Computers
Read books online » Computers » Approaching Zero by Paul Mungo (bts book recommendations .txt) 📖

Book online «Approaching Zero by Paul Mungo (bts book recommendations .txt) đŸ“–Â». Author Paul Mungo



1 ... 16 17 18 19 20 21 22 23 24 ... 40
Go to page:
then prepare for war.

 

The arrival of the worm coincided with reports of protestors in Florida

attempting to disrupt the launch of a nuclear-powered shuttle payload. It is

assumed that the worm was also a protest against the launch.

 

The WANK Worm spread itself at a more leisurely rate than the lnternet Worm,

sending out fewer alarms and creating less hysteria. But when Kevin Obermann, a

computer technician at Lawrence Livermore Laboratories, took it apart, he

reported, “This is a mean bug to kill and could have done a lot of damage.”

 

The WANK Worm had some features that were not present in the Father Christmas

Worm: to a limited extent it could evolve and miltate, allowing it to become

just a little bit smarter as it made its way from machine to machine. In other

words, the worm had been designed to mutate deliberately, to add to the

problems that might be caused by accidental mutation or by unintentional

programming errors. And, by not immediately announcing its presence, it had more

time to spread.

 

A method for combatting the worm was developed by Bernard Perrot of the

Institut de Physique Nucleaire at Orsay, France. Perrot’s scheme was to create

a booby-trapped file of the type that the worm could be expected to attack. If

the worm tried to use information from the file, it would itself come under

attack and be blown up and killed.

 

By the end of 1989 the prophecies of the computer virus experts seemed to

have come true. Now not only were there viruses, but there was a whole panoply

of malicious software to deal with: worms, trojans, and the programs known as

logic bombs.

 

Bombs are always deliberately damaging but, unlike viruses, don’t replicate.

They are designed to lay dormant within a computer for a period of time, then

explode at some preprogrammed date or event. Their targets vary: some delete

or modify files, some zap the hard disk; some even release a virus or a worm

when they explode. Their only common feature is the single blast of intentional

destruction.

 

What had started out as simple selfreplicating programs had grown into a

full-blown threat to computer security. Those who

had warned about the potential danger for the past two years were entitled to

say, “I told you so.”

 

But the prophecies were self-fulfilling. The choice of the term virus to

describe quite unremarkable programs glamorized the mundane; the relentless

promotion of the presumed threat put ideas in the minds of potential virus

writers; the publicity given the concept ensured that the writer’s progeny

would become known and discussed. Even if the writer himself remained anonymous, he would know that his creative offspring would become famous.

 

The computer underworld is populated with young men (and almost no women),

mostly single, who live out their fantasies of power and glory on a keyboard.

That some young men find computing a substitute for sexual activity is probably

incontrovertible. Just as a handle will often hide a shy and frightened

fifteen-year-old, an obsession with computing to the exclusion of all else may

represent security for a sexually insecure youngster. The computer is his

partner, his handle is his alter ego, and the virus he writes is the child of

this alter ego and his partner.

 

A German virus writer once said, “You feel something wonderful has happened

when you’ve produced one. You’ve created something that lives. You don’t know

where it will go or what it will do, but you know it will live on.”

 

The antivirus industry, of course, had no thoughts of creating a hobby for

insecure technology wizards when it began its campaign of publicity and hype in

1987 and 1988. But there was little question that by the end of 1989 a real

threat to computer systems had been created, posed by what was indeed becoming

a plague of viruses. The number of catalogued viruses in the West would grow

exponentially: from thirty-odd in mid-1988, to a hundred at the end of 1989,

five hundred in 1990 and over two thousand-plus at the end of 1992. Along the

way the antivirus industry would lose all control of the plague—its security

software overwhelmed, its confidence battered by the sheer number of new

viruses confronting it. And the new viruses became much more destructive,

malicious, and uncontrollable than anyone had ever imagined.

Chapter 5 THE BULGARIAN THREAT

In March 1990 the first attempt was made to quantify the extent of the threat

posed by computer viruses. Dr. Peter Tippett, a Case Western University scholar

and the president of Certus International, a software company, predicted that 8

percent of all PCs would be infected within two years, even if no new viruses

were written. He estimated the cost of removing the infections at $1.5 billion

over five years—not taking into account the value of the data that would be

destroyed. In 1991 he estimated that organizations in North America with over

four hundred computers had a 26 percent probability of being hit by a virus

within the next year; they also had a 5 percent chance of that virus causing a

“disaster,” which he defined as an infection that spread to twenty-five or more

machines. A more recent projection, made in late 1991, went farther. It

suggested that as many as 12 million of the world’s 70 million computers—or

roughly 17 percent—would be infected within the next two years.

 

But predictions such as those made by Dr. Tippett have proved difficult to

substantiate: most virus attacks simply aren’t reported; there is no body that

regularly collects reliable statistics about the virus problem, and estimates

of costs are always just guesses. When Dr. Tippett made his predictions, the

number of new viruses that were appearing made it seem possible that their

sheer volume would overwhelm the world’s computer systems. By 1992,

there were over 1,500 catalogued viruses and variants in the West by spring

1993, there could well be twice that number.

 

Tippett had based his predictions on the behavior of just one virus, called

Jerusalem. It was first discovered in December 1987 at the Hebrew University in

Jerusalem, though it is thought to have been written in Haifa, the country’s

principal port and the home of its leading technical college, Technion

University. At least, that is one theory. No one has proved that the virus was

written in Haifa, nor has anyone ever claimed authorship.

 

The Jerusalem virus was a malicious joke, which would delete any program files

used on Friday the 13th. There are two Friday the 13ths in any given year; in

between those dates the virus signaled its presence by displaying a little box

in the lower half of the computer screen and then slowing down infected systems

to an unacceptable crawl. It also contained a gremlin that, contrary to the

programmer’s intentions, caused it to reinfect—or add itself to—many of the

same program files. Eventually the files would grow so big that the virus would

take up all of the computer’s memory.

 

The virus quickly acquired a fearsome reputation. Maariv, one of Israel’s

leading daily newspapers, heralded its discovery with an article on January 8,

1988, that warned, “Don’t use your computer on Friday the 13th of May this

year! On this day, the Israeli virus which is running wild will wake up from

its hibernation and destroy any information found in the computer memory or on

the disks.”

 

The report was somewhat exaggerated. It wasn’t true that Jerusalem could

destroy “any information found in the computer memory or on the disks,” as it

had been written to delete only programs that were used on Friday the 13th. In

practice, few users suffered any real damage. Most operators would delete the

virus as soon as they saw the little box appear on the screen and noticed the

system slow down—which generally happened about half an hour after the virus

had infected a computer.

 

While Jerusalem may not have been as destructive as its publicity suggested, it

was exceptionally virulent and spread quickly and widely. Unlike most previous

viruses, Jerusalem could infect nearly any common program file, which gave it

more opportunity to travel. (By contrast, the Pakistani virus, Brain, could

only infect the boot sector on specific diskettes, and Lehigh could only infect

one particular type of program file.)

Jerusalem’s propagation rate was phenomenal. From Israel it spread quickly to

Europe and North America, and a year after its discovery in Israel it had

become the most common virus in the world. In 1989 it was said to have been

responsible for almost 90 percent of all reported incidents of viral infection

in the United States.

 

Because Tippett’s predictions were based on the propagation rate of this

particularly infectious bug, they probably overstated the potential growth

rate of viruses. One of the peculiarities of viruses that Tippett overlooked

is that most remain localized, causing infection on a limited number of

machines, sometimes on just a single site. So far only about fifty viruses

have propagated rapidly and spread from their spawning ground to computers

throughout the world. The rate of propagation seems to be a matter of luck.

Through an unpredictable combination of circumstance and chance, some viruses

are destined to wither away in parochial isolation, while others achieve a sort

of international notoriety. There seems little logic to which remain localized

and which propagate.

 

In March 1989 a new virus was discovered in the United States, which was

reported to have come to North America via Venezuela. Its payload was simple:

it displayed the words Den and Zuk, converging from separate sides of the

computer screen. The word Zuk was followed by a globe resembling the AT&T

corporate logo. Inevitably, the virus became known as Den Zuk.

 

The bug was found to be relatively harmless. Like Brain, it nestled in the boot

sector of infected diskettes, but changed their volume labels to “Y.C.I.E.R.P.”

 

Its payload was set to trigger after what is known as a warm reboot—restarting

the computer

from the keyboard without using the power switch. Warm reboots are generally

employed when the computer has frozen, or stopped—a fairly uncommon

occurrence, so the payload wasnt triggered very often.

 

An Icelandic virus researcher, Fridrik Skulason, surmised that the character

string “Y.C.I.E.R.P” could be an amateur radio call sign. He looked up the sign

in the International Callbook and found that it was attributed to an operator

in Bandung, a city on the island of Java, in Indonesia. Skulason wrote to the

operator, Denny Ramdhani, who replied with a long and detailed letter. He was,

he admitted, the author of Den Zuk: “Den” was an allusion to his first name;

“Zuk” came from his nickname, Zuko, after Danny Zuko, the character played by

John Travolta in the film Grease. He had written the virus in March 1988, when

he was twenty-four, “as an experiment.” He wanted, he said, “to ‘say hello’ to

other computer users in my city. I never thought or expected it to spread

nationwide and then worldwide. I was really surprised when my virus attacked

the U.S.A.”

 

If Denny was surprised, the computer industry was flabbergasted. Den Zuk was

neither a particularly infectious bug, nor was it grown in a locale that could

be said to be within the communication mainstream. Bandung, for all of its

exotic charm, is not a city normally associated with high-technology

industries. Denny’s virus traveled simply because it got lucky.

 

Viruses are unguided missiles, so it seems almost as likely that a bug launched

from an obscure Indonesian city will hit targets in North America as one set

off from, say, Germany. Nor is the sophistication of the bug any arbiter of its

reach: Den Zuk was a simple virus, without any real pretension to what is known

as an infection strategy.

 

The universality of the

1 ... 16 17 18 19 20 21 22 23 24 ... 40
Go to page:

Free ebook «Approaching Zero by Paul Mungo (bts book recommendations .txt) đŸ“–Â» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment