Retro Virus

Cidu Bill on Jan 31st 2010

virus.png

Usual John: This XKCD is all about the implication a virus on a Windows machine is so 2003. Did viruses suddenly go away while I wasn’t looking? Am I stuck in 2003 too?
The metatext, lest anybody believe it helps, is “He says this is the year of Linux on the desktop! The world of Windows will fade any moment now!”

Filed in Bill Bickel, CIDU, comic strips, comics, humor, xkcd | 36 responses so far

36 Responses to “Retro Virus”

  1. RyanE Jan 31st 2010 at 12:07 pm 1

    The truth of the matter is, there are a *lot* of family computers, etc. that are still on XP, and yes, can still get viruses. I have to maintain a few of those.

    I think the implication is that if you’re still on XP, you’re living in the past, where viruses were more of an issue. Vista and Windows 7 are much better at not getting those.

    My desktop hasn’t ever had a virus, but it’s running Linux. :)

  2. furrykef Jan 31st 2010 at 12:47 pm 2

    xkcd is written for nerds, particularly nerds who use Linux and similar operating systems. Those OSes don’t get viruses.

  3. arvy Jan 31st 2010 at 12:50 pm 3

    Readers of this site have speculated more than once that authors of these strips are intentionally trying to get their comics on CIDU. I’ll raise that one better and propose that they are now trying to give Bill set-ups for his post titles.

    I love xkcd, but in this case it’s Bill’s post title that completes the strip.

  4. CIDU Bill Jan 31st 2010 at 12:55 pm 4

    arvy, in this particular case, I simply used the title used on the XKCD, so obviously I can’t accept any credit.

  5. David A. Rooney Jan 31st 2010 at 01:00 pm 5

    But isn’t ‘retro’ the new in thing? Doesn’t that put him ahead of his co-workers?

  6. turquoise cow Jan 31st 2010 at 01:09 pm 6

    I’ve never gotten a virus, either on my current computer, which is a Mac, or on my old Gateway. Several of my coworkers and friends, however, spend many hours updating their virus software and running virus scans and defragmenting hard drives and all that stuff. I tell them they should get Macs because I don’t have to deal with all that stuff and they tell me that Macs would be “too hard to learn how to use.”

    ::shrug:: i tried.

  7. David N Jan 31st 2010 at 01:09 pm 7

    It’s a Windows joke, folks. The inside-nerdiness at xkcd is simply saying that Windows hasn’t kept up, and by association neither have Windows users. Vista bombed, so users stayed on XP. Windows 7 has come out and whaddya know - movement to it (especially at the business level) has been slower than hoped.

    The real joke is that it’s a technonerd still on XP. I should know, being an IT tech, who still runs XP at home and so does the Fortune 100 business where I work. :)

    The joke cracked me up, btw.

  8. dd Jan 31st 2010 at 01:14 pm 8

    The strip is more “making fun of people who make fun of Windows users” than it is “making fun of Windows users.”

  9. John Small Berries Jan 31st 2010 at 01:16 pm 9

    I think furrykef nailed it. Additionally, newer versions of Windows (Vista, 7, Server 2008) do have popups making you confirm that you really want a program to modify your system (though many users DISABLE this protection because it’s “annoying”, and run with administrator privileges on their main account, so the security features do no good whatsoever).

    Though I have to say, even on XP, almost all viruses and trojans these days are contracted by users doing something stupid (like using Internet Explorer or Outlook Express, or blindly opening email attachments).

  10. James Schend Jan 31st 2010 at 01:19 pm 10

    Viruses are still around, but they generally don’t come from Windows anymore. By far the most popular vectors for virus spreading are:
    1) People clicking stupid links (”Yes! I want to install the unicorn screensaver and ignore the 24 warning dialogs saying I’m being pwned!”)
    2) Adobe products (Flash and Adobe Reader, mostly)
    3) Java

    The type 1 viruses are never going away, because there’s no amount of defenses an OS can mount that can prevent people from running their unicorn screensavers. The only reason OS X and Linux are “more secure” in this sense is that nobody makes fake unicorn screensavers for those OSes. (Yet.)

    Adobe and Sun are just lucky that Microsoft gets all the PR flack and they’ve been largely immune– God knows why though! The last three viruses I’ve seen (over the last 5 years) were spread through Java and Flash. I’d love to see Adobe get some major negative attention from the press over this.

    (BTW, the recent Google hack was the exception to prove the rule… that’s the first time a Windows component has been responsible for a virus in ages, probably since Slammer, in 2003. Even then it only affected computers running ancient versions of IE.)

  11. Dave Van Domelen Jan 31st 2010 at 06:25 pm 11

    I believe the key here is that he’s using regedit.

  12. Marshal Feb 1st 2010 at 03:00 am 12

    James Schend,
    I read somewhere the Google hack was through a government mandated back
    door. Which government I can’t remember. Think it was ours.

  13. Marshal Feb 1st 2010 at 03:02 am 13

    Dave Van Domelen,

    Vista has regedit. Don’t know about Windows 7. Most likely
    won’t update to that till I’m ready to build my next computer.

  14. Tom T. Feb 1st 2010 at 07:01 am 14

    The discussion on the xkcd forum is also somewhat confused by this strip, although the consensus is that it’s a Linux thing.

  15. Andrew McGrae Feb 1st 2010 at 08:13 am 15

    I agree with dd’s remark that it’s more making fun of the more avid Linux fanboys than of Windows users. The guy at the computer in the third panel is probably trying to say something like “Hey, XP’s still the most commonly used OS out there”, and the thing about “The year of Linux” and Windows fading away is ridiculously unlikely.

  16. GP Feb 1st 2010 at 08:21 am 16

    It’s definitely a Linux thing. No self-respecting geek uses Windows anymore. A geek struggling with a virus on Windows is like an audiophile trying to un-jam his cassette tape player.

  17. Ian Osmond Feb 1st 2010 at 08:28 am 17

    You don’t use regedit to clean your own viruses. You download AVAST or any of a number of good, quality, open source or REPUTABLE freeware programs that do it for you.

    The days of having to MANUALLY clean viruses are long over.

  18. The Bad Seed Feb 1st 2010 at 08:43 am 18

    In any case, this strip did give ME a flashback to 2003, I’m embarassed to admit.

  19. The Bad Seed Feb 1st 2010 at 08:45 am 19

    p.s. The Friendster line was truly a LOL for me!

  20. Zack Feb 1st 2010 at 08:47 am 20

    The “Year of Linux on the Desktop” is a nerd inside joke. We all have a sort of competition to spot all the times the current year is called the year of Linux on the Desktop every year.

    It has been going on since at least 2001, the Year of Linux on the Desktop, and seems to be alive and healthy in 2010, the Year of Linux on the Desktop.

  21. John Small Berries Feb 1st 2010 at 11:02 am 21

    Every time I see something like “Year of the Linux Desktop”, I can’t help but remember the old video clip of Bill Gates saying “Of course, part of what you’re seeing here at Comdex is a strong message that we believe OS/2 is the platform for the Nineties”.

  22. Ted in Fort Lauderdale Feb 1st 2010 at 12:27 pm 22

    Marshall: yes - Win 7 still has regedit.

    GP: I think my geek credentials are intact (used to (and hopefully one day again will) write operating systems for a living, on the net before it was the internet, and date back to punched cards), and I still have to deal with Windows. Professionally (though I swore it would never happen) I am now working on it (deep in the guts rather than apps, but still…) - my mortgage company sort of insisted that if that was the only choice… Secondly, while _I_ may use Linux at home, the kids mostly don’t, as it doesn’t run the bulk of their games. And those (especially the on-line games) lead to most of the viruses in my life.

    Ian Osmond: AV programs can handle the easy ones. The kids managed to somehow get a particularly nasty rootkit-ish bug on one of the machines that won’t even let any AV progs run. When it is that bad, you sometimes _do_ end up running regedit in safe mode, or you scrub down to bare metal and re-install…

  23. Marshal Feb 1st 2010 at 12:47 pm 23

    Funny thing is Linux is not really any safer than Windows. The only
    real difference is, depending on the version you use, how long
    it takes to fix the exploit to keep the crackers out. And lets face it
    If Linux did totally replace Windows then all the people writing viruses
    and trojans for Windows would just write them for Linux. Same goes
    for Apples computers as well.

    http://en.wikipedia.org/wiki/Linux_malware
    There is a list of known Linux malware at the bottom of the page.
    Not as long as a Windows list would be but still longer than most would
    expect.

    .

  24. Jesse Feb 1st 2010 at 01:26 pm 24

    I thought the joke was that people rarely get viruses any more. I actually just got one on my wife’s laptop last week, and it seemed like years since it happened, so this was a LOL for me when I saw it.

  25. FeelinOld Feb 1st 2010 at 05:08 pm 25

    Unfortunately no systems are immune, a few months ago had to clean off an MacOSX system that a trojan was on (Foolish User) way back I had to deal with a rootkitted unix system (pre linux) and last week had to get an ugly trojan off an up to date Vista system (Again a Foolish User)

    To be honest I’m really surprised there haven’t been more problems under OSX, it always seems to be the first to fall in pwn to own contests, and safari seems to be a veritable sieve. I guess it’s just a numbers game…

    The nastiest four letter word in a techies world is —- USER

  26. Marshal Feb 1st 2010 at 05:18 pm 26

    Script kiddies and zombie bot nets are two of the biggest problems on
    the net nowadays.

  27. Steffen Feb 1st 2010 at 11:48 pm 27

    As a techie who uses Windows, I think the joke is that for Windows computers, viruses have become much less of an issue relative to all complaints - malware is the problem you’re likely to deal with. Viruses nowadays are rare because they accomplish nothing, while malware at least makes the author money.

  28. Dave in Boston Feb 2nd 2010 at 03:52 am 28

    Linux is still fundamentally more secure than Windows. How many of you gave your main Windows user account administrator privileges? How many of you tried not to and gave up because things didn’t work? When has this *ever* been a problem in Unix?

    Microsoft spent a long time denying that they had any such thing as architectural-level security problems, but did eventually wake up, and they’ve spent most of the last 9-10 years or so playing catch-up. They’re finally starting to get there, maybe…

    Steffen: normally “viruses” are a subcategory of “malware”.

  29. James Schend Feb 2nd 2010 at 09:45 pm 29

    Dave, you need to update your anti-Windows rant for Vista and Windows 7. Unless you’ve gone out of your way to disable security features, UAC will automatically elevate as-needed*. There was a big problem of incompatible software when Vista first came out, but software that wouldn’t run under Vista’s UAC was *already broken* in Windows 2000 or Windows XP if you ran in anything other than Administrator. So Windows is just a lot more noisy when saying “hey, this program is broken!” (Despite that, most broken programs still ran fine.)

    Microsoft did recognize there were architectural-level security problems… in Windows 9x. That’s why they moved everybody to Windows XP (which doesn’t share those problems) in the first place.

    Also, I always find your complaint a little goofy, since the security model in Windows is virtually identical to the one in Unix/Linux. I mean, if Windows is “insecure” and Linux is “secure” and they both have the exact same permissions implementation… that doesn’t even make sense. Especially when people go on to say “Windows permissions should be more like Linux.” How would that be possible!? It’s already a super-set of Linux’s! Anyway, sorry to rant.

    * Personally, I find UAC better than Linux, since in Linux the only way to know you need to elevate is by letting it fail the first time!

  30. John Small Berries Feb 3rd 2010 at 09:53 am 30

    The main difference, as has been noted above, is that when you set up Windows (at least the consumer versions thereof), it automatically grants full administrator privileges to the primary user account. When you set up Linux (at least all the distros I’ve used), it explicitly sets up two accounts: root, and your primary, non-privileged user account (some Linux distros even set up root so that you can’t log into it, and force you to explicitly sudo any privileged operations from your nonprivileged account).

    That is an inherently more secure model than “give the user admin rights, and if they want to restrict the account to make it safer, they’ll have to do it themselves - if they even know it’s possible to do so, which most end-users don’t”.

  31. James Schend Feb 3rd 2010 at 09:36 pm 31

    John, you’d be correct if it were, say, 2006. But it’s not. Both Vista and Windows 7 don’t give users full Administrative access by default. They have more of a “fake admin” mode, where it pretends to be Administrator for compatibility purposes, but it’s really not.

    I could take the anti-Windows commenters a lot more serious if they’d at least keep up on what features are in the 3 year old Windows version.

  32. Dave in Boston Feb 4th 2010 at 03:03 am 32

    Yes, things were/are “already broken” - that is why everyone always gave/gives themselves administrator privileges. Things don’t work otherwise.

    I haven’t used Vista (let alone Windows 7) except for briefly on a borrowed tablet that BSOD’d within twenty minutes and then took a good fifteen minutes to finish rebooting, so I can’t comment on it directly. However, you might want to consider what a typical user will do when a dialog box pops up that says “Process wants to do [OK] [Cancel]”. Users get trained very quickly to just always click OK.

    Meanwhile, the security model in Windows is not anything like the security model in Unix. It’s from VMS, and it shares many of the same problems. Most notably, it’s too complicated.

    As far as architectural-level security problems in NT/XP/whatnot (as opposed to Win95/98/Me which were still basically MS-DOS and had no security at all)… there have been plenty. Reviewing some Windows security bulletins from the 1999-2004 era or so might refresh your memory. For (one) example, because of Windows’ silly obsession with filename extensions, there were a pile of really stupid vulnerabilities where Windows would blithely execute files that users and applications thought were e.g. pictures or text. Most of the exploit paths for these design flaws have been fixed by now, but the design flaws still mostly remain, because changing things is hard and Microsoft has little interest in or commitment to bothering.

    Why do you suppose there’s (last I heard anyway) only one known virus for Linux that has never been seen in the wild? There’s no shortage of hacker-kiddie scripts and rootkits and other material, and outdated/unpatched and unfirewalled Linux systems get hacked quite rapidly, so it’s not like the user population isn’t large enough to support plenty of malware.

  33. Dave in Boston Feb 4th 2010 at 03:18 am 33

    grr, wordpress mangled that. The second paragraph was supposed to say

    “Process (INCOMPREHENSIBLE) wants to do (INCOMPREHENSIBLE).
    [OK] [Cancel]”

  34. John Small Berries Feb 4th 2010 at 09:49 am 34

    James, Vista and Windows 7 don’t merely “pretend” to give users Administrator privileges. When it creates the primary user, it automatically puts the account into the Administrators group.

    Don’t believe me? Assuming you haven’t removed Admin rights from your user account, verify for yourself on your own computer: right-click on My Computer and select “Manage”. Open up “Local Users and Groups”, then “Users”. Right-click on your username, select “Properties”. Click on “Member Of”. There’s the Administrators group, the very same one which is assigned to the Administrator account. Genuine administrator rights, not “‘fake admin’ mode”.

    As a systems administrator who deals with not only Solaris and Linux but six versions of Windows (2000, XP, Server 2003, Server 2008, Vista and 7) on a daily basis, I can assure you that I’m neither “anti-Windows” nor stuck in 2006.

  35. Todd Feb 7th 2010 at 01:02 am 35

    The world of Windows on the desktop will fade away when the desktops fade away.

    Bring on the tablets!

  36. Eric Feb 9th 2010 at 12:42 pm 36

    I find it funny that people say Macs don’t get viruses. I know a friend of mine has gone through two Macbooks in the past year because viruses have killed them beyond salvage. Of course, anecdotal evidence being what it is…

    Still, to assume you’re safe from viruses is a bad assumption to make. Could cost you a computer.

    And, #35, tablets have been around for a while. Many of them Windows.

Comments RSS

Leave a Reply