Truth About Computer Security Hysteria
AVHQ controversy, part 2
Friday, 6 February 1998
[continued from part 1]
"AVHQ.ORG" DISAPPEARED SOON after I unearthed its hidden ties to Cheyenne. The domain now displays a nearly blank page with a few cryptic characters. The announcement message (and Cluley's query) disappeared along with it — CompuServe data shows Richard Levey visited NCSA's forum around the midnight hour of 4-5 February.
Is "Robert Strabismus" a pseudonym?
strabismus: (n.) a disorder of the muscles of the eyes, as cross-eye, in which both eyes cannot be focused on the same point at the same time.
Webster's New World Dictionary
PC World NewsRadio reporter Brian McWilliams confirmed Levey works in Computer Associates' antivirus group. Listen to audio of Strabismus' & Levey's voices to decide for yourself if it's the same person. You can also download one of the log files Levey touts in his announcement.
Computer Associates can now spend the weekend to decide how it might respond to the following questions:
Hypothetically, let's suppose an antivirus company discovered someone raided their virus library. They would face extremely thorny questions such as:
- Did Richard Levey raid Cheyenne's virus library for "3,500 unique macro virus samples and over 27,000 unique com, exe and boot sector viruses"? If so, did someone at Computer Associates authorize it, or did Levey act on his own?
- Did InterNIC originally identify Cheyenne or Computer Associates as the owner of avhq.org? Did InterNIC originally show Levey as the administrative contact?
- Who owns "Anti-Virus Headquarters Inc."? Does it truly exist as an incorporated entity? Did someone file the necessary paperwork to conduct a business in Chicago?
- Who dismantled the avhq.org website, and why? Who deleted Levey's announcement on CompuServe, and why?
- Why did avhq.org purposely hide its ties to Cheyenne in the first place?
Stay tuned, folks...
- How did the employee obtain unauthorized access to thousands of virus samples?
- How many other personnel might have also raided the virus library?
- What changes will the company make to prevent future unauthorized access?
- What punishment (if any) will the company mete out to its rogue employee(s)?
- How will they react if an employee threatens to openly distribute his ill-gotten collection?
- How will the company's competition react to this embarrassing event?
[continued in part 3]