Truth About Computer Security Hysteria
New computer virus spreads AlzheimersRob Rosenberger, Vmyths co-founder
Friday, 19 November 1999
WHY DID REPORTERS stop covering BubbleBoy? Email's death knell should have generated far more media coverage. AP, Reuters, CNN, MSNBC, BBC, Newsbytes, ZDNN, and news.com dropped it by 13 Nov.
Did it perhaps get bumped by the recent air catastrophe? I doubt it. EgyptAir 990 plunged more than a week before BubbleBoy surfaced.
It's just as well BubbleBoy went away — antivirus experts have short memories. I remember an "auto-malicious email" proof of concept way back in 1996. One year later, BO2K author "DilDog" demonstrated a sister technique and described how to exploit it as a realistic "email virus." In July of this year, I showed antivirus vendors how to attack networks with an email no one ever receives.
Experts conveniently forgot this when the media clamored for interviews. Look who claimed BubbleBoy changes the way we perceive email security:
I spotlighted Viveros' remarks, but I did congratulate him privately for a level-headed press release. However, the same press release implied Network Associates could immediately detect BubbleBoy at email gateways. This doesn't make sense from a technical standpoint, so I asked Viveros if he would clarify the issue for me at his convenience.
Remember StarLabs? They'll soon stop providing email service as a precaution against unknown Y2K viruses. One of their "experts" started bothering other experts inside the WildList organization. A source (excellent reliability) forwarded this pungent request from StarLabs:
"Does anyone have a sample of the VBS/Bubbleboy virus (the one which infects Outlook when you read the email; you don't even have to open any attachments). A sample of the email generated would also be useful. I would like to urgently evaluate this new type of threat. Thanks, Alex."
Beyond.com rode on BubbleBoy's coattails with a press release "announc[ing] that it has posted links to the latest updates that detect the VBS/Bubbleboy worm infection on the company's Antivirus Center... Instant availability of digitally downloaded antivirus software allows consumers to take immediate steps to protect themselves against the latest viruses." Protect themselves immediately after the fact, anyway.
United Messaging (an email outsource provider) issued an "advisory" telling the press to contact their CEO for commentary. He's apparently a "leading expert on computer virus detection and e-mail virus precautions." Hang on while I write that down...
It makes no difference if a virus mentions Jerry Seinfeld, Princess Diana, or Bart Simpson for that matter. Try telling that to the media, though. Look what reporter Matthew Nelson wrote for InfoWorld: " 'Every variable [in BubbleBoy] has been named after Seinfeld characters,' said Dan Schrader, vice president of new technology, for Trend Micro. 'They even use references to Soup Nazi, Kramer — an amazing number of characters are in this thing.' " And your point would be...?
On a positive note, Janet Kornblum stayed focused in her USA Today story. (You go, girl!) Kudos to Rick Jurgens & Mark Boslet for likewise staying focused in their Dow Jones newswire. (You da men!) They even offered a killer tidbit: "Darren Kessner, senior virus researcher for Symantec Corp. (SYMC), was less impressed. 'This virus isn't anything special,' he said."