washingtonpost.com  > Technology > Technology > Tech Policy E-letter

August Is the Cruelest Month (for Hackers)

Wednesday, July 28, 2004; 11:09 AM

The real reason reporters don't like hackers is that the digital miscreants flout the time-honored rule that news is supposed to go on vacation from, say, late July until just after Labor Day. Instead of (or maybe in addition to) taking in some sun at the beach, the online criminal element used this week to release a new version of the MyDoom Internet worm and mounted a denial-of-service attack on DoubleClick Inc.

The net effect of both incidents? A temporary -- but incredibly annoying -- lack of access on Monday to some of the world's most popular search engines, including Google, Yahoo, AltaVista and Lycos, as well as reduced access to a number of other Web sites. The worm took away the search engines by indundating them with automatic requests for information -- specifically, the new Mydoom commanded infected computers to search for e-mail addresses that it could then send itself to in order to infect more people's computers. While the affected search engines were only unavailable to a portion of their audience for a few hours, it was yet another example of how viruses and worms are threatening some of the Internet's biggest players.

_____Recent E-letters_____
News Web Sites Sport Campaign Ads (washingtonpost.com, Aug 4, 2004)
Bush Takes a Stand Against ID Theft (washingtonpost.com, Jul 21, 2004)
Microsoft Serves up More Patches (washingtonpost.com, Jul 14, 2004)
_____Free E-mail Newsletters_____
• TechNews Daily Report
• Tech Policy/Security Weekly
• Personal Tech
• News Headlines
• News Alert

In the case of DoubleClick, hackers mounted a denial-of-service attack against the company that almost rendered its top client sites inaccessible. The attack lasted several hours, and affected, among others, CNN.com and washingtonpost.com.

Meanwhile, look forward to August: That's the month when hackers seem to be particularly active. Last year, for example, the Blaster worm sidelined computers around the world on August 12. A week later, the so-called good "Nachi" worm spread to computers infected by Blaster, deleting the "bad" worm but slowing down computer processing speeds.

Making Sure E-Mail Stays a Two-Way Street

Most people take it for granted that e-mail correspondence should be as private as a telephone conversation, but according to a recent federal appeals court decision, it's not. This has led Reps. Jay Inslee (D-Wash.), Roscoe Bartlett (R-Md.), Jeff Flake (R-Ariz.) and William Delahunt (D-Mass.) to introduce a bill that would hold e-mail to the same privacy standards as phone conversations.

That means that e-mail service providers wouldn't be able to look at the e-mail messages they're processing, at least no more than they have to in order to make sure messages get from point A to point B. On a deeper level, it means that the cops would need to get a judge to issue a wiretap warrant before readingp people's e-mail.

"The American people are no longer confident that the law protects their right to communicate privately via e-mail or other Internet communications, and Congress will act to modernize America's privacy laws if the courts fail to maintain a strong privacy standard," Inslee said in a press statement.

The e-mail ruling, as Post reporter Jonathan Krim described earlier this month, involved former e-mail service provider and out-of-print bookseller Interloc Inc., whose vice president told the company's engineers in early 1998 to copy and store incoming mail from Amazon.com. The U.S. Attorney's Office in Boston charged the company with violating wiretap and communications intercept laws, but the appeals court ruled that the company did this legally because the e-mail messages were stored in the company's servers.

That, said Inslee and his co-sponsors, is not what Congress intended in the 1986 Electronic Communications Privacy Act.

Problem is, Congress just adjourned for the summer, and not a lot is expected to get done this fall because of the presidential and congressional elections. As a result, it could take some time before this legislation gets the attention its sponsors think it deserves.

Robert MacMillan, washingtonpost.com Tech Policy Editor

© 2004 TechNews.com