Tag Archives: millennium bug

Millennium Falcon crash and burn

Ironically, we seem to be seeing more date-related issues this month than we did at the start of the noughties, unless The Register is making this all up, which doesn’t seem likely.

http://www.theregister.co.uk/2010/01/05/windows_mobe_bug/
http://www.theregister.co.uk/2010/01/04/bank_queensland/
http://www.theregister.co.uk/2010/01/05/symantec_y2k10_bug/
http://www.spamresource.com/2010/01/spamassassin-2010-bug.html

[And this one:
http://www.msnbc.msn.com/id/34706092/ns/technology_and_science-security/?ocid=twitter]

It’s not really surprising: this is a more-or-less accidental cluster of somewhat similar bugs, as far as I can see. It’s certainly not an industry-wide issue that was foreseen years in advance and therefore attracted serious proactive research and remediation.

In fact, if there’s a lesson here, it’s one for the people who dismiss the entire Y2K remediation issue as hype and wasted resources. Well, there was a great deal of hype around at that time (did anyone actually see a Y2K virus?), and a number of consultants made money out of advising IT people on the ground to do what they were already doing.

However, given the (short-term) impact of this handful of unanticipated (but fairly easily fixed) bugs, I think it’s reasonable to assume that if system administrators and support technicians all over the globe hadn’t done that proactive remediative work, the first weeks of the new millennium would have been a lot more dramatic.

Like Ross Anderson (http://www.cl.cam.ac.uk/~rja14/Papers/y2k.pdf), I doubt if the sky would have fallen, but some of the consequent issues would have been harder and more expensive to fix reactively.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Pedants R Us

Or, “shouldn’t that be Pedants R We?”

Talking of The Register, congratulations to John Ozimek for a l33t post that indicates a command of the art of pedantry that leaves even me feeling outclassed and open-mouthed with admiration (really).

http://www.theregister.co.uk/2009/12/31/end_of_days_decade/

It brings nostalgic tears to my eyes remembering the arguments of yesteryear as to when exactly the new decade/millennium really started. 😀

Happily, I hope to be well out of computing before the next storage wraparound Big Issue:

http://en.wikipedia.org/wiki/Year_2038_problem

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Another Anniversary

As I’ve pointed out elsewhere, it’s been something of a year of anniversaries. And as Mikko Hypponen has pointed out at http://www.f-secure.com/weblog/archives/00001846.html, around this time ten years ago we were preparing for global chaos as the Millennium Bug bit.

Well, actually, it largely passed me by. The institution I worked for decided that Y2K had no security implications, and in fact wasn’t really an IT issue, so they handed it over to the library to manage, though the IT department still did all the actual work, as far as I remember. In the event, I believe one piece of lab equipment misfunctioned when everything was switched on again after an enforced break over the New Year: not, as I remember, in any critical way, but it was ten years ago.

In fact, my principle memories are of going to bed early on New Year’s Eve and being awoken by a thunderous firework display over East London, and of fielding an awful lot of questions about those Y2K viruses that never turned up. And of being rapped over the knuckles after the event for hinting in an article for an in-house publication that there had ever been any risk of an unforeseen event. It’s always reassuring to work for people who know everything about everything.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

The Death of the Virus

Yet again, New Scientist shows us the way to put ourselves out of business. (Yippee, retirement at last!)

Years ago on alt.comp.virus, someone came up with an astonishing solution to the virus problem. Since all virus detection is signature-based (ahem! really?), why not generate all the possible malware signatures proactively, so that viruses would be detected before they’re written? I did try to explain the difficulties of that approach at the time, but I was handicapped by gales of helpless laughter that seriously impaired my typing.

Now those tremendously clever chaps at Qinetiq have invented a whole new wheel. They’re in the process of patenting a process that will “intercept every file that could possibly hide a virus” (cool: they could call it something like, oh I don’t know, generic filtering…) and “and add a string of computer code to it” (another cool idea: perhaps they could call it “immunization”). Not just any computer code, but (gasp) machine code (please stop tittering at the back there) which will be inserted into the file headers to stop it executing, in the event of its turning out to be a program. If it isn’t a program, apparently the code will have no effect (I’m sure we can assume that no application worth having will be confused by having aliencode inserted into data file headers…) If it is a program, it will either be stopped in its tracks or sent into an infinite loop. Would that be an infinite binary loop, then? I guess they’re borrowing some code from Good Times.

Apparently this countermeasure will be introduced onto mailservers, on account of all those pesky attachments. Presumably, once this is implemented as an actual product, they’ll resume work on eliminating the millennium bug before they start on Trojans.

Originally, I was planning to insert a few satirical comments here. But somehow it seems like redundant effort.

Tip of the hat to @DaleInnis for drawing my attention to this gem.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/