The Virus Writer And WiFi
from the and-now-what? dept
Security Focus, which tends to run some great articles, seems to have gotten the WiFi-fear bug all of a sudden. They’ve written a column, officially called Catching a Virus Writer, which actually just rehashes the fact that a virus writer today just needs to go out, connect to an open WiFi router, release a virus and walk out – and says they will never be caught. This isn’t new. People have been talking about it for ages. However, instead of just dredging up the same old argument about what happens when anyone can access WiFi and making people more afraid than they need to be, wouldn’t it have been a bit smarter to then take it a step further? The fact that there are open WiFi networks is a fact. It’s also not going to change any time soon. The folks who want to remain anonymous for things like virus writing certainly know this – and will continue to take advantage of it. Instead of just getting all worked up about it, how about pointing out the fact that this is why law enforcement needs to learn better methods for tracking down virus writers – and shouldn’t just rely on trying to track down where it was released. In fact, at this point, it’s unlikely that most attempts to track down viruses bother to look at the technical details of where it was released, because it’s likely to be a zombie machine somewhere. Instead, they look for other clues that lead to the culprit – just like normal detectives. Sure, it’s completely true that WiFi is open and anyone can access them. The same is true of any retail store’s front door. Someone could walk into one of those doors without having to give out their name, steal something and walk out again. Yet, we know this is true, and people tend not to freak out about open doors that don’t require identification. They realize they’re there for a purpose. Instead, they work on other methods of tracking down people who steal stuff. So, instead of writing up a fear-mongering report about virus writers using WiFi (and actually calling it “how to catch a virus writer”), why not write up a story about methods that really can be used to track down virus writers, such as looking for patterns in the virus that indicate an author or getting his (or her) friends to squeal – just like with regular criminals.
Comments on “The Virus Writer And WiFi”
Is *writing* a virus a crime?
One unanswered question here is whether the criminal act is the writing of a virus (or worm), or if the crime is in launching the initial attack against an unwilling target.
I’ve discovered vulnerabilities, and (prior to recent changes in the law) I’ve written exploit code, and even published exploits (“Proof of Concept” functional but not self-propagating code) to public mailing lists.
However, I’ve never launched an exploit against a server other than my own server or isolated willing test targets.
If we assume the crime is in launching the attack, then open WiFi is a serious problem, as it provides the criminal with an anonymous untraceable conduit to commit crimes.
Given that we cannot make the attacks impossible, the alternatives seem to be to: