Truth About Computer Security Hysteria
Pseudologica fantasticaGeorge C. Smith, Ph.D., Editor-at-large
Wednesday, 29 August 2001
LAST WEEK, a judge was cashiered in Los Angeles for relentlessly fabricating stories about his past. As one example, it was said in the local wrapper that the man had claimed to have once been an adventuring CIA operative in Laos during the Vietnam War.
The local judicial system even dragged a real CIA man into hearings on the jurist's basic honesty and psychological fitness to refute the fellow. In defense, the judge's lawyers claimed him to be suffering from pseudologica fantastica, a mental illness "said to cause people to mix fact with fiction to protect their self-esteem."
This tactic failed and the Lying Judge was banished from the juridical kingdom of Los Angeles with the mark of bureaucratic Cain upon him and the admonishment to never return.
However, banishment, embarrassment, or a branding as the community dissembler ("That's Old Joe, son; he's so full of it he squeaks") hardly ever result for embellishment of the mundane truth of one's life with tales of stretchy grandeur when newsmen, computer security, and the topic of computer viruses intermix. Pseudologica fantastica is the preferred mental condition.
Take the case of the English student who saved 400 or so worlds of corporate computing from almost certain destruction on August 16, according to the BBC. "A computer student potentially saved businesses millions ... [a] 'Trojan horse' had already affected at least 400 companies across the world when a [teenage computer geek] detected it on his home PC," reported a Beebster breathlessly.
We were told the young stalwart from Blighty discovered a virus when it "appeared on his machine" while in an Internet chat room. "Like Code Red it 'floods' someone's hard-drive and can cause major damage," claimed the student-who-saved-431-corporations-in-America-Canada-and-France.
Teenagers-Who-Save-The-World have been visible from the first day I logged onto the virtual circuits of a bulletin board system — quite probably well before, too. At least one, sometimes more, could be found in residence in any given electronic community and the less excitable hands (read the realists) would know them in two basic flavors:
To tell the truth, the identification of "unique" examples of malicious software is about as challenging as the picking of cat stool from a litterbox. However, it is now common for the media to indulge teenagers or some employees of the computer security industry in their fancy for a "Secret Life of Walter Mitty"-like experience. All it takes is an average affinity for Munchhausen's Syndrome and a listener on deadline mildly entertained by the result.
In more outbreaks of pseudologica fantastica: The Washington Times reported on August 10 that "all intelligence services, including the CIA, Defense Intelligence Agency, and especially the National Security Agency, have launched major searches for [an] elusive computer hacker" named "Red Crack."
It was so decreed, the newspaper said, by unidentified officials from the Bush administration. Anonymous "Internet security specialists" were alleged to have implicated the clever "Red Crack" in cyberwars between the U.S. and the Chinee.
"Red Crack" was also said to have left bellicose anti-American messages on a government website. There was no explanation on how the cyber-Boxer might have come to suffer from pruritus ani.
Close upon its heels, MSNBC added even more pages to the already thick book of nauseatingly unimaginative and repetitive text on the subject. Perceptively entitled "the U.S.-China Information War," it contained all the hackneyed usages, packaged as eye-opening revelations, common to the brand of literature.
You had your anonymous sources of alleged gravitas ("senior government and military officials"), your claims of plans to strike at electronic Mammon ("30 high-ranking experts called for the development of weapons that can throw the financial systems and army command systems of the 'hegemonists', i.e., America into chaos") and the always
It produced the silly expert, in this case Army analyst Tim Thomas, mildly infamous on Vmyths.com for an older article that crazily cited a Russian 666 virus that could cause heart arrhythmia and nuclear missile silo operators said to be in training to resist telepathic attack! (In the MSNBC report, the Russian 666 virus is no longer the object of interest. Now it's possibly Chinee network-striking "shock brigades.")
The story closes with a routine brag on the utter supremacy of U.S. cyberwar might, supplied by another pro forma anonymous source. "A high-ranking U.S. intelligence official says, U.S. info-war capabilities far outstrip those of China or any other potential adversary."
Vmyths.com conspiratorially informs its readers the usage of the qualifier high-ranking in these types of stories is always critical because without such the audience might become suspicious it was being smoked the empty-headed opinion of any old yahoo.
The reasons given for the battle-turnaway were ... hard to discern. However, substantial credit must be given to the ITP reporter who landed one of the best apparatchik quotes on Code Red from DoD
"Given the fluency of the situation created by the many ongoing actions at all levels of our decentralized information systems architecture, any estimate of the number of sites not available to the public would be speculative at best."
Assertions that employees of the Defense Information Systems Agency and Joint Task Force for Computer Network Operations must demonstrate butchery and obfuscation of the English language as core skills prior to employment are, of course, scurrilous lies!