• Sasser: patch me if you can

    by  • 3 May, 2004 • Uncategorized • 8 Comments

    You heard of Sasser, haven’t you? What, you didn’t? Where have you been the last 24 hours? I hope you’re not that irresponsible a person that you don’t check the virus warning bulletins every now and then. You should, you know, because there is danger lurking out there all the time. There is only a dozen websites that you have to consult regularly, say every hour or so, to keep up to date. And don’t come saying that you don’t have the time for all that, because you should have known that when you bought this computer with an operating system that has more holes than a Swiss gruyère cheese. What, you didn’t know that either? Poor me, are we naive or what? But, don’t despair, the patchman is on it’s way…

    So, Sasser is the latest and greatest in entertainment for the wicked and the weird. It’s a virus! And once again it only affects Windows users! If you belong to that small subset of Windows users that like to use the Internet, you’ve been warned. Try to surf less or not at all, okay? And, of course, you should patch. As a rule, you should patch often. As much as you can. Or at least as often as Microsoft asks you to. If you’re finally tired of downloading and installing patches to patch patches that patched patches issued to fix patches that broke while patching a patch that didn’t patch the first patch, but broke the last patch you patched, you might want to try a Mac instead. More information about adding a Mac OS X machine to your computing arsenal here. (Courtesy of macdailynews)

    8 Responses to Sasser: patch me if you can

    1. You know who
      3 May, 2004 at 23:39


      If you are a cautious fellow like your narrator and you have your entire system backed up on CD and all your data files backed up on CD and keep concurrent backups on USBus memory keys, then you can forget paying $30 per annum to McAffee or Norton, who can’t keep up with the evildoers anyway, and sleep with both eyes closed.

      On the other hand, I knew this software developer who got into business with me and — you won’t believe this! — this guy said he didn’t need a backup device. Well, about two weeks later I get a sheepish call from this guy and he wanted — guess what! — a backup device!

      Once this guy almost lost his own company’s source code due to a disk crash and it took him a nail-biting week to find the software that would reinstate his disk, whereas if he had made concurrent backups, he could have reinstated everything in a couple of hours.

      Comme ca?

    2. luc
      4 May, 2004 at 14:13

      You do verify that the restore works, don’t you? Then there is only one little problem left: you can’t fill security holes with backups. At best you can backup a bucket of those holes, so that you are sure they are there again when you do a restore… Very smart…

      Pas du tout!

    3. You know
      4 May, 2004 at 18:52

      True, but that does not address my point. That most folks don’t understand the nature of a virus (it is a poor metaphor) and different means of dealing with them is to me extraordinary.

      “As technology becomes more elaborate and users of technology more dependent on it and, at the same time less interested in its workings, users become more ignornant.”
      – Karl Jung

      This thought, not to the point either, also occurred to me:

      I was reading an article about Sasser in which it was noted that Asia and Europe were hardest hit. Why? Time zones. By the time, these viruses are all over Asia and Europe, long before the Americans arrive at work, American users are aware of them. Of course, if a virus were releaed at 8:00 US Eastern Standard Time, that would be different. It would be interesting to find out what time of day, if there is any particularly attractive time slot with respect to this sort of thing, most viruses are released.


    4. Tom Hoffman
      4 May, 2004 at 18:58

      Do I verify that “the restore works”? Is the Pope a Catholic? Am I a businessman? Answer to the latter two questions: YES! You can guess the answer to the first.


    5. luc
      4 May, 2004 at 19:11

      So, we’re still left with the little problem of downloading and installing patches to patch patches that patched patches issued to fix patches that broke while patching a patch that didn’t patch the first patch, but broke the last patch you patched.

      Why are those patches needed? Now we are back to the security holes as numerous as in a Swiss Gruyère. For which a backup is not an effective remedy.

    6. Tom Hoffman
      4 May, 2004 at 23:22

      Ask youself this: If Apple were the cock on the block, don’t you suppose it’d be targeted? Now, perhaps, by design, Apple’s OS’s aren’t as vulnerable as Microsoft’s. Perhaps we’ll never know. After all, one does not crash jets into the Kleine Spouwen Cahtedral.

    7. Paul
      7 May, 2004 at 1:09

      Just to pick a nit, “Sasser” is a worm.

      Also, have you seen the news about the first Trojan horse aimed at OSX? It’s called “MP3Concept” and it uses music (and maybe image?) files to traverse the web. Apple’s very popular iTunes seems to have attracted the malefactors.

    8. luc
      7 May, 2004 at 11:09

      Paul, you’re right of course, Sasser is a worm, thanks for correcting that. The “trojan” for MacOSX on the other hand is a hoax. It was never released, just posted in a bulletin board as a proof of concept that such a thing could be fabricated for MacOSX too. Somebody at one of the antivirus companies thought they could get a nice and easy ride out of it. They fell flat on their nose… It’ll be hard for them to regain their credibility.

    Leave a Reply