Sunday, April 25, 2010

Crippling Macafee Virus Stops XP Users Dead In Their Tracks - Dark Reading

Well, this is something I was warned about as a real possibility of happening a year or so ago. While I cannot say for certain this was intentional this is exactly the kind of thing some in the know out there said was likely to happen sooner or later.

I will say this, there are some really powerful forces out there who are doing what they can to kill XP. I think I told you that in some nations, it is illegal to put XP onto servers so people can use it, those violently repressive nations want you to use Vista or 7. Putting XP on those servers carries the death penalty. Why? Folks XP is a pretty rock solid operating system and has very little government spying capabilities built in. It was built before certain things happened over at Microsoft.

So now the key for these forces is how to destroy the OS. I am not saying this was such an attempt. I am saying that such attempts will be made. In fact, one major PC manufactuerer received a large quantity of OS discs that were, shall we say 'doctored'. When someone in authority got wind of this, certain individuals directly involved 'disappeared' before they could be arrested and questioned.

Why am I telling you this, just to show off? Nope. I usually do not like telling folks these things because it goes in one ear and out the other and they go happily on their way doing exactly what they were doing before you told them.

I have an older XP box that I use often, yes I do have a Vista box but I have 'fixed' may of the problems/things I don't like and yes... I also use Ubuntu quite a bit. My ancient box (Dell insprion 6000 bought in mid 2005) has XP-SP3 on it. But if you notice in SP3, Windows Update will always show up in your traffic logs even if you turn automatic updates off. While I will not tell you what you should do, my computers only talk to update servers when I allow them to, both Windows and Linux. That includes my antivirus, Windows update, Office software, Ubuntu update... you name it. Why? because of things like this. You cannot trust these large conglomerate because some of them are hooked in with organized crime and intelligence agencies... and yes, that includes the ones YOU use.

What if somebody wanted to shut down 90% of the worlds computers? Who do you think they would try and subvert using 'update servers' or using corrupt DNS entries in order to redirect traffic to criminals who operate illegal/criminal servers prepared to deliver millions of viruses, rootkits and other malware to the unsuspecting using periodic non-user prompted 'updates'?

But there are still plenty of unanswered questions about the error -- what exactly went wrong in McAfee's quality assurance testing process, why McAfee wasn't testing sufficiently for the pervasive XP SP3 configuration, and what happens to XP SP3 machines that haven't yet been affected by the bad update, but could be later.

"It could have been anything from sabotage to just carelessness," says security expert Lucas Lundgren. "What scares me a little is haven't they tried this in a test environment before launching? And if they did, they have a serious problem on how they test their products."

Amrit Williams, CTO at BigFix and the former director of engineering at McAfee who helped develop the AV company's DAT testing process, says the incident is a major failure of McAfee's internal quality control process. "It's completely unacceptable," Williams says. "The fact that this got through indicates it was either malicious or negligent." - Dark Reading

Like I said, you may do what you want. My XP box is up and running fine... no problems. Why? I don't trust anyone to update my computer without my express permission on each and every instance. Today, fewer and fewer software makers are allowing people that option. They poll update servers without your permission and make it nearly impossible to stop them from doing so.

So what happened to all of the poor suckers who trusted 'update servers' on their XP boxes?

"...their Windows XP SP3 machines (suffer) from crashes or repeated reboots..."

Word to the wise. In the world of software, 'trust is the occupation of fools and its wages are identity theft'.


Post a Comment

<< Home