I haven't bothered to refresh my facts about what I am going to say here, so, the
details should be taken with a large grain of salt, but...:
Some years ago, before we learned about penetration of the CIA by the
Russians, there was a very paranoid guy in charge of CIA
counterintelligence, funny name, like Jesus or Angel. I recall he grew
orchids, which marked him out as a very patient guy (7 years to get a
blossom?).
He was obsessed with the problem that they had never found a double agent in the
CIA. He thought it would be very unlikely for the Russians not to have planted agents
in the CIA.
So, the failure to find agents meant to him there were Russian agents in the
CIA. Very logical.
As I recall, this man lost his job because he was considered too paranoid,
he was seeing plots within plots or mirrors behind mirrors. The failure to
find Russian agents was taken as proof of the basic decency of Americans,
according to the standard point of view.
Well, we now know that the Russians have been able to get agents inside of
American's security apparatus. Some have been found, but how many are left
is anyone's guess.
Which brings me to the point of this letter.
I notice that the only worms or viruses which we learn about are those
which the author of the worm wants us to know about. That is to say,
no attempt is made to maintain secrecy, and in fact, notoriety is desired.
Therefore, there must be worms out there, and likely plenty of them, written
by people who do not want the existence of these worms to be known.
Young men, lone wolves mainly, have authored very clever attacks on
computer systems. Therefore, it would seem like child's play for a professional team
of programmers, supported by resources from a large organization, to author very
effective, and stealthy, worms to infect very large numbers of computers
worldwide. With the source code in one's possession, it must be
possible to find weaknesses in any computer system's security arrangements.
Is there any doubt that the source code for windows is well known
to the governments of Russia, China, or Israel? Those governments would be
negligent if they did not have the source code.
Although people are putting in more effective firewalls and other
preventive measures, it is very likely that these worms are already in place
and may have been in place for years.
So, I have to conclude that it is very likely that there are numerous
stealth worms out there, sending back to homebase passwords, data files,
source code, etc. from whatever computer system they happen to infect. Once
infected, a system might stay infected for months or years. They would be
like a chronic disease, not causing much in the way of obvious symptoms or signs,
but potentially quite damaging in the long run.
There are those who consider paranoia simply an increased state of
awareness.
Joel
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
