Digital Imagination

Most of the people who read this blog are not technical, but all of you whom I know personally have heard me talk about network security. I’ve told you to install Firefox, update and install virus-checkers, get rid of spyware and adware, and even run a scan of your computer at grc.

Now, I’m going to try to keep this relatively simple, but the reason I’m so keen on this subject is because proper computer security is not just for your personal and financial security, it’s for everyone’s.

I’m going to give you a small quote from an article I just read. It’s part of a speech by Dan Geere where he discusses the NIMDA virus, which very few of you will remember. On September 18th 2001, a week after 9/11, NIMDA was responsible for knocking out nearly 1/3 of the world’s computers. In his speech, Dan explains how we almost suffered an even more devastating loss:

“…As you know, nearly all malware in the wild persists there. An older virus called E911 was such an example. E911 would cause your modem to dial 911 repeatedly; that is all it did. Now when I call you on the phone, the circuit stays up until the calling party disconnects. When I call 911, however, the circuit stays up until the called party disconnects, a difference that is done at the switch for the obvious reason that you do not want the intruder to cut the phone line and the Police Dispatcher to have to say “Now whom was I talking to?” For the Police to hang up on a 911 call when the calling party has gone away requires a human decision, made under uncertainty, done at human time scales. Because of this, it is possible to saturate a 911 console and that is precisely what the E911 virus was crafted to do — saturate a 911 console.

The E911 virus was old and forgotten on September 18, 2001, but it was still available on the net and, of course, the Internet in the fall of 2001 was still dominated by dial-up connections. We got lucky in the simplest, stupidest, dumb luck kind of way. No jackass had the imagination to grab the E911 virus and re-target it at the backdoor NIMDA was busy installing at warp speed everywhere while we all were pre-occupied with watching CNN 24×7. If someone had done that, then everyone in America would have gotten up the morning of September 19 only to find that there was no emergency service available nationwide; it would have been turned off everywhere and all at once, like a light switch. While that would not have been a disaster of a physical sort, I submit that it would have been a grand mal seizure of the public confidence. Clinically that defines terror, it would have required no planning just opportunistic reaction, and it would have been an unpredictable event whose downstream influence was out of all proportion to is concrete effects. 

On September 18, 2001, we escaped a public loss of confidence by luck and luck alone.”

This is why I focus on security so much, this is why I talk about it every time we speak on the phone. When you leave your computer unpatched, or run poorly-secured programs, you literally open yourself up to the world. When you do, you will be the cause of a “Digital Pearl Harbor“.