National   

Learning to live with the cyber-scourge

By Anand Parthasarathy

Bangalore Aug. 24. First it was the "Blaster". Then it was something called "Welchia" alias "Lovsan". And just before the weekend, yet another Internet `worm' dubbed Sobig.F (the `F' meant it was the sixth edition) was wriggling all over the world's networks, overwhelming servers and flooding individual Net surfers' email boxes with "loaded" messages innocuously titled "Thank You", or "Data" or "Wicked screensaver". By late Sunday, it appeared that the latest worm attack in an unprecedented assault lasting two weeks was "tapering" off.

But was this just a lull before the bigger storm slated for the second anniversary of the September 11 terrorist attacks in the United States? No one knows. More pathetically, no one — neither software manufacturers nor anti-virus specialists — can say with any certainty that they have fool-proof defences in place, against any potential virus attack on that day. Welcome to the first big bout of the cyber scourge in the twenty first century.

Most Indian Internet users, who used a dial up connection to download mail over the last fortnight, received at least some of the virus-laden worms. These quickly multiplied and soon overwhelmed corporate networks that receive mail on behalf of thousands of their own users.

In the case of Sobig, investigators tracked down 20 Internet Protocol addresses — other computers which the author had programmed to multiply and spread the worm.

These were all tracked down and shut off from the Net by Saturday — which may explain today's relative easing. All the recent attacks have been restricted to systems which run Microsoft applications like Internet Explorer under Windows. Macintosh and Linux users have been spared. This is usually explained away by saying Microsoft has a massive presence on 90 per cent of the world's computers, so it is the favourite target of every malicious hacker and virus creator.

While accepting this argument, experts are beginning to ask some uncomfortable questions. They ask why in this environment of constant danger from viruses, the company still ships software where all the obvious loopholes are not closed.

Rob Pegoraro, technology columnist of the Washington Post writes today: "In its default set up, Windows XP on the Internet amounts to a car parked in a bad part of town with the doors unlocked, the key in the ignition and a note on the dashboard saying `Please don't steal this".

He explains that WinXP in its Home Edition — which most of us use — still comes with five "ports" open, to run services like "Messenger Service" or "Remote Procedure Call" which most surfers rarely use or need. The user must take proactive action to close these ports — but how many lay users have the time or the expertise to tinker with default settings? Someone sets up the software for them when they buy the machine and they use it to do what they want to do. When the whole idea of software like Windows is that it is meant for `dummies', why does it require a programming specialist to set it up for maximum security. In contrast says Pegoraro, the Apple Mac OS X is shipped with zero ports open to the Internet.

Last week, many Indian users struggled with a "Catch 22" situation. When they were afflicted by Blaster or LoveSan, the virus mimicked the Remote Procedure Call of a Windows NT machine and popped up a screen which said the computer was being shut down in 60 seconds. If they had installed a standard anti-virus software from AVG, Symantec, McAfee, Trend Micro etc, they also got an alert asking them to remove the detected virus by doing a full disk scan. But before they could do this, the RPC call in Blaster shut down their machine.

Microsoft has been very prompt in posting specific patches whenever a new vulnerability is discovered, and indeed users are being lectured by software and anti-virus companies: If only you had regularly updated and installed all the patches we issued, you would have been safe. This is easier said than done. A typical update from Microsoft takes so long that most users in India who have to work with extremely slow connections, cannot get the full download before there is a break in the connection.

So can anything be done? If you are a `Janatha' Internet user — the answer which no software or virus-buster will give you straight is: sadly very little. You can download the latest patch from Microsoft. You can update your anti-virus software. All this is free.

But it will keep your machine virus-free only till the next time, when a nameless, malicious programmer somewhere out there, figures out the next vulnerability in the world's most pervasive computing environment.

The patches and fixes will come — but they will be cures not prevention.

Printer friendly page  
Send this article to Friends by E-Mail

National

News: Front Page | National | Southern States | Other States | International | Opinion | Business | Sport | Miscellaneous |
Advts: Classifieds | Employment | Obituary |

Stories in this Section

• Discussion on for new RS nominees
• Kharazzi meets PM, Sinha
• Cong. ignoring freedom fighters, alleges Modi
• Unions want Govt. to challenge SC verdict
• Mayawati promises 'Spicy news'
• Mayawati Govt. will fall: Ajit Singh
• Munde, 'president-elect'
• BJP hits out at Sonia
• BJD, BJP fail to reach accord on civic polls
• Heavy rain claims 15 lives in Gujarat
• Peace process will be time-consuming: Mufti
• Ordinance to convert IDBI into a bank ruled out
• A virus primer
• Learning to live with the cyber-scourge
• Taking a peep into the universe of the distant past
• `PM will not shy away from meeting anyone'
• ILO asks India to reaffirm trade union rights
• Militants will support peace moves: Hurriyat
• India must keep off from Sri Lankan peace process: Swamy
• Four IIT students expelled for ragging

Copyright © 2003, The Hindu. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu