Virus mania often a hoax
USA TODAY
Despite the ominous virus warnings inundating e-mail in-boxes,
especially this time of year, there's actually little to worry about.
In fact, 8 of every 10 e-mail messages about computer viruses received
by the Department of Energy's Computer Incident Advisory Capability
(CIAC) team are hoaxes, says security analyst David Crawford.
The most famous is the Good Times virus, he says. The warning, which
has been making the rounds since at least 1994, tells readers (in all
caps, with lots of exclamation points) not to open any e-mail with the
subject line ''Good Times'' because doing so would physically destroy
their hard drives.
That's impossible, says Rob Rosenberger, a self-proclaimed debunker
of hoaxes and the creator of the Computer Virus Myths Web page:
''E-mail is text-based. Just reading a message with your eyeballs can't
do anything to your computer.''
Most hoax e-mail falls into one of three broad categories: outright
hoaxes, chain letters and misconceptions.
-- Hoaxes claim to warn the user about some horrible virus that can
damage their computers or delete their files. Recent examples include a
threat that opening mail with the subject heading ''Win a Holiday'' can
destroy hard drives, as well as the AOL 4.0 hoax, which claims that
computer code in AOL's newest version allows company executives to
snoop in users' hard drives.
-- Chain letters urge readers to take some action. Recent infestations
include one urging recipients to protest a (fictitious) plan by the Federal
Communications Commission to implement a per-minute fee for
Internet users, and numerous petitions to save, variously, ''Sesame
Street,'' National Public Radio and the entire Public Broadcasting
Service.
''The chain letters may have been real at one time, but they're being
circulated so widely that they do far more damage than the things
they're warning against ever could do,'' says Bill Orvis of the Computer
Incident Response Advisory, based at the Lawrence Livermore
National Laboratory near San Francisco.
-- Misconceptions include computer security loopholes that do exist but
only in very specific cases. Take the so-called mIRC Ananas worm,
which actually is a problem but only on certain client software for a
specific Internet Relay Chat program. If one is using that program, it is
possible to write a computer script that would allow one user to control
the workstation of another.
But mIRC users are a small subset of the small subset of the Internet
population that uses IRC. Thus, the dire warnings about the ''horrible
insidious new virus called ANANAS or SCRIPT.INI'' only apply to a
very small number of technically proficient Internet aficionados.
Still, warnings circulate, terrifying thousands who are at absolutely no
risk. And everybody who forwards such e-mail is guilty of perpetuating
hoaxes, no matter how high up the ladder they are.
''We're talking big companies, we're talking CEOs who are passing
them around,'' Crawford says. ''People have never been on the Internet
before, they get bombarded and they panic.''
One of the few ''dangers'' CIAC's Orvis worries about isn't a virus at
all -- it's the consequences of replying to e-mail ads, known as spam.
''The worst thing you can do with these guys is send them back a
'Please take me off your list' message,''' he says. ''That just confirms
that it's a good e-mail address, and then they can turn around and sell
it.''
o~~~ O |
