seen so many paper certified IT guys that just don't have a freaking clue on how to set up the software/os/whatever properly. I've had the (dis)pleasure of working on some domains that were just abortions. 

Anywho, I think this 'worm' thing may turn into an interesting development. I'm probably one of the few people who will admit to liking MS's products, while in the past they may have been hasty in their releases, lately, they're much better about it. Though, that is not to say they're perfect, but then who is?


----------



## Pi (Feb 18, 2008)

ADF said:
			
		

> nrr said:
> 
> 
> 
> ...



PRO TIP: Someone saying something that you don't like is NOT trolling.


----------



## net-cat (Feb 18, 2008)

Calorath said:
			
		

> That would be a rather nice feature, I agree. I think though, the necessity of such a thing is rare in the grand scope of things.


Indeed.



			
				Calorath said:
			
		

> MS is actually really good with security and design. The biggest problem with MS security is the uses running it. They just don't know how to do it. I've seen so many paper certified IT guys that just don't have a freaking clue on how to set up the software/os/whatever properly. I've had the (dis)pleasure of working on some domains that were just abortions.


Eh. The quip about security was mainly a potshot at IE6SP2 and IE7, where the default security settings are a mix of "overbearing," "pointless," and "WHY IS THAT EVEN POSSIBLE?!"

In terms of Windows itself, however, yeah. It's like any other system. (Mac, Linux.) It's only as secure as the people running it are competent.



			
				Calorath said:
			
		

> Anywho, I think this 'worm' thing may turn into an interesting development. I'm probably one of the few people who will admit to liking MS's products, while in the past they may have been hasty in their releases, lately, they're much better about it. Though, that is not to say they're perfect, but then who is?


I would also like to see how it plays out. I imagine some sort of peer-to-peer distribution followed by checking some sort of hash with Microsoft servers so malware doesn't slip in.

As for me, I don't prefer Microsoft products over others. It's a matter of finding the best tool for the job at a price you're willing to pay. Sometimes it's Microsoft, sometimes it's not.


----------



## codewolf (Feb 18, 2008)

nrr....you may be a good with computers, but you seem to lack the ability to post without taking a thread off topic from what i have seen, so heres a reminder for you, please keep the thread on topic and not take it off track and start discussing whether so-and-so is a retard/slow/idiot...etc.


----------



## nrr (Feb 18, 2008)

codewolf said:
			
		

> nrr....you may be a good with computers, but you seem to lack the ability to post without taking a thread off topic from what i have seen, so heres a reminder for you, please keep the thread on topic and not take it off track and start discussing whether so-and-so is a retard/slow/idiot...etc.


I reserve my right as a denizen of the series of tubes that we lovingly call the internets to derail a thread for the amusement of myself and others, much like you reserve your right to abuse written English and warn me using run-ons and improper grammar, amongst other things.

It's a fact of life, and I'm not really one to coat things in copious amounts of sugar in discussion in meatspace either.  (Though, I am known to have some tea with my sugar...)

Now, on a more serious note, if Microsoft were to develop their own "counter-viruses," it would certainly be a cold day in hell.  This smells more like a research project from the description of the article that this thread bears.

... and, behold, upon reading the article, it's coming out of Microsoft Research.  *I wouldn't ever expect this to become production-ready.*  MSR is part of Microsoft, yes, but very little code developed there (in MLOC, not projects) ever makes its way into production verbatim compared to the development going on within corporate proper.


----------



## yak (Feb 18, 2008)

It's better to know something and keep quiet about it, then opening one's mouth and being a dick.


----------



## net-cat (Feb 18, 2008)

Microsoft Research? Seriously? *goes and double checks* I'll be damned.

Wake me up in a decade or two...


----------



## nrr (Feb 18, 2008)

net-cat said:
			
		

> Microsoft Research? Seriously? *goes and double checks* I'll be damned.
> 
> Wake me up in a decade or two...


:lol:


----------



## Calorath (Feb 18, 2008)

nrr said:
			
		

> :lol:


----------



## Zaibatsu (Feb 19, 2008)

sounds like the general nonsense they would come up with.


----------



## codewolf (Feb 19, 2008)

nrr said:
			
		

> I reserve my right as a denizen of the series of tubes that we lovingly call the internets to derail a thread for the amusement of myself and others



in which case i reserve my right as a moderator on these forums to ask you politely to not derail this thread 8)


----------



## Calorath (Feb 19, 2008)

codewolf said:
			
		

> nrr said:
> 
> 
> 
> ...



Being the self proclaimed Microsoft expert that I am, I'm laying claim on this thread. I feel that I'm the one who really had the necessary experience with MS products to ensure that this thread remains on course. And since I like nrr, he can insult anyone incapable of forming decent sentence structure as he sees fit.


----------



## nrr (Feb 19, 2008)

codewolf said:
			
		

> in which case i reserve my right as a moderator on these forums to ask you politely to not derail this thread 8)


I'm sorry, Dave, but I can't do that.


----------



## yak (Feb 19, 2008)

Oh alright, the train stops here then. 

Thread closed  due to wiseassery.


----------

