lan@bucsf.bu.edu (Larry Nathanson) (03/05/91)
This is an edited version of something I wrote for comp.risks 6.29 on 19 Feb 88. - ----------------------------------------------------------------------- A few years ago, while I was in high school, I read a short desciption (in Sci. Am.) of 'a neat thingy' called a computer virus. For the hell of it, I decided to write my own. (This was before "computer virus" was a buzzword in every household). It was short, (<500 lines source code) and contagious to Apple // DOS 3.3 disks. Since it was a challenge and not a malicous attempt to destroy data, when it triggered, all it said was "BOO". It was never 'released' and I have the only copies of it. After a while I started wondering what use viruses could have, besides the destruction of data. One of the things I came upon, was that it could be used to get information out of a secure system. For example, let's take 3 sample computer systems: A, B, and C. Someone at A has a file that someone at C wants. B is a computer system that exchanges software, with both A and C. (B could also be multiple computer systems, that exchange software among themselves, and form a link from A to C.) C introduces a virus to B's system, with the hope that it will get to A's system. (Divergent phase) Of course a lot of other people get this, but to them, it is innocuous. All this virus does is check the date, and scan for a character string. When a given character string is located, (ie "Apple Computer Secret Plans for 1992") it either 1) opens up a communication channel {modem|ftp|mail} to A, and dumps all relevant information, or 2) appends a certain amount of the information to itself, and subtly changes itself: it is now an outbound virus, and will only transfer the information to an already infected system. (convergent phase) Thus eventually, the information will slowly come back to A. If a copy of the divergent virus finds that the date is greater than a certain limit, it decides that it has diverged too far, and is on a dead end, and just nukes itself. If a group of programmers, sat down, and came up with such a "smart" virus, the implications could be staggering. - ------------- If you cut here you'll ruin your monitor ----------- 3/5/91 In these modern times, when everyone and their brother is doing constant scans of every disk they have (hopefully), this wouldn't be as easy to pull off, as when I wrote it. But the idea of 'hidden interdisk networks' is quite intriguing. - --Larry Nathanson lan@bucsf.bu.edu 617 266 7419