Love, Microsoft

articles
May 9 2000 9:00 PM

Love, Microsoft

Who's to blame for the "ILOVEYOU" virus? Who else??

See below for Microsoft's response.

(Continued from Page 1)

It's important to note that the virus payload cannot run by itself. In order for it to run, the recipient must open the mail, launch the payload by double-clicking on it, and answer "yes" to a dialogue that warns of the dangers of running untrusted programs.

Advertisement

Sure enough, the warning is explicit and prophetic. To activate the virus, at least some people had to ignore it. And sure enough, people ignored it all over the world. They ignored it inside Microsoft headquarters—we know this because the company mail servers were shut down intermittently over a two-day period and because some copies of the virus were inadvertently dispatched onward to the outside world.

How could people be so stupid? Simple. We've seen these fine-print warnings thousands of times. We've had to learn to click on past them. We've seen them whenever we display e-mailed pictures from our friends. The warning says to "be certain that this file is from a trustworthy source"—none too helpful when our trustworthy sources are being tricked into mailing us the virus. But the wording hardly matters; we no more read these warnings than we read the click-through agreements crafted by company legal departments.

The trouble is, Microsoft applies the same warning to the passive display of content and to active scripts allowed to delete files, alter the Windows registry, and send mass e-mail.

The ILOVEYOU vandal showed a sophisticated understanding of vertical integration, a fact of life in the Microsoft universe that the Department of Justice, too, has been zeroing in on. Many different pieces of the Microsoft jigsaw puzzle are now platforms for executing programs: the browser, the word processor, the spreadsheet, the e-mail client. They all work together, and they each perform the functions of an operating system. That can be really useful. It's also dangerous. So it's time for Microsoft to make some crucial distinctions. It's one thing to display data passively: present text, play music, show pictures. It's another to grant active access to the file system: delete data, alter program settings. A good, modern e-mail program needs to be able to display all kinds of stuff. But there must be limits.

As a matter of cultural style, it's odd that Microsoft has earned notoriety for laxness about computer security. The company is such a control freak, after all, in other domains. It may be in part because Microsoft itself likes to be able to do things to our computers from a distance. If you spend any time at MSN or Microsoft.com—even at Slate—you've noticed that you are often given a chance to "install and run" some ActiveX control or other, and you are invited to check a box that says, "Always trust content from Microsoft Corporation." These ActiveX controls can do anything, where Java, by contrast, was designed not to have unbridled access to the file system. Last year Microsoft got caught placing secret unique identifiers in Office documents and collecting associated hardware indentifiers from across the Internet. Soon all Office users will be required to register their software, in the name of copy protection, and allow Microsoft to check remotely on where the software has been installed. The company has just patented a technique for installing software upgrades over the Internet, after consulting settings in the registry. All this middleware, all this powerful scripting, helps Microsoft check up on its users. Maybe that's why the company doesn't feel any great urgency about having us batten down the hatches.

I got my own copy of ILOVEYOU from a trusted friend, an Episcopal priest who often e-mails me pictures of his kids. By then I'd heard the news, so I carefully opened it for viewing. I'd like to say I was smart enough not to run the thing first, but the truth is just that I was lucky enough. 

TODAY IN SLATE

Frame Game

Hard Knocks

I was hit by a teacher in an East Texas public school. It taught me nothing.

Yes, Black Families Tend to Spank More. That Doesn’t Mean It’s Good for Black Kids.

Why Greenland’s “Dark Snow” Should Worry You

If You’re Outraged by the NFL, Follow This Satirical Blowhard on Twitter

The Best Way to Organize Your Fridge

The World

Iran and the U.S. Are Allies

They’re just not ready to admit it yet.

Sports Nut

Giving Up on Goodell

How the NFL lost the trust of its most loyal reporters.

Republicans Like Scott Walker Are Building Campaigns Around Problems That Don’t Exist

Farewell! Emily Bazelon on What She Will Miss About Slate.

  News & Politics
Foreigners
Sept. 16 2014 4:08 PM More Than Scottish Pride Scotland’s referendum isn’t about nationalism. It’s about a system that failed, and a new generation looking to take a chance on itself. 
  Business
Moneybox
Sept. 16 2014 4:16 PM The iPhone 6 Marks a Fresh Chance for Wireless Carriers to Kill Your Unlimited Data
  Life
The Eye
Sept. 16 2014 12:20 PM These Outdoor Cat Shelters Have More Style Than the Average Home
  Double X
The XX Factor
Sept. 15 2014 3:31 PM My Year As an Abortion Doula
  Slate Plus
Slate Plus Video
Sept. 16 2014 2:06 PM A Farewell From Emily Bazelon The former senior editor talks about her very first Slate pitch and says goodbye to the magazine.
  Arts
Brow Beat
Sept. 16 2014 1:27 PM The Veronica Mars Spinoff Is Just Amusing Enough to Keep Me Watching
  Technology
Future Tense
Sept. 16 2014 1:48 PM Why We Need a Federal Robotics Commission
  Health & Science
Science
Sept. 16 2014 4:09 PM It’s All Connected What links creativity, conspiracy theories, and delusions? A phenomenon called apophenia.
  Sports
Sports Nut
Sept. 15 2014 9:05 PM Giving Up on Goodell How the NFL lost the trust of its most loyal reporters.