Another darn virus bombs the Internet

While everyone else got love letters last week, I got "kakked"

While everyone else got love letters last week, I got "kakked". We're talking viruses here - the "I Love You" virus, which swarmed into the world's computers faster than any virus has before, and the kak "worm", a nasty bit of business apparently circulating in Ireland at the moment.

Actually, I did get the "I Love You" virus as well and, to be honest, was rather pleased. I didn't open it, of course, having already read about it and received about 300 press releases from security companies anxious to get their immediate slice of the virus-panic pie, all sent out nanoseconds after the Love Bug's discovery.

I deleted the suspect e-mail after checking to see who had sent the lettre d'amour (it turned out to be a PR company in Dublin which shall remain nameless).

But I must admit I found it intriguing to finally receive one of the notorious viruses that gets global press coverage, one of the scoundrels that generates those annoying streams of warning emails that everyone forwards to everyone else - friends, colleagues, relatives, loved ones, former school art teacher, even the guy who repairs your bicycle.

READ MORE

As one anti-virus site noted dryly, how many people got 10 times as many e-mails warning them about the Love Bug than they did e-mails actually containing the thing?

Thanks to such e-mails, I had read about bugs like Melissa and Bubbleboy (the names are sometimes as good as hacker monikers) but darn it, I never got the viruses myself.

Now, I had been hit, albeit safely. I told everyone; it was something to flaunt. Then, my computer started doing funny things on start-up - stopping halfway through the start-up sequence and telling me it had found one "possibly infected" file.

I ran my McAfee virus software, and it didn't pick up anything. Then I noticed that the computer had noted at start-up that it had found the so-called kak.worm. Ugh! What was that? Get it out of there!

It turns out the kak worm is, as they say, extremely common "in the wild" - meaning it gets passed around readily over the Internet.

It was first spotted and analysed in December of last year, just around the time I took delivery of my computer. In other words, it appeared too late for the anti-virus package that came with the machine to have the bug included in its defence mechanisms.

The kak worm, like Bubbleboy, is one of the creatures that utilises a hole in Microsoft's Internet Explorer browser. Once in, the virus sits in your computer, sends a replica of itself out every time you send an e-mail, and on the first of every month, activates a program that can destroy files on your computer. Fortunately for me, I was out of the country on May 1st and was spared having serious damage done.

But the experience drove home some points about using the Internet. First, it was a reminder that the Web is, and probably always will be, "the wild". Web browsers and tailored e-mail packages and icons that we click to tell our modems to dial our Internet service providers do complicated tasks for us but make them seem easy. They also allow us to venture out into an online world that, through the wonderful visual medium of the Web, seems accessible and, in general, safe.

But this is not really the case. Although the experience of getting online and experiencing the Net has been simplified, we are still doing something exceedingly complex that contains many opportunities for problems. The programs that give us the freedom to go online are so labyrinthine that programmers themselves have a difficult time making sure that back doors are closed and holes are patched.

That means that computer users must always be defensive drivers on the infobahn. One only has to read the reports of the billions in damage caused worldwide by the Love Bug to realise this is clearly not the case.

People are happy to open attachments even when they seem suspicious (I can't be the only person in the world who thought a love letter from someone I know, purely from the standpoint of a very distant business relationship was, er, unusual?).

And most people using the Net nowadays don't know a lot about computers or security issues or software patches. We are constantly told that we don't have to worry our pretty consumer heads about such things. The Internet is supposed to be a mass medium; computers are vehicles for delivering information. For heaven's sake, we don't have to worry about television and radio security.

Even people who try to stay informed and properly protected often don't. It turns out I had downloaded a patch for the kak worm ages ago and thought I was keeping my McAfee software up to date, but didn't realise I had to go through further steps to install the updates.

Then, like many, I thought about getting the patch from Microsoft when I first read of the browser hole. But there seemed to be a new hole every week in all the available browsers. Thinking about what to download and what not, where to patch and where not - jeez, a gal has other things to do than plaster over her browser in her spare time.

So, protect and survive is a bit too optimistic a slogan for the Internet age. The best anyone can do is try to keep aware of new problems with viruses and watch for patches for security holes in software you're using. Take steps to minimise risk with e-mail (the main door for all virus problems), don't open attachments and don't send them yourself wantonly. Best of all, back up your files regularly so they're still there for you if the computer gets nuked.

Karlin Lillington can be contacted at klillington@irish-times.ie.

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology