Catching the bug? The GCN Lab has warned
before about virus hoaxes, but this time the warning is about a real virus called CIH 1.2
that can overwrite hard drives and corrupt flash BIOSes. The virus supposedly will strike
a large number of PCs on April 26.
Earlier versions were activated on the 26th of the month and tried to corrupt BIOSes.
Such attacks rarely succeed because of the specialized nature of BIOS software. But disk
attacks could have serious effects.
To avoid unpleasant surprises, update your antivirus software and back up data. For
more information about this and other viruses, go to the International Computer Security
Association Inc.s Web site at www.icsa.net. Specifics about CIH 1.2 appear at www.icsa.net/virus/cih_bulletin.shtml.
Calling out the big guns. Federal agencies
have an ally in the war against unauthorized intruders as well as those annoying, everyday
The Federal Incident Response Capability Center (FedCIRC), created by Presidential
Decision Directive 63, has staff available 24 hours a day, seven days a week to give
immediate assistance after a system emergency. FedCIRC promises to aggressively challenge
any individual or group that tries to disrupt federal systems.
The centers Web page at www.fedcirc.gov has helpful hints for detecting
intruders, keeping system drivers updated and using antivirus software.
Win98 cross-examines your apps. Another black eye for Microsoft Corp. followed soon
after the adjournment of its antitrust trial. Users discovered that Windows 98 and Office
97 applications, working together, digitally key all your documents to information that
can tie them to your PC.
Documents created in Offices Excel, PowerPoint or Word applications record the
network interface card address of the PC on which they reside. The number is unique to
each machines NIC and in theory could be used to track any document you create.
Microsoft has stated that it keeps no databases to track users by their NIC addresses.
Privacy advocates, however, say that no matter how the tracking numbers came about,
they leave users vulnerable to infringement of privacy by Microsoft or others.
The geeks wont stop. This observation was passed along to the GCN Lab staff by
e-mail: Trust the computer industry to shorten year 2000 to Y2K. Isnt that the
kind of thinking that caused the problem in the first place?