Has Mass-Mailed Malware Peaked?

Ant writes "Broadband Reports posted a CRN article about researcher saying mass-mailed worms have reached their peak. Six years ago, on March 26, 1999, Melissa, the first virus that spread by mailing copies of itself to e-mail addresses it found on infected machines, swept the Internet. Today, the researcher who led authorities to the hacker who wrote Melissa, says that mass-mailed worms have reached their peak."

Peaked...

[fidget42]

or just reached a saturation point? I suppose that "peaked" sounds better.

New Virus

Smith pleaded guilty to creating Melissa -- which was named after a topless dancer he knew from Florida -- in 1999, and in 2002 was sentenced to serve 20 months in federal prison.

I hear that now he is working on a new virus in prison called Bubba that will exploit a backdoor.

Fear Is the Mind Killer

[Doc+Ruby]

They don't need any more encouragement. That's not the limiting factor on their productivity. While I don't believe this article, which is entirely based on the idea that worms will decline now that the spoofing upon which they depend is addressed by some new tech for sender authentication, I also know we can't live in fear. The other way to react, in that fear cage, is to be afraid to say that worms are increasing, because that will make them more attractive: be on the side that's winning. No, you can't get paralyzed by fear of the truth - the truth is essential in addressing the problem, and anyone interested must freely discuss it, if we're to use our superiority in numbers to win.

This attitude goes to the heart of today's problems. Fear of terrorists, fear of criminals, fear of government, fear of people different from us, fear of big changes in the world economy, energy, politics. All of them have people who say we should just keep quiet, lest we make it worse by making it more "popular". We must talk about the realities, so we can confront them, resolve them. Otherwise, the fear has won, and we are defeated.

Just not the same thing.

[AaronH]

The problem with statements like these is that they take the name, worms, too literal. A computer virus or worm, although they behave very much like the real organisms, cannot be eradicated like a real virus or worm. To the casual reader you would think the email worms and viruses have been wiped out of existence like polio and small pox. It just isn't the same. Our immune system has a memory and protects itself. For some reason, programmers don't seem to have a memory. How else can you explain buffer overflows still being the number one cause of exploited systems? We all know it, but we just don't do anything about it.

What is funny though is that if we put as much proactive effort and money into combating preventing electronic viruses and worms as we did with polio and small pox, we could probably truly eliminate these things. What people don't appreciate about the diseases that we have 'wiped out' is that there are teams of very dedicated people (like the CDC) that respond to every reported outbreak of one of these diseases. If we tracked down every computer worm and virus the way we handle Ebola, I think this would all come to an abrupt end.

But that would but too many antivirus firms and the like out of business. And we can't have that...

Infowar

[Doc+Ruby]

The people using that fear *are* the terrorists. The people who planebomb buildings are *saboteurs*, a specific (and often shortlived) kind of terrorist. Without the media fear, it's just sabotage. It becomes terrorism when the event is spread through the media - electronic, word of mouth, or otherwise. Terrorism is infowar, and "we" are our own worst enemy. The only remedy is knowledge - the antidote to any kind of fear, which is incubated in ignorance, and spawns anger and violence.