Sponsor's Message

Have you noticed how virtually all of the worst worms have been written by programming dunces who show a profound inattention to detail and inability to properly debug their code? This has meant that the damage such malicious bits of code have produced is far less than it could have been.

Take the latest menace "MBlast" for instance.

Because its programmer is an idiot, the virus/worm accidentally causes many of the machines it infects to automatically shut down. Thanks to this bug, a great many of those whose PCs have been hit are aware of the problem and have cleaned/patched their machines pretty damned quick.

In the case of the Code Red worm, the dullard writer was stupid enough to encode the target of his planned attack as an IP number rather than as a domain name. This made it pretty trivial to dodge the bullets it was preparing to fire -- simply give the targeted website a new number.

But let's stop for a moment and consider what might happen if the next major worm or virus is written by someone with more than half a brain. Someone with a more professional and methodical approach to cutting code that exploits a newly uncovered vulnerability.

How much trouble would we be in if such a well-written worm were quietly snuck onto the Net.

Rather than racing out and propagating itself as quickly as possible -- thus catching the attention of network administrators who wonder why there are unexplained traffic surges -- such a worm would spread slowly but surely, flying under the radar screen of all but the most vigilant admins.

Based on the behaviour of PC users to date, the creator of such a "perfect" worm could be sure that they'd have months in which their creation could covertly install itself on vulnerable machines.

After infecting a PC, the worm would sit quietly biding its time. Not doing anything to give away its presence but waiting for a trigger to kick it into action.

Millions of machines across the globe would be infected in this way and represent a time-bomb just waiting to explode.

What kind of chaos would ensue when the worm's payload was finally triggered.

Imagine millions of people turning on their PCs only to find that all their data has been wiped without warning. Imagine if that worm starts quietly feeding the confidential information held on those millions of computers back to a central point.

Imagine if the worm simply popped up a message demanding that you send the author $5 for a password that would save your valuable data from certain destruction. Think of the profit!

With such horrible prospects being a very real possibility, perhaps we ought to be thankful that virus/worm writers, at least so far, have proven themselves to be generally rather stupid, lazy and inept.

If any Aardvark readers want to share an opinion on today's column or add something, you're invited to chip in and have your say in The Aardvark Forums or, if you prefer, you can contact me directly.

Contacting Aardvark
I'm always happy to hear from readers, whether they're delivering brickbats, bouquets or news tip-offs. If you'd like to contact me directly, please this form. If you're happy for me to republish your comments then please be sure and select For Publication.

Other media organisations seeking more information or republication rights are also invited to contact me.

Just add a couple of lines of JavaScript to your pages and you can get a free summary of Aardvark's daily commentary -- automatically updated each and every week-day.

Aardvark also makes a summary of this daily column available via XML using the RSS format. More details can be found here.

Contact me if you decide to use either of these feeds and have any problems.

Linking Policy
Want to link to this site? Check out Aardvark's Linking Policy.

Did you tell someone else about Aardvark today? If not then do it now!