X

Week in review: Slammed by a worm

The "SQL Slammer" worm slows many corporate networks and Ted Turner climbs out from under the AOL Time Warner wreckage.

Ed Frauenheim Former Staff Writer, News
Ed Frauenheim covers employment trends, specializing in outsourcing, training and pay issues.
Ed Frauenheim
4 min read
The "SQL Slammer" worm slowed many corporate networks to a crawl, raising questions about Internet security once again.

The worm, which attacks Microsoft's database software, spread through the Internet last weekend, causing some cash machines to stop issuing money, taking most of South Korea offline and slowing some Internet traffic in the United States.

SQL Slammer's code instructs the Microsoft SQL Server to go into an endless loop by continually sending out data to other computers. The effect is similar to a denial-of-service attack, antivirus firm F-Secure said, comparing the slowdown to the impact of the Code Red virus in the summer of 2001.

Although Redmond, Wash.-based Microsoft had issued a patch for the flaw six months earlier, more than 200,000 computers and other machines were still not updated at the time of the attack and became infected, according to estimates from security information site Incidents.org.

The small but malicious program underscored a dirty secret in the information technology industry: Software bugs are common and administrators are slow to fix even widely publicized problems, said Johannes Ullrich, director of Incidents.org.

"Companies should have been ready for (the worm)," he said. "That patch should have been applied--it's six months old now."

Microsoft's policy of relying on software patches to fix major security flaws was questioned after a series of internal e-mails revealed that the software giant's own network wasn't immune from the worm.

Free weekly newsletter!
Let the Week in Review come to you. Sign up now to receive our Week in Review newsletter: The entire tech week in a single e-mail, delivered Saturday mornings.




"All apps and services are potentially affected and performance is sporadic at best," Mike Carlson, director of data center operations for Microsoft's Information Technology Group, stated in an e-mail sent at 8:04 a.m. PST Saturday to other members of Microsoft's operations groups. "The network is essentially flooded with traffic, making it difficult to gather details concerning the impact."

The messages put Microsoft in an awkward position: The company relies on customers to patch security flaws but Microsoft itself failed to update all its servers.

More momentum for Linux
On the Linux front, the open-source operating system got another boost from IBM. While Big Blue doesn't expect Linux to replace its own AIX version of Unix any time soon, IBM is pushing the open-source OS in that direction, Steve Mills, senior vice president of IBM's Software Group, told CNET News.com at the recent LinuxWorld trade show.

Asked whether IBM's eventual goal is to replace AIX with Linux, Mills responded, "It's fairly obvious we're fine with that idea...It's the logical successor."

Linux also took a step forward in high-end servers with the recent adoption of software that should help IBM, NEC, SGI and others use it in multiprocessor servers.

The improvement adds some support for nonuniform memory access, or NUMA, a design for higher-end servers with many processors. Linus Torvalds, the original creator of the operating system and still its top authority, accepted the update this month into version 2.5, the current test version of the software.

Additionally, Linux software maker Lindows introduced a package intended to mimic Microsoft's Windows XP Media Center.

Idot, a small PC maker specializing in online sales, will sell a Lindows Media Computer model that incorporates some home entertainment functions such as DVD and digital music playback. The company plans to begin selling the PCs early next month, with prices starting at $330 without a monitor.

Here comes the judge
A federal appeals court dismissed a fraud claim against memory-chip designer Rambus on Wednesday and resurrected charges that a competitor may have infringed on Rambus? patents.

The United States Court of Appeals for the Federal District essentially tossed out trial-court verdicts in the hotly contested legal battle between Rambus and German memory manufacturer Infineon. The appeals court found that the court erred in ruling that Rambus did not have valid patent infringement claims against Infineon.

The appeals court also set aside a jury verdict that Rambus committed fraud, an injunction against Rambus, and an order that Rambus pay Infineon millions in attorney's fees.

The court's decision could have serious ramifications in the semiconductor industry. Not only are millions of dollars at stake for Infineon and Rambus, but also the final outcome is considered a litmus test on the validity of Rambus' patents.

Turner's turn
Beleaguered media giant AOL Time Warner said vice chairman Ted Turner is resigning. The announcement came shortly after the company reported a net loss of $98.7 billion for 2002.

The company said Turner would step down in May, joining a long list of executives who've departed in the two years since AOL took over Time Warner.

Most recently, AOL founder Steve Case, who had been under pressure from unhappy investors including Turner, earlier this month said he would step down as chairman.

Also of note
As part of its continuous push to market its AOL Instant Messenger program, America Online is testing a new instant-chat robot that answers questions from AIM users about weather and stocks...IBM has released several products designed so that specific industries can get started with "grid" computing, networking large numbers of smaller machines into a single supercomputer...Internet service provider EarthLink said it plans to lay off a quarter of its work force, or 1,300 people...Initial sales of "The Sims Online" have been less than expected, executives from publisher Electronic Arts acknowledged...Companies offering information technology outsourcing see lower-cost foreign labor as a key to growth in 2003, market research firm Gartner Dataquest said...Aiming to consolidate some server manufacturing in Houston, Hewlett-Packard plans to close a California plant that makes servers and storage products.