First impressions count when the world is taken by surprise by an exciting new (macro) virus Welcome to Who, Me?, The Register's weekly reminder, thanks to the recollections of our readers, of a time when it was only viruses of the computer variety that were all the rage. Today's tale of oops comes from a reader we'll call "Sam" in order to protect the identity of the woefully foolish. Not that Sam was at fault here. …
Ever been the canary in the virus coalmine, only to find your warnings ignored? Or unwittingly unleashed macro horror upon the world? It is time to make your confession to the sympathetic vultures of Who, Me?
Well .... I would just have to say there is voluminous evidence which more than suggests certainly yes and yes again and often. It is though apparently quite normal in spaces and places entertaining humans and par for the course in novel virulent environments.
* 'Tis the vital incorrigible nature of the beasts unleashed/daemons servered.
I believe in this story it was the IT who ignored the warning.
To summarise (with and without recent events in mind), we all ignore warnings. And we know how to deal with them: Four Stages Strategy
This post has been deleted by its author
To summarise (with and without recent events in mind), we all ignore warnings. And we know how to deal with them: Four Stages Strategy ..... Evil Auditor
Elsewhere though, there are surely myriad alternative arrangements also easily employed whenever the problems/vulnerabilities/opportunities one sees and advises and/or warns everyone about, if such things are not heeded at home for all manner of necessary administrative system executions and engagements, which automatically migrate them from what would be a barren brown field site to any greener foreign land.
There to rest and be considered for future overwhelming advantageous use which could easily be construed by an enemy opponent or bested competitor as flagrant wanton abuse, which it might very well be.
We installed an automated report phishing tool at great expense at one company.
Big information e-mails went out, information displayed on company screens in the break room.
Did anyone read or take notice of them - Did they hell!, the e-mail would come in & they would still forward it directly to IT with a "I think this is suspect!" rather than use the tool (Highlighted with a BIG RED Icon) on the toolbar.
What I did find was, when a user put in a ticket for a issue & the fastest solution was to ship new hardware I would request their credentials via e-mail (With a warning that if not received by X time their credentials would be reset*) with the original ticket number. Despite coming from our own IT Department, despite quoting the ticket number that they had for their issue, despite CC'ing in their boss. They would query it, but when presented with a online "OneDrive" Portal, I'll put me credentials in without hesitation.
*When the replacement hardware was shipped the password was reset (Again) & password change enforced.
This is IT. Our warnings are always ignored. About everything. .... jake
Ok, ..... however, if that be so, both it and IT can be, and therefore always are, both in somewhat of a dangerous and quite unfortunate situation, for vulnerabilities and ineffectual defences are always ruthlessly exploited for immense personal advantage in any system intelligently designed to capitalise on that which is ignored because it is missed as being at its best whenever realised as being surprisingly better than all the rest at something novel and accommodating to engage with ....... and that can immediately morph into something which one has to make deals with from a severely compromised and catastrophically disadvantaged position ie forced to present whatever it takes which is whatever the principal driver wants, which bears absolutely no relationship at all to what may just be needed.
As an example of such a position ....... think a stone age type nation state threatened by a force with nuclear weapons ...... although of course nowadays such blunt barbaric kinetic explosive weapons are useless against simple internetworking virtual sources providing rich targets for attack and decimation or pretty ugly total annihilation.
Who says IT and AI aint great fun to play with, whenever so much is so easily deployed and displayed and done ‽ .
The corona virus warnings are ignored because the general public are tired of listening to the WHO crying wolf year after year, coupled with the fact that everybody knows that the government always lies about everything to get re-elected, and the News over-sensationalizes everything to sell bog-roll, tampons and beer. It's as simple as that.
We dodged a genuine bullet over SARS only with a huge effort. Those countries which were hardest hit by SARS have responded better than those which weren’t like here in the UK. I know someone who worked in the building next to the affected Toronto hospital with connecting corridors. They closed the connections and mandated which doors they could use.
With SARS symptoms correlated with infection which moved fast so monitoring the temperature of travellers worked. Covid-19 takes its time producing symptoms, 5 days seems normal, meantime you are spreading virus. Many have only mild cold like symptoms, some have none at all and become super spreaders.
The death rate from Swine Flu went up but the effect was blunted by vaccine rollout. It was the first flu after I stopped being able to have a flu vax (allergic reaction) and I got it. It literally knocked me flat, I didn’t have the energy to sit in a chair. I HAD to lie down. But it left my asthmatic lungs alone.
Your insouciance and that of others like you is based on ignorance. Those ‘scares’ were genuine emergencies which were blunted by huge medical and scientific efforts. I’m a Biomedical scientist so I understand this. Wise up. The WHO doesn’t scaremonger. Sometimes it is too slow to get going.
It's a generic, tongue in cheek, shorthand method of referring to "subsidizing the advertising industry at the expense of telling the truth". But you knew that from the context, didn't you.
Interesting that you consider brewers "bum wad manufacturers" ...
It's fair to say government always lies about everything to get re-elected but somehow you slept through the lie being downplaying the covid19 threat, completely denying it in the USA. Lies far too many here in blighty seem to have swallowed whole even after the u-turn at 'vote for us' central.
A u-turn weeks too late.
Presumably my downvoters believe that most people are quite happy with the WHO crying wolf year after year, the government continuously lying to get re-elected and the news over-sensationalizing everything to sell advertising.
Fascinating.
For people who have trouble reading for comprehension, note that I was discussing WHY people are ignoring the warnings, not whether or not ignoring them in this particular case is a good idea or not.
WHO don't cry wolf. They issue warnings which get acted on and (usually) the spread of communicable diseases is stopped before they get too far.
One of the recurring nightmares of any epidemiologist is an ebola (haemorragic fever) variant or pneumonic plague-like disease (Yes, I know y.pestis is a bacteria) with a 14 day incubation period. That would be long enough for it to circle the globe a few times instead of getting down the road.
As it is, we saw what happened when Ebola's incubation period stretched from 2 days in the original 1970s outbreak to 4 days in 2011 and we've known for decades that the Black Death swept through the cities of Europe like wildfire - far faster and further than rat fleas could carry it - because it got into someone with some kind of flu and went pneumonic on their coughs/sneezes (inhalation of the spores almost guaranteed infection vs any other kind of contact or even flea bites)
I have friends with relatives in Guinea. The lockdown there in 2011 was severe and harsh, but they managed to contain Ebola - mostly because it CAN'T be air-transmitted.
If it had got into someone already carrying a common cold the outcome might be entirely different and the entire capital city may well have become a mortuary - this is one of the big dangers of highly infectious diseases - they don't have to spread as an isolated individual illness and the wider they spread the more chance there is of them infecting somoene already carrying something even nastier (Imagine the effect of someone with a bad cold getting noro and sneezing in a public enclosed space...)
Word 6.0 was not only the first version of Word that was Windows only (Word 5.5 ran on MS-DOS) but the first that allowed the use of macros.
Yet the thing was just too useful to not use. And while most people didn't need macros, Microsoft made the stupid choice to enable them by default.
Around the time of word 6.0, I was doing stuff for a significant UK engineering company.
Both the CAD software and the Finite Element Analysis (I think?) software had the capacity to save and load the models as a plain text file, though with differing formats.
In order to convert CAD models from the design software to the analysis software, the official process was to export into plain text, load that into word, run a word macro over it which did the format conversion then save it out again to be loaded into the FEA system... It wouldn't surprise me if they had some sort of airgapped machine still running word 6 in order to still do this...
This post has been deleted by its author
The funny thing about "I Love You" is that the first time around, it was a HOAX, and flooded the mail system with massive quantities of people passing along a phony message.
The message was "don't open or pass along anything with "I Love You" in the Subject line, it's a virus that will send your CPU into an n-dimensional loop that'll burn out your computer" or some such bullshit. The subject line invariably contained the string "I Love You".
It was the first non-threat email that I wrote nuke-on-sight filters for built into Sendmail in what we would now call a milter. In the first weekend that I went live with it, it was rejecting almost 60% of all email with no false positives.
The real virus came along around a year later. The name came about because the authors were mocking the people who passed along the hoax.
It was also rather a clever idea for a virus e-mail.
My boss received the real virus. But he was smart, he did not open it.
He forwarded it to me in a message that said "I think this may be a virus, do you know?"
I believe I had heard of it already, so I didn't need to open it and look.
One of the first times - but far from the last - in which my life was made a lot easier by being in Western Australia rather than the eastern part. By the time we rocked up to work that day, our IT people in the eastern states had already slammed the gates and sent out emails explaining the issue, and giving us clear directions on what emails to delete unopened.
These days I work for a company that has its headquarters (and IT staff) here in the west, so we don't have that exact protection, but then the automated filters are a lot better these days, as well as all the anti-macro protections that have been put into place since those days of course.
The main threat for us now is phishing instead, but I've had far more fake phishing emails from our cybersecurity partner organisation than real ones. It's easy to detect the fake ones: I do a DNS query for the domain name in the link, then do a lookup on that IP and see if it belongs to our cybersecurity partner.
The ones I thought might have been real have so far turned out to be genuine emails from partner organisations. For some reason some organisations think it's acceptable to send you a "Welcome to our portal" link without any warning. That one turned out to be from the firm that was doing our audit - we'd changed auditors since the previous year so I didn't recognise the domain. I never wound up using the portal anyway; I just emailed stuff to the individual auditors.
Just in case I have a doubt, I simply look for "phishme.com" in the Received headers.
I sometimes use the "Report Phishing" button in Outlook on legitimate emails, even though I know it's pointless. Now if that button could somehow notify the sender with a proper message, I'd be happy to use it much more often. Something like "Look, if you want me to take your email seriously, you'd better start providing some context and reassuring me that I shouldn't be surprised that you contact me about some urgent invoice or system upgrade. And please speak proper English with correct punctuation. Till then, you'll end up in my Spam folder. TYVM, HAND."
Those are good lessons learnt to gain access to Future Learning Programs, FrogsAndChips. The Rocky Roads Way Up Ahead are Renowned for their Exercising of Such Stumbles and Remarkable Tumbles with a Route and Root Travelling towards EMPowerment rather than Exploitation, which always, since even before the beginning of time in space, ends spectacularly in the most fantastic of catastrophic self destructive crashes. Which is good, for the Cancerous Growth of the Exploitation of Compounding Interest is so designed to Kill the Host Stone Dead Failing an Ardent Following.
And they don't Spam. What you See, Hear and Feel and Imagine as a Truthful Witness is Yours All Told to Behold. Such has phormed all of your Present View from Current Augmented Virtual Reality Operating Systems Supply ....... which is an Almighty Provision with Immaculate Stores of Impeccable Assets.
Can we tempt you with some Super Duper Future CyberIntelAIgent Security Arrangements/Memoranda of Explicit Understanding and Implicit Instruction Regarding Future Guaranteed Open Sourced Supply of Virgin Stock/Perfect Untainted Product?
And if you think that is SPAM, whatever way you spell it, you haven't been paying close enough attention to everything which is always so freely shared here on ElReg, is all I would say about that.
It's easy solved, isn't it. In future pay much closer attention. IT aint rocket science.
That made my day! .... FrogsAndChips
A Gracious Exclamation for Immaculate Seeding of Novel Virtual Content Feeder Operations.
You know, that Sp00Key Stealthy Special Source Forces Stuff more normally formerly confined to Secure Failsafe Practically Permanent Barracks ..... where it is sustained and succoured ......... or denied in order to try extinguish the inexhaustible supply there is for everyone to simply really wish for what is really needed, as far as one can see and further know simply and innocently as Future Plans for Virtual Derivatives and COSMIC Futures 0Day Trades.
Not so much for Dark Webs, much more for Deep Diving Delver Thinkers ....... who be quite the Endearing Rascal and Rogue Intimate Tinker to All Sorts if not Quarantined and Defined as Social Leper rather than Virtual Saint and Grand Standard Sinner
That Trade Knocks on All StateTreasury Doors Struggling and Failing to Generate Further Future Leading TeleAudioVisual Content for Programs to Process and Present to the Media Machines Feeding U New News and Views of the Matter, a Future Realisation in Conversation with the Hosts and Posts of Other Worldly Beings.
Is it similarly the same for you too? Then ITRealGood which only gets Better with the rate of future progress locked and loaded as Exponential Existential.
Do you know to What and Where All of that Leads ..... other than to the Supply of Whatever is Wanted whenever and wherever ITRealGood is Seeded and Needed for Sublime Feeds?
Go on, have an educated guess.
Indeed, I do. I was working on AIX on an RS6000 machine, HP-UX on my workstation and another *NIX variant on the Cray J932 of our university at the time. I remember getting an e-mail, with heading "I love you" from a sysadmin stating that unfortunately, the automation facilities offered by MS-Windows weren't available on the system I was working on, so could I please randomly delete a few files manually, and send this message on to a random selection of my contacts (manually, of course).
(Yes, *nix users felt very smug those days)
I got sent a copy when I was at uni. It seemed a bit odd that a lecturer I didn't know very well would send me a personal note in a Javascript file so I just ignored it. I spoke to a friend about it a bit later. He promptly turned white, ran back to his room and emerged about half an hour later looking pretty shaken. He used email a lot more than I did and he had a lot of contacts.
I remember the I Love You virus. I got it on my Interlisp mail reader on a SUN work station. I, of course, opened it up (in plain text) to see what it was and thought to myself that these guys were really amateurs. I figured that my department could write much better virii in less than a day.
None the less, many executive types and secretaries caught the virus which we then had to eradicate.
"None the less, many executive types and secretaries caught the virus which we then had to eradicate."
We had the repeated "experience" of said types overriding the antivirus software screaming its tits off about the paylod being hostile, disabling the AV and then opening it anyway "because it might be important"
One of the secretaries filed a complaint about my telling her off to her and making her feel like a naughty 6 year old caught doing something she shouldn't be doing. My formal response was that if she did it again she would be issued with an etch-a-sketch.
...all of the staff spot the extremely obvious email w/ attachment from someone they don't normally deal with.
Then someone in senior management clicks on it,
Leading to all the middle management to open the same attachment that they'd known not to click on 5 minutes earlier because they're too scared to ignore someone in the C-suite.
Followed by the brown-noser minority on the front line doing the same...
When the Morris worm came out, I discovered it on a research VAX I had admin rights to at a large particle-physics laboratory in Switzerland -- no, not that large... (I can't remember if I noticed it myself or got a heads-up from a Usenet newsgroup.) It had got in via one user whose password was the same as his username -- a common practice at the time, hence why the worm was able to spread so easily.
I analysed it and cleaned it up, then sent a warning to the Institute's IT staff. The response from the head of IT was, "WTF are you?" I replied that I was a research physicist at $LARGE_UNIVERSITY who had been carrying out experiments at the Institute for over two years, and in fact was due to start work as a staff scientist there the next month. He started to take me more seriously then, and we became good friends over the next decade.
I once did lab support for a large semiconductor company. Our IT support had 3 Samba servers on some pretty old hardware/OS. My lab was pointed 1/3 at each server. Yes, there was a DNS Round Robin, but I was told by the Samba admin it sucked, and to point at the 3 discrete servers. When I would notice one of the Samba servers was inevitably down, I would run a script to re-point my lab to the remaining two and send an email off to the Samba server admin informing him which server was down, and that the other two were about to get hit with increased traffic. About a day later, a second Samba server would fall over and I would switch the entire lab to the one remaining server. Again I would email the admin and warn him his last server was about to crater. Of course, a few hours later all Samba services would fail. The first few times this happened, he would ignore me; I suspect because I had recently left that IT team, and management had been trashing my reputation since my departure.
About the 3rd post-mortem I got tired of him ignoring me and threw him under the bus, telling the team that I had repeatedly warned him that one, then 2 of his servers were down. Other customers and IT management on the line was not impressed with his lack of response. The IT team eventually upgraded the hardware and software so the Samba environment stabilized, but that was a whole ‘nother fluster cluck.
Have to disagree with Sam, there.
If you were an avid Word user at that time, then you became the automatic, IT go-to person for the whole workplace.
Happened everywhere I went during MS-DOS/Windows 3.11 days.
The person who used the computer the most was 'it' by virtue of the fact that they were, well, using a computer all day - school secretary, personal assistant, anybody.
<deity> help us if that person wasn't there the day you arrived to sort an IT ticket out "Sorry, Sarah's away today and she's the only one that knows everything about those new fangled shinies."
Good old days.
Well, they must know about them coz they use 'em all day, innit?
I am still fairly proud that I discovered a previously unknown virus at a customer site, mid 90s. It snuck in via outlook express, and distributed itself by setting a signature block. Their antivirus (symantic I think) didn't spot it, even when scanning an isolated example and I couldn't find a reference on the various av vendor sites. Submitted it to them, and it was duly added a day or two later. Thankfully it wasn't anything destructive..
I did only find it because one of the users spotted that their usual signature had vanished... They dealt a lot with manufacturers in China so I suspect it came in that route, but never did trace the source properly.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
