| ▲ | api 2 days ago | |||||||
It's a little shocking to me that there haven't been more things like this. While we're much more conscientious and better at security than we were way back then, things are certainly not totally secure. The best answer I have is the same as what a bio professor told me once about designer plagues: it hasn't happened because nobody's done it. The capability is out there, and the vulnerability is out there. (Someone will chime in about COVID lab leak theories, but even if that's true that's not what I mean. If that happened it was the worst industrial accident in history, not an intentional designer plague.) | ||||||||
| ▲ | cheschire 2 days ago | parent | next [-] | |||||||
Here's a whole list of "more things". https://en.wikipedia.org/wiki/Botnet#Historical_list_of_botn... | ||||||||
| ▲ | dennis_jeeves2 a day ago | parent | prev | next [-] | |||||||
>The best answer I have is the same as what a bio professor told me once about designer plagues: it hasn't happened because nobody's done it. The capability is out there, and the vulnerability is out there. I could be wrong, but I've come to believe that despite the hype they have very little capability. | ||||||||
| ▲ | mrguyorama 2 days ago | parent | prev | next [-] | |||||||
After things like https://en.wikipedia.org/wiki/Blaster_(computer_worm) https://en.wikipedia.org/wiki/SQL_Slammer https://en.wikipedia.org/wiki/Sasser_(computer_worm) Bill Gates sent out the "Trusted Computing" memo to harden Windows and make it somewhat secure. Essentially, Windows used to be trivial to exploit, in that Every single service was by default exposed to the web, full of very trivial buffer overflows that dovetailed nicely into remote code execution. Since then, Windows has stopped exposing everything to the internet by default and added a firewall, fixed most buffer overflows in entry points of these services, and made it substantially harder to turn most vulnerabilities into the kind of remote code execution you would use to make simple worms. >better at security than we were way back then In some ways this is dramatically understated. Now the majority of malware comes from getting people to click on links, targeted attacks that drop it, piggyback riding in on infected downloads, and other forms of just getting the victim to run your code. Worms and botnets are either something you "Willingly" install through "free" VPNs, or target absolutely broken and insecure routers. The days where simply plugging a computer into the internet would result in you immediately trying to infect 100 other computers with no interaction are pretty much gone. For all the bitching about forced updates and UAC and other security measures, they basically work. | ||||||||
| ▲ | jjtheblunt 2 days ago | parent | prev | next [-] | |||||||
your mention of designer plagues reminded me of the russian bioweapons anthrax leak in 1979 | ||||||||
| ▲ | exasperaited 2 days ago | parent | prev | next [-] | |||||||
To a fairly significant extent, the Morris worm is why there haven't been more; it did prompt something of a culture shift away from trusting users to trusting mechanisms, mostly by prompting people to realise that the internet wasn't only going to be in the hands of a set of people who were one or two degrees of separation apart. It didn't make sense to assume people would treat it with reverence like a giant beautiful shared space. It's most obviously paralleled by Samy Kamkar's MySpace worm, which exploited fairly similar too-much-trust territory. | ||||||||
| ||||||||
| ▲ | testaccount28 2 days ago | parent | prev [-] | |||||||
they're just better at hiding now. | ||||||||