DOCSLIB.ORG

The Most Popular Viruses of All Times

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Most Popular Viruses of All Times The Most Popular Viruses Of All Times Learn All About The Most Popular Viruses of All Time The Coding Eagle The Most Popular Viruses Of All Times Learn All About The Most Popular Viruses of All Time The Coding Eagle This book is for sale at http://leanpub.com/mostpopularviruses This version was published on 2015-03-21 This is a Leanpub book. Leanpub empowers authors and publishers with the Lean Publishing process. Lean Publishing is the act of publishing an in-progress ebook using lightweight tools and many iterations to get reader feedback, pivot until you have the right book and build traction once you do. ©2015 The Coding Eagle Tweet This Book! Please help The Coding Eagle by spreading the word about this book on Twitter! The suggested hashtag for this book is #Viruses. Find out what other people are saying about the book by clicking on this link to search for this hashtag on Twitter: https://twitter.com/search?q=#Viruses Contents Chapter One ............................................ 1 Introduction ........................................... 1 Viruses Covered in This Book ................................. 1 Chapter 2: Terms .......................................... 2 Worms .............................................. 2 Trojans .............................................. 2 Denial of Service Attack (DDoS) ................................ 2 Botnets .............................................. 2 Popular Windows Security Holes ................................ 3 Chapter 3: MyDoom ........................................ 4 Introduction ........................................... 4 How it Worked ......................................... 4 Once infected… ......................................... 5 Damages ............................................. 5 The End ............................................. 6 Chapter 4: Sobig.F ......................................... 7 Introduction ........................................... 7 How it Worked ......................................... 7 Once Infected.. ......................................... 8 Damages ............................................. 9 The End ............................................. 9 Chapter 5: ILOVEYOU ...................................... 10 Introduction ........................................... 10 How it Worked ......................................... 10 Once Infected… ......................................... 11 Damages ............................................. 11 The End ............................................. 12 Chapter One Introduction This is my first book at Leanpub, and I wanted to make it free so that I can see how many people would download it. Please also tell me how much you would have paid for this book (though you don’t have to!) Email any questions or comments to me at [email protected]¹. Anyway, this book will be about computer viruses, because I just love it when one completely destroys my computer :-). Computer viruses may seem boring and useless, but it’s not. It’s actually really interesting, and I wanted to show you what they are and how they work in the most efficient manner possible. Viruses Covered in This Book Currently, the viruses covered in this book are: • MyDoom This list is not complete. I will be adding more and more viruses to this book as I find them. To fully understand this book, it’s best if you first get familiar with virus concepts. If you already know about worms, trojans, and how viruses work, you can skip ahead and start reading. ¹mailto:[email protected] Chapter 2: Terms Worms Worms are earthly creatures that crawl under the ground and are not dangerous… yeah yeah. When you’re talking about viruses, worms are actually quite dangerous. Worms are viruses that replicate itself many times to spread to other computers. While worms itself doesn’t do any damage, it can carry malicious code that does. Worms typically spread via email attachments, so step one to not getting infected is don’t open up email attachments. Trojans History lesson! OK. Take it back. I hate history lessons. Basically, as in every war, one side tries to kill another. However, one of the sides is extremely smart. It fakes a surrender, and sends a giant wooden horse, called a trojan, into the enemy territory as a gift. As you know, there are warriors hidden inside the horse and they come out and conquer the enemy. Hooray! Wait. What does this have to do with viruses? Well, a Trojan is simply a fancy name for a program that pretends to be something else. Let’s say I created a virus. I want to hide it. So I name it windowsantivirus.exe. The user sees this, but thinks, Yay! Windows gave me a free antivirus! And the user doesn’t delete it. Well, that’s a trojan. Denial of Service Attack (DDoS) This is quick: A denial of service means an attack that is meant to stop a service, like a email client or server. If I had five thousand computers located around the globe, what if I suddenly all directed them to Google? OK, bad example. Say I had one million computers. Suddenly, I command all of them to open up a web browser, and open one tab every second that points to a small website, like leanpub². Because leanpub cannot filter out every single computer as a spamming computer, its server crashes. Now nobody can access it. Botnets In DDoS, I mentioned that I was able to command one million computers around the globe that weren’t mine. This is called a botnet. A botnet consists of many computers that the hacker has access to, called bots. ²http://leanpub.com Chapter 2: Terms 3 Popular Windows Security Holes Although this isn’t a term, I just wanted to mention it because it’s so hilarious. • Outlook’s contact book is frequently used to spread email viruses. • Every time Windows boots up, it executes every single file in a specific folder, and in administrator level, which basically lets the virus do whatever it wants to your computer. And you know what? It’s super easy to put your own malicious file inside the folder. • Windows hides file extensions, letting the virus hide its .exe or .pif or whatever, basically concealing its virus properties. • Windows registry is basically a jackpot of commands that Windows will run. You can specify to run this command whenever the user does this, like run destroy_this_computer.exe whenever the user presses space. And Windows even gave an easy way to do this. In fact, this was supposed to be a feature that Windows applications could use, meaning that viruses could use this feature to destroy the computer. These terms are not complete, so don’t think you are a virus expert yet. However, it’s a start. Chapter 3: MyDoom Introduction Finally! We get to start talking about viruses! Anyway, here are some stats, just to let you know: • Infected Computers: 2 Million • Damages: Over $38 Billion • Type: Worm + DDoS • How it Spread: Email • Date: January 26, 2004 • Creator: In Hiding • Origin: Russia • Language: C++ • Platform(s): MS Windows • File Type(s): cmd, exe, pif, scr, zip • End Date: Feb 12, 2004 (MyDoom.A) and March 1, 2004 (MyDoom.B) Yeah. Pretty bad. But not that bad, considering we’re talking about computer viruses. How it Worked This virus would go to the victim’s inbox as a email, with these subject lines: • test • hi • hello • Mail Delivery System • Mail Transaction Failed • Server Report • Status • Error And just like any other virus, it’s stupid. Anybody would be smart enough to know not to open a email titled “hi.” And they would definitely not open up the attachment. Well, they did, anyway. Some of the message bodies included: Chapter 3: MyDoom 5 • Mail transaction failed. Partial message is available. • The message contains Unicode characters and has been sent as a binary attachment. • The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. Again, this virus can be easily avoided if people would use their common sense. But they didn’t. And that wasn’t their fault; This virus only targeted Windows, and everybody knows why: Windows is just too insecure. It hid the file extension. If I create a file named homework.txt, it would show up on my computer as homework. So, what if I created a file called virus.txt.exe? It would appear as a harmless virus.txt file. This is how viruses work. Unknowing victims only see the harmless txt file extension, and they open the file. Once opened, Windows actually executes the file, and boom! Your computer is infected. Once infected… Once your computer is infected, the virus did a number of things, but first it sent itself to everybody on your contact book. It would quickly scan through all your contacts, and send a replica of itself to one of your contacts. It is capable of sending 100 emails in 30 seconds. It’s very smart; it is designed so that it doesn’t send itself to Google or any other system that can detect it as a virus. It also fakes the sender so that it seems that somebody else is sending the virus. Some people also claim that it drops an infected file onto your computer to steal all your passwords. Finally, as if it hadn’t done enough harm, it opened up all the ports on your computer, or allowed the hacker full control over your computer. Damages MyDoom used its large botnet to attack SCO and Microsoft. Both SCO and Microsoft both promised to give large sums of money to anybody who revealed the creator of the virus. MyDoom was also held responsible for one out of every 41 emails sent. At one point, it was responsible one in every twelve emails, breaking Sobig’s record of one in every 21. More on Sobig later. This caused giant internet traffic jams, and whole websites were forced to move in order to not be attacked. Email servers were also down for quite some time. Not just that, but once a variant of MyDoom actually dared to attack Google, AltaVista and Lycos, and you know what? It succeeded! Google was brought down for the majority of the day, and AltaVista and Lycos were noticeably slower than usual. Chapter 3: MyDoom 6 The End Well, all this fun had to end someday.
Load more

Recommended publications
  • A the Hacker
    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
    [Show full text]
  • Flow-Level Traffic Analysis of the Blaster and Sobig Worm Outbreaks in an Internet Backbone
    Flow-Level Traffic Analysis of the Blaster and Sobig Worm Outbreaks in an Internet Backbone Thomas Dübendorfer, Arno Wagner, Theus Hossmann, Bernhard Plattner ETH Zurich, Switzerland [email protected] DIMVA 2005, Wien, Austria Agenda 1) Introduction 2) Flow-Level Backbone Traffic 3) Network Worm Blaster.A 4) E-Mail Worm Sobig.F 5) Conclusions and Outlook © T. Dübendorfer (2005), TIK/CSG, ETH Zurich -2- 1) Introduction Authors Prof. Dr. Bernhard Plattner Professor, ETH Zurich (since 1988) Head of the Communication Systems Group at the Computer Engineering and Networks Laboratory TIK Prorector of education at ETH Zurich (since 2005) Thomas Dübendorfer Dipl. Informatik-Ing., ETH Zurich, Switzerland (2001) ISC2 CISSP (Certified Information System Security Professional) (2003) PhD student at TIK, ETH Zurich (since 2001) Network security research in the context of the DDoSVax project at ETH Further authors: Arno Wagner, Theus Hossmann © T. Dübendorfer (2005), TIK/CSG, ETH Zurich -3- 1) Introduction Worm Analysis Why analyse Internet worms? • basis for research and development of: • worm detection methods • effective countermeasures • understand network impact of worms Wasn‘t this already done by anti-virus software vendors? • Anti-virus software works with host-centric signatures Research method used 1. Execute worm code in an Internet-like testbed and observe infections 2. Measure packet-level traffic and determine network-centric worm signatures on flow-level 3. Extensive analysis of flow-level traffic of the actual worm outbreaks captured in a Swiss backbone © T. Dübendorfer (2005), TIK/CSG, ETH Zurich -4- 1) Introduction Related Work Internet backbone worm analyses: • Many theoretical worm spreading models and simulations exist (e.g.
    [Show full text]
  • Computer Security CS 426 Lecture 15
    Computer Security CS 426 Lecture 15 Malwares CS426 Fall 2010/Lecture 15 1 Trapdoor • SttitittSecret entry point into a system – Specific user identifier or password that circumvents normal security procedures. • Commonlyyy used by developers – Could be included in a compiler. CS426 Fall 2010/Lecture 15 2 Logic Bomb • Embedded in legitimate programs • Activated when specified conditions met – E.g., presence/absence of some file; Particular date/time or particular user • When triggered, typically damages system – Modify/delete files/disks CS426 Fall 2010/Lecture 15 3 Examppgle of Logic Bomb • In 1982 , the Trans-Siber ian Pipe line inc iden t occurred. A KGB operative was to steal the plans fhititdtltditfor a sophisticated control system and its software from a Canadian firm, for use on their Siberi an pi peli ne. The CIA was tippe d o ff by documents in the Farewell Dossier and had the company itlibbithinsert a logic bomb in the program for sabotage purposes. This eventually resulted in "the most monu mental non-nu clear ex plosion and fire ever seen from space“. CS426 Fall 2010/Lecture 15 4 Trojan Horse • Program with an overt Example: Attacker: (expected) and covert effect Place the following file cp /bin/sh /tmp/.xxsh – Appears normal/expected chmod u+s,o+x /tmp/.xxsh – Covert effect violates security policy rm ./ls • User tricked into executing ls $* Trojan horse as /homes/victim/ls – Expects (and sees) overt behavior – Covert effect performed with • Victim user’s authorization ls CS426 Fall 2010/Lecture 15 5 Virus • Self-replicating
    [Show full text]
  • Computer Viruses, in Order to Detect Them
    Behaviour-based Virus Analysis and Detection PhD Thesis Sulaiman Amro Al amro This thesis is submitted in partial fulfilment of the requirements for the degree of Doctor of Philosophy Software Technology Research Laboratory Faculty of Technology De Montfort University May 2013 DEDICATION To my beloved parents This thesis is dedicated to my Father who has been my supportive, motivated, inspired guide throughout my life, and who has spent every minute of his life teaching and guiding me and my brothers and sisters how to live and be successful. To my Mother for her support and endless love, daily prayers, and for her encouragement and everything she has sacrificed for us. To my Sisters and Brothers for their support, prayers and encouragements throughout my entire life. To my beloved Family, My Wife for her support and patience throughout my PhD, and my little boy Amro who has changed my life and relieves my tiredness and stress every single day. I | P a g e ABSTRACT Every day, the growing number of viruses causes major damage to computer systems, which many antivirus products have been developed to protect. Regrettably, existing antivirus products do not provide a full solution to the problems associated with viruses. One of the main reasons for this is that these products typically use signature-based detection, so that the rapid growth in the number of viruses means that many signatures have to be added to their signature databases each day. These signatures then have to be stored in the computer system, where they consume increasing memory space. Moreover, the large database will also affect the speed of searching for signatures, and, hence, affect the performance of the system.
    [Show full text]
  • Chapter 3: Viruses, Worms, and Blended Threats
    Chapter 3 Chapter 3: Viruses, Worms, and Blended Threats.........................................................................46 Evolution of Viruses and Countermeasures...................................................................................46 The Early Days of Viruses.................................................................................................47 Beyond Annoyance: The Proliferation of Destructive Viruses .........................................48 Wiping Out Hard Drives—CIH Virus ...................................................................48 Virus Programming for the Masses 1: Macro Viruses...........................................48 Virus Programming for the Masses 2: Virus Generators.......................................50 Evolving Threats, Evolving Countermeasures ..................................................................51 Detecting Viruses...................................................................................................51 Radical Evolution—Polymorphic and Metamorphic Viruses ...............................53 Detecting Complex Viruses ...................................................................................55 State of Virus Detection.........................................................................................55 Trends in Virus Evolution..................................................................................................56 Worms and Vulnerabilities ............................................................................................................57
    [Show full text]
  • Combating Spyware in the Enterprise.Pdf
    www.dbebooks.com - Free Books & magazines Visit us at www.syngress.com Syngress is committed to publishing high-quality books for IT Professionals and delivering those books in media and formats that fit the demands of our cus- tomers. We are also committed to extending the utility of the book you purchase via additional materials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our [email protected] Web pages. There you will find an assortment of value-added features such as free e-booklets related to the topic of this book, URLs of related Web site, FAQs from the book, corrections, and any updates from the author(s). ULTIMATE CDs Our Ultimate CD product line offers our readers budget-conscious compilations of some of our best-selling backlist titles in Adobe PDF form. These CDs are the perfect way to extend your reference library on key topics pertaining to your area of exper- tise, including Cisco Engineering, Microsoft Windows System Administration, CyberCrime Investigation, Open Source Security, and Firewall Configuration, to name a few. DOWNLOADABLE EBOOKS For readers who can’t wait for hard copy, we offer most of our titles in download- able Adobe PDF form. These eBooks are often available weeks before hard copies, and are priced affordably. SYNGRESS OUTLET Our outlet store at syngress.com features overstocked, out-of-print, or slightly hurt books at significant savings. SITE LICENSING Syngress has a well-established program for site licensing our ebooks onto servers in corporations, educational institutions, and large organizations.
    [Show full text]
  • Symantec Internet Security Threat Report
    Symantec Internet EXECUTIVE SUMMARY Symantec Internet Security Threat Report September 2003 EXECUTIVE EDITOR Executive Summary Linda McCarthy Symantec Office of the CTO The Symantec Internet Security Threat Report provides a six-month update about Internet threat MANAGER, DEVELOPMENT activity1. It includes analysis of network-based attacks, a review of known vulnerabilities, and David Ahmad Symantec Security Response highlights of malicious code. This summary of that report can alert executives to impending threats and current trends. SENIOR THREAT ANALYST Cori Lynn Arnold Symantec Managed Security With over 20,000 sensors monitoring network activity in over 180 countries, Symantec has Services established one of the most comprehensive sources of Internet threat data in the world, giving SENIOR MANAGER, ANALYSIS Symantec's analysts a superior source of attack data from which to spot important trends. OPERATIONS These trends educate executives about potential threats and exposures, and using the data Brian Dunphy Symantec Managed Security can help them identify weaknesses in their own security architecture or policies. Services In August 2003, the Win32.Blaster blended threat rapidly spread worldwide, and several other SENIOR MANAGER, DEVELOPMENT Oliver Friedrichs highly severe worms followed. In only eight days the pace and frequency of these threats created Symantec Security Response havoc for systems administrators as well as for PC home users, with an estimated cost of damages 2 RESEARCH FELLOW running up to $2 billion . This report
    [Show full text]
  • Email Worm Modeling and Defense
    Email Worm Modeling and Defense CliffC.Zou∗,DonTowsley†, Weibo Gong∗ ∗Department of Electrical & Computer Engineering †Department of Computer Science University of Massachusetts, Amherst, MA 01003 {czou, gong}@ecs.umass.edu, [email protected] Abstract— Email worms constitute one of the major Internet little differences in terms of the propagation dynamics of email security problems. In this paper, we present an email worm worms. model that accounts for the behaviors of email users by con- Based on the above email worm model, we study the ef- sidering email checking time and the probability of opening email attachments. Email worms spread over a logical network fectiveness of “selective immunization defense”, i.e., selecting defined by email address relationship, which plays an important some most connected email users’ computers to make them role in determining the spreading dynamics of an email worm. immune to an email worm. The results explain why selective Our observations suggest that the node degrees of an email immunization defense against email worm propagation is quite network are heavy-tailed distributed. We compare email worm effective for a power law topology but not so good for the other propagation on three topologies: power law, small world and random graph topologies; and then study how the topology two topologies. affects immunization defense on email worms. The impact of The rest of the paper is organized as follows. Section II the power law topology on the spread of email worms is mixed: surveys related work. Section III presents the email worm email worms spread more quickly on a power law topology than propagation model.
    [Show full text]
  • ILOVEYOU” Computer Virus Emphasizes Critical Need for Agency and Governmentwide Improvements
    United States General Accounting Office GAO Testimony Before the Subcommittee on Technology, Committee on Science, House of Representatives For Release on Delivery Expected at 10 a.m. INFORMATION Wednesday, May 10, 2000 SECURITY “ILOVEYOU” Computer Virus Emphasizes Critical Need for Agency and Governmentwide Improvements Statement of Keith A. Rhodes Director, Office of Computer and Information Technology Assessment Accounting and Information Management Division GAO/T-AIMD-00-171 Madam Chairwoman and Members of the Subcommittee: Thank you for inviting me to participate in today’s hearing on the “ILOVEYOU” computer virus. About this time last year, I testified before this Subcommittee on the “Melissa” virus, which temporarily disrupted the operations of some agencies by forcing them to shut down their e- mail systems.1 At that hearing, I stressed that the next virus would likely propagate faster, do more damage, and be more difficult to detect and counter. This is just what we have experienced with ILOVEYOU. While it looked a lot like Melissa in its operation, it moved much more swiftly, and it appears to have caused as much, if not more, disruption. Nevertheless, the lessons to be gleaned from both attacks are the same. Federal agencies must implement vigorous security programs to enable them to closely watch their information resources for signs of attack or intrusion and to quickly react to such events when detected. Moreover, the government as a whole must promptly implement long-term solutions that will ensure that agencies focus on security from an organizationwide perspective and implement a comprehensive set of security controls. It must also establish central tracking and reporting mechanisms to facilitate analyses of these and other forms of attacks and their impact.
    [Show full text]
  • IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions
    IBM Security Solutions May 2011 IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions Contents About the report 2 About the Report The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges 3 Evolution: From Nuisance to Weapon facing security professionals today. This report is a product of IBM Managed Security Services and the IBM X-Force 8 Prolific and Impacting Issues of Q1 2011 research and development team. Each issue focuses on specific challenges and provides a recap of the most significant recent 16 References online threats. IBM Managed Security Services are designed to help an organization improve its information security, by outsourcing security operations or supplementing your existing security teams. The IBM protection on-demand platform helps deliver Managed Security Services and the expertise, knowledge and infrastructure an organization needs to secure its information assets from Internet attacks. The X-Force team provides the foundation for a preemptive approach to Internet security. The X-Force team is one of the best-known commercial security research groups in the world. This group of security experts researches and evaluates vulnerabilities and security issues, develops assessment and countermeasure technology for IBM security products, and educates the public about emerging Internet threats. We welcome your feedback. Questions or comments regarding the content of this report should be addressed to [email protected]. 3 X-Force Threat Insight Quarterly IBM Security Solutions Evolution: From Nuisance to Weapon One of the more notable examples here is Brain3, a boot sector infector which originated in Pakistan and released in 1986, was Creeper, Wabbit, Animal, Elk Cloner, Brain, Vienna, Lehigh, one of the first examples of malware that infected PC’s running Stoned, Jerusalem.
    [Show full text]
  • Computer Viruses and Malware Advances in Information Security
    Computer Viruses and Malware Advances in Information Security Sushil Jajodia Consulting Editor Center for Secure Information Systems George Mason University Fairfax, VA 22030-4444 email: [email protected] The goals of the Springer International Series on ADVANCES IN INFORMATION SECURITY are, one, to establish the state of the art of, and set the course for future research in information security and, two, to serve as a central reference source for advanced and timely topics in information security research and development. The scope of this series includes all aspects of computer and network security and related areas such as fault tolerance and software assurance. ADVANCES IN INFORMATION SECURITY aims to publish thorough and cohesive overviews of specific topics in information security, as well as works that are larger in scope or that contain more detailed background information than can be accommodated in shorter survey articles. The series also serves as a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook treatment. Researchers, as well as developers, are encouraged to contact Professor Sushil Jajodia with ideas for books under this series. Additional tities in the series: HOP INTEGRITY IN THE INTERNET by Chin-Tser Huang and Mohamed G. Gouda; ISBN-10: 0-387-22426-3 PRIVACY PRESERVING DATA MINING by Jaideep Vaidya, Chris Clifton and Michael Zhu; ISBN-10: 0-387- 25886-8 BIOMETRIC USER AUTHENTICATION FOR IT SECURITY: From Fundamentals to Handwriting by Claus Vielhauer; ISBN-10: 0-387-26194-X IMPACTS AND RISK ASSESSMENT OF TECHNOLOGY FOR INTERNET SECURITY.'Enabled Information Small-Medium Enterprises (TEISMES) by Charles A.
    [Show full text]
  • Contents in This Issue
    NOVEMBER 2005 The International Publication on Computer Virus Prevention, Recognition and Removal CONTENTS IN THIS ISSUE 2 COMMENT Virus Bulletin WHEN IRISH EYES ARE thanks the sponsors Is the boot on the other foot? SMILING of VB2005: A busy conference schedule, 3 NEWS combined with the famous warmth Microsoft assists Nigeria in fight against and hospitality of the Irish and a high-tech crime drop or two of the local ‘water’ were Errata – Windows 2003 Server a recipe for success for VB2005 in comparative review Dublin last month. page 14 3 VIRUS PREVALENCE TABLE LANGUAGE LOGGING 4 VIRUS ANALYSIS Using components of Windows multilingual Criss-cross support, it is possible to create a file that will capture keystrokes on a target system while using FEATURES the OS to protect that file from removal or deletion. Masaki Suenaga explains how an IME could be 6 IME as a possible keylogger used as a keylogger. 11 The false positive disaster: anti-virus vs. page 6 WinRar & co. THE TROUBLE WITH WINRAR 13 LETTERS Andreas Marx reports on his extensive false positive testing of anti-virus software. 14 CONFERENCE REPORT page 11 In Dublin’s fair city 16 PRODUCT REVIEW NOD32 for Windows NT/2000/XP/2003/x64 with centralized management This month: anti-spam news and events and 20 END NOTES & NEWS John Graham-Cumming looks at measuring and marketing spam filter accuracy. ISSN 0956-9979 COMMENT ‘It adds insult to the voices of those of us on the systems administrators’ side, which was equal in its representation on the panel.) injury when the So, putting aside the reporting of the subject, I’d like to major media outlets touch again on why accurate reporting is an issue for misrepresent the those of us on the administration side.
    [Show full text]