Comments on: Mystery virus strikes FBI, U.S. Marshals

Law-enforcement agencies are forced to shut down their networks after being affected by a virus of undetermined type and origin.

[Police_States_of_America]

why aren't the fbi always on a private network? are they checking their facebook?

[ralfthedog]

Bad guys have the internet. Some bad guys have web pages. Some very stupid bad guys think it is fun to self incriminate on their own websites. The FBI also uses things like email. It would be very hard to send an Agent a tip or a file they needed (Like bank records) if they did not have access to the outside internet.

+ even FBI needs porn.

[surf&work]

"network issue on our external, unclassified network that's affecting several government agencies"

Apparently they run two networks. The virus affected the external one, not the private internal one.

[tm_anon]

why aren't the fbi using Linux? You'd think they would use the same logic used in making personal body armor, cover your vital areas as much as possible.

I've been using Ubuntu for over 4 months, no viruses and it comes with a built in firewall along with AV software. I can email, surf the web and do everything else needed for day to day business and it's easier to set up a "dummy" account for civilians to use if necessary.

It just makes sense.

[wolivere]

"Why aren't the fbi using Linux"

Who says they are not, and who said linux can't get infected?

[tm_anon]

@wolivere

As much as I've looked online, there are 3 possible viruses for Linux, just possible.

When I was using Windows, it was possible to get 3 viruses a day, every day of the year, and never have a repeat. The chances that this happened on Windows and not Linux are 99.999999999999999999% .

http://www.securityfocus.com/columnists/215

"Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box. In the field, however, they don't have as much money to spend, so they have to stretch their dollars by buying WinTel-based hardware. Are you listening, Apple? The FBI wants to buy your stuff. Talk to them!"

If the FBI uses Windows in the field to stretch a dollar, do you really think they'll not be using WinTel machines for outside networks?

[Random_Walk]

Let me guess.... windows?

[tektaktyks]

http://www.macworld.com/article/132733/2008/03/hack.html

[Lumiseon]

You do know that Mac and Linux are just as hackable as Windows is, right? Mac and Linux just aren't used nearly as much as Windows is AROUND THE WORLD. Mac's aren't as important. If it were Macs that were in the position Windows is in, they'd be the more hacked and people'd be saying Windows is unhackable. Stop acting like a childish little Apple fanboy.

[ballmerisanape]

Lumiseon,

The Mac OS does not allow a program to install without user interaction. Furthermore... there is no method to get a program to self-replicate and spread itself to other computers.

Mac's don't have a virus problem because of the current OS architecture.... Trojans.... yes.... but nothing that can spread itself.

And that is what makes them more secure.

[xcal78]

"Lumiseon,

The Mac OS does not allow a program to install without user interaction. Furthermore... there is no method to get a program to self-replicate and spread itself to other computers.

Mac's don't have a virus problem because of the current OS architecture.... Trojans.... yes.... but nothing that can spread itself.

And that is what makes them more secure. "

So a mac can get a trojan? A trojan can allow a program to execute without user interaction, self-replicate, then spread. Lumiseonis exactly right. If Mac's and windows switch places everything would switch. Nothing is impossible for a skilled hacker or programmer.

[ExWinUser]

And it's probably Vista too. So much for security. Microsoft still hasn't figured out how to copy the Mac or Linux security implementation yet.

[ballmerisanape]

xcal78,

Wrong..

A Mac can "get" a program after a user downloads it (on purpose or "driveby"). The Mac OS tells you that it's an application that is being downloaded. After the user OKs the download, the program will require the user to enter their user name and password in order for it to do any real damage.

Even if the user manages to make that many mistakes... there is still no way for that program to self-replicate.

So... yes.. a program can enter disguised.. it can do damage if the user allows it too.. but it can not spread.

[Random_Walk]

@ tektaktyks : I'm very sure that the FBI didn't all willingly install malware on their own machines en-masse. Try again?

@Lumiseon, re "You do know that Mac and Linux are just as hackable as Windows is, right?"

Wrong. Two radically different architectures (*nix vs. NT), and a track record showing literally millions of Windows infections for every one *nix variant (yes, Linux and OSX lumped together)?

Come back when you have actual facts to offer, and not ignorant generalization. thx in advance.

[man_w_balls]

RE: Mac hack posted by "tektaktyks"

Did you read the article? Here's a quote from it:

"Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but on Thursday the rules were relaxed so that attackers could direct contest organizers using the computers to do things like visit Web sites or open e-mail messages."

The dude had PHYSICAL ACCESS to the Mac, as in like telling a person in front of the MacBook Air what to click on. You can hack any computer if you can get your hands on it. Try Command-S while rebooting a Mac. That logs you in as root in "Single User Mode" - the easiest "hack" in the world. But can you do it to a Mac over a network? I doubt it.

[Dalkorian]

by Lumiseon May 22, 2009 6:03 AM PDT
You do know that Mac and Linux are just as hackable as Windows is, right?

--------------------------------------------------------------------------------

WRONG! But thanks for showing the world that you know nothing of which you speak.

[jake3373]

I've never seen a Mac server b4... must not be secure enough... or usable enough :)

Many businesses can't use Mac because they need special programs that only run on Windows.

Every program always comes out on Windows first, and then Mac.

[Goodbye Helicopter]

haha

[SEXYDIVERGUY]

I too was under the impression that "military types" used Unix and Linux. Cisco IDS was probably not up to date or something..:)

[JimTux]

I bet they plugged in a USB hard drive they brought in from home. :-P

[The_happy_switcher]

Maybe it's from kissing that pig called Vista.

[jake3373]

Most companies I know still use XP. They're the smart ones.

[drivintin]

This outbreak doesn't mean it is limited to only internet facing machines. All it takes is one portal to the internet to get things started. And I even take that back, you could have access in tons of physical ways.

Windows gets a lot of grief about their security holes, but honestly they are also the quickest to patch. An exploit only hitting a particular version of a service can go unpatched for years if not properly maintained.

I think in this day and age of very sophisticated viruses and botnets, I would imagine their are tons of backdoors into government systems that are still unknown.

_____
The Running Tally
http://www.therunningtally.com

[tm_anon]

Linux gets patched the moment the patch is available. Usually those patches are available before anyone even knew there was a problem besides those who found the problem.

Windows gets patched on....... Patch Tuesday.

Windows gets grief for security holes because there are tons of security holes being claimed as "features" of the OS.

[NowComeOn]

It's made in China....

[knowles2]

or Russia or even a friendly country. Israel is not exactly against spying on you guys.

[jake3373]

lol

[drno7]

maybe its the SkyNet Virus...it has started earlier than 2018...oh no :)

[ZZZZXYZ]

where you have internet access, you will always have ...

[gertruded]

Where you have Windows, you will always have ...

[Lumiseon]

Wrong, gertruded. If you'd listen to everything and stop being blind and merely saying only Windows is majorly hackable, you'd see that Macc and Linux are just as easily hackable.

[ballmerisanape]

Lumiseon ... but there are no viruses for the Mac OS or current versions of Linux. Being "hackable" will always be a problem for a consumer OS... being vulnerable to self-spreading/replicating worms/viruses is a unique property that only Windows has. The OS is set-up to allow this... It's waaay better with Vista.. but look at how long it too Microsoft to sure up their OS. The result is that the vast majority of the installed Windows base is an OS that is waay behind the curve regarding security (XP).

[michael_j_x]

@ballmerisanape
That is absolute FUD. The first ever worm released was on a Unix machine. There have been worms and trojans that could self replicate on the Mac, the one with iChat comes to mind (ok, I grand you this, you still needed to accept a jpg file from the infected host). But anyway, wasn't it just yesterday that someone exploited a Java vulnerability, and could install and run any program on the Mac by simply visiting an infected website, (that is without any user interaction at all)?

[ballmerisanape]

michael_j_x,

Name one instance... just one.... of a program that can replicate and spread itself on a Mac.

There are none.

Anyone can make a Trojan for the Mac OS. I can write an applescript that runs the command sudo rm and delete my user folder.... however.. in order for it to work.. I have to ignore the warning "you are downloading an application".. or "XX.jpg is really an application..".. and enter my password...

What you cant do.. is make this program spread itself over a network or send out mass emails with a dangerous payload...

Why is that so hard to understand?

There is no way (currently) to get the Mac OS to spread malware.

If I'm wrong... prove it.

Find me a Mac virus.... even proof of concept....and I will eat crow.

[michael_j_x]

@ballmerisanape
"What you cant do.. is make this program spread itself over a network or send out mass emails with a dangerous payload..."
this one has already been done with ichat, as I said earlier, where the infected host would send a copy of the worm to other iChat contacts, disguised as a jpg file.
But, despite that, it is possible to do drive-by downloads on the Os, with the Java vulnerability mentioned yesterday.
So yes, maybe there isn't a known virus spreading itself among OS X users, but there have been both cases of:
a)worms using a compromised host to propagate, even though some user interaction was required on the RECEIVING end (not the host os)
b) programs able to install and run themselves without any user interaction at all
Now, if the OS allows for any of the above to happen, then its only a matter of time before someone manages to write a program that can do both.

[ballmerisanape]

michael_j_x ,

Thanks for the info.. I must have missed the OSX/Leap-A worm. While it can indeed "spread itself"... it first needs the user to download, decompress and execute the file, and enter their admin password to cause any damage.

Also, the program cannot spread itself on intel based Macs.. and the problem was fixed and is no longer an issue.

Regarding the Java exploit.. That scared me too.. as I tried it out myself yesterday. However.. that is not an example of a program installing itself.. it's code that runs on an application that already resides on the host without making modifications (not sure which is worse...).

Anybody have some salt... maybe some crushed red peppers.. ? I've heard Crow is kind of gamey ;) And even though... as you said..... there really aren't any viruses for the Mac, I overlooked the Leap-A worm... and will now enjoy my crow for lunch.

[Vegaman_Dan]

@ballmerisanape:

You know, just because you say something ten billion times doesn't make it true no matter how much you may wish it to be so. Wake up and smell the burning plastic from your Mac. It happens. Get over it. Take precautions and move on with your life. You're seriously missing out on a lot of it in your burning hatred.

[ballmerisanape]

Vegaman_Dan,

Reading Comprehension? Ever heard of it?

[Vegaman_Dan]

@ballmerisanape:

Ah, going for the personal attack instead of addressing the subject. How.... predictable.

Nevermind, you have made it abundantly clear that you do not wish to hear anything ... uncomfortable or troubling about your chosen product. That's fine- here's some more cotton to stuff in your ears so you won't have to deal with reality.

oh, your machine's been hacked by the Russians and is part of a botnet, by the way.

[joshusdog]

This is the kind of stupid crap that brings heat down on everyone. It was probably the work of some random conspiracy nut. No anons would be that stupid.

[tektaktyks]

http://www.macworld.com/article/132733/2008/03/hack.html

[ballmerisanape]

..."Within 2 minutes, he directed the contest's organizers to visit a Web site that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on."

And how is that a virus?

[tektaktyks]

http://news.cnet.com/Mac--hacked-through-QuickTime-flaw/2100-1002_3-6178787.html?tag=mncol

[ballmerisanape]

And despite this "swiss cheese" OS... there are no viruses for the Mac. Know why... because you can't get a Mac-based program to install and spread. And that's the big difference between the Mac OS and Windows.. and that's why Windows users have to eat up system resources with antivirus software.

[jake3373]

I use AVG, and my computer still runs fast. Try installing antivirus on a Mac and it will run really slow...

[ppgreat]

When I read the headline, I thought a bunch of agents and marshals had contracted some variant of H1N1.

[divide_by_zero]

lol, that is exactly what I thought.

[42istheanswer]

You fanboys crack me up

[hassan_bin_sober]

It's just those scamps at the NSA.

[gertruded]

LUMISEON, you are just wrong. Windows is only a good OS if you are not on line.

[oldguytoo]

All you guys are geeking me out....

[kpurdu1]

Jenine Gerafalo must be in charge over there...

[Vegaman_Dan]

It sure is interesting how people just immediately assume that the systems affected were Windows machines. Sure makes it interesting to find out the truth, if we ever do, that is. And even then if it is Windows, was it a fully patched and current system or was it compromised by some patch that was released months ago that the government hasn't yet implemented?

I doubt we'll ever find out, but it's fun speculating. Personally, I think it was a Texas Iinstruments TI-99--4a with speech synthisizer that was the culprit. :)

[tm_anon]

Since they mentioned a virus, in the wild, that screams Windows.

Sure, Linux has viruses. You have to write them yourself and then install them on your machine yourself but Linux does have viruses.

Pretty sure OSX could have the same kind of viruses Linux has if someone were to write one.

Windows though. Windows makes getting viruses the easiest thing you'll ever do without trying.

[pentest]

Given that 99.99999999999999999999999999999999999999999999999999999999999999% of all viruses are for Windows, it is not a stretch, even for a shill like you, to accept.

[wes2706404]

It's probably the taliban. They've been threatening to attack the US for a while now