A virus for the what??

I can't believe it. Someone finally managed to write a virus for the WebTV...

WebTV Virus Writer Sentenced to Prison

Of course, what I find particularly amusing about this is the nature of the virus. Basically, it just reset the box's dialing script to dial 911 instead of the local access number. That in itself is not funny. But remembering how many times the Palo Alto (and then Mountain View) officials had to come to the WebTV campus for accidental 911 calls, back in the old days, makes me wonder that the whole QA staff isn't in lockup on precedent.

You see, when a WebTV box downloads its list of local access numbers, it makes its best guess as to what format the number should be dialed in (seven-digit, 10 digit with area code, 11 digit with one then the area code - I've even seen some bass ackwards places that require one then the number, with no area code - weirdos). But since this formula is not foolproof, it also lets you edit your own custom dialing options. You can tell your box to dial a nine to get an outside line (useful if you're on a PBX, like a hotel or a business), force it to dial a one when calling, and other nifty options.

The trouble is that if you have it set to dial a nine to get out and always dial a one... what happens when your local provider goes away and is replaced with a long distance provider, or a 1-800 number. Instead of dialing 9,1,5551234, you're suddenly calling something like 9,1,18004093288. Which results in the call being placed to 911, and the operator getting nothing but modem screeches in their ear.

The difference, of course, is that this guy did it intentionally, and we always did it accidentally. But man, the folks at the 911 switchboard must have hated us after a while. I'm just glad that our building never had a major disaster, since any call placed to 911 from our PBX probably would have been bumped to the bottom of the queue, under the assumption that it was just those damned WebTV people screwing with their dialing scripts again.

One Comment:

  1. Hey Ray,

    I actually QA’d the fix for this guy’s hack. Basically he took advantage of the fact that the WebTV client just blindly accepts any “wtv” link. If a link had a href to “wtv-poweroff”, the client would power off. If the link said “wtv-Run_around_and_hop_on_one_leg”, the client would do that! (if it had legs, of course). Anyway, i just thought that it was weird for a guy who had such good understanding of how our service/client worked to target the dialer. Oh well. Sux for him that he’s also getting sentenced during post-911 heightened security.

    Re: mtn view and PA police. Since it happened so many time, I think they just ignored us unless there were multiple dial and hang-ups. I remember when we were in Coast, the admin called me and asked if i was dialing 911 =P


Leave a Reply

Your email address will not be published. Required fields are marked *