exodus@uop.edu (EXODUS) (03/21/88)
Okay, think about this one for a while: What if someone wrote a 'friendly' virus. One that fixed the bugs in the Operating System. One that multiplied so everyone's bugs were fixed. Free, fast, effective. Joking? maybe... exodus@uop.edu
atoenne@laura.UUCP (Andreas Toenne) (03/22/88)
In article <1288@uop.edu> exodus@uop.edu (EXODUS) writes: >Okay, think about this one for a while: > >What if someone wrote a 'friendly' virus. One that fixed the bugs in the >Operating System. One that multiplied so everyone's bugs were fixed. >Free, fast, effective. Hmm? A friendly virus! :-) Every program that installs on my machine without my knowledge is U N F R I E N D L Y ! Imagine I got a program that depends on those bugs or tries to fix those bugs by himself. This won't work anymore! A friend of mine uses a disk encryption program. He caught a virus and cannot decrypt his disks anymore. Even when that virus was meant to be friendly and helpfull, my friend doesn't think so. Andreas Toenne BWT. someone offered a virus construction kit and a killer for those viruses at the CBit fair in Hannover, W-Germany. Has anyone more information about this virus kit?
braner@batcomputer.tn.cornell.edu (braner) (03/23/88)
[] Another suggestion: could somebody make a dump of the boot sectors of a standard SS floppy, a DS one, standard HD setup, etc? These dumps could be compared with what's on a disk that is suspected of having been hit by a virus. One could even write a program that has these dumps embedded, compares with what's on the disk, reports about differences, and, upon request, replaces what's on the disk with the standard. Is this a good idea or am I completely ignorant as to how viruses work? Of course such a program would be also helpful in fixing up damaged disks and in removing utilities (like HDB) that will not remove themselves and are incompatible with others (e.g. HDB and the Supra HD boot SW). Note that this would only help with viruses that modify the boot sector. There are probably others, e.g. accessories that modify system variables in RAM, or whatever. Other fixes would be needed for those. - Moshe Braner PS: GNOME is up for FTP at <tcgould.tn.cornell.edu>, in the directory /usr/spool/ftp/pub/gnome. You may start out at .../ftp or even .../pub when you connect as anonymous. See the "readme" file there.
woodside@ttidca.TTI.COM (George Woodside) (03/24/88)
In article <4132@batcomputer.tn.cornell.edu> braner@tcgould.tn.cornell.edu (braner) writes: >[] > >Another suggestion: could somebody make a dump of the boot sectors of >a standard SS floppy, a DS one, standard HD setup, etc? These dumps could >be compared with what's on a disk that is suspected of having been hit >by a virus. One could even write a program that has these dumps embedded, >compares with what's on the disk, reports about differences, and, >upon request, replaces what's on the disk with the standard. > There's really only about 30 bytes of important data in the boot sector of a non-executing floppy. The rest is usually random garbage, and varies wildly. Very few formatters are polite enough to clear out the garbage before using a buffer to prototype the boot sector. No disk should be bootable unless you know exactly what it does. The program I posted a couple days ago, in response to disk formats and DCFORMAT, will tell you if a disk contains a bootable first sector. If it does, and you didn't know it, be very suspicious. I'll make this offer: If anyone locates a virus infected floppy, send me an exact copy (via PROCOPY, ST-COPY, or some equally comprehensive image copier). I'll disect the virus, post an autopsy report here, and provide a program that will detect and kill the virus on any disk you feed it. I think I know enough about how disks work on the ST to back up this offer with confidence. Mail the virus disk, CLEARLY LABELLED "VIRUS DISK", to George R. Woodside 5219 San Feliciano Drive Woodland Hills, Ca. 91364 (USA) -- *George R. Woodside - Citicorp/TTI - Santa Monica, CA *Path: ..!{trwrb|philabs|csun|psivax}!ttidca!woodside
pes@ux63.bath.ac.uk (Smee) (03/26/88)
In article <1288@uop.edu> exodus@uop.edu (EXODUS) writes: > >What if someone wrote a 'friendly' virus. One that fixed the bugs in the >Operating System. One that multiplied so everyone's bugs were fixed. No, no, a million times no. There is NO SUCH THING as a 'friendly' virus. Consider the original Amiga virus. It wasn't meant to have any ill effects. It was meant simply to sit around for a while, and then to pop up and say (basically) 'hey look, guys, I'm a clever person who wrote a virus.' And, indeed, that's all it does. EXCEPT that if it finds a write-enabled disk, and installs itself, and the disk happens to be a (probably expensive) copy-protected program, even that is deadly. UK dealers alone have lost thousands of pounds worth of stock to friendly viruses -- and the UK is hardly the world's biggest micro market. The other problem is that it would (unavoidably) interact (at best) or interfere (at worst) with programs which attach themselves into the system vector chains for specific known purposes -- and there are a lot of handy programs which do that. Even if you could avoid *that* (which I doubt) any resident program is going to screw up someone's (probably my) very delicate space-allocation juggling act. I've got ramdisks, spoolers, and ACCs very delicately balanced on the various disks I might boot from, to leave just enough room for the major application I might run in that environment. A few odd K sucked up for something else would probably break many of my operating environments, and then I'd have to go thru finding and de-virusing at least the critical disks -- no matter HOW friendly the virus was. I could get into the idea IF it could be demonstrably shown that the losses would be small, and the gains large -- but I don't believe you could show that (or guarantee it had been done right). If you want to write a bug-fixer which an owner can install at will on disks of his or her own choice, and which you believe will provide fixes for all the bugs, fine. But you've got no business running programs on other people's machines without them being aware you are doing it. Period. And that's what your suggestion amounts to.
wheels@mks.UUCP (Gerry Wheeler) (03/29/88)
In article <2377@bath63.ux63.bath.ac.uk>, pes@ux63.bath.ac.uk (Smee) writes: > In article <1288@uop.edu> exodus@uop.edu (EXODUS) writes: > > > >What if someone wrote a 'friendly' virus. One that fixed the bugs in the > >Operating System. One that multiplied so everyone's bugs were fixed. > > No, no, a million times no. There is NO SUCH THING as a 'friendly' virus. > [much venom deleted] Umm, I think the posting about the friendly virus was a joke, tongue-in- cheek, not serious. Maybe exodus should have put a couple of smileys in it, but I think it was fairly obivous that no virus can fix bugs in an operating system. I kind of liked the idea myself. I would immediately contaminate my ST with a virus to fix the 40 folder bug, and the slow file opening bug, and any others too. -- Gerry Wheeler Phone: (519)884-2251 Mortice Kern Systems Inc. UUCP: uunet!watmath!mks!wheels 35 King St. North BIX: join mks Waterloo, Ontario N2J 2W9 CompuServe: 73260,1043
exodus@uop.edu (G.Onufer) (03/31/88)
In article <428@mks.UUCP>, wheels@mks.UUCP (Gerry Wheeler) writes: > In article <2377@bath63.ux63.bath.ac.uk>, pes@ux63.bath.ac.uk (Smee) writes: > > In article <1288@uop.edu> exodus@uop.edu (EXODUS) writes: > > >What if someone wrote a 'friendly' virus. One that fixed the bugs in the > > >Operating System. One that multiplied so everyone's bugs were fixed. > > No, no, a million times no. There is NO SUCH THING as a 'friendly' virus. > > [much venom deleted] > Umm, I think the posting about the friendly virus was a joke, tongue-in- > cheek, not serious. > > Maybe exodus should have put a couple of smileys in it, but I think it > was fairly obivous that no virus can fix bugs in an operating system. I've seen a few follow-ups to my original posting and they all took it _seriously_. Some people.... Finally someone who saw it for what it was. I won't forget the damned smiley-faces next time. Seeing some articles about viruses in major publications have actually made me laugh. Government Computer News had one that made it seem likes AIDS was infecting computers. The virus business is SICK, but these articles can be funny as hell if read from a novices eyes... Again, please add one, two, or a hundred smiley faces to my original posting.
pes@ux63.bath.ac.uk (Smee) (04/07/88)