The American Enterprise Online

Computer Sense, Virus Nonsense

by Howard Fienberg
December 18, 2001

Every week seems to bring the Internet’s apocalypse a step closer. Denial of server attacks crush popular commercial sites. Pro-Bin Laden hackers try to assault American and Israeli web servers. Most recently, it was a computer virus.

The “Goner” e-mail virus arrives in an e-mail message with the subject heading of “Hi!” The text reads: “How are you ? When I saw this screen saver, I immediately thought about you. I am in a harry, I promise you will love it!”

I don’t think any recipients feel all warm and fuzzy. The Goner virus – actually called a “worm” – searches for and deletes anti-virus and firewall protections. Users of Microsoft (MS) Outlook and the Internet chat application ICQ found that Goner then sends itself to anyone in theiraddress book, rapidly spreading trouble worldwide in a matter of minutes.

The Goner virus, like most, had to be activated by the recipient. The attached file, “goner.src,” had to be clicked on to launch the virus. People who received the previous week’s email baddie, “BadTrans,” had no such luck, as it was capable of launching itself without the user moving a muscle. Thankfully, viruses like that are rare.

Interestingly, if you don’t use MS programs, you are usuallyreasonably safe. Why? Not to slam tech-giant Microsoft–for better orworse, I’m a regular user–but most e-mail worms and viruses single out Bill Gates’ applications. Their sheer size and complexity inevitably creates dozens of security holes. Internet mischief-makers, who tend to demonize Gates anyway, are only too happy to take advantage of his company’s mistakes.

Similarly, the Internet’s complexity renders it a system with aninfinite number of security holes. President Bush’s special advisor on “cyber-security,” Richard Clarke, regularly sounds alarm bells about an impending “digital Pearl Harbor.” Nowadays, most viruses don’t require a talented hacker to produce them. There are many places on the Internet where an aspiring “script-kiddie” (a derogatory term hackers use to delineate themselves from the untalented masses) can find programs to write and disperse the virus of his or her choice, all with a few keystrokes.But even if we heed Clarke’s warnings, what can we do? Rob Rosenberger, who dispels computer virus myths on Vmyths.com, had a sarcastic solution in response to the Code Red virus this summer: “Let’s just shutdown the Internet for safety reasons. Call it a failed experiment.”

Let’s face reality; no system can ever be truly secure. No matter how hard techno-geeks work to immunize our networks from harm, there will always be others who can find a way to break through. That does not mean that we should just give up and not try to protect our electronic selves. There is no sense making it easier for any malingering hacker to crash your computer. The evolution of technology and know-how in computer security is an ongoing race.

We certainly ought to do a better job of keeping our anti-virus and firewall protections running and up to date. In addition to this kind of expense, we also need a more vigilant approach to our own responsibilities.

While it is advisable to bulk up your anti-virus and firewall protections, the simplest and most effective safeguard available cannot be purchased, downloaded or installed. It will definitely save you from a lot of on-line headaches.

It is called common sense. Try it the next time you feel the urge to point and click.

—Howard Fienberg is senior analyst with the Statistical Assessment Service (STATS), a nonprofit nonpartisan research organization in Washington, D.C.


return to Howard Fienberg's page