IM the Worm


Q: I’ll fess up—I was one of those boneheads who clicked on that cute Osama bin Laden game, and thus doomed everyone on my AOL Instant Messenger buddies list to lots of annoying pop-ups. How can heavy IM users like me avoid these kinds of worms?

Not to be flip, dear reader, but common sense is your best defense. The worm you’re referring to wasn’t particularly sly, after all—before downloading the Osama game, users had to OK a terms-of-service agreement, just like with Gator, Bonzi Buddy, and a zillion other spyware turds. So rule number one is eternal vigilance; rule number two is get yourself some antivirus products specifically geared for the IM world, which should become standard-issue in the 2K4.

The latest A.I.M. worm got plenty of ink because, well, it was more annoying than a dozen deer ticks singing that song from The Bodyguard. As you noted, a message from a friend would pop up, telling you about this fantastic game where you get to sock it to Osama. But when you actually clicked through to download the diversion, wham! You also got stuck with BuddyLinks, adware that broadcasts further Osama pop-ups to all your pals. Seems like BuddyLinks is setting up infected computers for future avalanches of ads.

Obviously—and not to be a scold here—you’ve got to be super, super careful when a dialog box asks you to view and approve a service agreement. Actually read the terms, and look for tip-offs like “So-and-so may share your data with trusted third parties.” Unless you know exactly what you’re getting into, you’ve got to steer clear of stuff like this, dig? The story never ends well for the little guy.

Despite the proliferation of attached files in instant messages, IM security still lags behind that of standard e-mail. This has been a particular headache for sysadmins at businesses, whose firewalls typically aren’t set up to prevent the entry or departure of infected files via IM. Now that the Federal Communications Commission has cleared A.I.M. to carry streaming video too, the vulnerabilities should multiply. More complexity, the hacker saying goes, means more security holes.

Another ingenious ploy some digital no-goodniks have used is toying with A.I.M. profiles. Mr. Roboto’s favorite example has been the Win32.Alphx worm, which mucked with profiles by inserting hyperlinked strings of text. If you were intrigued by a come-on about seeing a mutual acquaintance naked, you’d click through to a site where you’d be summarily pornjacked—your home page would be reset to something totally lewd, and there’d be fleshy icons on your navigation bar. The lesson, yet again, is to use some common sense—friends don’t let friends post nudie pics. At least no friends of Mr. Roboto’s, though his circle of intimates is admittedly prude. (The logistics of robotic lovemaking are daunting—the titanium rubbing together makes a noise something awful.)

For better security, you might turn to one of the third-party antivirus vendors. Norton AntiVirus 2004 ($50), for example, has been upgraded to scan compressed files that travel via IM services. Better still is Zone Labs IMsecure Pro ($20), which does it all—even warding off IM spam and encrypting your messages.

Per the usual, Zone Labs also has a free, stripped-down version available for personal or nonprofit use. But if you’re the sort whose fingers are gnarled and cramped from too many hours on A.I.M., fork over the Jackson and get the Pro version. It’ll help Mr. Roboto enter stasis better at night.

This being The Village Voice and all, our target demographic breaks down roughly like this: 15 percent professional DJs, 65 percent active wannabe professional DJs, 20 percent with Walter Mitty fantasies of becoming professional DJs. All three groups will likely covet, save for the true vinyl devotees, Pioneer’s DVJ-X1 Video Turntable, which lets you manipulate DVD images with the same manipulative techniques as old-fashioned scratching and pitch controlling. A steep price tag at $3,300, but worry not—you’ve got until the April release date to save up. Maybe you can pawn those Fatboy Slim CDs that you wish you’d never bought.

Input questions at [email protected].