The Technofile Web site has moved.

Technofile is now located at
Please update your links, bookmarks and Favorites.  

Virus attack leaves me wondering

technofile  by al fasoldt

Columns and commentaries in a life-long dance with technology

Simple gray rule

Nationwide virus attack leaves me wondering: Who's in charge?

By Al Fasoldt

Copyright © 1988, The Syracuse Newspapers

There's an untold story in the furor over the electronic virus that infected 6,000 mainframe computers across the country earlier this month.

Left out of the many accounts of the prank pulled by a Cornell graduate student is something that could be the single most important issue of computer networking in the next decade.

It is put most simply in the form of a question: Who is in charge here?

In more complete terms, it can be stated this way: Are we placing too much trust in the systems managers who run our nation's medium- and large-size computer systems?

I am posing this question for a practical reason, not a theoretical one. Lost in the furor over the mass electronic break-in is the fact that it could have been prevented—if the people in charge of the computers had been doing their job.

The hacker exploited a weakness in the operating system of these computer systems. The weakness was known to the operating system's designers, and the company that supplies the operating system had long ago sent notices to all its customers explaining how to patch the operating system to fix the weakness.

All these thousands of systems managers had to do was read their mail.

Most of them didn't. Most of them ignored the plea from the operating system's designers to make the fix before someone broke into these computers through this weak area, called the "back door."

There is no other word for this than incompetence. Those who think it's unlikely that most mainframe computer systems managers are incompetent—at least in this one area, if in no other—have their heads in the sand.

Think of it in terms of human viruses. If doctors throughout the country were warned of a potentially dangerous weakness in a major drug and most of them did nothing about it, how forgiving would we be? We would demand that the medical profession act immediately to remove those doctors who don't have enough sense to protect the public.

Are we going to do the same thing in regard to our systems managers?

I'm a realist. I know what the answer is. They'll go on protecting their jobs by making up excuses. They'll tell the people who hired them that the entire subject is too technical to explain, but they have the situation well in hand.

Bull. Every systems manager who ignored the warnings on the flaws in Unix, the operating system that the hacker sailed right through, should be fired.

It's as simple as that. It's time that we treated networked computer systems seriously. It's time that we stopped accepting the technobabble from these incompetents as something that no one else can comprehend. The rest of us can comprehend it just fine, thank you.

If you agree, mail a copy of this column to your boss. Send a copy to the person who hires and fires the systems manager in your company or university.

Send ‘em a message before another hacker sends them something else.

 Image courtesy of Adobe Systems Inc.technofile: [Articles] [Home page] [Comments:]