Rob Cheng (Global) - Malware Storm Credit: Image from Flickr user anlumo; CC BY-ND
Security

Rob Cheng (Global) - Malware Storm

The US Department of Homeland Security advised last week that users disable Java. This is unprecedented. The government felt this is a computing problem so severe that it must intervene. Java is a real and present threat to not only our national security but our computers, privacy and wallets. The DHS has no motivation to sow misinformation or fear, and they should be heeded.

The Evolution of Malware

Virus writers are having a field day. A new industry has blossomed called Exploit Kits. Talented programmers sell their exploit kits for $3000 a pop to help their brethren malware writers deliver their payloads more effectively.

An exploit locates out-of-date software that allows the payload to be executed without user consent or knowledge. To be clear, just browse to a compromised website, and you are infected. Malware coders have become quite competent at infecting random websites, as well. So a good website today, might be an infected one tomorrow.

Researchers estimate that over half of all infections are through a single kit called the Black Hole Kit. It is not possible for a layperson to obtain the Black Hole Kit, but research indicates that Black Hole's primary target is JAVA.

Late 2012, the NY Times published a controversial piece questioning the effectiveness of modern antivirus software. The shocking conclusion was that after an exhaustive analysis of over 40 antivirus products, there was only a 5% chance of detecting and defeating a new threat. That is, if a computer had 40+ antivirus products running simultaneously, there is a scant 5% chance that the computer would be safe from new threats.

The security industry's response was quick and critical. The motivation, methodology and veracity of the report were questioned. One particularly seething rebuttal discredited the piece and concluded that people should spend as much as they can afford on multiple security solutions.

Ironically, the security industry is doing fine financially. In fact it's a bonanza. As infections rise, we are spending more money on security software, as well as hiring technicians to remove the malware from our computers.

Malware Morphing

Security software detects and blocks malware employing a technique called black list. Once a virus is released into the wild, it begins infecting computers. During the infection period, the virus is trapped by a security company. The virus is tested, confirmed, and then added to the black list. Once added to a black list, the other security black lists are updated. As that happens, that particular virus begins to decline in infections and eventually dies.

Malware makers have found a hole in the black list methodology through a technique called morphing. Once a virus is written, the virus morphs, so that one virus appears to be a thousand to the antivirus software. Polymorphic viruses have created an explosion in malware. There is now more bad software than good software!

The morphing has created a headache for the security industry. The daily number of viruses to be analyzed has exploded. This is a manual process and many of the security heavy weights have created malware research centers in the Phillipines to keep up with the spike in malware. The problem though is that they have forgotten that these viruses are morphing. By the time, the virus has been identified and the black list updated, the virus is no longer in the wild.

Held to Ransom

Private planes, luxury yachts and all the trappings of wealth are the riches of the malware gold rush. The reason that malware exists is financial. They trick users into downloading their payload, and hold the computer hostage until their ransom is paid. This type of activity should be illegal, but the virus industry is thriving and awash in cash.

The nouveaux-rich virus barons are treating their business as a business. They have deadlines, program managers, product roadmaps, and all the workings of a modern software company. On their roadmap are Mac computers, iPhones, tablets and so on. It is just a matter of time.

About 10 years ago, we were on a similar path. Computers were infected with spyware that tracked activity and blanketed the screen with "contextual" popup advertising. The computer became useless, and trust was waning on the wonders of the Internet. Like today, the major security vendors dropped the ball. People were getting infected despite having the best security software money could buy. Like today, the software installed surreptitiously without our consent. A decade ago, it was called drive-by downloads; today it is called exploits and vulnerabilities.

We survived the storm of 10 years ago. The antispyware industry was born and ultimately consolidated into the antivirus industry. The most important event, however, was Microsoft's launch of XP Service Pack 3. XPSP3 eliminated drive-by downloads and added a host of new security features. With one fell swoop, Microsoft stopped the spyware storm. Windows XPSP3 was not bullet proof, just made it a lot more difficult to infect. So hard, in fact, that firms such as WhenU and Gator were no longer financially viable.

We are at a crossroads. Like a decade ago, will the people conquer over the criminals that make viruses today? Unfortunately, Microsoft has lost its focus on making a great and secure operating system. A solution will arise, and it will be free like XP Service Pack 3 for quick adoption. I hope the criminals won't know what hit them, and then the bankers can foreclose on those ill-gotten mansions.

 

By Rob Cheng, pcpitstop.com

 

PREVIOUS ARTICLE

«Matthew Finnie (Global) - We’re Going to Need the Mother of All Networks

NEXT ARTICLE

Dan Swinhoe (Asia) - Green IT in Asia»

Comments

no-images

Dave Sinewave on February 08 2013

Use some of user-friendly Linux distributions like PCLinuxOS or Ubuntu, and Open Source software. Your data will be much safer, for the time being, and your wallet will be fuller and safer, too. It is not that different from any other OS on the outside for a normal user. I install it for everybody, and they don't notice any difference... it's just that there's no "Word" or "Internet Explorer"...

no-images

preach the way of linux on February 08 2013

@linux antidot as if losing word or ie would be a great loss anyway. Linuz Rules

no-images

Windows anti-antidote on February 08 2013

Oh brilliant and savvy *nux people, the vulnerability is Java, and Java runs on Linux also... So I hope you don't get really infected on the highness of your hubris.

no-images

lee on February 08 2013

we don't use MS except through wine. there are a coupla native windoze apps that don't run under wine but of course we know when we're gonna be using them so we turn off our router before loading up windows. we don't care about their updates because they're mostly relate to security anyway. we do almost all of our REAL work out of linux. i really don't know how malware works. but to infect a file you need rights and under linux those right aren't automatic like they are under windoze. smart phones better look out though as their OS's don't appear to need any rights at all either (other than maybe OS rights which quite frankly is a waste anyway).

no-images

LinuxMintUser on February 08 2013

I actually feel safe enough using either Linux or Win7, both requiring extra mouse clicks to execute software. The current issue is JAVA, which my system emulates (Icedtea) therefore the security problem should be about equal, BUT... I don't leave personal info on my internet - enabled machine, I turn it off when not in use, and if I suspect trouble, Linux allows me ro reinstall clean as many times as I feel I need to, while win7 eventually stops allowing me to validate, so Linus wins

no-images

Steve on February 08 2013

I read this article and when I get done, I think, "So?" So where's the documentation that Microsoft has lost focus on security? I think Windows 8 is as much about improving security as it is about selling a new version of Windows. So why is it Microsoft's "fault" that Java or Flash or PDF files are full of buggy holes? Rather than taking Apple's tact of forbidding buggy software and forcing users to other, less robust options, Microsoft has steadfastly maintained their commitment to users to retain usability version to version. Don't get me wrong, as a support person, I much prefer Apple's locked down desktop/tablet world -- but that doesn't make my customers as happy as the free for all on Android or Windows... The solution IS a locked down environment, and maybe the best solution is software that keeps you from working until you close all known security holes -- in real time. Steve

no-images

CaptainMcClellan on February 08 2013

@Linux Antidot Never mind the fact that Ubuntu itself reports your search data to Canonical who sells it to Amazon who then blitz barrages you with adveritzments. Go for a *REAL* Linux distro. @Sew? Sow? or So?: Mind you that Windows 8 is just an extension of facebook for spoon-fed tablet lusers. Get a *REAL* Windows. Also, I personally don't like Apple's approach, but I agree with the safety that it supplies as such. @All Now, with the Java... Why are we throwing around Microsoft and Apple hate when really we should consolidate and take on Oracle? Oracle, the muses of virtualization, ate the old Sun Microsystems because their flagship software (Java) was essentially just that: a virtual OS. A very bare, spartan, underdeveloped OS that can not even run stand-alone on most computers in the known universe. For the implementation of a single cross platform language, it succeeds in it's purpose. Even excels. But noone ever seemed to put much thought into the actual Java Virtual Machine itself. If it had more dynamic, native anti-virus protocols *built-in*, like most every other operating system that is still used, then this would be significantly less a problem. Another thing is that Java seems to the common user to be something extremely insignificant. ("Derr... I click the E for interwebs and press the coffee cup for games." Let's face it we all know one.) So even if Oracle had (which they have) patched security flaws, their would be a score of idiots not updating their java and still being susceptible. Not to mention the concepts of "encryption", "file security", and all... I think that system insecurity is less a matter of operating system or software use than one of undereducation about computer systems. Easy tips for a secure computer/data? 1) Don't put your data on the computer itself, put it on a removable media. 2) Don't EVER use facebook or download anything facebook related. Talk about security holes. 3) Don't under any circumstances use Internet Explorer. 4) Try to only use Windows when necessary. 5) Don't download any Anti-virus not included with your OS: At best they're mostly ineffective and a drain on your computer's resources, at worst they actually *are* the virus. 6)If you're really paranoid all those other things won't work then write your documents in Cyrillic bousterphose, encrypt them twice, compress them into a three part rar, encrypt each rar part seperately, change the file extension, duplicate everything fifty times, put it on a lockable storage medium, lock that storage medium, lock that storage medium in a vault, lock that vault in a vault, dig a twelve foot hole in your front yard, drop the vault in. Fill the whole until it is six feet deep, lower a weighted (but empty) coffin on top of that, bury that, then install a gravestone. Then fill your yard with land-mines, and set up five Tesla coil fences. There. You have successfully made your data the most secure on the planet.

no-images

Horace on February 09 2013

Java is so common in internet software. Basically, all software capable to link to internet have Java inside. That is, switching to Linux does not help. The best way is to press Oracle to re-invent Java to make it much secure. So far, there wasn't only one vulnerability. The problem in Java is in Oracle which is too sloppy to modify Java. According to Vulnerability Lab, there are more than one hundred 0-day vulnerabilities which have not been fixed in Java. In fact, German Government has already adviced users to uninstall Java long time before DHS.

no-images

W. Anderson on February 09 2013

Unfortunately Rob Chang discredits himself by not stating specifically and categorically that almost every aspect of this article applies "solely" to Microsoft Windows issues with malware, since Apple Mac OS X and UNIX/Linux have insignificant or no such vulnerabilities. He also clearly exposes himself as a Microsoft admirer at very least, with statement "....Microsoft has lost its focus on making a great and secure operating system.", since the company have "never" expanded the required effort or attained the capability and technical expertise to make Windows a "great" or "secure" Operating System.

no-images

Joe on February 10 2013

Completely ignore heuristic scanning? What a joke. Polymorphic code is often much easier to detect heuristically than more straightforward code.

no-images

Im on February 10 2013

" The DHS has no motivation to sow misinformation or fear, and they should be heeded." Please stick to IT reporting- As the top firms in OKC and 911 were security firms and they had a lot of information to misinform--- DHS is similarly involved in keeping it covered. DHS has plenty of reason to misinform the general public to cover tracks. The comment seems totally inappropriate for the article and therefore begs the question as to why it was included. I have seen enough 404 errors on Sandy Hook to differ with the assessment.

no-images

KB on February 10 2013

And anybody that thinks different might as well be running Windows 95 because "Hey! Nobody makes viruses for Windows 95 anymore!". Its called "security by obscurity" folks and it just doesn't work. For those that think Linux is safe I merely point to Android, now well on its way to having a million infections by summer. Linux gives you NO advantages over any other OS other than the fact it is unpopular. Please read that previous sentence a few times until it sinks good and deep. The same "security" you find on Linux can be found on OS/2 or Win95 or any other OS that has an extremely low user base. Oh and before somebody wastes their time pointing out Linux servers that argument makes as much sense as saying "Fort Knoxx is secure so my house is secure too". Linux servers are run by pros who get paid 6 figures a year to go to conventions and learn best security practices, they are NOT YOU and therefor means nothing. Millions of secure Windows and OSX servers out there as well, doesn't make those OSes immune either. At the end of the day, whether you like it or not, the modern OS is an extremely complex system with dozens of programs and millions of lines of code, and like anything else built by man is just not perfect and never will be For examples of Linux getting pwned there is the KDELook bug, Linux dot org getting their servers pwned, nearly every repo on the planet also served an infected Quake3 for a year and a half, or the article "how to write a Linux virus in 5 easy steps". Malware doesn't care about whether your OS is FOSS or not,just how many users you have. If you ever get to even OSX levels of users you WILL be pwned.

no-images

Rüdiger on February 11 2013

Well, some Linux Distros do not use Oracle Java by default. Like Debian. So, there the entire point of java as a source for vulnerability is moot. As i do use Windows only for the casual game that resists Wine, I do not know if there are alternatives to Oracle Java on Windows. As for "numbers" being decisive if a OS is vulnerable or not... Seriously, I think it's mostly a question of knowledge. And aside of the by-now deceased 'Lindows' I only know Android as a Linux based system where you run around with administrative rights all the time - which is the main vulnerability of Windows, as far as I remember other stories here on IDG. So, yes, a Linux system is as vulnerable as a Windows system. Under the same circumstances. Which for Windows are the default settings, and for Linux mean an almost completely erratical setup which - aside of Android - you barely get anywhere. However I must agree with many of the poster that critizies Rob here. Heuristic search does spot polymorphic code more easily than it would "normal code", at least when what i learned under the term "polymorphic" in Germany is the same kind of code he refers to here. Similarly i can#t remember Microsoft to ever having focused on making a secure and reliable OS as their primary task. At least not after the days of NT4.0. And there their knowledge was still small. Microsofts main task is to generate revenue, and that you get by selling new shiny products. that this backfires sometimes we saw with Windows Me and Vista, and we should keep a close eye on Win 8 and it's mobile versions. Those products were shiny, sparkly - and totally beyond the needs and desires of the users. And most users - seriously - don't consider Computer Security their main focus when buying a new computer. Ease of use, availability of games, thats their priority, or am I erring here?

no-images

Chip on February 11 2013

Rob states that the NY Times concluded that if a computer had 40+ antivirus products installed simultaneously, there was a "scant 5%" chance that the computer would be safe. However, the NY Times article says they tested 40+ antivirus products and found a "detection rate" of less than 5%. I interpret that to mean that, on average, each product "individually" had an initial detection rate of less than 5%. That certainly makes a lot more sense. Besides, the only way you could verify Rob's interpretation would be to actually install them all on one computer. Is that even possible? I've seen the interference caused by having two antivirus products installed at once. I can't imagine what having 40 installed would look like. Rob's irresponsible interpretation of the NY Times article leads me to distrust his writing as a whole. Any tech author worth his salt would have been more careful. (Yes, I have written tech articles for trade journals.) Of course, I'm dismissing the possibility that the error is intentional, in an attempt to generate lots of attention to his article and its publishers. If that's the case, I've just played into their hands. The moral of the story is: take note of articles like this, but don't trust the content on face value. Verify, verify, verify.

no-images

Blahblahblah on February 11 2013

@Windows anti-antidote- I have been running Linux with Java (Sun not OpenJDK or JRE) for 9 years on my four machines- not one malware incident in that 9 years. Nothing. Zip. Zilch. On Windows boxes- with or without Java? Lets not go there

no-images

Dave Sinewave on February 08 2013

Use some of user-friendly Linux distributions like PCLinuxOS or Ubuntu, and Open Source software. Your data will be much safer, for the time being, and your wallet will be fuller and safer, too. It is not that different from any other OS on the outside for a normal user. I install it for everybody, and they don't notice any difference... it's just that there's no "Word" or "Internet Explorer"...

no-images

preach the way of linux on February 08 2013

@linux antidot as if losing word or ie would be a great loss anyway. Linuz Rules

no-images

Windows anti-antidote on February 08 2013

Oh brilliant and savvy *nux people, the vulnerability is Java, and Java runs on Linux also... So I hope you don't get really infected on the highness of your hubris.

no-images

lee on February 08 2013

we don't use MS except through wine. there are a coupla native windoze apps that don't run under wine but of course we know when we're gonna be using them so we turn off our router before loading up windows. we don't care about their updates because they're mostly relate to security anyway. we do almost all of our REAL work out of linux. i really don't know how malware works. but to infect a file you need rights and under linux those right aren't automatic like they are under windoze. smart phones better look out though as their OS's don't appear to need any rights at all either (other than maybe OS rights which quite frankly is a waste anyway).

no-images

LinuxMintUser on February 08 2013

I actually feel safe enough using either Linux or Win7, both requiring extra mouse clicks to execute software. The current issue is JAVA, which my system emulates (Icedtea) therefore the security problem should be about equal, BUT... I don't leave personal info on my internet - enabled machine, I turn it off when not in use, and if I suspect trouble, Linux allows me ro reinstall clean as many times as I feel I need to, while win7 eventually stops allowing me to validate, so Linus wins

no-images

Steve on February 08 2013

I read this article and when I get done, I think, "So?" So where's the documentation that Microsoft has lost focus on security? I think Windows 8 is as much about improving security as it is about selling a new version of Windows. So why is it Microsoft's "fault" that Java or Flash or PDF files are full of buggy holes? Rather than taking Apple's tact of forbidding buggy software and forcing users to other, less robust options, Microsoft has steadfastly maintained their commitment to users to retain usability version to version. Don't get me wrong, as a support person, I much prefer Apple's locked down desktop/tablet world -- but that doesn't make my customers as happy as the free for all on Android or Windows... The solution IS a locked down environment, and maybe the best solution is software that keeps you from working until you close all known security holes -- in real time. Steve

no-images

CaptainMcClellan on February 08 2013

@Linux Antidot Never mind the fact that Ubuntu itself reports your search data to Canonical who sells it to Amazon who then blitz barrages you with adveritzments. Go for a *REAL* Linux distro. @Sew? Sow? or So?: Mind you that Windows 8 is just an extension of facebook for spoon-fed tablet lusers. Get a *REAL* Windows. Also, I personally don't like Apple's approach, but I agree with the safety that it supplies as such. @All Now, with the Java... Why are we throwing around Microsoft and Apple hate when really we should consolidate and take on Oracle? Oracle, the muses of virtualization, ate the old Sun Microsystems because their flagship software (Java) was essentially just that: a virtual OS. A very bare, spartan, underdeveloped OS that can not even run stand-alone on most computers in the known universe. For the implementation of a single cross platform language, it succeeds in it's purpose. Even excels. But noone ever seemed to put much thought into the actual Java Virtual Machine itself. If it had more dynamic, native anti-virus protocols *built-in*, like most every other operating system that is still used, then this would be significantly less a problem. Another thing is that Java seems to the common user to be something extremely insignificant. ("Derr... I click the E for interwebs and press the coffee cup for games." Let's face it we all know one.) So even if Oracle had (which they have) patched security flaws, their would be a score of idiots not updating their java and still being susceptible. Not to mention the concepts of "encryption", "file security", and all... I think that system insecurity is less a matter of operating system or software use than one of undereducation about computer systems. Easy tips for a secure computer/data? 1) Don't put your data on the computer itself, put it on a removable media. 2) Don't EVER use facebook or download anything facebook related. Talk about security holes. 3) Don't under any circumstances use Internet Explorer. 4) Try to only use Windows when necessary. 5) Don't download any Anti-virus not included with your OS: At best they're mostly ineffective and a drain on your computer's resources, at worst they actually *are* the virus. 6)If you're really paranoid all those other things won't work then write your documents in Cyrillic bousterphose, encrypt them twice, compress them into a three part rar, encrypt each rar part seperately, change the file extension, duplicate everything fifty times, put it on a lockable storage medium, lock that storage medium, lock that storage medium in a vault, lock that vault in a vault, dig a twelve foot hole in your front yard, drop the vault in. Fill the whole until it is six feet deep, lower a weighted (but empty) coffin on top of that, bury that, then install a gravestone. Then fill your yard with land-mines, and set up five Tesla coil fences. There. You have successfully made your data the most secure on the planet.

no-images

Horace on February 09 2013

Java is so common in internet software. Basically, all software capable to link to internet have Java inside. That is, switching to Linux does not help. The best way is to press Oracle to re-invent Java to make it much secure. So far, there wasn't only one vulnerability. The problem in Java is in Oracle which is too sloppy to modify Java. According to Vulnerability Lab, there are more than one hundred 0-day vulnerabilities which have not been fixed in Java. In fact, German Government has already adviced users to uninstall Java long time before DHS.

no-images

W. Anderson on February 09 2013

Unfortunately Rob Chang discredits himself by not stating specifically and categorically that almost every aspect of this article applies "solely" to Microsoft Windows issues with malware, since Apple Mac OS X and UNIX/Linux have insignificant or no such vulnerabilities. He also clearly exposes himself as a Microsoft admirer at very least, with statement "....Microsoft has lost its focus on making a great and secure operating system.", since the company have "never" expanded the required effort or attained the capability and technical expertise to make Windows a "great" or "secure" Operating System.

no-images

Joe on February 10 2013

Completely ignore heuristic scanning? What a joke. Polymorphic code is often much easier to detect heuristically than more straightforward code.

no-images

Im on February 10 2013

" The DHS has no motivation to sow misinformation or fear, and they should be heeded." Please stick to IT reporting- As the top firms in OKC and 911 were security firms and they had a lot of information to misinform--- DHS is similarly involved in keeping it covered. DHS has plenty of reason to misinform the general public to cover tracks. The comment seems totally inappropriate for the article and therefore begs the question as to why it was included. I have seen enough 404 errors on Sandy Hook to differ with the assessment.

no-images

KB on February 10 2013

And anybody that thinks different might as well be running Windows 95 because "Hey! Nobody makes viruses for Windows 95 anymore!". Its called "security by obscurity" folks and it just doesn't work. For those that think Linux is safe I merely point to Android, now well on its way to having a million infections by summer. Linux gives you NO advantages over any other OS other than the fact it is unpopular. Please read that previous sentence a few times until it sinks good and deep. The same "security" you find on Linux can be found on OS/2 or Win95 or any other OS that has an extremely low user base. Oh and before somebody wastes their time pointing out Linux servers that argument makes as much sense as saying "Fort Knoxx is secure so my house is secure too". Linux servers are run by pros who get paid 6 figures a year to go to conventions and learn best security practices, they are NOT YOU and therefor means nothing. Millions of secure Windows and OSX servers out there as well, doesn't make those OSes immune either. At the end of the day, whether you like it or not, the modern OS is an extremely complex system with dozens of programs and millions of lines of code, and like anything else built by man is just not perfect and never will be For examples of Linux getting pwned there is the KDELook bug, Linux dot org getting their servers pwned, nearly every repo on the planet also served an infected Quake3 for a year and a half, or the article "how to write a Linux virus in 5 easy steps". Malware doesn't care about whether your OS is FOSS or not,just how many users you have. If you ever get to even OSX levels of users you WILL be pwned.

no-images

Rüdiger on February 11 2013

Well, some Linux Distros do not use Oracle Java by default. Like Debian. So, there the entire point of java as a source for vulnerability is moot. As i do use Windows only for the casual game that resists Wine, I do not know if there are alternatives to Oracle Java on Windows. As for "numbers" being decisive if a OS is vulnerable or not... Seriously, I think it's mostly a question of knowledge. And aside of the by-now deceased 'Lindows' I only know Android as a Linux based system where you run around with administrative rights all the time - which is the main vulnerability of Windows, as far as I remember other stories here on IDG. So, yes, a Linux system is as vulnerable as a Windows system. Under the same circumstances. Which for Windows are the default settings, and for Linux mean an almost completely erratical setup which - aside of Android - you barely get anywhere. However I must agree with many of the poster that critizies Rob here. Heuristic search does spot polymorphic code more easily than it would "normal code", at least when what i learned under the term "polymorphic" in Germany is the same kind of code he refers to here. Similarly i can#t remember Microsoft to ever having focused on making a secure and reliable OS as their primary task. At least not after the days of NT4.0. And there their knowledge was still small. Microsofts main task is to generate revenue, and that you get by selling new shiny products. that this backfires sometimes we saw with Windows Me and Vista, and we should keep a close eye on Win 8 and it's mobile versions. Those products were shiny, sparkly - and totally beyond the needs and desires of the users. And most users - seriously - don't consider Computer Security their main focus when buying a new computer. Ease of use, availability of games, thats their priority, or am I erring here?

no-images

Chip on February 11 2013

Rob states that the NY Times concluded that if a computer had 40+ antivirus products installed simultaneously, there was a "scant 5%" chance that the computer would be safe. However, the NY Times article says they tested 40+ antivirus products and found a "detection rate" of less than 5%. I interpret that to mean that, on average, each product "individually" had an initial detection rate of less than 5%. That certainly makes a lot more sense. Besides, the only way you could verify Rob's interpretation would be to actually install them all on one computer. Is that even possible? I've seen the interference caused by having two antivirus products installed at once. I can't imagine what having 40 installed would look like. Rob's irresponsible interpretation of the NY Times article leads me to distrust his writing as a whole. Any tech author worth his salt would have been more careful. (Yes, I have written tech articles for trade journals.) Of course, I'm dismissing the possibility that the error is intentional, in an attempt to generate lots of attention to his article and its publishers. If that's the case, I've just played into their hands. The moral of the story is: take note of articles like this, but don't trust the content on face value. Verify, verify, verify.

no-images

Blahblahblah on February 11 2013

@Windows anti-antidote- I have been running Linux with Java (Sun not OpenJDK or JRE) for 9 years on my four machines- not one malware incident in that 9 years. Nothing. Zip. Zilch. On Windows boxes- with or without Java? Lets not go there

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?