Windows update has been bug ass slow ever since the blaster worm started. People who haven't updated in YEARS - people who never knew HOW to update - are now swarming to download the golden patch.
They probably hit a bandwidth cap or something. Not really surprising at all. [ 08-15-2003: Message edited by: Maradon! ]
quote:
How.... Maradon!.... uughhhhhh:
Not really.Windows update has been bug ass slow ever since the blaster worm started. People who haven't updated in YEARS - people who never knew HOW to update - are now swarming to download the golden patch.
They probably hit a bandwidth cap or something. Not really surprising at all.
Hmm.. Never though of that. Like I said in and earlier thread.. This is one of those rare moments where I'm glad that I use Windows 98. (very rare)
quote:
Aresing:
Hmm.. Never though of that. Like I said in and earlier thread.. This is one of those rare moments where I'm glad that I use Windows 98. (very rare)
I use WinXP Pro and I took my sweet time downloading the patch, knowing I was immune.
Firewalls are more than just an irritant, you know. 
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
quote:
If the current date is the 16th through the end of the month for the months of January to August, or if the current month is September through December, the worm will attempt to perform a DoS on Windows Update. However, the attempt to perform the DoS will succeed only if one the following conditions is true:The worm runs on a Windows XP computer that was either infected or rebooted during the payload period. The worm runs on a Windows 2000 computer that was infected during the payload period and has not been restarted since it was infected. The worm runs on a Windows 2000 computer that has been restarted since it was infected, during the payload period, and the currently logged in user is Administrator.
The DoS traffic has the following characteristics:Is a SYN flood on port 80 of windowsupdate.com. Tries to send 50 RPC packets and 50 HTTP packets every second. Each packet is 40 bytes in length.
[ 08-15-2003: Message edited by: Khyron ]
quote:
Palador ChibiDragon had this to say about Knight Rider:
Interesting. Did they make it do that because they don't like Microsoft, or because they wanted to slow down the cure for the virus?
Probably both.
quote:
Mightion Defensor wrote this then went back to looking for porn:
No big deal. All Microsoft has to do is block port 80 on their routers and they'll be safe.
HAR HAR
woot~
edit: it still doesn't work for me. http://windowsupdate.microsoft.com works, but not http://www.windowsupdate.com
They probably run on a separate IP now. Microsoft dun a good job. [ 08-15-2003: Message edited by: Kegwen ]
Would it not be hard for one virus to outsmart the entire techie staff at MICROSOFT?
^.^
quote:
Archer-Penguin stopped staring at Deedlit long enough to write:
I would hope Microsoft has really really good people working at it.Would it not be hard for one virus to outsmart the entire techie staff at MICROSOFT?
^.^
Microsoft has had a patch out for it way before Blaster started to spread, users not updating are the actual problem. 
quote:
Archer-Penguin spewed forth this undeniable truth:
I would hope Microsoft has really really good people working at it.Would it not be hard for one virus to outsmart the entire techie staff at MICROSOFT?
^.^
Yes, well, all this anti-MS bullshit has filled my head with cynicism.
quote:
Archer-Penguin had this to say about Captain Planet:
I would hope Microsoft has really really good people working at it.Would it not be hard for one virus to outsmart the entire techie staff at MICROSOFT?
^.^
Remember this IS Micro$oft we're talking about...
quote:
Bummey the Fool's account was hax0red to write:
Remember this IS Micro$oft we're talking about...
See? SEE?
In my case, I didn't have the AntiVirus stuff installed on my machine (new machine, getting the bugs worked out of the construction was priority). Cleaning it up was fast and easy.
Clearly, though, MSBlast was elegance in simplicity. Despite the concession that the actual code was pretty simple, despite the fact MS has pretty much done everything it can shy of forcing you to Critical Update, this thing managed to fuck with some seriously large numbers of people by exploiting the lethargy most computer users have regarding their personal security.
I see this as a "fair warning" sort of thing for people who don't keep their virus definitions and critical updates current. This time it was relatively minor, and fixable. Microsoft can't do much more than it already does (it can't FORCE you to Critical Update, but lord it tries everything shy of that, including having default settings to DL the updates but wait for your okay to install them...any more, and it'd be the old "Microsoft is in my personal business" bullshit), providing the updates and warning the public about certain security faults, etc. Government can't protect you without violating your privacy. Time for some computer users to start taking more responsibility for their own computer safety. Next time this sort of thing might do more than screw you into not being able to use your computer.
sigpic courtesy of This Guy, original modified by me
quote:
Ja'Deth Issar Ka'bael had this to say about Jimmy Carter:
stuff
Yeah, it would be impossible to make an operating system without a single error, and the more use that OS sees, the more likely it is someone comes across a security hole. The best microsoft can do is make a patch as soon as they realize the hole exists.
Wouldn't it be a kicker, though, if this virus was actually released by Microsoft, and no one with an illegal copy of XP could patch? It seems that the illegal copy "owners" can patch this virus, but maybe MS could learn a thing or two...
As for the half-sarcastic joke about "did MS do this themselves"...eh...the RIAA might like to shoot itself blindly in the foot, but MS generally doesn't (WinME being the possible exception, as the weakest of the MS OS's I've used). Might as well suggest Symantec or McAffee did it (whoever had the fix out first). I'm cynical and pessimistic about things, but not THAT cynical and pessimistic.
sigpic courtesy of This Guy, original modified by me
quote:
Microsoft Corp., the world's largest software maker, shut down one of its Internet sites to thwart a ``Blaster'' computer-worm attack expected to begin today.
The worm, which attacked computers this week by exploiting a flaw in Microsoft's Windows operating system, was designed to mount a so-called denial-of-service assault in which a flood of traffic crashes a Web site. Blaster will prompt commandeered PCs to attack Microsoft's www.windowsupdate.com site beginning at midnight Saturday, based on the infected computer's time zone.The shutdown was one of several measures taken to protect the site, which provides software and security updates, Microsoft spokesman Sean Sundwall said. The site had steered users to windowsupdate.microsoft.com. That Web site hasn't been attacked, he said.
quote:
Ja'Deth Issar Ka'bael got all f'ed up on Angel Dust and wrote:
Eh...as for the first point, I can't really tell if you were being facetious or straight up...sooooo, pardon me if this seems a bit harsh, but: No you can't design perfection. Things that happen a million times in testing can not reflect what will happen out of a million times in an open environment. Some people won't be even remotely diligent about taking care of their computers (hell some people take better care of their machines than they do their own kids and still got nailed), some people won't do antiviruses or other smart moves, trying to cut corners (which of course reduces their $2000 computers into a very pretty paperweight until they reinstall the OS or whatever, in the case of MSBlast, or if the virus was nasty and zeroed your drive...well...ouch). So exactly right...attack the OS yourself, test it, put out free patches for your product, warn the public to patch. If they don't, it's their problem.As for the half-sarcastic joke about "did MS do this themselves"...eh...the RIAA might like to shoot itself blindly in the foot, but MS generally doesn't (WinME being the possible exception, as the weakest of the MS OS's I've used). Might as well suggest Symantec or McAffee did it (whoever had the fix out first). I'm cynical and pessimistic about things, but not THAT cynical and pessimistic.
I can see how it seemed like I might have been facetious/sarcastic, but I was actually serious.
After seeing the virus DoS microsoft websites, is there any chance they made it? Of course not. Microsoft could probably pull it off and give a lot of illegal users grief (the difference between legal mp3s and illegal mp3s is fine; the difference between legal Windows and illegal Windows when the majority of the illegal Windows users have the same cd key is not so fine ). If nothing else, they could say it was a built-in feature that would go off for illegal users.
