Humor and vasoconstrictors aside, why didn’t the gigantic boom we were all told to expect materialize? According to experts, they don’t know. What members of the Conficker Working Group are sure of is that money, not mayhem, is at the root of the worm, and those behind it will eventually use it for spamming, DDOS attacks, or to pilfer private information. Security company Finjan’s Cybercrime Intelligence Report estimates a single author could make nearly $4 million per year through a botnet of the sort Conficker establishes.

Contrary to what some have suggested, the worm did, in fact, do what it was expected to do —it activated, giving the worm-masters full administrator-level control over some five million infected PCs, and making itself much more difficult to detect and fight. The worm generates URLs by which the master computer communicates with infected machines, constantly staying ahead of the efforts of security experts to shut them down. Beginning yesterday, the botnet began communicating over 50,000 domain names in 116 countries — a dramatic increase over the 250 URLs used by previous versions of the the worm.

While many of the same media organizations that were predicting death, doom, and destruction switched to mocking the worm’s lack of dramatic explosions, experts say whomever is behind the worm is likely biding their time. Said Lumension Security’s Paul Henry: "They’ll wait for the hype to subside…They’ll wait for everyone to stop watching, and they’ll take it for a test run. They’ve put together one hell of a botnet here, and they’re going to want to exercise it."

As for the April 1 date, researchers say it could have been a sick joke or attempt by the author to get attention, intended to induce exactly the kind of brouhaha that took place. What it definitely did, though, was bring heightened awareness of the worm, and reduced the number of infections by an unknown figure. Experts urge anyone who has not done so already — especially those in government, corporate, and education settings, where patching is often neglected, according to Roger Thompson of Exploit Prevention Labs — to scan their systems for the worm, install the patch for MS08-067, and pass the word along.

The Windows operating system has always been insecure — and I don’t mean as in self-esteem!

The Conficker/Downup/Downadup/Kido computer worm that first surfaced in October 2008 and is believed to activate today (April 1, 2009) only targets the Microsoft Windows operating system.  You heard that right,  it only affects Windows – not MacOS or Linux. Unfortunately, in this situation one out of three is bad – and, as usual with Windows security, its very bad news for the internet as a whole.   So far however, the news is good this morning and hell has not broken loose on the backbone segments of the net.  But the day is young.

I am certainly not an Anarchist nor do I approve of the malicious activities of virus breeding script-kiddies, but it would be helpful if some “minor catastrophe” occurred as a result of Conflicker. If hundreds of businesses stop production because of this worm, the public should think about an alternative operating system platform.  In my humble opinion, Linux (the GNU Operating System) is the best choice for the cost ($0) or MacOS for every other reason.

If this worm proves to be very troublesome, what’ll happen?

Websites like MySpace.com and WhiteHouse.gov are running the Microsoft IIS web server. If these servers are infected, they will go down. Or, they will become spam websites, displaying advertisements and sending out thousands of spam and denial of service emails. 

WhiteHouse.gov is, obviously, a governmental website, and if it becomes a spam website, displaying advertisements and sending out thousands of spam and denial of service emails to other countries, that’s a national threat (well, sorta).  Also, who knows what other servers WhiteHouse.gov might be connected to within their extended computing grid.  Missile systems, Air Force navigation systems, Presidential Teleprompters?  Lets pray Microsoft has nothing to do with those!

Thankfully Google, YouTube, Facebook, and Wikipedia are all happily running GNU/Linux on their servers. These are among the most popular/stable web sites as well — coincidence?

On the other hand, WhiteHouse.gov is most likely running the Microsoft IIS web server because the person they have in control of the servers, their “Webmaster”, only knows how to use Microsoft Windows.   Therein lies the problem – in the humble opinion of this Webmaster.