Now that America Online has merged with Time-Warner to create the largest production and distribution entity on the planet, it is doubtless going to be subjected to more of the kind of attacks that assailed it in 1997 when a hoax called “AOL4FREE” zoomed through cyberspace. At that time, it had three components:
1. AOL4FREE Macintosh program
2. AOL4FREE virus warning hoax
3. AOL4FREE.COM Trojan horse program
The AOL4FREE Mac program, exposed in the March 1997 issue of
There was a time when people who had nothing to say kept it to themselves. Nowadays when people have nothing to say, they forward you a list of what somebody else has said. The proliferation of joke lists, “did you know” lists, heartwarming parables, weird observations (mostly stolen from comedian Steven Wright), and the like is proof that silence is golden, but e-mail is irresistible.
People who can’;t tell jokes seem to think it’;s okay to forward them. That’;s like somebody who can’;t cook sending his friend groceries instead of taking him or her out to dinner.
Friends don’;t spam friends. But if they do, they remove the little marginal « marks when they do it!
The False Authority Syndrome
Who is behind Internet hoaxes? Can the major Internet Service Providers do anything to stop them? Why would anybody want to hack into a Web site? These are questions I asked Rob Rosenberger, one of the industry’;s most authoritative hoax debunkers. He credits “False Authority Syndrome” as behind much Internet mythology; that is, someone says “this is real; it’;s from a newspaper” when forwarding a hoax, and people believe it. Rosenberger now consults for Vmyths.com, an online clearing house for virus myths.
Segaloff: Are there any legitimate viruses—that is, any that aren’;t hoaxes?
Rosenberger: Everything’;s pretty much hyped. You and I can count on a couple of hands the number of viruses. Michelangelo was one; Melissa was another.
Segaloff: Is it safe to say that you should never open up an “.exe” file unless you know what it is?
Rosenberger: Yes. One, beware of anything anybody sends you attached to an e-mail if you don’;t know them; and, two, beware of anything anybody sends you attached to an e-mail if you
Segaloff: Do you think spammers are behind internet hoaxes?
Rosenberger: I don’;t think that spammers are creating urban legends and hoaxes to increase their mailing lists. But I do think that the savvy spammer will get his name out there so he can get a mailbox that gets filled with these hoaxes so that he can pluck out what are known as “Golden E-mail Addresses.” The people on those lists are one friend or family member writing to another, so we can assume that they are active names. So when somebody forwards a message to a hundred of his “bestest” friends, the chances are pretty good that everybody will wind up on some spammer’;s database sooner or later, and they’;ll all get more spam.
Segaloff: And this is why you should never respond to an e-mail that says “click here if you want to be deleted from our list.”
Rosenberger: I never do that. They lie to you. Enough said.
Segaloff: Can you really shut down a server by spamming it too much?
Rosenberger: We do that all the time. I remember a really funny one back in 1998. In October the United States Postal Service shut down. They lost their national e-mail infrastructure because one guy forwarded a “Win a Holiday” alert to everybody in “usps.gov.” It wasn’;t really him that nailed the network. What happened was, fifty-five people all hit the “reply to all” button and there were millions of messages flying through the network trying to get to their destinations, and the whole infrastructure had to be taken down that night just so they could purge it of all the excessive e-mail.
Segaloff: When one is not sure about an e-mail attachment, what does one do?
Rosenberger: Just get rid of ‘em. Throw the e-mail away. I might respond to the guy saying, “I’;m sorry, but you sent me an attachment and I just don’;t trust it. Thanks.” Leave it to them at that point; they can either send it back to me and tell me why they sent it, or …
Segaloff: How are hackers caught?
Rosenberger: A lot of them are just stupid; they leave trails and they brag about it in chat rooms. A lot of this stuff qualifies as a joyride; they hack first and then they figure out what to do: “Great! We broke into Yahoo! Now what?” One of the things that was really “stupid” in my opinion was the American Exchange/NASDAQ hack. They could have gone blitzoid with that and really messed up the Stock Market. Instead, all they did was screw up the Web page a little bit. On the other hand, the Aastrum hack where somebody put a press release up on their site announcing a merger with their archrival—that was planned. They could have prepared two press releases for whichever system they could hack into, posted it, and then called their brokers to sell short or whatever they wanted to do. So there’;s a plot.
Segaloff: What do you think about hackers who break into a system and then say, in their defense, that they were doing a public service by showing how bad the security was?
Rosenberger: If you break into a Web site to prove a point, why not just go to the company and describe it in detail? You don’;t have to go out and do it.
Segaloff: The people who create antivirus software have to keep discovering viruses in order to survive.
Rosenberger: This is an important issue. There are a lot of guys out there who, in advancing the state-of-the-art in viruses, are, in turn, advancing the state-of-the-art in antivirus software. The antivirus vendors want to describe it as a parasitic relationship. In fact, it’;s symbiotic; but the antivirus vendors can’;t do anything to change the relationship. Besides, it would make for bad publicity if vendors went around saying, “Virus writers sometimes do useful research.” Antivirus vendors don’;t deserve the negative publicity for this symbiotic relationship, and I defend them on this point.
Segaloff: How would you describe what you do for a living?
Rosenberger: I fight virus hysteria. I get paid to fight it full-time now. Ironically, all of my fame comes from the very hysteria I seek to destroy.
The AOL4FREE virus warning hoax was just that. It was another in the growing stockpile of supposed viruses that were allegedly embedded in e-mails, but meant nothing.
Conversely, the AOL4FREE.COM Trojan horse, if run, was actually capable of deleting all files in a directory, and then the subdirectories, and finally the directory itself, but only on the C: drive of a DOS. system. It was not a Macintosh program. It was not a virus, but it was a Trojan horse, meaning that it enters one program and does a specific—and separate—job.