Slashdot Mirror

← Back to Stories (view on slashdot.org)

Proof of Concept PocketPC Virus Created

Posted by Hemos on from the only-a-matter-of-time dept.

SpooForBrains writes "The Register has reported that "Ratter" of the virus writing group 29A has created the world's first PocketPC virus as a proof of concept. This one has no payload and is polite enough to ask if it can spread, so the dangers are minimal, but it occurs that the possibility of PocketPC and Symbian virii suddenly makes the concept of bluejacking somewhat more sinister."

18 of 152 comments (clear)

  1. E-Darwin by Cavio · · Score: 5, Insightful

    Just like biological ecosystems, our information infrastructure has niches, and viral "life" will thrive in any niche it can find for itself. Same with spammers, they are exploiting a niche which exists to make money. Virus writers are exploiting computing niches which allow for this kind of attack.

    It is inevitable that any networked system will suffer from these attacks. See the recent Mozilla shell exploits. We have Linux security issues, and as the OS gains popularity, we will start to see virii for it. It will happen.

    We have basically created electronic primordial soup. Three cheers for compu-evolution!

    --

    Please bid on this Karmann Ghia! Please pleas

    1. Re:E-Darwin by Ieshan · · Score: 4, Insightful

      Comparison:

      a) There are sadistic people who like to cause people harm by investing time and money into writing virii that inconvenience, destroy data, and render devices useless - meaning to do ALL of these things ON PURPOSE.
      b) Viruses evolve.

      The fact is, there's no little Virus overlord someplace up in the sky that's trying to cause damage and harm to humans. There *are* lots of other humans who love causing that same damage by writing malicious code.

      If everyone decided tomorrow to stop trying to break the machines that others have worked so hard to build, voila - they'd not be broken anymore.

      Sadism / Sociopathy has little to do with the Biological Evolution of Viruses. What gives? Why are people so quick to assume that it's okay for people to break things and hurt people just because it's possible to do so?

    2. Re:E-Darwin by BigBir3d · · Score: 3, Insightful

      And if people were not writing the viruses for various computer and related platforms, I think the evolution of these platforms would be at a slower pace. It is of no suprise to most people that there are other people out there wanting to test the limits of what can be done.

    3. Re:E-Darwin by pandrijeczko · · Score: 5, Insightful
      See the recent Mozilla shell exploits.

      ...which were on the Windows version of Mozilla only. Yes, it was a Mozilla problem but the architecture of Windows allowed the hole to be exploited.

      We have Linux security issues, and as the OS gains popularity, we will start to see virii for it. It will happen.

      Yes, we have Linux security issues, no denying that because Linux is software and software is insecure.

      No, we will definitely not see widespread Linux viruses. Here's the reasons:

      1. Viruses attack very specific security holes in very specific product versions. The fact that 90% of Internet PC users run Windows, IE & Outlook (Express) creates a perfect community for viruses to spread. In Linux, certain applications (like, say, Mozilla) are very common but spread those over the myriads of different distro versions and the number of common platforms (down to specific library & application version levels) decreases dramatically very quickly.

      2. Windows is built with a major security flaw in as much as certain core system applications always have full access to the system. Therefore, if a virus attacks via an application, it can get system-wide permissions. On a poorly administered Linux system, this can also happen but the tendency now is to run applications at a user account level, rather than at root level. Most users are also educated enough not to run constantly as root. Therefore, assuming that you are running a common application version (in 1. above), the effect will be limited by permissions if everything is running as a normal user account.

      3. Linux is so customisable that it is relatively straightforward to create a very tightly secure distribution "out of the box". There is in-built kernel-based firewalling, for example and unneeded services are left turned off very easily.

      4. The average Linux user is far more Internet-savvy than the average Windows user - and that's not, in any way, devaluing some of the very knowledgeable Windows people that I do work with, for example - but average Joe Bloke at home runs Windows & only tries Linux when he starts to feel like he knows a little more about how PCs and networks actually work.

      To put things in perspective a little, UNIX-type systems are susceptible to directed buffer-overflow type attacks where the intruder has done some homework, scanned a particular server, worked out what daemons it runs and then what versions of daemons he/she can attack. That's why good UNIX sysadmining is knowing what daemons to run and keeping them patched to the latest versions.

      But please be under no illusions - the architecture of Linux is simply not designed to allow transmission of viruses. The only time this could ever happen is if a high proportion of Linux users ran the same distro version and very common applications.

      --
      Gentoo Linux - another day, another USE flag.
    4. Re:E-Darwin by severoon · · Score: 2, Insightful

      I disagree with you wholeheartedly. While I have better things to do than write viruses, I think the people that do it contribute to software in an unignorable, public way. They exercise complex systems in ways that companies themselves would otherwise refuse. As we become more and more advanced as a society, our software systems take control over more and more elements of our daily lives.

      The catchword for this discussion is: robustness. We absolutely need our systems to be robust if we're going to depend on them. Let's say for a time we were somehow able to figure out a way to get people to stop writing viruses and probing security in general. Companies would undoubtedly get lazy, and the whole thing would get saved up for one big cataclysmic event per major software system once some foreign company/government/organized crime/terrorist group had something big to gain.

      Think about banking software...a foreign group figures out how to exploit bank software, and because we're so naive we've never written any code that prevents it into our banking software. Think about the economy...a terrorist organization could strike us from wherever they are simply by probing for years and years, and then unleashing hell on earth with major coordinated attacks. Think about governments--these are less for the big-style public attacks, but they could tease out information about their own citizens or those of other countries and have information they shouldn't.

      The fact is, we shouldn't be scared of the guy hacking in his basement...we should welcome his attacks and take responsibility for thwarting them, because if a guy with an 486 running Linux in his basement can hack a corporate server that contains sensitive data, or infect everyone's desktop machines at home with some viral code, what could a big company or country do with millions of dollars in resources? Your approach needlessly puts us at the whim of those who are able and have better reasons for hacking into our personal affairs.

      Also, consider the fact that advances in one area (security) often contribute to advances in other areas--someday we may advanced methods of brute force security when we move to an AI model...not to protect systems from people necessarily, but from the probes and attacks of an evolving and not always controllable computer system. This is a contrived point, but we need to make sure we've evolved in all areas to the point of being able to control our future when any one area gets advanced enough.

      sev

      --
      but have you considered the following argument: shut up.
  2. No danger yet. by vi+(editor) · · Score: 5, Insightful

    For spreading viruses need a sufficiently high density of potential victims. So your PoketPC is safe. The story is completely different if someone get this done on cell phones.

  3. How many times? by Anonymous Coward · · Score: 5, Insightful

    How many times does it need to be said that the plural of "virus" is "viruses", not "virii"??

    1. Re:How many times? by dasnake · · Score: 2, Insightful

      That depends on the language you use.
      I don't really care about english, but in the common jargon the plural is 'virii' and in my mother language (italian) is just 'virus'.
      A more complete article could be found at: http://en.wikipedia.org/wiki/Plural_of_virus/
      For the people who will reply that english is the language in use on slashdot I would like to point that probably it's the english+jargon the language actually in use :P

    2. Re:How many times? by chegosaurus · · Score: 2, Insightful

      (Note for those with a tendancy to take everything literally: the "you" in this post is general - it doesn't refer specifically to the parent poster. It is also meant for those who speak English as their first language.)

      You call yourselves geeks, you chew people out for the smallest technical error in a linux thread, you go apeshit if someone refers to "Hans Solo" or says Python has cleaner syntax than perl, but you don't take the time to learn the rudiments of the English language.

      English is a geek's dream. So much more rich and complicated than anything computing has to offer. Full of curiosities, paradoxes and rules, and incredibly elegant and powerful. Dig in. Enjoy. You can read some pretty amazing books while you're at it.

      You confuse "you're" and "your", "they're" and "their", "loose" and "lose", and when someone takes a moment of their time to try and teach you a little something, you call them a "Nazi".

      When your C compiler chokes on "maloc" do you whine that "it's obvious what I meant and anyway, languages evolve"?

      If you present the linguistic skills and maturity of a nine year old, you might find it's hard to get people to listen to your opinions, however valid they might be.

      I'm not nitpicking for the sake of it, I really want people to go out and enjoy learning a valuable skill. Language is wonderful. Make the most of it.

  4. This is news? by tobechar · · Score: 4, Insightful

    I mean, c'mon people, the pocket pc is running windows. This virus isn't exactly revolutionary.

    At least now I can justify the Zaurus over the 'other guys'!

    --
    -
  5. Yet another reason to run Linux on your PDA by jerith · · Score: 4, Insightful

    We've come to expect decent security on desktops and servers, why not PDAs as well? At least it may make manufacturers think twice before jumping on the MS bandwagon.

  6. Famous last words by visgoth · · Score: 5, Insightful
    "We don't expect a major outbreak," said Eugene Kaspersky, head of anti-virus Research at Kaspersky Labs. "Duts is unable to spread independently, only infects a limited number of files, and signals its presence in the system when attempting to propagate."

    Duts may not be able to spread, but take out the bits that make it "benign" and you've got the makings of a real annoyance. Even if the source for this particular virus is kept safely out of the hands of malicious individuals, the fact that its now been proven do-able means others will try.

    --
    My patience is infinite, my time is not.
  7. Trustworthy computing...a myth? by bogaboga · · Score: 3, Insightful

    What happened to the Trustworthy Computing paradigm? I guess if you now mention that to [Sir] Bill G., you might not get all that much! On the other hand, I ask myself why these coders (or virus authors) do not direct their energy to coding for OSS. So many projects need a hand. My help goes in submitting bug reports and cash whenever possible. [But] I could be wrong here, may be some already do something for OSS.

  8. Bluetooth viruses... by Audigy · · Score: 5, Insightful

    It would be interesting if the affected Bluetooth-enabled Nokia phones mentioned in a previous article a few weeks ago were somehow able to transfer their goods to PocketPCs ... ...come on now, how many people do YOU know with a Bluetooth-enabled PocketPC, who leave Bluetooth discovery on? (I have an iPaq 2215, but Bluetooth is off to save battery life)

    This is a neat proof-of-concept, but I think these virus creators should go back to hacking cell phones if they want to make waves. :)

    --
    [an error occured while processing this directive]
  9. Speading viruses via Sybian? by Gothmolly · · Score: 1, Insightful

    The idea of spreading viruses via Sybian seems far more sinister, and far nastier. All things considered, it was only a matter of time before the Sybian was used as an infection vector.

    --
    I want to delete my account but Slashdot doesn't allow it.
  10. What this really proves... by agraupe · · Score: 3, Insightful

    This proves that every networked computer device can be infected with a virus. This makes it stupid and illogical to assume that there will be no security holes on any given OS. What matters is how severe those security holes are, and how quickly they are patched. It is in that area that linux is firmly ahead of Microsoft (and perhaps OS X, I'm not sure).

  11. Re:bluejacking by b06r011 · · Score: 2, Insightful
    The user to my understanding still has to accept the incomming file

    as far as i know, it is possible to display a message on someone's phone without them giving consent. the trick is to create a bogus name in your phone book, and then send that. alot of phones will display a message like

    "Buisness card recieved from Jon Smith - save y/n?"

    however, to spook someone out (which is really the ultimate goal of bluejacking) you create a 'name' like

    "is that a nokia?"

    or when the beeps and bemused looks let you work out which poor sucker you have snagged something like

    "Nice t-shirt - blue is your colour :D"

    i guess it would be possible to get something nasty into someone's phone, but even with the vcards, it's only the name that gets displayed. although i admit it's mean to tease people with impunity from the other side of the tube train; it could be very useful on a long journey with one of those people that we all love - you know the ones who have a long conversation with a friend for a few hours. of course, when i say conversation, i mean monologue...

  12. Re:obligatory by Sepper · · Score: 2, Insightful

    I know the parent post was meant to be funny, but if you could make a palm virus, it could potentially be devastating. Don't know of any phone that runs PocketPC OS (Although i'm sure there are some...),but I know PalmOS runs on Phones (Like the Treo 600...). Any virus that could spread by calling could cause A LOT of trouble... like long-distance calls at random...

    But unlike the Pocket PC OS, Palm OS is mutli-threaded, single-task OS. You would have to trick the OS into making the virus a new Thread of the current process... Not impossible but a bit harder to do...

    I see to remember a article that compared the Pocket PC OS with PalmOS, stating that, while PalmOS was inferior, It was better designed for the job (it did not try to do everything)... I don't have the link (I'm at work)

    Any Palm dev/coder out there that could comment?

    --
    I live in Soviet Canuckistan you insensitive clod!