Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Search | Test
Home » Industry Watch

FLI

The first cut is the deepest.
  - Cat Stevens

In their 6 February issue, eWEEK headlined with an article entitled 'IT Losing Ground in Virus Battle'. It's the sad story of how, after all these years, things are looking gloomier than ever in the fight for Internet security. And yet this article, as so many before it, fails to state the obvious: namely, wherein lies the FLI - the first line of idiocy.

Dennis Fisher leads off the article with the following.

After years of success deploying more effective and smarter defenses, anti-virus researchers contacted last week in the wake of the MyDoom outbreak acknowledged for one of the first times that the battle may be getting away from them.

The MyDoom virus, which hit Jan. 26 and infected several hundred thousand machines, is the fastest-spreading virus in the history of the Internet, experts said. At its peak late last week, MyDoom had infected one in every 12 pieces of e-mail, according to MessageLabs Inc., a New York-based e-mail security company. MyDoom also is the latest in a line of recent viruses that, while not particularly innovative, have been maddeningly effective.

Fisher then points out the obvious.

Anti-virus software is an inherently reactive technology, leaving users as the first line of defense against new viruses.

David Perry of Trend Micro is quoted.

There are a lot of Fortune 100 companies infected.

Fisher adds more scare to the scenario:

Virus writers are now loading their creations with extras such as back doors, mail proxies for relaying spam and keystroke loggers for stealing passwords. As a result, they're guaranteed that the viruses will continue to do damage after they've been removed from a computer.

By the end of last week, Symantec Corp. sensors were seeing as many as 2,000 unique machines scanning for PCs listening on port 3217, which is used by the back door MyDoom installs.

When will the tide turn? asks Fisher. Karen Worstell of AT&T answers.

I think executives are aware that something needs to be done but not what.

Even Dan Geer, the Asimov-whiskered former security guru from @stake, gets in the picture, suggesting a computer-oriented Centre for Disease Control and Prevention.

And finally, Fisher sums up the costs of the 'big ones' over the past four years, courtesy 'digital risk specialists' mi2g.

OutbreakDamage
Sobig$37.1 billion
MyDoom$22.6 billion
Klez$19.8 billion
Mimail$11.5 billion
Yaha$11.5 billion
Swen$10.4 billion
Love Bug$8.8 billion
Bugbear$3.9 billion
Dumaru$3.8 billion
SirCam$3 billion

In case you don't have a calculator handy, that's a walloping $132.4 billion.

Quite a bill.


There's one thing this article - and almost all others in this weary, never-ending genre - fails to point out.

Although Dennis Fisher and eWEEK want to be taken seriously, as do Karen Worstell and Dan Geer and all the rest, not a single one of them even intimate where the first line of idiocy goes.

None of the virus/worm outbreaks would have happened if people had not been running Microsoft Windows and other Microsoft products.

All of the above calamities are directly attributable not to malicious intent on the part of low-life skiddies, or even terminal gullibility on the part of computer users who should know better, but to Microsoft themselves.

No other technology ever had such an abysmal track record, and with over $100 billion in damages over the years, one wonders why they are still in the running at all.

It doesn't really matter that Microsoft continually promise to get their products together. The statistics speak a clear language all of their own. And people don't have to wonder if competitive technologies will get hit as hard: jumping ship can't cost more than now, where the first line of idiocy is to stay in the Microsoft camp.

It's tantamount to getting shelled in a foxhole and then wondering if it might not be a good idea to regroup elsewhere.

The current wave began in the spring of the year 2000 with the release of 'ILOVEYOU', the Love Bug, what some suspect was an accident involving students at an IT institute outside Manila in the Philippines. The devastation was swift, and yet even that time the exact nature of the vulnerabilities involved were kept out of the media for a long time. One could read, hear, and see a lot about the violent spread of the Love Bug, but one could not read, hear, or see what software products were involved. Only much later did the media cave in and admit that the Love Bug only hit Microsoft products, and in particular only Microsoft's email client Outlook.

That there were several lines of idiocy even then was unmistakable. Microsoft's penchant for hiding file extensions, and then implementing this idea in such a typically slipshod way, led to the first line. Microsoft's incredibly stupid scripting technologies were the second line. The wide-open vulnerability of the Outlook address book was the third line. And the use of IE rendering technology, with all the concomitant holes, in the email client Outlook was the fourth line.

Lots of lines.

There's a Scandinavian proverb.

If you want to make a stone wet, spit on it many times.

Looking at that $132.4 billion - that's a lot of spit.

Once the furore around ILOVEYOU subsided, alert people noticed that little had changed, and that similar attacks would be possible, and someone even went out of their way to introduce a new worm called AnnaK just to prove to people that they hadn't learned anything. The attempt was futile; reason fell on deaf ears.

But that was then, in the late winter of the year 2000. Almost four years have passed since then, and the level of attacks grows, as does their severity. The world seems resigned to let the skiddies kick the shit out of them time and again, when all they would ever have to have done is leave that Microsoft stuff behind. That's all.

And still they don't.

There is no reason to lament the costs of malware attacks. Corporations everywhere - and many Fortune 100, as has been pointed out - refuse even today to recognise the first line of idiocy.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.