Sunday, November 8, 2009

Thoughts Upon an Encounter with a Virus

The news this year has been full of stories about the H1N1 variant of the flu virus. The rate of contagion has reached official pandemic stages, though the flu season has barely started. H1N1 vaccines are scarce, and all the publicity has put the normal seasonal vaccine in higher demand as well. Worried parents, official office policies, and overwrought newscasters all react to the possibility of the virus causing real, serious problems. But H1N1 isn't what I'm writing about this evening. Thankfully, so far, I have not contracted a real flu. My main computer, however, did contract a virus. Given the increasingly digital nature of our lives, computer viruses can be just as annoying as the real ones.

Computer viruses, in all their various forms subvert the general utility of the computer for the purposes of crime or destructive mischief. The virus I got was of the former type. It included the ability to watch for inputs to certain sites to capture my login credentials. Luckily, since I have a hardware firewall, in the form of a router, separating my machines from the Internet, the evil thing should not have been able to communicate properly. It's still a worry though. I haven't run active virus software in years due to the horrible toll it takes on a computer's performance. Lately however, I had gotten complacent in my scanning. I became suspicious when the machine gave me an error at login that I hadn't seen before, and immediately installed Microsoft Security Essentials. It found and identified the little bugger, but it wasn't able to actually completely clean it out.

Like real viruses, computer viruses are changing constantly. Completely new viruses and variants of existing ones are constantly being released by the nefarious people who create them, and some even have the ability to change their own code to escape the detectors. This results in the same situation as real life: there aren't always ways to defeat a virus, and no antivirus product is completely effective. Sometimes the only way to cure an infected computer is to completely replace its hard drive(s). Yes, that's a bit like nuking it from orbit, but it's the only way to be sure. Happily for my computer a combination of two antivirus products (both free) and some research on the web appear, with reasonable confidence, to have gotten rid of my little infection. In any case, I'm back to being diligent about my antivirus scanning.

One of the consequences of everything in the computer being numbers is how simple it is to be destructive. Early in my computer science education I learned how to render a hard drive unreadable with one instruction, or go a long way toward erasing it with three. That's one of the reasons they teach ethics as part of a CS program. These days, both hardware vendors and software writers are much, much more aware of the danger of malicious code and the need for secure and defensive programming in general. But the beasts remain at the gate. Sending spam e-mails pulls in huge amounts of money for the criminals, and using infected computers (often called "zombies") to send them reduces their costs to essentially zero and makes them very difficult to track.

The lesson here is simple: the price of the Internet is eternal vigilance. Put another way, it's a spin on the lesson of the Tower of Babel: when computers are allowed complete communication, they can accomplish anything, even their own destruction. Fight the evil: run your virus scanners periodically, if your machine suddenly changes how it behaves scan it immediately. If the scanner finds something, punch it into Google and see if you can find a description of what it might do and how it spreads. Be aware of others you may have exposed.

Also, get a flu shot. Just in case.

No comments: