RealTime IT News

Feedback: Virus Writing: Not Fun, Not Funny

By internetnews.com Readers

Re: Virus Writing: Not Fun, Not Funny by Chris Nerney

One solution to the virus problem is to keep one computer connected online and another computer offline.

The online computer is used strictly for communication and is configured and backed-up so that it can be quickly restored to a clean state anytime it becomes infected. The second computer is kept off-line and insulated and is used for all non-communication work. The data path between the two computers would still be a weak link, but it could be designed in a way that all data is thoroughly scrubbed and analyzed before it is allowed onto the off-line computer.

Furthermore, it might become necessary in the future to build the online computer with the OS loaded on permanent media so that it can't be changed (or infected). Upgrades to the OS would have to be in the form of new copies of the permanent media.

A practical implementation of the above ideas could be a modification of existing computer architecture to put the 2-computer model into one box.
--John Napier, San Bernadino, Calif.

I don't understand virus writing at all but your comment "not some 14-year-old scriptkiddie's idea of a kewl practical joke" made me wonder if virus writing is that easy. I assumed these people were disgruntled coder's from some net-bubble burst concern or whatever. Can a smart kid really write things like "My Doom"? Are we (Internet users) that vulnerable?
--Ken Siqueland, Gig Harbor, WA

I am very careful not to give out my private e-mail address except to a select few and, as a result, remain largely virus and spam free. However I am still subject to people unwittingly distributing my e-mail address around the world when they pass on chain mail with me as a recipient. I usually tell them off but by then it is too late and my address is sitting on hundreds or thousands of PCs just waiting for a spammer or a virus to pick up.

The MyDoom virus depends on two basic things to propagate: careless and uneducated email users and the ready availability of e-mail addresses on PCs.

One of the key spreaders of e-mail addresses is chain letters. If it were made difficult or expensive to send mail to more than say 10 recipients, then both chain letters and spam would start to reduce.
--Timothy Whitehead, Cape Town, South Africa

Get your friends and those who know you to prefix all e-mail subject lines with a key word or phrase; you can then filter all of your e-mail by this, setting preferences to delete all others at the server. No expensive mail-filtering virus-protecting software necessary. If your friends get hit with an e-mail virus, it is doubtful the virus will know the correct subject line. Neither will the automated spam-generators. Change the word or phrase periodically.

Have a second e-mail account, preferably with a Web-based client, which is used exclusively for gathering responses from registrations and information requests, and never for personal correspondence. Only check this account when you are expecting information, and otherwise immediately delete all messages.

Take standard measures to protect your privacy; install a router and firewall software. Stay off of "warez" sites. Set all JavaScript, ActiveX, Downloads, and Applets to prompt instead of on or off while surfing.

[If this is] annoying at first, you'd be surprised how special pop-ups, auto run scripts, redirects and the like seem to evaporate, yet you can still go to your bank by answering "yes" to the prompts instead.

Never, ever post your e-mail address on USENET Newsgroups. Or any online newsgroups for that matter. Spambots love newsgroups. They find them delicious.

The above formula has worked for me quite well, and I receive little if any spam.
--Pat Kelley, Brooks Air Force Base, Texas

[RE:] "The worldwide economic cost of the MyDoom virus approached $1 billion in the first 24 hours alone, according to London security research firm mi2g, as organizations battled to keep servers and networks from being overwhelmed by the rapidly propagating virus. Clearly, the final tally will reach into the billions."

OH PLEASE! These numbers are so over estimated it is not even funny. [One] billion might be the total price paid by idiots who have left their systems unguarded or who are not cleaver enough to install virus software that deletes the annoying virus generated spam before it reaches their mailboxes.

It's called computer preventative maintenance, just like taking care of your car. While I don't appreciate viruses on my computer anymore than the next person, I do believe that many of these Denial of Service attacks are a very [poignant] way for people to express their displeasure with corporate giants who quite frankly do not [care] what their stockholders or the general public feel about their actions.
--Chuck Paugh, Chicago

Viruses are here to stay, just like they've always been here to stay in the biological world. It's nice to see all the parallels that can be drawn when you start to look at the Internet as a living entity.

I personally enjoy having things shaken up a bit. Labeling the coders as bad guys seems childishly black and white. I feel like viruses add some beauty and richness to the Internet, a place that would otherwise be very boring and predictable...well, maybe not boring. Plus they are a great sort of haphazard checks and balances." Let me try to put it another way: If we had no criminals, then the government would be a very scary entity. Basically I think they're necessary. Didn't the Matrix teach you anything ;)
--Sundev Lohr