How the clueless few diminish Internet community

Search

Another Day, Another Dollar
Joined
Mar 1, 2002
Messages
42,730
Tokens
If you've been feeling under siege lately from computer viruses and worms, you're not paranoid. Yes, the authors of this malicious code really are out to get you, and with increasing frequency.


Apparently, they're out to get each other, too.

The makers of antivirus software have discovered taunting messages buried in the code of several worms currently plaguing the online world. It appears the authors of the Bagle, MyDoom and Netsky variants are trying to one-up each other in a virus-writing war.

For example, found inside Netsky.F, a version released this week, are the words "Bagle — you are a looser!!!!" In turn, recent MyDoom and Bagle worms include messages for Bagle's author, saying his or her actions will "ruine our bussiness" and threatening, "wanna start a war?"

And the war appears to be well under way. Antivirus companies report that the pace of release of new versions of these worms is quickening, forcing them to scramble to issue updates for their scanning products.

"In the short span of 15 days, we've seen 14 variants of two kinds of viruses," said Vincent Gullotto, vice president of McAfee AVERT, the PC security arm of Network Associates. "Usually, when a big virus hits, you don't see another variant of it for a week."

All of these worms are propagated via e-mail, arriving as an attachment to messages that entice users to open them. Bagle worms warn about some kind of problem with the way you use your computer: a subscription expiration, a problem with a paid account, or a system administrator's alert. Netsky and MyDoom usually make reference to some type of document, such as a Word, Excel, music or picture file. Some variants of MyDoom also mock Microsoft, with a subject line that reads, "micro$oft must die. support us!"

Of course, viruses and worms dispatched via e-mail would not be a problem if clueless users didn't click on the attachments in the first place. Yes, virus writers are scum who deserve whatever maximum punishment the law allows. But those who, after countless warnings, still click on attachments they're not expecting — or who don't run up-to-date antivirus software that would catch this junk — bear much of the blame.

This has been a complaint among the techno-savvy for years (see the Aug. 23, 2003, Computing column at www.chron.com/virus), but it's surfaced into the mainstream. For example, New York Times Internet writer Amy Harmon wrote last month that techies are becoming less patient with users who don't take the most basic precautions or exercise simple common sense.

There have even been calls for an "Internet driver's license," in which users would have to prove they know what they're doing before being granted access to the online world.

The argument for that idea goes something like this: A computer network is a combination of various users' resources, shared for the benefit of all. It is, in other words, a community. Each member of the network community has a responsibility to behave in a manner that won't disrupt or harm others.

When a user clicks on a virus, that's not simply damaging one computer — and with some stealthy viruses, the infection may not be readily apparent. Rather, because most modern viruses try to spread via e-mail, that action puts at risk everyone whose address is found on the infected PC.

There are more complications. Viruses e-mailed to corporate addresses can trigger an alert to the sender from firewall-based antivirus software. Because most viruses that spread by e-mail falsify the sender's address, those alerts are more than useless. They can clog up e-mail servers and render inboxes unusable.

And speaking of responsible network behavior: Although many system administrators have figured out that this feature of corporate antivirus software is a menace, not enough have. If you're in charge of your company's computer security and you've got virus alert notifications to senders turned on, stop reading this and go disable it. Now. We'll wait for you to return.

Finally, many of the current crop of viruses do more than just try to infect other machines. They also open up a port on the computer and allow a hacker to take control. These so-called "zombie" machines can and have been used to attack other computers on the Internet. Some antivirus experts speculate zombie PCs could be used to blast huge amounts of spam, although McAfee's Gullotto said he's not aware of any confirmed cases.

However, he did say there are some viruses designed to seek out zombies and plug into them, using the compromised system as another method of spreading themselves. In other words, because the user has become infected with one virus, others move in as a result.

Requiring that folks know the basics about computer security before giving them access to the network is akin to making sure a driver knows how to safely operate a car before he or she is allowed to take to the public roadways. On the surface, it makes a lot of sense.

Of course, there are plenty of arguments against this notion, too, ranging from further government intrusion in our lives to the sticky question of enforcement. And then there's the fact that the connected PC has become a powerful means of personal expression, which raises First Amendment concerns.

But something needs to be done to ratchet down the mayhem, both by catching and punishing virus writers, and by convincing people not to click with abandon on everything that comes into their inbox — before the criminal and the clueless few ruin the Internet for the responsible many.

http://www.chron.com
 

Forum statistics

Threads
1,106,145
Messages
13,433,411
Members
99,281
Latest member
king88fans
The RX is the sports betting industry's leading information portal for bonuses, picks, and sportsbook reviews. Find the best deals offered by a sportsbook in your state and browse our free picks section.FacebookTwitterInstagramContact Usforum@therx.com