The spam is out, but the viruses are in

“If you get into trouble so much, doesn’t that mean you must enjoy it?” This little gem is the network person’s equivalent of “Does my bum look big in this?”, or “Have you stopped beating your wife yet?” as no-win conversational gambit. For some uncomfortable reason, Christmas 2008 has caused me to start believing that letting my “I’m here to help” sign show is no longer such a smart idea… First off, there were my own network woes, but immediately after that came all that folderol surrounding the closure of the world’s largest spamhaus (see www.pcpro.co.uk/links/174networks for the lowdown from the local newspaper) as detailed last month by fellow RWC columnist Davey Winder.

By cutting off McColo, a Californian ISP, two of its upstream bandwidth providers slashed the world’s volume of unsolicited email messages, that is spam, at a single stroke. Hats off then, temporarily, to both Hurricane Electric and Global Crossing. But I stress that “temporarily”- let’s remember that what they shut down was a relationship that had been running for some considerable time, a relationship so stable and so bandwidth-hungry that once it was cut off we were instantly transported to a whole new world of email. This world saw an appreciable reduction in the volume of spam reaching individuals – which may not impress you at first hearing, but reflect on just how many people are using the internet. Even if you assume an unfair bias on the part of the spammers towards the Roman-alphabet (and possibly the English-speaking) worlds, the count of “internet users” who meet those descriptions are alleged to total some 430.8 million, according to http://www.internetworldstats.com/stats7.htm. Starting from that figure, several billion spam messages per day would be a fair estimate of the output of the spammers’ collective. For the cutoff of McColo to be showing an effect in my mailboxes, it must have been generating a veritable hurricane of spam over a very long period of time.

But talking about the global security implications of spam is definitely Mr Winder’s bailiwick, and I need to perform a right-angled turn in my narrative here to arrive at this month’s network hassle. The first hassle arises from the fact that people have become blas?© about spam: they sneer at the stupid mis-spellings, the fake offers, the bizarre sexual feats, and only very infrequently (I’d guess around four incidents per person per year) do they actually believe that a spammed stock tip is worth following, or feel tempted to use that handy link to check their online banking password. Feel free here to make tutting noises and the usual laugh-at-the-chumps reaction, but try to keep that humungously large number back in mind. Nobody sends out billions of messages per day for trivial returns, or for a bit of a jape: that relationship with those two first-rank bandwidth providers existed to shovel a lot of data out and rake a whole lot of money back in. So it was absolutely no surprise to me to discover that as the McColo-related email traffic faded away during the last few weeks of 2008, the virus traffic rose to take its place.

Once again, the attitude to virus detection and avoidance among the general population (and even among much of the specialist population of techies, too) veers between sloppy and irrational. Let’s lay down some very basic ground rules: