The evolution of communications technologies has taken two parallel paths. On the one hand, it took a path for the general good of society, as was the case with the invention of the Internet, for example. On the other hand, a path of destruction and general havoc resulted with the development of computer viruses, among other things | IslamOnline.net
The second path was not inevitable. But social organizations in the West, where viruses first emerged, seemed to condone the deeds of virus writers and propagators. People who wrote, unleashed or swapped virus codes – whether for fun or for damage, intentionally or inadvertently – were not penalized.
Legislation worldwide lagged far behind the unbelievably rapid development of communication technologies and their destructive counterparts. New laws were not formed at the same pace that a new breed of crime was emerging.
An example: David Smith, who wrote and unleashed the destructive Melissa virus was punished by just 20 months in prison and US$5000 in fines. The Melissa virus utilized email programs to propagate a virus epidemic that resulted in about US$80 million in damage.
The imperative to save the technology civilization from digital epidemics has become greater than ever; not for the sake of technology firms, but because we have become impeccably dependant on technology. We can’t just switch it off claiming that technology is too vulnerable to rely upon. For, who can, at this moment of history, unplug his PC and say, “I’ll no longer use the internet”? The internet, the magic stick of virus propagators, has become an inherently functional part of almost everybody’s life. “The more functionality,” says digital security consultant Roger Thompson, “the greater the risk.”1
From Biology to Technology
There are different suppositions of when computer viruses first emerged. Some trace them back to 1949 when the Hungarian-American mathematician, John von Neumann, described self-replicating programs that resemble viruses as they are known today. The first to refer to these programs as viruses was the computer scientist Fred Cohen, in a technical article titled: Computer Viruses – Theory and Experiments, published in 1983.2
Cohen was extraordinarily correct in choosing the term. The analogy between computer viruses and their corresponding beings in the world of biology goes beyond hiding and self-replicating. Firstly, computer viruses are continuously getting smarter (by their writers), making repeated attacks that are increasingly difficult to overcome by anti-virus programs. Secondly, they simultaneously reach every corner of the earth through the Internet, in a similar fashion to how biological viruses, such as the avian flu, circulate by air travel!
The Erroneous Evolution
Along the way between 1949 and 1983 and through to the present moment, myriads of viruses were developed. At the end of 2003, it was estimated that 63,000 viruses had been unleashed. Most viruses are benign, weak or easily eradicated. But a few of them, about 300, have made the notorious epidemics that cost the world about US$65 billion.
The history of viruses is, alas, rich with details and examples. Some viruses, however, stand out as landmarks. The following evolution timeline indicates how the authors of viruses exerted their efforts to make their codes less susceptible to detection, disassembly or eradication. And it marks, as well, the emergence of the anti-virus industry.
Who Writes Viruses?
What is the incentive for people to devote a large portion of their time to developing and fine-tuning codes with the sole purpose of destroying the computers of complete strangers? Why don’t they dedicate their talent and time to writing original, constructive codes that would bring them fortunes?
This has been the core question that Sara Gordon, an anti-virus software researcher and developer, tried to answer through interviewing tens of virus authors, active and retired, during six years of research. She concluded that most of the perceptions about motivations and backgrounds of virus writers are inaccurate. The common image of virus writers as maladjusted teens, from distorted families, and listening to heavy metal music in dark rooms is a misleading stereotype, the researcher discovered.
Gordon traces the phenomenon to a societal failure. “Just about any time a society tacitly condones questionable activities, it lends the activities some degree of credibility. It makes them seem less bad. That means that people don’t need to age out of the activity,” says the researcher. “This means that what constitutes ethical behavior changes! On the Internet today, virus writing is undergoing this sort of tacit approval,” she adds.4
In tens of cases of destructive computer viruses, it just started with somebody “playing” with a piece of code they got from a friend, a colleague at university or a website (the just closed codebreakers.com is one example). Using these websites endows them with credibility, similar to when a hugely successful bookseller like Amazon.com sells on its website books detailing how to write a virus code, like the expensive: Ictv Code for the Description of Virus Characters, by J.B. Atherton, available on Amazon.com for US$59.
In all of these cases, wrongdoing has not been defined or looked at as such. And this is why those who did it were not punished accordingly, resulting in turn in creating a culture where everyone can pass on a virus to the Web and get away with it.
The examples, on the other hand, of cases where legislation has turned a blind eye to the major damages afflicted by virus writers are too many to count.
According to United States legislation, for example, for the prosecuting authorities to act there must be demonstrable evidence of intent of harm and damage of at least US$5000. Yet in cases of people like Jan De Wit (Anna Cornicova virus), Chen-Ing Hau (Chernobyl virus), Onel De Guzman (I love you virus), and David Smith (Melissa virus) they were all mildly fined, penalized or even sometimes just released due to lack of existing legislation to prosecute the perpetrator. Onel de Guzman, for one, who wrote and let loose the I love you virus, which resulted in US$7 billion in damages, was arrested and then released for lack of an existing Philippine law to prosecute him.
The Future of Computer Viruses
Search Google by using the keyword “virus” and you will find that the first 23 results are about computer viruses, not biological ones! This is a cursory parameter of how large the problem is.
Some think the problem will be gradually eradicated as Microsoft (with its ubiquitous products that lure virus writers to search for and exploit vulnerabilities in them) is drawing vast resources to make its next line of products more secure. Microsoft is even proceeding to develop a proprietary anti-virus program. Consequently, if Windows, Microsoft’s prominent product that works on about 94 percent of PCs worldwide, is absolutely secure, viruses would be rendered a problem from the past.
Others think the problem will last. They cite the recent worms and Trojan horses unleashed on mobile phones and handheld PCs as proof of the ability of virus writers to keep up to par with technology advancements.
In any case, we have no other option than considering viruses as a trade-off for the productivity the technological developments bring. With functionality, remember, comes vulnerability.
===========================
1- Patrizio, A. 5 February, 1999, New Viruses Send Data Over Internet
2- This paper constitutes a chapter in a book by Fred Cohen titled: A Short Course on Computer Viruses. ASP Press, Pittsburgh, 1990. This chapter can be found at: http://all.net/books/virus/index.html
3- AntivirusWorld.com, History of Computer Viruses
MSNBC News, 18 April, 2003, Digital Diseases
VirusList.com, The History of Computer Viruses - From the Ancient Days to Present Time
NewScientist.com, 15 June, 2004, First Cell Phone Worm Emerges
NewScientist.com, 20 July, 2004, Handheld PC Virus Holds Ominous Promise
NewScientist.com, 6 August, 2004, Handheld Computer ‘Trojan’ Discovered 4- http://www.commandcom.com/virus/writes.html
---
No comments:
Post a Comment