OFF: Virus alert (genuine)

Fri May 5 04:47:36 EDT 2000

>>>>> "JMG" == JOHN M GRAY <JOHN.GRAY at PRODIGY.NET> writes:

    JMG> Jeez, I really get sick of hearing people slamming MS
    JMG> products when something like this virus hits.  The only

Much better, IMO, to *slam* them all the time. Then when these
outbreaks occur you can sit back and look smug. Works for me ;-)

    JMG> reason people direct their viruses at MS is that it achieves
    JMG> maximum impact.

Actually the reason that these script kiddies attack M$ products is
that it's so damn easy. Why struggle when you can take out computers
around the world in a few hours with some pretty poor code? BTW this
ILOVEYOU thing is a worm not a virus but that's a side issue.

Why are M$ products vulnerable? Firstly they are easily scripted using
Visual BASIC for applications and VBScript. Worms are spread because
M$ outlook email program has a vulnerable address book. It gets
repeatedly targetted in this way but M$ do nothing about it. Secondly
systems can be taken down because much of the configuration
information resides in a single file called the registry. Look at the
source code for ILOVEYOU and you'll see that some of its most
destructive work is done by editing the registry.

Another common attack form against M$ products the macro viruses work
because M$ thinks that spreadsheets and word processed documents
should be scriptable. Almost no-one uses the scripting features in M$
Office yet they are turned on by default. Why? Laziness or apathy.

Finally ILOVEYOU is able to rename any files that it comes across on
any of your file systems. It renames not only JPEGs but MPEGs and
various Web formats including JavaScript and Stylesheet files.

    JMG> If Linux or any other operating system were
    JMG> as popular as MS then they would be writing the virus for
    JMG> them and we would all be complaining how vulnerable that OS
    JMG> was.

Because of the system of file permissions on UNIX-style operating
systems this sort of attack is not possible. Writing the first virus
for LINUX would give someone a lot of kudos, people _must_ be trying
but they ain't got there yet.

    JMG> Popularity breeds contempt and I see it on this list
    JMG> all the time about MS.

Yeah but not as much contempt as selling shoddy products and then
having the cheek not to care.

--
Chris Bates (c.d.bates at shu.ac.uk)
School of Computing and Management Sciences - Sheffield Hallam University
for HTML, DHTML, JavaScript, Perl, CGI Programming advice see:
http://www.shu.ac.uk/schools/cms/teaching/crb/book/