Advanced Micro Devices Inc (AMD)

[mmoy]

It will be interesting to see if any of the alternative methods can be as malicious as the buffer-overflows.


Last week's Sapphire worm, widely known as SQL Slammer, infected more than 90 percent of vulnerable computers within 10 minutes, opening a new era of fast-spreading viruses on the Internet, according to a think tank.

The findings come from the Cooperative Association for Internet Data Analysis (CAIDA), a U.S. body largely funded by government agencies such as the National Science Foundation, and devoted to developing tools and standards for measuring Internet traffic. According to a CAIDA report issued late last week, the worm doubled in size every 8.5 seconds when it first appeared, and reached the full rate at which it was scanning for vulnerable computers--a rate of more than 55 million scans per second--after about three minutes.

This rapidity puts Slammer into the realm of what is known as a Warhol worm, or one that could infect the entire Internet in 15 minutes. Researchers have theorized about such worms for some time, and a paper presented at last year's Usenix Security Symposium by security experts Vern Paxson, Stuart Staniford, and Nicholas Weaver also predicted the emergence of a "flash worm", which could scan the entire Internet in a matter of seconds. Until now, however, no examples have been released into the wild.

http://zdnet.com.com/2100-1104-983108.html

At Microsoft, the Windows XP operating system could not be activated online. At Continental Airlines, flights were delayed or cancelled due to issues with online ticketing and electronic check-in. In Seattle, the city's emergency 911-phone system was halted.

These large corporations and municipalities were overwhelmed because of the unusual nature of the cyber-attack. While the possibility to infect databases has always existed, the SQL Slammer was the first Internet worm to infect SQL databases on such an extensive scale. Most worms have attacked a more general target: e-mail and Web servers. The fact that so many database servers, an estimated 200,000, were infected denotes the fact that a skilled attacker could have compromised much of the data on those servers before the worm struck.

http://thewhir.com/king/slammer.cfm

The Washington Post reported that the majority Bank of America's 13,000 ATM machines were unable to process transactions due to this worm. I may be wrong, but last I knew ATM machines did not process transactions over the general Internet. Many banks charge or once charged network fees to subsidize the cost of building that ATM network. So, if ATM machines do not process over the Internet, that means that Bank of America's ATM network was down because Bank of America was infected by this worm. It would mean that Bank of America is not concerned about security, that they didn't even apply a security patch that has been available for six months.

http://www.cotse.com/20032701.html


History has shown me to have a lot of faith in the hacker community.


1) You don't know anything about NX
2) When's the last time you hacked into machines?
3) When's the last time that you wrote a virus
4) What's the best way to get a password? Hint: it doesn't
require the use of a computer.