down a level

What is this?
Occasional links & observations from
Steve Bogart


Nearby entries:
28 April   
1 May  
6 May 
> 10 May <
 15 May
  16 May
   17 May

Support web standards
Support web standards

10 May 2000

"Think of all the things you wish you could be doing. Make a list of the reasons why you're not doing them. Cross off all the reasons that are really just excuses. Now ask yourself what's really stopping you..."
-- Tony Tribby (from's vast collection of interesting quotes)

It's ILOVEYOU day: When writing for the web, if you dawdle long enough, someone else will probably say what you were thinking of saying. Often in a much more thorough fashion. Here's a piece on the ILOVEYOU virus that pretty much covers what I wanted to make sure was said...

  • Love, Microsoft - Who's to blame for the "ILOVEYOU" virus? Who else?? by James Gleick [Slate, seen on Backup Brain]
    So here's what the ILOVEYOU virus did, and here's why it shouldn't have been able to: [readable technical explanation...]

    ...sometimes Microsoft customers do need to send mass mailings, but they don't need to be able to do it with scripts running from inside e-mail messages. Not ever. Close that door.

    Most of us rarely see .. file extensions because the operating system hides them by default. That's another user-friendly feature: Instead of "Letter to Bill.doc," we see just "Letter to Bill." Speaking personally, I like this feature. I know that some security experts advise users to turn the feature off, but so far I've been willing to accept Microsoft's default setting and leave the extensions hidden. The ILOVEYOU virus exploited this by adding an extra fake extension to its name: "LOVE-LETTER-FOR-YOU.TXT.vbs." We users saw only the innocent-looking "LOVE-LETTER-FOR-YOU.TXT." The final, hidden, .vbs was the trigger.

Note also Microsoft's response at the bottom of the article, claiming that Gleick was saying there are no Unix or Mac viruses. Not quite, guys, just that this particular vulnerability doesn't exist on Macs and Unix. Try reading a little closer. They also claim:

Microsoft products were not the only ones affected; at least two competing e-mail products were affected in exactly the same way as Microsoft's were.

This sounds disingenuous to me. My understanding is that even if the virus script is executed from within Eudora (which I don't dispute is possible), it still sends itself to everyone in the Outlook Address Book, not everyone in Eudora's. It's still dependent on the vertically-integrated Outlook for the ability to propagate. Hardly consistent with the Microsoft position that other products are affected "exactly the same way".

One disagreement I have with Gleick is, I emphatically don't believe that the file-extension hiding that Windows does (by default!) is 'user-friendly'.

  • It hides specific file information from the user that is then only hinted at generally by a file's icon. (How similar are the icons for Word documents vs. Word templates? How about all the different kinds of Excel files? Got those icons memorized? Think everybody on your block does?)

    Hiding unimportant information from a user is arguably a nice, simplifying thing to do. Knowing the actual names of your files and being able to tell apart different kinds of files with similar names does not strike me as unimportant.

  • It interferes mightily with the renaming of files and the use of files on other systems. Ever tried to download a webpage, rename it from index.html to default.htm and upload it somewhere else? Good luck. All you can see is 'index' and 'default' until you go mess with some settings. Or, try temporarily renaming a file to end in .txt so you can inspect it in Notepad. Changing a file's name shouldn't be that hard!

  • It enables users to have multiple files in a directory that appear to have the same name. MSLies.jpg, MSLies.doc, MSLies.ppt, MSLies.htm and MSLies.xls will all appear as files (with different icons, granted) just named 'MSLies'. For one thing, good luck telling them apart if you're an inexperienced user. For another, it teaches a poor lesson -- that files can reside in the same directory and have the same name.

  • And oh yes, there's what Gleick pointed out - files can pretend to be a type they're not by counting on the real file extension being hidden. <shudder>

As always, this fine innovation was brought to you by Microsoft's Department of Bad Defaults. I don't see why the feature is there at all, and it's maddening that it's turned on by default.

Authoritative agencies' reports on ILOVEYOU and some variants:

And one from a seller of anti-virus software:

A network-administrator friend pointed out that there are much worse file extensions that ILOVEYOU could have chosen to target than .jpg and .mp3. Hm. Indeed. Back up your files regularly.

The media coverage seems to imply that the threat has been contained. Uh uh. This is a long way from over. Since the virus' source code is included (it's only a script, after all), variants of all stripes will be appearing (and already have been). There will almost certainly be much more destructive versions which the virus-checkers won't catch, maybe not appearing until people have relaxed and started being lax about running attachments again.

To finish up, here are some relevant, amusing and useful Tasty Bits from the Technology Front:

Next time: a recently-released Microsoft program that I'm happy with.

Previous entry: 6 May 2000 Next entry: 15 May 2000
Other sections of this site:
Home - Log - Services - Writing - Links - About
Last modified on 5/26/00; 9:13:35 AM Central
© 1998-1999 Steve Bogart