The Perfect Virus..?
on
The Virus Squad
·
· Score: 4, Interesting
I was thinking about how to design the "perfect" virus... I'm not a proficient enough programmer to even begin writing a virus - so don't come a knocking. But it's an interesting thought experiment.
Here's what I've got so far...
1) Virus initially comes in as an attachment - user opens attachment (relies on non tech-savy people).
2) Virus scans through "Sent Items" and sends itself to every address that has been sent an attachment in the past. Uses a subject line like "Updated [whatever]" (Tech-savy folk might forget basic precautions)
3) Virus scans through every Excel / Word /.cpp file and randomly changes one digit per file (imagine if your report to the board now says 9 Million rather than 1 Million... or if your for...next loop is waiting for an incorrect value)
4) Virus wipes itself out after 6 hours (most people only update their virus checker >= 24hours. Once signs of the virus have gone it will be hard to know if you have been infected and which files have been compromised)
5) FBI come and arrest me:-)
Seriously... one has to admire the "I Love You" virus, if only for getting so many tech-savvy people to click through... But what really worries me is the viruses we haven't discovered. What if, say, Winamp has a logic bomb in it? How would any of us know until all our data was corrupted?
As many other posters have commented - JS comes "free" with Windows. Just like Basic did way back in my youth with a BBC Micro.
The greatest problem I have with programming today is that it's so damn hard to install the compiler! Java is probably just about the easiest, but you still need to add PATH statments. XAMPP makes installing PHP as simple as it could be.
The last time I tried to install ANT or GCC or anything even vaugly complicated I had to wade through a hundred different URLs to find the right package, download, install, edit INI files and PATH statement, fiddle with the registry and GAAAAAAAAAAHHHHH!!!!!
We can all agree the JS isn't the best language on the block. But unless it comes in a ready to go package - most people just won't bother.
It's the same thing as Linux ('scuse me while I rant) you spend ages and ages installing and configuring the damn thing when all you wnat to do is work!
Right. Rant over. To conclude - JS bad, installing IDEs and compiles: worse!
There are two things I would recomend. 1) Go to a University that offers a year abroad as part of the course. I went from UK to Canada and the change of scenery, attitudes, cultures and teaching methods opened my mind far more than staying in one place would have.
2) Make sure your minor is in a foreign language. My First language is English - so I minored in Mandarin Chinese. Who ever you work for is going to have some international dealings - make sure your education reflects that. In Europe lots of people choose German (or English if they don't know it). I'd seriously recomend an "Asian" language like Chinese, Korean, Urdu... anything really.
An international degree and language show that you're not afraid of change, you have the dedication to learn totally new ideas and that you're willing to do what it takes to get the job done.
Right, this is where the (small) rant comes it:-) Only 1/5 of Americans hold a passport. I've been to your country and it is huge and impressive - but there's nothing like plonking yourself out in the midle of nowhere when you only have a basic grip on the language. That's what seperates then men from the boys. Go and explore the world - even if it's just a sleepy university town in England. You'll be rewarded with friends for life who'll let you visit whenever you feel like flying over, contacts around the world who're happy to hear from you, experiences that very few of your countrymen will have and a foothold in the international community.
So, yeah, reply if you want to know which UK Universities are good for computing.
I work for a major Mobile Telecoms company. As part of the e112 project we can now pass location based information to the emergency services when you dial 112 (999/911 etc). On plain old GSM/GPRS we can get accuracy to within 50 metres - best case. If you're outside an urban area your location can be any where from 1 - 50km.
We curretly use this for LBS (Location Based services) such as finding your nearest pub / taxi / cinema etc.
You do have the option to turn off the ability to be located by typing in a USSD (check with your operator) but this will be over-ridden if you dial 112. There are verys strict safeguards about who can have access to location base services.
With the roll out of UMTS (3G) accuracy can be determined to an even greater location - but the really interesting thing is the inclusion of GPS modules in phones. Because the USA has a requirment that x% of cell-phones must have the ability to pass back their location to 911 operators we're going to see a lot more GPS modules for phones. GPS combines with Cell Centroid algorithms will give an accuracy of less than 10m.
A few myths to clear up: Your phone will not be able to locate you when it is switched off. Unless you've set a timer in your phone to turn it on at a set time. If "they" really wanted to find you - they would anyway. Yes, it's scaryish technology, but the phone company needs to know where you are to bill you properly anyway.
The law says that a wired hands-free kit *is* legal - only if you don't have to hold the phone to make or receive calls (BBC News). The Treo's hands-free kit has a button by the mic that will allow you to answer incoming calls. Sadly, it has no voice activated dialling.
I use 3 monitors at home Left is API, Centre is IDE, Right is Application (plus Trillian, WinAmp etc). One you've gone double, you never want to go back:-)
On windows 98 & XP it's dead easy. Shove in an old PCI card and away you go. I've never got it working properly with Linux.
FreeView is the UK's digital TV service, it also broadcasts several radio channels. Now if only I could set up a wishlist for "Mornington Crescent" without TiVo insisting on a Baker Street, I'd be set!
"How? How do you identify yourself to the bank so that they issue you a new card and PIN?"
I work in banking. If a person is unable to identify themselves via, say, an official document; the bank will ask them questions that only they should know. eg Current/Previous address(es) Banking desicions and their reasons (loans, overdrafts, card replacments) etc etc
Depending on how convincing the performance is, a new car/PIN can be issued.
T
Re:Sorry, but you are the antithesis of most users
on
GUIs for Everyone
·
· Score: 2, Offtopic
You make many good points; but this one is wrong... The time is going to pass where people are scared of them, just like the fear of electricity, telephone, and automobiles passed. Talk to the people who actually build and tweak their cars like you tweak your PC. People are as scared of cars as they were 100 years ago - only now they're used to the fear. Despite having grown up with cars, I have no desires to get my hands dirty in the engine - just the same as most people who have lived with computers have no desire to go to a CLI.
Although I agree with you, the artiste in me quarrels with this part...
Just like shakespeare is free, I believe art of our own time should be free, at least while it's still relevant
Every time your local theatre puts on Romeo and Juliet, it's not putting on the work (and paying) of your local playwrite. Although it's fairly likely that a recording artist with an equitable contract could make a living of the first 14 years of their hit album, I think that most other artists wouldn't.
I know many actors who live on they royalty/residual payments from work that they did years ago - it's a lifeline for them. The same goes for authors.
Yes, I'd like free books/plays/music and I believe that the incentive for the artist is the creation of art - but it's hard to be motivated when you also have to hold down a 9-5.
Personally, I think that (unless the artist choses otherwise) copyright should last until the death of the artist. Don't forget, in 1790 the average life expectancy was a lot lower than today.
If every work of art was a best seller and netted the creator millions of Euros, then I would agree with reducing the copyright time as far as possible. As it stands, for every Beatle there are a thousand worthy but unheard of bands who are still working hard but need a return on their investment that will last longer than 14 years.
...buy another screen. Half decent 2D PCI graphics cards are under £20 and monitors can be had for next to nothing if you get them from companies that are upgrading their systems. I've found it slightly tricky to get multiple monitors working under Mandrake 8 (yes, I'm sure I should upgrade), but Windows 98 and XP handle it fine.
1) I don't like spoilers. I had to keep away from all my usual haunts for episode 1, I'm still doing it for Buffy and Spiderman. I like to see the film with no idea of what will happen / who will die et.
2) My girlfriend said she'd dress in a gold bikini;-). Nah. It was the fact that I've never seen a Star Wars movie for the first time on a big screen. 4 - 6 were on tv, 1 was pirated.
I don't think I'm a sheep. I didn't buy the souvenier book they were handing out, nor purchase the CD, nor the toys. I just wanted to stay up late and see a fun movie without knowing the details beforehand.
Q: What does the developer have to do with a person installing the OS? A: Nothing. The installee couldn't care less about the underlying principles of the installer. As you say, most people don't install Windows, yet anyone can. It's impossible to install Windows and seriously mess it up. When Linux allows a pleb to fiddle with the most intimate options to a dangerous extreme it's allowing itself to be broken. Sure, make an installer capable for those who want to do dangerous things - but make the basic installer just have to click "Go" and let it do its business. A developer might want to assign specific IRQs to certain cards - your average pleb doesn't even know what an IRQ is.
Truely for Linux to be on the Desktop, yup, has to come preinstalled. But if it's not usable people will ditch it. Linux without the GUI is stable, fast and does loads of cool things. But how many people want to remember to type "crypticcommand myFile -0 -ee" as opposed to having a visual representation? How many people want to have to remember a different cut/copy/paste metric for each program as opposed to consistency?
You say (and, yeah I'm biting, sue me!) that HCI is common sence. Problem is, if common sence is so common - why dont' more people have it? It's common sence not to drink and drive, it's common sence not to delete system files. I know otherwise intelligent people who do both. If we could design humans, it might be possible to make heart surgery easier (multiple hearts each in their own easily openable cage, nice modular design:-) but we can't design or even teach humans - we can design and teach computers.
HCI doesn't say take choice away from all users. It says stop all users making mistakes. An administrator should be able to delete crucial system files that a pleb shouldn't be let anywhere near. HCI is about giving the apropriate choice to the appropriate user.
:-) true I was exagerating slightly about developers. But it is worth remembering that the developers' mental model of the software will be completley different from the typical end users'.
What it boils down to is talking to the potential users. They're the ones you want to enjoy using your product.
From the article Right now what we'd be most interested in is some feedback by Debian developers and users out there
The golden rule in HCI is "Developers are not target users". Sad as it may seem for some people Linux Developers are no longer the same people as Linux Users. This means that, by and large, interface designers should IGNORE THE DEVELOPERS!
Users are the ones that matter here. As a first time Linux installer I don't really care about most of the things a developer cares about. I haven't installed Debian, but let me compare my last Linux install (Mandrake 8.something) to WinXP...
All WinXP asked me was, essentially, "What is your Country and TimeZone". Mandrake wanted to know the intimate details of my network card, how much swap space I wanted, what make of scroll-mouse I had, what sound card I had, what video cards I had (and don't get me started on XFree's Multimon support!). All this does is serve to scare and confuse a Linux Virgin. And if you want Linux on the desktop you can either make the world smarter, or make your products smarter.
Debian should not be soliciting people in the know - they know far more than the average first time user and are, consequently, useless for developing interfaces for newbies.
Slashdot Mirror
I was thinking about how to design the "perfect" virus... I'm not a proficient enough programmer to even begin writing a virus - so don't come a knocking. But it's an interesting thought experiment.
.cpp file and randomly changes one digit per file (imagine if your report to the board now says 9 Million rather than 1 Million... or if your for...next loop is waiting for an incorrect value)
:-)
Here's what I've got so far...
1) Virus initially comes in as an attachment - user opens attachment (relies on non tech-savy people).
2) Virus scans through "Sent Items" and sends itself to every address that has been sent an attachment in the past. Uses a subject line like "Updated [whatever]" (Tech-savy folk might forget basic precautions)
3) Virus scans through every Excel / Word /
4) Virus wipes itself out after 6 hours (most people only update their virus checker >= 24hours. Once signs of the virus have gone it will be hard to know if you have been infected and which files have been compromised)
5) FBI come and arrest me
Seriously... one has to admire the "I Love You" virus, if only for getting so many tech-savvy people to click through... But what really worries me is the viruses we haven't discovered. What if, say, Winamp has a logic bomb in it? How would any of us know until all our data was corrupted?
...is here
When I was a developer I used to use 3.
Left was API / Help
Centre was IDE
Right was Output (+ Winamp, trillian etc)
Nowadays I keep my email on my secod monitor and my work on my main.
A second PCI video card can be had for nothing - and you can pick up small CRTs for beer money. For cost effective multitasking, go multimonitor.
As many other posters have commented - JS comes "free" with Windows. Just like Basic did way back in my youth with a BBC Micro.
The greatest problem I have with programming today is that it's so damn hard to install the compiler! Java is probably just about the easiest, but you still need to add PATH statments.
XAMPP makes installing PHP as simple as it could be.
The last time I tried to install ANT or GCC or anything even vaugly complicated I had to wade through a hundred different URLs to find the right package, download, install, edit INI files and PATH statement, fiddle with the registry and GAAAAAAAAAAHHHHH!!!!!
We can all agree the JS isn't the best language on the block. But unless it comes in a ready to go package - most people just won't bother.
It's the same thing as Linux ('scuse me while I rant) you spend ages and ages installing and configuring the damn thing when all you wnat to do is work!
Right. Rant over. To conclude - JS bad, installing IDEs and compiles: worse!
There are two things I would recomend.
:-)
1) Go to a University that offers a year abroad as part of the course. I went from UK to Canada and the change of scenery, attitudes, cultures and teaching methods opened my mind far more than staying in one place would have.
2) Make sure your minor is in a foreign language. My First language is English - so I minored in Mandarin Chinese. Who ever you work for is going to have some international dealings - make sure your education reflects that. In Europe lots of people choose German (or English if they don't know it). I'd seriously recomend an "Asian" language like Chinese, Korean, Urdu... anything really.
An international degree and language show that you're not afraid of change, you have the dedication to learn totally new ideas and that you're willing to do what it takes to get the job done.
Right, this is where the (small) rant comes it
Only 1/5 of Americans hold a passport. I've been to your country and it is huge and impressive - but there's nothing like plonking yourself out in the midle of nowhere when you only have a basic grip on the language. That's what seperates then men from the boys. Go and explore the world - even if it's just a sleepy university town in England. You'll be rewarded with friends for life who'll let you visit whenever you feel like flying over, contacts around the world who're happy to hear from you, experiences that very few of your countrymen will have and a foothold in the international community.
So, yeah, reply if you want to know which UK Universities are good for computing.
T
Nokia 6310i. Still the perfect phone.
I work for a major Mobile Telecoms company. As part of the e112 project we can now pass location based information to the emergency services when you dial 112 (999/911 etc). On plain old GSM/GPRS we can get accuracy to within 50 metres - best case. If you're outside an urban area your location can be any where from 1 - 50km.
:-)
We curretly use this for LBS (Location Based services) such as finding your nearest pub / taxi / cinema etc.
You do have the option to turn off the ability to be located by typing in a USSD (check with your operator) but this will be over-ridden if you dial 112. There are verys strict safeguards about who can have access to location base services.
With the roll out of UMTS (3G) accuracy can be determined to an even greater location - but the really interesting thing is the inclusion of GPS modules in phones. Because the USA has a requirment that x% of cell-phones must have the ability to pass back their location to 911 operators we're going to see a lot more GPS modules for phones. GPS combines with Cell Centroid algorithms will give an accuracy of less than 10m.
A few myths to clear up: Your phone will not be able to locate you when it is switched off. Unless you've set a timer in your phone to turn it on at a set time.
If "they" really wanted to find you - they would anyway. Yes, it's scaryish technology, but the phone company needs to know where you are to bill you properly anyway.
Right. That's enough from me
It is available. But only on the Orange network.
The law says that a wired hands-free kit *is* legal - only if you don't have to hold the phone to make or receive calls (BBC News). The Treo's hands-free kit has a button by the mic that will allow you to answer incoming calls. Sadly, it has no voice activated dialling.
T
A good resource for multiple monitors is here.
:-)
I use 3 monitors at home Left is API, Centre is IDE, Right is Application (plus Trillian, WinAmp etc). One you've gone double, you never want to go back
On windows 98 & XP it's dead easy. Shove in an old PCI card and away you go. I've never got it working properly with Linux.
T
If you're with Vodafone, just forward the SMS to 87726 (VSPAM). Won't cost you a penny.
The BBC have released several MP3 CDs.
T
...Because you (via your government) sold the right to do that. You can change the contract - just vote.
T
Put a dime in front of a visitor and ask him the worth of it. He can't. Nowhere does it say "ten cents" or "10 cents." It just say "One Dime."
The dime is roughly the same size as the British 5 pence peice - and is worth 50% more. Now if I can only find enough stupid checkout girls...
FreeView is the UK's digital TV service, it also broadcasts several radio channels. Now if only I could set up a wishlist for "Mornington Crescent" without TiVo insisting on a Baker Street, I'd be set!
Except that you did give your consent. Your elected government or its agencies sold a specific spectrum within your airspace.
T
"How? How do you identify yourself to the bank so that they issue you a new card and PIN?"
I work in banking. If a person is unable to identify themselves via, say, an official document; the bank will ask them questions that only they should know. eg
Current/Previous address(es)
Banking desicions and their reasons (loans, overdrafts, card replacments)
etc etc
Depending on how convincing the performance is, a new car/PIN can be issued.
T
You make many good points; but this one is wrong...
The time is going to pass where people are scared of them, just like the fear of electricity, telephone, and automobiles passed.
Talk to the people who actually build and tweak their cars like you tweak your PC. People are as scared of cars as they were 100 years ago - only now they're used to the fear. Despite having grown up with cars, I have no desires to get my hands dirty in the engine - just the same as most people who have lived with computers have no desire to go to a CLI.
Take Care
Terry
Although I agree with you, the artiste in me quarrels with this part...
Just like shakespeare is free, I believe art of our own time should be free, at least while it's still relevant
Every time your local theatre puts on Romeo and Juliet, it's not putting on the work (and paying) of your local playwrite. Although it's fairly likely that a recording artist with an equitable contract could make a living of the first 14 years of their hit album, I think that most other artists wouldn't.
I know many actors who live on they royalty/residual payments from work that they did years ago - it's a lifeline for them. The same goes for authors.
Yes, I'd like free books/plays/music and I believe that the incentive for the artist is the creation of art - but it's hard to be motivated when you also have to hold down a 9-5.
Personally, I think that (unless the artist choses otherwise) copyright should last until the death of the artist. Don't forget, in 1790 the average life expectancy was a lot lower than today.
If every work of art was a best seller and netted the creator millions of Euros, then I would agree with reducing the copyright time as far as possible. As it stands, for every Beatle there are a thousand worthy but unheard of bands who are still working hard but need a return on their investment that will last longer than 14 years.
...buy another screen. Half decent 2D PCI graphics cards are under £20 and monitors can be had for next to nothing if you get them from companies that are upgrading their systems. I've found it slightly tricky to get multiple monitors working under Mandrake 8 (yes, I'm sure I should upgrade), but Windows 98 and XP handle it fine.
What my system looks like.
Yes you did. Your elected officials sold the public spectrum to these companies.
I went to a 0005 GMT showing for two reasons.
;-). Nah. It was the fact that I've never seen a Star Wars movie for the first time on a big screen. 4 - 6 were on tv, 1 was pirated.
1) I don't like spoilers. I had to keep away from all my usual haunts for episode 1, I'm still doing it for Buffy and Spiderman. I like to see the film with no idea of what will happen / who will die et.
2) My girlfriend said she'd dress in a gold bikini
I don't think I'm a sheep. I didn't buy the souvenier book they were handing out, nor purchase the CD, nor the toys. I just wanted to stay up late and see a fun movie without knowing the details beforehand.
However, because it is not usually possible to clean or delete the offending page, it is possible to get the code to run.
I'll answer you in stages. Bare with me ... :-)
:-) but we can't design or even teach humans - we can design and teach computers.
Q: What does the developer have to do with a person installing the OS? A: Nothing. The installee couldn't care less about the underlying principles of the installer. As you say, most people don't install Windows, yet anyone can. It's impossible to install Windows and seriously mess it up. When Linux allows a pleb to fiddle with the most intimate options to a dangerous extreme it's allowing itself to be broken. Sure, make an installer capable for those who want to do dangerous things - but make the basic installer just have to click "Go" and let it do its business.
A developer might want to assign specific IRQs to certain cards - your average pleb doesn't even know what an IRQ is.
Truely for Linux to be on the Desktop, yup, has to come preinstalled. But if it's not usable people will ditch it. Linux without the GUI is stable, fast and does loads of cool things. But how many people want to remember to type "crypticcommand myFile -0 -ee" as opposed to having a visual representation? How many people want to have to remember a different cut/copy/paste metric for each program as opposed to consistency?
You say (and, yeah I'm biting, sue me!) that HCI is common sence. Problem is, if common sence is so common - why dont' more people have it? It's common sence not to drink and drive, it's common sence not to delete system files. I know otherwise intelligent people who do both.
If we could design humans, it might be possible to make heart surgery easier (multiple hearts each in their own easily openable cage, nice modular design
HCI doesn't say take choice away from all users. It says stop all users making mistakes. An administrator should be able to delete crucial system files that a pleb shouldn't be let anywhere near.
HCI is about giving the apropriate choice to the appropriate user.
Sorry for the spelling etc, in a rush.
T
:-) true I was exagerating slightly about developers. But it is worth remembering that the developers' mental model of the software will be completley different from the typical end users'.
What it boils down to is talking to the potential users. They're the ones you want to enjoy using your product.
I think that the basic point is being missed.
From the article
Right now what we'd be most interested in is some feedback by Debian developers and users out there
The golden rule in HCI is "Developers are not target users". Sad as it may seem for some people Linux Developers are no longer the same people as Linux Users. This means that, by and large, interface designers should IGNORE THE DEVELOPERS!
Users are the ones that matter here. As a first time Linux installer I don't really care about most of the things a developer cares about.
I haven't installed Debian, but let me compare my last Linux install (Mandrake 8.something) to WinXP...
All WinXP asked me was, essentially, "What is your Country and TimeZone".
Mandrake wanted to know the intimate details of my network card, how much swap space I wanted, what make of scroll-mouse I had, what sound card I had, what video cards I had (and don't get me started on XFree's Multimon support!). All this does is serve to scare and confuse a Linux Virgin. And if you want Linux on the desktop you can either make the world smarter, or make your products smarter.
Debian should not be soliciting people in the know - they know far more than the average first time user and are, consequently, useless for developing interfaces for newbies.
Sorry for the rant/misspellling/smell.
T
Nooo! don't tell people - otherwise it will get popular and die!