* * * * *
“Raise shields! Prepare for impact!”
> Our analysis of Internet virus activity, shows that on September 11^th
> next, an advanced worm attack is set to infiltrate the Internet and could
> potentially halt email traffic worldwide. We need to act now.
>
Via 0xDECAFBAD [1], “Superworm To Storm The Net On 9/11 [2]”
You know, if only it were possible to ban and delete all copies of Microsoft
[DELETED-Lookout!-DELETED] Outlook or Microsoft [DELETED-Lookout! Exploit-
DELETED] Outlook Express, things like this wouldn't happen. Couldn't happen.
I remember back when Code Red and Nimba (back in 2001 and machines are still
infected) code was posted that would allow one to remotely crash an infected
machine (using pretty much the same exploit that allowed the machine to be
infected in the first place) to stop the spread. The legal analysis was that
such code was illegal to use (sadly) leaving one with not much recourse other
than sucking up the wasted bandwidth, or just going ahead and crashing the
damned machines anyway and hope you didn't get caught.
I think the best practice to come out of this was LeBrea, a program that
would basically stop an infected machine by slowing down its network
connection (by accepting a connection from an infected machine, then keep the
connection alive, but transmit nothing back, keeping the infected machine
stuck), but alas, it is no longer being distributed [3] due to so called
Super-DMCAs (Super-Digital Millenium Copyright Act) [4], being pushed by the
MPAA (Motion Picture Association of America) to basically prevent anyone from
using a computer (well, they don't come right out and say that, but … ).
Sigh.
[1]
http://www.decafbad.com/blog/tech/superworm.html
[2]
http://www.gulufuture.com/superworm.htm
[3]
http://www.hackbusters.net/#software
[4]
http://www.eff.org/IP/DMCA/states/200304_sdmca_eff_analysis.php
Email author at
[email protected]
