BOSTON (05/15/2000) - When will we ever learn? It's bad enough almost all of us use operating systems that don't prevent us from making bad choices about security. But most of the terrible effects of the recent LoveLetter virus could have been avoided if users, and particularly system administrators, used common sense.
First, let's clear up a few misconceptions that began circulating in the days after the virus hit hardest. Microsoft Corp.'s Windows 95, 98 and NT are not more vulnerable to this type of virus than the Apple Computer Inc. Mac operating system or Unix-based operating systems. We see more viruses written for Windows because such viruses can have wider effects. Blaming end users for the effects of the virus is wrong in many cases because users have to follow the instructions of their system administrators, many of who make poor choices for the people who rely on them.
Telling users "you should never run programs from untrusted sources" is good, but recent events prove yet again that we can't rely on users to follow that advice. As more and more newbies start using the Internet, the percentage complying with this type of advice will decrease, not increase. The solution is fairly simple and only slightly intrusive: Users should be warned when they are about to execute a program for the first time. After it is run for the first time, a program is digitally signed with a local key. Every time the user tries to run an unsigned program, the question comes up. Given that few of us run new software very often, this could reduce the number of people who accidentally run rogue viruses or Trojan horse programs.
Another significant measure would be to prevent system administrators from changing security settings behind users' backs. Few remote administration programs report to the user when a security-related setting (such as autoexecution of programs) has changed. As many of us know, system administrators are often smarter than the average user they oversee but are rarely smarter than all users. This type of notice, combined with security audit software users can run on their own systems daily that warns them of unsafe settings in their software, would have prevented countless incidences of the LoveLetter virus from executing.
Last, but not least, we should not become complacent. By the time the first round of well-meaning warnings about the virus began circulating, at least five variants with different subjects and different attachment names had been unleashed. Telling someone to beware of messages with a particular subject line will possibly lead them to think that a different message containing essentially the same security threat is safe. Instead, we should redouble our efforts to create systems in which such threats are more difficult to spread.
Educating users about the bigger picture, not just today's problem, will certainly be part of such systems.
Hoffman is director of the Internet Mail Consortium and the VPN Consortium. He can be reached at firstname.lastname@example.org.