My letter, outlining everything that was wrong in that article I could think of, is behind the cut. I've not hyperlined anything as it is a plain-text e-mail.
Regarding this article:
("Linux cyber-battle turns nasty")
I'm very disappointed by the quality of "journalism" (and here I use the word in its loosest possible sense) in the article by Stephen Evans on the MyDoom computer virus. His opinions regarding the intents of the virus creators are treated through most of the article, except in a minor comment near the end, as statements of fact. This is improper. Not only could Stephen possibly know the intent of the virus creators, the assumptions he uses to build his opinions contain glaring factual errors which any basic education in the technology field would have corrected. His article looks like he simply took the press releases of SCO -- which have already got them in deep legal trouble in Germany for providing false information -- as fact.
The factual errors in this article include:
1. "It has attacked a company based in Utah called SCO"
This is presented as the main purpose of the existance of the virus, which is certainly not an opinion shared by anyone in the IT security community.
The main focus of the virus is three-fold. It installs a "back door", which is a means for malicious users to gain access to an infected machine. It also installs something called a keylogger, which takes records of every keypress that is made on the computer. This allows the virus to gather information like usernames, passwords and credit card numbers which anyone who knows of the back door can collect.
Finally the virus installs something called a spam relay, which (in combination with the back door already mentioned) allows spammers to send more unsolicited junk e-mail without being traced. To anyone versed in the technologies of the Internet (as one would assume a journalist writing about a computer virus would be, especially a *BBC* journalist), it would be apparent that the DDOS attack on SCO's website is a blind, designed to focus attention away from the real payload of the virus -- and in the case of this virus and this journalist it succeded admirably.
2. "bringing down its website with a barrage of emails"
The MyDoom virus used a barrage of HTTP requests to bring the www.sco.com website down. Websites and mail systems are entirely different, they use different Internet protocols, network ports and servers. It is quite simply impossible to take down a website with "a barrage of e-mails". The attack that the virus uses (called a "Distribited Denial of Service", or DDOS) works by first infecting a lot of machines, and then using all of those machines to request a website many times. That would be like half a million people all trying to view the website at once, and clicking "Refresh" on their Web browser when they got there. This is by no means a new attack as the article states, it has been used almost since the introduction of websites to the Internet, and ways around it are numerous. Indeed, SCO used one of the ways to avoid this attack three days before the virus was supposed to attack.
The virus *spread by* email, it did not -- could not -- *use* email to perform a DDOS attack on www.sco.com.
3. "Two years ago, SCO claimed that it owned more than 800,000 lines of the system which had always been available for free and to anyone since its invention in 1991."
This is actually several factual errors in one.
"Two years ago" - This is incorrect, SCO first claimed that Linux contained improperly contributed Unix code in early 2003, approximately one year ago. At that time it did not claim "more than 800,000 lines".
"...claimed 800,000" - SCO expanded its claims in mid 2003 to include the "more than 800,000 lines" quote, at one point suggesting over 1,000,000 lines of code. This is only 6-7 months ago, not two years ago.
"since 1991" - SCO has only claimed that contributions to the Linux kernel past version 2.4 impinge on its rights -- this is code from significantly later than 1991. SCO has not yet claimed rights to any of the 1991 code.
SCO is notorious for issuing press releases written at least in part for PR purposes. If a business journalist (like the business journalist that wrote this article) were to perform any independant research rather than relying on SCO press releases, he or she would see that none of the claims SCO have made -- neither the falsely reported ones quoted, nor the corrections from the real documents -- have ever been backed by evidence. Indeed, in the SCO/IBM case, this lack of evidence has become legally apparent.
4. "On top of that, SCO has sued IBM, accusing it of using SCO property because it too uses Linux."
SCO has sued IBM over a contract dispute. SCO has not sued IBM because it uses Linux. SCO has claimed -- without a shred of evidence to support this claim -- that IBM has used Unix methods and trade secrets improperly in its contributions to Linux (SCO claims it is a succesor in interest to Unix copyrights, methods and trade secrets which Novell sold to Tarantella - this is also in dispute, also without any evidence to support it).
5. "Despite the law-suits against users by SCO,"
SCO has not sued any Linux users. It has sued IBM, it has been counter sued by IBM, Red Hat has sued SCO, SCO has sued Novell. At no time has SCO sued a Linux user. They are *threatening* legal action against Linux users who do not pay SCO for a license to the value of US$699. Selling these licenses is based on the assumption that SCO will win against IBM and Novell. If this does not happen, anyone who bought an SCO license would be able to sue SCO for fraud. These threats of legal action are at present another work of SCO's PR department, which wants to get article like the one written by this BBC "journalist" into the media in order to strengthen public opinion against IBM and Linux.
6. "Meanwhile the court dispute between SCO and Linux users (rather than the cyberspace war between SCO and the hackers) is scheduled for next year in a court in Utah."
There is no court dispute between SCO and Linux users. There will never be until SCO produces some actual evidence, which it has so far failed to do on two seperate occasions.
7. "If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source)."
"Open source" is about having the source code to a program available to compile, modify and/or extend as the user wants, rather than relying on monolithic corporations to alter programs as and when they see fit. This has nothing whatsoever to do with code being free to all, and also mirepresents the aims of open source software.
The article goes on to state:
"There seems little doubt that SCO was targeted - illegally and unacceptably, lest anyone be in any doubt - because it has enraged many people devoted to the Linux operating system"
This is patently absurd. The computer virus in question only runs on the Microsoft Windows operating system. The skills and knowledge needed to program such a virus are not skills many Linux users, especially Linux devotees, would possess. To insinuate that a Linux user created the virus is the same as saying that someone who has owned and ridden a motorcycle for the past 30 years would be able to perform feats of driving in a car which would put Colin MacRae to shame.
"There's no proof, of course, but it must be one of the theories at the top of any investigator's list."
That the disclaimer of lack of proof is relegated to the closing paragraph of the article -- and even then with a caveat that to most people will read "but it's probably all true anyway" is deplorable in any form of journalism. This is below the standard of journalism required by local newspapers, let alone an institution such as the BBC.
Both SCO's press releases and the MyDoom.A computer virus were obviously designed to spread what Internet users call "FUD" -- Fear, Uncertainty and Doubt. That Mr. Evans was allowed to publish an article based on this FUD rather than actual facts is quite frankly deplorable.
Please feel free to contact me if you have any questions about my statements. I have not included the impartial references from which I draw my information in line with the text, as this would disrupt the message. I include them here for consideration.
Information about the MyDoom computer virus:
Information on the various SCO lawsuits and their claims: