gmuslera's Journal: Crop Circles

Remember the trailer of "Scary Movie 3"? There was the explanation of crop circles... an arrow to the house with a legend saying "attack here!".

The MyDoom virus avalanche make me remember that scene... some clueless window user is having in a very visible corn field the "attack here" message, and even they put it on tv to be sure that no alien (well, for the analogy, call them crackers, spammers, scriptkiddies, etc) is unaware of it, in a world when is certain that aliens exist (for more evidence, check server log files, or even the amount of spam in your inbox).

And the hidden question, how to "fix" the problem, how to make in short term that users be aware of that behaviour, and an a long term, that they not do that again?

The short term problem could be or not very hard. Maybe an antiworm like the one that appeared with codered/nimda could be made, when the server/user gets a mail with the virus, it try to connect to the infected machine (the one listed in the last "Received" line) using the backdoor that the virus install and uninstall the virus or upload some text info to the user desktop. The main problem with this is first moral, and if the code to use the virus backdoor is widely known those computers will not only be warned, surely will be hacked. But ,anyway, I think that giving the amount of mail traffic the virus is already having, that risk would be acceptable.

The long term solution is a bit harder. Mail worms exist since last century, but users still have no clue on how to behave with them. How much damage should to this or any future massively spread mail worm to take government, legislation, etc to try to stop from the root the problem giving the red card to the use of Microsoft Products, Outlook or similar? Just hope that that kind of measures don't limit freedom for the well behaved internet users (you know, those that change freedom for security dont deserve any of both or something like that).