Congratulations, we killed the Twitter worm!

But we also helped spread it. Now Cringely wonders: Are we the best hope or the worst enemy of Internet security?

You may not realize it, but you and I are antibodies. Or maybe we're white blood cells. Leukocytes? Killer T cells? I know we're definitely not germs.

I'm talking about yesterday's Twitter worm, which both spread and was contained very quickly due to the viral nature of that network. Apparently Twitter users are not merely part of the problem, they're also part of the solution, biologically speaking.

[ Get the spin on key tech news that you'll find nowhere else at InfoWorld's Tech Watch blog. | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter. ]

Per Computerworld's Gregg Keizer:

The remarkable speed with which several worms spread on Twitter on Tuesday may have sent opportunistic spammers scurrying to exploit a quickly patched vulnerability, but cyber criminals looking for ways to hijack PCs essentially steered clear.


"Social networks have built-in antibodies...their users," said Sean Sullivan of the Finnish security company F-Secure. "Compare the Twitter attack to a malicious attack of yesteryear that took weeks or even months to develop. This peaked and ebbed in two and a half hours," Sullivan said.

In case you were having a life and missed it, the attack that raged across Twitter yesterday morning was spread by tweets containing a small bit of JavaScript code that opens new browser windows when you roll your mouse cursor over it. This is a cross-site-scripting flaw that was identified and fixed by Twitter almost a month ago, then accidentally reintroduced as part of a recent patch to the site.

The Twitter attack was mostly harmless. Some caused people's tweets to become color coded -- but others tweaked the JavaScript for more nefarious purposes. The most notorious attack infected the Twitter account of Sarah Brown, wife of the ex-British prime minister, and redirected her 1.2 million followers to a Japanese porn site.

(That, or it was a clever ploy to shore up support for the flagging Labour Party -- they could use a little sexing up.)

Internet germ theory isn't as far-fetched as it may sound. According to another report in the Guardian, epidemiologists hope to study how the Twitter worm got distributed, saying it may closely mimic how pandemics spread in the flesh-and-blood world.

The trouble with Internet germ theory is that it's getting harder to tell the infectors from the infected. To wit: Norwegian Ruby programmer Magnus Holm was cited by the New York Times as "patient zero" after he boasted about distributing the Twitter worm as an "experiment." A 17-year-old Australian hacker named Pearce Delphin is also claiming credit for spreading the worm. The Guardian's Charles Arthur identifies Japanese developer Masato Kinugawa as the person who first identified the XSS hole in Twitter over a month ago.

So are these guys the good microbes (for exposing this flaw) or the bad ones (for spreading the disease)?

Another example of this is 4chan. The Net's most notorious prankster/activists were in the news again this week, after they successfully took down the sites for the RIAA and the MPAA for a few hours via a DDoS attack.

What was 4chan so mad about? A series of DDoS attacks launched by Aiplex Software -- an Indian firm hired by the RIAA to take down The Pirate Bay and other torrent tracking sites by any means necessary (including, apparently, illegal ones).

So to recap: An allegedly legitimate trade organization hires a security firm to break the law in order to take down sites that are helping people break the law, only to be thwarted by outlaws who also break the law to bring about some limited form of Internet justice. Do I have that right?

So where does the contagion stop and the cure begin? That's what I want to know.

Suddenly, I feel a cold coming on.

Who's right and who's wrong? Or does that question even matter any more? Post your thoughts below or email me:

This article, "Congratulations, you killed the Twitter worm!," was originally published at Follow the crazy twists and turns of the tech industry with Robert X. Cringeley's Notes from the Field blog, and subscribe to Cringely's Notes from the Underground newsletter.