% fortune -ae paul murphy

Sobering up

Email viruses are so passe, between improved filtering and spreading user awareness, this is a plague that's over - or, at least, that's the received wisdom among pundits.

Sadly, it ain't so.

Last week saw the 25th variant of the so called "Sober" email virus since mid October get itself nominated as the worst this year by both F-secure and Symantec.

Zdnet's report, by Tom Espiner under the headline Thanksgiving will bring a Sober hangover, says it all:

The latest test outbreak of the Sober worm will accelerate as US computer users turns the PCs back on after the Thanksgiving holiday, security firm MessageLabs warned on Friday.

Business users will return from the break and open mail that has been sitting in their inbox since the first hours of the attack, which could include infected emails, MessageLabs warned


This week's Sober attack is the largest that MessageLabs has seen in 2005. "This is the biggest outbreak of a mass-mailing virus all year. It is a concern because we thought we'd seen the last of mass-mailers," said Wood.

Experts at antivirus company Sophos also see Sober-Y as a major threat. Globally, one in 18 emails are now infected by the Sober worm, Sophos said on Friday.

Or almost all: of the 159 reports returned by google news on Sunday Nov 27, for a search using the words "email sober virus" only three mentioned anything about this problem being limited to Windows on Intel - and only one, by Benoit Leterme on Belgium's datafuse.net explicitly mentioned that neither MacOS X nor any other Unix variant is directly affected:

While Apple and Linux users aren't affected by the Sober-X virus, Windows machines do feel the sting. The virus is being spread by an email message which tells users the FBI or CIA has tracked down illegal visits to websites with their IPs. The email demands users to open an attachment which contains questions regarding their "illegal" actions. Which is all a load of bull. By the way, how people still fall for this kind of crap is simply beyond me.

It's beyond me too, since this is a plague we have the technical and market mechanisms to eliminate fairly easily.

Paul Murphy wrote and published The Unix Guide to Defenestration. Murphy is a 25-year veteran of the I.T. consulting industry, specializing in Unix and Unix-related management issues.