Computers
Read books online » Computers » Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖

Book online «Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖». Author Paul Mungo



1 ... 13 14 15 16 17 18 19 20 21 ... 40
Go to page:
numbers, and address on their virus. The

programmers were nineteen-year-old Basit Farooq Alvi and his

twenty-six-yearold brother, Amjad Farooq Alvi. Together they run a computer

store in Lahore, Pakistan, called Brain Computer Services. They wrote the virus

in 1986, they said, “for fun,” and it was in all probability the first virus

ever to be disseminated internationally.

 

Shortly after writing Brain, Basit had given a copy of the virus to an

unidentified friend, and it traveled from Pakistan to North America via an

unknown route, finally reaching the University of

Delaware. Like Joe Dellinger at A&M, who was surprised at how quickly his

selfreplicating programs had traveled, Basit and Amjad Alvi were startled that

their little virus had emigrated all the way to America in less than a year.

 

The second documented virus attack occurred only a month later, in November

1987, on computers at Lehigh University in Bethlehem, Pennsylvania. Unlike

Brain, the virus at Lehigh was deliberately damaging. It kept a count of the

number of files that it infected and, when its counter reached four, it trashed

the diskette by overwriting it with “garbage” collected from another part of

the computer.

 

The university’s senior computer consultant, Ken van Wyk, realized he had a

problem when students began complaining that their diskettes didn’t work. At

first there was a trickle of bad diskettes, then a flood. Something was zeroing

out the diskettes, and Van Wyk guessed that it was probably a virus.

 

Van Wyk worked for five days to isolate the bug and find a cure. He discovered

that, unlike Brain, the Lehigh virus did not infect the boot sector; instead,

it hid itself inside one of the three startup programs that are triggered

immediately after the boot had occurred. Like Brain, the virus jumped into

memory whenever a computer was started from an infected diskette. Van Wyk also

discovered that the antidote was extremely simple: all he needed to do was

delete the infected startup program and replace it with a clean one. The data

on the trashed diskettes, however, was irrecoverable. Van Wyk notified

colleagues at other colleges that the virus “is not a joke. A large percentage

of our disks have been gonged by this virus in the last couple of days.”

 

Later that year the university suffered another attack from a modified version

of the same virus. This one trashed a diskette after infecting ten files, as

opposed to four. The longer delay made the new version of what was by then

known as the Lehigh virus much more insidious in that it infected more

diskettes with versions of itself, and therefore propagated more widely, before

unleashing its payload. But because the antidote was already known to Van Wyk,

the cleanup operation was quick.

 

The writer of the Lehigh virus was never discovered, though he or she was

assumed to be a student at the university. But by one of those concurrences

that excite conspiracy theorists, the professor of electrical engineering and

computer science at Lehigh when the viruses attacked was Fred Cohen, by then

Dr. Cohen, the same student who two years earlier had written the dissertation

that had first coined the term computer virus.

 

Early in 1988 two more viruses were discovered, both of them written for the

Macintosh, a personal computer produced by Apple, which had become the

successor to its historic Apple II. The first became known as MacMag or,

sometimes, Peace, and contained the phrase “universal message of peace” signed

by Richard Brandow, the publisher of MacMag Magazine, a Canadian publication

for Macintosh users. It also included a small drawing of the world autographed

by the author of the virus, Drew Davidson.

 

Later it was discovered that the virus had been included on a computer game

shown at a meeting of a Macintosh users’ group in Montreal. A speaker at the

meeting had accidentally copied the virus onto a diskette, and subsequently

infected a computer in the offices of Aldus, a Seattle-based software

publisher, for whom he was doing some work. The company then unwittingly copied

the virus onto what was later described as “several thousand” copies of a

program called Freehand, which were distributed to thousands of computer

stores. After complaints from consumers, who were quite bewildered at receiving

a peace message with their software, the company recalled five thousand copies

of the program.

 

The MacMag virus, though relatively widely distributed, was not malicious.

After displaying its message, it removed itself from infected systems.

Nevertheless, it was an unwanted extra and served to demonstrate the speed and

ease with which selfreplicating programs could propagate. When questioned

about the morality of deliberately publishing Davidson’s virus, Brandow was

quoted as saying, “You can’t blame Einstein for Hiroshima.”

 

The second Macintosh virus to be reported in 1988 was called Scores and was

much more serious. On April 19,1988 Electronic Data Systems (EDS) of Dallas, a

subsidiary of General Motors, announced that twenty-four of its machines had

been infected with a virus that was thought to have been written by a disgrun-tled ex-employee. The virus had infected the operating system and two standard

files of each computer, and then hidden itself inside two more secret files

that it had created. Two days after a system has been infected with Scores, the

virus begins to spread to the other programs on the computer—in particular, it

looks for two specific programs developed by EDS, and when it finds them, it

prevents the computer user from saving his data, thereby causing the loss of

whatever he was working on.

 

By early 1988 a small but potentially lucrative computer security industry had

begun to specialize in protecting machines from viruses. A number of computer

specialists offered their services as security consultants or sold computer

software designed to track down and kill viruses. But despite Brain, Lehigh,

and the two Macintosh viruses, there was little real evidence of the oft-hyped

plague of computer bugs. It was understandable that writers of antiviral

software and others in the new security industry would exaggerate the threat;

they were like burglar-alarm salesmen in a community without very many

burglars. They needed to convince the public that a slew of viruses was

gathering, to be unleashed on defenseless computer users in the coming year.

 

The emotive term virus helped their case, as did the willingness of the press

to publish dubious statistics and unverified, unsourced stories of virus

incidents—particularly the computer magazines, which were then locked in a

difficult circulation war and looking for something out of the ordinary to

write about. Viruses made good copy, as did nightmarish stories about the

effects of a plague. In essence, the burglars hadn’t quite hit town yet, but by

God they were on the way.

 

One of the earliest antiviral programs for IBM PC-type computers was the work

of a New York-based programmer, Ross Greenberg. He said that he had seen the

impending virus threat coming for years, and had therefore created a program

called Flu Shot.

 

During the summer of 1988 Greenberg was contacted by writer Ralph Roberts, who

was researching a book about computer viruses. According to Roberts, Greenberg

insisted that he had “about twenty viruses in quarantine.” When asked to

identify them, Greenberg told the writer, “I don’t give the little suckers

names.” But he did describe his “favorite virus,” which he said could randomly

transpose two numbers on the screen. “Sounds cute,” he reportedly said, “but it

could be dangerous if you’re using Lotus 1-2-3 [a program used for accounting]

to run a multimillion-dollar company.”

 

Roberts’s book, Computer Viruses, was the first attempt to put the problem into

perspective. In it he describes his interviews with the newly formed Computer

Virus Industry Association (CVIA), a body representing virus researchers and

consultants that had identified “twenty different types that attack IBM PCs and

compatibles” and fourteen others that infect other types of computers. The CVIA

also listed the names of the top five virus strains by reported incidence as

Scores, Brain, SCSI, Lehigh, and Merritt. Yet the Lehigh virus seemed to be

confined to Lehigh University; Brain was relatively harmless in that the damage

it caused was infrequent and accidental; and the Merritt virus (sometimes

called Alameda or Yale) was a benign virus that simply replicated and had been

seen at only a few universities and colleges. The SCSI virus attacked only the

Amiga, which was primarily a games machine. The most threatening virus on the

list was Scores, even though it seemed to be directed against one particular

company. Of the twenty-nine other reported viruses, either they had been seen

only once or twice or their existence was unconfirmed. (The twenty viruses

Greenburg claimed to have in quarantine were not on the list.) And that,

according to the CVIA, was about the size of the virus problem in the summer of

1988.

 

In the following year Greenberg wrote an article for Byte, an

eminently respectable American computer magazine, in which he described two of

the viruses he had in quarantine: his favorite number-transposing virus, now

named Screen, and a similar one that he had reported to researchers as dBase,

which transposed characters within files. It was called dBase because it

targeted records generated by a popular program of the same name.

 

In 1988 and even early 1989, viruses were exceedingly rare, so there was a

growing suspicion about Greenberg’s claims to have twenty unnamed bugs in some

sort of quarantine. It was thought that Greenberg was exaggerating for effect.

Other virus researchers understandably wanted copies of Greenberg’s viruses

and, in particular, the dBase virus he had described in detail.

 

Eventually Greenberg produced a copy of dBase. It wasn’t quite as he had first

described it; it had only been seen on one unidentified site, and only then by

Greenberg, but at least its existence could be verified. However, the existence

of the other nineteen viruses, including Screen, has yet to be confirmed.

 

Other early viruses were equally problematic. A virus researcher named Pamela

Kane told writer Ralph Roberts about the Sunnyvale Slug, which flashed the

message, “Greetings from Sunnyvale. Can you find me?” on infected machines. But

it has never been confirmed as a virus, nor seen since Kane first reported it.

Then there was the “retro-virus,” reported to have been distributed with three

popular but unnamed shareware (free, shared software) programs. It was said to

have been programmed to detach itself from its infected hosts—a program or

file—and then to reinfect them at some future date. It was “like a submarine

rigged for silent running … the retro-virus waits until the destroyers have

stowed their depth charges and gone back to port before returning to sink

ships,” it was claimed, somewhat colorfully, in the computing journal Info

World. At the time, the retro-virus was without a doubt the most sinister virus

ever reported, but it had only been seen once—by the researcher who reported

it.

 

The CVIA was not averse to creating a few myths of its own. Its chairman, John

McAfee, an ebullient and eminently quotable computer expert, was always

available to fill in the press on the irresistible spread of viruses. He was a

good interviewee, with a store of anecdotes about computer viruses and reports

of virus attacks at generally unidentified companies and institutions, and he

managed to give the impression that each anecdote could lead to a thousand

more, that each incident was representative of a hundred others. In 1988 and

1989, reports about viruses always intimated that what was public knowledge was

only the tip of the iceberg—that the problem was much bigger, much wider, and

much more pervasive than anyone suspected. But far from being the tip of the

iceberg, what had been reported was the whole problem—and even that was seen

through a prism. The hype had its effect, however, and sales of antivirus

software soared.

 

Born in science fiction, legitimized by

1 ... 13 14 15 16 17 18 19 20 21 ... 40
Go to page:

Free ebook «Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment