[linux-elitists] sobig.f: Microsoft Windows virus, not computer virus

Karsten M. Self kmself@ix.netcom.com
Sat Aug 23 01:31:35 PDT 2003

on Sat, Aug 23, 2003 at 04:36:46AM +0000, M. Drew Streib (dtype@dtype.org) wrote:
> On Fri, Aug 22, 2003 at 09:21:00PM -0700, Karsten M. Self wrote:
> > Users of other operating systems -- GNU/Linux, Macintosh, FreeBSD, BeOS,
> > etc., are immune to infections from this virus (though Lord knows,
> > we're getting enough crud from the rest of you out there).
> As you sort of stated, my GNU/Linux mailserver is far from immune, in that
> I'm currently processing and throwing away in excess of 20,000 viruses/day,
> chewing approximately a quarter megabit of 24x7 bandwidth.


> I'm not infected, but I'm far from isolated from the problem, and nothing
> I can really do about it.
> Thanks Microsoft.

Why don't we thank them personally?

What are the meail addresses for the following individuals or roles at

   - Chairman Bill Gates (popularly taken to be billg@microsoft.com)

   - CEO Steven Balmer

   - Chief Counsel Brad Smith

   - Head of the secure computing initiative at Microsoft:
     (someone tell me if it's intentional irony that the secure
     computing initiative at MSFT has a mismatched security cert).

   - Product managers for MS Office, the various legacy MS Windows OSs,
     MS Outlook, MS Outlook Express, and MSIE.

   - What the hell.  The Sustainable Computing Initiative has probably
     been suffering for attention:


       Hell, their news page still principally announces the
       Initiative's founding, a year ago in May, 2002.  To date, the net
       public activities appear to be one workshop.  The Sustainable
       Computing Initiative appeas to be in need of some sustinance and

       People:  http://www.sustainablecomputing.org/people.html

   - Microsoft lobbying fronts:  
      http://www.softwarechoice.org/  (no email listed)

What's going on here?

My personal count of SOBIG.F virus receipts now stands at about 840.
None of which can run or otherwise harm my system...other than taking up
filtering resources, download time, network bandwidth, and storage until
such time as I can delete the messages.

The cry is getting louder that these viruses aren't the fault of users,
despite a half-dozen news stories I've heard in the past two days saying
that "users just haven't learned".  No, if the problem can't be solved
by changing user behavior, then the problem isn't the user, but of a
mis-designed operating system used by the vast majority of the
computer-using public.  Clearly, the vendor of this system isn't feeling
the pain.

Maybe they should.

There are a number of aspects of these onslaughts which are starting to
get remarkably annoying.  One is the spam generated itself.  Another is
the rebound effect on mailing lists of a dozen or more "helpful" spam
filtering systems happily announcing that they've intercepted a spam
message "you" (the list) has sent.  Then there are the misguided
responses to spam spoofed to carry your own address that you receive
(I've got about 80 of these as well).  Etc., etc.

So I make a modest proposal.

Virus filters should forward copies of the viral spam to Microsoft.
Chairman Gates.  CEO Ballmer.  Mr. Brad Smith, chief counsel.  Product
managers for the operating systems and office suite, as well as LookOut
itself.  Marketing, sales, and human resources.  And of course,
postmaster and abuse addresses.   Virus alert messages should be
similarly forwarded to the major AV software vendors:  Symantec, Norton,
Network Associates, Kaspersky Lab, and others (based on my own current
receipts).  Not to mention Microsoft's lobbying organizations (after
all, they need feedback from the grassroots, right?), and your favorite
Congresscritters from Microsoft.

A small fraction of the 600 million users out there sharing a small
fraction of the thousands of virus mails they receive, might start to
share the pain.  And the pain is directly porportional to the ability of
this illegal monopoly to clean up its act.

As to what to report:  my rule of thumb for virus mail is:  mail
scored as spam containing an executable attachment (see, for example,
filtering rules for exim, I'll post a followup link).

Really, enough is enough.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Windows Refund Day II:  fight for your right to refund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030823/177f8df8/attachment.pgp 

More information about the linux-elitists mailing list