Viruses, Hackers and Year 2000 Bugs, Oh My!

It seems that people who use computers always have something to worry about. If it’s not viruses that wipe out your hard disk, it’s hackers rummaging through your files, reading your e-mail or stealing your credit card numbers. Some people worry about their personal safety online. And just in case all of this isn’t enough to keep you up at night, there’s always the Y2K problem.

Personally, I don’t lose sleep over any of these issues, but that’s not to say they aren’t important. There are documented cases of people losing data to viruses; it is possible for both kids and adults to get in trouble when they’re online; and, yes, there will be some technology-related problems starting next year when we flip the calendar to 2000. But just because we live in a computing-centric society, it doesn’t mean the sky will fall.

Let’s start with viruses. In 1992, the media were filled with dire warnings about the Michelangelo virus that some experts said would destroy hard drives all over the world on March 6, the birthday of Italian Renaissance painter Michelangelo. Despite the widespread concern, there were very few reports of actual damage due to the virus. In August 1996, a similar alarm was raised about the Hare Krishna virus, but it, too, turned out to be more smoke than fire.

Last month, anti-virus software publisher Network Associates sounded an alarm about the Remote Explorer virus, which, according to the company, is a “self-propagating virus that goes across the network.” It’s unique because it can spread all by itself without the user having to run infected programs, load files or access infected disks. The report got a great deal of attention, but a few days later, the Computer Emergency Response Team at Carnegie Mellon University reported that it had “not received any firsthand reports of this virus infecting systems or networks,” though the organization did receive “one secondhand report of the infection of approximately 50 Windows NT servers and an undetermined number of Windows NT workstations.”

Yes, it is a threat, but the chances of it striking are pretty remote.

There are, indeed, thousands of computer viruses that can invade PCs, but the overwhelming majority never reach users’ computers. Of those that do, many are designed to annoy rather than destroy. What’s more, a great number of problems that are blamed on viruses are actually the result of software or operating system bugs or user errors. Many of the viruses you hear about are actually hoaxes, and some of those that aren’t hoaxes have had virtually no effect on users.

Finally, if you really are worried about viruses, there is something you can do about it. Download and use an anti-virus program from Network Associates, Symantec or one of the other companies that are so busy telling us about the dangers of viruses.

Then there is the issue of Internet security. Earlier this month, Finjan, an Israeli security software publisher, drew attention to the “Russian New Year” Excel bug, “an extremely dangerous security hole” that, in theory, can extract data from an Excel spreadsheet if a user were to visit a Web site that contained the codes that could trigger the security breach. As far as I know, there are no reported cases of anyone being affected by the threat, and even before Finjan spread the word, Microsoft had already posted a fix on its Web site. Finjan, as you might expect, sells a product that “provides protection from all known variations of this attack.”

Cybermedia, which is now owned by Network Associates, ran a series of radio ads for a product called GuardDog that warned that “people can track the Web sites you’re visiting, invade your computer to read your e-mail, steal your savings account numbers, wipe out files, even destroy your hard drive.” The $59 program, naturally, will protect you from such a terrible fate.

There are ways that hackers can break into computers. Security is an issue for people who operate Web sites, for companies whose networks are connected to the Internet and for people whose computers are connected to the Internet full time via cable modems and other high-speed technologies. But anyone who would buy such a program as a result of a radio ad probably doesn’t need it.

While I’d never rule out the possibility of an attack, the average person who dials into America Online or an Internet service provider is not likely to have their privacy invaded or their data stolen. Users are far more likely to do something careless such as give someone their password, reveal their identity in a chat room, turn over their credit card to an unscrupulous merchant or leave their computer in an unlocked area where an intruder can access it directly.

Most of us live in houses with glass windows and skimpy locks, and many of us drive too fast, forget to wear seat belts and take few precautions to protect our property as we go about our day. Life is full of risks, and yes, there is a remote possibility that a talented hacker could get your credit card number if you buy over the Internet. But if that happens, you’re protected by the credit card company, and besides, you’re at a far greater risk every time you hand your credit card to a waiter, gas station attendant or store clerk.

Finally, there is the issue of Y2K. You can’t turn on a radio these days without hearing warnings about the so-called “millennium bug” that results from computer systems that are programmed with two-digit (for example, “99”) year codes rather than the full four digits (1999). The warnings about Y2K vary widely, but it’s not uncommon to hear predictions that computers will stop functioning or start spewing out bad data. There is widespread speculation that power systems will fail, air traffic will come to a halt and bank ATMs will no longer dispense money.

Some fanatics are issuing extreme alarms; but even government agencies and mainstream organizations have expressed concern. The American Red Cross’ Web site (https://www.redcross.org/disaster/safety/y2k.html) warns that “electrical power may be unavailable for some time” and that “manufacturing and production industries may be disrupted. Roads may be closed or gridlocked if traffic signals are disrupted. Electronic credit card transactions may not be processed. Telephone systems may not work.”

Clearly, there is the possibility that some computers and embedded microprocessors will fail to work properly as a result of non-Y2K-compliant code. But rather than panic, I’m advising PC users to check the Y2K pages on the Web sites of their PC maker and their software vendors to see whether there are any specific issues they need to address.

As for the larger risks, I frankly doubt whether all things electrical and electronic will cease to operate at the stroke of midnight New Year’s Eve. But even if there were no risk, it’s always a good idea to have flashlights, fresh batteries, transistor radios and several days’ worth of cash and food on hand, especially if you live in earthquake country.

We don’t need to wait for Y2K to experience a disruption of vital services. I live near San Francisco, where, in the last couple of months, we have already had a massive power failure, several disruptions of public transportation and plenty of interruptions of Internet service. And, thanks to bugs in Windows and other software, frequent computer crashes are already a fact of life.

*

Lawrence J. Magid can be reached at larry.magid@latimes.com. His Web page is at https://www.larrysworld.com; on AOL, use keyword “LarryMagid.”