My PC

My PC

(Virii, Hoaxen and other Shenanigans)



Funlove. Code Red. Nimda. Sixties-style hippie convention? Actually, names of just a few of the viruses making news these days. And, I would suggest that it may be worthwhile devoting a few minutes to developing some understanding in this. Certainly, if you run Microsoft's brand of software, you should be paying special attention to these things, though if you run a Mac, or alternative platforms such as Linux, this reading is pretty much optional. The vast majority of the viruses target Microsoft Windows and the software which runs on Windows.

Privacy & Ethics

By running Windows, you are buying into a community. Software is typically licensed, which means the money you are shelling out represents payment for the right to use someone else's stuff. For those who are creative in their marketing, and somewhat sly in their offerings of convenience features, it spells M-O-N-O-P-O-L-Y -- also, known as, license to print money. The business and politics behind the world's most virus-prone software is intertwined, somewhat like that ball of string, which many tried to unravel over the years. Below you will find links to virus related web sites, but first, a bit of discourse on what the software behemoth from Redmond is up to.

If you thought software that crashes alot was all that you get these days from the big vendors, think again. For no extra charge you are entitled to forego any privacy you might've thought you once had. According to this Wired article, files created with the Microsoft Office line of products, have secret fingerprints that can be used to trace back to its author -- back to you. Useful for tracing licensing compliance, or for the authorities in a police state, some public interest groups have taken issue with this and have filed complaints such as this (pdf) by EPIC.

As some may already know, fee structures are currently being reviewed, as the company runs low on options to continue the stellar growth of the past decade. Microsoft's initial plan for how fee structures should work for Windows 2000 was to be a portend. It seems probable that annual licence fees will soon become a reality. This from a company which purportedly already has a war chest of over $32 billion which is growing more than $1 billion every month.

All the while, the software giant finds itself before the courts for its less than ethical business practices. The litany of abuses continues amidst rumours that G. W. Bush is influencing proceedings. Suddenly, the company is 'compelled' to enter into 'out-of-court' negotiations with the Justice Department. This, after years of dragging their heels through the legal system, having been found guilty, and after having lost their appeal in that nation's top courts of law. And, recalling the facts of those cases, it surprises some of us that they did not get found in contempt for the misleading evidence that was supplied. Rather than sending a clear signal that the law is an institution to be respected in the US, the outcome of these discussions seems to point elsewhere. Reports that the tentative settlement seems more like a Reward, not a Punishment, and that the companies whose businesses were being hurt, are Lamenting an obvious aberration of justice. Do take the time to read Ralph Nadar's letter to Judge Colleen Kollar-Kotelly. As well, the Washington Post has tracked progress on the trial.

How would you like it if Microsoft stopped shipping Windows? No more security patches? No more virus updates? How would you feel about this if your livelihood depended on Windows? Microsoft's threat to do so, has solicited this Newsforge response in which they caution you that it might be prudent not to place all of your eggs into the Redmond basket. Whatever people use Windows for, could be done on Linux or Apple. They both are less expensive than Windows and Apple's OS X is also easier.

The rumours about Microsoft's political shenanigans are given credibility in this article from ZDNET.

Admittedly, these consequences might seem 'surprisingly' light-weight, considering the previous findings of the courts. The fact is made light of in this satirical piece.

Newer is Better, or?

Now that the next version of Windows is out, many of you have been asking whether it is time to upgrade to XP? If you are already running NT or 2000, you already are experiencing the single greatest benefit of XP, that of relative stability. Though some rightly contend that it is not as stable as Linux, or as Apple's OS X, most concede that it is quite stable for the average user coming from a Windows95 heritage.

Many reading this will notice that I omit security as a feature in XP. This seems to fly in the face of the company's claims that XP is the most secure operating system ever. But, it is consistant with the fact that it took only a few days for the first serious security flaws in XP to become known. Note, that although some knew about it, it was several weeks before the public was informed about it, consistent with that company's disclosure policies. This time, the FBI has publically expressed concern over the security of the large numbers of people running Microsoft's software. Read the details of this gaping hole in XP, and see whether or not my omission was accidental.

Vendor Lock-in

Many reviews also concede that the main feature you get with XP is increased lock-in to a single vendor world. While that is tragically true, experiencing the corresponding reduction of choice that got the company into their anti-trust battles in 2000, will probably be a deterent to only a few of us -- the average user probably cares less.

Some might wonder what this vendor lock-in is all about. For an example, take the situation where many people, my sister included, love to blast everyone with Microsoft Office files. This effectively forces people to all use that proprietary stuff. Companies like Microsoft, consider things like their file formats, to be internal trade secrets. Other products might have import-export filters, but they arrive at these by second guessing the Microsoft programming, not because they are given access to Microsoft's blueprints. As a result, other vendors' products will never do a completely adequate job at it.

Most people will do one of two things when faced with this kind of behaviour:

  • cough up the $800 for Office
  • borrow or ftp a friend's Office CD
The fact that the firm considers the latter option, 'theft' is often overlooked even by otherwise law-abiding citizens. Nevertheless, the first option is usually unattainable for most home users. The sending of vendor specific file formats, essentially forces every recipient to either of these two options. As it happens, Microsoft is quite happy in making this very easy to do, and every time you do, you are adding to the reasons people have to pad Microsoft's bottom line. Even the 'pirated' versions of Office add to this snowball effect.

Rather than forcing people into a life of crime, some folks might consider changing their habits. It's perhaps less convenient to "save as" JPEG, TXT, or HTML, yet the immediate result is that nearly every vendor is able to cope with such files quite simply and directly. But, people like my sister get offended when people who know, make such suggestions. So friends that have a conscience about leading law-abiding lives, spill the change purse. Everyone should realize by now, that reduced competition means higher prices. Don't kid yourself, large software vendors who have a large degree of lock-in, will successfully charge higher prices (compare the price of XP to what you paid for '95). There is something to that proverb, "a fool and his money are easily parted".

In spite of explaining the concept of vendor lock-in to the average person, odds are that your degree in Economics isn't going to convince them that ethical behaviour is worth the cost in convenience that they forego. Let's face it, we are all as lazy as we can get away with. So do we have a third option when our friends threaten to remove us from their circles for insisting on using non-proprietary standards? The present lock-in bind we find ourselves in does have another less expensive option that you should try. Have a look at: OpenOffice.org. Open Office is an open source community based software development effort that has a commercial CD-based equivalent, Star Office, for those not handy with downloads and compilers (last time I checked, the Star Office CD can be had for under CAD$75 from this Canadian web site ). Open/Star Office 6.x has some of the best import-export filters of any of the products I have tried. It is available on Windows, Linux, and a number of other popular platforms (a Mac version is in the making). Will it be as easy to get around vendor lock-in in the future, I wonder?

Other Issues Specific to XP

One difference people will note is that with XP, users must register with Microsoft within two weeks otherwise the software will disable your computer. This registration can take place across the Internet, or if the user does not have 'net access, must phone Microsoft for activation. And, those who know, have been warning people that they cannot expect to upgrade their computers and have XP work on the new hardware. The activation seems to 'expire' whenever you change the hardware.

Performance of XP is an issue. In an article which appears in computer magazine, Infoweek, the performance of Windows XP is compared and was found to be considerably slower than Windows 2000. If you are budgeting for an XP upgrade, don't forget to pencil in the cost of a new computer. As a rule of thumb, if your computer is more than a year or two old, it is probably too slow to run XP. They conclude, plan for a hefty hardware upgrade if you migrate to XP.

Comparing XP to alternatives such as Apple's OS X 10.1, many reviewers find that OS X 10.1 and XP Professional Edition are comparable products. The removal of MSDOS on XP will not be missed by most, however, it should be noted that Apple walked the other direction with their addition of the powerful UNIX command shell in OS X. It was also noted that OS X is half the price of Windows XP Professional. According to an insightful review which appears in The Monitor, it is time that consumers evaluated the Linux or Apple alternatives rather than blindly follow the dictates of Redmond. Prompted by reviews like that, I decided to take the test drive myself.

Microsoft wants your Wallet

As every Microsoft customer knows, you can't get those security patches that you need to be applying to your system every few weeks, without a "Passport" account. Passport is that company's strategy to becoming the central repository of information on the Internet. In fact, to be completely useful, they would like you to leave more than just your address with them, make that your credit card, also. They would like to make it easy for you to make use of the new .NET technology that they are offering in XP. Using .NET and your Passport wallet, they want you to do more of your shopping on the Internet. What they don't make obvious, is that they do reserve the right to make this information about you available to their business partners. If we consider how often we are receiving junk e-mail these days, we need to ask ourselves whether our information is safe?

In a recent incident, hackers spent an entire month inside their firewall, roaming Microsoft's internal network, before the company caught on. Now they are saying "trust us with your wallet". The ease with which criminals can steal your Passport wallet, was documented in this Wired article. More details on Passport's security shenanigans are available here. It is interesting to note how much of the bad rap that the Internet gets for security, is earned by a single company.

Tonguing the Judge

In October 2001, I pointed my web browser at Microsoft's MSN web site in order to change my password, only to arrive at an error page that reported that it was refusing to serve pages to my brand of browser and that they said that I needed to upgrade to the latest version of their own Internet Explorer (IE). Others faced with a similar experience, discovered that when they changed the user-agent header (i.e. the part that identifies to the server, what kind of a browser is being used by the user) in Konquerer, that the page resolved just fine. The lame attempt by Microsoft to leverage their monopoly is Laughable in a bizarre sort of way, since IE is not available on my platform, I have been running Linux on my desk since 1993.

This is more than a bit of a jab at the US legal system, who in 2000 had found the company had engaged in unethical, monopolistic business practices. The irony of being explicitly and deliberately locked out for using a standard web browser, one which conforms to world wide web (WWW) standards, is nothing less that spitting in the face of the W3C, the Web Standards authority. The WWW was designed to be vendor neutral, that is, it was designed so that any conformant web browser can be used with any conformant web site, with complete compatibility. Regarding such vendor shenanigans, Silicon Valley eJournal interviews Tim Berners-Lee, inventer of the world wide web.




What is a Virus?

The much touted 'virus' is just a computer program which achieves a slightly different goal than most of the others you are accustomed to using. Typically, the writer of a virus has discovered a flaw, very much like those which make your computer freeze, right when you are doing your most crucial work. There are subtle distinctions separating virus and worm, yet fundamentally each is an exploit of defective software which you are running on your PC.

People who discover these defects, can do one of several things. They can play the virus/worm game, and see how pervasive they can become. They can secretly utilize this information to steal secrets, such as credit card account information. Or, they can publicize the fact by drawing public attention to the problem, and hope that the public pressure will result in a rapid resolution to the problem. The first option gets the most media hype, and the effects are sometimes most direct. The second, option is truely criminal, and we may rarely know about the workings of such professionals. The third option is consistent with the objectives of the furtherment of science, and democratic capitalism. This third option is often referred to as 'full disclosure'.

Why Security Information Should be Public.

It is notable, that in a recent article, Microsoft lumps the full disclosure option in with the first, and calls them both brothers in crime. The publication of the full disclosure, permits virus writers to perform their deeds before the company has had a chance to distribute so many fixes to so many people. This free flow of facts is referred to by them as information anarchy. Indeed, their world view very much opposes things that many of our constitutions guarantee, such as free speech. In confusing those who practice full disclosure with cyber-criminals, they brand their behaviour as unethical. Interestingly, they omit mention of the real thieves, who represent the antithesis of the disclosurists.

Many people have responded to such bully tactics, and are beginning to refuse disclosing the defects that they are finding. The drawback, clearly is that this plays into the hands of the real criminals, who prefer to work under the cover of such darkness. Internet security authority, Bruce Schneier, outlines the reasons why full disclosure is essential, in spite of Microsoft's appeal to secrecy. Make sure that you read his article right through to the end, he makes some excellent points in his conclusion.

Security Focus has published these observations on Microsoft's security strategy. If these interpretations are anywhere near correct, and I expect that they are bang on, you can expect to see the western world enter into the new dark ages. Only, other countries might prevent it by mandating open source.

Caught Something?

The following web sites are useful in keeping track of the latest virus, worm or hoax.

The Security Portal

CERT Security Advisories

Symantec/Norton Virus List

Symantec Hoax List

McAfee Virus Library

IBM Antivirus Research

Urban Legends & Hoaxes

Virus, Myths, and Hoaxes

CIAC Hoaxbusters

SANS Institute Top 20 Network Security Issues

Eeye News
E-E Advisories

Where do Viruses come from?

Bored kids, having stumbled upon defects in the software on their computers, consider it a bit of a dare to create something that becomes that pervasive. Sort of like we did as kids, except for us the challenge seemed to be who was brave enough to jump off the high diving board at the pool.

Is it a crime for these kids to be writing such software? A virus is just software, afterall. Is it a criminal offense for them to be finding weaknesses in popular software and drawing attention to the fact, in this way? Is it the kid who is to blame, or is it the person who knowingly decided to provide the defective software in the first place? To be a criminal, requires evidence of "criminal intent". Is the kid who considers his virus to be a bit of a game, is his intent under the definition of criminal? Maybe it is, maybe not; to most of us it is not as cut and dried as some multinationals make it out to be.

Microsoft went on record calling this activity, cyber terrorism, during the height of the aftermath of the Sept 11th hijackings. Just at a time when the flames of paranoia had been fanned by numerous anthrax cases, and legislation enthroning the police and the military was passing through houses of parliament under the guise of anti-terrorist legislation, these inflammatory words were being used to describe wrongs most of us would have considered as mischief. By implication, the company wants to see the nation's kids put behind bars so that it can continue to persue its noble capitalist goals, flogging its insecure wares.

Though, cyber-terrorism is an extreme indictment, bypassing ones computer securities, does have some hint of semblance to bypassing the locks on the doors to our houses. We have concepts of trespassing laws, vandalism laws, and forcible entry laws. These are a nuisance, and at times costly ones, at that. Undoubtedly, these acts are wrong and some punishment should be meted for these things. However, do not confuse these with Microsoft's track covering tactics.

Wired, published this piece on the authors of worms and viruses.






served on
index page
Copyright © by E. J. Ritzmann.
$Date: 2002/03/06 01:07:28 $