Tech Industry

Week in review: Worm's wrath

A week after Slammer disrupted Net traffic and caused chaos on corporate networks, the tech world managed to catch its breath and assess the damage caused by the lightning-fast worm.

A week after Slammer disrupted Net traffic and caused chaos on some corporate networks, the tech world managed to catch its breath and assess the damage caused by the lightning-fast worm.

The worm infected more than 90 percent of vulnerable computers within 10 minutes, opening a new era of fast-spreading viruses on the Internet. The SQL Slammer worm--also known as Sapphire--doubled in size every 8.5 seconds when it first appeared, and reached the full rate at which it was scanning for vulnerable computers--a rate of more than 55 million scans per second--after about three minutes.

This puts Slammer into the realm of what some researchers call a "Warhol" worm because it could infect the entire Internet within 15 minutes. Slammer's spread was two orders of magnitude faster than Code Red, which infected 359,000 computers in the summer of 2001, and doubled in size about every 37 minutes.

The worm caused between $950 million and $1.2 billion in lost productivity in its first five days worldwide, making it the No. 9 most-costly malicious code, behind the likes of the Code Red worm, with its average of $2.6 billion in productivity loss; the LoveLetter virus, with $8.8 billion; and the Klez virus, with $9 billion.

In reaction to the worm, Microsoft has released early versions of database-security applications. The software tools, posted on Microsoft's Web site, let systems administrators check the company's SQL Server 2000 database for the Slammer worm and address vulnerabilities. That may be too little too late for a South Korean rights group that's considering a class-action suit against Microsoft for not doing its utmost to prevent the widespread proliferation of the bug.

CNET News.com special focus: The worm's most significant casualty may be the perception that companies can remain secure by keeping up with software patches and other protective updates. Instead, security experts say, companies need to begin treating such attacks as inevitable and focus on limiting their damage, rather than expending every effort trying to create an ironclad perimeter.

Net discontent
Worms aren't the only things raising security concerns on the Net. The Bush administration has pulled the plug on a .gov Web site, pending an investigation into the authenticity of the organization that controlled it.

Until recently, visitors to the AONN.gov Web site were treated to a smorgasbord of information about an agency calling itself the Access One Network Northwest (AONN), a self-described cyberwarfare unit that claimed the support of the U.S. Department of Defense. However, no federal agency called AONN appears to exist, and no agency with that name is on the official list of organizations maintained by the U.S. National Institute of Standards and Technology.

The General Services Administration, which runs the .gov registry, pulled the domain on Jan. 24, after a query from CNET News.com. The action could point to the first case of a .gov domain name hijacking.

The specter of Internet patents has raised its head again. This time a company called Acacia Media Technologies says it owns patents on the process of transmitting compressed audio or video online, one of the most basic multimedia technologies on the Net.

The company confidently says it holds sweeping patents likely to cover the activities of a huge swath of Internet multimedia companies, is asking companies buy licenses--and companies are complying. The patents could affect virtually anyone involved in the business of providing on-demand digital audio or video, from software companies to network service providers to the actual content companies.

Technical problems with a new Web-based system introduced last month by the U.S. Immigration and Naturalization Service for keeping tabs on foreign students are causing frustration among university and college administrators across the country. The new system, called the Student and Exchange Visitor Information System, has been so slow and buggy that the INS has extended a Jan. 30 deadline requiring American colleges and universities to begin using the site to Feb. 15.

Linux: love and hate
Several companies have joined to launch a consortium to promote Linux for desktop computers, a significant expansion for an operating system that today fits more comfortably on servers. The consortium's goal will be to raise awareness of desktop Linux and to speed its adoption.

That sounds good to Sam's Club, which has entered the budget PC race with a $299 system running Red Hat's version of the Linux operating system. Plans to sell the Sam's Club PCs--built by CPUBuilders and sold only through the retailer's Web site--mirror similar moves by Wal-Mart, which offers a number of low-cost Linux PCs through its Web site.

An engineer has injected a little bit of the penguin into an Apple by getting Apple's digital music player to run basic parts of the uClinux version of the Linux operating system. However, in running Linux, the device sacrifices many of the iPod's key features.

The Linux-equipped iPod can play audio and display simple graphics, but it can't use the iPod's scroll wheel or remote control, and it can't access the FireWire port--the iPod's only means of exchanging data with other devices. And although the Linux-equipped iPod can play audio, even its MP3 playback doesn't live up to expectations.

With the growing interest in Linux, Microsoft is warning that the success of the open-source movement could hurt its sales, potentially forcing the software giant to cut prices and sacrifice both revenue and profits.

"To the extent the open-source model gains increasing market acceptance, sales of the company's products may decline, the company may have to reduce the prices it charges for its products and revenues and operating margins may consequently decline," Microsoft said in a filing last week with the Securities and Exchange Commission.

Wild about Wi-Fi
CNET News.com special report: The hottest emerging technology today is wireless networking. More than 35 million wireless networks are in operation today, and the number is growing daily. A five-part report examines Wi-Fi security, history and the specter of government regulation as well as its impact on cities' growth and the technology equipment industry as a whole.

Also of note
In an attempt to cast the widest possible net in its investigation into the destruction of the space shuttle, NASA posted a site that lets people send pictures and images via the Web?Sun Microsystems is expected to unveil a series of upgrades to its high-end servers Monday, including faster 1.2GHz processors and the ability to switch out many components without shutting the computer down...Apple simplified its consumer Macintosh line and slashed prices, in an effort to gain market share from Windows XP-based PCs?A number of Macintosh dealers are suing Apple, charging the computer maker with a host of business wrongs ranging from overbilling to poaching customers to stocking its own stores with new gear unavailable to resellers?Attacks on corporate networks by online vandals fell in the second half of last year?Microsoft released an updated version of Windows XP Service Pack 1 without the company's version of Java, complying with a court order that was stayed just hours later?A former Boston College student was indicted for allegedly installing keystroke-recording software on more than 100 campus computers and accessing databases that contained personal information on other students, staff and faculty.