Update: It Isn’t Over Until The Fat Lady Starts Writing Viruses

By | November 24, 2011
 Fridrik Skulason’s open letter draws attention to another point: that while Sobig.F was scheduled to die out on Sept. 10, we might just have been lucky this time. He compares the two recent attacks — Sobig and Blaster — and concludes that if the guy or guys who write the next version of Sobig look closely, they may combin the two and create a real monster:
 
“With Sobig.F scheduled to die out today, Sept. 10th, the problem might go away for a while – until the next similar worm appears. And this is the scary part. Sobig.F didn’t really infect that many machines world-wide, maybe only 200.000 or so. This is only a fraction of the number of machines infected by Msblaster (Lovsan). Now imagine a worm combining the distribution method of Msblaster with the mass-mailing feature of Sobig.F. The flood of traffic might practically render the Internet unusable.
 
“Eventually, some virus author will create a virus like this, maybe this month, maybe in a few years, but it will happen.”

Update: How Anti-virus Companies Are Making Things Worse

By | November 24, 2011
 Fridrik Skulason, founder of anti-virus maker FRISK, has fired off a broadside about a problem I looked at in recent postings and my last Dow Jones column (sorry, subscribers only…): that some anti-virus companies are partly to blame for the recent e-mail flood generated by the Sobig.F worm. In an open letter, he wrote: “What I am referring to is the large number of incorrectly configured mail filters that respond by sending a “virus alert” to the ?From:? address. As Sobig.F falsifies the ?From:? address, these e-mails just clutter up the mailboxes of innocent, non-infected people. These messages cause unnecessary annoyance and worry, as they typically (and incorrectly) claim that people have sent out a virus.”
 
He concludes: “I have only one word for this: Stupid!” Exactly. I believe this is a sign that many anti-virus manufacturers have not kept up with the developments of the past year, when viruses have become smarter. These companies should recognise this and either close their doors or wise up. It’s not acceptable to add this extra layer of trouble, especially if they’re charging for it. I’m going to start publishing names of the companies involved. Submissions welcome. This kind of thing makes me cranky.
 
 
 
 

News: An End To Non-Sleazy Spam?

By | November 24, 2011
 While we talk about spam a lot, we don’t always acknowledge there are different kinds of spam: the incredibly sleazy stuff, and the less sleazy stuff. This second type is called opt-in, meaning that the spammers reckon they’ve asked your permission before sending you stuff. Sadly this is rarely the case: they just lie, by including some dodgy line about ‘you agree to receive mail from us when you joined the Dodgy Goods Which Fell off the Back of a Pickup Network’ or somesuch. I’d like to see these guys hounded as much as the sleazy underwear-to-work wearing spammers. A decision in the UK may make this the case.
 
According to out-law.com, a magazine exploring the legal side of e-commerce, the UK’s Advertising Standards Authority has ruled that you need to check for explicit consent before using a marketing list for an e-mail campaign, even if you believe in good faith that the list comprises only those who opted to receive marketing. The case, out-law.com says, will resonate among e-marketers who face a major consent problem when trying to exchange e-mail address lists. Hopefully for us end-users, it may make a decline in this absurd pseudo-opt-in spam that’s just as annoying as sleazy spam.

News: Spying On The Internet

By | November 24, 2011
 Sometimes I wonder what the Internet is going to look like a year down the track. Spam, viruses, and now the RIAA are changing the landscape. Here’s what : network spying. ZDNet reports that the University of Wyoming and a company called Audible Magic are developing technology that looks inside students’ file swaps for copyrighted music, with an eye toward ultimately blocking the transfer of such material.
 
Audible Magic’s technology specialises in identifying songs by their digital “fingerprints”, or acoustic characteristics. By joining up with a company called Palisade which provides network-security technology, the joint product is designed to intercept all traffic on a network, make a copy of it, and then make a running examination of that copy for items such as Kazaa or Gnutella traffic. When it finds digital packets originating from file-swapping software packages, it will compare the contents against Audible Magic’s database of fingerprints. If it finds a match to a copyrighted song, it will stop the transmission of a song in progress, even if some of the file has already been transferred.
 
The software is aimed at networks like universities and ISPs, who can of course refuse to install it. But what happens when the music business starts sueing them, as well as end users?
 

News: Could Blogs Be The News?

By | November 24, 2011
 It’s a familiar theme, but Steve Outing is always interesting to read on anything, so when he takes a look at how blogs could change news reporting, I’m all ears. His latest column suggests that, “It’s time for increasing the speed of news sites — to that of television news — and Weblogs are the way to do it. And it’s time to stop thinking of blogs mostly in the realm of feature and opinion content, and move the concept into breaking news.” Interesting angle. I certainly think news organisations must take blogs more seriously, and realise that it’s no longer enough to file stories through traditional channels, in traditional ways.