Devil's Advocate: Bounty hunters

Why is it an unknown coder somewhere in the world has the FBI and Microsoft in such a state? Martin Brampton says the Sobig worm is best viewed as part of a long line of trouble-making?

Despite anonymity, the author of the SoBig worms continues to achieve a remarkable public profile. The FBI and Microsoft are on the case and offering half a million dollars for information leading to conviction. Putting a bounty on the head of the SoBig writer certainly seems to emphasise the frontier character of the internet.

I was fascinated to find that the term was coined in a science fiction story as long ago as 1975. John Brunner wrote 'The Shockwave Rider' to describe a totalitarian government that controlled people through a sophisticated computer network. The network was disrupted – was it by a freedom fighter or a terrorist? Anyway, the overbearing government was defeated by a piece of software described as a tapeworm.

Many worm-like programs were written prior to a famous 1988 work that practically shut down the internet. The colourfully named vampire worm wandered around the network, only really becoming active at night. Its harmless task was merely to take advantage of unused processing capacity available at night time, after which the vampire work quietly went back to sleep until the next night.

Clifford Stoll wrote about the hijacking of other people’s computers as long ago as 1989 in his book 'The Cuckoo’s Nest'. The practice seems to have continued apace. Many of the highly publicized denial of service attacks have relied on taking control of many unsuspecting computers across the internet. The sources of attack are thus widely distributed and removed from the actual perpetrator. SoBig has been suspected of including a remote control capability.

At the same time, it is closely allied to the increasingly sophisticated techniques used in the distribution of spam. Or, what I’m told should more correctly be called unsolicited bulk email. SoBig succeeded in spreading a number of very simple messages so effectively that most people received them many times over.

In fact, SoBig has been so effective that its author joined the silicon.com list of Agenda Setters for 2003. I had the pleasure of being part of the team that made the selection and we agreed that SoBig’s combination of techniques was remarkable, if unwelcome. Moreover, the initiative seems to be very much with its writer rather than the largely reactive authorities.

Certainly it is action of a kind for Microsoft to set up a $5m fund offering bounties, with the first two rewards put up for SoBig and the MSBlast virus. Yet given that the fundamental ideas have been around for over a quarter of a century, it is a surprisingly weak response. Maybe it will lead to some individual being identified and prosecuted. But the skills being devoted to harmful software seem to be more than keeping pace with the obstacles put in their way.

We still seem to lack any real understanding of the pitfalls that have opened up through our reliance on a global digital network. While the perfect copies that are possible with digital material impress us, we tend to ignore the potential of digital counterfeiting. Our excitement at the possibilities of web services is rarely matched by caution with regard to the possibility of impersonation. The handy sharing of ideas across the network appeals to us while we forget that we do not always want to share all our information.

Given the absence of a deep understanding of our vulnerable position, combined with an inadequate array of defences, it seems that the initiative is with people like the author of SoBig. They are the ones setting the agenda. Is that how we want it?