[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] Hearing on ILOVEYOU / Fragen an McAffee

To: debate@fitug.de
Subject: [FYI] Hearing on ILOVEYOU / Fragen an McAffee
From: "Ralf Stephan" <ralf@ark.in-berlin.de>
Date: Thu, 18 May 2000 14:14:33 +0200
Comment: This message comes from the debate mailing list.
Mail-Followup-To: debate@fitug.de
Reply-To: ralf@ark.in-berlin.de
Sender: owner-debate@fitug.de

http://www.icsa.net/html/communities/loveletter/hearing_transcript.shtml
(SUBCOMMITTEE ON TECHNOLOGY COMMITTEE ON SCIENCE U.S. HOUSE OF REPRESENTATIVES HEARING ON COMPUTER VIRUSES)

...
WEINER: Thank you, Madam Chair. And I want to thank the witnesses.
You know, this must be a pretty humiliating experience for the McAfee
company.
WEINER: We have a virus that looks a lot like the Melissa virus, that
caused enormous amount of damage, theoretically, and was recognized
throughout the world, that was created by a -- not a particularly
well-educated or well-trained person who wanted to pay homage to a
stripper in Florida, and now another one that runs on the most popular
e-mail program, Outlook, on the dominant platform, Windows, on
everyone's computer tied to a phone line that looks the same and now
it might be, depending upon which of the news stories you believe,
might have been a young college student in the Philippines or his
sister or his teen-age cousin.
[back_top_txt.gif]
This outbreak occurs and we now say that well, oops, we feel bad about
it. Our stock price is going up and we're all over the TV talking
about Internet security and get this new piece of software and now we
need things like cyber-czars or new laws or something.
I mean that the bottom line here is that this is -- there's an
industry here that has come up to deal with viruses and this looks to
be like a groundball virus. This doesn't look that complex. You know,
it's a program that came into my computer and told me -- and set up an
automatic method of going into my address book. I mean, that doesn't
seem like that complicated. It doesn't seem that extraordinary. It
seems to me like the Melissa virus. It seems to me that we've had a
little bit of time to figure out how to do this. It seems to me that
some people are at risk.
And then, you know, I find out that there was an alert that went out
that said, "Careful, this virus is there." It came through my e- mail.
You might as well just call the e-mail "ILOVEYOU," because I wasn't
going to open that either. You know, I had my computer off. So it
seems a little silly.
And then we have computer help lines, 800-numbers which you might as
well, you know -- you might as well not even bother, because you
couldn't get through to anybody.
I mean, frankly, this is an utter and abject failure of an industry
that has sprung up to deal with these types of things. This isn't even
that bad of a virus. This doesn't even do anything terribly pernicious
once it gets in there. And we couldn't stop it.
So it seems to me that for the McAfee company and for other companies,
Norton, who make a living stopping these things, that this has got to
be a pretty bad day -- to come before Congress and hear -- I mean the
numbers are a little bit absurd, you know, the billions and hundreds
of millions. We don't know how much it costs. It might not have cost
anybody anything, but this must be a pretty bad day for the company.
[back_top_txt.gif]
And the company I would think is trying to figure out how it is that a
teen-ager in the Philippines whips the McAfee company so badly that
you come before Congress and say, Madam Chair, members of the
committee, hundreds of millions of dollars of damage was created by
this thing because, oh, we were so surprised it came across Outlook.
We're so surprised it was based on a Windows platform. We're shocked
it looked like Melissa. We don't know how they did it. They made e-
mail send to the address book.
I mean, this is -- this is stunning to me. I mean, you know, we very
often -- we here in Congress I think have done a laudable and smart
thing by stepping back from this industry in terms of taxation -- and
I just voted on taxation -- you know, a measure to move to the floor
that would continue the ban on Internet
taxation, in terms of regulation, in terms of all of the things that
the
industry has come and said and do, and then you come before this
committee, I don't know, what is it, once every three or four months,
and say, Oh, we were beaten again. We were whipped again.
This time, it's -- they're getting younger and less educated each
time.
So I guess, you know, I guess my question is, is it, you know, are we
going to have testimony in a couple of months from now saying we have
another virus that looked a lot like Melissa, but it doesn't go to the
fifth e-mail address, it doesn't go to your whole book, it does only
to the first 75 that begins with consonants that immediately follow
vowels, and we're stumped. We don't know what to do.
I mean, I don't understand exactly why it is that with all of the
technology that is available, with all of the consistent patterns that
we're seeing -- and this is the easy stuff -- Ms. England, God bless
you, but it ain't going to get any easier than this. I mean, they're
not going to knock on your door with a disc and say, this virus is
going out on Monday morning.
This is about as simple as it's going to get. And my constituents and
computer users all over the world are wondering, if you can't stop
this, what happens when they do something bad.
And I guess, you know, I guess the question would be, is why did your
stock price go up after this?
[back_top_txt.gif]
ENGLAND: Well, thank you for that. I appreciate your impassioned
comments. And a couple of things I would like to say.
ENGLAND: First of all, as Mr. Tippett said, programs -- computers are
meant to run programs and you don't always know if a program is a good
program or a bad program. And we cannot predict who's going to write
the next virus and where it's going to come from and what behavior
it's going to have...
WEINER: Can I interrupt? And I apologize because I know I've already
said a lot.
But what exactly do you think that anti-virus company does? You are
not supposed to be able to predict. The idea is you're supposed to
deal with viruses that come along. What form do they usually come in?
An announcement, a memo? They come in the form of something that
you've got to anticipate based on past experience at very least.
ENGLAND: And we do. Thank you very much.
WIENER: Well, but, Ms. England, here, let me just follow up on this.
If you had the Melissa virus that executed a very similar way, is it
technologically impossible to create a virus program that goes in,
looks at the thing and says, You know what? This sucker is going to go
and send 50 e-mails. Give me a little outlook box that says, "Are you
aware that you're about to send e-mails to 75 of your closest friends?
Press yes to cancel or," you know, whatever. You're telling me that's
technologically impossible?
ENGLAND: No, I didn't tell you that. In fact, I didn't say much at
all.
...

Blubb,
ralf
--
http://ME.IN-berlin.de/~rws/

Prev by Date: Re: [FYI] Brigitte Zypries (BMJ): "Waffenschein" für Hacker-Tools und:verdeckteErmittler im Netz
Next by Date: Re: [FYI] Analoger Rundfunk endet 2010
Prev by thread: Re: [FYI] Brigitte Zypries (BMJ): "Waffenschein" für Hacker-Tools und:verdeckteErmittler im Netz
Next by thread: [FYI] "Drohende Übernahmen gefährden nationalen Geheimschutz"
Index(es):
- Date
- Thread