True, some of the viruses were just losers - programs so badly written and so buggy that infected machines would just crash immediately. I didn't expect to ever see those viruses spread. But many of the others spread just fine in our lab tests. In fact, some of the viruses we had never seen in the real world were trivial variants of ones that we had seen. I couldn't think of anything that could explain why we saw some but not others.

So I wandered down the hall to my friend Dave Chess, and asked him how this could be. "I dunno," he shrugged. "Maybe they just got lucky." It seemed preposterous at first. Surely there was some real cause we could point to. Perhaps there was some subtle bug in those viruses that prevented them from spreading. Perhaps they really were spreading, but we just hadn't heard about it yet. Or maybe the ones that were spreading were being spread by some nasty frequent flyer who inserted them on machines all over the world.

In the years following, Jeff Kephart, Dave Chess and I studied how computer viruses spread in the world, starting with biological models of viral epidemics. And it turned out that Dave was right - the reason some viruses spread worldwide while others languish in labs like ours is simple - they "got lucky."

What's special about the matches that start huge forest fires? Are they more cleverly constructed than the others? Do they burn longer? Are they smarter? No. They just happened to land in a place that could catch fire, at a time when the fire would spread, and they didn't get stamped out by a local passerby. It was just random chance. They got lucky.

Virus writers are the inept pyromaniacs of the computer world. They write their little match stick programs, perhaps hoping to start a conflagration. Then they toss them out into the world. Most of them just fizzle out. But once in a while, a virus gets lucky in the beginning, and manages to spread to a bunch of systems, establishing itself as a small, local blaze. And once in a while, that local blaze gets out of control, and spreads around the world.

When a new computer virus spreads to its first machine, it is as vulnerable as that spark in the grass. Perhaps some bug keeps it from spreading to a second machine. Maybe the person who owns the machine, frustrated with its quirky behavior, decides to reformat the disk and reinstall all the software, inadvertently eliminating the virus in the process. Or - just maybe - she is using good anti-virus software, which catches and eliminates the new virus before it has a chance to spread. That unlucky virus gets stopped before it gets started.

But what if the virus gets lucky on that first machine, and spreads to a second one? Now there are two machines that can spread the virus. The virus could still get unlucky at this point, and get wiped off of both machines. Or it could spread. And if it spreads, there will be more machines that can further spread the virus. The fire will have grown larger, and be harder to stamp out. The more widespread the infection, the more chance it has of continuing.

If the virus gets lucky, and continues to spread to hundreds, then thousands, then tens of thousands of machines, it has become the equivalent of a forest fire - large, widespread, and very difficult to stop. Even if it gets unlucky on one machine, and gets wiped out there, the other thousands of machines can keep it going. And that's just what happens. Viruses that establish themselves in the computer population continue to spread, often for years, despite the best efforts of people around the world to eliminate them.