wcs) (10/28/90)
In article <0VVoR1w163w@mudos.ann-arbor.mi.us>, mju@mudos.ann-arbor.mi.us (Marc Unangst) writes: > Not exactly. What happens is the file uses ANSI sequences to > reprogram a key to output a sequence of characters. If you happen to > press that key in the right place at the right time, it's possible for > an infection program to be run. However, this hardly qualifies as a > viable method for a virus to propagate, since the user will be > immediately aware of their infection. About 8-10 years ago, there was an article in the San Frandisco Comical about how a bunch of "hackers" at Berkeley or Stanford had broken into "the UNIX, a computer made by DEC". Anyway, once you got past the newspaper's lack of understanding and various paranoid reactions by the usual suit-wearing people about UNIX being hopelessly insecure and how much safer proprietary systems like VMS and IBM OS's were :-), the technique they used was to send the escape sequences to put Hewlett Packard terminals into loopback mode, followed by whatever commands you wanted to execute, such as "chmod ugo+rw * ; exit". Well, I was young and naive and trying to learn about UNIX security at the time, so I secured an unused account as well as I knew how and posted to a Bell-Labs-only newsgroup asking if anyone could break into my file. The next morning I got a phone call from someone who told me the magic sentence from the file, and after some discussion of three or four ways he *could* have broken into my account, he reminded me that I still didn't know his name, not that I could necessarily trust a voice on a phone. It was Bob Morris, Senior, who was one of our main computer security folks. A week or so later, I was playing rogue, and this "Are You Ready" banners across my screen, followed by the HP Drop-DTR escape sequence. Wasn't Bob, but it was someone from his group. Actually, when Bob had broken my file, he HAD goofed - he'd done a chown 666 instead of chmod 666. Bill -- Thanks; Bill # Bill Stewart 908-949-0705 erebus.att.com!wcs AT&T Bell Labs 4M-312 Holmdel NJ Government is like an elephant on drugs: It's very confused, makes lots of noise, can't do anything well, stomps on anyone in its way, and it sure eats a lot.