- The Washington Times - Wednesday, February 11, 2004

Computer viruses and hackings are often spoken of as if they were acts of nature: unavoidable and capricious. In a politically correct age people hesitate to say that the problems of others are their own fault.

Some do say it. If you read the Web sites of professionals of computer security, you find that it increasingly a common view: Huge viral outbreaks occur not because the writers of viruses are fiendishly clever, but because people behave stupidly.

John Leyden, writing in the British computer news site the Register, says: “Two-thirds of the 1,000 people quizzed by market researchers TNS in January admit they are not aware of even the most basic virus prevention measures. Meanwhile, a third of those polled in the Novell-sponsored study said they are too busy to check their e-mails before opening them. Where does Novell find these lunk heads? U.K. office workers, that’s who.”

Lunk heads. The pros don’t mince words. The problem is that people who do not protect their computers make life unpleasant for everyone else. Infected computers can send huge numbers of copies of the virus to others, clogging the Internet.

This survey, and countless others, show that people just don’t bother about security.

Now, you can say that people who open attachments unwisely aren’t necessarily stupid. But for the purposes of computer security, they are at least inattentive. Anyone who has received 300 copies of Novarg in one day (as I have) might be inclined to say “irresponsible.”

Tim Mullen, a columnist for Security Focus marvels at the success of the recent MyDoom outbreak, which just about paralyzed the computing world. He asks at length: Was it a diabolically clever attack by some twisted genius? No, it was an executable attachment in an e-mail.

That’s all it was. It wasn’t clever. It wasn’t technically arcane. Everybody with a computer had the technical competence to avoid infection. Just don’t open the attachment. That’s it. But countless people did open it. And so the Internet slowed to a crawl.

In some ways, the problem of malicious behavior on the Internet is getting worse. For example, today large numbers of people have broadband, high-speed Internet service that is “always on.” This is great. It also means that unless they have fire-wall software, their ports are always exposed to hackers. (Ports are like doors through which malicious code can enter.) Their computers can be taken over and used to propagate viruses to others. Most likely the owner won’t even know it’s happening.

Which raises a thought: If people can’t or won’t maintain security, someone is going to have to do it for them. It can’t be voluntary. This means, among other things, that the software houses are going to have to build in security, such as real fire walls with script blocking to keep viruses from running. Which Microsoft is doing, but slowly and, being Microsoft, not clearly.

By the way, want to see whether your computer is vulnerable to hacking? Go to the site of Gibson Research Corp., grc.com/default.htm, scroll down to ShieldsUP!, click on it, and click on Proceed on the next page. A silver bar will appear with a button saying Common Ports. Click on it. Gibson’s site will probe your computer, as a hacker would, and let you see the results. If you are exposed, as is likely, talk to someone about getting fire-wall software.



Click to Read More

Click to Hide