Tuesday, March 31, 2009

Not very much about Conficker.c

Having caught the Sixty Minutes episode in which LeBron James sinks a one-handed underhand shot from the opposite free-throw line -- in one take, no less -- I couldn't help also noticing a piece about the Conficker worm. Well, actually it was an advertisement for Symantec in which a spokesman showed how malware in general could do all kinds of scary things, just like it always has, but you could use Symantec to protect yourself. No mention of, say, Kaspersky or McAfee.

OK, so do the Windows boxes have this thing or not? There are several ways to find out. US Cert, for example, recommends checking for connectivity to several sites. Microsoft has its own page.

Now, useful as these tips are, any of them just represents someone's best guess. Granted, it's a bunch of smart and experienced someones, but still, there's always the chance that the worm's authors have found some way to decoy around this. Even if not, there are many, many infected systems out there and no one really knows what if anything they'll do when the worm kicks into high gear, oh, right about now. As I've said, one of these days something out there is going to do serious damage. This might be it, or it might be another damp squib.

The thing that struck me, though, was that none of the sites I've seen mentioned to check or to download a scanner from start with https://. So here's hoping that no one is monkeying around with DNS while all this is going on.

Grumpily yours ...

No comments: