[extropy-chat] The emergence of AI

Sat Dec 4 18:00:36 UTC 2004

At 01:22 PM 04/12/04 +0100, you wrote:
>On Fri, 3 Dec 2004, Gina Miller wrote:
>
> >Was that the "I love you" virus?
>
>No, a computer virus requires manual intervention. What Keith was
>describing is more accurately called a "worm", which can infect hosts by
>itself.  It's probably the Code Red worm.

You are right, it was a worm instead of a virus.  I should have 
looked.  Googling for _"8.5 seconds" virus_ the first two are:

http://www.infoplease.com/ipa/A0872842.html

"2003
     In January the relatively benign "Slammer" (Sapphire) worm becomes the 
fastest spreading worm to date, infecting 75,000 computers in approximately 
ten minutes, doubling its numbers every 8.5 seconds in its first minute of 
infection."

http://www.detnews.com/2003/technology/0302/06/technology-78167.htm

Code Red gets mentioned here doubling in 37 minutes.  That might be slow 
enough for humans to do something.

Keith Henson

**************

Thursday, February 6, 2003

"'Slammer' worm fastest ever, doubling in 8.5 seconds

By William Selway / Bloomberg News

SAN DIEGO -- "Slammer" was the fastest computer worm ever, researchers say, 
spreading to more than 67,000 computers around the world in 10 minutes on 
Jan. 25, closing bank machines, delaying flights and slowing Internet traffic.

The worm, a string of computer code that took advantage of a flaw in 
Microsoft Corp.'s server software, doubled in size every 8.5 seconds during 
the first minute, according to research published by the Cooperative 
Association for Internet Data Analysis. In contrast, the "Code Red" virus 
took 37 minutes, or more than 250 times as long, to double when it appeared 
in 2001.

"When (a worm) spreads this quickly, it's very hard to react," said David 
Moore, a researcher at the association, which is based at the University of 
California, San Diego.

Worms are similar to computer viruses in that both types of malicious code 
make copies of themselves. Worms propagate by attacking a system, while a 
virus spreads through the exchange of files.

Once "Slammer" infected a computer, it scanned the Internet and sent copies 
of itself to other vulnerable servers, the large machines that run Internet 
sites and corporate networks. Within 10 minutes, "Slammer" was able to scan 
3.6 billion of the world's roughly 4 billion Internet addresses to seek out 
potential targets, Moore said.

The worm looked for vulnerable computers at a pace of 55 million a second 
within three minutes of its appearance, slowing only because so much of the 
worldwide computer network lacked the capacity to allow it to spread as 
quickly as it could.

Half of all Internet signals weren't reaching their destination at the 
height of the attack, according to the Internet Traffic Report, because of 
the volume of traffic created by "Slammer."

Commercial and government networks were affected. Bank of America Corp.'s 
automatic teller machines were shut down, while emergency dispatchers in 
Bellevue, Washington, had to take notes with pen and paper after their 
network slowed.

The effect could have been more severe if the worm had carried instructions 
to harm computer networks rather than spread copies of itself, or if it had 
exploited a more widespread vulnerability, according to the researchers. In 
July, Microsoft made software available to fix the flaw in its SQL Server 
and MDSE 2000 software that was exploited by "Slammer."

"It could have been much more damaging than it was," Moore said. "It could 
have destroyed data on the machines or set itself up to do something more 
damaging in the future."

Most of the infected computers were in the U.S., according to the CAIDA 
report. About 43 percent of the infected machines were in the U.S. and 12 
percent in South Korea, the second-worst affected country, according to the 
report.

CAIDA, the Cooperative Association for Internet Data Analysis, is a center 
where researchers from business, government and academia study Internet 
security. 