North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: and here are some answers [was: Quarantine your infected users spreading malware]
On Mon, 20 Feb 2006 23:54:38 EST, Sean Donelan said: > On the other hand, the number of infected computers never seems to spiral > out of control. I've been wondering, instead of trying to figure out why > some computers get infected, should we be trying to figure out why most > computers don't become infected? I've seen more than one estimate that most computers *are* infected by at least one piece of malware/spyware/etc, (including numbers as high as 90%) and if the site that was tracking 1M new zombies/day is to be believed, they *are* spiraling out of control. And when a significant fraction of all new computers are bought as a virus/worm control method, things *are* out of control: http://www.nytimes.com/2005/07/17/technology/17spy.html?ei=5090&en=5b2b6783f66a7422&ex=1279252800&adxnnl=1&partner=rssuserland&emc=rss&adxnnlx=1121859260-edx1SJD7lWy7D6PMipItjw I suspect that in fact, a *lot* of computers have crud on them, but people's expectations have dropped - as long as the virus doesn't actually kill the host, it's tolerated. If Aunt Matilda is avoiding all this stuff, the most likely reason that Aunt Matilda doesn't get more crudware on her system is because she wouldn't be caught dead visiting non-reputable websites that you're likely to get caught in a drive-by fruiting - and none of her friends would either, so she never gets her e-mail address scraped and used as a target... But we already knew that, and there's no good way to leverage it when everybody who *isn't* an Aunt Matilda *does* visit those kind of sites, or knows people who do...