Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security

You Think Discovering a Computer Virus Is Hard? Try Naming One (wsj.com) 49

Like astronomers who discover new stars, security experts who first identify computer bugs, viruses, worms, ransomware and other coding catastrophes often get to name their finds. Such discoveries now number in the thousands each year, so crafting a standout moniker can be a serious challenge. From a report: Two years ago, German security firm SerNet GmbH figured a punchy name for their bug discovery would give the company a publicity jolt. They called it Badlock, designed a fractured-lock logo and set up a website. The marketing push backfired when some security experts decided Badlock wasn't that bad. Cynical hackers called it Sadlock. "We would not do this again," says SerNet Chief Executive Johannes Loxen of the branding blitz, which he says was overkill because a relatively small number of people were affected by Badlock. Hackers are no fans of marketing. They brand things in their own way. Puns and historic references are the name of the game. "They see it as a kind of grass-roots initiative," says Gabriella Coleman, an anthropologist who teaches courses on hacker culture at McGill University in Montreal.

Some venerable names that have stood the test of time: The Love Bug, for the worm that attacked millions of Windows personal computers in 2000, and Y2K, a turn-of-the-century programming scare that didn't live up to its hype. Many names tend more toward geekspeak. The title of hacker magazine 2600 is a tip of the hat to 2600 hertz, the frequency old-school hackers reproduced to trick AT&T phone lines into giving them free calls. Computer worm Conficker is an amalgam of "configure" and a German expletive. Code Red is named after the Mountain Dew drink researchers guzzled while investigating the worm.

You Think Discovering a Computer Virus Is Hard? Try Naming One

Comments Filter:
  • That's the ex-wife cause she fucks up everything she touches.

  • by Anonymous Coward

    Unless something gets a big public profile or it is "interesting" in some other way, just refer to it by a "formulaic" name, such as the CVE that first mentions it.

    • Agreed. At work we deal with new vulnerabilities daily. Tuesday, Microsoft released patches for maybe 70 vulnerabilities, as they do each month. CVEs are fine.

      Heart bleed we reference often enough that it's useful to have a memorable name, rather than trying to remember the CVE. Though even in such cases, it might be more useful to use the category names such as "padding oracle" instead of saying "similar to Logjam". That reminds us that Logjam is only a very specific case of a general problem. You can e

  • Y2K (Score:5, Insightful)

    by Megol ( 3135005 ) on Thursday April 12, 2018 @01:10PM (#56425707)

    There were a _lot_ of effort trying to reduce the Y2K problem, it succeeded and now it was all hype. Yeah...

    • Re:Y2K (Score:4, Insightful)

      by stevel ( 64802 ) on Thursday April 12, 2018 @01:29PM (#56425867) Homepage

      Absolutely correct. It would have been a LOT worse if nothing had been done.

    • Re:Y2K (Score:5, Informative)

      by TheStickBoy ( 246518 ) on Thursday April 12, 2018 @01:39PM (#56425945)
      yes thank you!
      I came here just to complain about that one quote: "...and Y2K, a turn-of-the-century programming scare that didn't live up to its hype"

      I was a consultant for that worked on Y2K compliance for a very large US firm with over 5k unique software applications/installs. We identified the risk and patched where appropriate....and there was risk!
      Y2K rolls past and everyone says, oh well....guess it wasn't really an issue.
      ARGH!
      OK, I admit there was alot of hype in 1999 about Y2K but there were alot of programmers working on it. We will just never know how bad it would have been if it was just left as is.
      • OK, I admit there was alot of hype in 1999 about Y2K but there were alot of programmers working on it. We will just never know how bad it would have been if it was just left as is.

        Yes, actually, we do, within some bounds. The hype was that power would go off, cars wouldn't start, and it would be the end of days. That was just plain stupid since critical real-time systems generally do not work with dates. If absolutely nothing had been fixed, billing and financial systems, in general, would have been pretty messed up. The recession might have hit eighteen months early and might have been deeper. But most modern technology would ride on through.

    • by Anonymous Coward

      Yes, I hate it when idiots who know nothing say that Y2K was overblown.

    • There were people asking if their screwdrivers would stop working. The hype was much larger than anything that could have happened if nothing was done.
  • 2018-0001

    2018-0002

    Etc...

  • I'm not taking advice from a company whose best attempt at naming *themselves* is "SerNet GmbH". Four capital letters in two words, and there aren't even any vowels in that second one. How the hell am I supposed to pronounce that?

    * I am aware of German corporate names. Though "GmbH" is still awkward, and as an American I've got no idea how to pronounce it.

    • Though "GmbH" is still awkward, and as an American I've got no idea how to pronounce it.

      Try "gee-em-bee-aitch".

The other line moves faster.

Working...