|
Editor's
Note - 05.16.02 |
|
According to the DMCA (see below), we,
as US citzens (if you are not a US citzen, please forgive
my presumption), have a moral obligation to outlaw felt-tipped
pens, electrical tape, and Post-It notes. We are also
obligated to criminally prosecute all retailers and wholesalers
who market these items. Please, read on to follow my reasoning.
I am sure that most of you have been able to infer by
my comments in the past how I feel about the DMCA. I am
not advocating piracy of copyrighted materials, however
fair-use has become a casualty of the DMCA.
The DMCA states that "Section 1201 divides technological
measures into two categories: measures that prevent unauthorized
access to a copyrighted work and measures that prevent
unauthorized copying of a copyrighted work. Making or
selling devices or services that are used to circumvent
either category of technological measure is prohibited..."
The reason that I mention this is in reference to certain
copy-protected "CDs" (technically, these are not CDs because
they do not abide by the CD standard) that will crash
a computer, sometimes requiring service to that machine
in order to repair it (see below).
Now, personally, I think this is stepping *way* over the
line, but that is not the issue at hand here. What is
the issue, is that the copy-protection of these disks
(because as I mentioned, they are not CDs) can be easily
circumvented with a felt-tipped pen, electrical tape,
or Post-It notes (see below). Under the DMCA, that
means that these items are illegal and that the manufacturers
of them are *criminally* negligent. This being the case,
I am thinking about starting a class-action lawsuit on
behalf of the record companies against all corporations
that manufacture these devices and all retail outlets
that distribute them (because under the DMCA, these are
illegal).
Let me know what
you think.
|
|
|
Most
Common Viruses According To SARC
|
|
Viruses are becoming more and more prevalent everyday
(as if you didn't already know that...). This being the
case, I decided to compile a list of the most common viruses
according to SARC (see below), along with links
on detection and removal procedures for each. It seemed
that having this information in one place could be very
helpful for those of you that have to deal with these
viruses.
First of all, there are several sites that I would like
to point you to that are the first place to look whenever
you suspect you are infected with a virus, or you suspect
that you may have found a virus.
The first of these sites is CERT (see below). For those
of you that are unfamiliar with CERT (Computer Emergency
Response Team), it is a non-profit organization located
at Carnegie-Melon institute that focuses on computer afflictions.
This is a great site, not just for virus information,
but for information regarding security vulnerablities
and patches as well. Check out CERT below.
The next place that I would like to point you to is SARC.
SARC is Symantec's (Symantec is the company that makes
Norton's Anti-Virus software) site devoted to identifying,
detecting, and removing viruses. Being that SARC is a
commercial site, many of their solutions (i.e. removal
tools) will only work if you had Norton's Anti-Virus installed
prior to infection.
McAfee, another anti-virus software vendor, has a site
very much like Symantec's. Like Symantec, some of the
removal techniques will require that you have had McAfee's
software installed prior to infection.
Lastly, another commercial site, is Sophos. I found it
a bit discouraging that in the list of recent threats
on Sophos's home page there was no entry for the Klez
virus; however using the search on the site, I did find
plenty of information regarding it. You can find out more
below.
The most common virus right now is the Klez virus. There
are several variations of the Klez virus (the most common
being klez.h), so rather than list them all as individual
viruses, I am going to group them under one category.
The Klez virus is a nasty little guy that will infect
executables located on the infected machine. This is accomplished
by creating a hidden copy of the original file and then
writing itself over the original file. The hidden copy
is encrypted (making recovery more difficult) but is not
infected with the virus. This encrypted original (the
hidden file) will have the same name as it did before
the infection took place, with a random extension added
to the file name.
The Klez virus is an iframe attachment that will infect
a machine simply by viewing the infected email in the
preview pane of your email client. Keep in mind, the Klez
virus will forge the email header so that infected emails
it sends out could have any of the addresses it finds
in the address book or on html pages stored on the hard
drive could be the address in the "from" field of the
email. I mention this so that you don't contribute to
the problem by emailing (nasty emails) to a bunch of people
that may not have the virus.
Symantec has a page devoted to the Klez virus and its
variants...(see below).
McAfee has a page similar to Symantec's page......(see
below).
AntiVirus.com offers instructions and a free removal tool
for the Klez virus. Sophos also offers instructions and
a free removal tool for the Klez virus...(see below).
The rest of the viruses I will be listing are relatively
old, but still roaming the 'net. Judging by when these
viruses where discovered (one of which is almost two years
old!), users need to be a bit more aware of updating their
anti-virus software, or consider using software that is
not affected by these viruses. This is by no means a definitive
list of vendors. I tried to pick the most popular anti-virus
vendors, however if yours is not listed, drop me a line
so that I can include them the next time I do an issue
like this one. So, here they are, the most common viruses
in circulation (behind the Klez virus) as of the middle
of May, 2002.
W32.Badtrans.B@mm
November 24, 2001
(The original Badtrans was found in April, 2001-- this
is a variant of that worm)
See below for more info from these vendors.
Symantec
McAfee
Sophos
Trend Micro
W32.Nimda.A@mm
September 18, 2001
A note about Nimda, there are *many* variations. Be sure
to read up on how to check and see which version you may
have at your respective vendor's site.
Symantec
McAfee
Sophos
Trend Micro
W32.Sircam.Worm@mm
July 17, 2001
Symantec
McAfee
Sophos
Trend Micro
W95.Hybris.Gen
September 25, 2000
Symantec
McAfee
Sophos
Trend Micro
This is not a definitive list of all the viruses roaming
the net. This is simply a place to begin your search.
Most of the sites listed below will provide you with a
wealth of information regarding finding and removing these
infections from your machine(s). If this article has been
helpful, please
let me know.
|
 |
News
Headlines
Get
Free Email Newsletters
|
|
|
|
|
