g r o t t o 1 1

Peeve Farm
Breeding peeves for show, not just to keep as pets
Brian Tiemann
Silicon Valley-based purveyor of a confusing mixture of Apple punditry and political bile.

btman at grotto11 dot com

Read These Too:

InstaPundit
Steven Den Beste
James Lileks
Little Green Footballs
As the Apple Turns
Entropicana
Cold Fury
Capitalist Lion
Red Letter Day
Eric S. Raymond
Tal G in Jerusalem
Secular Islam
Aziz Poonawalla
Corsair the Rational Pirate
.clue
Ravishing Light
Rosenblog
Cartago Delenda Est




Book Plugs:



Buy 'em and I get
money. I think.
BSD Mall


Amazon Honor System Click Here to Pay Learn More



 1/30/2006 -   2/1/2006
 1/23/2006 -  1/29/2006
 1/16/2006 -  1/22/2006
  1/9/2006 -  1/15/2006
  1/2/2006 -   1/8/2006
12/26/2005 -   1/1/2005
12/19/2005 - 12/25/2005
12/12/2005 - 12/18/2005
 12/5/2005 - 12/11/2005
11/28/2005 -  12/4/2005
11/21/2005 - 11/27/2005
11/14/2005 - 11/20/2005
 11/7/2005 - 11/13/2005
10/31/2005 -  11/6/2005
10/24/2005 - 10/30/2005
10/17/2005 - 10/23/2005
10/10/2005 - 10/16/2005
 10/3/2005 -  10/9/2005
 9/26/2005 -  10/2/2005
 9/19/2005 -  9/25/2005
 9/12/2005 -  9/18/2005
  9/5/2005 -  9/11/2005
 8/29/2005 -   9/4/2005
 8/22/2005 -  8/28/2005
 8/15/2005 -  8/21/2005
  8/8/2005 -  8/14/2005
  8/1/2005 -   8/7/2005
 7/25/2005 -  7/31/2005
 7/18/2005 -  7/24/2005
 7/11/2005 -  7/17/2005
  7/4/2005 -  7/10/2005
 6/27/2005 -   7/3/2005
 6/20/2005 -  6/26/2005
 6/13/2005 -  6/19/2005
  6/6/2005 -  6/12/2005
 5/30/2005 -   6/5/2005
 5/23/2005 -  5/29/2005
 5/16/2005 -  5/22/2005
  5/9/2005 -  5/15/2005
  5/2/2005 -   5/8/2005
 4/25/2005 -   5/1/2005
 4/18/2005 -  4/24/2005
 4/11/2005 -  4/17/2005
  4/4/2005 -  4/10/2005
 3/28/2005 -   4/3/2005
 3/21/2005 -  3/27/2005
 3/14/2005 -  3/20/2005
  3/7/2005 -  3/13/2005
 2/28/2005 -   3/6/2005
 2/21/2005 -  2/27/2005
 2/14/2005 -  2/20/2005
  2/7/2005 -  2/13/2005
 1/31/2005 -   2/6/2005
 1/24/2005 -  1/30/2005
 1/17/2005 -  1/23/2005
 1/10/2005 -  1/16/2005
  1/3/2005 -   1/9/2005
12/27/2004 -   1/2/2004
12/20/2004 - 12/26/2004
12/13/2004 - 12/19/2004
 12/6/2004 - 12/12/2004
11/29/2004 -  12/5/2004
11/22/2004 - 11/28/2004
11/15/2004 - 11/21/2004
 11/8/2004 - 11/14/2004
 11/1/2004 -  11/7/2004
10/25/2004 - 10/31/2004
10/18/2004 - 10/24/2004
10/11/2004 - 10/17/2004
 10/4/2004 - 10/10/2004
 9/27/2004 -  10/3/2004
 9/20/2004 -  9/26/2004
 9/13/2004 -  9/19/2004
  9/6/2004 -  9/12/2004
 8/30/2004 -   9/5/2004
 8/23/2004 -  8/29/2004
 8/16/2004 -  8/22/2004
  8/9/2004 -  8/15/2004
  8/2/2004 -   8/8/2004
 7/26/2004 -   8/1/2004
 7/19/2004 -  7/25/2004
 7/12/2004 -  7/18/2004
  7/5/2004 -  7/11/2004
 6/28/2004 -   7/4/2004
 6/21/2004 -  6/27/2004
 6/14/2004 -  6/20/2004
  6/7/2004 -  6/13/2004
 5/31/2004 -   6/6/2004
 5/24/2004 -  5/30/2004
 5/17/2004 -  5/23/2004
 5/10/2004 -  5/16/2004
  5/3/2004 -   5/9/2004
 4/26/2004 -   5/2/2004
 4/19/2004 -  4/25/2004
 4/12/2004 -  4/18/2004
  4/5/2004 -  4/11/2004
 3/29/2004 -   4/4/2004
 3/22/2004 -  3/28/2004
 3/15/2004 -  3/21/2004
  3/8/2004 -  3/14/2004
  3/1/2004 -   3/7/2004
 2/23/2004 -  2/29/2004
 2/16/2004 -  2/22/2004
  2/9/2004 -  2/15/2004
  2/2/2004 -   2/8/2004
 1/26/2004 -   2/1/2004
 1/19/2004 -  1/25/2004
 1/12/2004 -  1/18/2004
  1/5/2004 -  1/11/2004
12/29/2003 -   1/4/2004
12/22/2003 - 12/28/2003
12/15/2003 - 12/21/2003
 12/8/2003 - 12/14/2003
 12/1/2003 -  12/7/2003
11/24/2003 - 11/30/2003
11/17/2003 - 11/23/2003
11/10/2003 - 11/16/2003
 11/3/2003 -  11/9/2003
10/27/2003 -  11/2/2003
10/20/2003 - 10/26/2003
10/13/2003 - 10/19/2003
 10/6/2003 - 10/12/2003
 9/29/2003 -  10/5/2003
 9/22/2003 -  9/28/2003
 9/15/2003 -  9/21/2003
  9/8/2003 -  9/14/2003
  9/1/2003 -   9/7/2003
 8/25/2003 -  8/31/2003
 8/18/2003 -  8/24/2003
 8/11/2003 -  8/17/2003
  8/4/2003 -  8/10/2003
 7/28/2003 -   8/3/2003
 7/21/2003 -  7/27/2003
 7/14/2003 -  7/20/2003
  7/7/2003 -  7/13/2003
 6/30/2003 -   7/6/2003
 6/23/2003 -  6/29/2003
 6/16/2003 -  6/22/2003
  6/9/2003 -  6/15/2003
  6/2/2003 -   6/8/2003
 5/26/2003 -   6/1/2003
 5/19/2003 -  5/25/2003
 5/12/2003 -  5/18/2003
  5/5/2003 -  5/11/2003
 4/28/2003 -   5/4/2003
 4/21/2003 -  4/27/2003
 4/14/2003 -  4/20/2003
  4/7/2003 -  4/13/2003
 3/31/2003 -   4/6/2003
 3/24/2003 -  3/30/2003
 3/17/2003 -  3/23/2003
 3/10/2003 -  3/16/2003
  3/3/2003 -   3/9/2003
 2/24/2003 -   3/2/2003
 2/17/2003 -  2/23/2003
 2/10/2003 -  2/16/2003
  2/3/2003 -   2/9/2003
 1/27/2003 -   2/2/2003
 1/20/2003 -  1/26/2003
 1/13/2003 -  1/19/2003
  1/6/2003 -  1/12/2003
12/30/2002 -   1/5/2003
12/23/2002 - 12/29/2002
12/16/2002 - 12/22/2002
 12/9/2002 - 12/15/2002
 12/2/2002 -  12/8/2002
11/25/2002 -  12/1/2002
11/18/2002 - 11/24/2002
11/11/2002 - 11/17/2002
 11/4/2002 - 11/10/2002
10/28/2002 -  11/3/2002
10/21/2002 - 10/27/2002
10/14/2002 - 10/20/2002
 10/7/2002 - 10/13/2002
 9/30/2002 -  10/6/2002
 9/23/2002 -  9/29/2002
 9/16/2002 -  9/22/2002
  9/9/2002 -  9/15/2002
  9/2/2002 -   9/8/2002
 8/26/2002 -   9/1/2002
 8/19/2002 -  8/25/2002
 8/12/2002 -  8/18/2002
  8/5/2002 -  8/11/2002
 7/29/2002 -   8/4/2002
 7/22/2002 -  7/28/2002
 7/15/2002 -  7/21/2002
  7/8/2002 -  7/14/2002
  7/1/2002 -   7/7/2002
 6/24/2002 -  6/30/2002
 6/17/2002 -  6/23/2002
 6/10/2002 -  6/16/2002
  6/3/2002 -   6/9/2002
 5/27/2002 -   6/2/2002
 5/20/2002 -  5/26/2002
 5/13/2002 -  5/19/2002
  5/6/2002 -  5/12/2002
 4/29/2002 -   5/5/2002
 4/22/2002 -  4/28/2002
 4/15/2002 -  4/21/2002
  4/8/2002 -  4/14/2002
  4/1/2002 -   4/7/2002
 3/25/2002 -  3/31/2002
 3/18/2002 -  3/24/2002
 3/11/2002 -  3/17/2002
  3/4/2002 -  3/10/2002
 2/25/2002 -   3/3/2002
 2/18/2002 -  2/24/2002
 2/11/2002 -  2/17/2002
  2/4/2002 -  2/10/2002
 1/28/2002 -   2/3/2002
 1/21/2002 -  1/27/2002
 1/14/2002 -  1/20/2002
  1/7/2002 -  1/13/2002
12/31/2001 -   1/6/2002
12/24/2001 - 12/30/2001
12/17/2001 - 12/23/2001
Wednesday, February 1, 2006
15:00 - Sounds like fun
http://isc.sans.org/diary.php?storyid=1067

(top) link
When I saw someone posting a warning about this on a board I run, I was on the brink of clicking "Send" on the stern admonishment I was mailing them against spreading hoaxes that have been around since 1998. But then, well, I decided I might as well look. And "Blackworm" seems to be for real.

Over the last week, "Blackworm" infected about 300,000 systems based on analysis of logs from the counter web site used by the worm to track itself. This worm is different and more serious than other worms for a number of reasons. In particular, it will overwrite a user's files on February 3rd.

At this point, the worm will be detected by up to date anti virus signatures. In order to protect yourself from data loss on February 3rd, you should use current (Jan 23rd or later) anti virus signatures. Note, however, that the malware attempts to disable/remove any anti-virus software on the system (and does this every hour while the system is up), so if the machine was infected before signatures were deployed, obviously, that anti-virus software can't be expected to clean up the infection for you.

The following file types will be overwritten by the virus: DOC, XLS, MDE, MDB, PPT, PPS, RAR, PDF, PSD, DMP, ZIP. The files are overwritten with an error message( 'DATA Error [47 0F 94 93 F4 K5]').

Sounds like an excellent excuse to do some backups.

Me, I'll be over here, feigning interest.


Back to Top


© Brian Tiemann