Yet another Windows virus, Sobig.f, the sixth iteration of the Sobig virus (Sobig.a, Sobig.b... Sobig.f.) Technical details of Sobig.a are here, and further details on variants .b through .e are here. Sobig.a first appeared in January 2003, followed by .b in May, and then .c, .d, and .e in June, and now .f in August.
I'm getting hammered by this one (I can't be infected *because I don't run Windows*, but I can have my mailbox completely filled with 70KB .pif win32 executables. Grrrr.)
When are people going to learn? I guess never, since they haven't already and the lesson could hardly be easier: Don't double click on any attachment you receive in email. Especially don't click on any attachment if it contains any of the following file suffixes:
ADE Microsoft Access Project Extension
ADP Microsoft Access Project
BAS Visual Basic Class Module
BAT Batch File
CHM Compiled HTML Help File
CMD Windows NT Command Script
COM MS-DOS Application
CPL Control Panel Extension
CRT Security Certificate
DLL Dynamic Link Library
DO* Word Documents and Templates
EXE Application
HLP Windows Help File
HTA HTML Applications
INF Setup Information File
INS Internet Communication Settings
ISP Internet Communication Settings
JS JScript File
JSE JScript Encoded Script File
LNK Shortcut
MDB Microsoft Access Application
MDE Microsoft Access MDE Database
MSC Microsoft Common Console Document
MSI Windows Installer Package
MSP Windows Installer Patch
MST Visual Test Source File
OCX ActiveX Objects
PCD Photo CD Image
PIF Shortcut to MS-DOS Program
POT PowerPoint Templates
PPT PowerPoint Files
REG Registration Entries
SCR Screen Saver
SCT Windows Script Component
SHB Document Shortcut File
SHS Shell Scrap Object
SYS System Config/Driver
URL Internet Shortcut (Uniform Resource Locator)
VB VBScript File
VBE VBScript Encoded Script File
VBS VBScript Script File
WSC Windows Script Component
WSF Windows Script File
WSH Windows Scripting Host Settings File
XL* Excel Files and Templates
(Above list snipped from a /. comment.)
Or, in other words, don't fucking click on any attachments! I'm getting Sobig.f as a .pif attachment, but any of these other file types *could* be vectors for virus transmission.
But really, shouldn't you just buy a Mac?
Can those of us who don't have enuff cash for a new mac just run windows 98? ;)
i have Windows Me and I have had near zero proplems in the years i have owned it virus wise.....
If everyone bought a Mac they might start writing viruses for it; that would surely send the stock soaring!
just after i posted i have been attacked by W32.Bugbear something or other and its a pesky think that so fat Norton has not killed completely.....
My experience with the Blaster Worm last week was not that easy to completely take care of. For days after I installed a patch I still had the some blaster crap quarantined inside of Norton. And it was clearly effecting all manner of stuff on my computer. Yesterday I tried to delete the files from quarantine, which I hadn't been able to do on first and second tries, and it let me delete them. The computer is running much better now, but I still suspect something is not exactly as it should be. I think it is really nice that Jim has volunteered to buy all of us Macs.
Okay, I guess I shouldn't have made the Mac crack. I usually try not to because I'm sure my Apple (/Unix) fundamentalism is annoying.
Still, it is true as far as I know that no Mac virus has ever been found in the wild (I'm not counting Microsoft Word macro stuff because you shouldn't be running Word on your Mac anyway.) Like Alex pointed out, this is in some part due to the low market share of the Mac (why go after the small fish?) but that isn't the whole story. There are numerous philosophical design differences between Windows and the Unix world (major understatement alert!) and many of these serve to make Windows *very* vulnerable to these attacks.
And, to beat an uninteresting horse, the idea that Macs are incredibly expensive is a bit overblown. Sure, the awesome Macs are expensive, but so are the awesome Windows machines. But the entry level eMac (desktop with a 17 inch monitor) is $799 and the entry level iMac (notebook with CD) is $999. That's about as cheap as any reasonable Windows machine. (Yes, I know there are super cheap $399 towers and such, but you are really not going to thank yourself for buying one.)
So yeah, I guess you could save maybe a hundred bucks or so by buying a Windows machine, but then how many hours are you going to spend getting rid of viruses? And how much is your time worth again?
Anyway, my point in started to write was to link to this Register story: Sobig-F has taken the record as the world's most rapidly spreading virus to date, according to managed services firm MessageLabs, which stopped more than one million copies of the email-borne nuisance since its first appearance earlier this week.
i'm still trying to get rid of this thing on mike's machine. he's got the bugbear virus and the problem is that he uses microsoft's email program which allowed the email attachment to be opened automatically, without him clicking on it. maybe now he'll let me switch him to eudora.
Sounds great Jim. Either of those entry level Macs will suffice. I don't care what color, maybe some of the other windows users will care, but me, I don't care. Do you need my mailing address or should I just pick it up when I next visit?
im redy to get the mac 15" powerbook. its 2,000.00 down from 2,999.00 / ive looked at a few other power books and have not detected any dead pixels / think its safe to order from mac to save the nyc sales tax ?
Not a virus story, and not even a Windows story, but a Linux/PC story. In order to compress high def TV to the new H-dot-264 standard we just bought an array of PCs at Fry's (in kit form). Counting tax and rebates, these machines came in at $315. That's with a 2.6 Gig P4 and 512 Mbyte of memory. They have a few minor limitations, like no disks, no keyboards, no monitors, and no hope in the world of passing FCC. But 315 bucks each! Tough to beat.
Okay, all jocularity in the side pocket, Ima get a Mac next time. This afternoon I discovered the Welchia Worm on my machine. Had the MsBlaster last week. I followed directions at the Symantec site pretty well and think I effectively got rid of it. The Welchia I mean, I'm still not sure about the Blaster, so I'll scan for it again when I'm done downloading the Windows Updates recommended at their site. Most of the updates seem fairly critical, not too much fluff. 44MBs of updates.
so jim, do you think buying from mac.com is the best buy now for the old 15 ?
I am completely perplexed by Apple's delay in shipping the updated 15 inch Powerbook. Possible reasons range from the uninteresting "too many old units in the channel" to the wildly hopeful "because the Powerbook G5 is almost ready."
I mention the new 'books only because the old ones will certainly see an additional few hundred dollar drop when they arrive (or maybe more if they actually ship the G5, but that seems unlikely to me.) Assuming you can find an old one by that point. But the delay has been so long that I guess I have to give up recommending people wait. Or, in other words, I just don't know what is going on.
As for mac.com, I don't have anything against them, nor do I have anything to particularly recommend them. Prices really should be pretty consistent across retailers. But is there a reason to buy from them and not right from Apple?
Off topic Jim, but I'm deciding between a Trimble GeoExplorer 3 or newer 'professional grade' GPS, upwards of $5,000 vs a PDA with GPS, for example the new Garmin, for around $500. Question: can these PDA thingamagigs have MS Excel or similar spread sheet software, or create tabular .txt files (exotic plant mapping protocols at the Federal and state level use ArcView GIS and I'm not sure about a Mac version)? How about stamping spatial coordinates on a digital photo, how do I do that? got any ideas? I know, I'm pretty clueless at the moment, but at least I got my pants on.
You've got your pants on? I don't think you're doing this internet thing right...
But yes, PDAs can run spread sheet software. Palm OS PDAs (I think the Garmin is one) won't run Excel, but there will be something like it. Pocket PCs are the Windows flavor PDA and will be more compatible with Excel - but I'm not aware of one that has GPS. Doesn't sound like your requirements are too strict so I think you will find a way on any of these thingamagigs to record your data, since recording data is pretty much what they do.
My friend Hannah has had a run in with .GIS files on the Mac. There is a plug in for Photoshop that lets you view them, but she had mixed success getting this to work. I've never really taken a hard look at it though. Should be possible on either platform but I doubt you'll get them to run on a PDA (the files I saw were *huge*.)
Stamping spatial coordinates on a digital photo can definitely be done afterward (in any photoshop like graphics program) but it would be nice if this could just happen in the field (like if your camera had GPS, or could talk to your GPS through Bluetooth wireless) but we are not quite there yet.
Do you have the camera already? I know some cameras let you attach short sound clips to a picture, so when you take it you could just look at your GPS and then say the coordinates out loud. Later, when you download everything to your computer, you could play back the sound attached to each photo and then "stamp" those coordinates by hand in a photo editing program.
That's not perfect but it's the first thing that comes to mind.
What does the 'professional' grade get you for the extra $4500? Is it just accuracy? Maybe signal strength too? I wonder if a cheap one just wouldn't get a fix sometimes? Like at the bottom of some canyon or something? Not sure at all.
I'll do a little more looking around.
I think I mentioned this one before, but Ricoh has a camera with an optional GPS unit that will stamp your photos with coordinates. It's called the Caplio Pro G3. Unfortunately it appears to only be out in Japan (they get all the cool stuff first.) Still, you could probably get your hands on it if you really wanted. I believe it's 99,800 yen (without the GPS card) but I have no idea how much that is in US dollars.
Live mid-market rates as of 2003.08.26 21:47:39 GMT.
99,800.00 JPY
Japan Yen = 850.654 USD
United States Dollars
1 JPY = 0.00852359 USD 1 USD = 117.322 JPY
Thanks for the skinny skinny.
I use my PC for ArcView. .shp files, they are huge, and the software is clunky; i'm upgrading to 1024 RAM. But the Nature Conservancy and the California Department of Ag. and others have Excel files based on the exotic plant mapping data dictionaries used with the GeoExplorer GPS units that have lists of plant species with common names, Latin, Association of Weed Scientists acronyms, corresponding color codes, that kind of BS, that are directly exportable into ArcView. What I'm trying to say is I need a PDA with a GPS or that I can connect with a GPS, that has Excel or similar spread sheet software. This new Garmin PDA phone has a GPS, MP3 player, all this fancy shit I've never played with. Accuracy -- the standards for precision and accuracy -- within 3 Meters is as accurate as needed -- 7.5 minute topo maps are about that accurate, in the sense that the narrowest lines on the maps are about 3 meters wide I seem to recall. Whatever, I'm real interested but may wait until I come visit this Winer. oh yeah, I'm thinking of visiting in December, should I get ahold of you?
Well, waiting to buy is good if you can do it. Things are changing so fast. But it can also leave you waiting for ever.
If you need to read Excel data then you need a Windows operating system on the PDA (i.e., you need a Pocket PC, not a Palm OS device like the Garmin.) This is the main cause for people hating Microsoft. Once you start using any of their products you are tied to them forever. (There is an open source Excel clone - gnumeric I think - that I don't know anything about, so there is some hope, but I'm doubtful it's going to help you on the PDA front.)
Do you know of other people who are using these Excel files on PDA's? It might be the case that it's not even possible yet. You might need something more like a mini laptop than a PDA. (Although the boundaries between the two are beginning to blur.)
Of course get in touch if you are coming out. We love you Jeff. You're welcome any time.
thanks for the info - i guess ive waited this long for a 15' pb might as well wait for the next price comedown.
Yeah, thanks for the heads up Jim, I read over my post and couldn't make heads or tails of it. Actually though, ArcView will except any tabular ASCI kinda file and attempt to spatially reference it, so I would really prefer getting away from MicroSoft, any spread sheet software should work. What about the Garmin? Right now I map with a cheesy 'recreational' GPS and a legal pad, then export the files .... ArcView is cool that way; a sow's ear into a silk purse. Better start resting up.
|
I'm getting hammered by this one (I can't be infected *because I don't run Windows*, but I can have my mailbox completely filled with 70KB .pif win32 executables. Grrrr.)
When are people going to learn? I guess never, since they haven't already and the lesson could hardly be easier: Don't double click on any attachment you receive in email. Especially don't click on any attachment if it contains any of the following file suffixes:
ADE Microsoft Access Project Extension
ADP Microsoft Access Project
BAS Visual Basic Class Module
BAT Batch File
CHM Compiled HTML Help File
CMD Windows NT Command Script
COM MS-DOS Application
CPL Control Panel Extension
CRT Security Certificate
DLL Dynamic Link Library
DO* Word Documents and Templates
EXE Application
HLP Windows Help File
HTA HTML Applications
INF Setup Information File
INS Internet Communication Settings
ISP Internet Communication Settings
JS JScript File
JSE JScript Encoded Script File
LNK Shortcut
MDB Microsoft Access Application
MDE Microsoft Access MDE Database
MSC Microsoft Common Console Document
MSI Windows Installer Package
MSP Windows Installer Patch
MST Visual Test Source File
OCX ActiveX Objects
PCD Photo CD Image
PIF Shortcut to MS-DOS Program
POT PowerPoint Templates
PPT PowerPoint Files
REG Registration Entries
SCR Screen Saver
SCT Windows Script Component
SHB Document Shortcut File
SHS Shell Scrap Object
SYS System Config/Driver
URL Internet Shortcut (Uniform Resource Locator)
VB VBScript File
VBE VBScript Encoded Script File
VBS VBScript Script File
WSC Windows Script Component
WSF Windows Script File
WSH Windows Scripting Host Settings File
XL* Excel Files and Templates
(Above list snipped from a /. comment.)
Or, in other words, don't fucking click on any attachments! I'm getting Sobig.f as a .pif attachment, but any of these other file types *could* be vectors for virus transmission.
But really, shouldn't you just buy a Mac?
- jim 8-20-2003 6:19 pm
Can those of us who don't have enuff cash for a new mac just run windows 98? ;)
- bruno 8-20-2003 7:22 pm
i have Windows Me and I have had near zero proplems in the years i have owned it virus wise.....
- Skinny 8-21-2003 2:22 am
If everyone bought a Mac they might start writing viruses for it; that would surely send the stock soaring!
- alex 8-21-2003 4:07 am
just after i posted i have been attacked by W32.Bugbear something or other and its a pesky think that so fat Norton has not killed completely.....
- Skinny 8-21-2003 1:28 pm
My experience with the Blaster Worm last week was not that easy to completely take care of. For days after I installed a patch I still had the some blaster crap quarantined inside of Norton. And it was clearly effecting all manner of stuff on my computer. Yesterday I tried to delete the files from quarantine, which I hadn't been able to do on first and second tries, and it let me delete them. The computer is running much better now, but I still suspect something is not exactly as it should be. I think it is really nice that Jim has volunteered to buy all of us Macs.
- jimlouis 8-21-2003 5:11 pm
Okay, I guess I shouldn't have made the Mac crack. I usually try not to because I'm sure my Apple (/Unix) fundamentalism is annoying.
Still, it is true as far as I know that no Mac virus has ever been found in the wild (I'm not counting Microsoft Word macro stuff because you shouldn't be running Word on your Mac anyway.) Like Alex pointed out, this is in some part due to the low market share of the Mac (why go after the small fish?) but that isn't the whole story. There are numerous philosophical design differences between Windows and the Unix world (major understatement alert!) and many of these serve to make Windows *very* vulnerable to these attacks.
And, to beat an uninteresting horse, the idea that Macs are incredibly expensive is a bit overblown. Sure, the awesome Macs are expensive, but so are the awesome Windows machines. But the entry level eMac (desktop with a 17 inch monitor) is $799 and the entry level iMac (notebook with CD) is $999. That's about as cheap as any reasonable Windows machine. (Yes, I know there are super cheap $399 towers and such, but you are really not going to thank yourself for buying one.)
So yeah, I guess you could save maybe a hundred bucks or so by buying a Windows machine, but then how many hours are you going to spend getting rid of viruses? And how much is your time worth again?
Anyway, my point in started to write was to link to this Register story:
- jim 8-21-2003 5:36 pm
i'm still trying to get rid of this thing on mike's machine. he's got the bugbear virus and the problem is that he uses microsoft's email program which allowed the email attachment to be opened automatically, without him clicking on it. maybe now he'll let me switch him to eudora.
- linda 8-21-2003 7:17 pm
Sounds great Jim. Either of those entry level Macs will suffice. I don't care what color, maybe some of the other windows users will care, but me, I don't care. Do you need my mailing address or should I just pick it up when I next visit?
- jimlouis 8-21-2003 10:48 pm
im redy to get the mac 15" powerbook. its 2,000.00 down from 2,999.00 / ive looked at a few other power books and have not detected any dead pixels / think its safe to order from mac to save the nyc sales tax ?
- bill 8-22-2003 2:20 am
Not a virus story, and not even a Windows story, but a Linux/PC story. In order to compress high def TV to the new H-dot-264 standard we just bought an array of PCs at Fry's (in kit form). Counting tax and rebates, these machines came in at $315. That's with a 2.6 Gig P4 and 512 Mbyte of memory. They have a few minor limitations, like no disks, no keyboards, no monitors, and no hope in the world of passing FCC. But 315 bucks each! Tough to beat.
- mark 8-22-2003 1:43 pm
Okay, all jocularity in the side pocket, Ima get a Mac next time. This afternoon I discovered the Welchia Worm on my machine. Had the MsBlaster last week. I followed directions at the Symantec site pretty well and think I effectively got rid of it. The Welchia I mean, I'm still not sure about the Blaster, so I'll scan for it again when I'm done downloading the Windows Updates recommended at their site. Most of the updates seem fairly critical, not too much fluff. 44MBs of updates.
- jimlouis 8-22-2003 10:55 pm
so jim, do you think buying from mac.com is the best buy now for the old 15 ?
- bill 8-23-2003 5:18 pm
I am completely perplexed by Apple's delay in shipping the updated 15 inch Powerbook. Possible reasons range from the uninteresting "too many old units in the channel" to the wildly hopeful "because the Powerbook G5 is almost ready."
I mention the new 'books only because the old ones will certainly see an additional few hundred dollar drop when they arrive (or maybe more if they actually ship the G5, but that seems unlikely to me.) Assuming you can find an old one by that point. But the delay has been so long that I guess I have to give up recommending people wait. Or, in other words, I just don't know what is going on.
As for mac.com, I don't have anything against them, nor do I have anything to particularly recommend them. Prices really should be pretty consistent across retailers. But is there a reason to buy from them and not right from Apple?
- jim 8-25-2003 8:42 pm
Off topic Jim, but I'm deciding between a Trimble GeoExplorer 3 or newer 'professional grade' GPS, upwards of $5,000 vs a PDA with GPS, for example the new Garmin, for around $500. Question: can these PDA thingamagigs have MS Excel or similar spread sheet software, or create tabular .txt files (exotic plant mapping protocols at the Federal and state level use ArcView GIS and I'm not sure about a Mac version)? How about stamping spatial coordinates on a digital photo, how do I do that? got any ideas? I know, I'm pretty clueless at the moment, but at least I got my pants on.
- jeff 8-26-2003 9:36 am
You've got your pants on? I don't think you're doing this internet thing right...
But yes, PDAs can run spread sheet software. Palm OS PDAs (I think the Garmin is one) won't run Excel, but there will be something like it. Pocket PCs are the Windows flavor PDA and will be more compatible with Excel - but I'm not aware of one that has GPS. Doesn't sound like your requirements are too strict so I think you will find a way on any of these thingamagigs to record your data, since recording data is pretty much what they do.
My friend Hannah has had a run in with .GIS files on the Mac. There is a plug in for Photoshop that lets you view them, but she had mixed success getting this to work. I've never really taken a hard look at it though. Should be possible on either platform but I doubt you'll get them to run on a PDA (the files I saw were *huge*.)
Stamping spatial coordinates on a digital photo can definitely be done afterward (in any photoshop like graphics program) but it would be nice if this could just happen in the field (like if your camera had GPS, or could talk to your GPS through Bluetooth wireless) but we are not quite there yet.
Do you have the camera already? I know some cameras let you attach short sound clips to a picture, so when you take it you could just look at your GPS and then say the coordinates out loud. Later, when you download everything to your computer, you could play back the sound attached to each photo and then "stamp" those coordinates by hand in a photo editing program.
That's not perfect but it's the first thing that comes to mind.
What does the 'professional' grade get you for the extra $4500? Is it just accuracy? Maybe signal strength too? I wonder if a cheap one just wouldn't get a fix sometimes? Like at the bottom of some canyon or something? Not sure at all.
I'll do a little more looking around.
- jim 8-26-2003 5:00 pm
I think I mentioned this one before, but Ricoh has a camera with an optional GPS unit that will stamp your photos with coordinates. It's called the Caplio Pro G3. Unfortunately it appears to only be out in Japan (they get all the cool stuff first.) Still, you could probably get your hands on it if you really wanted. I believe it's 99,800 yen (without the GPS card) but I have no idea how much that is in US dollars.
- jim 8-26-2003 5:23 pm
Live mid-market rates as of 2003.08.26 21:47:39 GMT.
99,800.00 JPY
Japan Yen = 850.654 USD
United States Dollars
1 JPY = 0.00852359 USD 1 USD = 117.322 JPY
- Skinny 8-27-2003 1:48 am
Thanks for the skinny skinny.
- jim 8-27-2003 2:03 am
I use my PC for ArcView. .shp files, they are huge, and the software is clunky; i'm upgrading to 1024 RAM. But the Nature Conservancy and the California Department of Ag. and others have Excel files based on the exotic plant mapping data dictionaries used with the GeoExplorer GPS units that have lists of plant species with common names, Latin, Association of Weed Scientists acronyms, corresponding color codes, that kind of BS, that are directly exportable into ArcView. What I'm trying to say is I need a PDA with a GPS or that I can connect with a GPS, that has Excel or similar spread sheet software. This new Garmin PDA phone has a GPS, MP3 player, all this fancy shit I've never played with. Accuracy -- the standards for precision and accuracy -- within 3 Meters is as accurate as needed -- 7.5 minute topo maps are about that accurate, in the sense that the narrowest lines on the maps are about 3 meters wide I seem to recall. Whatever, I'm real interested but may wait until I come visit this Winer. oh yeah, I'm thinking of visiting in December, should I get ahold of you?
- jeff 8-28-2003 10:18 am
Well, waiting to buy is good if you can do it. Things are changing so fast. But it can also leave you waiting for ever.
If you need to read Excel data then you need a Windows operating system on the PDA (i.e., you need a Pocket PC, not a Palm OS device like the Garmin.) This is the main cause for people hating Microsoft. Once you start using any of their products you are tied to them forever. (There is an open source Excel clone - gnumeric I think - that I don't know anything about, so there is some hope, but I'm doubtful it's going to help you on the PDA front.)
Do you know of other people who are using these Excel files on PDA's? It might be the case that it's not even possible yet. You might need something more like a mini laptop than a PDA. (Although the boundaries between the two are beginning to blur.)
Of course get in touch if you are coming out. We love you Jeff. You're welcome any time.
- jim 8-28-2003 5:18 pm
thanks for the info - i guess ive waited this long for a 15' pb might as well wait for the next price comedown.
- bill 8-28-2003 7:49 pm
Yeah, thanks for the heads up Jim, I read over my post and couldn't make heads or tails of it. Actually though, ArcView will except any tabular ASCI kinda file and attempt to spatially reference it, so I would really prefer getting away from MicroSoft, any spread sheet software should work. What about the Garmin? Right now I map with a cheesy 'recreational' GPS and a legal pad, then export the files .... ArcView is cool that way; a sow's ear into a silk purse. Better start resting up.
- jeff 8-29-2003 7:15 am