23 February 2000
We have received several messages lately warning about malicious e-mail. Perhaps the worst aspect of such things is the fear they generate in the unknowing and the unwarranted propagation of unnecessary traffic. If you receive any such warning, check it out - don't pass it on. You can do a search for 'virus hoax' and find a number of good sites that discuss the problems and help you determine if you should worry or not. Vendors of anti-virus software such as Symantec and Macafee have web sites like this as well. The US Department of Energy's Computer Incident Advisory Capability has good advice about "How to Identify a Hoax" as follows
"There are several methods to identify virus hoaxes, but first consider what makes a successful hoax on the Internet. There are two known factors that make a successful virus hoax, they are: (1) technical sounding language, and (2) credibility by association. If the warning uses the proper technical jargon, most individuals, including technologically savy individuals, tend to believe the warning is real. For example, the Good Times hoax says that "...if the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor...". The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.
"When we say credibility by association we are referring to who sent the warning. If the janitor at a large technological organization sends a warning to someone outside of that organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue what he is talking about, the prestige of the company backs the warning, making it appear real. If a manager at the company sends the warning, the message is doubly backed by the company's and the manager's reputations. Individuals should also be especially alert if the warning urges you to pass it on to your friends. This should raise a red flag that the warning may be a hoax. "
What should your do when you receive a warning? When in doubt, do not send it out to the world. Check it out. Check the CIAC home page at http://ciac.llnl.gov/ or the FIRST web page at: http://www.first.org or the "Computer Virus Myths home page" (http://www.kumite.com/myths/) which contains descriptions of several known hoaxes. In most cases, common sense would eliminate Internet hoaxes. Don't contribute to the problem.
The Committee for the Scientific Investigation of Claims of the Paranormal is an association formed by Paul Kurtz in 1976 when he became appalled with the rise of cults. Its Center for Inquiry has a staff of 38 and publishes a bimonthly newsletter. _Skeptical Inquirer_ with a circulation of 50,000.
There are times when a bit of skepticism may be useful, as when you receive a warning about a computer virus?
* * * *
Let us know what your association is up to!
Does your association give Apology Awards ( you probably don't even realize it if you do)
Do your members know your board members? We'll have some ideas for you on this.
What are basic qualifications for Board Members?
A bill of rights for members?
--
from your Association
Headquarters:
Leipper Management Group at TechComm
Labs.
Education, management, and information services
especially
for small businesses and
associations.
--------------------------------------------------
to
subscribe, unsubscribe, or comment,
reply or send a note to
leaders@leipper.org
--------------------------------------------------