Virus

The reports about server outages in Germany (and elsewhere) are somewhat exaggerated. Here are some facts:

The virus is a Visual Basic script. While it can be passed on by other systems, only computers running Microsoft Windows can actually be affected by it. Of course, our server runs Linux.

Under W95/98/2000, Outlook is very careless and opens the attachment if you open the mail. Under WinNT, the attachment (which is the dangerous part) is only opened if you double click on it. Netscape and other mail clients (on any flavor of Windows) will likewise only open the attachment if asked to. So people who know about the virus can simply delete the mail and never be troubled.

I work (among others) for a major German corporation with thousands of PCs. I was in a meeting when the ILY mails started pouring in. By the time I came back to my PC, everyone had been warned and I calmly deleted all the ILY mails in my inbox. To make life easier, I set up an Inbox Assistant (or whatever it's called) to automatically delete any mail with this topic that came in. By the afternoon, I had received over 150 of these mails but taken no harm, and although some were still coming in, it was down to a trickle of about 1 per half hour.

PCs on which people had actually opened the attachment, on the other hand, were hit harder. Most were "broken" to the point where they could no longer access the Internet to download antivirus software. At my company, a team of PC staff went around with a CD to decontaminate and fix PCs thus affected.

In an intelligently set up system, servers are PCs that don't have people working on them (or they'd be workstations), thus people usually don't open mail on servers. Thus, I don't believe a lot of servers were troubled by the virus. However, it's likely that a lot of networks were congested by all the virus mail floating around, by people desperately downloading virus software or whatever. It's also likely that a lot of networks were closed down by paranoid administrators while they were pinning down the problem.

I can't resist taking a swipe at my enemy, the Evil Empire Microsoft.

In their effort to make all their software interoperable, remote controllable and programmable in BASIC, MS has opened up some gaping security holes. It's important to realize that (practically) any Windows document can contain active content, such as ActiveX or VBScript, and that each such active content is a program, written by somebody else, which can be made to execute, often automatically, on YOUR PC. If you don't turn over your keyboard to anyone who sends you email, you probably don't want to allow them to execute programs on your PC. But this is precisely what MS software sets up all its users for.

To those who like to think in pictures, picture your PC as a house. MS's idea of security is to fling open all doors and windows, lay a WELCOME mat at the front door and a red carpet at the back door.

I'm very glad that this virus happened. I believe it will make a lot of people stop and think about how secure Microsoft software really is. We're not talking about international secret agents or terrorists. We're talking about a BASIC-scripting school kid in the Philippines, fercryingoutloud.

------------------
Elrac of Oberrad, Janitor of the Code

Newsflash: The BASIC-scripting Philippine school kid is now a German exchange student at an Australian University. A Swedish Internet expert claims to have traced the virus back to him.

Losses in computer and work time are estimated around $1 Billion, making this virus the most expensive in history. I believe that now is not a good time to be that German student.

Tybalt, I can't let what you said about ALL computers stand. In fact, all computers worthy of the name run an operating system. And all good operating systems have security measures to prevent users from changing things they should not.

I programmed on an IBM mainframe a long time ago which gave each user his own "virtual machine", which looked to the user like he was alone on an IBM mainframe of his own. If you tried to change anything in system memory, the system would give you your own copy of system memory within your virtual IBM, then let you change the bytes you wanted to. If the change you made was harmless, nothing would happen. If your change was harmful, your virtual computer would crash, giving you some error messages and logging you out or something. Meanwhile, the 100 other users of the system would never even notice. I thought this was very neat.

Most other operating systems do similar things. Under UNIX, you can't write to files that you don't have write permission for, period. Memory, ditto. If it's not in your official address space, if you try to write to it your program will be killed.

W95 has practically no protective mechanisms like this; WinNT has them, but there are some holes in the armor, and sometimes more holes are built in for convenience's sake.