Truth About Computer Security Hysteria

GOODBYE TO ALL THAT: How Vmyths Fought the Good Fight

VMYTHS, THE FAMOUS Internet resource for virus hoax information and freewheeling comment on computer security, will cease regular operation in mid-July.

The Inter­net's inde­pen­dent re­source for virus hoax in­for­ma­tion and free­wheeling comment on com­puter secu­rity will cease regu­lar oper­a­tion in mid-July.

Whether a serious attempt will be made to resur­rect Vmyths upon com­ple­tion of Rosen­ber­ger's mili­tary tour has yet to be determined.

Rob Rosenberger, founder of the site, is mustering out to the Persian Gulf on extended deployment for the United States Air Force. He will be writing classified histories of units of interest. [Editor's note: Smith cites details found in the public record.]

Coupled with a two-year collapse in revenues from advertising, Vmyths was left without means of support or the ability to pay its small staff to continue in Rosenberger's absence.

So, barring a miracle in giving, Vmyths will no longer be updated.

Whether a serious attempt will be made to resurrect Vmyths upon completion of Rosenberger's tour has yet to be determined.

Vmyths was an expert source that people still use and have used heavily. It was split into two parts: hoax references — an urban legends archive focused on computer virus myths — and weekly, sometimes daily, critical commentaries on hype and exaggeration in the computer security industry.

It provided depth of information and an annotated historical context for the hoax material from 1995 to 2003.

Vmyths has proven as valuable to scholars and policy-makers as it has to the put-upon corporate worker looking for a way to convince his peers to stop mass-mailings of the JDBGMGR.EXE and "It takes gut to say 'Jesus' " virus hoaxes.

Whether cited by a RAND Organization research fellow or Consumer Reports magazine, Vmyths' reputation as the primary source for virus hoax information was well deserved. Indeed, a Google search returns an astounding 10,200 "hits," an ocean of reference spread over everything from small mailing lists to general interest magazines sold in supermarkets to the nation's major daily newspapers.

In fact, it is fair to say that over the past half-decade most mainstream technology writers have, when covering computer viruses, at one time or another pointed their readers at Vmyths.

AS VMYTHS EDITOR, Rosenberger was known for outside-the-box keynote speeches at computer security conferences, most notably those hosted by Carnegie-Mellon's Computer Emergency Response Team and the Department of Energy's Computer Incident Advisory Capability (CIAC).

Vmyths punc­tured the prac­tice of news by press re­lease and lam­pooned in­dus­try apparat­chiks fond of regu­larly pro­claiming the end of cyber­space at the hands of some virus or piece of mobile malware.

Vmyths' unique and expert intellectual capital made an effort to be accessible to everyone, not just information security geeks. It was also utterly free of corporatese and jargon — rare qualities in America in subjects that have anything to do with networked computing.

When Vmyths began compiling virus hoax information during the mid-90s as www.kumite.com (Rosenberger's personal domain), no antivirus companies were seriously involved in the practice. Such information was viewed as a drag on resources. No benefit was seen by antivirus software developers in furnishing it for its employees or customers.

At the time, Rosenberger was a sergeant in the USAF's first computer network defense regiment, the 609th Information Warfare Squadron, based at Shaw AFB in South Carolina. [Editor's note: again, Smith cites details found in the public record.]

However, as the number of hoaxes multiplied, so did another curious thing — the number of people calling and e-mailing help desks nationwide in search of advice on protection from a contemporary, albeit electronic, form of the ghost story.

Effectively, the phenomenon became a significant burden on corporate e-mail as well as anti-virus and information technology help lines. Vmyths was the only regular source of reliable information on the subject to which people could be referred. By way of illustration, Microsoft took the step of aiming its intranet links to Vmyths as a remedy to rising levels of hoax forwardings in employee e-mail.

Eventually, Vmyths' work shamed antivirus software developers into erecting their own virus hoax mirrors.

In a related vein, during the mid-90's what regular media coverage there was of the antivirus business was overwhelmingly the domain of stenographers and regurgitators of corporate propaganda. Vmyths continuously examined the business of antivirus, and later the computer securing industry, from critical standpoints.

Vmyths punctured the practice of news by press release and lampooned industry apparatchiks fond of regularly proclaiming the end of cyberspace at the hands of some virus or piece of mobile malware.

It did this in a thorough, informative, entertaining and regularly quite insolent but always convincing manner.

Vmyths attempted a fund-raiser among its users but Rosen­ber­ger's distaste for mar­keting in any form made it a watery re­quest for help. It netted only twenty con­tri­bu­tors to the tune of a couple hun­dred dollars.

Vmyths legitimized the calling of corporate & government computer security and cyber-terrorism rubbish ... rubbish.

MORE RECENTLY, VMYTHS attempted a fund-raiser among its users but Rosenberger's distaste for marketing in any form made it a watery request for help. It netted only twenty contributors to the tune of a couple hundred dollars.

The fund-raiser will remain open until Rosenberger leaves for the Central Command theater of operations. If you can give, Vmyths asks urgently that you do so.

Donation link at Vmyths:
/resource.cfm_id=84&page=1

[second edition]