I have to disagree.

Merely because you have not YET _noticed_ an infection, does not mean that you cannot be, nor even that you are not, infected.

EvVERY system, even Linux systems, have vulnerabilities--the most dangerous system is one which you KNOW cannot be infected and isn't.

The only thing which has saved us so far is that criminals, like everyone else, tend to stick with the known, "tried and true" methods. This is why computer crime through the end of the last century primarily consisted of computerized versions of well-established crimes.

Even today, much of the Net fraud is merely an updated version of some past scheme which worked. (e.g. selling nonexistent merchandise, selling counterfeit merchandise, getting financial account information by lying.)

Only in the past few years have people begun to exploit the true potential for crime which the Net provides. And it IS only a small beginning.

There's no sense worrying about the CyberWar. It's been here for some time, and it isn't going to go away.

Like physical warfare today, CyberWar has no ethics, no non-combatants, no physical or logical boundaries, and no readily identifiable combatants.

Attacks can be as simple as someone using a neighbor's wireless Net access, or as complex as seeding military networks with file-sharing code, or manipulating commodities prices.

Given that the average programmer is just like the average anyone, most code is not particularly robust, and consists of a lot of non-functional or partially functional code. Most of it is slightly broken.

Error handling for many programmers is an after-thought, actually testing code for vulnerabilities is practically unheard of in many places--heck, much of the code isn't even properly tested to see that it functions correctly.

We will never stop misuse of computers any more than we can stop misuse of any tool. But we do need to spend more resources making attempts to make sure that we do not create more vulnerabilities than the minimum we can afford--and increasingly we can afford NO vulnerability.

Until the past few years, the most successful computer crimes were not computer crimes at all, but social engineering crimes. The long time typical espionage trick of exploiting human vulnerabilities.

Only recently have there been "pure" computer crimes, and even those have exploited the human temptation to take the easy route, and use insecure passwords and the like.

Only recently have there been organizations (companies) that make their entire living by supplying code to break into other systems.

Given the amount of trouble individual programmers have caused in the past, think of what a company with a few hundred people dedicated to writing stealthed criminal code can do.

And every large organization has resources directed at such attempts, whether in order to use them in the war, or to develop defenses.

The only defense that I see on the horizon which stands a chance of working is to develop intelligent, self-modifying software which can adapt itself to recognize and develop defenses against new threats. Of course it will be countered with the same code developing new attacks....

Today, it takes the average anti-virus company several hours to go from identifying a threat to having a defense. It may have taken hours for them to find out there was a threat. A new virus in the wild has several hours minimum in order to infect systems around the planet--and even after the defense is developed, it will take time to distribute.

A good virus will attack the anti-virus defense system first--subvert the defense and it will no longer work. Root-kits are a very solid way to do this.

The best defense I know of against root-kits is to keep all executables in secure memory--ROM would be best. At least the ROMed code can't easily be infected once it is in ROM.

We're in for interesting times.

wizodd

Earth is such a tiny insignificant thing that fighting over it is like ants in a bakery fighting over a single crumb.