Free Software Linux

What?  Give Up My Precious Windows?

Fancy yourself a crusader? Think Green all the time? That’s going to help with the environment, but do you want to make a real difference in the world of computing and the Internet?

Then uninstall Windows and install Linux.

No. Seriously.

Oh you’re probably saying “It’s those silly Linux guys bashing Microsoft again”, and normally it’d be true. I’ve been known to tweak the nose of our loyal opposition/beloved partner now and then, but this time it’s truly different.  I recommend people to get off of Consumer Desktop Windows for the same reason I also recommend seatbelts and stopping smoking.  It’s not IF you’ll have a problem, it’s WHEN.

A Little History - What’s a BotNet?

A botnet (also known as a zombie army) is a number of Internet-attached computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. (Courtesy of whatis.com)

Literally, about 1/3 of the machines out there are a) attached to the internet via high-speed lines b) unpatched or badly-secured Windows machines and c) outside of any firewall and very vulnerable.

How Big of a Problem is This?

According to the Symantec Internet Security Threat Report, through the first six months of 2006, there were 4,696,903 active botnet computers. (Courtesy of whatis.com)

I’d say this is a problem, but don’t listen to just me, the Department of Justice and the FBI recently reported over 1 million botnet crime victims. That means people whose machines are part of a larger scheme to use multiple computers to affect denials of service or group attacks for the purpose of breaking into web sites.  Think about it, how many of those home machines have people’s banking or credit card information on them?  Does yours?  Do you need to go check right now?

Why Does This Happen?
Users never click on anything the don’t understand, right?  Ever watched one of your non-professional computer users, a family member, someone in a public library?  What do they do?  They click on ANYTHING that captures their attention, with NO regard for consequences.  It’s like somehow if you’re on the Internet and using a browser, all discriminatory or evaluative mental processes are totally suspended.

Here’s how it usually works:

1) User clicks on a link, goes to a spyware/virus/botnet-infected site and the code is downloaded to their machine
2) The code infiltrates their machine, opens up their address book and any other thing they can, infects the files of that machine and then initiates an email to everyone in the address book, sending infected files that do the same thing on those machines as on the sender machine. The infected machine registers itself with the botnet server and awaits instructions.
3) Ivan or Xena over in eastern europe fires up their botnet controller and it contacts all the machines that have registered with it, and they do any of a number of nasty things:
a) The botnet-controlled computers (clones) are pointed towards a government or e-commerce site and clog up the connections, making it very slow to respond or even crash, causing interruption of business or government sites, irritating or denying access to millions in the process.
b) The clones are all instructed to attempt login to a certain web-enabled commercial or government site, each in turn trying and discarding a huge set of passwords that eventually will either clog, bring down or actually penetrate said site, instantly alerting the botnet-controller of the access and attempting to spread through that site and infect it’s customers, users and servers
c) A certain set of the clones are always directed to scan large sets of internet addresses looking for unsecured or vulnerable servers that can be infected, taken over and repurposed to the botnet’s goals

This is something that occurs a lot these days, the FBI is right to be very concerned about this, the amount of damage that can result from an single infected banking server is immense, and since it’s all mostly automated, they can test and find vulnerabilities in thousands of machines a day. It’s just like direct mail, most people will discard the junk mail, but enough people will respond with their $19.99 for the crappy product to make it all worthwhile.

Do Your Part to Save the Children

So, install Linux, particularly SUSE Linux Enterprise Desktop, or openSUSE and go cold-turkey on Windows.  Think of the children!

Ross

You have already tagged this post. Your tags: