California resident Marcy Levitas Hamilton has initiated a class action suit against Microsoft. Hamilton complains that security bulletins are too difficult to understand and that they serve only to give hackers advance warnings of flaws. The lawsuit just happens to coincide with, and borrow language from,a report issued a week previous, dubbed CyberInSecurity.
In both Hamilton vs. Microsoft, the class action suit filed September 30, 2003, and the report titled CyberInSecurity released a week previous to the filing, plaintiff Hamilton and the authors of the report complain that "Microsoft’s eclipsing dominance in desktop software has created a global security risk" and warn that thanks to Microsoft's "near ubiquity in personal computing, the world's computer networks are now susceptible to massive, cascading failures."
To prove their point, both make examples of various worms, such as Blaster, Slammer, and SoBig.Blaster was far more prevalent than Slammer, infecting an estimated 500,000 systems worldwide and Sobig is considered one of the worst email worms of all time, infecting an estimated 200 million emails. Certainlyboth represent atremendous number of infections...or do they?
The NUA Internet Surveys estimates that currently 605.60 million users are online worldwide. If that's the case, that means less than .083% oftotal users were infected with Blaster. Even if the number of estimated online users is divided by half, the rate is still less than .17%. That's point one seven percent.
The University of California at Berkeley provided figures in 1999 that indicated there are approximately 440 million corporate and personal mailboxes worldwide and that the average number of emails per day per user was 34. That's just about 15 billion email per day. Using these older 1999 figures, (which one assumes are far less than the actual current number) Sobig.F emails constituted less than 1.34% of total email traffic.
These figures raise the question: Do the facts really back up the claims of "massive, cascading failures" or are these claimes rooted in FUD (Fear, Uncertainly, and Doubt) rather than in reality.
Admittedly, the media (including this site) doesn't help the situation with headlines warning of "Massive attacks" or "Killer worms" - headlines based on loose comparisons to previous worms. For example, in terms of Internet worms, Blaster affected a far greater number of systems than any other in history, with the exception of Nimda. As such, its impact is deemed to be "global" or "massive" by those doing the reporting. It is helpful, then, to remember the narrow perspective from which such reporting is often done, i.e. from a perspective biased by past virus behavior and total number of infected, rather than on the percentage of users actually infected.
