Witty
[Witty targeted a firewall product:] When users participating in the best security practice that can be reasonably expected get infected with a virulent and damaging worm, we need to reconsider the notion that end user behavior can solve or even effectively mitigate the malicious software problem and turn our attention toward both preventing software vulnerabilities in the first place and developing large-scale, robust and reliable infrastructure that can mitigate current security problems without relying on end user intervention.
Colleen Shannon and David Moore of the Cooperative Association for Internet Data Analysis (CAIDA) offer a fascinating and rather frightening analysis of last week’s Witty worm. It’s dangerous out there, folks.
Witty seems to have been an orchestrated attack, albeit using an opportunistic method. The paper argues convincingly that we’re using the wrong security model; if we don’t change, the bad guys are gonna take down a lot of computers. Doesn’t matter if it’s a prank or something really malicious, it’s going to be costly regardless.
Link courtesy of Mikko Hyppönen/F-Secure
Here’s a technical analysis of Witty, from Matthew Murphy. It is also worth a read, if you didn’t mind slogging through code.
Revision History:
- March 28, 2012 at 10:44 am by joel (displayed above)
- February 5, 2011 at 1:50 am by joel
- February 5, 2011 at 1:47 am by joel
- March 29, 2004 at 1:23 am by joel
Posted by
joel
Posted on
Sunday March 28th 2004
Filed under
Semi-Geekery
