Feeds

Senator ‘Cheesy Chuck’ Schumer phears the virus

McVeigh resurrected for emphasis

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

Poor worm, thou art infected! I mean the computer virus, not its target. Its image ripe and diseased with grand fictions, the gravity and nature of the computer virus phenomenon, as far as the public understands it, is now whatever anyone with the microphone says it is.

To wit: "A more technologically sophisticated Timothy McVeigh may, at this moment, be at home developing a virus that could undermine the American economy," declared U.S. Senator Chuck Schumer (Democrat, New York) as recently as February.

The destruction of the WTC didn't really undermine the U.S. economy, neither has the "War on Terror," but the lowly computer virus "could."

Why claim such a ridiculous thing? Too much strong drink before lunch? A codependent need for a techno-bogeyman to rail against? Victim of a Beltway culture of exaggeration in which no one pays attention unless the message is delivered draped in hysteria?

I used to strongly favor creeping nincompoopism as sufficient explanation. But having seen the mythos of the computer virus escalate over ten years, it's too glib.
Take, for instance, one of the FBI's first forays into virus discussion in 1996. Well before the National Infrastructure Protection Center opened its doors, the bureau published an allegedly scholarly article on computer crime that discussed viruses. It was, at the time, an unintentionally amusing piece that told of the "Lecture" virus, a malicious popinjay, said to corrupt the hard drive and scold the user for not catching it, and the "SPA" virus, which was alleged to examine programs to determine whether they were properly licensed. If it detected illegally copied software, it dialed 911 and asked for help.

Most infamous of the bunch was the wishy-washy slow infector, the "Clinton" virus -- said to "[eradicate] itself when it [could not] decide which program to infect."

If you worked in the computer security industry at the time and saw the article, it was immediately obvious the FBI authors had been sucked in by a series of jokes. Specifically, the citation was traced to an April Fool's column in a computer magazine, a column taken way too seriously in the FBI's haste to provide something that sounded informed to the law enforcement community.

Once it became publicized, the bureau's gaffe generated much clucking and snide comment on the nature of incompetence. However, there would be no real reason for embarrassment today, when Schumerian claims re the capability of computer viruses are commonplace.

Philosopher's Stone

The senator's press release from February included much terrific copy: "Terrorists can use viruses to shut down commerce ..." and "Frankly, I fear we're on the verge of a digital Armageddon," among others. Although his words were gone with the wind in a day or two, the hyperventilating assessment of the nature of virus danger is constant. The names on the delivering end change, but that's it.

As a political and social practice, it's much like alchemy -- that Middle Age pseudo-chemistry dictated by magical and philosophical associations. In more modern terms, excluding the minor and elementary business of updating anti-virus software, everyone devotes themselves to either winging it or making unusual, sometimes interesting and weird but always wrong, guesses about the nature of future and what should be done about it.

There are many Philosopher's Stones promised to turn lead into gold: Trustworthy Computing, the Govnet, corporate-government information sharing. There is the lip-service search for the elixir of youth: an anti-virus program that's not after-the-fact and which timid corporate America can actually be persuaded to use.

The computer virus itself is the alkahest -- the alchemical universal solvent, the solution for every need. Need to melt the Internet? Call for the alkahest. Are economic losses attributed to poor computer security uncompelling? Dissolve them in the alkahest. Must the irrational claim be transformed into rationality? Mix it with the alkahest!

In 1996, the "Lecture" virus only formatted the hard drive. Loser! No alkahest for "digital Armageddon," it was just an April Fool's joke and an underpowered one at that. (And the happening term for doom was "electronic Pearl Harbor," a far more modest interpretation of Megiddo.) The "SPA" virus was pathetic, too, but not particularly far-fetched. An actual DOS virus, named Raubkopie, chided the user, in German, over the use of pirated software.

Those pulled in by the virus jokes knew none of this then, and it exposed them as rank amateurs. But if anyone of the same vintage remains in the bureau or NIPC and they remember the incident, it must surely be with a bemused, "What was all the fuss about?"

© 2002 SecurityFocus.com, all rights reserved.

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.