Blackworm Dud Highlights Virus Naming Mess

An anonymous reader writes "Washingtonpost.com is running a story that looks at the total mess that the anti-virus companies made in naming the latest overhyped virus threat. According to the article, 'Blackworm' or the 'Kama Sutra worm' was the first major test of a new U.S.-government funded initiative to introduce some sanity into the virus-naming business. From the article: 'For most of [the antivirus vendors], this is like Esperanto: You can speak it if you want to, but everyone else is going to carry on babbling in their own native tongue, so it doesn't really matter.'"

I agree

[b4k3d+b34nz]

They should have just had everyone call it the Sex for Gymnasts virus.

Re:I agree

[networkBoy]

funny...
Really, why not something like a hurricane naming system or such.
Virus name is datecode+varient number or some such, big ones get named for the year or something?
-nB

Re:I agree

[Debiant]

What about 'Huge black worm between legs'? It summarises both suggested in a one sentence.

Re:I agree

[b4k3d+b34nz]

I've never heard that proposed, but that does make sense. I guess the problem is when you have so many variants, like with the MyDoom virus--it's harder to associate a number than a name in memory. I guess that wouldn't be a problem if it's just so that AV companies have a standard naming convention for the viruses, but it could get harder for people to remember what they have to look out for.

Re:I agree

[hey!]

Well, it seems to me that you just need to use some kind of hierarchical naming scheme, e.g.

com.symantec.virusdb.mydoom
com.symantic.virusdb.mydoom.variant1
com.symantic.virusdb.mydoom.variant2 ...

This allows the vendors to respond quickly. Then each vendor can also maintain a "thesaurus" of equivalents with other naming authorities,e.g.:

com.symantic.virusdb.mydoom==org.cert.virus.2004.1
com.symantic.virusdb.mydoom.variant1==org.cert.vir us.2004.1.2

Then Symantec reports that you have com.symantic.virusdb.mydoom.variant2, you can check their thesaurus; if you don't find the exact variant, you could still figure out its a form of org.cert.virus.2004.1 that hasn't been named by that authority.

Re:I agree

you guys are such nerds

Re:I agree

[netcrusher88]

Hey, he's hit on something. If viruses would just comform to Java, they'd slow down to the point of being created after the patch has been released!

Re:I agree

[hey!]

you guys are such nerds

Thank you.

Re:I agree

[blackest_k]

I see your point, however I could see people confusing the virus with the antivirus company.

The AV companys might just see that as a negative.

Re:I agree

[VargrX]

I see your point, however I could see people confusing the virus with the antivirus company.

Wait! There's a difference? :)

Hej!

[Krach42]

Hej! Mi povas paroli esperanto, you insensitive clod!

Re:Hej!

[heatdeath]

Hej! Mi povas paroli esperanto, you insensitive clod!

For those of you who want to make equally cliche and off-topic posts, here's a link. =P http://www.kafejo.com/lingvoj/auxlangs/eo/tradukil o/

Re:Hej!

[pilgrim23]

spoken like a true native...

Re:Hej!

[Cro+Magnon]

Dankon. Mi ne memori kiel al diri "LoL" en Esperanton.

Thanks. I didn't remember how to say "LoL" in Esperanto.

Re:Hej!

[Krach42]

Dankon. Mi ne memori kiel al diri "LoL" en Esperanton.

Awesome, even with such a spectacularly easy language as Esperanto, a machine translator screws it up hard.

"Dankon. Mi ne memoris kiel diri 'LoL' esperante."

Re:Hej!

Hej! Mi povas paroli esperanto, you insensitive clod!

No gxustas. Esperanto estas propra nomo, do gxi cxiam havas majusklon. Vi ankaux forgesis akuzativon. Pli bone:

Hej! Mi povas paroli Esperanton
Hej! Mi povas paroli en Esperanto
Hej! Mi povas paroli Esperante
Hej! Mi povas paroli Esperantlingve

Aux pli mallonge:

Hej! Mi scipovas Esperanton.

Re:Hej!

[Krach42]

Yeah, I realize it was wrong just after I posted it. I realized, i needed to make it accusative or adverbal, but I can't go back and edit it now.

As for capitalization, "esperante" wouldn't be capitalized in my opinion, it's an adverb, and no longer a proper noun.

Generally as I've had the understanding that the rules of capitalization in Esperanto are liberal, and deemed "insigificant" since they carry little actual intentional meaning, and rules of capitalization vary significantly across all the derivative languages.

Re:Hej!

Actually, it wasn't "spoken like a true native". The post below is absolutely correct, he forgot the accusative -n ending, and Esperanto should be capitalized (proper name). Better phrasings are also offered, but the minimal correction is, indeed, "Hej! Mi povas paroli Esperanton, you insensitive clod!".

Re:Hej!

[Krach42]

Actually, it wasn't "spoken like a true native". The post below is absolutely correct, he forgot the accusative -n ending, and Esperanto should be capitalized (proper name). Better phrasings are also offered, but the minimal correction is, indeed, "Hej! Mi povas paroli Esperanton, you insensitive clod!".

Actually, I should have responded to this saying that I needed the accusative ending, or make it an adverb, I just didn't feel a need to, since it was just a joke.

I personally learned "Mi povas paroli esperante." (without capitalization, because it's no longer a proper noun, but an adverb.)

Capitalization rules are iffy at best in Esperanto anyways, as the various derivative languages use vastly different rules. English uses it for all proper nouns and derivatives, German only uses it for all nouns but not their other part-of-speech derivatives, and romance languages generally (as far as my understanding goes) capitalize proper nouns only while nouns, but not their other part-of-speech derivatives.

Either way, I concede that my grammar was wrong, but my capitalization is a trivial, and generally irrelavent point to complain about in an international auxillary language.

Re:Hej!

[Tony+Hoyle]

Mi ne estos aeti i tiu rekordo, estas gratita.

(http://lingvo.org/traduku/ is better... handles sentences).

Re:Hej!

Many people speak esperanto. It is not a "dead" language. Infact many millions of people speak it, and will continue to speak it.

Why not assign every virus an ID number?

[l33t.g33k]

Really, I think this would simplify things a bit. Assign every virus an ID number. Then, people could search a CENTRAL database by typing in the ID number that their anti-virus software reports, and be able get whatever info they need about the virus. The current naming conventions are very confusing for some people.

Re:Why not assign every virus an ID number?

[networkBoy]

Seems we had the smae idea at the same time...

This by far makes the most sense. A central dB and work from that. A way to track linages, inherent in the naming schema would be good.
-nB

Re:Why not assign every virus an ID number?

[AKAImBatman]

Three comedians are shooting the breeze at the back of a nightclub after a late gig. They've heard one another's material so much, they've reached the point where they don't need to say the jokes anymore to amuse each other - they just need to refer to each joke by a number. "Number 37!" cracks the first comic, and the others break up. ""Number 53!" says the second guy, and they howl. Finally, it's the third comic's turn. "44!" he quips. He gets nothing. Crickets. "What?" he asks, "Isn't 44 funny?" "Sure, it's usually hilarious," they answer. "But the way you tell it..."

So, did you hear about virus #2451-23123.2134-A? I hear it's going to be a doozy! :-P

Re:Why not assign every virus an ID number?

[99BottlesOfBeerInMyF]

Assign every virus an ID number. Then, people could search a CENTRAL database by typing in the ID number

They did that. Its called the CME, or Common Malware Enumeration number. Blackworm was long ago numbered CME-24. The problem is the press does not generally include this number in their press releases and instead uses one of the many names different companies come up with. Also, most end-user anti-virus programs haven't bothered to include CME's in the user visible parts of their applications.

Re:Why not assign every virus an ID number?

[phraktyl]

Use something like the CVE, or Common Vulnerabilities and Exposures list over at Mitre.

Re:Why not assign every virus an ID number?

[MightyMartian]

I think they should just name them DontopeneveryfuckingemailyoufuckingretardA, DontopeneveryfuckingemailyoufuckingretardB, DontopeneveryfuckingemailyoufuckingretardC and so on...

Re:Why not assign every virus an ID number?

[TubeSteak]

Assuming you just keep tacking on letters, one day you'll get a virus named DontopeneveryfuckingemailyoufuckingretardNOT

Re:Why not assign every virus an ID number?

[just_another_sean]

Funny? Mod parent *Insightful*!

Re:Why not assign every virus an ID number?

[ajs]

I think it would be best to use the WHIRLPOOL hash of the virus.

I think my machine has been hit by B97DE512E91E3828B40D2B0FDCE9CEB3C4A71F9BEA8D88E75C 4FA854DF36725F
D2B52EB6544EDCACD6F8BEDDFEA403CB55AE31F03AD62A5EF5 4E42EE82C3FB35, can anyone tell me what I should do?

Re:Why not assign every virus an ID number?

[Have+Blue]

Better version:

So this guy takes his girlfriend to an engineers' comedy club, but when the act starts, she's confused because the guy on stage is just shouting out numbers and getting laughs from the crowd each time. She asks what's so funny, and her boyfriend explains that they have indexed every joke in the world and assigned each one an ID number, so when he says a number he's telling that joke. This goes on for a while until the end, when the comedian shouts a certain number that really brings the house down, roaring, cheering, standing ovation, the works. The girl asks what was so funny about it. The boyfriend replies, "We've never heard that one before."

Re:Why not assign every virus an ID number?

Interestingly enough, they did. Replace the V with and M, and you get Common Malware Enumeration.

And, just like CVE, no one uses it. Go US Department of Homeland Security!

Re:Why not assign every virus an ID number?

The problem is the press does not generally include this number in their press releases

Give it time. The CME numbers are very new; they are only up to number 24!

Re:Why not assign every virus an ID number?

[mortonda]

So the next question is, why hasn't SLASHDOT used this yet? If the geek website doesn't get it right, you expect the regular news media to get it right?

Re:Why not assign every virus an ID number?

[hotdiggitydawg]

Three comedians are shooting the breeze at the back of a nightclub after a late gig. They've heard one another's material so much, they've reached the point where they don't need to say the jokes anymore to amuse each other - they just need to refer to each joke by a number. "Number 37!" cracks the first comic, and the others break up. ""Number 53!" says the second guy, and they howl. Finally, it's the third comic's turn. "44!" he quips. He gets nothing. Crickets. "What?" he asks, "Isn't 44 funny?" "Sure, it's usually hilarious," they answer. "But the way you tell it..." ...and then a heckler from the crowd pipes up and shouts "258", and the comics start pissing themselves with laughter. Eventually one calms down enough to respond "That's brilliant, we haven't heard that one before"...

Re:Why not assign every virus an ID number?

[Mathness]

I think they should just name them DontopeneveryfuckingemailyoufuckingretardA, DontopeneveryfuckingemailyoufuckingretardB, DontopeneveryfuckingemailyoufuckingretardC and so on...

I see your point, but I don't think long, and hard to pronounce, Finnish words is they way to go.

To you out there who doesn't understand Finnish, the words can roughly be tranlated to (I am a little rusty at this, so excuse any errors):
I am a fricking virus/worm with a laser attached to my head, so don't fricking read this email.

Re:Why not assign every virus an ID number?

It will take time for the media to catch on. The media (and us) like sexy names (excuse the pun) like the kama sutra worm. The in-betweeners like Tim Baharin and Larry Magid need to push this on the media and then people about this new system so people can be use the common term. But like most human being they will refer the "sexy" name that an compary decides to name the malware.

Re:Why not assign every virus an ID number?

[jZnat]

Better yet, give it a GUID! We have plenty left to go around for a long time! Let's use some a little bit faster.

Re:Why not assign every virus an ID number?

[NickBilo]

CME is only for high-profile outbreaks. It is impossible to assign an ID for EVERY virus, because there is nobody has/knows about every virus. In fact antivirus companies are reluctant to share more than a few virus samples with each other, let alone US Government (who runs CME program). And then like the poster above said, even if they had all been numbered, media will still call them "Sex and Rock'n'Roll virus on the loose".

Re:Why not assign every virus an ID number?

[PhunkySchtuff]

It's not a MacBook Pro, it's not a PowerBook as there's no PPC in it, so it's a CentrinoBook

Re:Why not assign every virus an ID number?

[The_Wilschon]

The government could even issue national virus ID cards, with RFID tags in them!

Re:Why not assign every virus an ID number?

[John+Nowak]

They were called PowerBooks long before they used PPC processors, but keep trying.

Re:Why not assign every virus an ID number?

[jimfulton]

Or get out of the 90s and run Desktop DMZ software so that you can go ahead and open every f*g email without ever worrying about it.

Re:Why not assign every virus an ID number?

[TPS+Report]

I think they should just name them DontopeneveryfuckingemailyoufuckingretardA, DontopeneveryfuckingemailyoufuckingretardB, DontopeneveryfuckingemailyoufuckingretardC and so on...

Donto pen every FUC king E mail you FUC king reta RDB? A little help here? I don't get it. :)

Re:Why not assign every virus an ID number?

[fatphil]

Since when have powerbooks been exclusively PPC powered?

My powerbook 210 certainly didn't.
http://www.classiccomputer.de/apple/app210.htm

Re:Why not assign every virus an ID number?

[Schraegstrichpunkt]

Dontopeneveryfuckingemailyoufuckingretard

Yeah, because anyone who thinks that email is supposed to be read is obviously a retard...

Kama Sutra Worm Hits Softly

Thank God. Imagine if Kama Sutra hit hardly. That would put microsoft in an aquard position...:)

Re:Kama Sutra Worm Hits Softly

What is this "aquard" position?
I only know of awkward positions.

Re:Kama Sutra Worm Hits Softly

[ScrappyLaptop]

...You obviously haven't read the Kama Sutra, then. The awkward positions are only good in porn. Try the aquard, you'll like it and your partner will LOVE it!

Re:Kama Sutra Worm Hits Softly

[comgen]

A few thoughts,

The Karma Sutra issue, really there is nothing new about malware like this one. Every day I watch and monitor much worse threats. I feel this one was escalated by the back seat approach Microsoft has taken.

On the M$ site it states that, 3rd party security vendors already have in place solutions to suppress the Karma Sutra threat. Also that they [ M$ ] will not break their patch cycle to address this problem, but.......if you have purchased additional support packages, you can get the patch in advance. They acknowledge the problem, that they have in place the patch already....but the average end-user must wait for the next patch day. Or fork out more cash M$'s way [ Still scratching my head on that one ].

I have one question for M$

" When are you going to allow 3rd party vendors [ security ] to release their own version(s) of the M$ OS [ Windows ] ???? "

I would have zero problems handing over cash to any 3rd party that could offer a secure version of XP. Especially, when it seems that M$ doesn't feel that the every day users of their products are important. It is rather puzzling....3rd party vendors address and watch out for M$'s customers when they don't. Yes, Anti-Virus companies make money by providing computer security and solutions. That's not the real issue at hand, the real issue is the lack of responsibility M$ seems to take for their own products.

An ex-programmer for a rather ' large ' OS provider once told me. " Microsoft and their products are one of only a few services offered that people will accept fault and flaws in, and always return to.....and to boot, they continue to shell out big bucks, not only in the price of the OS, but also in 3rd party technical services that clean and repair their systems of viruses".

I'm not in any way anti Microsoft, I do however feel that they need to ' FIX ' their products, provide more information to the general public about the harm Windows for example can cause [ think big tobacco and the Surgeon General Warning ]. Provide equal product care to all, and again FIX your product(s).

With Karma Sutra the public was made aware of an issue that could have been worse. That is if 3rd party vendors had not provided security solutions for Microsoft and their customers.
I do not feel M$ will ever FIX their product(s), nor will they take responsibility for their flaws, so maybe we need to look else where for a middle ground. One where M$ can continue to produce and sell ' snake oil ' and the customer has enough heads up to purchase/seek if needed extra 3rd party product protection.
How ? , one way is the main stream news media, here in the USA we have Amber alerts, emergency weather, etc. notices on both tv and radio. I suppose they could include Windows security alerts also ? and I would encourage malware writers to include document trashing in all of their code. It seems to wake people up when they hear that their documents and pictures are at risk !!!

The naming confusion...

[undeadly]

... is intentional. It is due to companies trying "differensiate" themselves from the competition, and very little to do with increasing the security of their paying customers. Quite simply: it is marketing.

Re:The naming confusion...

Virus names need to be more insulting to the creators. Some little script kidde is not going to be very proud to have written the "NeverKissedAGirl" virus.

Re:The naming confusion...

[techno-vampire]

It also allows the anti-virus companies to inflate their claims of how many threats they can stop. By listing the same one under every name it's known by, they make it look like they're even more protective than they are. Don't know if any of them actually do this, but it's certainly a possibility.

Re:The naming confusion...

[rabeldable]

"Media Hype" + "Virus Name Variance" = "Consumer Dilemma"

The names of viruses should be treated like tropical storms & hurricanes. With the new year the naming should start over at the letter A, then when the English alphabet is exhausted the names should be Greek... and so on. It makes sense to prevent confusion over the many vendors and their different naming conventions. Of course all of this would have been prevented if M$ decided to create an API that did not require so many privileges.

Re:The naming confusion...

[k12linux]

Yeah, nothing like spouting off how you were the only vendor to detect MyWife.c (because nobody else called the exact same virus something else.)

Total Mess + Government?

[dada21]

They got most of the article right, but it isn't Total Mess + Government = ???. It's Total Mess = Government. I guess that's all the article really needed to say.

Honestly, most of us use just one anti-virus application. They're all pretty much equal on what viruses they detect, and the entire Kama Sutra situation called for one simple procedure: "There's a virus possibly hitting Friday, so make sure you update your anti-virus." There really isn't much need to name the virus the same across all AV apps or even countries or any of that, just warn people, use the name you think is decent, and get them to update their AV files.

Re:Total Mess + Government?

It's Total Mess = Government. I guess that's all the article really needed to say.

Nice try, but you're full of shit, Dada21, as usual.

Anti-virus companies / corporations have created a naming mess by trying to differentiate themselves.

Government tries to instill some order by creating a naming scheme, and it's their fault it's a mess?

You're obviously a totally partisian hack who ought to fuck off and grow up.

Re:Total Mess + Government?

If government = total mess, then Government + Total mess = 2*Government.

Re:Total Mess + Government?

[sp3tt]

1) People are too stupid to fix stuff themselves (i.e., let the market do it).
2) Therefore, we have governments.
3) To create the illusion that there still is freedom, and that your life and liberty is not dependent on some politician's or bureuacrat's arbitrary decisions, people get to vote for the government they want.
4) But, by 1, people are too stupid to fix themselves - how are they then going to be able to make the most important decision: who's going to use coercion against them and why? Clearly, 3 contradicts 1.

Re:Total Mess + Government?

[dada21]

Considering I was modded troll before the debate could even begin, I guess the majority of slashdotters agree with you.

But ICANN isn't a private corporation, no matter how much it wants to defend itself as such. Just as NASA is a monopoly government organization, its defenders want to call it a group of private corporations that are doing something through government that the market couldn't do on its own.

DNS can be handled by a private, competitive market of companies wanting to beat one another in price and performance. There's a huge amount of cash to be made in the business of domain name serving, yet we're letting government take it over and give that profit to their cronies, and we the consumers will suffer in decreased service and increased pricing.

$$$ @ Work

[Nom+du+Keyboard]

a new U.S.-government funded initiative to introduce some sanity into the virus-naming business.

Wow (not WoW)! My tax dollars at work. I am so thrilled now!

No headlines.

[IAAP]

It wouldn't be as attention grabbing.

What do you think sells more papers:

The "Cyber Herpes" virus is coming!

or, "5437B" is coming!

Re:No headlines.

5437B could sell more papers, because it makes less sense. :-)

Re:No headlines.

[Skater]

It worked for species 8472!

Virus Naming Conventions

[SilentOneNCW]

Assigning viruses numbers is an interesting idea, making tracking viruses easier in some ways, but much harder in others. For example, one couldn't say on the Nightly News: "Virus #34932423 has recently stricken the Internet, destroying the International Llama Foundation's forums and redirecting all Google search results to the federal government. Watch out, folks, #34932423 is a real nasty!" If the authorities do not name viruses, they will be given names by the common people to make communication easier. Much better to have an organization give each virus a name that has some chance of making sense, rather than having the masses choose a name that may or may make any sense, i.e. "the blue screen of death virus has hit again!"

Re:Virus Naming Conventions

#14638440, I don't understand what you mean.

Re:Virus Naming Conventions

[greenegg77]

No! Not the International Llama Foundation forums! Where am I going to get my quality Llama pron from now?

Re:Virus Naming Conventions

I prefer midget llama porn myself.

Re:Virus Naming Conventions

[ilyanep]

People are Homo sapiens and yet we call them people. We have multiple names for some animals. Why not do the same for Viri?

IVSC

[Randall311]

They should have an International Virus Standards Committee, so that we can waste lots of time and money deciding what the next virus should be named...

My point is, who cares what it's named! A mass mailing worm is just that. Shouldn't matter if you call it "Blackworm" or "You got f'ed in the a". If it walks like a duck and talks like a duck...

Re:IVSC

[techno-vampire]

They should have an International Virus Standards Committee, so that we can waste lots of time and money deciding what the next virus should be named...

Standards are such a wonderful thing; there's so many to chose from.

Re:IVSC

My point is, who cares what it's named! A mass mailing worm is just that. Shouldn't matter if you call it "Blackworm" or "You got f'ed in the a". If it walks like a duck and talks like a duck...

Yep, we don't want to spoil the fun.

Like Java depricated and depreciated we could have Blackworm and Blickworm.

computer virus or STD?

[stringycheese]

I can't believe that is the best name the government can come up with. It sounds more like an STD than a computer virus.

Let's ask the Anti-Virus Companies...

[digitaldc]

...to see if they will promise to use only one name & abbreviation next time:


'Latest Overhyped VIrus Threat' or 'LOVIT'

Numbered Viruses

[conteXXt]

Oh boy this is a great idea.

Three genus(es?) = os

Microsoft
Linux
MAC

species = app
ie
etc...

phylum = number (increment)

now here is the kicker: Microsoft will have a canary.

as the numbers will hit the MAXINT for a 32bit OS

newscaster: "MSIE999999999999999 was found in the wild today"

producer: "mumble mumble"

newscaster: "sorry that was MSIE 10 to the power of 999999999999"

Re:Numbered Viruses

FYI, if you're talking about the operating system, it's "Mac", short for "Macintosh". It's not a fucking acronym.

And your post made no sense whatsoever.

silly

[josepuerto]

i think it's an absolutely silly name. they should hire more creative minds to come up with these names...

Re:silly

[MightyMartian]

I hear Karl Rove might be looking for a job soon.

Re:silly

[josepuerto]

haha! and scooter libby, too!

Re:silly

[ARRRLovin]

"I hear Karl Rove might be looking for a job soon."

As an agent in the Matrix?

The problem with variants: cladisitics

[G4from128k]

The problem is all the variants of a given malware. For most users, the signature of the payload is less meaningful than the subject line of the e-mail. A virus email that promises Kama Sutra pictures is "different" from one promising Miss Lebanon even if the underlying payload and behavior is identical.

Perhaps AV experts need to use cladistics with a standardized set of feature dimensions. A cladogram of the virus varients and some threshold distance in feature-space would help segment similar and dissimilar malware.

I actually don't hold out much hope for this because malware is an adaptive threat. Malware creators might (and do) easily take steps to obfuscate their warez -- creating spurious variants for the express purpose of confusing AV software, news reporting, and users. The more variants that appear, the harder it is to counter the threat.

The language is now a virus...

[__aaclcg7560]

Esperanto is now a virus? I hope it catches on quicker than it was as a language. Otherwise, it'll take 50 years to get anywhere.

Re:The language is now a virus...

[JahToasted]

even then it'll only affect three computers at the UN.

Oy

[nightsweat]

Aaaaaaaand THIS is why geeks should never work in marketing (just as marketers should never make tech decisions.

Are you going to get the public to take a nerd warning about "m71.4445876.EU.1393" or one called "CreditRatingRaper" more seriously?

You should HAVE a more stable designator, but get the companies to agree on a popular name also, maybe by letting them name the biggies round-robin style.

Slightly OT

[TubeSteak]

Even though the article comes from blogs.washingtonpost.com, they threw in links to Wikipedia :O)

http://en.wikipedia.org/wiki/Sisyphus
http://en.wikipedia.org/wiki/Tower_of_Babel

To stay ontopic, here's the list of companies and the name they picked for this virus

Authentium: W32/Kapser.A@mm
AVIRA: Worm/KillAV.GR
CA: Win32/Blackmal.F
Fortinet: W32/Grew.A!wm
F-Secure: Nyxem.E
Grisoft: Worm/Generic.FX
H+BEDV: Worm/KillAV.GR
Kaspersky: Email-Worm.Win32.Nyxem.e
McAfee: W32/MyWife.d@MM
Microsoft: Win32/Mywife.E@mm
Norman: W32/Small.KI
Panda: W32/Tearec.A.worm
Sophos: W32/Nyxem-D
Symantec: W32.Blackmal.E@mm
TrendMicro: WORM_GREW.A

So who was calling it "Kama Sutra" ?

Re:Slightly OT

Subject lines used in the malicious emails include the following:

            *Hot Movie*
            Arab sex DSC-00465.jpg
            Fuckin Kama Sutra pics
            Fw: SeX.mpg
            Fwd: Crazy illegal Sex!
            give me a kiss
            Miss Lebanon 2006
            Part 1 of 6 Video clipe
            School girl fantasies gone bad
            The Best Videoclip Ever

Re:Slightly OT

[fdiskne1]

So who was calling it "Kama Sutra" ?

That would be the news media. You know, the all-knowing virus experts.

And all the non-tech people see this in the news and think it's a big deal. They keep calling asking if we are being hit by it. Gee, I don't know. It's been out since January 17 and our definitions have been updated about 15 times since then. You haven't been opening email attachments from people you don't know claiming to be sending you porn, have you? No? Then I think we're safe.

Come on people. Listen to those who know about what you are reporting. I had the same *&%$ happen a few weeks ago with the WMF flaw. Someone who thought they knew about security sent an email to everyone in the company telling them about a flaw that our systems were protected against anyway. This was after he sent a draft of the email to me to review to make sure he had the facts straight. I advised him to not send it at all. He sent it anyway. All this is just crying wolf. Some day there will be something we need people to be aware of and they will ignore us because of all the false alarms in the past.

Hoping for a "snow" day...

[finelinebob]

What a disappointment!! I was hoping for a day off from work, BUT NOOOOOOOOOOOOOO!!!!

No crashing networks, no choked ISPs, my ping in SWG didn't even go up. What a waste of paranoid hysteria....

Standards start at the grassroots

[Vellmont]

I'm sure the big Antivirus guys will resist tooth and nail any external change like the CME numbers. As the article says, they aren't the target for this naming scheme, the people who have to deal with these viruses (like a lot of us slashdotters) are the real people who benefit. With a common naming that us end users can agree on we can finally communicate about what virus is what, instead of having some giant table to translate all the time. People will still use the more common names in the press, etc.

The CME number will be like the scientific name of a plant or animal. Specialized to a certain group, but entirely definitive. The antivirus vendors will all eventually have to start publishing a CME identifier with each virus so any administrator will know "what the hell virus is that?".

You forgot one froggy spot

The French will still want to make up their own name. They did for Email.

Cause or effect?

[nurb432]

Was it a dud beacuse it was nothing to worry about in the first place and the hype was overrated?

or was it a dud beacuse of all the hype and people patched beforehand?

Re:Confuse the general public?

And a very nice tartan that is too!

CME is one name for every malware.

[Futurepower(R)]

Common Malware Enumeration (CME) explanation.

CME List, which has numbers above 900.

--
Before, Saddam got Iraq oil profits and paid part to kill Iraqis. Now a few Americans get Iraq oil profits, and American citizens pay to kill Iraqis. Improvement?

VGrep

[salvorHardin]

Isn't this exactly what VGrep was designed to sort out?

Universe will come to end when..

[Maxhrk]

... Someone write the Answer-to-everything-is-42 virus.

Re:Universe will come to end when..

Maybe this has already been done.

Hurricane names?

[serodores]

Don't they already have a naming convention in place for hurricanes? The World Meteorological Organization has been doing this for years. Given the backing of CERT for vulnerability incident descriptions, details, and classifications, why can't they organize a unique naming convention already used for hurricanes?

Sure, they may run out of names, but they can reuse names as they do for hurricane names, with the exception of widespread popular hurricanes/worms/virii, which can be retired, just like some hurricane names.

people get worms and virii?

[digitallysick]

you mean they havent switched to linux yet?? ahhh oh well one day they will learn.

Here's why you give them names.

[Churla]

The same reason we give everything names, to make it easier to remember.

Can anyone rattle off the IP address for www.yahoo.com? (wait.. around here.. bad question...)

But you get the point. We as humans name everything in order to keep better mental reference and remember it. They could have called it the Apple portable media player , but they came up with iPod. And people remember it.

I think that here in the geek world we so commonly have to reference things by numbers that we forget that names are for people who aren't quite as numerically attuned as us.

Now, do they go overboard sometimes? Yes, they try to name things to grab attention and be "sexy" and "something catchy". My opinion is to take some moderately unique word or phrase found in the signature or output and use that. It's what was done and its still done a good bit of the time.

Universal # NOT A PROBLEM!

[Temujin_12]

Why does everyone insist that using a universal numbering system will suddenly prevent anyone from referring to the virus as anything but that universal number? How many of you have used an ISBN number for a book and found very convenient? Did you then go around to all of your friends and say, "Wow I just bought 0-672-32308-7. It was great!"?

Having some sort of universal numbering system does not remove the need for normal names and titles. It just provides an authoritative convension that can be relied upon on a technical level.

I don't get it...

[MacDork]

DontopeneveryfuckingemailyoufuckingretardA

What's the point of email if you can't open your email?

Wow

I can't believe how much money and resources are wasted on viruses.

Chaos

[galatea2.2]

There's a naming convention for hurricanes, there ought to be one for viruses. My spouse's company was ready for this virus, had information posted for everyone on the intranet about it. Even other IT people were confused and after reading about the Kama Sutra virus here on Slashdot, wanted to know why there wasn't any information regarding that ("My Wife" may have been the name used in the initial security bulletin). If even other geeks are blowing a gasket, imagine the general public.

Yes, $$$ @ Work

[AlpineR]

Cyberspace is now considered to be a likely arena for future wars (or terrorism, or organized crime). Sure, the Kama Sutra worm seems trivial. But when a virus threatens to bring down a major part of the US economy, then a little investment in improved communication will pay off.

Better sources for indecent Esperanto

Even better sources for indecent Esperanto can be found in the article How To Talk Dirty In Esperanto: Kiel Paroli Maldece en Esperanto. When you're done with that, check out Tabuaj Vortoj En Esperanto.