Unemployed virus writers take heart
The Music Biz want you
The recording industry is hiring cyber miscreants to attack its own customers. And we thought you'd never amount to anything, writes George Smith, SecurityFocus columnist.
Nowhere Man, please listen, the recording industry has a job for you. The pay is good, the work easy and exciting, ripe with opportunity for someone creatively adept at clandestine dirty tricks.
Nowhere Man was an American virus-writer -- vintage 1992 -- who "invented" the Virus Creation Lab, one of the first widely-distributed programs to automate the production of malicious software. It was full of smirking computer hotfoots, none difficult for the anti-virus industry to counter, but ideal for turning a cyberspatial tenderfoot's afternoon into a hair-pulling good time.
Conceptually, it was perfect for a recording industry "exploring options," as the New York Times obliquely put it last week, for "overwhelming [music] distribution networks with potentially malicious programs that masquerade as music files."
Included with the Virus Creation Lab were the Nowhere Utilities, a set of "tools" to be used in plaguing software pirates, the feeble-minded, people in the wrong place at the wrong time and the avaricious with the electronic equivalent of free poisoned chocolate candies.
"They were for taking down lamers!" Nowhere Man laughed ten years ago.
Some were designed to create waste-your-time dummy files called "fakewarez"; Madonna would have certainly liked them. Others took advantage of file compression to create seemingly small archived binaries which expanded to system-crashing Brobdingnagian size when expanded, a stunt that still worked on some electronic file scanners a couple years back.
Other techniques disguised old viruses or patched code so that the use of a program would corrupt or erase data.
Taken singly, they were merely annoying. But in the aggregate they were enablers of escalating hostility.
Using Nowhere Man's software in 1992, I quickly made a virus called Heevahava, the name being a Pennsylvania Dutch pejorative for a simpleton, colloquially -- a farmhand given the job of harvesting sperm from a bull. "A more malicious program, dubbed 'freeze,' locks up a computer system..." wrote the Times of "industry options" to fight piracy. Heevahava locked up the machine, too, and could even be custom-tailored to display an annoying message, perhaps like: "Only Heevahavas steal music. Stop thief or else!"
New Dog, Old Tricks
What I learned was that there's no real line between mildly annoying disruption -- the industry's spin on these anti-piracy measures -- and pure overt and aggressive malice. It's too easy, even alluring once you're neck deep in it, to go from jamming up the computer and causing a reset to making the machine impossible to start without a trip to the doctor. Rationalizing such action as justified by circumstance is an even simpler task.
Imagine something like imposing a "cursed disk" fault. A few years back you could diddle the system sector of a Windows machine so that the PC could not even be started from a bootable diskette without some very specialized knowledge on the nature of the induced error.
Caught in a sweat, it was easy to persuade the afflicted that the hard disk had failed completely even though everything on it was unharmed. Ha-ha-ha, so funny. You shouldn't ha' ripped that Linkin Park CD, pally. Now you've learned your lesson.
The industry knows this type of conduct is contemptible. So do the media defender firms hired to develop and deploy the dirty work. One can just imagine the briefings on plans and "plausible deniability" already -- smug but clueless suits buying hogwash about how some allegedly sanitary enforcer technology will thrash the guilty and restore profits through fear and intimidation in a couple quarters.
Virus-writers never enjoyed any good publicity from working on code that could be used to devil pirates. No certificates of merit were handed out; it wasn't worth any money.
The entertainment conglomerates will find out that investing in the reinvention of virus-writer ideology and applications earns them more grief than satisfaction. They'll be ripped off by the firms they have commissioned because it is easy to overcharge for the work, the fruit of it being technical swill reproducible by chimpanzees. And then they will find that they have to keep it secret lest the more reptilian actions leak, and present public relations catastrophes.
Nowhere Man was just a kid and he outgrew his underground hobby. But the new nowhere men stand ready to poke rock and roll fans in the eyes with electronic sticks. That's real progress.
George Smith is Editor-at-Large for VMYTHS and founder of the Crypt Newsletter. He has written extensively on viruses, the genesis of techno-legends and the impact of both on society. His work has appeared in publications as diverse as the Wall Street Journal, the Village Voice and the National Academy of Science's Issues in Science & Technology, among others.
Sponsored: Today’s most dangerous security threats