Vmyths.com


Hoaxes, myths,
urban legends

Columnists

Newsletter
signup

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

Rob Rosenberger

Virus writers! Send your résumé to...

Rob Rosenberger, Vmyths co-founder
Saturday, 12 February 2000 AN EMBARRASSING EMAIL started circulating in the computer security world. Crypt newsletter editor George C. Smith learned of it before I did and filed this report:
Earlier this week, an unusual "ad" — seemingly a call for virus writing skills — was issued from the US Air Force's CounterMeasures Engineering Team (CMET), an attachment to the Air Intelligence Agency/Air Force Information Warfare Center in San Antonio. CMET, according to a handy database on the Federation of American Scientists' website, "identifies and develops countermeasures to correct vulnerabilities in stand-alone and networked computer systems." Distributed to a couple of computer security mailing lists [notably comp.risks and iwar], it read:
DATE: January 27, 2000 16:18
Subject: Virus coder wanted Computer Sciences Corporation in San Antonio, TX is looking for a good virus coder. Applicants must be willing to work at Kelly AFB in San Antonio. Other exploit experience is helpful.
USAF will end up looking bad — thanks to a goofy email from Com­pu­ter Sciences Corp.
The author of the memo, James Drissel, requested resumes be sent to him via e-mail at CMET. As silly as it appeared, the memo was real, and it quickly became an object lesson on the necessity for clear thought before hurling a potentially inflammatory request into the Net's electronic aether where it will be preserved for eternity in a variety of archives and search engine databases. Initial telephone calls to Computer Sciences Corporation offices in San Antonio confirmed the curious job call but a talk with James Drissel quickly uncovered that, on second thought, a "virus coder" wasn't, perhaps, really what CMET had in mind. "We're interested in having someone who can look at the effect of computer viruses upon the security of the network," said Drissel by phone. Upon further discussion it was fairly obvious that the interest was for a computer security expert with skills in computer virus analysis and troubleshooting in a networked environment. It was a clear fumble in execution and CMET was beginning to realize the mistake it had made in creating the appearance of requesting the services of virus coders internationally on the Net. By the afternoon, Drissel's superior at CMET, Computer Science Corporation's David Donahoo, had retracted the ad. "As [James Drissel] should have explained . . . the posting was entirely in error. We are not now nor have we ever been looking for a virus coder. Sorry for the confusion," wrote Donahoo in an e-mail to Crypt Newsletter. Unfortunately, real life is never that clean. Because of the hysteria that always accompanies the topic of computer viruses and the ineradicable nature of archived information, CMET's ad for a "good virus coder" will be seen for months, even years, to come. It will doubtless wind up — mentioned directly or by second-hand report — in magazine articles, think tank reports, perhaps even Congressional staff briefings, on the subject of information warfare and computer security. And it will be taken as simple evidence that the US Air Force is interested in hiring virus-writers at the Air Intelligence Agency. This, perhaps, will cause more gossip and articles in the foreign press about the US military's involvement in developing offensive capabilities against computers. All because someone hit the "send" button in error.
There you have it: Drissel wrote a goofy email. CSC doesn't need a virus writer, let alone one with exploit experience. They just want a security expert. Send your résumé to CSC's employment office. I assume Goofy got his hand slapped because of this email. Unfortunately — as Smith asserted — it gives infowar kooks more ammo. "I told you the Air Force Information Warfare Battlelab writes viruses. They pay contractors to do it so the military can maintain plausible deniability. Even Taiwan writes viruses these days, you know..."
You think these current denial-of-service attacks impress me? Bah. Today's woes don't hold a candle to the damage caused by Good Times mass hys­teria. Gul­lible email users launched deva­stating "dis­tri­buted denial of ser­vice attacks" on numerous occasions.
"But Rob," you moan, "those users only meant well. The cur­rent attacks are mali­cious." And your point would be...?
SMITH'S COMMENT ABOUT "the necessity for clear thought" makes me wonder if Drissel ever forwarded a virus hoax. Bogus alerts clog email systems because people just don't think. You think these current denial-of-service attacks impress me? Bah. Today's woes don't come close to the damage caused by AOL4FREE's mass hysteria — and they don't hold a candle to the original Good Times mass hysteria. A lowly intern can still topple robust email networks just by forwarding a virus alert. Gullible email users launched worldwide "distributed denial of service attacks" on numerous occasions. Did a U.S. Attorney General ever launch an investigation about a virus hoax? No. Did a U.S. President ever call a summit meeting about threats posed by naïve computer users? No. Did a goofball ever go to trial for sending a bogus virus alert to all@pentagon.mil? No. "But Rob," you moan, "those users only meant well. The current attacks are malicious." And your point would be...? Well-meaning or not, each creates a massive distributed denial of service. If you don't like getting lumped in with the bad guys, then stop forwarding hoax alerts! Start using your noggin like Smith said. And learn a lesson from James Drissel. He only meant well when he embarrassed Computer Sciences Corporation and the U.S. Air Force. (Postscript: my wife noted this opinion piece will embarrass Drissel. Point taken, honey. I only meant well...)