Slashdot Mirror

← Back to Stories (view on slashdot.org)

You Think Discovering a Computer Virus Is Hard? Try Naming One (wsj.com)

Posted by msmash on from the what's-in-a-name? dept.

Like astronomers who discover new stars, security experts who first identify computer bugs, viruses, worms, ransomware and other coding catastrophes often get to name their finds. Such discoveries now number in the thousands each year, so crafting a standout moniker can be a serious challenge. From a report: Two years ago, German security firm SerNet GmbH figured a punchy name for their bug discovery would give the company a publicity jolt. They called it Badlock, designed a fractured-lock logo and set up a website. The marketing push backfired when some security experts decided Badlock wasn't that bad. Cynical hackers called it Sadlock. "We would not do this again," says SerNet Chief Executive Johannes Loxen of the branding blitz, which he says was overkill because a relatively small number of people were affected by Badlock. Hackers are no fans of marketing. They brand things in their own way. Puns and historic references are the name of the game. "They see it as a kind of grass-roots initiative," says Gabriella Coleman, an anthropologist who teaches courses on hacker culture at McGill University in Montreal.

Some venerable names that have stood the test of time: The Love Bug, for the worm that attacked millions of Windows personal computers in 2000, and Y2K, a turn-of-the-century programming scare that didn't live up to its hype. Many names tend more toward geekspeak. The title of hacker magazine 2600 is a tip of the hat to 2600 hertz, the frequency old-school hackers reproduced to trick AT&T phone lines into giving them free calls. Computer worm Conficker is an amalgam of "configure" and a German expletive. Code Red is named after the Mountain Dew drink researchers guzzled while investigating the worm.

20 of 49 comments (clear)

  1. Most should get a formulaic name by Anonymous Coward · · Score: 1

    Unless something gets a big public profile or it is "interesting" in some other way, just refer to it by a "formulaic" name, such as the CVE that first mentions it.

  2. Re:That's easy. Name the worse one "Kim." by zippo01 · · Score: 1

    Or just use the same list as they do for hurricanes.

  3. Y2K by Megol · · Score: 4, Insightful

    There were a _lot_ of effort trying to reduce the Y2K problem, it succeeded and now it was all hype. Yeah...

    1. Re:Y2K by stevel · · Score: 3, Insightful

      Absolutely correct. It would have been a LOT worse if nothing had been done.

    2. Re:Y2K by TheStickBoy · · Score: 5, Informative

      yes thank you!
      I came here just to complain about that one quote: "...and Y2K, a turn-of-the-century programming scare that didn't live up to its hype"

      I was a consultant for that worked on Y2K compliance for a very large US firm with over 5k unique software applications/installs. We identified the risk and patched where appropriate....and there was risk!
      Y2K rolls past and everyone says, oh well....guess it wasn't really an issue.
      ARGH!
      OK, I admit there was alot of hype in 1999 about Y2K but there were alot of programmers working on it. We will just never know how bad it would have been if it was just left as is.

    3. Re:Y2K by Anonymous Coward · · Score: 1

      Yes, I hate it when idiots who know nothing say that Y2K was overblown.

    4. Re:Y2K by Mr0bvious · · Score: 1

      Have we mitigated 2038 yet?

      I expect that's going to be a doozie!

      --
      Never happened. True story.
    5. Re:Y2K by fmoliveira · · Score: 1

      There were people asking if their screwdrivers would stop working. The hype was much larger than anything that could have happened if nothing was done.

  4. Yeah 99% don't need names by raymorris · · Score: 1

    Agreed. At work we deal with new vulnerabilities daily. Tuesday, Microsoft released patches for maybe 70 vulnerabilities, as they do each month. CVEs are fine.

    Heart bleed we reference often enough that it's useful to have a memorable name, rather than trying to remember the CVE. Though even in such cases, it might be more useful to use the category names such as "padding oracle" instead of saying "similar to Logjam". That reminds us that Logjam is only a very specific case of a general problem. You can easily re-create something almost exactly like Logjam if you think Logjam was the problem, rather than padding oracles generally.

  5. Re:That's easy. Name the worse one "Kim." by Cryacin · · Score: 1

    It's not the name that counts, it's how many hospitals you shut down in the process.

    --
    Science advances one funeral at a time- Max Planck
  6. Re:That's easy. Name the worse one "Kim." by Oswald+McWeany · · Score: 1

    Or just use the same list as they do for hurricanes.

    You're going to need a longer list.

    --
    "That's the way to do it" - Punch
  7. They need names, but,,, fuck you! by Slugster · · Score: 1

    Malware does need names, because that's how you find info about them online. Everything online needs to have a name.

    The name should not just be an invention, however. If possible, it should relate to the content or the detection profile of the virus. We're not naming Linux utilities here...

    Some years ago a PC of mine got a virus called the "fuck you" virus. The reason it was called that was because a couple of the major files in it were named "win32_fuck_you.exe", or "fuck_you_wd153.d" or whatever. A virus scanner picked it up only after it had gotten in, and it showed the files named this way,,,, so that was all the info I had to go on.
    ,,,,
    When I went to look online for more info, only one major antivirus company even had a web page about it. All the others wouldn't allow the word "fuck" in their reports or their online forums, and so they had no information about it at all.
    And when managing online forums, that is still pretty common practice today.
    I'm surprised it's not more of a problem.

  8. Like Comets by Zorro · · Score: 1

    2018-0001

    2018-0002

    Etc...

  9. Re:That's easy. Name the worse one "Kim." by freak0fnature · · Score: 1

    Likewise...only take the 'up' out.

  10. Re:Naming things is always hard. by rastos1 · · Score: 1

    And off-by-one errors.

  11. Slow news day... by neo-mkrey · · Score: 1

    huh?

  12. I'm not taking advice ... by Quirkz · · Score: 1

    I'm not taking advice from a company whose best attempt at naming *themselves* is "SerNet GmbH". Four capital letters in two words, and there aren't even any vowels in that second one. How the hell am I supposed to pronounce that?

    * I am aware of German corporate names. Though "GmbH" is still awkward, and as an American I've got no idea how to pronounce it.

    --
    The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
    1. Re:I'm not taking advice ... by orion205 · · Score: 1

      Though "GmbH" is still awkward, and as an American I've got no idea how to pronounce it.

      Try "gee-em-bee-aitch".

    2. Re:I'm not taking advice ... by Quirkz · · Score: 1

      Just rolls off the tongue. Thank you for the information. Even I have to admit that GmbH appears to be, in comparison, a short and easy handle.

      --
      The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
  13. Risk hype by erice · · Score: 2

    OK, I admit there was alot of hype in 1999 about Y2K but there were alot of programmers working on it. We will just never know how bad it would have been if it was just left as is.

    Yes, actually, we do, within some bounds. The hype was that power would go off, cars wouldn't start, and it would be the end of days. That was just plain stupid since critical real-time systems generally do not work with dates. If absolutely nothing had been fixed, billing and financial systems, in general, would have been pretty messed up. The recession might have hit eighteen months early and might have been deeper. But most modern technology would ride on through.