How many people love you?

by Alan Zisman (c) 2000. First published in Vancouver Computes, July 2000

How many people love you?

No, I?m not really interested in your personal affairs-- instead, I?m referring to the recent outbreak of  the LoveBug virus. The one that came as an e-mail message with the subject line claiming ?I Love You?.

I got an even dozen of those messages, all in a single day. The highest number that I?ve heard of was a Vancouver Health Department nurse, who told me she had received over 120-- ironic, that the health department was so widely infected.

Receiving a dozen ?I love you? messages caused me no harm (aside from a slight deflation of my ego when I realized that they weren?t meant personally). That?s because, like many computer users, I?ve learned to be as cynical of such claims in an e-mail message as I would be if a stranger in a mall stopped me to tell me that she loved me.

And like most such attacks, the damage occurs only if you run the file attached to the e-mail message. Because such files are specific to a family of operating systems, while Mac or Linux users could receive LoveBug messages, the attached files would only run on Windows-family computers. Users of other systems could sit back and enjoy feeling safe. In fact, the vast majority of viruses are, like the LoveBug, specific to Windows systems.

A cynical attitude, in fact, may be your best protection from virus attacks. Don?t believe what you read?those twelve e-mail messages were not (sigh) real expressions of love. And don?t open unexpected e-mail attachments, even if they appear to come in a message from someone you know. A number of recent attacks worked by hijacking the e-mail software?s address book, sending messages that appear to be legitimately from someone you know.

(My wife, who is an avid mystery reader, subscribed to the e-mail mailing list of one of her favourite authors. Soon after, we received a message, apparently from him, that included an attachment- Happy99.exe. Why would a mystery writer send his readers a file that, if double-clicked, show fireworks on screen? In fact, that?s the calling card of the Happy99 virus, another infection that sends itself to addresses in a Microsoft Outlook address book?and I got to inform a famous writer that he, too, had been infected. And was spreading it around).

While such attacks have given e-mail attachments a bad name, most attachments are harmless. A filename ending in JPG is simply a graphic. But files with names ending in EXE or COM are executible files on PC DOS and Windows systems?they are programs that will run. Files ending in JS are JavaScript files, while endings of VBS indicate VisualBasic Script files?such as the recent LoveBug. Unless you?re expecting such files, you?re best off not double-clicking to run them, at least until you confirm what they are from the sender. (And if they say, ?It?s a cool display of fireworks?, you should probably still leave it alone!)

Get and use an anti-virus program, but realize that no matter what program you?re using, it?s only as good as its data files?most antivirus vendors update these files monthly or even more often, but that?s no help if you haven?t downloaded the update. Symantec?s Norton AntiVirus, for instance, lets users know when their virus definitions are more than 15 days old.

But new viruses can spread any time. Having last week?s virus definitions won?t protect you against today?s virus. As a registered Norton AntiVirus user, I got a warning message about the LoveBug e-mailed to me from Symantec?right underneath the dozen infected messages. If I had opened their attachments, Symantec?s warning would have come too late.

If you don?t use Windows Scripting, you can remove it, making your system immune to attacks by VBS files such as the Love Bug. To do that, go to the Windows Control Panel, open the Add-Remove Programs icon, and go to the Windows Setup pane. Double-click on Accessories, and remove the checkmark beside ?Windows Scripting Host?. Instant added security.

Since many recent viruses are specific to Microsoft Outlook, you may decide to use a different e-mail program, such as Netscape Messenger (free with Netscape Communicator) or Qualcomm Eudora (free from www.eudora.com). Note that you could still receive the LoveBug, even though you wouldn?t spread it any further.

As I write this, Microsoft is working on releasing a security upgrade for Outlook and Outlook Express users. You can read more about securing these popular programs at: http://officeupdate.microsoft.com/2000/articles/out2ksecarticle.htm.

Finally, as with other potential computer dangers, the best protection is a recent backup of your vital data.

Just in the past few days (again, as I write this), the newspapers were full of headlines about another virus, this one being nicknamed NewLove. This one is harder to detect than the original LoveBug. While messages appear to come from someone you know (once again, hijacking an Outlook address book), the subject line and the name of the attachment changes with each message. (A clue is the letters ?FW:? in the subject line, though I?m sure a variant will soon appear without that characteristic). Moreover, the effects of NewLove?s attachment are more damaging and harder to repair than those of the original.

Despite that, I don?t know anyone who has received any of the new strain. Fingers crossed. Keep your virus definitions up to date, and stay cynical.
 
 
 



Google
Search WWW Search www.zisman.ca



Alan Zisman is a Vancouver educator, writer, and computer specialist. He can be reached at E-mail Alan