Brave New World

Another year and some excitement. For those of you who have kept up with the popular press will realise that four of my first predictions in our 100th issue are a fact or will be in a few weeks time. No, this is not an “I told you so” article but you will quickly learn that we will certainly have to be more alert to the rapidly changing world around us.

So what was this present I did not want? You probably all know that where we have inter-active web sites, for example, Windows Update, we employ what is known as Active X technology. Simply put, code generated remotely is used to make things happen at our end on our computers. So when we go to update our Windows files the Microsoft server actually interrogates our machine to see what is need by each and every one of us and then offers us the files we need for download.

This Active X component can be anything you like and do whatever the programmer wants it to do. I set my browser to ask me whether I choose to permit such programs to run from any web site I visit. In many in-stances, I refuse because I do not know if that site can be trusted or not. Equally obviously when updating my Windows files I give that permission freely. One actually has no option there.

So there I was on a site, operated by a reputable web experts group, and because I was chasing some information, I had to permit this feature to run. All was well until I wanted to change some of my system set-tings. Windows started to com-plain it could not find a whole string of it’s system files. Now how was that possible?
Because most of Cybercons machines run under Windows XP, the first solution was to roll the system back to a previous day when everything was fine. But oh dear, the system restore feature did not exist all of a sudden.

The next step was to do a full anti-virus scan followed by a firewall log check and an Adaware scan. All turned up negative, meaning I could not find anything. By this time, I had disconnected this computer from the network in an attempt to keep the problem isolated.

The last tool in my immediate defenses was to turn on Win-dow's’ own firewall. The much-criticized XP firewall gave me the first clue where nothing else had. It asked whether I wanted to allow a certain file to run because it appeared to be part of a worm. Log onto the web via an-other machine and oh boy! Things could not have been worse.

Yes it was one of the very latest worms that disabled both my anti-virus software and my firewall software. What was fiendishly clever was that both appeared to be working but actually were totally disabled. This worm also renamed itself every time it executed, so to track it down became a nightmare. To make matters worse, it would not allow me to log onto the Norton site to update my virus definitions and request a remote scan that I can recommend as a most useful feature provided by several AV companies. Should you ever need this just log onto my web site’s anti-virus page. All the links you will need are there.

I generally avoid rating commercial software but I was very impressed with Norton. Because I could not do the usual automatic update, I chose a manual update and the downloaded files that I presumed to be only virus definition files, turned up trumps. The download included a clever piece of software, which actually recognised my predicament and gave me a very effective option to repair my hacked software. Say yes to everything and bingo! My anti virus was working again and finding this nasty piece of work. So delete everything in system restore because all files are referenced there including any viruses, re-install my firewall and things were back to normal. But not for long. Next day produced exactly the same problems.

What on earth was happening to me? Some follow up reading made me see red. This particular worm had opened a port on my computer and connected me to, of all things, a chat room. Someone there was actually controlling my computer and hacking into it again.

A very acrimonious email was sent to the web site responsible for that inadvertent down load. The reply was prompt but of little use. It was not us! Yet it had to be an inside job. Hope-fully whoever the culprit is in that organisation is now out of a job, although I doubt that. I did request a confirming message to be posted on their web site and to date I have not seen it. So, the guilty party may well be their webmaster.
By this time the needed procedure was clear to me and things were restored in quick time. The cost to me was nearly five days of hair tearing, many expletives and it certainly took care of my festive break.

So, what is the point of my story and what has it got to do with my predictions?
Radio connectivity is about to commence in most of the states and lo and behold, the majority of the new mobile phones that will be almost all singing, all dancing and based on Symbian technology, are now capable of being infected by viruses. Proof of concept viruses named Cabir and Lasco have been sent to all the major AV companies and also released into the wild – meaning they are out there! In their present state, the damage is not great - just a flattening of the batteries in quick time. But they also employ Blue-tooth technology, another way to describe radio communications, and that means your mobile phone, if infected, can also at-tack your printers and scanners and other devices forming part of your computer system, should it also features Bluetooth connectivity. Given time these nasties will become more “imaginative” and will be able to wreak all kinds of havoc.

The Finish AV experts F-Secure have help available and using your new phone you will be able to download the detection and removal software straight from the web to your phone.
The advice given in the past now only becomes more important and cannot be overstated. If you do not know what it is, do not down load it – to your computer or your phone! And per-haps next time your not so clever author will heed his own advice.