World Virus Month or What?
by Charles Oropallo
Last month we talked about the mysterious (to most people anyway) CLOUD. Although we've heard tons about it to date, it is worth reminding ourselves of one of the worst problems lurking in every Internet nook and crabby: MALWARE. There are many common internet myths about this topic. I like the word malware more than most words describing Internet nastiness because it is all encompassing of the problem.
Here at CharlesWorks, we think malware is a pretty easily understood term: generally speaking, some kind of software or automated computer commands that causes your computer to be subjected to possible control by some unauthorized person or persons. So, to us, malware can be computer viruses, spyware, adware, and so on. While the computer viruses are usually the worst, the others can be so annoying that you lose productivity as your machine becomes less able to perform what YOU want it to.
People usually ask me How did this happen?
In most instances, you'll probably never really know. Consider yourself extremely fortunate if you DO know exactly how and when it happened. Many of the more sophisticated malware doesn't appear to "do" anything immediate to your computer. So you think all is okay. However, if you are "infected" you can now pass that along to others in your emails. Some of the more sophisticated infections can be passed into your website if you manage your website with malware on your computer. Very embarrassing when search engines warn your site visitors that your website is infected!
Then people often ask Why do they do this?
So let's enter into the equation here economics. In my example above, CharlesWorks, being a company, is driven by economics or it could not stay in business. Malware is driven similarly. There are two pieces generally involved: tricking the end user into loading the malware directly on one's machine in the case of email attachments, and getting an end user to purchase something via spam emails. Make no mistake about it - if doing this didn't generate billions of dollars in revenue it would not be done. With the exception of a relatively low number of malcontents looking for a cause - or just plain malicious individuals trying to hurt anyone they could hiding behind an IP address on the Internet - the individuals developing these malware payloads are in this for the money.
Finally they'll ask Can malware be avoided?
Honestly? No. Probably not the answer you wanted to hear - so I will explain why I say malware can't be avoided.
The software systems we are using to run our computers have evolved over many, many years of development. Believe me, the software was so much simpler in the late seventies when I first became involved with computers and operating systems. Today's software - in particular the computer's operating systems we have come to know (like Windows, CentOS, Fedora, and so forth) are incredibly complex. They consist of anywhere from thousands to millions of individual programs working in concert to allow us to make use of the computer system. The operating systems are interfaces between human beings and the computer hardware.
In large, complex systems such as these are, there are bound to be pieces of code that might be used in ways other than the developer originally intentioned. And that's exactly what happens. In the world of computer security, the ability to use the existing code in a malicious manner not intended by the developer is what we refer to as an exploit or as software exploits.
We are all familiar, I am sure, with the numerous security updates that happen to our various operating systems. These security updates are to patch the numerous exploits as the exploits are discovered. Again, the operating system softwares are so complex that sometimes even the security fixes might contain yet more exploits.
We can't avoid this. As a business owner, I can best explain this in terms of relating it to running CharlesWorks in general. I view the various exploits as not much different than our having to deal with blizzards, power failures, quipment malfunctions, human errors, and all the different things that are simply part of our costs of doing business - our business overhead.
Not to paint too dismal a picture here, however, we certainly CAN prepare for many potential problems - especially since we know it is reasonable to expect they might happen. For instance, at CharlesWorks we are ready for snow removal should we have the opportunity to experience a blizzard. Uninterruptible power supplies with power generator backup should the electric grid fail. Spare equipment and technical staff on hand for equipment malfunctions. Continued training, instruction and idea sharing to help reduce human error. None of these are any different really than applying the security updates on our computers (so our operating systems and any anti-malware software is kept as up to date as possible) to reduce the downtime when confronted with an issue!
In closing this, let me reiterate a few of the common sense rules as applies to the Internet:
- Don't open it if you aren't totally sure of who it's from and were expecting it
- Don't respond or even open emails promising sums of money for nothing
- Don't respond to emails about accounts with institutions you don't have an account with
Give CharlesWorks a call today at (603) 924-9867 and let people who care about you help you get onto the web.
In November 1977, Charles Oropallo authored and implemented a Bulletin Board System (BBS) called Access-80. Such systems were the forerunners to much of what is in use today. It operated on a Radio Shack TRS-80 Model I, Level II microcomputer. There were only a handful of such systems online for public use on the entire planet at that time. It provided personal messaging for local computer enthusiasts. It went online in East Greenbush, NY with a 300 baud modem and home brewed auto answering device. Relative speed and technological changes have been immense - today's dialup at its fastest speed is 53,000 bits per second compared to 300 then!
Access-80 was also concurrently placed online in Schenectady, NY. Then, in 1982, Charles moved from the Albany, NY area to Nashua, NH, and so did Access-80. Charles's original Nashua Access-80 setup is shown at http://Access-80.com. Before long Access-80 was concurrently online in Londonderry NH as well as Nashua. Access-80 remained online until 1987.
Charles founded CharlesWorks in June of 1998 in order to provide reliable and affordable hosting solutions. At that time he was only providing Internet connectivity for several personal and organizational websites at very low speed. Over time, Charles's desire to provide reliable (as well as still being affordable) Internet solutions moved CharlesWorks into more commercially oriented markets. Charles still helps individuals get personal sites on the web.