home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cuteskunk BBS
/
cuteskunk.zip
/
cuteskunk
/
Virus
/
Virus-Magazines
/
CryPt2
/
crypt36
< prev
next >
Wrap
Text File
|
2003-06-29
|
79KB
|
1,718 lines
CRYPT NEWSLETTER 36
March-April 1996
Editor: Urnst Kouch (George Smith, Ph.D.)
Media Critic: Mr. Badger (Andy Lopez)
INTERNET: 70743.1711@compuserve.com
crypt@sun.soci.niu.edu
┌─────────────────────────────────────┐
│ Contents: Crypt Newsletter #36 │
└─────────────────────────────────────┘
THIS ISSUE
MEDIA
Lyndon LaRouche's Web site: Dangerous lunatics and economic calamity
BOOKS
"Bandits on the Information Superhighway" -- Helpfile for the clueless
Tsutomu Shimomura's "Takedown" slagged . . . again
NEWS
Still more songs of the cyber-doomed [One in a continuing series]
The Exciting Game Without Any Rules: Viruses in Winword Documents
Sun Microsystems admits to unintended feature in Java
SOFTWARE
Thompson Network Software gets an offer it cannot refuse
MISCELLANY
Letters page
Crypt Newsletter Hypertext
Crypt Masthead Info
Credits/Acknowledgment
BLAME IT ON BRITISH SPYMASTERS: EXTREMIST LYNDON LAROUCHE'S
ELECTRONIC SCREEDS ON INTERNATIONAL ECONOMIC FAILURE AND
UNRESTRAINED BAD TASTE IN THE U.K.
Late in March, Crypt tuned into a William Buckley-hosted debate
on the Communications Decency Act at the University of Southern
California. In attendance were a brace of cyber-pundits
-- almost indistinguishable in nature from the Beltway talking
heads one has become accustomed to being regularly nauseated by
on the evening news -- ready to argue the pro and con. First
up were weird Arianna Huffington and the pugnacious Susan Estrich,
a law professor in southern California. It took about five minutes
of adversarial carpet-chewing for Crypt Newsletter to realize the
debate wasn't really about filth or free speech on the Internet.
It was about posturing and being appropriately choleric when one's
face was on camera. Arianna and Susan waved their arms and
gesticulated wildly -- grimacing, mugging and winking for effect at
the audience. If the sound had been turned off a casual observer
would have suspected they were either being bitten by chiggers or
plagued by unusual nervous tics. Suddenly, it looked like the
ubiquitous John Perry Barlow was about to speak, so quite naturally,
Crypt turned off the television and went looking for something
interesting to report on: political extremist Lyndon LaRouche's Web
site, being one example.
LaRouche is running against Bill Clinton in the Democratic primary
this year. Although he has no chance, LaRouche nevertheless bought 30
minutes of prime-time immediately after Dan Rather on CBS earlier
in the week. During the half hour show, the Viriginia-based
candidate commented about economic doom and called Newt
Gingrich and his followers "Hitler-type criminals," drawing them
into a hard to follow warren of malevolent conspiracy linking Wall
Street bond marketeers, members from the Bund of the media elites,
powermad elements said to be lurking in British intelligence and
Chinese nuclear-tipped missiles.
In 1994, LaRouche was released from a Minnesota federal prison after
serving five years for fraud and conspiracy.
He immediately headed back to Leesburg, Virginia, to rejoin his
political organization and begin a run for the presidency in 1996,
a regular pursuit of his since 1972.
LaRouche served one-third of a 15-year sentence that resulted from
conviction in 1988 on mail fraud charges and conspiring to
defraud the Internal Revenue Service by deliberately defaulting on more
than $30 million in loans from supporters of his presidential campaign.
He has always published apocalyptic views attacking public figures and
international and government institutions. In the '80's, for example,
LaRouche regularly accused Margaret Thatcher and the English
royalty of conspiring with "drug pushers." LaRouche's antipathy
toward the English remains undiluted. They are, his page quizzically
insists, paragons of bad taste, a view also shared by ex-Crypt
Newsletter media critic, Andy Lopez. [Crypt Newsletter, however,
treasures its many readers in the United Kingdom.]
The British Commonwealth writes LaRouche, "controls nations
representing nearly thirty percent of the world population, and nearly
one-quarter of the world's land-area. Through the City of London, the
British monarchy controls not only the majority of the world's
financial speculation, but also over sixty percent of the world's
precious metals trade, and comparable portions of the world's strategic
minerals, fossil fuel, and internationally traded food-supplies. London
is also, incidentally, the acknowledged world headquarters for
international terrorism, and the principal center of pilot-production
for a large portion of international bad taste, as well."
Articles on the LaRouche Web site also make frequent reference to one
Lord William Rees-Mogg, a former editor of the Times of London, who is
repeatedly denounced as a dangerous lunatic and hated enemy of the
United States.
However, on LaRouche's Web page, reading about a political or public
figure deemed a dangerous lunatic is akin to sipping a fine brandy.
One can savor repeated draughts of it, enjoying its burnish and
flavor without danger of being taken for a common drunk.
In an extended economic analysis that races from sharp, witty
discussion to delirious gibble-gabble and back again many times,
ex-presidential candidate Phil Gramm is described in words taken
straight from the playbook of Hunter S. Thompson. Gramm is
"a savagely vicious greedy person with, as he himself says, no heart.
You cannot have a democratic government and a Gramm, Gramm's
policies . . . impossible."
Quite inexplicably, George Bush is nicknamed "`Rubbers' for his zealous
prosecution of the cause of birth control." Norbert Wiener and Alvin
Toffler are called brain-washers and ridiculed as "neo-paganist
cult[ists] of 'information theory.'"
A fabulated prophecy of complete U.S. monetary collapse is presented.
Much of it is about as understandable as that which is published on
Wall Street economics in mainstream media outlets. Unlike print
and TV media, however, LaRouche doesn't attempt to hide his fabulation's
unusual craziness behind a thin veneer of patronizing reason. LaRouche's
prose also happens to be more entertaining:
". . . from under the collapse of the [economic] bubble . . . the
scramble becomes a panic. Consider a panic operating globally, at
computer speeds, long pathways of contemporary cable and satellite
communications: The panic zooms, hyperbolically, into a `reversed-
leverage' analog of a thermonuclear explosion: an implosion which
causes the disintegration of virtually every financial and
central-banking monetary institution of the planet, within a lapsed
time of hours, 48 to 72 hours at most."
To prevent this coming economic thermonuclear spasm, Larouche explains
the U.S. must declare "bankruptcy." "Chapter 11-style . . . is the
precondition for success of those governmental measures needed to
organize an immediate economic recovery."
" . . . the President of the U.S.A. declares the Federal Reserve
System as a whole to be bankrupt, and places it under the equivalent
of `Chapter 11' financial reorganization."
Success after national bankruptcy is eventually measured by the number
"of new productive work-places filled, and in the ration of both the
unemployed and the uselessly employed (such as financial-house
employees) transferred into productive work-places."
Even the footnotes of LaRouche's Spenglerian opus are a stitch:
"14. The two most exemplary of influential events of 1964, are the
publishing of Robert Theobald's 'The Triple Revolution' and
the staging of the imported Beatles on CBS's Ed Sullivan
Show . . . What is recognized as the `rock' cult-fad spread since
that 1964 appearance the Beatles, was a joint creation of
satan-cultist Aleister Crowley's followers and the `wise guy'
financier interests of the recording and concert mafia. Even a
decade and a half earlier than 1964, through his fight against the
irrationalist cult-dogma of `information theory,' this writer was
already familiar with the establishment circles who played a key
role in steering the anti-civilization cultural-paradigm shift of
the 1960s and 1970s. In Boston, this featured Air Force and RAND-funded
projects at MIT . . .
"17. Lord [William] Rees-Mogg has proposed that 95% of the population
should receive no education at all. He has proposed that the educated
[five percent] creating Alvin Toffler's `information' in isolated
places, such as perhaps the islands of the English Channel, will supply
the future world all the needed wealth of a global `Third Wave'
utopia.
"18. There is a continuing, hysterically lying effort from high-level
mass news-media and other circles, to deny the conclusive evidence,
that former U.S. Secretary of State Henry Kissinger has been,
officially, an agent of influence of the British foreign-intelligence
service during more than 50 years to date, since early days in Wilton
Park training, at Harvard . . ."
LaRouche's page also features conspiratorial claims which mention
something of a nefarious plot by British spymasters to discredit him
in the pages of the Washington Post.
So, given the choice between watching celebrity cyber-pundits and
their amen choirs arguing about communications decency and the Internet
on TV solely to boost fees at their respective speakers' agencies
and Lyndon LaRouche, Crypt chooses LaRouche for the reasons mentioned.
He's actually more interesting.
The Lyndon H. LaRouche Web page -- http://www.clark.net/larouche.
DAN BARRETT'S "BANDITS ON THE INFORMATION SUPERHIGHWAY" DELIVERS
NEEDED DOSE OF REALISM
"Bandits on the Information Superhighway" by Daniel J. Barrett (O'Reilly
& Associates, Inc., ISBN 1-56592-156-9) is the kind of piquant
book one wishes could be included as a "users manual" for every
new subscriber to an on-line service this year.
As a tutorial on sensible use of the computer and the Internet, it's
strong on encouraging common sense and critical thinking as a way
of solving problems. This makes it a rare bird in a world of publishing
that rewards techno-gobble, content judged by the pound, and stock
recipes of idiot savant computer commands.
A case-in-point includes the book's dealing with on-line swindles.
If you think cash pyramids and chain letters are ploys aimed at the
feeble-minded and gullible, why think differently just because you're
in front of a PC keyboard? "Bandits on the Information Highway" supplies
illustrative examples of the types of sucker solicitations one can
expect. Once you've seen a few, you'll know them all.
If you're being hassled by electronic mail from a cyber-pest or
advertiser, rather than collapse in a panic, Barrett's book
features convenient sidebars that tell you how to review your
electronic mail, read the proper point-of-origin from it in 90 percent
of cases and use the information to look up the Internet service
provider it originated from. Then it's up to you to use electronic
mail or get on the phone and raise some polite Hell. Sometimes, besides
relying on liberal use of the delete key, that's all it takes.
"Bandits" is near perfect in its treatment of phlogiston disguised as
news that floats in over the modem. Barrett retells the phenomenon of
the Good Times virus hoax. As a bit of cleverly written twaddle, Good Times
exploited the naivete of PC users and has been accepted as fact
in the heads of too many administrators with on-line connections over the
last two years. Barrett doesn't expect Good Times to be stamped out by
reality, but if you read this book and someday receive a memo on a similar
crazy tale from well-meaning chowderheads elsewhere in the bureaucracy,
you'll be properly immunized.
Likewise, when you spy some bit of breathless hype on the menace
of cyberporn, or whatever flavor of Internet petty outrage is current,
it will barely ruffle your feathers.
As for predictions, Barrett and a staff of colleagues try to be
realists rather than futurists. Spam and nuisance advertising is
going to stick around for awhile but eventually will be curbed by
Internet service provider controls -- some formal, some informal. Old
scams will use up their effective life, new ones -- perhaps not as
obvious -- will take their place. The media will do a better job
of reporting on real issues. The last one's the only one Crypt
disagrees with. Internet and technology flacks will always be a
terrible plague.
Crypt News can't recommend "Bandits on the Information Superhighway"
enough. It even looks like excellent required reading for the totally
clueless.
HOTPANTS: SHIMOMURA TAKES DOWN PARAMOUR'S BLOOMERS BEFORE ENTERING
JACUZZI -or- ANOTHER AMUSINGLY HOSTILE REVIEW OF "TAKEDOWN"
Reprinted from Computer underground Digest, March 21, 1996.
http://www.soci.niu.edu/~cudigest
TAKEDOWN: The Pursuit and Capture of Kevin Mitnick, America's Most
Wanted Computer Outlaw--by the Man who did it. Tsutomu Shimomura
(with John Markoff). 1995. New York: Ballantine. 324 pp. $24.95
(cloth). Reviewed by: Jim Thomas.
Despite the pretentious title, TAKEDOWN is a subtle and complex
narrative of emotional angst, indecision, alienation, and
romance. Against the backdrop of the seamy underside of computer
culture, TAKEDOWN deconstructs gender relations in contemporary
society by depicting a lovers' triangle of dependence and
co-dependence played out in hot tubs, ski lodges, and at computer
consoles. John Markoff cleverly uses the "as told to" literary
style to create distance between author, story narrator, and the
subject, a young California woman named Julia. This ingenious
layering further heightens the isolation of Julia from the
reader, creating a pathos rarely found in contemporary
literature. Markoff skillfully combines irony with a playful
stylistic pastiche in juxtaposing Julia's dramatic complexity
with the mundane vision of the unsympathetic narrator.
Small wonder, then, that TAKEDOWN made it to seventh place on the New
York Times Business Best Sellers and may eventually be a movie.
We learn that Julia (to be played by Claudine Longet) is beautiful,
in her mid-30s:
A tall, graceful woman who is strong and wiry, and who often
wears her hair drawn back in a braid . . . With an intense gaze
and blue-gray eyes, Julia was often introspective but also
quick to laugh. She was a talented yoga teacher and had an
ethereal quality . . ." (p. 7-8).
She's also very bright (a computer programmer). But, as we learn from
Skiamour, the tale's narrator (to be played by Spider Sabitch), who
depicts her as an emotional flake even while lauding her feminine
charms while trying to woo her affections from her boyfriend, she's
co-dependant on her boyfriend's hangups and has a few of her own.
But, her primary character flaw seems to be that she won't leave her
boyfriend for the skier.
The story opens with Julia flying back from Bangkok, looking for
someone to pick her up at the airport. Julia's boyfriend John, a
nationally-respected computer wizard (to be played by Andy Williams),
is visiting relatives over Christmas. In his absence, she asks a
friend of her boyfriend to pick her up, maybe because he drives fast
(310 klicks in a snowstorm in under two hours?) or because he's macho
(he even carried his ice pick through airport security and "nobody
even blinked"). Or, maybe Julia likes self-absorbed skiers who race,
serve in the Nordic ski patrol, teach skiing, and in their spare time
do computer programming. Or, maybe she's a sucker for guys who speak
in "kilometers" instead of miles.
Julia quickly ends up in the jacuzzi with Skiamour at John's house,
splashing amidst fronds of fern and four overhead spotlights that
dimly illuminate each corner of the tub and steamy air. "This is
just amazing," murmurs Julia (p. 13), relating tales of Sherpa
guides, mountain trekking, and birthday blessings from a Tibetan
Lama. Skiamour, in turn, told tales of unforthcoming research grants
and stupid bureaucrats. Then, lost in thought and perhaps overcome by
the steamy silence (and, of course, the absence of her boyfriend), he
proposed. Well, almost:
"I want to tell you something I've been thinking about," I said.
"I've thought about a lot of things while you were away. I'd
really like to try having a committed relationship with you, if
you're willing to." (p. 20).
Julia remained silent, but reached over and held him closely. "Why
don't you come with me and live in the mountains?" he asked. "You can
come ski and it will be good to be outside."
Careless readers might see such dialogue as simply banal. But,
in fact the dialogue--and it occurs throughout the book--further
illustrates Markoff's ability to heighten the contrasts between
the sympathetic Julia and the shallowness of Skiamour.
The idyllic love-fest, however, is interrupted by one or more
computer hackers breaking into the boyfriend's computer, then into
Skiamour's computer, and even into his voicemail. One of the hackers
was Kevin Mitnick (to be played by Matthew Broderick), which sets up
the chase in which Julia follows him (Skiamour, not Mitnick) around
the Bay area, and eventually across the country, as they pursue their
quarry from system to system.
Things heat up when the boyfriend returns. Skiamour calls John to ask
about the computer probes, and learns that "he had become
increasingly uncomfortable about my contact with Julia. It was a
strained conversation." Now, if a friend of mine had been snookering
up to my girlfriend in my hot tub professing love to her and steamily
proposing a committed relation while I was away, I'm not sure that
"uncomfortable" about his "contact" is quite how I'd describe it.
Let's see--Skiamour has taken Julia down in the hot tub in John's
house, in ski resorts, in....well, you get the idea. The book is,
after all, called TAKEDOWN. Contra the narrator's judgment, the boy
friend seems to be handling things remarkably well.
Julia remains torn between her two men. This doesn't make Skiamour
jealous. He's above such things, spending as much time with her as he
can, while simultaneously wondering if she's not being
self-destructive in her unwillingness to break off with her
boyfriend, presumably to spend more time on the slopes with him. The
boyfriend, however, seems to act jealous, despite "politically
correct" protestations to the contrary. At least, this is Skiamour's
interpretation. So, it must be true--he is, after all, a detached,
objective paragon of judgment in affairs of the heart and loins.
The yarn continues, with Julia and Skiamour hopping in bed, riding in
cars, hiking, and meeting hither and yon. Markoff (to be played by
Brock Meeks) paints a stark picture of an independent woman dependent
upon her men, unable to chose between them, unwilling to give up one
and commit to another. Julia is portrayed as the archetypical
new-age "gypsy professional," semi-rootless, no established career or
plans, and living on the economic precipice, needing the strong hand
and wisdom of a good man to guide her.
But, this isn't a "Rashomon" tale, and a reader might wonder how the
tale's denouement would differ if told through her eyes.
How does it all end? Ah . . . this is Markoff's mastery. His
naturalistic narrative shifts to a final trope of realism:
Relationships are never easily defined, resolutions are rarely clear,
and emotional angst isn't dissolved in a few hundred pages. And, as
in any good work, the reader is left wanting more of Julia.
Oh yeah. TAKEDOWN also has some stuff in it about Tsutomu Shimomura,
a Silicon Valley computer wizard obsessed with tracking down Kevin
Mitnick, who hacked into his computer and maybe (or maybe not)
harassed him via voice mail. The guy seems unlikable, perhaps because
he comes across like a megalomaniac who likes to ski and slam
everybody who he thinks is dumber than he, which seems to be almost
everybody, including The Well personnel, the FBI, hackers, students
who play practical jokes, bureaucrats, former employers, and most
other lesser mortals. Even John Markoff receives a few hits. Markoff
does an admirable job with the material available. But, frankly,
Shimomura simply is neither likeable nor interesting, and other than
his computer skills, there isn't enough "there" there to pull the
reader in. From his self-descriptions, I was left with the
impression that Shimomura is the Martha Grant of the computer
world--he does everything so much better than us.
His tracking of Mitnick is impressive, but lacks the flair and drama
of Cliff Stoll's chase in THE CUCKOO'S EGG. Other than the aura of
Julia, there is little humanity, compassion, or even a sense of a
strong morality play. Even Markoff's considerable writing skills
can't spin silk from a sow's ear. And, even one mixed
metaphor--hell, any(!) metaphor--might have broken the monotonous
self-righteousness of Shimomura's occasional mean-spirited
self-absorption.
Still, Markoff's writing salvages the work, and if one is able to
focus on the subtexts and avoid Shimomura's cloying egoism, reading
it is not an unpleasant way to spend an evening. Hopefully, there
will be a sequel sans Shimomura, and we can catch up on Julia's life.
Both it and she seem far more interesting.
Oh--and if, as one insider warns, you bump into Shimomura, don't
introduce him to your girlfriend.
TEGWAR: THE EXCITING GAME WITHOUT ANY RULES -or- COMPUTER VIRUS
FUNNY BUSINESS WITH WINWORD DOCUMENTS
In the baseball move "Bang the Drum Slowly" actor Michael Moriarty
plays a star pitcher who, in cahoots with one of his team's managers,
scams baseball groupies and assorted chumps out of their money with
a card game they call TEGWAR. TEGWAR isn't a game, it's a con in
which Moriarty and a cohort dupe people into falling for a pigeon
drop where they make up a mystifying set of rules masked by the ruse
of a legitimate card game. Of course, since no one can win a game
with no logical rules, Moriarty - or his accomplice - always pocket
the designated pigeon's betting money. When Moriarty's friend, a
dim-witted catcher played by Robert DeNiro, comes down with Hodgkin's
Disease, Moriarty finally lets him on the excellent secret of
The Exciting Game Without Any Rules, TEGWAR.
*
"DoD is dripping in Word Concept virus . . . "
-- An excitable fellow and insider who would
rather not be named.
*
Crypt Newsletter is now going to let you in the secret of one of the
software industry's latest versions of TEGWAR: the dilemma of the
Microsoft Winword viruses.
Taking advantage of the nature of Microsoft's Word for Windows, the
Winword viruses exploit an automatic function embedded in special
Microsoft Word documents. What this boils down to is that executable
instructions buried within documents prepared by Microsoft Word can be
written to perform the basic function of a computer virus: Make a copy of
itself and attach itself to another target. In this case, Winword
documents.
Designed to execute commands or executive routines embedded in
special documents - called .DOT files - Word has proved an excellent
culture dish in which to breed simple computer viruses. Because of
reasons which include the large installed user base of WinWord,
the way people promiscuously share documents produced by it, the
outwardly innocuous nature of the Word Concept virus (the most common
of the "macro viruses") and the lack of prompt interest in the
problem by Microsoft, the "macro virus" problem has run out of control.
A recent press release by the National Computer Security Association
stated even Microsoft has been snakebit by Winword viruses.
Predictably, this has led to a great deal of spilt blood in institutions
blind-sided by rapid distribution of the virus.
However, the idea of "macro viruses" wasn't surprising. Back in 1993
Crypt Newsletter published just such a virus for the Telix PC
communications program. [1] It infected other Telix sub-programs --
called scripts - which were simple lists of commands recorded into
files and executed on-the-fly by Telix. An example of this type of
sub-program, or script, could be one that called CompuServe and
retrieved personal electronic mail.
As it was written, the Telix script virus, named LittleMess, quickly
flashed a Stoned virus-type message on the screen, "Legalise Marijuana."
The possibility of this type of computer virus was also addressed by
examples written elsewhere in computer security circles predating
even then. However, LittleMess and others like it remained extremely
obscure curiosities. Winword viruses are anything but.
PART II: LOTSA CONSIDERATION
*
"Thank you very much, <put your name here>, for your thoughts.
This is something I've been giving a lot of consideration of
late. Sincerely, Bill."
---Bill Gates form reply to electronic mail.
[Uncovered by David Applefield, March 1996]
*
What has been a surprise about Word macro viruses is the industry
response to them. To understand the absurd nature of it, Crypt must
construct a parable minus the jargon and baffle-speak used in the
usual generic attempts to describe the Word "macro virus" problem.
Now, for the sake of our story, let's pretend for a moment that
Microsoft manufactures VCR's instead of operating system and business
office software. Microsoft has a dominant share of the market and has
just made a new model VCR. This model isn't significantly fancier than
the previous model -- just newer with some bells and whistles that
are nice but not absolutely essential.
Of course, lots of people immediately buy these VCR's and start playing
rented videotapes in them. Someone who's tinkering around or has
too much time on his hands, discovers that if he makes a minor,
almost invisible change or scratch in the plastic case of a rented
tape, it introduces a problem into the new VCR. This scratch makes
a part called the frammis fail. The frammis is put slightly out of
line and whacks the videotape housing and an adjacent part, called
the neo-frammis, also inside the VCR. This doesn't ruin the
videotape but it puts the same scratch into it, if it didn't have it
already. After a day, maybe a week, maybe longer -- development of
the frammis/neo-frammis whacking makes tapes being played show
up intermittently during play with an annoying white mistracking line
on the TV. No amount of fiddling with the tracking adjustment on the
VCR will fix it. Our tinkerer thinks this is clever and he's feeling
mean so he rents a tape - the most popular title, something like
"Busty Babes of the Bayou," "The Toolbox Murders" or "Forrest Gump" -
from Blockbuster. He puts the scratch in the videotape's housing and
returns it.
Now it has the potential to spread to everyone who has the Microsoft
VCR and rents this tape in the region.
Months later Microsoft VCR owners are calling the company in outrage.
Their VCR's are screwed up and local repairmen don't know what to
do.
[Now, in one possible world, Microsoft issues a massive recall,
identifies and solves the problem, and returns new, different
VCR's not susceptible to the problem to consumers. End of the
frammis/scratch problem except for those people who for some reason or
another don't follow the recall. Eventually, they stop using the
VCR or buy a different brand. Microsoft takes a big financial hit
for the quarter, but - hey - it's part of the business.]
However, in our world Microsoft sends a pack of cheap screwdrivers,
a replacement frammis that sometimes doesn't work and instructions
on how to fix the VCR printed on a paper the size of a chewing gum
wrapper. The instructions are written in Pig Latin. Quite naturally,
a lot of people can't fix the problem.
Other industry vendors rush to provide a solution. They supply a set
of slightly less cheap screwdrivers, a replacement frammis that
works 75 percent of the time and instructions printed on a paper
that's the size of a legal pad but which no one bothers to read,
anyway.
More and more Microsoft VCR's play all screwed up but no one
seems too concerned. They keep buying the model. Everyone is
trained to use this model of VCR and they won't switch models because
they're afraid they won't be able to use other VCR's and will lose
the ability to rent and enjoy videotapes.
Microsoft even issues a few thousand free sample tapes that are
messed up with the frammis-buggering case flaw. This spreads the
problem even further -- generally to people who have VCR's that aren't
already messed up with it.
Eventually, well-meaning but clueless techno-geeks at Lawrence
Livermore National Lab issue a product advisory on the VCR. It
describes the problem and a new one that's slightly different
but more hazardous. The new one makes the frammis and neo-frammis
misbehave so wildly a big spark comes out of the front of the VCR,
frying the circuitry and ruining the VCR. Since the rental tape that
introduces the problem melts when this happens and cannot be returned
it never spreads as far.
The Lawrence Livermore National Lab memo reaches a lot of
people but 90 percent don't read it because it's too long. They
will only read things that don't exceed a half page or a screenful
of information. The Livermore National Lab warning [2] is pages and
pages of daunting techno-gobble. The ten percent that persist in
reading to the end have trouble grasping it because of language
like this:
"If you don't have the Microsoft cheap screwdriver and replacement
frammis set, you can use the Organizo-frammis to find and remove
the broken Frammis without making things worse. The first step is to
start the VCR and open the Organizo-frammis box. There are two ways
to open the Organizo-frammis box: 1. use the Tools Neo-Frammis
and press the Organizo-frammis; 2. use the File Omega-frammis
and depress the Organizo-frammis. In the Organizo-frammis box,
flip the Frammis switch, click the Open Frammis button, locate the
malfunctioning frammis and neo-frammis and close everything up. Back
in the Organizo-frammis box, select all the Frammises listed
in the file Omega-frammis and flick the off button to remove them.
Flick the Close Omega-frammis switch to install the new Frammis.
The Frammis is now fixed."
Frustrated, many home owners and businesses can't deal
with the Frammis problem-plagued VCR from Microsoft. While it's possible
to fix the contagious frammis scratch, bureaucratic entropy, apathy,
confusion and institutional impediments inevitably result in failure
because:
(1) Many victims of it cannot understand how the fix is to be made.
The national lab warning was terrifying in its difficulty to understand.
Microsoft's cheap screwdriver set doesn't work very well.
(2) Many victims don't have the time or expertise to fix the VCR right
so the de-frammis'd VCR becomes re-frammis'd very quickly -- about
as soon as they rent another videotape with the same contagious scratch
on it. This often happens two or three times before victims junk the
damn thing.
(3) Some victims bought a different frammis repair set from another
vendor but it only works part of the time or if they decide to use it.
Mostly they don't use it, though, because they don't care about their
frammis'd VCR.
(4) Many victims' bosses won't let them fix the frammis'd VCR because
it would cost money. Besides, says the boss, "We have someone whose
job it is to fix these things, thank you! But he doesn't answer
voice-mail today or was skinned by an ogre, I'm not sure which. Now
stop bothering me or I'll downsize you the next time we massage the
stock price for our shareholders."
(5) Or, victims think the frammis'd VCR is how all VCR's are supposed
to be.
A year later Microsoft markets a new, improved VCR not as susceptible
to the problem but the people who have the old, brokedown VCR's don't
get any trade value. They have to pay Microsoft just like everyone
else does. So some just stumble on with their crippled VCR's. Some
other VCR manufacturers who previously made VCR's that worked fine
all the time make new models capable of being screwed up as badly as
the Microsoft model even though they've known about the problem and
laughed at it for some time. This is called progress.
Now, if you retell Crypt's story to someone else we can here them
shout: "Hey, that's crazy! No way that could happen or they'd burn
people at the stake in those companies."
However, with a little cut and paste you can just plug Word viruses
back into the place where I put "frammis" and Word 6 for "VCR." Now
they'll say: "Yeah, it really stinks, but what can we do?"
This makes the Word "macro viruses" an almost perfect example of
TEGWAR - an exciting game without any rules - in the software industry.
The consumer or PC user in an institution uses Microsoft Winword
and is largely unaware that specific electronic documents handled
by it have the potential to bite him. Microsoft ignores the
phenomenon just long enough so it becomes solidly established
then generates a "fix" that works poorly and which must be
embroidered by other vendors. Still more software developers
jump into the breach with cures and advice - which take money - and
that don't guarantee anything because they are poorly understood,
poorly designed or a combination of the two.
Those trapped in Word macro virus TEGWAR lose money trying to
burrow through the electronic trash heaps of on-line services,
sifting and downloading information and software they can't
understand most of the time. They twist and turn in a seemingly
endless maze, buying software only to find it's the wrong software
for them. Squirming, they buy the correct software only to find
an obdurate supervisor won't let them use it throughout the
institution.
Increasingly aggravated, those infected by Word virus TEGWAR sometimes
see that pathogenic documents have the potential to spread the viruses
in interesting ways through heterogenous combinations of machines and
software with only one thing in common: Word's micro-environment.
But they also find that anti-virus software designed to control
infections is not quite so flexible.
Goaded by the lash of fragmentary, gossipy on-line electronic
phlogiston passed on as the biblical wisdom of computer gurus,
others trapped by Word virus TEGWAR run about in a blind frenzy
searching for Word "macro virus" protective software until realizing
in a moment of stunning clarity that they don't _use_ Winword!
So, the only rule that is a constant in Word virus TEGWAR is that
if you play, you lose cash money.
*
"Thank you very much, <put your name here>, for your thoughts.
This is something I've been giving a lot of consideration of
late. Sincerely, Bill."
---Bill Gates form reply to electronic mail.
[Uncovered by David Applefield, March 1996]
*
Additional notes:
1. The virus written for the Telix communications program was
originally called LittleMess. It was programed by a Dutch virus-writer
who travelled cyberspace under the handle of Crom-Cruach. Crom-Cruach
reasoned LittleMess was of only trivial interest because he thought few
people used the programming language interpreted by the Telix program
-- which his computer virus exploited -- for anything important. The
name of the programming language interpreted by the Telix software is
SALT. Hang in there because this is a point of serendipitous interest.
The US Navy also runs (or ran) telecommunications software it
calls - you guessed it -- SALTS. The Navy's SALTS terminal is a simple
Windows or DOS-running PC using little more than an off-the-shelf version
of Telix driven by a series of custom made Telix sub-programs (or "macros")
that create an elaborate communications system for the computer. The
SALTS program is an acronym for Streamlined Automated Logistical
Transmission System. The SALTS software used on Navy PC's is responsible
for logistical support and satellite-borne communications jobs ranging
through inventory and tracking of ship stock, software
management/distribution, Internet sessions and the sending and receiving
of electronic mail and USO telegrams. Since the software running on the
SALTS terminal is written in the same programming language exploited by
the LittleMess Telix virus, the SALTS PC can be easily infected by it.
In the average Telix-using hobbyist PC envisioned by the hacker
Crom-Cruach in 1993, this amounted to barely a few infections of
predominantly non-essential computer files. However, on an average US
Navy SALTS computer terminal, the same virus would create a much more
massive infection since the military's software relies on hundreds of
sub-program files that could serve as hosts for LittleMess.
2. The following text appeared in a Lawrence Livermore National Lab
alert on Word Macro viruses. It was supposed to be a clear
tutorial on ridding yourself of the Word macro viruses by hand.
No, Crypt Newsletter isn't tweezing it for effect:
"If you don't have a scanner or the protection macro, you can use the
Organizer to find and remove macro viruses without infecting your
system. The first step is to start Word and open the Organizer dialog
box. There are two ways to open the Organizer: 1. use the Tools Macro
command and press the Organizer button; 2. use the File Templates
command and press the Organizer button. In the Organizer dialog box
click the macros tab, click the Open File button, select the infected
document and click OK. Back in the Organizer dialog box, select all the
macros listed in the file and click the Delete button to remove them.
Click the Close File button to close and save the file. The file can now
be opened normally."
Crypt Newsletter challenges PC "help desk" employees to read that to
someone over the telephone.
Here's some more strangled syntax from the same memo:
"PROBLEM: Word macro viruses are no longer an isolated threat, but
they are a significant hazard to the information on a computer."
In fairness, the Lawrence Livermore National Lab memo, also known
as "CIAC (Computer Incident Advistory Capability) G-10: Winword Macro
Viruses," is an honest attempt to get some information on
a real computer hazard into as many hands as possible. It's also
possible for someone with good powers of concentration and a
middling-to-exceptional grasp of PC computing systems to wring
useful information from it. However, more and more, these types
of bulletins serve only to emphasize the disastrous point that the
average PC user in the home or business environment and the people
generating the technology very rarely speak language that is mutually
understood. That's a gold-plated guarantor for interesting times.
STILL MORE SONGS OF THE CYBER-DOOMED: THE TERMINATOR ANNOUNCES
VICTORY PREMATURELY; FIDO-SYSOP VOWS JUSTICE FOR "INFO-TERRORISTS"
[Another in a continuing line of stories focusing on electronic mail
mediated harassment and ill-mannered behavior within the Fidonet.]
The story so far:
Earlier this year, Burt Juda, an administrator for the Fidonet's
Internet mail gateway in Piscatway, New Jersey, announced the network
would lose his system as a consequence of a denial-of-service attack
on it by a couple of the network's ex-sysops, one of whom - The
Terminator - is familiar to Crypt Newsletter followers
of the Fidonet "cyber-doomed" news stories (Crypt 27 - 28).
The attack was carried out by forging subscription requests to Internet
mailing lists. The forged requests, some of which were routed through
an anonymous Internet remailer in Finland, some of which were merely
sent directly to Internet listservers, were written so it appeared
they originated from a score of Fidonet system operators. Return
electronic mail traffic from the mailing lists eventually overwhelmed
the patience of Mr. Juda and the capacity of his Fidonet/Internet
gateway.
In March, The Terminator declared symbolic victory in an electronic mail
message to the FidoNews, a weekly mail digest consisting of correspondence
from system operators and users on the network. However, other
connections from the Internet to the Fidonet still exist. In interview,
The Terminator commented to Crypt Newsletter that his e-telegram was
premature. The Terminator added he still maintains accounts on the
Fidonet to monitor his image and aid in intelligence collection.
Allen Taylor, a Fidonet bulletin board system operator and echo mail
moderator, has been a repeat target of the mail assaults. In a Fidonet
message, Taylor wrote that one of his Internet accounts had been bombarded
with nuisance and harassing mail at the same time as the attacks on the
Juda gateway, resulting in the loss of the account. In interview, The
Terminator took credit for the stunt, which resulted in a claimed volume
of 500 megabytes of nuisance mail arriving at the targeted Internet
service provider.
As a result of the continued harassment, Taylor said he had contacted an
attorney in Newport News, Virginia, with the aim of investigating what
could be done about threatening mail routed through an Internet provider
there. It was his intention to begin litigation, if possible, against
"info-terrorists."
In a baleful message posted to the Fidonet on March 7, Taylor wrote,
"The hands of justice [are] starting to tighten around the necks of
these cyber-criminals . . . "
ACCELERATING DEPLOYMENT OF JAVA TECHNOLOGY AMBUSHES THE UNWITTING
-or- SWELLING OF THE PURCHASE ORDER ACCOUNT FOR SOFTWARE IMMINENT
In late March, this from Compuserve's On-Line Today news service:
"A flaw has been discovered in Sun Microsystems Inc.'s
Internet-based Java programming language that could enable online
vandals to destroy files or damage computers that use Netscape
Communications Corp.'s Navigator Web browser software.
"At Sun's Mountain View, California, headquarters, Marianne Mueller,
a senior engineer specializing in security issues, acknowledged the
problem, commenting, 'This one is a serious bug.'"
Essentially, what is reported is that the security whole enables
malicious booby-trapping of Web pages with Java applications aimed
at wresting control of the receiving PC's browser.
While this sounds rather strange and off-putting, in a broad sense the
phenomenon isn't particularly new. For example, years ago,
simple boobytraps called "ANSI-bombs" could be hidden in messages on
bulletin board systems. The ANSI interpreter, a software device loaded
on machine start and necessary to view color graphics on a bulletin board
system, allowed remapping of keystrokes so that inadvertent finger-
fumble or seemingly harmless commands produced unexpected, sometimes
extremely vexing - even unpleasant - results.
The evolution of DOS and recognition of the hazard by communications
software developers eventually erased the annoyance of it for the
vast majority of typical PC users accessing private bulletin board
systems.
The Java fault appears potentially far more nettlesome because Java
operation on a machine is less trivial than "ANSI-bomb" mischief.
In addition, the much larger number of PC users wasting time on the
Web via Netscape browsers combined with the lower average level of
recognition of hazards associated with naive acceptance of even
minor or obvious poison apples from strangers -- viz., remote
computers -- tends to predict exciting times for those embracing
new technology simply because it appears to be the thing to do.
Sun Microsystems representatives, of course, promised a quick fix
for the problem. Quite naturally, Java supporters at Netscape
Communications Corp., the company that develops the Web browser most
likely to be subverted by Java security problems, also immediately
acted to apply damage control, insisting any potential hazard to
Web-surfers was remote.
In related news the same week, rampaging marketers at Symantec
announced to the world that it had invented the first
anti-virus scanner for Java viruses even though no Java viruses
had yet been concocted.
A Symantec press release said that while "no current Java
virus threats exist, there is a possibility that a virus could
be written."
Although the press release insisted no Java viruses had been written,
it named some anyway: [the Norton Anti-virus] "is configured to scan
Java applets sent over the Internet in .CLASS files, and can detect a
potential type of Java (Java Type I) virus that can be propagated by
modifying HTML pages . . . The new Java scanner technology can detect
another more complex, type of Java virus (Java Type II) that parasitically
infects .CLASS files."
But of course these viruses don't exist, according to the Symantec press
release.
Only the cynical would ask how did company representatives absolutely
determine it detected "Java Type I" and "Java Type II parasitic"
viruses?
However, Crypt Newsletter warns its readers such talk is careless spite
and surely the work of jealous Symantec competition.
So, Crypt reads this honest attempt at p.r. to mean that while, yes, it's
true there aren't any "Java Type I" and "Java Type II parasitic
.CLASS-infecting" viruses, Symantec has tested Norton Anti-virus against
them, anyway, so it's quite obviously imperative that everyone buy more
copies of Norton Anti-virus without delay or run the risk of being branded
irresponsible menaces to everyone using computers.
SOFTWARE: THOMPSON'S DOCTOR GETS AN OFFER HE CAN'T REFUSE
Fans of the anti-virus software known as The Doctor may be interested
to find ON Technology has acquired the Marietta, GA-based company.
With no prior involvement in anti-virus matters, ON has - in
effect - made Thompson it's anti-virus development arm.
"They made me an offer I couldn't refuse as opposed to an offer I
couldn't understand . . . which is what I usually get," Roger Thompson
commented puckishly to Crypt Newsletter recently. Thompson went on to
add that the merger allowed him to concentrate solely on the
technical end of the business, a focus he had per force sacrificed in
the last couple of years.
The Doctor anti-virus software was originally known as the Australian
import, Virus-Buster from Leprechaun Software, Pty. Thompson changed
the name when he split with co-developer Jack Kenyon. Kenyon returned
to the Australian market; Thompson stayed in Georgia to go his own
way in the United States.
Currently, Thompson said the most common viruses as far as he was
concerned were the Word viruses. Currently, ON is marketing
a special link library module for Winword that identifies, intercepts
and disinfects Word viruses within the word processor environment.
A Quick Overview
================
Thompson Network Software still offers its Doctor Windows/DOS anti-virus
program. The Doctor anti-virus scanner detected 80 percent of
file-infecting viruses in Joe Wells' current WildList in a simple trial.
It also detects the Word Concept, Word Nuclear and Word Hot viruses.
But if used as a brute force scanner for "macro viruses" The Doctor
must be configured after installation to scan Word documents since
the default file selection doesn't include them.
In tests, The Doctor did simple string-matching during identification
of computer viruses, saving a more rigorous absolute identity check
until just before file disinfection.
The Doctor's programs will generate a recovery diskette and are
still economical enough to fit in their entirety on one of them along
with a mirror file for the system area of the hard disk. The remainder
of the package contains Checksum, formerly known as Buster, which is a
check-for-changes module that offers some disinfection capability against
viruses unrecognized by The Doctor as long as its properly installed
on a clean machine.
Also included is a memory resident virus activity block and a program
that can replace the partition sector with one that will remove some,
but not all, standard partition sector virus infections. For example,
those scant few users dismayed by Michelangelo this year would have
been rendered immune to this virus by The Doctor's partition sector
protection, called DiskLok. DiskLok removes Michelangelo-type viruses
from the hard disk the first time the machine is restarted after
the virus infects it.
DiskLok operates by relocating the original partition sector to from
physical sector 0,0,1 to 0,0,2 on the hard disk. It replaces the original
with its own code and a small driver which are, essentially, an
auto-immune function and a password barrier called when starting the
machine from the hard disk. The password requirement is offered to
confer a moderate amount of access control to the hard disk if the
machine is started with a system diskette by a wandering cyber-pest
wishing to evade security. The auto-immune function writes its own
code back to the partition sector when it reads the hard disk and
observes it has been replaced by a partition sector-infecting virus.
In so doing, it nullifies the virus.
DiskLok uses the common trick of hiding the partition table so the hard
disk appears inaccessible to the operating system if the DiskLok
driver is bypassed during a diskette start. DiskLok also attempts to
mask and protect itself in the partition sector through techniques
common to stealth viruses. When properly installed, The Doctor
software takes reasonable precautions to ensure the hard disk is
recoverable if DiskLok's code becomes corrupted by virus, software
misadventure or confused users and hobbyists. However, as with all
such things, there are never guarantees.
Thompson Network Software, Marietta, Georgia: 404-971-8818
THE LETTERS PAGE: STRENGTH THROUGH OI - BRISBANE ANTI-VIRUS MAN
CHAPPED OVER BOZA/BIZATCH; ANKLE-BITERS; CORRESPONDENTS FROM
DICTATORSHIPS
Oi Crypt!
According to Ernest Hemingway, every journalist should have a good
bullshit detector. But I'd say it's a safe bet that many computer
journalists had good bullshit GENERATORS implanted in their frontal
lobes at birth.
Granted, some anti-virus companies have earned themselves well-deserved
reputations for thriving on their own bullshit, but, as you pointed
out in Crypt 35, Paul Ducklin's original press release merely stated
that Boza existed and wasn't in the wild. It was completely devoid of
scare tactics. "Running rampant in England" and "brought the
British Government to its knees" stories were purely figments of the
media's imagination.
I very seldom issue press releases these days. I became disenchanted
with the media's arse-about-face attitude towards computer viruses
when my early warnings about Junkie and Lemming (both issued some two
months or more before either became virus flavor of the month) were
totally ignored. Junkie and Lemming subsequently hit in a big way, but
only after they'd cost this country millions of dollars in downtime and
cleanup. Much of this money could have been saved if the computer
community had been forewarned. This taught me an important lesson:
The media would rather report on a virus disaster than help prevent
one. That's not my bag, so I opted out of the press release scene.
But on Day Two of the recent Boza HypeFest I came out of my
temporary, self-imposed exile and faxed every major newspaper and
computer weekly in Australia telling them the horror stories they were
publishing about Boza were pure unadulterated crap.
Journalists and/or their editors took exception to my use of
the term "media beat-up." Daily newspapers which had devoted
hundreds of words to Boza horror stories didn't print a single word
from me. One weekly -- ComputerWorld -- gave me one heavily-edited
paragraph but this was buried under the avalanche of bullshit in other
publications, radio and television.
Somehow a local radio station picked up on the press release and
phoned me a couple of days later for a taped interview. I gave them
the facts: The whole Boza thing was utter crap, that the wholesale
slaughter of computers worldwide just wasn't happening and that Boza
had virtually no chance of ever becoming a widespread threat. I
concluded by saying that if the media-generated hype kept escalating
at the rate it had been for the previous few days, by the weekend the
headlines would be screaming: "Boza Virus Kills President Clinton at
Keyboard." The interview never made it to air.
Boza fear and loathing continued to spread like wildfire. Maybe you
had only a "Boza mini-panic" in the USA, but in this part of the world
the horror stories created the kind of panic you'd expect from an
outbreak of bubonic plague.
In the first week I received 218 calls -- including one from the
government of a neighboring South Pacific country -- from everyone
ranging from home computer hobbyists to corporate and government IT
Security Professionals, all convinced that the dreaded undetectable
mass-murdering Boza virus had trashed their Windows95/NT machines.
I confirmed only SIX Boza infections. Four of these were at the same
site. The other 215 callers were victims of BozaBullshit. They'd seen
The King With No Clothes with their own eyes and he was wearing a Boza
badge.
The anti-virus industry's credibility was well and truly sodomized a
few years ago by a couple of well-publicized virus non-events. Thanks
to the efforts of a handful of snake-oil salesmen and self-promoting
prophets of virus doom-and-gloom the whole industry -- including me --
was tarred with the same brush. "AV'er" became synonymous with "panic
merchant" and "con man."
It took me a long time to shake off this image and re-establish
my credentials as the owner of a no-bullshit anti-virus company.
It's a constant battle for an ethical AV'er (contrary to popular belief,
such creatures really do exist) to maintain any kind of credibility
since some people in the industry go out of their way to keep shoring up
the snake-oil salesmen image on an on-going basis. It's almost as if
these geeks have a death wish and want to take the rest of us down with
them. I cringe every time I see a "100% detection and cleanup" ad in a
magazine or read a "brand new supervirus poised to destroy the world"
story. I know my credibility has just dropped a couple of points simply
by association with these tallywhackers.
This Boza thing will shove me and everyone else in the industry who
doesn't deserve it back in the snake-oil bottle for however long it
takes people to forget the beat-up. And it pisses me off that it's
down to "outsiders."
We've learned how to fight our way out from under piles of manure
heaped on us by the enemy within but now we're being bombarded
with the same kind of excrement from the enemy without.
In any case, just as the masses get the government they deserve,
computer journalists get the anti-virus contacts they deserve. I've
come to the conclusion, though, that very few of them deserve ME.
Keep on keeping the bastards honest.
I can't.
Rod Fewster, @ Softtech
[Crypt replies:
Thanks for the interesting memo, Rod! As for the Boza/Bizatch virus
brew, it was a fizzy drink that made the palate tingle just long enough
get us into late February which, you know, meant:
-=MICHELANGELO (Computer Virus and Anti-virus Software Promotion) DAY=-
Southern California TV stations were running ads for Norton
Anti-virus disguised as news the weekend before. The Boston Globe
published a tech column devoted to Michelangelo. Yes, four
years on from 1992 and some newspapers were still trying to squeeze
blood from the Michelangelo stone, thus demonstrating it had attained
the same yearly status in some places as any national holiday, perhaps
like Presidents' Day or the anniversary of Pearl Harbor. Subsequently,
the Globe story was passed along on Compuserve as a news and ad combo
for anti-virus software.
The Norton Anti-virus news piece on Crypt's local 11 o'clock TV
broadcast was, however, the best. The local reporter fluffed
the critical part: How to secure a copy of the Norton Anti-virus.
When the anchor said "just type GO SYMANTEC at your computer" Crypt
could just hear the distant gnashing of teeth and sodden wailing
emanating from the marketing department. The Symantec lesser demons
must have toiled for hours to place the video-byte. And then to see
the whole thing go down in flames when a stumblebum TV journalist left
out the key information: To "GO" anywhere you had to have an account
on the Compuserve Information Service.
The hog was in the tunnel and by midnite Symantec employee bones were
doubtless being ground into pemmican under a giant basaltic wheel in
some software industry dungeon, now part of a cautionary corporate
seminar and video presentation on the meaning of failure.
Back at our northeast Pasadena lab, Crypt imagined troubled PC users
sitting in front of their screens, pounding at the keyboard -- GO SYMANTEC
-- GO SYMANTEC -- GO SYMANTEC -- *!! -- to be mocked by the
inscrutable wisdom of the ages only a command shell can provide:
"Bad command or filename."
The unintentional poetry of the machine is sublime.
But, as you've written, there's no shortage of Philistines or the
pharisaical within the industry. Plenty of vendors - even your distant
brethren in the NorthAm Thunderbyte office - used Compuserve and the
fiendishly effective PR Newswire to launch a promotion on the broad back
of Boza/Bizatch.]
STRENGTH THROUGH OI: COMPUTER VIRUSES AS MARKETING TOOLS
========================================================
[Editor's note: Rod Fewster sent a second letter to Crypt which
continued the "viruses as tools of marketing" discussion. It is
reprinted in slightly edited form.]
Marketers everywhere exploit the media [as part of business practice]
whenever the opportunity arises. It's the nature of the beast. Just
look at your Presidential elections. The bullshit factor in the media
has increased by orders of magnitude since campaigning started.
Political shills implant IMAGES of a candidate in your brain until the
man behind the image is almost unrecognizable even though this is a
phantom that never existed and never will. You can end up voting for
a second-rate candidate because the people behind first-rate candidates
are too ethical to involve themselves in this type of "marketing."
Anti-virus shills implant IMAGES of data disaster in your brain until
you throw money at them to protect yourself against the predicted virus
holocaust. But it's a phantom holocaust which never existed and never
will. You can end up buying a second-rate anti-virus program because
the people who sell first-rate anti-virus programs are too ethical to
involve themselves in this type of "marketing."
The problem, as I see it, is that most people trust the media too much.
Blind faith in the veracity of the media allowed Orson Welles to panic
America into believing Martians had invaded Grovers Mill, New Jersey.
We laugh at this today, yet we believe implicitly that Neil Armstrong
walked on the moon because we saw it live on TV. If the TV reports had
told us that Armstrong stepped in fresh dog excrement we would have just
as implicitly believed the moon was inhabited by dogs. Can
we be 100% certain the whole thing wasn't a beat-up, filmed in a Hollywood
studio?
Crypt is right. There's no valid excuse for manipulation of the NEWS
media to increase sales by causing panic. ADVERTISING is a bullshit
medium at best. The big juicy freshly-cooked mouth-watering hamburgers
in the twenty-times-larger-than-life MacDonalds overhead display slides
bear little resemblance to the dry kept-hot-by-microwaves gloopcake you
find when you open the bag. But hype has no place (or rather SHOULD have
no place) in the news. A return to the days when we could rely on the
media to impart a factual no-bullshit warning about a new
virus would be nice. But I guess I'm just pissing in the wind by even
thinking about this. I doubt that it will happen in my lifetime.
Ethical anti-virus developers have no chance at all these days of getting
legitimate virus warnings across to the news. Professional bullshit
artists in the industry have a monopoly on the "we'll print anything
you tell us as long as you spend a fortune advertising in our rag"
media ear and computer journalists who still take pride in what they
write have been conned into printing codswallop many times by snake-oil
peddlers who try to boost their sales by conjuring killer viruses out of
thin air. Because of that, now they won't risk putting their names to
anything even vaguely virus-related until they check the facts and by the
time they've done this either an anti-virus company with a heap of
advertising clout has browbeaten the editor into printing a more
newsworthy (i.e.: padded with bullshit buzzwords and fifty times more
frightening) story or it's too late for the warning to be effective.
The loudest voices in the anti-virus industry belong to sharp operators
who know that the guy who shovels the most bullshit disguised as "news"
is likely to make the most sales. The more frightening he can make this
news, the more money he'll be able to loot from the pockets of those
who are gullible enough to believe it.
It's interesting to note that most virus holocaust predictions originate
from those anti-virus companies whose programs, even though they may be
"Big Name" programs, are rated mediocre -- or worse -- by reputable
independent testers. These same companies are the ones which invariably
make wildly exaggerated claims about their program's detection and/or
cleanup abilities in their ads.
However, the virus threat IS real. It's not a case of "if" you get hit
by a virus, but "when." It's a serious problem but it's nothing to go
into a blind funk about. Unfortunately, thousands, perhaps hundreds of
thousands, of computer users have been panicked into a blind funk by
bullshit artists and/or media hype and have rushed out and bought
poorly-performing anti-virus software which wasn't and never will be
worth the money they paid for it.
In a calmer climate these people could have taken their time, waded through
the hype, sought out decent advice, compared the features and functionality
and performance of the many available programs and ended up with value
for money.
I firmly believe that any anti-virus developer who releases "news" which
causes a virus panic and the danger is subsequently proved to be grossly
exaggerated has done so only to line his own pockets and should be
exposed as a confidence trickster and, if possible, prosecuted for fraud.
It's underhanded, unethical, and un-professional. It brings discredit on
the whole anti-virus industry.
The unfortunate thing about virus horror stories is that the public's lack
of understanding of viruses forces it to accept whatever it reads as fact.
It seems to me what usually happens in these cases is that anti-virus
shills feed the media a horror story to make sales. But it also
looks like media hacks added a few herbs and spices to the Boza story
to make it "hotter."
Rod Fewster
MASOCHIST ANKLE-BITER REQUESTS JUNK E-MAIL
==========================================
Dear Crypt:
I have just finished testing anti-virus software. Please send
me an e-mail bomb.
Your Crypt Newsletter is very helpful.
Cain Rosynbottom, Belgium
[Crypt replies:
I have forwarded your request to The Terminator and others. Orders
take anywhere from two to four weeks for delivery. Expect to have
to change your Internet Service Provider when your mail bomb
arrives.]
LONELY ANKLE-BITER ON THE ASIAN RIM
===================================
Dear Crypt:
Do you know how to use VCL virus-making software? I have some
problems with it and [would] like to ask [for] help from someone.
Thanks for reading my mail.
Mr. Sinn, Myanmar (the country formerly known as Burma)
[Crypt replies:
Crypt was going to send for Chad (the little man behind the wall
prominently displayed in the Crypt News Letters section) for your answer
but a second look at the country of origin suggested a more general
reply.
About three or four times a month Crypt receives e-mail queries for
advice on how to use Nowhere Man's Virus Creation Laboratory or requests
for computer viruses from foreign countries that either feature unusually
repressive governments or rule by dictators/military junta.
Crypt does not care or differentiate between reader requests (I generically
ignore them all) but assumes correspondents may fall into any of the
following categories:
1. Native student with Internet account.
2. Offspring of diplomat with Internet account.
3. Tourist or international businessman with laptop PC and Internet
account.
4. Law enforcement officers with Internet account and silly concepts
about cyberspace and computer viruses.
5. Tomfool military or political flunkies of a foreign dictatorship
entertaining quaint ideas about utility of high-tech spying
and "Information Warfare."
6. Generic 'Net surfer lacking even the barest shred of common sense.
However, let it not be said that Crypt does not care about its
readership.
Please dear readers, when sending e-mail to Crypt from within the
boundaries of a military dictatorship always consider that your Internet
service provider may be compromised. By nature, dictatorships tend
to be paranoid. Requesting computer viruses or information about
them may be sufficient grounds for institutional human rights violators
to consider putting you under surveillance as a potential
enemy of the state.
Crypt publishes letters from some readers and makes every effort to
decide when anonymizing an address is prudent. But Crypt may also
be far from omniscient with regards to the state of repression and
paranoia of your government.
Consider your poor mother! Think twice about sending any mail in
the clear that may enter you as a new candidate for a labor camp.]
AMERICA ON-LINE ANKLE-BITER NUMBER 5736
=======================================
Re: America On-Line! Welcome! You've got mail!
Please send me some info on how to obtain some VCLs.
Hacker #5736, America On-Line
[Crypt replies:
______
/ \
│ O O │
┬─┬─┬─┬─┬─┬─WW┬┴┬─ ┬─┼─WW┬─┬─┬─┬─┬─┬─
┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬ ┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬
┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴
┬┴┬┴┬┴┬┴ DOH! Check, M.O. or Visa ┬┴┬┴┬┴┬
┴┬┴┬┴┬┴┬for $5.98 to: VCLs, POB 4234┴┬┴┬┴
┬┴┬┴┬┴┬ Rockville, MD 13457-0122 ┴┬
┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴
Phone orders: 1-703-979-6472
Attention: Jimmie Hill
LOSCHE DIESES PROGRAMM
======================
Crypt:
subscribe crypt ewsletter [sic]
---Matthias Brunner, Univ. of Mannheim, Deutschland
[Crypt replies:
______
/ \
│ O O │
┬─┬─┬─┬─┬─┬─WW┬┴┬─ ┬─┼─WW┬─┬─┬─┬─┬─┬─
┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬ ┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬
┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴
┬┴┬┴┬┴┬┴ DOH! ┬┴┬┴┬┴┬┴┬
┴┬┴┬┴┬┴┬ GANZ FALSCH!! ┴┬┴┬┴┬┴┬┴
┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬
┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴┬┴
TENACIOUS ANKLE-BITER FRUSTRATED BY CHALLENGE OF BATCH FILE PROGRAMMING
=======================================================================
Subject: VIRUS CREATION
Hi Crypt:
I would like to make some viruses. No matter how hard I try,
I cannot. I can make boobytraps out of batch files but they
are not very good.
Doctor Batch-file, CompuServe
[Crypt replies: Using your favorite text editor, cut the next bit
of Crypt Newsletter out, save it to a file named CURE.BAT and
execute. Repeat as often as necessary. Call Crypt in the morning.]
-------------------------------------------------------<cut after here
echo off
:TRUCK
echo Your eyes are getting s-l-e-e-p-y! Ctrl-C to stop!
echo ▄▄▄▄▄▄▄▄█▄▄▄
echo ------ █Caning &█ \
echo --- █Corrections███
echo ▀▀ OO ▀▀▀▀▀ O ▀
cls
GOTO TRUCK
-------------------------------------------------------<until here
PLEASED READER REPORTS CRYPT IS FUNNY
=====================================
Hello:
Your job on Crypt has left me begging for more. Seriously, very
funny writing style you have.
Rob Coley
[Crypt replies: Thank you kindlee!]
-=The Crypt Newsletter welcomes thoughtful mail from readers at
crypt@sun.soci.niu.edu. Published letters may be edited for length
and clarity or anonymized to protect the naive from themselves.=-
REACHING CRYPT NEWSLETTER
Send software, books, or public-relations phlogiston for review
and consideration to:
Crypt Newsletter
1635 Wagner St.
Pasadena, CA 91106
E-mail: crypt@sun.soci.niu.edu or 70743.1711@compuserve.com
CRYPT NEWSLETTER HYPERTEXT
If you're reading this, you don't have it.
Crypt Hypertext can be registered through Compuserve's
on-line SWREG service.
To purchase a copy of Crypt Hypertext through your CompuServe account
simply use the GO menu and enter the keyword: SWREG. You will
be presented with a menu to identify your geographic location.
When prompted to search the software database enter the number:
# 9228 or the name CRYPT NEWSLETTER HYPERTEXT V. 1.0 and provide
the requested information.
You will receive a copy of Crypt Hypertext through US Mail.
Operating Systems - DOS, WINDOWS
Cost: $30.00 + $4.00 shipping and handling in US, Canada and Mexico.
+ $8.00 shipping and handling worldwide.
The database contains not only Crypt Newsletter 1992 - 95
but also a great deal of additional material and unpublished notes.
Where appropriate, additions have also been made to old
issues and articles to provide current perspective and background.
The database also contains a keyworded glossary and extensive
subject index spanning the length and breadth of the newsletter.
Cut and paste any information to your customized specification.
In the database you'll find comprehensive stories, tutorials
and news on:
--the computer virus underground and virus-writers
--the anti-virus industry
--on-line culture and sociology
--book reviews of current titles in security
--annals of computer crime & computer virus spread
--virus descriptions and history
--walkthrough simulations, imagery and displays - aural and visual -
from computer viruses and controversial virus-making software
toolkits
--discussion of legal issues with regard to computer viruses and
related computer crime
--extensive companion material for the author's book, "The Virus
Creation Labs"
--review of the mainstream media: the shams and scams reported as
real news. Take a skeptic's look at the information highway!
The Crypt Newsletter database is also extensible. Future
hypertext issues, distributed through CIS forums, can easily be
copied to the database's directory on your home computer and
seamlessly integrated into the collection.
The complete index of topics 1992 - 96 is on the Crypt News
Web page:
http://www.soci.niu.edu/~crypt
CRYPT HYPERTEXT ORDER FORM
---------------------------------------------------------
By Mail:
Return this form along with your remittance to:
COMSEC Ltd.
1545 Waukegan Road Suite 2
Glenview, Illinois 60025-2143
Orders: 800-754-8214
Support: 708-729-3565
Fax: 708-729-3575
Questions To: crypt@sun.soci.niu.edu
70743.1711@compuserve.com
ORDER:
[ ] ____ Crypt Hypertext(s) @ $30.00 each.
[ ] Regular mail shipping, please add $4.00.
[ ] US Priority Mail, please add $6.00.
Checks and money orders must be in U.S. dollars drawn on a U.S. bank.
Do Not Enclose Cash.
Total enclosed . . . . . . . . . . . . . . $______________
Payment by: [] Check [] Money Order
SHIP TO:
Name _____________________________________________________
Address 1 ________________________________________________
Address 2 ________________________________________________
City __________________________ State/Province ___________
Zip/Postal Code ________________ Country _________________
Telephone (______)________________________________________
CRYPT ON COMPUSERVE
Those readers with accounts on Compuserve can now take part in the
dedicated Crypt Newsletter message base and attached file library in
the National Computer Security Association special interest group.
GO NCSAFORUM and look for message base #20, Crypt Newsletter.
Current issues are on-line in the attached file library.
CRYPT NEWSLETTER WORLD WIDE WEB HOME PAGE
You can visit Crypt & The Virus Creation Labs on the
World Wide Web, download back issues and sample a chapter
from VCL!
Set your graphical browser (Mosaic, Netscape, etc.) to:
URL: http://www.soci.niu.edu/~crypt
ACKNOWLEDGMENTS - In one way or another, this issue couldn't
be the scintillating read it is without:
Bob Casas, Ph.D., of CPC Ltd.(COMSEC), Glenview, Illinois, for
hypertext & hyperlinks prodding; Roger Thompson of Thompson
Network Software, Marietta, Georgia, for sundries; Steven
Aftergood of the Federation of American Scientists, Washington,
D.C., for keeping Urnst, the cat, in good reading material with
those timely FAS reports; Dave Kennedy of NCSA for consumer
alerts.
----------------------------------------------------------------
If you quite enjoy the Crypt Newsletter, editor George Smith's book,
The Virus Creation Labs: A Journey Into the Underground," will
really flip your wig. In it Smith unravels the intrigue behind
virus writers and their scourges, the anti-virus software
developers and security consultants on the information highway.
What people are saying about THE VIRUS CREATION LABS:
"I couldn't stop reading it . . . As hype continues to
build about security on the Internet and movies like
_Hackers_ ooze the real hackers into the mainstream arena,
this book is definite apropos material for the time.
Read it! A+"
---The Net magazine, February 1996
"[VIRUS CREATION LABS] is informative and stunningly
incisive . . . "
---Secure Computing, October 1995
"George Smith . . . takes a look at the world of virus writers
and anti-virus software vendors in a style similar to that
of 'Cyberpunks' -- anecdotal, humorous and revealing . . . a
lucid and entertaining read."
---Computer Security Journal
"There are relatively few books on the 'computer underground' that
provide richly descriptive commentary and analysis of personalities
and culture that simultaneously grab the reader with entertaining
prose. Among the classics are Cliff Stoll's 'The Cuckoo's Egg,'
Katie Hafner and John Markoff's 'Cyberpunk,' and Bruce
Sterling's 'The Hacker Crackdown.' Add George Smith's
'The Virus Creation Labs' to the list . . . 'Virus Creation
Labs' is about viruses as M*A*S*H is about war!"
---Jim Thomas, Computer underground
Digest 7.18, March 5, 1995
"THE VIRUS CREATION LABS dives into the hoopla of the Michelangelo
media blitz and moves on to become an engaging, articulate,
wildly angry diatribe on the world of computer virus writers . . .
Expert reporting."
----McClatchy NewsWire
-------------------------order form-------------------------
Yes, I want my wig flipped and wish to receive a copy of George
Smith's "The Virus Creation Labs: A Journey Into the Underground"
(American Eagle, ISBN 0-929408-09-8).
Price: $12.95/copy plus $2.50 shipping per book (add $7.50 overseas)
NAME: _____________________________________________
ADDRESS: __________________________________________
CITY/STATE/ZIP: __________________________________
Payment method:
___ Master Charge
___ Money Order
___ Check
___ Visa
Credit Card # ___________________________________________
Expiration date _________________________________________
Name: ____________________________
Orders can be taken by voice or fax through regular phone
number and/or 1-800 number in USA. COD welcome.
American Eagle: 1-800-719-4957
1-602-367-1621
POB 1507
Show Low, AZ 85901
-------------------------------------------------------------
George Smith, Ph.D., edits the Crypt Newsletter from Pasadena,
CA. Media critic Andy Lopez lives in Columbia, SC.
copyright 1996 Crypt Newsletter. All rights reserved.