Re: Virus alert (fwd)
Walter Amos (amos@sedl.org)
Fri, 20 Aug 1999 14:29:05 -0500 (CDT)
I apologize for the off-topic-ness of this mail but having just
received the virus warning (hoax) at the bottom of this email I am on
an anti-email-hoax rant and am forwarding this to everyone I can.
Please read it and save the web URLs listed for checking out virus
warnings and hoaxes. Thanks for your attention, and apologies again.
==============================================================================
"Zu jeder Zeit, an jeder (sic) Ort, bleibt das Tun | Walter Amos
der Menschen das gleiche..." - Galactic Heroes II | amos@sedl.org
---------- Forwarded message ----------
An ongoing problem with the Internet today is the easy spread of
incorrect information by well-meaning people. Like you, someone gets a
note saying "Oh my god, terrible new virus! Warn everyone!" And they,
not knowing any better, send it to their friends, who send it to their
friends, etc. and soon thousands of people are in panic.
Whenever you get a warning like this, you must remember to ask several
important questions that can help determine whether this is worthwhile
info.
1) Does the message contain any real hard data from known and trusted
authorities, or is it merely "I heard this was bad, warn everyone!".
Now the note below pretends to authenticity by mentioning "IBM and
AOL". But *who* at IBM and AOL? Is there a reference to a web page
with further information on the problem from these sources? You would
think that if this "Wobbler" is as bad as they say that IBM and AOL
would have put up web pages with detailed info on the problem and how
to avoid it. If you actually go to IBM or AOL's web pages you can find
no mention of this supposed threat.
This kind of "appeal to authority" by mentioning "important" sounding
companies or things is an easy way to fool most people into thinking
"Wow this must be real!" But do not believe it unless any real hard
information is provided.
2) Are there any specifics on what *kinds* of systems or software this
"virus" will attack?
Again, in the note below it does not say that opening the "CALIFORNIA"
email will cause damage to specific types of systems. I will tell you
right off the bat (and again this is something most non-technical
people fail to grasp): it is *impossible* to create a virus that do the
same kinds of damage on machines running different Operating systems
and on different hardware.
For example, the genuine "Melissa" virus ONLY works on machines running
Microsoft Windows 95 or greater AND Microsoft Word 97 or Word 2000
(because it operated by the user opening the mail message and then
opening the MS Word attachment file, and the virus was in a Word
"macro" which did its dirty work.) If you got a Melissa mail message
on a Macintosh or a machine running Linux, or read mail through
software that would not connect the Word application directly to your
mail attachments, Melissa couldn't hurt you. However most panicked
warning email messages (and regrettably most media news coverage as
well) failed to emphasize this fact.
The message below contains no information of this nature, only vague
threats that it will "EAT all your information on the hard drive", and
that it destroys Netscape Navigator and MS Internet Explorer. Actually
this last is almost a tip-off that it is false - it would be very hard
to write a virus that would somehow affect 2 different browsers, and
besides, wasn't this a virus spread by email? What does your web
browser have to do with it?
3) Remember to first check trusted sources for confirmation of panicky
rumors before spreading them on!
There are a number of informative web sites maintained by various
companies and computation consortiums that track things like viruses
and computer security problems. When you get a warning such as this
one, you should immediately check sites like:
- the CERT Coordination center: the definitive organization which
tracks security holes, viruses, hacking attacks, etc. If something
is a serious virus threat like this "Wobbler" is supposed to be, you
can bet CERT has put out an advisory on it. You can check the list of
recent CERT advisories at:
http://www.cert.org/advisories/
Now the information here is very technical and detailed, and may be
hard to understand for the average computer user, but you can be pretty
sure that is you search for your virus (like Wobbler) and DON'T find it
(which you don't if you search the page above) then it probably isn't a
real threat.
- the Symantec Co. "SARC - Virus Hoaxes" page: On the other side of the
coin, if you can't prove your virus or warning is real, you should
also check if it is FALSE. This page maintains a list of known virus
HOAXES, spread around by panicky warning emails:
http://www.symantec.com/avcenter/hoax.html
And lo and behold! WOBBLER is listed as a recent HOAX! What a
surprise! ;)
PLEASE - I would strongly advise EVERYONE to bookmark these web pages
and check them regularly, especially when you receive a warning email
from a friend! Before passing along possibly incorrect info, please
check it out at sites like these and use the common-sense questions
above to examine whether it is real or bogus.
------------------------
> Dear Walt,
> >
> > Here is the text of a message just
> sent me,
> > figured I would pass it on:
> >
> >
> > > > >> A new virus - WOBBLER.
> > > > >>
> > > > >> It will arrive on e-mail titled
> > "CALIFORNIA".
> > > IBM and AOL have
> > > > >> announced that it is VERY powerful, more so
> > > than Melissa,there is no
> > > > >> remedy. It will EAT all your information on
> > > the hard drive and it also
> > > > >> destroys Netscape Navigator and Microsoft
> > > Internet Explorer. DO NOT
> > > > >> OPEN ANYTHING WITH THIS TITLE - and please
> > > pass this message on to all
> > > > >> your contacts and anyone who uses your
> > e-mail
> > > facility. Not many people
> > > > >> seem to know about this yet, so propagate it
> > > as fast as possible!
==============================================================================
"Zu jeder Zeit, an jeder (sic) Ort, bleibt das Tun | Walter Amos
der Menschen das gleiche..." - Galactic Heroes II | amos@sedl.org
