Domain: kumite.com
Stories and comments across the archive that link to kumite.com.
Comments · 22
-
This has been done - and succeeded
The famous Robert Morris Internet worm of 1988 did precisely this.
It worked beyond the author's wildest dreams - but the worm didn't do a good job "staying out of sight." Once a machine, it did *nothing* except try to infect another machine. The problem was that it was too good of a cracker: The worm spread like wildfire, spamming the network and bring many machines to a crawl by infecting them thousands of times. Read more here. -
Sir, your signature is stupid
It never ceases to amaze me how something stupid can proliferate. Take, for example, the following quote, which you'll find in people's signatures everywhere:
"There are two major products that came from Berkeley: LSD and Unix. We don't believe this to be a coincidence."
Even the quote itself is not consistant and is sometimes written:
"Two things came out of Berkeley: BSD and LSD. We don't believe this to be a coincidence."
The quote is usually attributed to "J.S. Anderson" or "Jeremy S. Anderson".
The problem here is that both quotes are ncorrect. First, LSD did not come from Berkeley. LSD was developed in Sandoz labs in Basel, Switzerland. Second, BSD did come from Berkeley, but it is not "Unix". "Unix" was until recently a trademark of AT&T. I believe the Santa Cruz Operation is the most recent holder of the trademark. BSD is a UNIX flavour but is not Unix.
This is probably a case of false authority syndrome. Did anyone think to question this "J.S. Anderson" or his credentials? Does anyone know who he is now? Do people question the validity of his statement before putting it in their signature files? Who is J.S. Anderson anyway? If you search for the name "Jeremy S. Anderson" on the web, all you will find are quote pages containing the aforementioned misinformed quote. For all we know, Jeremy S. Anderson might not even be a real person.
Knowing all of this, then, what would possess people to put a false statement from someone they don't know at the bottom of all their email or usenet posts without questioning it at all?
-
Re:Symantec/NAI: At fault?
Pretty much Rob Rosenberger's theme at the Computer Virus Myths page. I post that here in case a few of you haven't discovered it.
-
Re:I want a piece of this action.
The Computer Virus Myths page labels this "False Authority Syndrome" and has a pretty good write-up at http://kumite.com/myths/fas/.
-
Re:I want a piece of this action.
The Computer Virus Myths page labels this "False Authority Syndrome" and has a pretty good write-up at http://kumite.com/myths/fas/.
-
Re:Give a little, get a lot
Alex Bischoff (not to be confused with the former "TV manager" of a certain wrestling actor's troupe in Atlanta) dun said:
That's not a bad idea, but what AV would you recommend? A product with the ability to auto-update its virus definitions at regular intervals would be a plus.
Command Antivirus has live updates for registered users; if memory serves, so does the Data Fellows version of F-Prot. (Notably: both of these use the F-Prot AV engine (damn near the best antivirus engine you can get next to AVP, and if memory serves they're even using part of the AVP engine in the latest versions) and the Data Fellows version comes in a package called F-Secure which also includes some very neat security toys.)
I don't know whether AVP has live updates or not, but I'd recommend it nonetheless; AVP is quite literally the best antivirus program one can get for Windows, bar none, and they do have trial versions (good for thirty days) for download...the registered version is not terribly expensive (around $25-30 if I remember right) and it is money well spent...if memory serves, AVP actually updates their virus list weekly, too, and updates are available on their website. If one is serious about antivirus protection I'd seriously recommend getting a copy of it...
As it is, if one is serious about antiviral protection anyways, it never hurts to have two antivirus programs on board. You use one for the standard protection which isn't quite as sensitive/more prone to false alarms like Norton or McAffee, and if that alerts you bring out the heavy-duty tools like AVP or F-Prot. (Or, if you're like me and can get both, you use Command Antivirus (read: F-Prot under a different label
;) for the main scan and AVP for the heavy guns--I've only had to do that once, when an older version of Command Antivirus didn't like a newer database update [basically they'd changed the format--no biggie, just get the upgrade])It never hurts to practice computer "safe sex", though--I've never had virus problems, because I'm careful to the point of being neurotic
:) Here goes a list of good antiviral techniques:Don't enable HTML mail or Javascript in mail--this keeps you safe from malicious code that may activate downloads of worms that target Outlook Express, etc.
If possible, don't use Microsoft products like IE or Outlook Express or Office--there are a LOT of serious security bugs, even in the latest versions of Outlook Express and IE, that enable one to download malicious code like worms--sometimes without expressly clicking to accept (such as some worms that specifically target Outlook Express). Office, and specifically Microsoft Word 97, is downright infamous for macro viruses and worms--in fact, the single largest category of viruses anymore are Word macro viruses (and it's also the largest growth category--the year after the first Word "proof of concept" macro virus was released, there were more than 200 known in the wild--now it's something like 4000). In fact, Win95/Win98 actually have security flaws in the OS itself that allow such things to spread easily...
If you must use Microsoft products, stick with the maximum security settings you can get away with--Don't enable macros in Office and don't accept documents with macros unless they go through a reliable virus-scanner first (if possible, encourage people to send stuff in RTF or text format; Excel users, try to stick to tab or comma-delimited formatting, as Excel macro viruses are an increasing problem). Set MSIE and Outlook Express to their maximum security settings. Do not use ActiveX unless absolutely necessary (there are serious security bugs in ActiveX as compared with Java)--at the least do not allow untrusted ActiveX applets to run. Consider using more secure OS's if possible (for Microsoft-only shops, this may entail going from Win98 to WinNT or Win2000). In WinNT or Win2000 environments, only give supervisor access to those who really need it and set others to lower levels where binaries cannot be installed.
Do not read untrusted Word or Excel documents, or run untrusted executables--this expressly includes your friends--"Trusted" here means "downloaded from a known, clean, virus-free source" or "run through a reliable virus-scanner". There are a rather surprising number of worms and trojans (including more than one case of Back Orifice being distributed via a trojan sent by email, as well as cases of DDOS (distributed denial of service) clients being distributed in this fashion). This includes anything gotten in email, ICQ, etc. (Business environments--if accepting resumes by email, you may seriously want to consider asking clients to send resumes in plain text or RTF format. This may not be as pretty, but it's easier for clients to send you resumes this way and it eliminates problems with Word macro viruses.) Again, WinNT shops probably want to strongly consider limiting supervisor and administrator access to those who need it and set everyone else to levels where binaries cannot be installed (the misuse of administrator levels is one major way in which WinNT shops get infected--allWord macro viruses work on NT, and a fair amount of Win32 viruses do as well).
Get a good virus scanner and use it regularly --Norton AntiVirus is probably on the low end as far as "good virus scanners" go. I personally recommend one of the F-Prot based ones or AVP; most over on alt.comp.virus would recommend AVP first and one of the F-Prot based ones secondly. (Most also recommend you use at least two virus scanners, one for regular use and one as a backup/sanity check.) Alt.comp.virus has a lot of good info on viruses and the good and bad in antivirus software, anyways.
:)Consider using other security programs--There are firewall-type and intrusion detection programs even for Win95/Win98 systems such as Jammer--Jammer, in particular, acts as a firewall and detects things like attempted Back Orifice scans, etc. As Win95/Win98 is notoriously insecure, it's a good idea to give it any more security if you can.
Don't trade in warez--This may seem like child's play to most of us, I'm sure, but in home and even in business environments there are a lot of folks who do deal in warez. Most warez anymore (at least the downloaded kind, not the "burning a friend's copy of Win98 to CD" kind) seems to be from Russia, Brazil and China, which also happen to be rather large H/C/V centres. (It's worth noting here that it's widely thought that CIH escaped into the wild from Taiwanese warez posted to one of the Usenet warez groups that just happened to be infected with CIH; it turns out the author or a friend of the author was in one of the major warez groups.) I can't state strongly enough in regards to this that if you absolutely must use or trade warez, please for Cthulhu's sake scan the damn stuff before installing it or trading it with others so you don't infect yourself or others.
Don't assume that commercial software or "minority" OS's are immune to viruses or don't need virus-scans--Commercial software has been released before that was infected with viruses (including several demo CD's). Macs have several viruses to contend with, at least one virus is known to specifically target both WinXX and Macs, and Macs are still susceptible to Word macro viruses (and probably IRC worms, if a version of mIRC exists for Macs); at least three "proof of concept" viruses for Linux do exist, including one which apparently tries to gain root privs to perpetuate itself, and even aside from this Linux boxen are commonly used as servers for files for other OS's. You still want to virus-scan even that copy of Diablo II that you got; folks will be happier if Linux servers scan executable files for viruses. (By the way, yes, antivirus software for Linux does exist; AVP has ported its antivirus scanner to Linux, and actually has the downloads for free last I checked.)
Keep your antivirus software up to date--This is a given, and "live updates" such as featured with NAV and CAV are very nice in this regards. Don't wait for the news report on the next Worm from Hell to update, either. Monthly is a minimum, and preferably more often than that if you can (weekly is good
:).Make sure others follow these same "good computer hygiene" rules--If you run a business, explain why you have policies against people installing stuff from home computers, running executables, etc. If you're at home, explain to folks why you don't accept executables (even of that neat "dancing baby" thing) sent by mail, or HTML mail, or Word or Excel files sent by mail. Encourage others to install and use antivirus software and other security programs.
Don't panic--Panic just spreads stuff like that damned "Good Times" hoax. If someone spreads stuff like that, point them both to a site like Data Fellows which has up-to-date listings of viruses--or, preferably, the alt.comp.virus WildList, pointed to in the ACV FAQ over at ftp.uu.net and your favourite Usenet FAQ archives--and to a site like Virus Myths which has a nice list of hoaxes, etc. (so does Data Fellows, but Kumite's a bit friendlier on that); this is probably the best defense against "meme viruses" like "Good Times" that you can get
;) -
Re: which AV?
what AV would you recommend?
Symantec more or less owns that market segment at this point, aside from Network Associates, who are even more loathesome.For most people, I recommend not using anti-virus software at all. AV is a non-solution to something that is mostly a non-problem.
It's a non-solution because most AV software protects only against known viruses, and is therefore useless against anything newer than the most recent signature update you've installed. Of course, the kind of virus you are most likely to encounter is a new one that the virus scanners don't know about yet, so what good is your scanner doing? (There have been attempts to develop techniques of recognizing "virus-like behavior", but the eternal problem with that is that there is nothing that most viruses do that isn't also done by perfectly harmless, useful, legitimate software, especially debugging tools.)
It's mostly a non-problem because viruses just aren't that common and are, for the most part, easily avoided by simply not being stupid. I haven't run an anti-virus package on any of my computers since I left the Norton AntiVirus development team in 1993, and have never been hit by a virus in the almost seven years since then.
It makes sense for people producing executable images of software for distribution to have a scanner handy just to be as sure as possible that the software they're giving out isn't infected, but most of us aren't in that situation.
Btw, the best source for free, up-to-date information on viruses (and even more importantly virus hoaxes, which greatly outnumber viruses) is the Computer Virus Myths web site.
-
FBI NIPC scrambling for spotlight again
I'm amazed that nobody has commented on how this is coming from the FBI's National Infrastructure Protection Center (NIPC), which has repeatedly proven itself to be utterly clueless when it comes to the Internet it is charged with protecting.
The NIPC's director, Michael Vatis, seems bent on using every single hiccup on the Net to prove how Essential and Important (TM) the NIPC is. When the Melissa virus hit, NIPC was running around screaming about the end of the world. After that the NIPC was warning about the evil "Y2K viruses" that never really existed (oops!). (The NIPC alert I linked to is a scream; it basically says that there are lots of Nasty Viruses out there, and that, if someone could write a Nasty Virus, they could probably write a Y2K virus, so you should panic immediately.) Now, since Melissa and Y2K failed to destroy civilization, the NIPC is beating the drum over the DoS issue, calling a bunch of script kiddies who inconvenience some people "cyber terrorists".
The common thread here is that the Net is a nasty, brutish place, and only the big tough NIPC can protect us.I'm not sure why they keep doing this, unless Vatis is such a publicity hound that he will take any excuse to "alert" people of "threats", even if those alerts do more damage than help by panicking people into distrusting the reliability of the Net. His fearmongering has become so blatant and counterproductive that he's become a favorite target of ridicule for Rob Rosenberger, the crusader for common sense regarding computer viruses.
Sure, it's bad that these big sites are suffering DoS. But it's not "terrorism", and slinging around that word only proves how cushy daily life for most people in America truly is. It's hard to imagine anyone rationally being able to compare congestion at Yahoo! to blowing up a federal building. Maybe if Vatis stopped to think for a moment before lunging to get his agency in front of the cameras of the press, he'd realize this too.
-- Jason A. Lefkowitz
-
FBI NIPC scrambling for spotlight again
I'm amazed that nobody has commented on how this is coming from the FBI's National Infrastructure Protection Center (NIPC), which has repeatedly proven itself to be utterly clueless when it comes to the Internet it is charged with protecting.
The NIPC's director, Michael Vatis, seems bent on using every single hiccup on the Net to prove how Essential and Important (TM) the NIPC is. When the Melissa virus hit, NIPC was running around screaming about the end of the world. After that the NIPC was warning about the evil "Y2K viruses" that never really existed (oops!). (The NIPC alert I linked to is a scream; it basically says that there are lots of Nasty Viruses out there, and that, if someone could write a Nasty Virus, they could probably write a Y2K virus, so you should panic immediately.) Now, since Melissa and Y2K failed to destroy civilization, the NIPC is beating the drum over the DoS issue, calling a bunch of script kiddies who inconvenience some people "cyber terrorists".
The common thread here is that the Net is a nasty, brutish place, and only the big tough NIPC can protect us.I'm not sure why they keep doing this, unless Vatis is such a publicity hound that he will take any excuse to "alert" people of "threats", even if those alerts do more damage than help by panicking people into distrusting the reliability of the Net. His fearmongering has become so blatant and counterproductive that he's become a favorite target of ridicule for Rob Rosenberger, the crusader for common sense regarding computer viruses.
Sure, it's bad that these big sites are suffering DoS. But it's not "terrorism", and slinging around that word only proves how cushy daily life for most people in America truly is. It's hard to imagine anyone rationally being able to compare congestion at Yahoo! to blowing up a federal building. Maybe if Vatis stopped to think for a moment before lunging to get his agency in front of the cameras of the press, he'd realize this too.
-- Jason A. Lefkowitz
-
Kaspersky is out of his field...Yes, I really have been following viruses since 1992. No, I don't consider myself an expert, but I think I know a fair deal about them.
That being said, I also used to hang out on Fido Net's virus echos in 1994 and 1995 where some of the true anti-virus experts hung out too. And yes, I consider Eugine Kaspersky of AVP (the guy who was quoted in the article) to be one of them. Back when the first Word Macro virus (Winword.Concept), he was the one who I saw first post about it to Fido's VIRUS echo, and he was also the first one to release a fix for it (another word macro which caught and disinfected Winword.Concept).
Unfortunately, I fear this is another case of False Authority Syndrome in that while Eugene may know viruses very well, I question his credentials in the UNIX/Linux area. For one thing, for a virus to replicate to a considerable degree on a system, you'll need to be running as root -- if you're logged in as a regular user, any program you run isn't going to be able to infect
/bin/ls, no matter how hard you try. :-)I think Kaspersky also misunderstands the nature of UNIX/Linux, in that a lot of applications (the stuff *I* use, anyway, like Apache, PHP, MySQL, etc.), when downloaded from the net, are usually done so in source form, and the end user compiles the code and runs it. It would be foolish if someone tried to put replicating code in their source, as it would be spotted very quickly and the author would have some serious explaining to do.
Finally, just to play the Devil's Advocate, I think problems could arise if say, a binary in a distrubtion is infected, and then is sold to thousands of unsuspecting end users. All it would then take is to run that binary as root, and you suddenly have an infection on your hands. However, I don't see this as a very likely scenario, since I can count the number of Linux-based viruses which I have heard of on one hand. For the reasons I outlined above, Linux just isn't a very attractive platform to virus writers, who want to see their creations spread.
-
False Authority Syndrome
As always, a great read from Bruce. Others have commented on this phenomenon, which seems very common in security/virus areas. Rob Rosenberger runs a great site called Virus Myths, which deals with all the "Good Times" stuff, as well as investigating other security stories, with the aim of getting rid of the hype and looking at the real story. He also has an article on what he calls False Authority Syndrome, basically the habit loved by certain parts of the media to totally believe someone because they assume them to be an "expert" on the subject. Essential reading...
-
False Authority Syndrome
As always, a great read from Bruce. Others have commented on this phenomenon, which seems very common in security/virus areas. Rob Rosenberger runs a great site called Virus Myths, which deals with all the "Good Times" stuff, as well as investigating other security stories, with the aim of getting rid of the hype and looking at the real story. He also has an article on what he calls False Authority Syndrome, basically the habit loved by certain parts of the media to totally believe someone because they assume them to be an "expert" on the subject. Essential reading...
-
Re:Critical "source codes"?They're about as technically competent as your average dead-for-three-weeks trout. This may seem like a wanton troll but if you check out these resources you will see that Mr. Ungoed-Thomas and his associates have something of a reputation for poor IT reporting:
Displaying lack of technical knowledge
An example of shoddy reporting...
...and an analysis of the 'expert opinion' on which it was basedTrundling out the same ol' tired junk
This doesn't mean there isn't at least some truth to the reports of attack, but, it does suggest you should take what they say with more than a pinch of salt; in fact, I'd recommend sprinkling on a heavy layer of skepticism and critical thought.
-
Rob Rosenberger!The man you want is Rob Rosenberger. I get crappy "VIRUS WARNING" forwards and such... pointing people to his site has made my life much, much easier.
-
You're never free from risk--learn 2 deal with it!
I'm a security specialist so I've dealt with this already in my company:
It is ridiculous to shut down sites as a precaution against "hacker" or virus attacks. Ask yourself this question:
When I bring the site back up, has the risk of compromise gone away?
The answer is a resounding "NO". There is always a risk of compromise. If the Internet is so dangerous that you have to occasionally disconnect from it to protect yourself, then why do you even reconnect?!?! When you reconnect, nothing has changed except the calendar. Also, how do you know that the hacking hype wasn't designed to get you to disconnect now, and then reconnect days later only to have a false sense of added security since y2k is over and get 0wn3d on the 5th?? Isn't this an unknown, unsubstantiated risk too? You'd better never reconnect then...
The idea of disconnecting due to a y2k virus trigger is equally as ridiculous. April 1 is a more common day for virus and hoax triggers. Should every company disconnect then as well? Also, out of the thousands of viruses, only a handful have been very widespread. A massive virus infestation is historically unlikely.
Disconnecting due to some unknown, unsubstantiated threat is especially ridiculous (look at Seattle shutting down the y2k party...). It's CYA for lame IS and security people, IMHO. There are always going to be unknown, unsubstantiated threats. IS and security folks' jobs are to set up defenses to protect from day to day--that will work regardless of the amount of attacks. Shutting a site down for fear of someone breaking in is a self-induced DoS. E.g. the military sites that are being shut down (see http://www.hackernews.com for yesterday and today) during y2k are still going to have the same holes they did on the 1st....
Check out more specific information on y2k virus hype, "precautionary disconnects", etc. at the following links and see what:
"Precautionary disconnect" -- a disturbing new trend
OVERBLOWN: "Y2k Viruses"
Y2K viruses: "It's Orson Wells all over again"
Fearmonger vs. skeptic: a Y2K virus conversation
The virus grinches who tried to steal Christmas
-core -
You're never free from risk--learn 2 deal with it!
I'm a security specialist so I've dealt with this already in my company:
It is ridiculous to shut down sites as a precaution against "hacker" or virus attacks. Ask yourself this question:
When I bring the site back up, has the risk of compromise gone away?
The answer is a resounding "NO". There is always a risk of compromise. If the Internet is so dangerous that you have to occasionally disconnect from it to protect yourself, then why do you even reconnect?!?! When you reconnect, nothing has changed except the calendar. Also, how do you know that the hacking hype wasn't designed to get you to disconnect now, and then reconnect days later only to have a false sense of added security since y2k is over and get 0wn3d on the 5th?? Isn't this an unknown, unsubstantiated risk too? You'd better never reconnect then...
The idea of disconnecting due to a y2k virus trigger is equally as ridiculous. April 1 is a more common day for virus and hoax triggers. Should every company disconnect then as well? Also, out of the thousands of viruses, only a handful have been very widespread. A massive virus infestation is historically unlikely.
Disconnecting due to some unknown, unsubstantiated threat is especially ridiculous (look at Seattle shutting down the y2k party...). It's CYA for lame IS and security people, IMHO. There are always going to be unknown, unsubstantiated threats. IS and security folks' jobs are to set up defenses to protect from day to day--that will work regardless of the amount of attacks. Shutting a site down for fear of someone breaking in is a self-induced DoS. E.g. the military sites that are being shut down (see http://www.hackernews.com for yesterday and today) during y2k are still going to have the same holes they did on the 1st....
Check out more specific information on y2k virus hype, "precautionary disconnects", etc. at the following links and see what:
"Precautionary disconnect" -- a disturbing new trend
OVERBLOWN: "Y2k Viruses"
Y2K viruses: "It's Orson Wells all over again"
Fearmonger vs. skeptic: a Y2K virus conversation
The virus grinches who tried to steal Christmas
-core -
You're never free from risk--learn 2 deal with it!
I'm a security specialist so I've dealt with this already in my company:
It is ridiculous to shut down sites as a precaution against "hacker" or virus attacks. Ask yourself this question:
When I bring the site back up, has the risk of compromise gone away?
The answer is a resounding "NO". There is always a risk of compromise. If the Internet is so dangerous that you have to occasionally disconnect from it to protect yourself, then why do you even reconnect?!?! When you reconnect, nothing has changed except the calendar. Also, how do you know that the hacking hype wasn't designed to get you to disconnect now, and then reconnect days later only to have a false sense of added security since y2k is over and get 0wn3d on the 5th?? Isn't this an unknown, unsubstantiated risk too? You'd better never reconnect then...
The idea of disconnecting due to a y2k virus trigger is equally as ridiculous. April 1 is a more common day for virus and hoax triggers. Should every company disconnect then as well? Also, out of the thousands of viruses, only a handful have been very widespread. A massive virus infestation is historically unlikely.
Disconnecting due to some unknown, unsubstantiated threat is especially ridiculous (look at Seattle shutting down the y2k party...). It's CYA for lame IS and security people, IMHO. There are always going to be unknown, unsubstantiated threats. IS and security folks' jobs are to set up defenses to protect from day to day--that will work regardless of the amount of attacks. Shutting a site down for fear of someone breaking in is a self-induced DoS. E.g. the military sites that are being shut down (see http://www.hackernews.com for yesterday and today) during y2k are still going to have the same holes they did on the 1st....
Check out more specific information on y2k virus hype, "precautionary disconnects", etc. at the following links and see what:
"Precautionary disconnect" -- a disturbing new trend
OVERBLOWN: "Y2k Viruses"
Y2K viruses: "It's Orson Wells all over again"
Fearmonger vs. skeptic: a Y2K virus conversation
The virus grinches who tried to steal Christmas
-core -
You're never free from risk--learn 2 deal with it!
I'm a security specialist so I've dealt with this already in my company:
It is ridiculous to shut down sites as a precaution against "hacker" or virus attacks. Ask yourself this question:
When I bring the site back up, has the risk of compromise gone away?
The answer is a resounding "NO". There is always a risk of compromise. If the Internet is so dangerous that you have to occasionally disconnect from it to protect yourself, then why do you even reconnect?!?! When you reconnect, nothing has changed except the calendar. Also, how do you know that the hacking hype wasn't designed to get you to disconnect now, and then reconnect days later only to have a false sense of added security since y2k is over and get 0wn3d on the 5th?? Isn't this an unknown, unsubstantiated risk too? You'd better never reconnect then...
The idea of disconnecting due to a y2k virus trigger is equally as ridiculous. April 1 is a more common day for virus and hoax triggers. Should every company disconnect then as well? Also, out of the thousands of viruses, only a handful have been very widespread. A massive virus infestation is historically unlikely.
Disconnecting due to some unknown, unsubstantiated threat is especially ridiculous (look at Seattle shutting down the y2k party...). It's CYA for lame IS and security people, IMHO. There are always going to be unknown, unsubstantiated threats. IS and security folks' jobs are to set up defenses to protect from day to day--that will work regardless of the amount of attacks. Shutting a site down for fear of someone breaking in is a self-induced DoS. E.g. the military sites that are being shut down (see http://www.hackernews.com for yesterday and today) during y2k are still going to have the same holes they did on the 1st....
Check out more specific information on y2k virus hype, "precautionary disconnects", etc. at the following links and see what:
"Precautionary disconnect" -- a disturbing new trend
OVERBLOWN: "Y2k Viruses"
Y2K viruses: "It's Orson Wells all over again"
Fearmonger vs. skeptic: a Y2K virus conversation
The virus grinches who tried to steal Christmas
-core -
Slightly offtopic: About scaresLook at this page: Computer Virus Myths. (Hint: look at here in the site for the article)
This guy was a witness of the 1992 Michelangelo Virus scare (so was i, btw). Everybody was running for cover and screaming for help. Then the day came, almost nothing happened, and everything got back to normal, nobody mentioning the embarrasment.
I think itll be the same here, to some extent. The doomsayers will be back in their caves, and everybody will keep their mouth shut about being wrong in the subject. What do you think?
"Now you can see that evil will triumph, because good is dumb!" -
Slightly offtopic: About scaresLook at this page: Computer Virus Myths. (Hint: look at here in the site for the article)
This guy was a witness of the 1992 Michelangelo Virus scare (so was i, btw). Everybody was running for cover and screaming for help. Then the day came, almost nothing happened, and everything got back to normal, nobody mentioning the embarrasment.
I think itll be the same here, to some extent. The doomsayers will be back in their caves, and everybody will keep their mouth shut about being wrong in the subject. What do you think?
"Now you can see that evil will triumph, because good is dumb!" -
Send them thisGullibility Virus Warning Posted as a Public Service by Robert Harris
Southern California College
Version Date: February 27, 1998___________________________________
Forwarded Message
Subj.: Virus Warning!
From: HOONOZE
To: All@msn.com
To: Jake5551212@aol.com
To: President@whitehouse.gov
To: Pope@vatican.va
To: 007@MI5.com
To: Flounder@fish.net
To: Etal@etc.com*************************************************
* ****************
WARNING, CAUTION, DANGER, AND BEWARE!
Gullibility Virus Spreading over the Internet!
************************************************** ****************WASHINGTON, D.C.--The Institute for the Investigation of Irregular Internet Phenomena announced today that many Internet users are becoming infected by a new virus that causes them to believe without question every groundless story, legend, and dire warning that shows up in their inbox or on their browser. The Gullibility Virus, as it is called, apparently makes people believe and forward copies of silly hoaxes relating to cookie recipes, email viruses, taxes on modems, and get-rich-quick schemes.
"These are not just readers of tabloids or people who buy lottery tickets based on fortune cookie numbers," a spokesman said. "Most are otherwise normal people, who would laugh at the same stories if told to them by a stranger on a street corner." However, once these same people become infected with the Gullibility Virus, they believe anything they read on the Internet.
"My immunity to tall tales and bizarre claims is all gone," reported one weeping victim. "I believe every warning message and sick child story my friends forward to me, even though most of the messages are anonymous."
Another victim, now in remission, added, "When I first heard about Good Times, I just accepted it without question. After all, there were dozens of other recipients on the mail header, so I thought the virus must be true." It was a long time, the victim said, before she could stand up at a Hoaxees Anonymous meeting and state, "My name is Jane, and I've been hoaxed." Now, however, she is spreading the word. "Challenge and check whatever you read," she says.
Internet users are urged to examine themselves for symptoms of the virus, which include the following:
- the willingness to believe improbable stories without thinking
- the urge to forward multiple copies of such stories to others
- a lack of desire to take three minutes to check to see if a story is true
T. C. is an example of someone recently infected. He told one reporter, "I read on the Net that the major ingredient in almost all shampoos makes your hair fall out, so I've stopped using shampoo." When told about the Gullibility Virus, T. C. said he would stop reading email, so that he would not become infected.
Anyone with symptoms like these is urged to seek help immediately. Experts recommend that at the first feelings of gullibility, Internet users rush to their favorite search engine and look up the item tempting them to thoughtless credence. Most hoaxes, legends, and tall tales have been widely discussed and exposed by the Internet community.
Courses in critical thinking are also widely available, and there is online help from many sources, including
- Department of Energy Computer Incident Advisory Capability at http://ciac.llnl.gov/ciac/CIACHoaxes.html
- Computer Virus Myths page at http://www.kumite.com/myths
- IBM's Hype Alert web site at http://www.av.ibm.com/BreakingNews/HypeAlert
- Symantec Anti Virus Research Center Hoax Page at http://www.symantec.com/avcenter/hoax.html
- Network Associates Virus Hoax Listing at http://www.nai.com/services/support/hoax/hoax.asp
- Dr. Solomons Hoax Page at http://www.drsolomon.com/vircen/vanalyse/va005.ht
m l - The Urban Legends Web Site at http://www.urbanlegends.com
- Urban Legends Reference Pages at http://www.snopes.com
- Mining Company Urban Legends Page at http://urbanlegends.miningco.com
- Datafellows Hoax Warnings at http://www.Europe.Datafellows.com/news/hoax.htm
Those people who are still symptom free can help inoculate themselves against the Gullibility Virus by reading some good material on evaluating sources, such as
- Evaluating Internet Research Sources at http://www.sccu.edu/faculty/R_Harris/evalu8it.htm
- Evaluation of Information Sources at http://www.vuw.ac.nz/~agsmith/evaln/evaln.htm
- Bibliography on Evaluating Internet Resources at http://refserver.lib.vt.edu/libinst/critTHINK.HTM
Lastly, as a public service, Internet users can help stamp out the Gullibility Virus by sending copies of this message to anyone who forwards them a hoax.
*************************************************
* ****************
This message is so important, we're sending it anonymously! Forward it to all your friends right away! Don't think about it! This is not a chain letter! This story is true! Don't check it out! This story is so timely, there is no date on it! This story is so important, we're using lots of exclamation points! For every message you forward to some unsuspecting person, the Home for the Hopelessly Gullible will donate ten cents to itself. (If you wonder how the Home will know you are forwarding these messages all over creation, you're obviously thinking too much.)
************************************************** ****************ACT NOW! DON'T DELAY! LIMITED TIME! NOT SOLD IN ANY STORE!
Home Page of Robert Harris | SCC Home Page
Robert Harris is Professor of English at Southern California College. RHarris@sccu.edu
I keep it around for just this purpose
Mark -
Here's two skeptical links
- http://sun.soci.niu.edu/~crypt/ (The Crypt Newsletter)
- http://kumite.com/myths/ (Computer Virus Myths)