An unprotect PC, connected to the Internet (capitalized or not) will be infected by something within twenty minutes.
According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it’s compromised by malware, on average. That figure is down from around 40 minutes, the group’s estimate in 2003.
The Internet Storm Center, which is part of the SANS Institute, calculated the 20-minute “survival time” by listening on vacant Internet Protocol addresses and timing the frequency of reports received there.
“If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe,” the center, which provides research and education on security issues, said in a statement.
The drop from 40 minutes to 20 minutes is worrisome because it means the average “survival time” is not long enough for a user to download the very patches that would protect a PC from Internet threats.
I liked this quote, though:
“If the human body did patch management the way (companies do), we’d all be dead.”
(via J-Walk)
Note that the research specified an unprotected Windows PC, but doesn’t say anything about an unprotected Macintosh or Linux PC. I suspect that Macintosh and Linux PCs are much less vulnerable. (Neeener neener neener!) The article also appears to assume that the only kind of protection against malware is software patches to the operating system. I wonder how firewalls and other techniques would change the results.
What would happen if you put an “unprotected” Windows 3.1 computer on the internet? Has malware progressed to the point that such a computer would be safe, or is some malware backwards-compatible?
1. There are indeed more attacks out there on Windows than MacOS or Linux systems. Part of that is due to the design of the systems; part of it is due to the visceral attractiveness and large population of the target. I.e., Linux and Mac are less vulnerable but also less attacked.
2. I think there was some bit in the article specifying that the “vulnerable” items were also unprotected by firewalls and the like. I imagine that depending on the rigor of the firewall you would be more protected — but you could argue the same thing by simply unplugging the PC from the Net.
3. I don’t recall much malware floating around back in those “golden” days. Most of it now depends on NT-style services and middleware like IE and Outlook (or other browser and e-mail systems) that Win31 didn’t have. On the other hand, Win9x is also vulnerable to some attacks, and it’s not that much removed (internally) from Win3x.
I don’t propose trying it, though. 🙂