Computers
Read books online » Computers » Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖

Book online «Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖». Author Paul Mungo



1 ... 12 13 14 15 16 17 18 19 20 ... 40
Go to page:
computer to play a tune. At another level, however, the payload can cause the destruction of data.

 

Computer viruses are carried from computer to computer by diskette or, in

networked computers, by the wires that link them. they can also be transmitted

on telephone lines, through modems, like ordinary computer programs. Viruses do

not fly through the air and cannot jump from computer to computer vithout being

carried by a physical medium. Moreover, all viruses are man-written: they

aren’t natural, or caused spontaneously by computer technology. The only

“artificial life” inherent in a virus is its tendency to modify itself as it is

copied, but that’s possible with any computer program.

 

This explanation may seem simple to the point of absurdity, but when viruses

first began to garner mentions in the press, and breathless reporters began to

write lurid stories about “technological viruses,” their properties were

exaggerated into the realm of science fiction. Viruses made a good story—even

when there was no evidence that they had actually damaged anything.

 

In 1986, when Burger made his presentation to the Chaos conference, there were

almost no viruses in existence. Few people in the computer industry had ever

seen one, despite increasing interest in the subject from security experts, who

were touting them as the next big threat to computer systems. The simple fact

was that Burger’s Virdem was probably the only virus that most of them had even

heard about.

 

The properties of viruses and the damage that they could cause were widely

known, however. Even the nightmare scenario had been posited: that a plague of

viruses would move swiftly through the computers of the world, wiping out data

and devastating

corporations, government agencies, police forces, financial institutions, the

military, and, eventually, the structure of modern society itself. By 1986,

however, actual attacks by viruses on computer systems had yet to occur.

 

The next year, 1987, Burger’s book about computer viruses Das

Grosse-computervirenbuch, was published by Data Becker GmbH of Dusseldorf. In

the book Burger warned: “Traveling at what seems the speed of moving electrons,

comical, sometimes destructive programs known as viruses have been spreading

through the international computer community like an uncontrollable plague.”

There was in fact no hard evidence for this statement, and later in the book,

contradicting the apocalyptic tone of the first section, Burger admitted: “So

far it has been impossible to find proof of a virus attack.”

 

Later that year, two new viruses appeared. The first was created by the Greek

computer magazine Pixel, which had hired a local computer wizard named Nick

Nassufis to write one. The magazine published the virus as a list of

BASIC-language instructions in the April 1987 issue. Readers who keyed in the

instructions found themselves with a fully functioning virus on their computers. It didn’t do much apart from replicate, but from time to time it would

display a poorly written English language message on the computer screen:

PROGRAM SICK ERROR: CALL DOCTOR OR BUY PIXEL FOR CURE DESCRIPTION. Three months

later Pixel published instructions for wiping it out.

 

Then, as Burger was preparing the second edition of his book he received a copy

of a virus found in Vienna by a local journalist. This virus, now known as

Vienna, was said to have appeared at a local university in December 1987. Its

writer is unknown, as are the writers of most viruses.

 

Burger described Vienna as “extremely clever.” But by the standards of virus

writing today, it wasn’t, though it was certainly the most advanced virus in

existence at the time. Vienna is known as a file virus because it attaches

itself to what are known in the computer industry somewhat tediously as

executable files (i.e., the software, such as a word-processing program, that

actually enables a computer to do something useful). When an infected program

is loaded onto a computer from a diskette (or transferred through a network),

Vienna comes with it and slips itself into the computer’s memory. It then looks

for other executable files to infect, and after infecting seven it damages the

eighth, simply by overwriting itself onto the program code.

 

Although the payload of the Vienna virus was destructive—the eighth program

that was damaged was irreparable—by presentday standards it wasn’t

particularly malicious. More dangerous was Burger’s decision to publish a

reconstruction of the Vienna program code in the second edition of his book. It

became the recipe for writing viruses.

 

Programmers with access to the code could quite easily adapt it for their own

purposes—by altering the payload, for instance. That’s what eventually

happened with Vienna. Though Burger had deliberately altered his

reconstruction to make it unworkable, programmers had little trouble finding

their way around the alterations. Variants of Vienna have been found all over

the world: in Hungary, a Vienna clone carries a sales message that translates

roughly as POLIMER TAPE CASSETTES ARE THE BEST. GO FOR THEM. A Russian version

was adapted to destroy the computer’s hard disk, the internal memory and

storage area for programs, after infecting sixty-four files. A Polish variant

displays the message MERRY CHRISTMAS on infected computers between December

19th and 31st. A version from Portugal carries out the standard overwriting of

the eighth program, but also displays the word AIDS. In the US a group of

unknown American virus writers used Vienna as the basis for a series of viruses

called Violator, all intentionally damaging to computer systems.

 

It is ironic that a book written to warn about the dangers of viruses should be

the medium for distributing the recipe for writing them. But even though no one

had yet documented a proven virus attack on a computer system anywhere in the

world, and the predicted plague of computer viruses had not yet materialized,

the

potential threat of viruses was being aggressively hyped by computer engineers

like Burger and by a small group of computer security consultants in America—

and many people appeared remarkably eager to believe them. In what was probably

the first press report of viruses, in February 1987, the editor of the international computer trade journal Computers de Security wrote, “Computer viruses

can be deadly…. Last year a continuous process industry’s computer crashed

causing hundreds of thousands of dollars’ damage. A post mortem revealed that

it had been infected with a computer virus. Another nationwide organization’s

computer system crashed twice in less than a year. The cause of each crash was

a computer virus…. A computer virus can cause an epidemic which today we are

unable to combat.”

 

It has never been possible to trace either the “continuous process” corporation

or the “nationwide organization” whose computers had been so badly damaged by

viruses. Like so many aspects of computer viruses, investigation only reveals

myth and legend, rarely fact. But myth is self-perpetuating, and prophecies are

often self-fulfilling.

 

Chapter 4 VIRUSES, TROIANS,

WORMS, AND BOMBS

 

The first documented computer virus attack was recorded on October 22,1987, at

the University of Delaware, in Newark, Delaware. According to a spokesperson

for the Academic Computer Center at the university, the virus infected “several

hundred disks, rendering 1 percent of them unusable, and destroying at least

one student’s thesis.” Later a news report appeared in The New York Times that

claimed, “Buried within the code of the virus … was an apparent ransom

demand. Computer users were asked to send $2,000 to an address in Pakistan to

obtain an immunity program.” But that wasn’t quite true. Researchers using

specialized software were later able to call up the actual operating program of

the virus onto a computer screen. Within the mass of instructions that

controlled the bug, they found the following message:

WELCOME TO THE DUNGEON

(C) 1986 BASIT & AMJAD (PVT) LTD.

BRAIN COMPUTER SERVICES

730 NIZAB BLOCK ALLAMA IQBAL TOWN

LAHORE—PAKISTAN

PHONE: 430791, 443248, 280530.

 

BEWARE OF THIS VIRUS …

 

CONTACT US FOR VACCINATION …

 

There was no ransom demand.

 

Computer researchers now know the virus as Brain, though at the time it didn’t

have a name, and it was later discovered to have been programmed only to infect

the first sector on a diskette. Diskettes are divided into sectors invisible to

the naked eye, each holding 512 bytes (or characters) of information,

equivalent to about half a page of typewritten material. The first sector on a

diskette is known as the boot sector, and its function is something like that

of the starter motor on a car: it kicks the machine into operation (hence the

expression “booting up,” or starting up, a computer). When a computer is

switched on, the machine bursts into life and carries out some simple

self-diagnostic tests. If no fault is found, the machine checks to see if there

is a diskette in the disk drive. The disk drive, acting like a record player

with the diskette as its record, begins to rotate if a diskette is in place,

and the boot sector of the diskette directs the computer to the three actual

startup programs that make the computer operational.

 

The Brain virus was designed to hide in the boot sector waiting for the

computer to start up from the diskette so that it can load itself into the

computer’s memory, as if it were a legitimate startup program. But at around

2,750 bytes long, it is much too big to fit entirely within the boot sector,

and instead does two things: it places its first 512 bytes in the boot sector

and then stores the rest of its code, together with the original boot-sector

data, in six other sectors on the diskette. When the computer starts up, the

head of the virus jumps into memory, then calls up its tail and the original

boot sector.

 

Brain is one of the most innocent viruses imaginable, though that wasn’t known

at the time. The University of Delaware spent a full week and considerable

manpower cleaning out its computer system and destroying infected diskettes,

only to find that the virus’s payload is simply the tagging of infected

diskettes with the label “Brain.” A label is the name a user can give to a

diskette, and is of no real importance. Most users don’t even bother to label

their diskettes, and if a virus suddenly names it for them, thev are unlikely

to notice or care.

 

However, like all viruses, Brain can cause unintended damage. If a diskette is

almost full, it is possible for some sectors to be

identally overwritten while the virus is attaching its tail, thereby wiping out

all the data contained there. Also, copying can render the virus unstable,

and could unintentionally overwrite systems areas (the sectors on diskettes that

enable their use by Computers), thus rendering them useless.

 

Paramount to the viability of a computer virus is an effective infection

strategy. Brain was viable because it didn’t do anything deliberately dangerous

or even very obvious, so it wasn’t likely to get noticed. Therefore, when it

climbed into the computer memory, it could stay there until the computer was

switched off targeting any other diskettes that were introduced into the com-puler during that session.

 

Brain also contained a special counter, which permitted it to infect a new

diskette only after the computer operator had accessed it thirty-one times.

Thereafter, it infected at every fourth use. Yet another, particularly

ingenious, feature was its ability to evade detection. Normally the boot

sector, where the virus hides, can be read by special programs known as disk

editors. But if someone tried to read the boot sector to look for it, Brain

redirected them to the place where the original boot sector had been stored, so

that everything looked normal. This feature, which now takes other forms, has

become known as stealth, after the Stealth bomber that was designed to evade

radar detection.

 

It wasn’t difficult to trace the writers of Brain, since they had conveniently

included their names, telephone

1 ... 12 13 14 15 16 17 18 19 20 ... 40
Go to page:

Free ebook «Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment