virus

University of Utah gets hit by conficker worm

Over 700 computers were hit by the most recent release of the conficker worm at the University of Utah. Computers included those at the University’s three hospitals.

The worm was first detected on Thursday on some of the school’s computers. By Friday it had hit the school’s computers at the three hospitals, medical school, and colleges of nursing, pharmacy and health.

University officials don’t believe that any patient data or medical records were compromised. According to officials those are protected “in a deeper way”. That begs the question of what exactly does that mean? Is that the only data that is virus protected? Is it on Linux or Unix?

The IT staff at the school shut off internet access for up to 6 hours Friday in an effort to isolate the worm. The staff worked over the weekend to cleanup the damage caused by the outbreak. Kind of gives real meaning to the saying “An ounce of prevention is worth a pound of cure” doesn’t it?

Mindy Tueller of the university’s office of information technology said all faculty and students should take steps to make sure they are protected. The virus does not infect Macs.

Or Linux, Unix or any other OS besides Windows

“It can do a lot of bad things,” Tueller said. “Every university member should be concerned about this if they’re using Windows-based devices.”

Interesting. Ms. Tueller and school officials apparently recognize that the problem is the OS but apparently don’t want to do anything about it. How much does that attitude cost the school?

-j

IRS a little lazy on scanning servers for malware

A recent report by the Treasury Inspector General for Tax Administration (TIGTA) noted that the IRS scans about 89% of it’s servers weekly for malware and viruses. That should give you a warm and fuzzy feeling.

Apparently they believe that employee workstations pose more of a threat. All employee workstations are scanned weekly. Of the 11% of servers that aren’t scanned some are scanned intermittently and others not at all.

According to Michael Phillips, the deputy inspector general for audit, The IRS’ Cybersecurity Computer Security Incident Response Center responded to 961 malware incidents in calendar year 2008, an increase of 45 percent over the prior year,

The TIGTA also said that the IRS has adequate controls in place to prevent and respond to malware attacks. They have also built up the security structure to deal with the increasing threat of crackers.

The inspector general also recommended that IRS administrators should not be accessing the internet with their IRS logons. Employees and their managers should also be notified when their browsing results in a successful malicious code incident.

Terence Milholland, IRS’ chief technology officer, said in response the service would begin to scan all servers weekly by May 1 and implement regular reminders on Internet access restrictions by Aug. 1. The IRS would start notifying employees and their managers when their activity results in a malware incident, he said.

You can access the full report here.

-j

Virus shuts down sales of ASUS eee PC’s in Japan

The virus known as recycled.exe was put on the D: drive at the factory. When the user booted the ASUS eee PC the first time the virus copied itself to the C: drive. According to ASUSTEK there were 4500 of the eee PCs made for Japan and only about 300 sold.

Now for me this begs the question…did this ever happen with all of the eee PCs sold and shipped with Linux? While I don’t officially know the answer my guess is that it did not.

That then brings myself and all Linux users to the next question…why do manufacturers insist on putting Windows on their machines rather than Linux? Market share or translated it’s what everybody has.

So let’s discuss the vaidity “everybody has it” and see if we can get some of you users to switch to desktop Linux. Yes I know all of the usual answers of why you don’t want to. It won’t do what I want it do. It doesn’t have software that allows me to do thus and such. I may have to use the command line. yadayadayada.

What exactly does it not do that you want it to do? It edits photos, plays music, plays DVDs, browses the internet and…wait for it…will even send and receive email. If you are a regular desktop user the chances that you are going to have to use the command line are about as great as the chances are that you will need to edit the Windows registry. In fact I would say that you would have to edit the registry before you would ever need to use the command line.

If you are a little more aggressive with the use of your desktop you already edit the registry. I can assure you that using the command line is much easier than editing the registry. Think about the fact that a lot of the configurations of any application that you run on Windows resides in the registry. Compare that to all of you configurations for any application that you use in Linux are text files and reside in the /etc directory. I know from experience that editing a text file is considerably easier than editing the registry.

So what then is the problem? Are you afraid to learn something new? It costs you absolutely nothing to try or buy so it can’t be the cost. If you are reading this then you have the intelligence to learn and run Linux.

Go ahead think about it. Stop buying licenses that don’t even let you own the software let alone install it on as many machines as you need to.

Download an easy to use distribution such as Ubuntu or CentOS and find the freedom of using and installing software on as many machines as you need. No cost to you unless you opt to buy a pre-burned set of CD’s for about $5. Ubuntu is more for a regular user and CentOS is more for an Administrator or Power User type who need stability and likes to run servers and experiment with software on their local machine.

When it is all said and done you will be glad that you did.

-j