Sally Watson, Silicon.com "There is no way of stopping viruses"

Internet Consultant Richard Smith We may see much worse versions of the virus

Friday, 5 May, 2000, 14:21 GMT 15:21 UK Are computer viruses unstoppable?

By BBC News Online's Damian Carrington The flurry of "ILOVEYOU" e-mails bouncing around the world has spectacularly failed to increase the peace for computer users.

And network managers face further torment as the relatively simple code of the virus is tweaked. Anti-virus company Symantec has already spotted 10 mutations and expects dozens more.

If we remember what our mothers told us and don't take candy from strangers, we can prevent a lot of these things Eric Chien, Symantec Anti-Virus

The Love Bug, as it has become known, is predicted to cost businesses over $1bn and is not the first virus to have a major global impact. ExploreZip, Melissa and Chernobyl all wreaked havoc.

Obviously, the virus writers are to blame. But people have always scrawled graffiti on walls, and now the internet means their tags can appear on screens all over the world - they are not going to stop.

So, with computers integrating ever deeper into business and home life, why can the viruses not be stopped?

Software problem

Only people using Microsoft software are vulnerable to the Love Bug. One expert says the company's applications create opportunities for virus writers to exploit.

Peter Sommer, a UK government advisor and a member of the Computer Security Research Centre at the London School of Economics, told BBC News Online that Microsoft created these by building in to their software the tools needed to customise applications.

"Microsoft customers are going to have to ask the company to review very carefully the level of functionality that they are putting into their systems," he said.

He notes that Love Bug and Melissa both harnessed programming tools embedded inside Microsoft software: "One has got to ask why products are put out which contain these programming languages, which may be of use to perhaps only 3 to 4% of the customers but for everyone else presents a considerable threat.

"These features are also very difficult to turn off. The lesson from Love Bug is that people must be able to kill off this programming functionality within applications programs."

"Not a technology issue"

However, a Microsoft spokesman told BBC News Online: "This is not a technology issue, it's an issue of motivation from the guy who created this virus.

"The software it was written on provides functionality for business purposes and millions of customers use it to create critical productivity applications all the time."

No-one is ever going to win - we create technology to beat the virus writer, he tries to get round them. It's an arms race and its always going to be that way Eric Chien He added that Microsoft was working with companies making anti-virus software and continued to recommend its use.

Natural target

Eric Chien, head of Symantec's anti-virus research centre in Holland, is not so hard on Microsoft.

He says the company's software is the natural target for virus writers because it is by far the most widely used in the world: "If you write a virus for MS Windows machines, you can hit nearly every person using a computer."

He also says a balance has to be struck between software usability and safety: "There is a fine line between programmability and security.

"Microsoft are not ignoring the issue and have responded to suggestions we have made. For example, macro viruses are most rampant out there, but most people don't use macros in MS Word. So why not have the capability turned off as default - Microsoft have responded to that in MS Word 2000."

However, even the anti-virus software companies have been criticised.

Action and reaction

Alex Shipp is senior anti-virus technologist at UK company MessageLabs, which provides software that scans e-mail at the internet service provide level, i.e. before it reaches the user's network or desktop: "We are proactive in stopping these viruses, whereas anti-virus companies are reactive."

Mr Shipp claims MessageLabs were the first to identify the Love Bug virus as dangerous.

"We saw it first at 0043 BST on Thursday," he told BBC News Online. "Our heuristic scanner looks at characteristics that viruses have and this one rang all the alarm bells - so it was blocked as a possible virus."

The next copy did not arrive until 0700, with just seven more by 0800. But by 0900, over 500 copies had flooded in. None of the e-mails were delivered to users.

The technology is not 100% foolproof though. Out of the thousands of different viruses MessageLabs received in the last two years, three have got through.

Common sense

Symantec's Eric Chien agrees that this pre-emptive approach is promising: "Scanning things at the server level is definitely what we will see in the future. We call it clean pipe technology, but of course everything takes time to develop."

However, he is also certain that technology will never stamp out viruses completely: "No-one is ever going to win - we create technology to beat the virus writer, he tests those technologies and tries to get round them. It's an arms race and its always going to be that way.

"Technology should not be not your first line of defence - that should be common sense."

Mr Chien says opening unsolicited e-mails and attachments is like taking gifts from strangers in the street.

"If we remember what our mothers told us and don't take candy from strangers, we can prevent a lot of these things from happening."

http://news.bbc.co.uk/hi/english/sci/tech/newsid_737000/737396.stm

-- Martin Thompson (mthom1927@aol.com), May 08, 2000