Internet insecurity

By : Jim Pinto,
San Diego, CA.

Internet vulnerabilities will force ever-greater countermeasures. My suggestion is to stick with the major anti-virus software standards.

This article was published by:
Automation World, September 2003

For several years, the growth of the Internet seemed unlimited—an almost free resource that provided vast benefits. But that expansion is now being choked, and security is threatened by the twin plagues of spam and viruses.

More than 13 billion unwanted e-mail messages swamp the Internet every day, worldwide. This time-wasting junk is a $10 billion annual drag on worker productivity in the United States alone. In a perverse analogy to Moore’s Law, the number of spam messages is doubling roughly every 18 months. It has risen from 8 percent of all e-mail in 2000 to more than 40 percent by the end of 2002, and is now more than 50 percent. Conceivably, spam could soon represent 90 percent of all e-mail.

Complicating the issue is the virus problem—unwanted emails that cause serious damage to individual computers, or complete networks. 2003 was only about a month old when there was yet another major computer virus attack (the SQL virus) that shut down a lot of major banking and business systems worldwide. Malicious code attacks are continuing to run rampant, with the problem getting ever worse. New virus versions are still emerging, trying to outsmart all of the latest antivirus software.

One of every 200 e-mails sent last year contained a computer virus, and one in three e-mails was unsolicited spam. The most worrisome trend is spam e-mails combined with viruses, making spam more difficult to detect and more dangerous. Also, the virus-to-e-mail ratio is growing worse, mainly because many users and resource managers don’t keep their security up to date.


Internet vulnerabilities will force ever-greater countermeasures in coming years. On a personal level, my suggestion is to stick with the major anti-virus software standards: Norton or MacAfee. Get regular upgrades and automatic daily updates to assure that the best possible protection is always installed.

Until recently, there didn’t seem to be a foolproof way to eliminate spam. As quickly as systems managers added filters (catching specific words), spammers came up with new ways to bypass those filters. But smarter filtering techniques are yielding good results.

Here’s a summary:

  • Blacklist: Identify the IP address of the spam sender’s computer, then advise the service provider to block mail from that address. This method is effective, but it inevitably leads to a cat-and-mouse game between spammers and blockers.
  • Distributed identification: A community of users flag spam for one another. When enough recipients object to a particular message, it is automatically transferred to everyone else’s spam folders.
  • Profiles: Heuristic analysis software looks for invalid message traits—as defined by an evolving set of rules—and develops a numerical score for each incoming e-mail. If the score hits a designated limit, the e-mail is blocked. Of course, some good messages get flagged too.
  • Filtering: Bayesian filtering doesn’t adhere to any particular set of rules—it learns and re-learns how to spot spam by scanning the mail that’s accepted and rejected. The filter calculates probabilities based on the most unusual characteristics of each message. With time, it “knows” what kind of email to deliver, and what to delete. This “artificial intelligence” filtering eliminates more than 99 percent of unwanted messages. This is already popular in the open source community and may soon be adopted commercially.
Other legal and regulatory solutions are also being pursued to limit the growth of spam:
  • Labels: More than 25 states already require senders to label spam as spam, and legislation is being proposed to fine spammers. This is similar to proposed stiff penalties for telemarketing calls to numbers on a prohibited list.
  • E-mail fees: Because e-mail is essentially free, spammers can literally send millions of messages at minimal cost. Levying a charge (however small) on legitimate e-mail distribution will limit mass mailings, though it won’t stop it.
With all its vast growth potential, the Internet is still in its infancy from the standpoint of the ability to curb malicious intent and regulate unwanted messages. For beneficial growth to continue, users will need to develop discipline, together with a combination of smart software tools and viral antidotes.

Return to Index of all JimPinto Writings Return to Index of all JimPinto Writings
Return to Homepage Return to HomePage

If you have ideas or suggestions to improve this site, contact:
Copyright 2003 : Jim Pinto, San Diego, CA, USA