Due to "constant and unending" Windows security vulnerabilities Computer Operators Group (COG) has decided to shut down Boogle, an indexing engine students use to locate files on the Brandeis computer network. Boogle's website now tells studens that file-sharing leaves anyone who shares files or uses any type of incoming network services vulnerable to "remote exploit and system compramise.""We recommend that any non-essential services are kept turned off, computers are kept off at night, and theWindows personal firewall is turned on for users of Windows XP," the COG statement read.

Recently UNet Systems Administrator Rich Graves posted on a myBrandeis.edu forum that at least three students had their computers comprimissed and used by the Russian mafia to launder money and trade child pornography.

Graves told the Justice that viruses usually infect campus computers in one of three ways: as spam-related links and attachments, as viral files or programs downloaded by the user, usually from peer to peer programs such as Kazaa, and from exploited security holes in Windows and Internet Explorer software. The first problem Graves said he is relatively confident of dealing with conclusively, as UNet filters block approximately 90% of incoming spam. Even so, it is unavoidable that some spam will find a way around this filtering process, and users are strictly cautioned to not even open such suspect e-mail.

The other two possibilities are a far more pressing concern, according to Graves. Aside from routine scans, there is really no way to identify illicit files users willingly download, due to the inherent possibility of monitoring so much network activity, and active and up-to-date virus protection is the only effective remedy, something, Graves said, is completely out of his hands. For the sake of your computer and all the other 3000+ computers connected directly to it, Graves said students should strictly keep their virus protection active and up to date.

Graves said he cautions users to not use such peer-to-peer software at all. He pointed out that one such program, called Earthstation 5, even contains malicious codes that gives it administrative access to computers that use it, allowing it to delete files on these computers as the people who control it wish. The reasons for this are unknown, but they highlight the inherent dangers of such software. This is, of course, in addition to the well-known legal ramifications of such programs.

The third avenue of viral contamination, holes in Windows product security, is by far the most threatening problem, Graves contends. There is, Graves warns, a documented but as yet to be resolved hole in IE's coding that allows hostile programming to alter the address registry of victim computers, allowing hackers to rout affected systems to whatever websites they wish.

According to Graves, the ultimate aim of the vast majority of viruses is to seize control of your computer and use it as an intermediary to take control of more computers, to manufacture spam, or even to surreptitiously host websites, usually pornographic in nature. There is even a black market for such controlled computers, Graves added, with prices around one dollar per compromised PC.

Erez Dayan, '06 was one of the students whose computer the Russian Mafia used. According to Dayan, "The computer was always running something," and it "started opening random programs when I loaded AIM."

In addition to the initial hassle of the virus, he said hehad to go through a lengthy process to regain his network connection that included reinstalling Windows, which took over a week to complete. Dayan said he suspects he got the virus through an e-mail attachment or a false music file he downloaded.

Viruses can be more than merely inconvenient Graves said. On Jan. 25, Graves cited an instance of a kind of virus that infected Microsoft-based web servers, spread rapidly, and for a time, managed to shut down the entire internet by clogging it up with trash data.

It is possible to wreak all kind of havoc on networks of any kind, and all the hackers need is one opening and one careless user, Graves said.

"Keeping your computer secure is a national security issue, as the combination of human error and human malice on the Internet can be hugely disastrous," Graves said.