Wired Slammed For Publishing Slammer Code

Some security experts say the magazine is giving hackers an assist by publishing the source code for the Internet worm.

George V. Hulme, Contributor

June 10, 2003

3 Min Read
InformationWeek logo in a gray background | InformationWeek

Some security experts are criticizing the decision by Wired magazine to publish the complete source code to the SQL Slammer worm in its July issue, which hits newsstands Tuesday, saying it amounts to an algorithm on how to wreak havoc on IT systems worldwide.

The Slammer worm struck the Internet on Jan. 25, infected about 75,000 systems in about 10 minutes, and, according to several researchers, cost an estimated $1 billion in damage and clean-up costs. It was the fastest-spreading worm in Internet history and struck unpatched Microsoft SQL Servers or systems running Microsoft SQL Server Desktop Engine 2000.

"We believe in security, not obscurity. We are fully behind those in the security community. And that means you shine a light upon the vulnerabilities and risks, you don't gloss it over and pretend it doesn't exist," says Blaise Zerega, managing editor of Wired.

The magazine's decision to publish the Slammer code isn't the first event to spawn controversy in recent weeks. Last month the University of Calgary announced its plan to teach a malware course next fall that will include having students write their own viruses. Malware is malicious software that's designed specifically to damage or disrupt a system.

Alongside the Slammer source code, the article details how five blocks of code enable the worm to infect at-risk applications, choose the next app to infect, and then move itself onto the next victim. Security experts aren't sure whether the story brings more awareness or potentially increases the pool of probable worm writers.

"The people who are in a position to attack the Internet and create viruses do not turn to Wired magazine for that kind of information. The people who are in a position to safeguard the Internet and defend against this sort of thing do turn to Wired magazine to read up on important issues like this," contends Zerega.

"There are lots of ways for people to get this [Slammer source code], but to add to it and say that it won't do harm is silly. It's to say a single vote doesn't matter in an election," says Pete Lindstrom, research director at Spire Security. "And in order to rid ourselves of this problem, it doesn't help to publish the code and make it accessible to people."

"The only thing they did is provide the actual code to a greater number of people. And they made it [virus writing] more attractive to a greater number of people," says Russ Cooper, surgeon general for security firm TruSecure Corp. and the editor of the NTBugtraq security newsletter. Many representatives of antivirus companies have said that publishing the code could do more harm than good.

But not every security company says the publishing of worm or virus code is a bad thing with potentially negative consequences for IT shops. Anyone who wants a copy of the Slammer worm simply has to connect an unprotected server to the Internet and "they'll get it in a few seconds," says Dan Ingevaldson, team leader of the X-Force R&D division of Internet Security Systems. Nor does he fear that publishing the code will increase the pool of potential malicious code writers. "Those that are able to do this already know where to get the code and how to do this," he says. "I don't think the publishing of the code will give anyone an advantage they already don't have."

But Cooper, and those that agree with him, don't see it that way. "The ludicrous thing is Wired is thinking like the University of Calgary in that they will help fix the problem by demonstrating how malicious software works," he says. "You don't need to know that to stop viruses or buffer overflows."

About the Author

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights