Re: Gamma Function
From: D. Baruth (nospam_at_nowhere.com)
Date: 09/09/04
- Next message: D. Baruth: "Re: Gamma Function"
- Previous message: Ole D. Rughede: "Re: Article: A Century of Einstein"
- In reply to: Androcles: "Re: Gamma Function"
- Next in thread: D. Baruth: "Re: Gamma Function"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 9 Sep 2004 13:26:37 -0700
No doubt, it is easy to do great damage with a DOS program. And
the more you know about programming the better you can conceal
malicious intensions and inflict damage.
I'm sure there are many ways to write viruses; however, I can't see
how the virus you have written would spread through Windows to
other computers. There's a real barrier between DOS and Windows:
DOS is a real 16 bit operating system, Windows a 32 bit operating
system running in protected mode. Windows runs DOS programs
in "Virtual 8086 mode", thus capturing all direct interrupt and port
accessing requests for internal processing.
The Windows virus writers are interested in spreading their perversity
over the internet and cannot use DOS programs (particularly small ones).
Also, no serious (programming) professional will ever dream of using
his/her expertise for such purposes.
I also agree to this: Do not run computer programs you don't know where
they came from.
D. Baruth
Androcles <androc1es@nospamblueyonder.co.uk> wrote in message
news:Ol_%c.3683$%p2.36848766@news-text.cableinet.net...
:
: "Bill Rowe" <readnewscix@earthlink.net.invalid> wrote in message
: news:readnewscix-FD33D7.21075608092004@news1.west.earthlink.net...
: | In article <a15d408.0409081625.1edad4d8@posting.google.com>,
: | danb@iging.com (D. Baruth) wrote:
: |
: | > P.S. I'm aware of the computer-pests problem. But what can we do?
: |
: | The only thing to be done about such problems is use a good up to date
: | virus program and avoid running executeables from unknown sources.
:
: 1) Nobody is preventing you from doing so.
: 2) The source is not unknown.
: So what point were you making?
:
: |
: | > All computer programs are executables. However, small DOS programs
: | > can not infect Windows with viruses or other such vermine. D.B.
: |
: | This last piece of misinformation doesn't inspire confidence.
:
: Here I'll agree. My first (benign) virus was written in DOS/machine code
as
: an exercise when I first heard of people writing destructive code.
: It attached itself to one of my executables, announced its presence
: when the executable was first run, attached a copy to the next executable
: and then destroyed itself.
: Here's how.
: 1) Scan the disk for the next *.exe. (as you would for any data file)
: 2) Open the file found as data.
: 3) Search for the data string "Kilroy was here, I'm a virus". If found,
goto
: restore.
: A malicious virus won't do this.
: 4) Save a copy of the file as '.pur'(e) for later restoration. (It can be
a
: hidden file)
: A malicious virus won't do that either.
: 5) Search for the entry point of the executable code. Save this
instruction
: (in RAM)
: 6) Insert a jump instruction pointing to the end of file.
: 7) Open a second file, a copy of the virus itself, as data from the disk.
: 8) Copy that to the end of the first file.
: 9) Save the modified .exe to disk as the .exe.
: 10) Close all files, the virus is now installed in a .exe.
: 11) Move the instruction saved in RAM back to the start point in RAM.
: 12) Jump to start. The program runs normally, virus undetected. Normal
exit.
: (I've left a bug here... can you see what it is? Answer at the bottom of
the
: page)
: =======================================
: Restore: If here, an executable is running with the virus attached.
: This makes the virus benign.
: 13) Close the file.
: 14) Delete the .exe from disk.
: 15) Rename the .pur as .exe. (the next time this is run, it is unharmed)
: 16) Announce "Kilroy was here, I'm a virus" at the console.
: 17) Go to step 1)
:
: The virus has changed its home. Obviously it can be written in any number
: of ways, but they are all simple to implement.
: How large is it? Less than 1Kbyte to delete your entire disk, including
: iself.
: Get into your BIOS and you'll be even worse off.
:
:
: What can we do? Simple, really. Do what banks do to protect their money.
: Employ a lock and key into every program written or downloaded, with
: checksums.
: How that is implemented is for me to know and you to pay for. :-)
: No? Pay Norton instead, over and over. Like all good businessmen he wants
: repeat business and your suggestion, "use a good up to date virus program"
: is exactly what he wants to hear.
:
: A cure for the common cold? Not while we can continue treating the
symptoms
: and make money!
: People are so naive it is laughable.
: |
: | --
: | To reply via email subtract one hundred nine
: .
: .
: .
: .
: .
: The bug... there is a minor problem if the virus attaches to itself.
: It caught me out the first time I ran it.
:
: Androcles
:
:
:
:
- Next message: D. Baruth: "Re: Gamma Function"
- Previous message: Ole D. Rughede: "Re: Article: A Century of Einstein"
- In reply to: Androcles: "Re: Gamma Function"
- Next in thread: D. Baruth: "Re: Gamma Function"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
