Vmyths.com


Hoaxes, myths,
urban legends

Columnists

Newsletter
signup

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

As read by the author

Success by implied association

As read by the author Rob Rosenberger, Vmyths co-founder
Saturday, 26 January 2002

Part 1: Chumming the waters

THE MEDIA HASN'T screamed about a deadly über-virus in the last few days. {sniff} I smell a conspiracy of silence.
Wyatt:
Shhh! Shhh! Don't talk! Listen...
Gary:
I don't hear anything.
Wyatt:
Exactly! It's quiet. Too quiet.
I can appreciate the constant flow of media hysteria because ... well, because antivirus vendors get bored when they can't run around with their heads chopped off. When they get bored, they tend to turn on each other. Oh, sure, it starts innocently enough — playful jibes about a competitor's new press release — but then they get the bright idea to send emails to Vmyths. "Did you see this one yet?" I like to think of it as chumming the waters. I swear, antivirus vendors will toss one of their own overboard and laugh when our columnists eat him alive. Sick, sick, sick. Alligators kill their prey more humanely and they don't turn on their own kind. I could smell the chum last week when it flowed into my mailbox. Multiple antivirus experts pointed me to a new press release from the lounge lizards known as mi2g. Regular readers know the firm appears in our hysteria roll call resource. mi2g issued a press release on the "new trends" they see in computer security. Their tripe positively brims with numbers, percentages, and dollar signs. The figures came from CERT®, antivirus vendor Kaspersky, and fellow hysteria roll call member Computer Economics, Inc. mi2g also culled a generic dismal-future quote once uttered by Symantec bigwig Steve Trilling. To put it in simple terms: mi2g's press release used the time-honored ploy of "success by implied association." It's in our nature to associate ourselves with success. We seek to impress others by association when we say things like "I graduated from West Point" or "I served two terms in the state senate" or "I read Vmyths" or "the NSA tells me all of their secrets" or "I hang with the Crips" or "I got kicked off the National Security Council but I still managed to convince the president to put me in charge of a bizarre new cyber-bureaucracy to mask the humiliating role I played in the terrorist attacks." Some people — let's call them "losers" — can't associate themselves directly with success and may go so far as to create an implied association with success. Some firms — let's call them "mi2gs" — can't associate themselves directly with success and may go so far as to ride on others' coattails. They want to persuade others — let's call them "reporters" — to give them more consideration than they truly deserve.
Perhaps I exaggerate when I say Middle­ton "penned" a story. He could have saved time by slapping his by­line on mi2g's press release.
Now you can see why antivirus experts threw mi2g overboard. The chums stowed away on a media charter boat.
ALERT VMYTHS READERS noticed mi2g's press release before antivirus experts started their chumming expedition. So I sent a query to spokesmodel Louise Selley. She wrote back with a typical insufficient explanation:
mi2g's statistics are derived from an automatic tool that collects data from defaced web sites directly announced on the web as well as monitoring hacker bulletin boards. This tool has been developed by our SIPS [Seemingly Innocent Propaganda from Soho] group. We do not rely 100% on the automated tool and have to verify the information collected using human intelligence deleting errors and duplications.
"Directly announced on the web" probably just means they monitor things like the safemode and alldas website defacement mirrors. Safemode's recent suicide announcement means mi2g has less duplicate data to contend with. I didn't ask Selley to identify her public sources of information because — well, I doubt mi2g would reveal it. The antivirus industry as a whole doesn't like to disclose their public reference sources. Rationalization comes in many forms: they don't want to give virus authors credit for their contributions, or they consider public data a proprietary resource, or... You get the hint. Ironically, these same experts would flunk out of a college writing course if they refused to cite public sources of information. I don't really know what the antivirus industry calls it, but the academic world calls it "plagiarism." I didn't ask Selley to identify her public sources of information, but I did send a follow-up email regarding the "prolific serial virus writers" they named in their press release. mi2g pegged Black Baron, for example, even though he left the virus scene in the mid-1990s. They also pegged David L. Smith despite the fact he stopped writing viruses after his arrest in 1999. Chen Ing-Hau doesn't even meet the definition of a "serial" virus writer; he'd lose his day job if he ever tries to write critter #2. Why did mi2g implicate so many non-contemporary virus writers as current-day serial threats? Selley didn't respond to my follow-up email. Go figure.
mi2g's press release used the time-honored ploy of "success by implied association."
I guess I won't get to ask her about the claim "most virus writers tend to be fairly young (late teens, early 20s), often male, and get no commercial benefit." Virus writer PaX has a thing or two to say about age. Hacker Axe has a thing or two to say about gender. Onel de Guzman, Chen Ing-Hau, and Jan Dewit have a thing or two to say about commercial benefit. But these minor little points of contention didn't stop VNUNET correspondent James Middleton. He penned a credulous story from mi2g's press release. Hmph. Perhaps I exaggerate when I say Middleton "penned" a story. He could have saved time by slapping his byline on the press release. Seriously: study the mi2g PR and the VNUNET piece if you don't believe me. Middleton made it a "news story" by adding one quote from a Computer Associates flunky. I come up with original material for my columns. I can't believe reporters get paid for such blatant plagialaziness. [Credit where due: the "too quiet" excerpt comes from "Weird Science."]

[continued in part 2:
Comedy is not pretty]