One of the scariest videos I've watched in a long time is Mark Russinovich's presentation on advanced malware cleaning.
It's a long, technical presentation but the content chilled the blood of this computer tech.
Mark described how clever the malware writers are and how difficult it's going to be to detect and remove the next generation of spyware.
With the current generation of tools, we find it difficult to clean up many machines within three hours. I tell my techs that if you can't clean it in the first hour, wipe the system. That usually means the client is going to see a $600 bill.
For many clients, they'd be better off buying a new system.
The lesson for home and office users is to make sure your staff and kids are restricted users. While it might mean some programs won't work, it's a small price to pay for keeping your system clean.
For techs, it means we've got to develop better tools to protect our clients and clean out infections. Russinovich makes a good point that we're going to rely more on live CDs like BartPE or Knoppix to clear infected systems as the malware is going be too deeply embedded in the system to remove any other way.
Personally, I'm considering running away and joining a call centre. This stuff is going to be very hard, frustrating work.
Saturday, April 28, 2007
Subscribe to:
Posts (Atom)