The Virus Writer And WiFi

from the and-now-what? dept

Security Focus, which tends to run some great articles, seems to have gotten the WiFi-fear bug all of a sudden. They’ve written a column, officially called Catching a Virus Writer, which actually just rehashes the fact that a virus writer today just needs to go out, connect to an open WiFi router, release a virus and walk out – and says they will never be caught. This isn’t new. People have been talking about it for ages. However, instead of just dredging up the same old argument about what happens when anyone can access WiFi and making people more afraid than they need to be, wouldn’t it have been a bit smarter to then take it a step further? The fact that there are open WiFi networks is a fact. It’s also not going to change any time soon. The folks who want to remain anonymous for things like virus writing certainly know this – and will continue to take advantage of it. Instead of just getting all worked up about it, how about pointing out the fact that this is why law enforcement needs to learn better methods for tracking down virus writers – and shouldn’t just rely on trying to track down where it was released. In fact, at this point, it’s unlikely that most attempts to track down viruses bother to look at the technical details of where it was released, because it’s likely to be a zombie machine somewhere. Instead, they look for other clues that lead to the culprit – just like normal detectives. Sure, it’s completely true that WiFi is open and anyone can access them. The same is true of any retail store’s front door. Someone could walk into one of those doors without having to give out their name, steal something and walk out again. Yet, we know this is true, and people tend not to freak out about open doors that don’t require identification. They realize they’re there for a purpose. Instead, they work on other methods of tracking down people who steal stuff. So, instead of writing up a fear-mongering report about virus writers using WiFi (and actually calling it “how to catch a virus writer”), why not write up a story about methods that really can be used to track down virus writers, such as looking for patterns in the virus that indicate an author or getting his (or her) friends to squeal – just like with regular criminals.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Virus Writer And WiFi”

Subscribe: RSS Leave a comment
1 Comment
Nonesuch says:

Is *writing* a virus a crime?

One unanswered question here is whether the criminal act is the writing of a virus (or worm), or if the crime is in launching the initial attack against an unwilling target.

I’ve discovered vulnerabilities, and (prior to recent changes in the law) I’ve written exploit code, and even published exploits (“Proof of Concept” functional but not self-propagating code) to public mailing lists.

However, I’ve never launched an exploit against a server other than my own server or isolated willing test targets.

If we assume the crime is in launching the attack, then open WiFi is a serious problem, as it provides the criminal with an anonymous untraceable conduit to commit crimes.

Given that we cannot make the attacks impossible, the alternatives seem to be to:

  • Make all Internet traffic traceable.
  • Eliminate open wireless access.
  • Make the own responsible for their “attractive nuisance”.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...