Truth About Computer Security Hysteria
British ISPs lead the way in email-centric virus security
Thursday, 17 February 2000
HER MAJESTY'S ISPs continue to lead the way in email-centric virus security. PIPEX announced a
deal with Symantec to give personal/SOHO customers a copy of Norton AntiVirus 2000 at no extra charge.
Additionally, PIPEX will offer NAV2K updates via local servers. "The agreement forms part of Symantec's
global strategy to integrate its anti-virus and URL filtering technology into the Internet
A business-centric ISP known as Hiway trumpeted a deal with Content Technologies. They'll offer "a fully
hosted service to protect customers from the breadth and depth of e-mail-borne threats including malicious
content, Spam, viruses and virus hoaxes, encrypted files, executables, video and image files, obscene material and
British ISPs seem to recognize email's status as the Internet's "killer app." I know some U.S. ISPs
recognize it too — yet disproportionately few do anything about it right now. ("Skate at
your own risk," as we Americans like to say.) PIPEX & Hiway made an important move by adding a layer of
security to email.
Take AOL, for example. Our current "global" virus problem will change drastically if/when they take on
email attachment security. Why must X-thousand PIPEX customers protect themselves from Y-million
AOL customers? AOL should end this one-way security relationship. Pronto.
(Sadly, I can't even lead AOL to water. I unabashedly like them, but their computer security team won't talk to
me for some reason.)
Why must X-thousand PIPEX customers protect themselves from Y-million AOL customers? AOL should end
this one-way security relationship. Pronto.
I WANT TO take a moment to applaud PIPEX for setting up local NAV2K
servers. Why? Simple: antivirus firms' bandwidth cannot support the
occasional worldwide virus hysteria. PIPEX's decision means panicky customers
will update quickly even if Symantec gets swamped.
According to the FBI's own logic, reporters launched numerous "distributed denial-of-service
(DDoS) attacks" over the years against major antivirus companies. You want to talk about gazillions of
dollars in lost revenue? Let me rewrite a recent Wall Street Journal story for effect:
Imagine that a
See my recent tirade for more thoughts on this subject. Mark my words: local servers will
someday rescue Symantec from PIPEX's own customers.
malicious prankstergullible newswire reporter arranged for 10,00025 million
people around the world to start dialing your phone number, over and over again.
That, in effect, is what the Web sites of
Yahoo! Inc., eBay Inc., E*Trade Group Inc.Network Associates, Symantec, Trend Micro, F-Secure, Sophos
and other big Web sites were up against this week when they fell victim to what is rapidly becoming the most
worrisome security problem on the Internet: the " denial of servicevirus hysteria," or
As its name implies, this attack doesn't aim to damage computer files, as often happens with viruses, or steal
important information, such as credit-card numbers. Instead, it aims to simply keep an
Internetantivirus site from operating. But while computer experts have long known how to defend
their systems from the likes of viruseshysterical computer users, they say there is so far no
sure-fire way to defend against D.O.S.V.H. attacks until they are already under way.
These attacks all take advantage of the inherently open and trusting nature of the
Internet's basic designinternational press, in which all Web messagespress releases
are presumed to be valid ones from legitimate sitesmedia outlets. In effect, the
attackersreporters have figured a way to turn one of the Net's most distinctive and enticing
qualitiesindustries against itself.
The ultimate long-term solution, security experts say, requires new Internet software and hardware standards that
deprive the D.O.S.V.H. attackers of the tools now available to them.