Virus downs students' computers
- August 29, 2003
- |
- Samantha Young, Technical Editor
- Section: Cover
Malicious programs, known as "worms," crippled computer systems around the globe and in Martin. Worms are so called because they can move from computer to computer without being triggered by human input.
Two worms, most commonly known as MSBlast and Welchia/Nachi, exploit a vulnerability in Microsoft Windows NT and Windows XP.
Computers infected with MSBlast shut down at random with sixty seconds' warning and were poised to overload Microsoft's Windows Update server on August 16. This denial-of-service attack was narrowly averted when Microsoft deleted the address to be targeted. The Welchia/Nachi worm, transmitted in a similar manner as MSBlast, was actually designed to patch up the weakness exploited by MSBlast but uses other system weaknesses to its own advantage. It also overloads affected systems while transmitting itself to computers without the Welchia worm, causing them to crash.
Both worms are easily removed and do not cause irrevocable damage. Both worms are also unaffected by anti-virus protection software.
Regardless, on Wednesday evening, resident assistants delivered memos from Computer Services to dorm residents notifying them that, beginning early the next morning, employees of Computer Services would be coming around, de-worming student-owned computers, deleting previously-installed software, and installing McAfee Corporate Edition, which can receive UTM-specific patches in automatic updates.
Most students were given as little as fourteen hours' notice that this would take place, were told that they were to leave their login and password so Computer Services could do this, and were informed that continued access to the Internet through dorm networks was contingent upon full cooperation with these directives.
When reached for comment, Dr. Jerald Ogg, dean of the College of Humanities and Fine Arts and a judge advocate general for the Air Force Reserve, indicated that, because these are student-owned computers and not university-owned computers, the legality of these actions hinged upon whether or not such a clause existed in the UTM Network User Agreement indicating that, in exchange for access through UTM servers, dormitory residents gave permission for Computer Services to take such actions.
According to Shannon Burgin, Director of Computer Services, there is no such clause that explicitly or implicitly gives permission for Computer Services to act in this manner.
Despite this, at least 10 rooms were accessed in Ellington (the assistant hall director said she accompanied Computer Services employees into every room on the first floor of Ellington F-side) without the then-required search warrants and regardless of whether the operating systems on the computers were vulnerable to the worm Computer Services says they are going around to remove.
She also stated that students were allowed to notify Computer Services that they did not allow access to their computers, and stated that up-to-date anti-virus software would not be replaced. At press time, two cases have been reported of current Norton Anti-Virus software being deleted and replaced with McAfee Corporate Edition.
After these concerns were brought to their attention, Computer Services has since scrambled to make policy changes and has dispatched a new memo to all residents of UTM Housing addressing pressing complaints.
Joey Pierce, SGA Campus Observations Chair, assures The Pacer there will be a thorough investigation into the matter.