Keywords
Citation
Ellis, B. (2000), "Or a rather tough worm in your little inside?", Microelectronics International, Vol. 17 No. 3. https://doi.org/10.1108/mi.2000.21817cag.001
Publisher
:Emerald Group Publishing Limited
Copyright © 2000, MCB UP Limited
Or a rather tough worm in your little inside?
Or a rather tough worm in your little inside?[1]
Keywords Internet, Viruses
At the time that I am dictating this, we're right in the middle of the hysteria of the I Love You "virus". When you read this, it will be past history but there will surely be other ones that will follow. Although the popular media call this a virus, it is nothing of the sort: it is a worm. The difference is quite simple: the computer, when it is infected by a virus, will not infect any other computer on a network until an infected file is manually transferred from the first to the second. A normal virus is commonly a small attachment of a few bytes on an executable programme (i.e. usually with a .COM or .EXE extension, but also possible with .DLL or a few other extensions). A worm is much more insidious and will transfer infections automatically by any number of means. Both can corrupt or erase data files.
The first major worm which hit us was Melissa. This had a large effect, mainly because we were not prepared for such a problem. The fact that the I Love You worm had such a large effect is proof enough that we have not learned our lesson, because it was so, so blatant. In a matter of a few days, since it was first let loose on the world, there are already 29 variants in circulation, at the time of writing. Many of these are simply changes of the file name and the message. But they all have a single tell-tale indication that all was not right with the world: they have the extension .VBS at the end of the file name. VBS stands for Visual Basic Script and it is well-known that a script actively executes something. If I were to receive a love letter (at my age?), I would expect this to be in a text form and it certainly would not be necessary to have it as an attachment. This alone should be sufficient to raise suspicions – the fact that it is in script form cries it from the rooftops. The perpetrators of these felonies therefore rely upon the naïvety of the people to open these attachments. Of course, they sometimes use some credible craftiness. For example, one of the variants of I Love You stated that the attachment was your receipt for a $300-odd Mother's Day gift – if you see this message then your immediate reaction would be to find out more, especially if your mother has been dead for over 20 years! Even more insidious, some of them purported to be an anti-virus protection and cure against I Love You!
How does a worm spread itself? It is actually quite a large software (the original I Love You is 10,307 kilobytes) programmed to send a copy of itself to everybody in your e-mail client address book. As simple as that! But not quite as simple, because it will not happen in all cases. The programmers make a number of assumptions and, if any one of these is not valid, then the worm will not be transmitted. In the case of Melissa and I Love You, the assumptions are that you are running your computer under some flavour of Windows and that your e-mail client is Outlook or Outlook Express. So, let us assume that I receive such a worm on a number of different computers and that I'm foolish enough to open the attachment: let's see what will happen:
- 1.
Mac computer: no effect.
- 2.
Sun workstation with Solaris operating system: no effect.
- 3.
Mainframe computer with Unix operating system: no effect.
- 4.
X 86 computer with Linux operating system: no effect.
- 5.
X 86 computer with Windows operating system and Netscape Communicator or Eudora e-mail client: computer will be infected but will not transmit the worm.
- 6.
X 86 computer with Windows operating system and Outlook Express e-mail client: computer will be infected and will transmit the worm to other computers.
It can therefore be seen that the writers of this kind of worm are targeting the most popular configurations of computer, in other words, those loaded with Microsoft products. One of the commonest types of virus today is the macro virus. These are designed to infect a specific program on the computer and are transmitted by data files generated by it. As far as I'm aware, the specific programs which have been infected by macro viruses number just two, Microsoft Word and Microsoft Excel. I can only surmise that the authors of these viruses do not think that it is worthwhile to write them for other programs such as the Corel or Lotus varieties, although this is not impossible.
If we follow this argument to its logical conclusion, those persons using Microsoft products, almost to the exclusion of any other manufacturer of software, are leaving themselves open to the risk of being infected by a virus or a worm to a much greater extent than those using other products. This is undoubtedly true. On the other hand, it could also be said that Microsoft has not bothered about incorporating within its software means to prevent such infection. It is probably true that Microsoft has only paid lip-service to this risk, possibly for a number of valid (at least, for Microsoft) reasons. It is also probably true that operating systems other than Dos and Windows are more secure against being infected by viruses, worms or Trojan horses because of better security techniques. This does not mean that a determined hacker couldn't find a chink in the security armour of some other operating systems and possibly, if this did happen, the results could be equally disastrous or even more so for the users. The best security is the fact that relatively few persons use such operating systems, so the spread effect will be insignificant.
The great majority of us use Windows – myself included, although not exclusively – and we are therefore open to attack from over the Internet. How can we minimise the risk? The obvious one is never, never, never to open an e-mail attachment unless you are absolutely sure that it is safe to do so. Do not rely on the fact that you know the sender (he may have been the victim of a worm). The second protection is to operate an anti-virus software which monitors your e-mail, and to keep it up to date. It is absolutely useless to have such software installed if the virus list has not been updated for the last three months! My recommendation for this is Norton Anti-virus 2000. This will monitor every e-mail (and distribution disc) that comes in and, if you fail to update it at least once every two weeks, it will give you a violent reminder as you boot up your computer. If it is known that a new virus or worm is circulating, update the file even daily. Norton had a detector for the I Love You worm available within a matter of hours of it being announced. Although Anti-virus 2000 will also eliminate an infection, it may not be able to restore data files which have been corrupted. If you receive an e-mail that has been infected, it is therefore much better to delete it there and then than to risk opening it. Although rare, it is not impossible for an e-mail itself to be infected by some kind of bug, independent of any attachment but, if you don't open it, you won't suffer.
I probably receive an average of 50 to 60 e-mails per day, seven days per week. By applying these simple precautions, my computer has not been infected by a virus or a worm for several years, touch wood! In fact, as far as I can remember, I have had only two infections. The first was a boot virus, about six or seven years ago, on a software diskette distributed by a very reputable software manufacturer. Happily this was easily eradicated. The second was a macro virus for Word which was given to me by a German colleague, along with a requested document, before the anti-virus software which I was using at that time had been updated. This particular one, of East German origin, hit Germany violently several days before it hit the Anglo-Saxon community and was therefore not incorporated within the protection programs as fast as it might have been. Again, it was easily eradicated. Perhaps I have been lucky to have got away with things so lightly but I have intercepted bugs of some description or another on perhaps six or eight occasions, before I was infected, and I have probably deleted another couple of dozen attachments which were unsolicited, but which may have been infected. By the way, one of my clients bought a new PC and the IT manager promptly connected it to within the company intranet, which quickly became infected throughout. This moment of carelessness within the virus detecting firewall cost him many hours of work and the company over an estimated $200,000 before it was eradicated from the 120-odd Windows computers on the network. Happily, the main server and some workstations were Unix operated and were not infected.
The other problem that we are confronted with is the virus hoax. Whereas I never totally ignore an e-mail warning me of a new virus, I take it with a large pinch of salt, especially if I see any of a number of warning signs. In the following fictional example, I place my comments between square brackets. Typically, you may receive a message like, "A director [or very reliable source or similar] of IBM [or Microsoft, AOL, Sun Microsystems etc.] sent me an e-mail today [or yesterday, but never with a date], warning me that a new virus is attached to a file called XXX. EXE [or whatever], attached to an e-mail with a subject 'For your safety' [plausible]. This virus, which is not well-known [how can it be, it doesn't exist?], is very dangerous and can destroy your hard disk [Oh! Yeah! Maybe set my computer on fire, cause a tidal wave or any other sort of dire consequence. In any case, if the hard disk were destroyed, the virus would commit suicide and never be transmitted further, so it isn't even plausible!]. Please pass this message on to everyone on your address list [This is the real danger: exponential messaging like this can totally reduce the Internet bandwidth and block all communications for hours on end. If each receiver of such a message has 30 names on his address list and sends it out to each, and so on, every single computer on the Internet should receive the message after the fifth generation, only!] before it gains a hold over the Internet." Perhaps the best known hoax was the Budweiser Frogs Screen Saver. This is one of the messages I received, errors and all (I've put in italics the parts which tell me it is a hoax):
VIRUS ALERT
Someone is sending out a very desirable screen-saver, the Budweiser Frogs – "BUDDYLST. ZIP". If you download it, you will lose everything!!! Your hard drive will crash and someone from the Internet will get your screen name and password! DO NOT DOWNLOAD THIS UNDER ANY CIRCUMSTANCES!!!
IT JUST WENT INTO circulation yesterday, as far as we know. Please distribute/inform this message.
This is a new, very malicious virus and not many people know about it. This information was announced yesterday morning from Microsoft. Please share it with everyone that might access the Internet. Once again, pass this along to EVERYONE in your address book so that this may be stopped.
Also do not open or even look at any mail that says "RETURNED OR UNABLE TO DELIVER": This virus will attach itself to your computer components and render them useless. Immediately delete mail=AO items that say this. AOL has said that this is a very dangerous virus and that there is NO remedy for it at this time. Please practise cautionary measures and forward this to all your online friends ASAP.
This is a classical hoax message, to the extent that it is so obvious to anyone who is aware that such things exist. To give you just an idea, when it was going the rounds, a year or so ago, I received this message three times and other variations of it eight times, over a period of about a month, from different sources, mainly close business contacts. By the way, I never tell the senders that these messages are hoaxes, because that could have a similar snowball effect to that of sending the message on to my address list. I just delete the messages and forget about them.
To the meat of this article. I'm continuing through my alphabetical survey of the sites advertised on the IMAPS Web site. I'm now at the end of the alphabet (see Table I) and I'm seeking feedback from you, the reader. When you read this, please send me an e-mail (mail to address at the foot of this article) to tell me whether you would like me to start again at A, with the next URL down from the previously reviewed ones, or whether you would like me to start on another tack. I'll democratically choose the majority opinion, so please let me know your's. If you wish, you can also add some suggestions about what you would like to see.
This is the first of the Us with a working URL, but I'm afraid that I'll have to confess that this site is very amateurish, obviously designed by someone who has not much idea of what Web sites are all about. The Home Page has just two things: an enormous graphics whose file size is rather large and the simple sentence "Click on 3D logo to enter". Worse, you must do it exactly as it states, but the logo is not clearly defined, being graphically fragmented, so that only a fraction of graphics containing it hyperlinks into the site. Notwithstanding, this is a clearly useless Home Page, especially as it houses neither Meta Description nor Keywords. There is therefore little chance of a Search Engine offering it as first choice, even if the viewer puts in the most appropriate keywords. Clicking on the logo takes you to a second "home page" which is not, of course, one at all. From the frying pan into the fire, this is an ugly, three frames layout with no choice if your browser doesn't like frames. The top frame shows nothing but a string of two alternating graphics which are so itty-bitty as to be meaningless, but consume some 14 kilobytes and half the page at a medium resolution for nothing: aesthetically, they are 'orrible, into the bargain. The right-hand lower frame shows an equally displeasing graphic, which gives a feeling of déjà vu, and consumes an equally useless 13 kilobytes, the lot superimposed by an enormous "Welcome to Ultron Systems Inc.", with no indication of where or what it is all about. The latter text is so large that you need a resolution of at least 1,024 768 pixels before it will even fit into a single line. The left-hand frame is a menu with a mercifully small kilobyte of text. The aggregate file size is not excessive, but each of the three frames is so different from the other two that there is no feeling of homogeneity or style. This is repeated throughout the site. The product range is somewhat motley, although the company's warhorse appears to be adhesive films for applying to wafers, and equipment to apply the same and to remove them. Apart from this, there are various other pieces of equipment for the semiconductor industry. Clicking on any item in the product menu will take you to a photograph and a brief description of one or two sentences. As often as not, there is a link entitled "Request Literature" which takes you to a general form to fill in. In some cases, there is also a PDF file of the scanned-in data sheet. In the case of the adhesive films, which are consumable products, these give few details which would allow you to select the right film for a job and there appears to be no way of finding a price list or ordering such materials. To find out how to contact the company, there is a "Contact Us" page, three deep into the system, which gives the name, address, telephone and fax numbers and an e-mail address to the sales department. Altogether, I cannot really recommend this site as an epitome of good design, as is reflected in its scores (see Table I).
The Veeco site would appear to be much more professionally designed. This does not necessarily mean that it is a lot better, although it is. Unfortunately, the Home Page is almost entirely graphics, which makes it a little long to download. The background colour is a rather miserable slate-grey. The menu system is clear in both graphics and text form, making navigation reasonably easy. There is no clue on the Home Page about who or what the company is or does or even where it lives. There is one rather distracting animated graphic. On the positive side, the site does have a good keyword list and description within the invisible meta files. Clicking the "About Veeco" button takes you to a page which adequately describes what the company does, but in a much more cheerful colour and layout. On the other hand, clicking "Products" takes you back to the miserable slate grey and a big list of different products, essentially for the inspection of semiconductors, although there are a few items of process equipment, as well. This list is far too long to go through in detail, so I'll just go into a few generalities. Clicking on the name of any of the products will take you to a page which will list the items available, with photographs and a description, generally about one paragraph long. The presentation is neat. In a few isolated cases, there are hyperlinks from the product name to a more detailed page. Of academic interest only to me, I was fascinated with my exploration in depth of the atomic force microscopes. This eventually leads one to a "theatre" of what these instruments can do. Clicking on the "Contact" button will take you to a form for submitting any enquiry. Only by clicking on a text hyperlink within the page can one find the names and addresses of the companies throughout the world, strangely without any e-mail addresses. Communications are obviously not one of the company's strong points.
When I saw the Home Page of Welwyn Components Limited, England, I was somewhat disappointed. To declare my prejudice, I worked at this company's Bedlington factory in the 1950s. Of course, its products, mainly resistors, are very well-known and highly reputed. The Home Page does not meet this reputation. It is very neat, attractive and simple (see Figure 1) but it does not fulfil the requirements of a good Home Page. In the first place, it is unnecessarily split into four frames, one of which, believe it or not, is simply a thin red bar across the page, under the top frame (shown lighter in the Figure). Another frame merely duplicates the menu in the graphics. The aggregate file size is over 91 kilobytes – massively long and slow to download, mainly due to heavy graphics including animation. There are no meta descriptions or keywords. Again, the company does not seem to think it worthwhile to give a clue as to what it does (other than a terse but relatively meaningless Electronic Components) or where they are situated, on their Home Page. However, exploring deeper within the site, one finds a different situation, I am pleased to say. It must be said that it is extremely difficult for a company producing literally thousands of different items to be able to catalogue them effectively on the Internet. This company has achieved this extremely well in their "Product Overview". By means of a series of hierarchical pages, it is easy to find all the technical details which would be required for any one of the products, using simple terminology. If it were possible, I would give them 11 out of 10 for this technical information! Looking at the other pages, the "Company Profile" gives an adequate review of the history and a brief glance at the product range of the company. The "Contacts" button leads one to an excellent page giving all the co-ordinates of the company, their various manufacturing sites, some with their own Web site URLs, their sales offices and that of the range of agents and distributors throughout the world. Again this cannot be faulted, although I knock a point off because they do not have their corporate headquarters' address on their Home Page. Even better, under the heading "E-mail", there is a list of the names of the persons responsible for the different departments along with their individual e-mail addresses. This is something that should be copied by other companies. With a little diligence, thought and a deeper awareness of what Web sites are all about, it would not be difficult for this one to be upgraded to a level of straight 10s in the score chart.
Figure 1
Welwyn components Limited Home Page, showing a duplicated menu system
Although it is not displeasing to the eye, the Home Page of X-Lam is very displeasing to the intellect. In the first place, there are 12 errors in the way that the JavaScript is written. This is unpardonable. I haven't analysed what would happen if they worked. It would appear that the code has been written largely by hand and even the HTML is sloppy. There are no meta keywords or descriptions. On the other hand, the graphics do not seem to be excessive. Once again, it is a pity that there are no co-ordinates of the company on the Home Page, although there is an indication as to the products, high-performance substrates for semiconductor packaging. As far as I can understand the technology, it would appear that this company offers laminates on which there is overlaid thin-film multilayer routeing. Unfortunately, the explanations given on the site are not clear to a layman who has never been involved with packaging semiconductors. Of course, it is probable that it would be clear to an expert in the subject. Nevertheless, I get the impression that the technical details on the site leave a certain amount to the imagination. There is some information given on routing parameters. Under the heading of Quality Certification there is a photograph of five persons, looking as if they have just had a good lunch, seated round a table – does this really give an impression of quality? If you click into "Sales and Marketing", you will be led into a page entitled Contact Information giving the name, address, telephone and fax numbers of the company. However, there is also a menu item "Contact Us" which leads you into a form for sending them an e-mail, also with an e-mail address for those not wishing to use the form or unable to do so because their browser does not permit it. As it stands, I don't get much feeling of confidence in the company simply by looking at their Web site and I suggest that they may consider a revision.
http://www.yieldengineering.com
Yield Engineering Systems Inc. (acronym YES) has a Home Page which is not entirely to my taste, although this is very subjective. Less subjective is the fact that their graphics consume about 75 kilobytes of file space, which is too much for a good Web site. Again, this is another company which has not bothered to put in meta keywords or descriptions – why? On the positive side, the Home Page does contain a summary of what the company does and, hooray, the company co-ordinates. This has earned them more points for their Home Page than they would otherwise have deserved. Clicking on the page marked "Products", we are given a menu of the various machines produced by this company, such as plasma strippers and cleaners, vacuum bake ovens and driers. Some of these offer a hierarchical series of pages giving more and more detail of the products whereas others go straight into a single page. One of them ends up with a blank page. The quantity of information available is probably sufficient to enable one to add this company to a short list of potential suppliers, while asking for more details. Unusual for a company of this type, there is a page, under "Support", listing three "commonly asked questions". Like some of the other companies reviewed here, this one offers a "Contact Us" page with a form and, happily, an e-mail address as an alternative. There appears to be no list of resellers or agents nor any names of individuals to contact.
Exceptionally, in order to reach the end of the alphabet, I'll review a sixth site, that of the Zecal Corporation. It actually gives me a certain pleasure to do so because this site has a Home Page which, although not perfect, does fulfil all the requirements of what it is meant to do. It has a meta description and keywords, it aggregates less than 40 kilobytes of file space and hence loads reasonably rapidly, it has a description of what the company does and it tells you where the company is with full co-ordinates. What more can one want? This company appears to have a single product which is a copper pattern plated on to ceramic substrates. This is obviously competitive to thick film circuits and would seem to offer some advantages for some applications. It is claimed that the process will offer a much finer resolution and one illustration shows inductors with 0.002 inch (51&m) line widths and spacings.
Various well-thought-out pages on the site describe how to design the artwork, the process and the assembly. Another page gives a list of representatives throughout North America and Europe. Other ones give forms for general messaging and requesting a quotation or literature.
| Table I | URL | Home page design | Other pages design | Downloading time | Navigation | Communications | Information | Legibility |
|---|---|---|---|---|---|---|---|---|
| http://www.ultronsystems.com | 2 | 2 | 5 | 6 | 5 | 6 | 10 | |
| http://www.veeco.com | 5 | 6 | 6 | 7 | 5 | 8 | 10 | |
| http://www.welwyn-tt.co.uk | 7 | 7 | 6 | 9 | 9 | 10 | 10 | |
| http://www.x-lam.com | 1 | 6 | 7 | 6 | 5 | 5 | 10 | |
| http://www.yieldengineering.com | 6 | 6 | 6 | 6 | 9 | 7 | 10 | |
| http://www.zecal.com | 9 | 8 | 9 | 7 | 8 | 9 | 10 |
Please, don't forget to e-mail me whether you wish me to continue along this theme or to choose another one (suggestions welcome).
Brian EllisCyprusb-ellis@protonique.com
Note
- 1.
Is it weakness of intellect, birdie? I cried,Or a rather tough worm in your little inside?With a shake of his poor little head he replied,Oh, willow, titwillow, titwillow!(William S. Gilbert, The Mikado (1885) act 2).