A hoax in the post

OK, so we got caught out - and were roundly abused for our sins. The "Good Times" virus mentioned on last week's Network page is a hoax, an urban myth that has been around in various forms across America and Europe at least since last December.

There is no deadly virus that can send your processor into an "nth complexity infinite binary loop" or wipe your hard disk, only a chain-letter style e-mail that claims such a virus exists and that it is activated by the act of opening and reading an e-mail. In the words of one reader, "it is impossible to catch a virus by reading e-mail. True, if someone sends you a binary program via mail and you download this and execute it, it could be virused, but there is a lot of difference between that and the Good Times alert."

There is one situation in which a virus-type entity could enter your system by the act of reading an e-mail. If you are using a mail interpreter such as "mime", popular with Mac users, it would be possible to receive an e-mail that had a macro - a specified string of instructions - embedded inside a document. For example, an Excel macro can be run automatically from within a Word word-processing document.

When the "mime" remote system opens the e-mail, it sees a Word document and sends it to Word, which then interprets it and expands the Excel macro on the assumption that it is a straightforward import. But the macro could also open a spreadsheet, which in turn contains instructions to delete certain files from your hard disk.

Although potentially destructive, this would not be a true virus as it would die immediately - as well as be immediately discovered - on any system that did not have a "mime" type of e-mail decoder set up.

The Good Times message is, of course, a virus in itself. It is spread through the act of opening and reading e-mail files, although they are not called Good Times but something like "Virus Alert!!!". And while this virus does not activate an "nth complexity infinite binary loop" in your processor, it does (sort of) activate one throughout that section of the populace it manages to infect.

Like many bacterial viruses and urban myths, this virus has infected a population, grown to epidemic proportions, and has disappeared, only to resurface somewhere else at a later date.

The Independent was alerted to the "virus" by three messages within two days, showing that it was breaking out all over the place the week before last. No doubt it, too, exhibits behavioural patterns and will prove hard to eradicate with new users coming online. But uniquely, Good Times's pathology has been fairly well tracked, thanks to alert Net users (unlike us).

For more information on Good Times as well as more traditional computer viruses, have a look at these Internet sites:

ftp://usit.net/pub/lesjones/GoodTimes-HoaxFAQ.txt

http://www.tcp.co.uk/tcp/good.times.html.http://www.singnet.com.sg/staff/lorna/V irus

Cooper James can be reached on cooper@plateau.win-uk.net