Spreading the Virus
May 17, 2000
After the "Love" virus epidemic, the expression "viral
marketing," popular last year, looks... so last year.
Examples of viral marketing ranged from the Real Player to
WinZip, from Adobe Acrobat to... Internet Explorer, the
virus that killed Navigator. The idea was and still is to
infect as many PCs as quickly as possible using the Net as
the transport mechanism for both the product and the buzz
about the product. Calling this "viral," even in the case
of a certain HTML interpreter, is a little extreme. Such
products, even if they occasionally maim their competition,
are not supposed to damage my PC or the files stored on my
hard disk -- notwithstanding the therapeutic benefits of
periodically reformatting and rebuilding one's system.
A true virus is designed to corrupt a system and to
replicate itself across the Net. Pursuing the biological
simile, observers pointed out another problem caused by
Microsoft's monopoly: the lack of genetic diversity in the
PC ecosystem. Because PCs and their software are too similar,
one noxious automaton can do much more damage than would
occur if we had several alternative life forms.
This argument deserves closer examination. True, BeOS, MacOS,
and Linux users were not infected by the Love virus. Had each
system had 25% market share, a single virus could only infect
25% of the population. And, if you assume some degree of
precaution or paranoia on the part of users, sys admins, or
ISPs, the 25% infection rate would be even lower.
We'll quickly dispose of the argument that users should know
better than to open an attachment without questioning its
provenance. Yes, but no. Computers are supposed to serve us,
to make our lives easier and simpler. Computers juggle very
complex tasks under the hood, so they should take care of
virus-carrying attachments for us. But that's where sloppy
technical habits come in. In the name of making things
easier (for whom?), Microsoft engineers have made Windows
too susceptible to manipulation behind the user's back. No
alert asks the user's permission and nothing verifies the
origin of a program that modifies a key part of the system
such as the registry, or that sends e-mail not created by
the user.
It reminds us of a certain Chairman, in a video deposition,
quibbling that the computer, not he, had sent an incriminating
e-mail. We ingrates now realize he was just being prophetic.
Seriously, the fixes in preparation for Outlook will address
these weaknesses without impeding our ability to download and
install software updates from the right sources.
Going back to the eco-diversity argument, it might contain a
hidden flaw. With the Web, all browsers from all OS's need to
adhere to the same set of *ML definitions in order to
faithfully render Web content. In other words, all platforms
are supposed to interpret *ML tokens in the same way. The
unanswered question is whether or not this required
conformity is a path to large scale infections by malicious
applets.
This last word brings up Java and its greater immunity from
attacks -- not absolute, just greater. But, can everything
required for Web navigation be performed solely within the
safer confines of a Java environment? We know the answer:
there is no JavaOS. So, we're left with "mixed" solutions
and unanswered questions. As Web-enabled devices -- a.k.a,
appliances -- proliferate, we'll have to inoculate these
life forms against malicious programs on both server and
client sides of the connection without placing too many
restrictions on the real freedom to innovate.
The frightening thing about the Love virus is that it was
partially botched. In a way, it was a welcome warning against
more efficient plagues, including strains that could do harm
on more than one platform. We acknowledge that no OS, ours
included, is invulnerable, but it is the degree of vulnerability
that matters.
![[ Be Logo ]](../../resources/banners/be_corner.jpg)
![[ Home ]](../../resources/nav/top/turquoise_home_n.jpg "Be Home Page, top level of site"){kind=small}
![[ Site Map ]](../../resources/nav/top/turquoise_sitemap_n.jpg "Outline of the Be web site, with section names, links, and descriptions"){kind=small}
![[ Search ]](../../resources/nav/top/turquoise_search_n.jpg "Search the Be web site for keywords and phrases"){kind=small}
![[ Contact ]](../../resources/nav/top/turquoise_contact_n.jpg "Contact information for various groups and functions within Be"){kind=small}
![[ Be Europe ]](../../resources/nav/top/turquoise_europe_n.jpg "Link to the external Be Europe site, with Europe-specific information"){kind=small}
![[ Aboutbe Banner ]](../../resources/banners/aboutbe_banner.jpg)
![[Bottom]](../../resources/nav/side/bottomtab.gif){kind=small}
