My daily virus

Forget the WildList; Outlook delivers

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

"I regarded viruses as only good for entertainment," said Guido Sanchez about ten years ago. Sanchez ran Nun Beaters Anonymous, an underground bulletin board system notable for its free viruses and dry wit, the latter a scarce commodity in the world of hacker outlawry.

For the record, he also said: "I have nothing against nuns, nuns are great people. I love nuns!"

However, nuns notwithstanding and with regard to viruses, Sanchez's words are still right on. If you're going to hang around in the business for any length of time, it helps to develop a sense of humor towards everything.

How else to regard the recent carnival of the absurd in which the poor sod who administers the WildList [Shane Coursen, a former SecurityFocus Online columnist -ed] let out an electronic screech of pain over lack of funds and job prospects?

In case you're just checking in, the function of the WildList is to compile and publish the names of those viruses reported to be in varying degrees of circulation, from high to low, around the world. The received wisdom on this is that it's a valuable service to developers and users because (1) vendors can or do calibrate their software to it, and (2) everyone else can get a gross sense of what's going on in the world, virus-wise.

Well, if it was so valuable why did the AV industry kind of forget to ply it with cash? Here's the dirty little secret, the real skinny on the subject. Stage whisper: No one cares.

While the WildList outburst did apparently succeed in momentarily shaming someone into opening their wallet, no AV vendors act like they need it. They publish their own lists of virus frequency; citation of the WildList, or even reading it, is irrelevant to the process.

And for everyone else, if your e-mail address is distributed around the world in enough Microsoft Outlook address books, you can compile your own WildList every week, a list that will generally mirror, to some degree, what vendors are reporting. Chalk the WildList's misery up to unintended consequences stemming from Microsoft's half-decade long horn-of-virus-plenty approach to electronic mail handling.

Old coot's voice: "Yep, I remember, Sonny, when we didn't actually get mailed the Top Ten viruses each week! But now those days are gone -- eh-eh. I think we're just gonna have to take Old Blue The Virus Epidemiologist out to the pasture and put 'im down. It's the merciful thing."

By now you may be thinking that I get quite a few viruses in the mail, and that I think they're funny. This is only partially true. Style and elegance are no longer twin fortes of virus-writing mountebanks. Time was when the Casino virus jumped out of the blackness of the screen and actually played a game of roulette with you before trashing your data. That fired the imagination! Now the day begins with a dull file in the mailbox with the name "You are FAT!" Yes, I'll be sure to double-click on that right away, sir.

I am constantly reminded that many people, apparently every bit as thick and intellectually inelastic as malicious code writers, do bite on these doltish come-ons. However, they don't work for me. Without automatic execution, there's no chance things like "Look,my beautiful girl friend [sic]," "Let's be friends," and, my favorite, "introduction on ADSL" are going anywhere not defined by the delete key.

In fact, I can't think of a single acquaintance, professional or social -- PC expert or illiterate -- that I know well, who has ever been sucked in by virus-writer subject lines. Superficially, I can picture only saps or children falling prey. But if a sap's PC is hijacked by a virus, how much does it matter?

The party line on the subject is that it matters a great deal because too many hijacked sap PCs can flood the system into dysfunction. However, as far as practical matters go, I already get, and have for some time, many viruses from total strangers and saps. A few more or less isn't a difference, just more junk in the inbox to delete.

And I think that it is this way for many. Call them a silent majority, a mass which employs its own rules-based anti-virus measures, deleting anything and everything that smells even faintly stupid or time-wasting. To survive the daily flood of electronic crap -- viruses, spam or foolish messages from certified ninnies and professional annoyances -- everyone builds up personal armor that includes a strong bull-detector and a joy in giving the waste can a workout. Once installed, this never needs updating.

Which leaves me with one question, rhetorical if you like, for the virus trackers. What's the ratio of unreported viruses deleted by hand by the skeptical to the number of those reported to lists?

© 2002 SecurityFocus.com; all rights reserved.

Boost IT visibility and business value

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.