Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virus Writers - The Enemy Within

Posted by CmdrTaco on from the vandals-and-visigoths dept.

Slob Nerd writes "An interesting read from todays Observer "He's 21, he's got dreadlocks, likes punk bands... and his hobby could wreck your computer in seconds. Clive Thompson infiltrates the secret world of the virus writers who see their work as art - while others fear that it is cyber-terrorism.""

8 of 380 comments (clear)

  1. Anyone seen a good written virus? by Anonymous Coward · · Score: 5, Interesting

    Whenever I disassembled viruses or worms, I had to scream. Even in the good old DOS-times and even with bootsector viruses, where size was an important factor, they were simply horrible written. (i.e. unnecassary bloated)

    While some may imply in their posts, that virus writers are technically skilled, I've yet to see a single example of beeing better than the avarage bad programmer...

  2. Complete Bullshit by ktanmay · · Score: 5, Interesting

    It's not like I don't have appreciation for the fine arts, but this is taking it too far, it is almost to the extent of patronizing virus writers.

    Ok fine, what if someday, a student doing research in microbiology decides, just for the sake or fine arts, I'll release a mutant plague bacteria...

  3. Re:My Hero by AndroidCat · · Score: 5, Interesting
    Clive Thompson has been shopping this story around. The two-parter in the Toronto Star was billed as "SPECIAL TO THE STAR". Special reformating of the same article as far as I can tell.

    I'm always skeptical of stories like this. Everytime there was a story where I knew the people and facts directly, the story was usually a mish-mash mixed or invented to sex up the story.

    --
    One line blog. I hear that they're called Twitters now.
  4. Re:Virus Writers by gustgr · · Score: 5, Interesting

    I don't belive they are completelly skilled. I would pay to see one of these VB virus writers to build an application which can improve our OS's or Networks.

    Like the elders say it takes 10 years to a three grow but only 10 minutos to take it down. It's the same with computer virus.

  5. From the all-mouth-and-no-meat department by tagishsimon · · Score: 5, Interesting

    Umm. Slight absence of any mention of virus writing for profit: there's enough evidence that a number of recent virii were mainly about installing SMTP Relays on infected machines to propogate spam, or leaving a backdoor open so that this could later be done.

    Or else installing DDOS software aimed at Spamhaus servers, or leaving backdoors open for same.

    So. Art: Check. Vandalism: Check. Profit Motive: Check. Insubstantial "infiltration" by journalist: Check.

    Ferinstance

    http://yro.slashdot.org/article.pl?sid=03/12/03/14 23258&mode=nested

    - Oops. There goes Spamhaus

    http://securityresponse.symantec.com/

    - most of this week's crop install backdoors.

    http://www.groklaw.net/article.php?story=200402210 51056136

    - Your IP Addy for sale to a spam-merchant near you...

  6. Embellishment by `Sean · · Score: 5, Interesting

    I'm always skeptical of stories like this. Everytime there was a story where I knew the people and facts directly, the story was usually a mish-mash mixed or invented to sex up the story.

    That's usually the case with any subject! Every movie, documentary, or article that I've seen or read and have had personal experience with has been a load of bunk. I've been interviewed for numerous newspaper and magazine articles and they very rarely use any of my quotes in context. They'll usually intentionally remove the context to twist words to mean whatever agenda they're trying to push.

    My personal experiences with the media have basically ruined my ability to enjoy anything anymore. Since I know for a fact that virtually every story I've contributed to has been embellished by the authors to increase its entertainment value, I assume that any story that's been done about a subject I'm not personally familiar with has been tainted as well. And, most of the time, I'm correct. A simple five minute Google or encyclopedic search on the subject gives me more accurate data than the story that I'm following up on.

    --
    PepperHacks - Hacking the Pepper Pad
    1. Re:Embellishment by AndroidCat · · Score: 5, Interesting
      I got enrolled into a fictitious hacker group called "Top 40" in Montreal in 1983. Not by name, just by association. The reporter of that story crashed a Hudson Yacht-Club Get-Together looking for the scoop on this infamous group, and was unpleasant enough at the door ("What are you trying to hide?") that they let him in so he could see that we were just harmless computer enthusiasts. Some of us were starting small companies at the time. Oddly enough, he never put that in his story, which was mainly about a vast underground network of eevil hackers. (I guess a social gathering at a yacht club didn't fit his fable.)

      I wonder if that reporter was Clive in his early years?

      The actual story was that 4 teenagers got busted by Bell-cops for using their Applecat modems to phreak. Woo!

      --
      One line blog. I hear that they're called Twitters now.
  7. Why don't mailers auto-zip and block executables? by gad_zuki! · · Score: 5, Interesting

    Let look at a lot of these exploits, they generally are .scr, .vbs, .bat, etc files. By blocking these attachments by default you're going to avoid most attempts at compromising your machine.

    Sure, this is old hat to slashdotters, but I think it would behoove all email client writers to do this by default as MS does now. Now, that leaves us with macro word/excel viruses, other exploits, and the zip files themselves. The first two can be taken care of by a competent virus scanner or system patching and the latter forces the user to open the zip archive thus revealing the true extension (most compression utilities do this) and copies the file(s) to some location thus giving the virus scanner more of a chance to check the thing for viruses.

    Its far from a perfect solution, but it will make people sensitive to file extensions and file types. It will also save disk space and bandwidth by compressing attachments (or even the message itself). Added functionality can be added like signed zip archives, AV hooks into zip programs, etc. Heck, the zip format already provides a cross-platform encryption scheme. Sure its not 3DES/RSA or anything, but it sure beats nothing (especially for those worried about sniffing).

    This is essentially the setup many of the companies I work with have. You get your pdf, doc, xls, etc but anything executable is either deleted or quarantined. I don't see why email clients written for residential customers can't do the same.

    Data loss isn't even an issue, the worst case scenario is asking the guy who sent you that .exe to zip it because your mailer doesn't support executable extensions. If you get a bounce back or a message saying "I didnt send you an .exe" then you can safely assume the file is no good and just delete it or set your mailer to auto-delete.

    This can be done in three steps:

    1. Implement auto-zipping. Geeks and security sensitive people will probably enable this by default. Or it should be default with newer version of mailers.

    2. Once a significant amount of traffic is in the zip format set your mailer to reject all executables. It also could auto-remail the person sending you executables. (this may be exploited by spammers looking for live email addresses).

    3. Watch zip vendors work closer with AV vendors to provide better protection from viruses in zip archives.