It seems that almost all of my Windows-using friends and family (a.k.a. "the black sheep" or "the lost sheep") have been infected by the Klez virus (actually it's both a worm and a virus). Corinne, Jed, and I have all received it numerous times.

This is a powerful little piece of code with two unusual features. First, when it sends copies of itself to everybody in your address book it will sometimes appear to send the messages from someone randomly chosen from the address book, thus making it very difficult for average computer users to figure out who is and isn't infected. Second, it accomplishes the above by sending the messages with its own, built-in SMTP engine. That means it doesn't ask Outlook to send the mail.

It's not clear (to me) if the virus has the smarts to bypass your mail server as well as your mail client -- probably not -- but it doesn't really matter. This is a smart little bug.

Update: I forgot about a third "feature" of this lovely bug. You don't actually have to open any attachments for it to spread, you only have to read the email. Microsoft has a patch for that, but hardly anybody keeps up to date with their patches. (Who has time!?)

Speaking of viruses... news.com is reporting that the incredibly annoying second version of the Code Red virus (not Code Red II, which was the third version), as well as a similar virus known as Nimda, are still spreading. As of April there are officially 18,000 fully infected servers. There were 12,000 in December.

These security experts know what machines are infected because they're logging which IP addresses are trying to spread the virus. However, the article says that these same experts are claiming the problem is not easily solved, because if they shut the machines down they'll just start trying to send out the virus again as soon as they're restarted.

That sounds to me like an over-simplification, or perhaps even a misquote. If they could get to the machines (or their owners) to shut them down, then they could also remove the virus and apply the patch to prevent it from re-infecting the system. How would they get to these machines in the first place, though?

Of course the real problem is figuring out what to do with the server operators who would allow their servers to be infected and then to stay on the net for months on end. Should they be tarred and feathered, or skinned, or both? If both, then in which order?

While Corinne and I were driving home this afternoon, after meeting, we passed under the railroad tracks in Pawcatuck and immediately started hearing some sort of siren. It was very loud, but the tone was deeper than most sirens. Corinne thought it might be a train whistle, but we later realized it was the fire station's warning whistle.

After ~ 30 seconds the sound stopped, and we passed the area that we thought it was coming from. I said that it had sounded like someone -- someone with really good lungs -- had a huge empty jug and was blowing across the top of it. I demonstrated what I mean by miming the action: holding an invisible jug up to my lips and blowing.

Just as I did it -- and I mean the very instant -- the siren sounded again. I jumped, and Corinne looked at me like, "How on earth...?"