"The number of attacks on computers is increasing exponentially," as Thomas Dübendorfer , ETH computer scientist told participants at last Wednesday's ETH World event. Many attacks, however, are not carried out by highly qualified computer buffs but by people who have never written a line of source code in their lives. "Programmes can be downloaded from the Internet with which every user, with absolutely no programming skills, can tinker and spread a new virus." It is also very simple to find programmes that can spy on networks. A starter's level of computer know-how suffices to read along and intercept e-mails and passwords. And once a password is known , an attack is usually not far behind.

Amateurs and pros

But there are also professionals at work. They break into computer systems and copy, change or delete data and often disappear as silently as they came. Indeed, one trademark of the professional is that he knows how to cover his tracks. This is why such attacks are not detected immediately and an even greater number are probably never discovered. Or, as Dübendorfer puts it, "Perhaps your computer has already been tapped and you never even noticed." An example of such an attack can currently be seen in the movie theatres. In "The Matrix Reloaded" Trinity infiltrates an external computer system using a tool that actually exists – and works.

Thomas Dübendorfer (right): "Perhaps your computer has already been tapped and you never even noticed." large

Known vulnerabilities

In order to successfully fend of attacks it's important to identify possible vulnerabilities, as Dübendorfer emphasised. One primary weak spot stems from the programming errors often found in widely used programmes. The growing complexity of programmes leads to an increase in the number of weak spots.

He explains why it is that programmes are sold with inherent vulnerabilities: "The time pressure to develop software means that programmes often arrive on the market that have not been adequately tested for gaps in the security system." If such gaps are identified later , a correcting programme, a so-called bugfix can be downloaded, free of charge, from the producer and installed but this is not done systematically by all users." This explains why attacks continue to be successful years after a gap in security has been identified, even though these weak spots could have been eliminated, long ago. In order to operate a computer securely, each and every user should update security features at regular intervals.

Anyone surfing the Internet is "under attack" but there are ways to protect computer. (Picture: ETH World) large

Just like agriculture

The problem is compounded by monocultures. The danger posed to everyday computer use by this practice is the same as that posed to farming. It makes the crops, or in our case the operating system, more susceptible to attacks. If, for example, a majority of users use the same mail programme, any virus that finds a weak spot in the defences of the programme will spread very rapidly. If, on the other hand, many different programmes are used then it is far more difficult for a virus to spread, if not impossible. This is because it is difficult to create a single virus that can get the better of several different mail programmes.

Healthy distrust

Another weak point are the so-called "Trojans" that pretend to be a beneficial application to the user but who have hidden agendas. Once a programme has been installed and started up, this hidden agenda can wander around at will, spot data and change or delete it. Modem users beware: Trojans exist that call up expensive service numbers, like 0900, depending on the country, and run up gigantic telephone bills. As far as Trojans are concerned there is one basic rule: cultivate an attitude of healthy distrust. No programmes should be downloaded from unknown homepages, especially from those with pornographic content.

Rule of thumb: starting up a programme gives it sovereign control of your computer. And who would hand over the steering wheel to a total stranger? Dübendorfer advises: "Only programmes that one really needs and uses should be installed and one should know that they come from a legitimate (secure?) source." Should an ETH computer be attacked despite virus scanners and other precautional measures, users should immediately get in touch with their system administrator, who can then deal with the problem with the Network Security group (1).

Technical measures

Together with his colleague Arno Wagner, Dübendorfer at the end of his lecture demonstrated, how an attack on a computer on which distance administered software was installed. An outside party was able to follow the exchange of data between the two computers and was even able to telecontrol one of them. The two computer specialists then demonstrated how the installation of a firewall was able to successfully fend off an attack on the computer.

Linux safer than Microsoft?

At the end of the event, one of the participants asked whether Linux's operating system was safer than Microsoft's. Wagner's answer: "The Linux community generally includes people who have more and higher levels of training and, generally speaking, they work on safer computers. But a badly maintained Linux server is probably less safe than a well kept Windows server. It all depends on the responsible administrator."