Home / Blogs

Remembering the Good Times

J.D. Falk

The most effective early email-borne viruses didn't need botnets. They didn't change your computer settings, or steal your login credentials. And they somehow convinced regular users to help them spread.

The first warnings about the Good Times virus began to appear in November of 1994, and by December the warnings were seen all over as people did what the warning said, and forwarded it to all their friends. There was another outbreak the following March, which quickly mutated to include a reference to a report from the Federal Communications Commission. After return in October, Good Times virus warnings became a part of the landscape which didn't fade away for years.

According to the primary Frequently Asked Questions document about Good Times, warnings were spread within AT&T, CitiBank, NBC, Hughes Aircraft, Microsoft, Texas Instruments, and many other large, technologically savvy companies. It was reported on news radio stations, and FAXed between branch offices.

The Good Times virus was said to spread via email messages with a subject of "Good Times" — which was also the subject line for many of the warnings. It would erase your hard drive, destroy all your files, fill your ASCII buffer, send copies of itself to every address in your saved mail files, and/or place your computer's processor "in an nth-complexity infinite binary loop."

"Its an opportunistic self-replicating email virus", explained professor Clay Shirky, "which tricks its host into replicating it, sometimes adding as many as 200,000 copies at a go. It works by finding hosts with defective parsing apparatus which prevents them from understanding that a piece of email which says there is an email virus and then asking them to remail the message to all their friends is the virus itself."

Yep. The warning was the virus.

The internet was first becoming available to the wider public in 1994; most university students and faculty had accounts on educational systems, and AOL and other formerly standalone proprietary online services had hooked in. Information services, including what eventually became the World Wide Web, were connecting people as never before.

Some of these people were worried. They knew they didn't understand how email worked, or how computers worked. But they also wanted to help each other — to learn, to stay safe, and just to share. So they forwarded the warning, and their friends forwarded it, and so forth.

All that the virus needed in order to get sent around the world over and over and over was a whole lot of gullible people who honestly thought they were being helpful.

If a virus's measure of success is how far it spreads, then the Good Times virus warning virus was the most successful virus of its day...and much of what made it so successful in the mid-1990s still holds true today. Just last week, Facebook users posted warnings for each other about a Christmas Tree virus which doesn't exist. Last year, misinformation about swine flu spread unbelievably quickly on Twitter, even with official sources posting hourly. And now, of course, any popular news headline quickly becomes the topic of black hat SEO trying to trick people into visiting malicious web sites. It has never been more important to stay aware, up to date...to confirm every claim, especially before installing new software you find on some unknown web site...to be just a bit more paranoid than really seems necessary.

As the Good Times warnings said: Happy Chanukah everyone, and be careful out there. Could you pass this along to your global mailing list as well?

(This article was originally published on Return Path's Received: blog.)

By J.D. Falk, Internet Standards and Governance. More blog posts from J.D. Falk can also be read here.

Related topics: Email, Malware, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News


Industry Updates – Sponsored Posts

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

What's in Your Attack Surface?

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

Non-English "IDN Email" Addresses Are Finally Working!

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

Introducing the Verisign Quarterly DDoS Trends Report

Sponsored Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines

DNS Security

Sponsored by


Sponsored by


Sponsored by