Vmyths.com

Hoaxes, myths,
urban legends

Columnists

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

38 man-years of hysteria

Rob Rosenberger, Vmyths co-founder
Friday, 1 June 2001

As read by the author (MP3) "PLEASE CHECK YOUR system. It only takes a moment."

"It only takes a moment"? Get real. I'm guessing 38 man-years of hysteria. Alert the media.

This quote — from a typical duped user — begs us to calculate the incremental amount of time consumed by sulfnbk.exe hysteria. The antivirus industry loves to pull numbers out of their butts, so I hope you don't mind if I pull a few out of mine.

(grrr POP! oof POP! grunt POP!)

Uh, I guess I should say "pardon me." I don't normally pull numbers out of my butt like these guys do. Man, they make it look easy! No sound effects at all when they extract a brown-tinged guesstimate. They must practice a lot.

  • 500,000 duped users

  • 04 minutes to locate the file on their PC
  • 01 minute of panicky decision-making
  • 07 minutes to update antivirus software
  • 15 minutes to scan system for viruses
  • 01 more minute of panicky decision-making ("what do you mean, 'no virus found'?!?")
  • 01 more minute to delete, then permanently delete, the file
  • 06 minutes to compose & send a virus warning to everybody
  • ----
  • 35 minutes total

So let's derive a guesstimate. 500,000 dupees at 35 minutes per dupe, divided by 60 minutes, divided by 24 hours, divided by 350 days. Yowza! I'm guessing 35 man-years of hysteria. Somebody alert the media.

No, wait! We neglected the "post-mortem phase." (POP!) Hey, my butt doesn't hurt this time. In fact, it almost felt eroti-- So where was I? Ah.

I'll guess 100,000 people will consider restoring the file. Let's say two minutes to fire up the modem and another eight minutes of surfing. Most of them will give up when they read the first instruction: "locate your Windows 98 CD-ROM." We'll suppose 5,000 owners search the den room for five minutes each. Only 4,000 will find it, and a thousand of them will call it quits with the CD-ROM in their hands. "Regis is about to come on, and I can fix my stupidity anytime I want..."


LET'S SAY IT takes the remaining 3,000 people another 15 minutes to restore the file. I guess 175 of them will screw up and spend the next two days trying to save/rebuild their hard disks. (Can you say "ouch"?) A little more math brings us to a grand total of--

Drumroll, please! I'm guessing 38 man-years of hysteria. Okay, now somebody alert the media.

Hey, you know what? Sevens and Ones seem to pop out of my butt easier than any other number. Coincidence?