Interesting People mailing list archives
IP: Another take on Microsoft-specific worms
From: Dave Farber <farber () cis upenn edu>
Date: Sat, 27 May 2000 17:58:32 -0400
From: "Kevin G. Barkes" <kgb () kgb com> To: <farber () cis upenn edu> Hi Dave, With the release of yet another Microsoft worm, I thought you might find the following from my May 22 newsletter of interest: . . . Ok, say we get lucky. No hurricanes, tsunamis or heat waves, and the power grid holds together. The world's economy can still be brought to its knees in a few hours by disturbingly simple code delivered via email to computers running Microsoft applications and operating systems. The prospect is especially frightening because last year's Melissa virus and the recent "Love Bug" worm and its variants were, frankly, badly-written programs created by rank amateurs. Imagine the chaos that would result if a truly skilled programmer with particularly malicious intent actually crafted a well-written, self-propagating email worm targeted at Microsoft Outlook and Outlook Express users. What would happen to the international business community if some dot snot wunderkind gets peeved because he misses out on an IPO and unleashes a bug that wipes out hard drives and bios settings on PCs around the world? The wonder is not that such an event is possible, but rather that it hasn't happened already. Another wonder is why the world allows itself to be victimized by Microsoft's cavalier attitude about the gaping security holes in its systems and applications. Technically speaking, the recent "Love Bug" wasn't a software bug at all. It was a feature. Boot up a new, out-of-the-box Windows98 machine and the odds are pretty good there's a chunk of code called Windows Scripting Host that activates automatically and eagerly awaits the chance to transparently execute surreptitiously invoked virus code. Anti-virus software? Fahgeddaboutit. Consider a real-world implementation of the virus checking concept. There's a knock at the door. The virus checker looks through the peephole and sees someone standing there. He scans a book that contains the pictures and descriptions of a couple thousand known miscreants. If none match, the unknown person is allowed in. Try implementing that security model in a Manhattan office building and see how far you get. Or consider Microsoft's typical defensive argument, that the problem is actually stupid users and system administrators. Another real-world analogy: you're tooling down the Interstate in your Chevy and hit a bump in the road. The doors fall off and the engine explodes. You have the ambulance driver stop at the dealership on the way to the trauma center so you can chew out the service manager. He sneers at you condescendingly and points to a paragraph of six-point type buried in a totally unrelated portion of the owners' manual: "The doors of your car will fall off and the engine will explode when you hit a bump while traveling on an Interstate highway. One of our engineers thought this feature would be neat and we have added it at no extra charge to you. If you disagree (you weenie), you can disable this feature by performing the following procedure. First, obtain three chickens, two brown recluse spiders, a length of nylon rope and a virgin..." . . . Regards, KGB ----- Kevin G. Barkes Email: kgb () kgb com | Web: www.kgb.com 1512 Annette Avenue | Library, Pennsylvania | 15129-9735 Voice: 412-854-2550 | Fax: 412-854-4707 DCL Dialogue on line: http://www.kgb.com/dcl.html KGB Report http://www.kgb.com/kgbrep.shtml Random Quotations Generator: http://www.kgb.com/cgi/kgbquote.cgi
Current thread:
- IP: Another take on Microsoft-specific worms Dave Farber (May 27)