The Internet Protocol Journal - Volume 2, No. 3

Letter to the Editor

Letter to the Editor

The article "Was the Melissa Virus so Different?" (The Internet Protocol Journal, Volume 2, Number 2, June 1999) by Barbara Y. Fraser et al makes an interesting comparison between events in our real and virtual lives, comparing e-mail borne viruses with commercial samples delivered to our physical mail boxes. While I think the comparison is a useful exercise, the authors fail to point out one of the fundamental differences between these two worlds.

An electronic message contains a finite amount of information: a careful sender can make sure his identity cannot be revealed. In contrast, a physical "message" (i.e., mail bomb, extortion letter, etc.) contains an essentially unlimited amount of information: from finger prints and material analysis to DNA traces, a potential perpetrator can never be certain that he can deny his involvement. For cyberspace crimes the chance to be caught is (and is perceived to be) much smaller. As a result, many virus authors have but the slimmest motive for their deed.

The fact that the Melissa author was quickly identified because of a hidden signature in Microsoft Word is little comfort. For reasons of privacy, this feature has been disabled: it was a bug, not a feature.

To extend the analogy: suppose a simple device would become available that can look up a person's full ID based on a DNA trace (a few molecules) on any object touched or handled. Move the scanner over the door handle and you know who's been visiting. The ramifications would be extensive. Most likely, the as yet hypothetical device would be illegal except for police use.

-Ernst Lopes Cardozo, Aranea Consult BV
e.lopes.cardozo@aranea.nl

Send us your comments!

We look forward to hearing your comments and suggestions regarding anything you read in this publication. Send us e-mail at: ipj@cisco.com


Changes at the IPJ Web Site

Now you can find every issue of The Internet Protocol Journal in both PDF and HTML format at www.cisco.com/ipj. We are also pleased to announce that Nikkei Business Publications in Tokyo has provided an introduction to IPJ in Japanese, as well as translation of some of the titles from previous issues at: http://nit.nikkei.co.jp/ipj.html . We hope to set up similar links with other publications around the world.