-= The Official #Virus Homepage!! Check it out!!! =-
Fridrik Skulason
> I have seen evidence stating that in certain cases AV mislables a virus, and
> what it was coded in and with :)
Anti-virus programs don't usually care what a virus is written in/with - and
that is in general not reflected in the name....apart from the HLLP, HLLO, HLLC
and HLLW families - there are several HLL viruses that are not in one of those
families, but that is usually because they were known before those families
were invented.
--
Fridrik Skulason Frisk Software International phone: +354-5-617273
Author of F-PROT E-mail: fr...@complex.is fax: +354-5-617274
![Casio [SLAM]'s profile photo](https://lh3.googleusercontent.com/a/default-user=s40-c)
Casio [SLAM]
In article <5rngbq$p...@banani.complex.is>,
fr...@complex.is (Fridrik Skulason) wrote:
>Anti-virus programs don't usually care what a virus is written in/with - and
>that is in general not reflected in the name....apart from the HLLP, HLLO,
>HLLC
>and HLLW families - there are several HLL viruses that are not in one of
those
>families, but that is usually because they were known before those families
>were invented.
Ahh
So, labeling a virus as coming from a generator when in fact its not is ok
right? That doesn't confuse the users of your product?
Also, has anyones virus scanner been able to remove my rustybug varients yet?
:)
Casio [SLAM] - I've been to the dark side, I think I'll stay awhile.
Your no longer above me, crying to understand me. So much for your,
your constant bitching, so much for you.
Fridrik Skulason
>So, labeling a virus as coming from a generator when in fact its not is ok
>right?
It is a minor inaccuracy. However, there are some borderline cases..
somebody could take the .ASM output from the PS-MPC generator, for example,
modeify it a bit by hand, and assemble it. Now, should the virus be
classified as a PS-MPC virus or not ? How big would the changes have to be
for it to be given a separate name.
The fact is that there is no clear-cut answer, and nobody really cares.
>That doesn't confuse the users of your product?
No, why should it ? Quite apart from the fact that they DON'T get hit by
those viruses, why should it matter to them whether the virus is named
SillyJunk.1234 or PS-MPC.1234 ?
All they care about is getting rid of it, and repairing any damage it may have
cause.
>Also, has anyones virus scanner been able to remove my rustybug varients yet?
>:)
Being able to is one thing .... bothering to do it is another - your viruses
are not exactly a significant problem, and nobody is asking for disinfection
of them, so I would guess they are rather low on the priority lists of the
various AV companies.
-frisk
Ernest Petter
Casio [SLAM] wrote:
> 2 of my creations are on it, and as yet, your product fails to remove either.
For prosperity please identify the two. I'm sure you've said before but
I must've missed that post.
> However, since there not a problem now. I will improve efforts to make them
> one. :)
What's your motivation? Glutonous ego needs feeding? The infamous
outlaw "Billy the Kid" at least made some money robbing banks. Tell you
what, if you'll write a working Linux module/driver for the USR
DataBurst ISDN modem, it uses the parallel port, I'll pay you $100US. I
know a hundred bucks isn't that much these days but you might get USR's
attention and I know you'd have the heartfelt respect of the Linux
community, as well as a nifty little item for your resume.
> Casio [SLAM] - I've been to the dark side, I think I'll stay awhile.
> Your no longer above me, crying to understand me. So much for your,
> your constant bitching, so much for you.
Did you type this with the same hands you hug your mother with? ;)
Ernest
~Disclaimer: The above offer of monetary return is only valid for the
person identified as "Casio" who posts from zianet.net. As much as I'd
like to I can't afford to make this offer to everyone. :) But if you're
so inclined I'm sure the other benefits would hold true.
Casio [SLAM]
In article <33EC8C68...@pc-pro.com>,
Ernest Petter <spam.go...@pc-pro.com> wrote:
>For prosperity please identify the two. I'm sure you've said before but
>I must've missed that post.
hllp.weed.b
hllp.weed.c
I believe.
2 of the 5 varients of the weed virus are in the wildlist.
>What's your motivation? Glutonous ego needs feeding? The infamous
>outlaw "Billy the Kid" at least made some money robbing banks. Tell you
My motivation... To code, and to enjoy my work... And, to be noticed. :)
Besides, If it weren't for people like me, AV would not be in business trying
to sell you a scanner and such.
>what, if you'll write a working Linux module/driver for the USR
>DataBurst ISDN modem, it uses the parallel port, I'll pay you $100US. I
>know a hundred bucks isn't that much these days but you might get USR's
>attention and I know you'd have the heartfelt respect of the Linux
>community, as well as a nifty little item for your resume.
I'll get back to you on this. However, No payment is needed. I'm not a greedy
fellow. If I can code this driver for you, I'll do it for free.
>
>Did you type this with the same hands you hug your mother with? ;)
It's an autoSigNature. Merely explains I am in the SLAM virus group etc. :)
George Wenzel
Casio [SLAM] says...
>My motivation... To code, and to enjoy my work... And, to be noticed. :)
>Besides, If it weren't for people like me, AV would not be in business trying
>to sell you a scanner and such.
This argument doesn't hold. The AV people would gladly be doing work
in another industry if it weren't for people like you. Most of them
would be more than happy to be programming games, applications, or
something more thrilling than anti-viruses.
--
George Wenzel <gwe...@gpu.srv.ualberta.ca>
Club Secretary & Webmaster,
University of Alberta Karate Club
http://www.ualberta.ca/~gwenzel/
Thomas Bjorseth
On Sun, 10 Aug 97 18:44:22 GMT, Ca...@raiderz.com (Casio [SLAM])
wrote:
>In article <33EC8C68...@pc-pro.com>,
> Ernest Petter <spam.go...@pc-pro.com> wrote:
<snip>
>>What's your motivation? Glutonous ego needs feeding? The infamous
>>outlaw "Billy the Kid" at least made some money robbing banks. Tell you
>
>My motivation... To code, and to enjoy my work... And, to be noticed. :)
>Besides, If it weren't for people like me, AV would not be in business trying
>to sell you a scanner and such.
...so the ultimate prank would be to stop writing viruses, so the AV
companies went out of business! Try that, for a change.
You will receive more attention if you turn to writing useful programs
that actually help people...
Regards,
Thomas B
Joseph Silver
Casio [SLAM] wrote:
>
> In article <MPG.e58f2389...@news.srv.ualberta.ca>,
> gwe...@gpu.srv.ualberta.ca (George Wenzel) wrote:
>
> >This argument doesn't hold. The AV people would gladly be doing work
> >in another industry if it weren't for people like you. Most of them
> >would be more than happy to be programming games, applications, or
> >something more thrilling than anti-viruses.
>
> programming. AV software only came into the scene when they saw $$$ in there
> eyes.
For some VX, the reward might lie in the programming exercise, but many virus
programmers write soddy code, and I doubt that those get much from the
exercise or they'd spend more time debugging. Plus, there's the slew of
virus from virus generators - the folks "authoring" those aren't getting
much in the way of programming exercise. I know nothing about the viruses
you've personally authored, but if they're well-written and you felt rewarded
by the task of programming them well, I'd say you're one of the few.
The inverse of AV software coming into the scene for the $$ is that there was
no money in the AV scene until customers began demanding that kind of software.
> It's quite possible that when AV gets there heads together, and stops acting
> high and mighty and talking down to people, That, atleast I might consider
> not writing any more viruses. However, I have a new one in the works which if
> you have f-prot on your system and it finds it, It disables it entirely. :)
Aside from Zvi (who's arguably not even AV), I think most of the AV folks around
here don't really talk down to people. What you see as "high and mighty," I see
as disdain for those engaging the unethical practice of messing with other
people's property. I'm not trying to restart the dialogue about the right-and-
wrong of doing this - some people (ie most AV) see it as an absolute violation of
the victim, and others (ie most VX) see it as a harmless prank or that the victim
got what he or she deserved for not being cautious enough or prepared to deal
with it. On a good day I hold with the AV, and on a bad day, after dealing with
ignorant users doing stupid things, I kinda feel that folks with computers get
what they deserve. Drive a car, you learn the rules of the road, you make sure
there's a jack and a spare in the trunk and you watch your gas gauge and idiot
light. Folks get PC's and an AOL account, download everything they can find and
run it all without even understanding the concept of directories on hard drives...
All that aside, if the AV somehow changed their ways, would that make the exercise
of programming viruses less rewarding for you? Is the reward simply in creating
viruses, or in developing new techniques from thwarting AV?
Does your new virus execute if there's an on-access scanner running, or would
it get caught before it could disable F-Prot?
> Casio [SLAM] - I've been to the dark side, I think I'll stay awhile.
> Your no longer above me, crying to understand me. So much for your,
> your constant bitching, so much for you.
Are those lyrics you're quoting, or an original statement?
----------------------
Joe Silver
"Here is wisdom. Let him that hath understanding count the number of the
beast: for it is the number of a man; and his number is x-eighty-six."
Member of Finally Balanced - http://pw2.netcom.com/~canis.a/fb_home.htm
Jeffrey Haluska
> Casio [SLAM] says...
> >My motivation... To code, and to enjoy my work... And, to be
> noticed. :)
> >Besides, If it weren't for people like me, AV would not be in
> business trying
> >to sell you a scanner and such.
>
> in another industry if it weren't for people like you. Most of them
> would be more than happy to be programming games, applications, or
> something more thrilling than anti-viruses.
Then why don't they? In most modern countries people have the ability
to choose where they work and what they work on. They get to choose
what they want to do. The AV programmers must like there work for some
reason. Maybe they think they are making the world a better place.
They could also do this by programming other non-AV programs. Maybe
they like they pay...hmmm not likely. :-)
Are you accusing programming Anti-Virus programming of being boring? I
think AV has one of the most challenging problem of all programmers.
For they have to make programs to stop other programs. Not just
one...but Thousands.
Jeff
George Wenzel
E. Snyder says...
> An antivirus is an application..
Generally, anti-virus programs are considered utilities, not
applications. Semantics.
>And it does hold...
No, it does not. Saying that virus writers are justified because
they create an industry for the AV folk is like saying the Exxon
corporation should spill more oil into the oceans because they supply
an industry for the clean-up teams.
> Ever seen those sci-fi movies about the world disposing
> of all weapons and etc, then some big headed aliens come
> down and eat us all since we're defenseless?
I believe that was a Simpsons episode.
>Imagine that on a computer scale.
I don't quite follow the analogy. I'm not saying that AV software is
useless. I'm saying that the AV folk would be quite happy
programming other things if AV programs hadn't come their way.
>I've said this many times,
> perhaps you could come up with an argument for it instead
> of just suggesting the eradication of virus writers...
I have never suggested that. What I have suggested is that virus
writers look at the ethics of their activities instead of simply
doing things because they enjoy them. From what I've seen, most
virus writers have miserable ethical development.
>Are you absolutely sure AV techies don't enjoy playing with viruses?
I've asked some AV techies, and the consensus is generally that
programming games would be a lot more fun.
>After all, alot of people (not me) consider
> them the most advanced form of Artificial Life.
Computer viruses are miserable attempts at artificial life - all they
are are programs that make copies of themselves. There are better
(not to mention safer) implementations of artificial life on
computers, such as Terra.
> Then again, wheres my copy of Doctor Solly's "Space Invadiers"?!
Perhaps you should take a look at some of the games that Graham
Cluely has produced. They're available from his personal web page.
>Wait a second, would Solly still be a doc if he isn't doctoring anything?
Dr. Solomon is a doctor because he has earned his PhD. Whether he
"doctors" anything is beside the point.
Jamie Hale
On Tue, 12 Aug 1997 16:35:23 -0700, Joseph Silver
<jsi...@collabo.c0m> wrote:
>Casio [SLAM] wrote:
>> George, Viruses are written now adays because it's a decent excersize in
>> programming. AV software only came into the scene when they saw $$$ in there
>> eyes.
>
>The inverse of AV software coming into the scene for the $$ is that there was
>no money in the AV scene until customers began demanding that kind of software.
And besides, some of us aren't living at home anymore or living off of
Government aid. There is no crime in seeing an opportunity for
business and exploiting it. If there is a market for AV software (or
left nostril inhalers), that's where you apply your efforts. This
sounds quite rational to me.
>On a good day I hold with the AV, and on a bad day, after dealing with
>ignorant users doing stupid things, I kinda feel that folks with computers get
>what they deserve. Drive a car, you learn the rules of the road, you make sure
>there's a jack and a spare in the trunk and you watch your gas gauge and idiot
>light. Folks get PC's and an AOL account, download everything they can find and
>run it all without even understanding the concept of directories on hard drives...
Amen.
Jamie Hale
George Wenzel
E. Snyder says...
> And why bother? All that's left is disk compression, AntiVirus,
> and encryption.
Huh? There's lots more that can be programmed other than those.
>Viruses encrypt..
Except the encryption they usually use is miserably bad compared to
some of the stronger encryption programs (like PGP).
>Viruses are optimized...
I believe that some of the AV folk in this group would disagree with
that statement.
> An understanding of viruses is required to write an AV.
You have an incredible talent for pointing out the obvious.
Graham Cluley
gwe...@gpu.srv.ualberta.ca (George Wenzel) wrote:
> E Snyder writes:
> > Then again, wheres my copy of Doctor Solly's "Space Invadiers"?!
>
> Perhaps you should take a look at some of the games that Graham
> Cluely has produced. They're available from his personal web page.
I'm not the only one at Dr Solomon's who has written computer games
either. Dr Alan Solomon, for example, wrote some in the old days -
including one called "Cash Crisis" which you can get him to rave about if
you give him enough speckled hen. I think he may have also ported some
versions of Colossal Cave.
We've now got over 400 staff at Dr Solomon's so there's bound to be more
people than just me and Alan who have written computer games.
Regards
Graham
---
Graham Cluley CompuServe: GO DRSOLOMON
Senior Technology Consultant, UK Support: sup...@uk.drsolomon.com
Dr Solomon's Anti-Virus Toolkit. US Support: sup...@us.drsolomon.com
Email: gcl...@uk.drsolomon.com UK Tel: +44 (0)1296 318700
Web: http://www.drsolomon.com US Tel: 888-DRSOLOMON / 617 273 7400
NEW:Evaluate Dr Solomon's FindVirus 7.74! Download it from our website
Joseph Silver
Casio [SLAM] wrote:
>
> In article <33F0F3...@collabo.c0m>,
> Joseph Silver <jsi...@collabo.c0m> wrote:
> <snip> I know nothing about the viruses
> >you've personally authored, but if they're well-written and you felt rewarded
> >by the task of programming them well, I'd say you're one of the few.
>
> Windows95/Winnt/os/2 warp and Dos. Because of a exploit i found while studying
> those OSes...
Definitely one of the few then...
> >The inverse of AV software coming into the scene for the $$ is that there was
> >no money in the AV scene until customers began demanding that kind of
> >software.
>
> However, AV takes matters a bit far, For example, Apache Warrior Got nailed
> when Doc Solly convinced scotland yard to arrest him. This and other non-sense
> is readily available on the Crypts homepage. Also, Dr Solomon tried to claim
> the Crypt opened the case on this, Which again, the Crypt had nothing to do
> with it.
Well, it's all Roshamon (sp?), it's truth from everyone's perspective. I'm sure
Scotland Yard folks would tell you they need no convincing from third parties
to arrest criminals, and I'm sure many people would say Apache Warrior got nailed
when he broke the law and got caught, ie he did it too himself. Like the unwary
user who catches a virus, he was unwary and got nailed. But I must admit ignorance
of the details of this case - I'm assuming he wrote a virus (or more) that was
unleashed and that he was proven the author of the virus. That's the risk VX take,
especially the VX who can actually code and create something new instead of using
a variation generator.
> >Aside from Zvi (who's arguably not even AV), I think most of the AV folks
> >around here don't really talk down to people. What you see as "high and
> >mighty," I see as disdain for those engaging the unethical practice of
> >messing with other people's property. I'm not trying to restart the dialogue
> >about the right-and- wrong of doing this - some people (ie most AV) see it as
> >an absolute violation of the victim, and others (ie most VX) see it as a
> >harmless prank or that the victim
>
> Some of us see it as an educational Lesson. Computers don't require any
> knowledge to run them.. Driving a car does. the less ignorant people we have
> who cannot tell the difference between a file and a directory, The better.
Don't think I'd phrase it that way. Computers don't require any knowledge to turn
them on, but to ~use~ them... but it's undeniably an educational lesson. What's
arguable is, is such a potentially drastic lesson necessary? Big difference
between showing a Martian landscape on screen and writing over files at random
over a period of time that even regular backups might not recover. I agree, the
less ignorant users are, the better. But they can be educated just as well without
suffering a virus attack.
> >got what he or she deserved for not being cautious enough or prepared to deal
> >with it. On a good day I hold with the AV, and on a bad day, after dealing
> >with ignorant users doing stupid things, I kinda feel that folks with
> >computers get what they deserve. Drive a car, you learn the rules of the
> >road, you make sure there's a jack and a spare in the trunk and you watch
> your g>as gauge and idiot
> >light. Folks get PC's and an AOL account, download everything they can find
> and
> >run it all without even understanding the concept of directories on hard
> drives...
>
> I've noticed.
Yeah, my favorite is the macho bulls**t "I don't need the manual," always fun
to get a system back up and running for one of those idiots...
> >All that aside, if the AV somehow changed their ways, would that make the
> exercise
> >of programming viruses less rewarding for you? Is the reward simply in
> creating
> >viruses, or in developing new techniques from thwarting AV?
>
> It's more like doing what the AV does. Dissasmbling there products looking
> for exploits or weaknesses withen them. And using it to the virus's
> advantage.
Ah, that's what I thought. So it's not merely the programming exercise in and
of itself which is rewarding, for you at least. It's more the battle-of-wits
chess game aspect at being better at the disassembling and programming than
the AV opponent. That's a very strong thrill, and I'd think that's what motivates
more VXers than the more altruistic rewards of simply programming well.
> >Does your new virus execute if there's an on-access scanner running, or would
> >it get caught before it could disable F-Prot?
>
> On access scanners are worthless unless they are already familiar with the
> virus. As this one is new, not based on another's code, An on access scanner
> will not locate it.
Ah, there's my technical ignorance showing. I know how scanners use signatures,
but I thought on-access scanners could also employ other techniques like
heuristics and behaviour monitors to find viruses not in their signature DBs.
> And the virus will disable f-prot by rewriting certain
> code in it, to display an advertisement for Mcafee and exit to dos, instead
> of scan. Likewise, if a mcafee scanner is found, it will be recoded to
> display an advertisement for f-prot.
Actually, it seems that Dr. Solomon's and McAfee have been advertising for each
other lately, wouldn't those two have made a better pairing? And pit F-Prot
against IV... though it's probably not very rewarding thwarting Zvi's programming,
doesn't seem from what he posts here that he's a very capable opponent...
> >> Casio [SLAM] - I've been to the dark side, I think I'll stay awhile.
> >> Your no longer above me, crying to understand me. So much for your,
> >> your constant bitching, so much for you.
> >
> >Are those lyrics you're quoting, or an original statement?
>
> SLAM is an identification because I am in the SLAM virus group.
> Some of it is song lyrics from CandleBox.
Yeah, the SLAM I understood, it was the "dark side" bit I was curious about,
it seemed vaguely familiar. There's an indication of our respective peer groups,
for what it's worth - you quote CandleBox, whereas I'd probably sign:
----------------
Joseph Silver
"There is no dark side of the Moon, really. Matter of fact it's all dark."
E. Snyder
>This argument doesn't hold. The AV people would gladly be doing work
>in another industry if it weren't for people like you. Most of them
>would be more than happy to be programming games, applications, or
>something more thrilling than anti-viruses.
An antivirus is an application.. And it does hold...
Ever seen those sci-fi movies about the world disposing
of all weapons and etc, then some big headed aliens come
down and eat us all since we're defenseless? Imagine
that on a computer scale. I've said this many times,
perhaps you could come up with an argument for it instead
of just suggesting the eradication of virus writers...
Are you absolutely sure AV techies don't enjoy playing
with viruses? After all, alot of people (not me) consider
them the most advanced form of Artificial Life.
Then again, wheres my copy of Doctor Solly's "Space Invadiers"?!
Wait a second, would Solly still be a doc if he isn't
doctoring anything?
-)Lore
Jamie Hale
On Wed, 13 Aug 1997 09:41:52 -0600, gwe...@gpu.srv.ualberta.ca
(George Wenzel) wrote:
>E. Snyder says...
>>Are you absolutely sure AV techies don't enjoy playing with viruses?
>
>I've asked some AV techies, and the consensus is generally that
>programming games would be a lot more fun.
Last time I checked, human's have something called "free will". There
is no higher power that forces these people to write anti-virus
software. If they want to cut games, all they need to do is send a
resume around.
>>After all, alot of people (not me) consider
>> them the most advanced form of Artificial Life.
>
>Computer viruses are miserable attempts at artificial life - all they
>are are programs that make copies of themselves.
The artificial life argument is a tough one. But the day I see people
protesting in front of McAfee's main office with signs that say
"viruses have rights too" and "don't kill my code" is the day I lose
all hope for humankind. :)
Jamie Hale
Bruce P. Burrell
Casio [SLAM] <Ca...@raiderz.com> wrote:
[snip]
> The viruses I have authored are well written,
Well, YOU say they're well written.; I bet most virus authors say that
about their pitiful creations. I haven't bothered to look at yours, so I'll
await judgement via peer review.
You don't get to name 'em; you don't get to pass judgement on their
quality.
> and designed to work on Windows95/Winnt/os/2 warp and Dos. Because of a
> exploit i found while studying those OSes...
Sounds like an idle boast.
> >The inverse of AV software coming into the scene for the $$ is that there was
> >no money in the AV scene until customers began demanding that kind of
> >software.
> However, AV takes matters a bit far, For example, Apache Warrior Got nailed
> when Doc Solly convinced scotland yard to arrest him. This and other non-sense
> is readily available on the Crypts homepage. Also, Dr Solomon tried to claim
> the Crypt opened the case on this, Which again, the Crypt had nothing to do
> with it.
Alan isn't here to comment, but if Scotland Yard thought there was merit
to pursuing the case, I bet they had a good reason. After all, Dr. Solly
has the right to exercise his free speech whenever he so chooses, just as
you do.
> >Aside from Zvi (who's arguably not even AV), I think most of the AV folks
> >around here don't really talk down to people. What you see as "high and
> >mighty," I see as disdain for those engaging the unethical practice of
> >messing with other people's property. I'm not trying to restart the dialogue
> >about the right-and- wrong of doing this - some people (ie most AV) see it as
> >an absolute violation of the victim, and others (ie most VX) see it as a
> >harmless prank or that the victim
> Some of us see it as an educational Lesson. Computers don't require any
> knowledge to run them.. Driving a car does. the less ignorant people we have
> who cannot tell the difference between a file and a directory, The better.
What a load of flatulence!
1. Sure, cars require knowledge to drive. But not ALL knowledge; if so,
we'd all be auto mechanics.
2. Knowing how to drive a car requires, what? Knowing how to put the key
in the ignition, turn it, and put the car in gear. It also requires
knowing how to use the accelerator, brake, and steering wheel. That
does not suffice to be able to drive WELL.
3. Using a computer requires knowing how to turn it on, and run a
program or two. Similar skill levels for basic use.
4. Driving a car can actually cause physical harm to someone; that's
why, in part, one must have a license to drive legally.
5. Computers aren't lethal weapons, so the users don't have to be
licensed. If the computer user doesn't know about files and
subdirectories, they'll be limited enough without having a virus to
add to the mix.
6. Your solution to the ignorant computer user is to give him or her a
virus? I wonder what you advocate for the neophyte driver. Cattle
prods to the genitals?
May you reap in life as you have sown.
[snip]
> On access scanners are worthless unless they are already familiar with the
> virus. As this one is new, not based on another's code, An on access scanner
> will not locate it.
Some on-access products now have heuristics. Virus writers will be
limited even further.
-BPB
Graham Cluley
> I'm sure Scotland Yard folks would tell you they need no convincing
> from third parties to arrest criminals, and I'm sure many people would
> say Apache Warrior got nailed when he broke the law and got caught, ie
> he did it too himself.
My memory is that Apache Warrior got caught because he was defrauding the
telephone company.
Regards
Graham
---
Graham Cluley CompuServe: GO DRSOLOMON
Senior Technology Consultant, UK Support: sup...@uk.drsolomon.com
Dr Solomon's Anti-Virus Toolkit. US Support: sup...@us.drsolomon.com
Email: gcl...@uk.drsolomon.com UK Tel: +44 (0)1296 318700
Web: http://www.drsolomon.com USA Tel: 888-DRSOLOMON / 617-273-7400
Tarkan Yetiser
In article <33f21222...@news.pathcom.com>, jh...@pathcom.com says...
Ah, imagine the news... Two AVers were shot today outside their offices
as they were coming to work. Police apprehended the shooter, a 16-year-
old, who claimed to be a virii-rights activist. Authorities raided his
mother's house and discovered various virii-related material on his
computer. Police is still scanning for more evidence to understand what
on earth could have motivated this person to become violent. Editor of
the virii magazine Slime said: "We do not condone violence. But we'd like
to see the State to protect virii-rights; they are being slaughtered
every day for AV's money-making purposes."
--
Regards
Tarkan Yetiser
VDSARG
tyet...@vdsarg.com
http://www.vdsarg.com
data != information != knowledge != perspective != wisdom
Perforin for WinWord finds and removes macro viruses.
E. Snyder
eep..
>>However, I have a new one in the works which if
>>you have f-prot on your system and it finds it, It disables it entirely.
>That only works if your virus gets to run before F-Prot does. If F-
>Prot is running already before your virus is, your disabling
>algorithm won't ever get a chance to run (once, of course, F-Prot
>detects your virus).
Hmmm, right and wrong...
Casio uses an extremely old, primitive method of infection
with a kinda decent twist that makes it annoying as hell.
Not only does f-prot usually regard all that hll junk
instructions as a pretty lil legit program, but it can
*also* be infected by Casios creations and it doesn't
know the difference. Operates just perfect, I've tested
it many times.
But then again, completely killing off f-prot means the
user has one *extremely* large thing to be suspicious of,
so uhh, that's a very stupid thing to do......
-)Lore
E. Snyder
mmmm....
>The viruses I have authored are well written, and designed to work on
Uh, compared to what, Casio? Still getting that Share
error? ;)
>It's more like doing what the AV does. Dissasmbling there products
looking
>for exploits or weaknesses withen them. And using it to the virus's
advantage.
Ah, you don't even have to disassemble AVs... ;P
Viruses you do, and I love to do either. Producing
more heuristic invulnerable (mmm, maybe not invulnerable,
but for now heuries can't find 'em), or virus defensive
files.
>code in it, to display an advertisement for Mcafee and exit to dos,
instead
>of scan. Likewise, if a mcafee scanner is found, it will be recoded to
>display an advertisement for f-prot.
mmm, I want to see this....
>SLAM is an identification because I am in the SLAM virus group.
SPAM... ;)
-)Lore
Bill Clark
gwe...@gpu.srv.ualberta.ca (George wrote:
> Really? Why is it, then, that most of the oldest anti-virus products
> are available as shareware? F-Prot is free for personal, non-
> commercial use.
Aw come on George. We both know the bucks are in corporate licensing.
-bc-
Bill Clark
!wcl...@worldnet.att.net
From: !wcl...@worldnet.att.net (Bill Clark)
To: all
Newsgroups: alt.comp.virus
Subject: Re: -= The Official #Virus Homepage!! Check it out!!! =-
Date: 14 Aug 1997 13:32:18 +0000
Message-ID: <1_132/180_0_3...@fidonet.org>
Ca...@raiderz.com (Casio [SLAM]) wrote:
> The viruses I have authored are well written, and designed to work
> on Windows95/Winnt/os/2 warp and Dos.
Are you saying that your viruses work in native OS/2 mode, with no Dos or Win-OS2 installed and are not boot infectors?
-bc-
Bill Clark
!wcl...@worldnet.att.net
Casio [SLAM]
In article <MPG.e5abf9ca...@news.srv.ualberta.ca>,
gwe...@gpu.srv.ualberta.ca (George Wenzel) wrote:
>I'd think that there are far better ways to exercise your programming
>ability - why not program some useful utilities, or some simple
>applications?
I have written applications George... Many in fact.. However, those don't
compare to a decently written self replicating program.
>Really? Why is it, then, that most of the oldest anti-virus products
>are available as shareware? F-Prot is free for personal, non-
>commercial use.
Whereas they have a professional version, Which costs money george.
>The viruses you write don't have any real effect on the AV industry.
>They add detection for your viruses, which is generally (according to
>them) a fairly trivial task. The people that are affected by your
>viruses are the people that end up _catching_ them.
A trivial task, and yet they cannot remove any of the rustybug varients, nor
the weed viruses above version 1.0.
>That only works if your virus gets to run before F-Prot does. If F-
>Prot is running already before your virus is, your disabling
>algorithm won't ever get a chance to run (once, of course, F-Prot
>detects your virus).
George, My virus will be released and infecting users LONG before f-prot
catches up. The newest f-prot still does not know rustybug v1.0 or v1.1, So I
seriously doubt it will notice the next one, called KriLe which will disable
it. Also, when f-prot is infected by one of my viruses, It fails to notice. So
much for self checking.
Casio [SLAM]
In article <5t02gb$n01$1...@news1.atlantic.net>,
lo...@atlantic.net (E. Snyder) wrote:
> Uh, compared to what, Casio? Still getting that Share
> error? ;)
Oh yes, that pesky one.. heh... It'll be fixed in the next version. I found
what was causing it. :)
> Ah, you don't even have to disassemble AVs... ;P
> Viruses you do, and I love to do either. Producing
> more heuristic invulnerable (mmm, maybe not invulnerable,
> but for now heuries can't find 'em), or virus defensive
> files.
heheh... I know :)
>>code in it, to display an advertisement for Mcafee and exit to dos,
>instead
>>of scan. Likewise, if a mcafee scanner is found, it will be recoded to
>>display an advertisement for f-prot.
>
> mmm, I want to see this....
You'll be the first to get a copy...
>>SLAM is an identification because I am in the SLAM virus group.
>
> SPAM... ;)
hehehe
Thomas Bjorseth
On Fri, 15 Aug 1997 01:44:28 -0600, gwe...@gpu.srv.ualberta.ca
(George Wenzel) wrote:
<snip>
>Hogwash. The definition of "life" requires more than simply
>reproduction. Fire reproduces, but it is not alive.
Hmmm... I know people who certainly can reproduce, but I would not say
that they have a life... How would they be classified?
Regards,
Thomas B
Bruce P. Burrell
Paul Walker <pwa...@zetnet.co.uk> wrote:
> In message <33f21...@nova.zianet.com>[snip]
> > will not locate it. And the virus will disable f-prot by rewriting
> >certain code in it, to display an advertisement for Mcafee and exit to
> You don't think the F-Prot program might notice this?
Well, if you just write code that prints a message and exits to DOS,
then tack that on at the entry point of any executable, the
original program never gets to run. But why bother? Just rename
F-PROT.EXE to F-PROT.BIN, and make a batch file that ECHOs the advert.
Whatever it does, it's just silly.
If the virus ever were to let F-PROT get control, then the corruption
to F-PROT would be noticed. Under the stated conditions, though, I think
even the USER would notice!
-BPB
Paul Walker
In message <5t15v6$t4b$3...@newbabylon.rs.itd.umich.edu>
Bruce P. Burrell <b...@ren.us.itd.umich.edu> writes:
> > You don't think the F-Prot program might notice this?
> Well, if you just write code that prints a message and exits to DOS,
> then tack that on at the entry point of any executable, the
> original program never gets to run. But why bother? Just rename
True ... I must be honest, I just never considered anyone would be
stupid enough just to block the program entirely.
E. Snyder
>Hogwash. The definition of "life" requires more than simply
>reproduction. Fire reproduces, but it is not alive.
No, george, fire does not procreate. I guess you
can say I misworded, but that's the lowest definition of life:
to replicate.
An ameoba is alive, and an ameoba replicates, and feeds.
That's it. Look it up if you don't believe me.
-)Lore
Bill Clark
George Wenzel
Casio [SLAM] says...
>I have written applications George... Many in fact.. However, those don't
>compare to a decently written self replicating program.
They don't? Perhaps you can elaborate as to why a virus is better
than a non-replicating, useful program that people actually _want_ to
have on their computer?
>>Really? Why is it, then, that most of the oldest anti-virus products
>>are available as shareware? F-Prot is free for personal, non-
>>commercial use.
>
>Whereas they have a professional version, Which costs money george.
Your original point was that AV companies came on to the scene
because they saw money they could make. While it is certainly true
that F-Prot has a professional version, if they were entirely in the
business to make money, FSI wouldn't be offering the shareware
version free to personal, non-commercial users, now would they?
Personal, non-commercial users form a huge market, and yet they can
obtain an excellent program for absolutely no money or obligation.
Sounds like a pretty good deal to me.
>George, My virus will be released and infecting users LONG before f-prot
>catches up.
If the virus is in-the-wild, it will be added to the databases of the
major anti-virus programs. I don't see why you think your viruses
are more special than any others.
>The newest f-prot still does not know rustybug v1.0 or v1.1,
As Frisk noted, this is because they haven't received reports of
those viruses being problematic for the general user population. If
they aren't that big of a problem, they aren't that big of a
priority.
Doren Rosenthal
Paul Walker (pwa...@zetnet.co.uk) wrote:
: In message <33f21...@nova.zianet.com>
: Ca...@raiderz.com (Casio [SLAM]) writes:
: > The viruses I have authored are well written, and designed to work on
: > Windows95/Winnt/os/2 warp and Dos. Because of a exploit i found while
:
: I have no idea how accurate that is, but it's not that relevant -
: there are many more virus writers than just you.
Yes! What about the rest of us? Is my test virus welcome on your page?
Doren Rosenthal
Author of Virus Simulator http://slonet.org/~doren/
Kurt Wismer
E. Snyder (lo...@atlantic.net) wrote:
: On Fri, 15 Aug 1997 01:44:28 -0600, gwe...@gpu.srv.ualberta.ca
: (George Wenzel) wrote:
: >Hogwash. The definition of "life" requires more than simply
: >reproduction. Fire reproduces, but it is not alive.
: No, george, fire does not procreate. I guess you
: can say I misworded, but that's the lowest definition of life:
: to replicate.
then i guess mules (the offspring of a horse and a donkey) aren't really
alive then, since they can't replicate...
proof by counter example...
George Wenzel
E. Snyder says...
> No, george, fire does not procreate.
In a broad sense, it replicates itself, providing fuel and oxygen are
available.
>I guess you can say I misworded, but that's the
>lowest definition of life: to replicate.
Yes, that could be considered the lowest definition of life.
That isn't what you said, though. You said that the _only_
requirement for life was reproduction. I pointed out that there were
more requirements (I believe there are about 7 or 8 of them).
> An ameoba is alive, and an ameoba replicates, and feeds.
> That's it. Look it up if you don't believe me.
Yes, I learned that in my grade six science class.
Casio [SLAM]
In article <5t7l45$3jr$1...@zinger.callamer.com>,
do...@slonet.org (Doren Rosenthal) wrote:
>Yes! What about the rest of us? Is my test virus welcome on your page?
heh... You'd have to join #virus on undernet and ask :)
Casio [SLAM]
In article <199708152...@zetnet.co.uk>,
Paul Walker <pwa...@zetnet.co.uk> wrote:
>True ... I must be honest, I just never considered anyone would be
>stupid enough just to block the program entirely.
LOL.
The viruses I have written so far, Happily infect fprot, and fprot still
runs, but does not notice the infection.
Paul Walker
In message <5t7l45$3jr$1...@zinger.callamer.com>
do...@slonet.org (Doren Rosenthal) writes:
> : I have no idea how accurate that is, but it's not that relevant -
> : there are many more virus writers than just you.
> Yes! What about the rest of us? Is my test virus welcome on your page?
You never miss a chance for an advert, do you?
I'm not quite sure what you mean by "welcome on your page", since I
only run a homepage for myself, (http://www.warwick.ac.uk/~csuan)
which isn't especially good.
Paul Walker
In message <5t5br2$pgo$1...@news1.atlantic.net>
lo...@atlantic.net (E. Snyder) writes:
> An ameoba is alive, and an ameoba replicates, and feeds.
> That's it. Look it up if you don't believe me.
Can't find how to edit outgoing mail in this damn thing, but I forgot
to say - the object doesn't have to satisfy all seven, just a certain
number. (4?)
E. Snyder
>: > The viruses I have authored are well written, and designed to work
on
>: > Windows95/Winnt/os/2 warp and Dos. Because of a exploit i found while
>:
>: there are many more virus writers than just you.
Yes, yes there are.
>Yes! What about the rest of us? Is my test virus welcome on your page?
Casio doesn't have his *own* page, the #virus official webpage
belongs to Almighty, Casio is just one of the members of the
irc Channel on undernet.
And of course, if you want it up, it can be arranged..
Hell, he's been so desparate he's put up snapshot.asm,
fortrav.asm, and simple.asm (saves A: bootsector to disk file,
moves down the directory tree using an array and find first/next,
and a simple program to show assembly, respectively)
-)Lore
>Doren Rosenthal
>Author of Virus Simulator http://slonet.org/~doren/
I have got to try that doohickey one day.
Patrick Noyens
On Fri, 15 Aug 97 23:49:12 GMT, Ca...@raiderz.com (Casio [SLAM])
wrote:
:>In article <MPG.e5abf9ca...@news.srv.ualberta.ca>,
:> gwe...@gpu.srv.ualberta.ca (George Wenzel) wrote:
:>>The viruses you write don't have any real effect on the AV industry.
:>>They add detection for your viruses, which is generally (according to
:>>them) a fairly trivial task. The people that are affected by your
:>>viruses are the people that end up _catching_ them.
:>
:>A trivial task, and yet they cannot remove any of the rustybug varients, nor
:>the weed viruses above version 1.0.
Don't make yourself illusions, kid. Once one of these viruses are a
real problem to the users (if ever), your 'work' were you are so proud
about, will end up in nothing more then a few bytes in F-Prot's
SIGN.DEF or DSAV's *.DRV.
Anyway, your creations seem a bit 'dumb' to me, but each his own, of
course :-)
:>seriously doubt it will notice the next one, called KriLe which will disable
KriLe ? No, no, I guess you're mistaken !
You 'll not be the one who gives the virus a name .... maybe it will
be called something like Pighead or Dummy :-))
:> will disable it. Also, when f-prot is infected by one of my viruses,
Infecting the F-PROT.EXE ?
Don't you even know the *basic* rules for using an on demand scanner ?
How will your virus infect F-PROT.EXE on a write protected floppy
disk? Even more : how can your virus infect F-PROT.EXE if the user
booted from a clean system disk before scanning (= exactly what he
should *always* do) ?
You didn't find a way around this, did you ? (*that* would really
interest me!)
-Patrick-
-----------------------------------------------------------------------------------------------------
E-mail: patrick.noyens@#ping.be (remove the # from #ping)
PGP-key available on request
1024/E8EB3F19 1994/05/22 Patrick Noyens <patrick.noyens@#ping.be>
Key fingerprint = 01 31 60 FF C2 0F D4 A7 D2 83 64 FE 3E 3F 83 79
E. Snyder
Reply to Paul Walker:
>> : I have no idea how accurate that is, but it's not that relevant -
>> : there are many more virus writers than just you.
>You never miss a chance for an advert, do you?
He's a software utility author, he's not sposed to miss
chances like that.
>I'm not quite sure what you mean by "welcome on your page", since I
>only run a homepage for myself, (http://www.warwick.ac.uk/~csuan)
>which isn't especially good.
Look at the current threads topic, dah....
Remember to look at the monitor when you do, or you
might miss it.
-)Lore
Paul Walker
In message <5teo2c$bnd$1...@news1.atlantic.net>
lo...@atlantic.net (E. Snyder) writes:
> Uh, his viruses are runtime, won't matter if they reboot
> clean or don't reboot clean.
Ah. You mean it's a file infector...
Casio [SLAM]
In article <1_132/180_0_3...@fidonet.org>,
!wcl...@worldnet.att.net (Bill Clark) wrote:
>Are you saying that your viruses work in native OS/2 mode, with no Dos
or Win-OS2 installed and are not boot infectors?
Thats correct
E. Snyder
Reply to um. Paul Walker(I think):
>In message <33f8e...@nova.zianet.com>
Ca...@raiderz.com (Casio [SLAM]) writes:
>> The viruses I have written so far, Happily infect fprot, and fprot
still
>> runs, but does not notice the infection.
>Patch at run-time, or just stealth?
Guess you can call it 'patch at run-time', but I've said
before that his viruses include a very old "trick".
Upon run of an infected file, it will infect more files,
rewrite the host to disk disinfected, spawn the host using
DOS, then reinfect the current host and more files in the
cwd.
-)Lore
Fridrik Skulason
>A trivial task, and yet they cannot remove any of the rustybug varients, nor
>the weed viruses above version 1.0.
They are just low on the priority list.....after all, we have not had a single
request for disinfection of them.
--
Fridrik Skulason Frisk Software International phone: +354-5-617273
Author of F-PROT E-mail: fr...@complex.is fax: +354-5-617274
Paul Walker
In message <5tdlk8$gqk$1...@news1.atlantic.net>
lo...@atlantic.net (E. Snyder) writes:
> >You never miss a chance for an advert, do you?
> He's a software utility author, he's not sposed to miss
> chances like that.
Most of the other reps here seem to resist, or at least recommend
several other ones as well. They also usually stick to situations
where it would actually be the most helpful.
> Look at the current threads topic, dah....
> Remember to look at the monitor when you do, or you
> might miss it.
Ah. I very rarely look at subject lines, since as they don't normally
change, it's not worth it.
Incidentally, don't forget to use the keyboard when writing a reply,
or you might have trouble.
Paul
Paul Walker
In message <5tdlg0$gpm$1...@news1.atlantic.net>
lo...@atlantic.net (E. Snyder) writes:
> Uh, ok, let me rephrase this for you really slow people.
You often talk to yourself?
> We're talking artifical life, next to artifical intelligence.
> Ok? So how the hell is a program going to respirate and
> deficate?
It isn't, so I'd say it's not alive. Easy.
George Wenzel
E. Snyder says...
> Ah well, goes to show my viruses have more of "a life" than
> alot of the lazy, incoherant people on this newsgroup.
Is there any particular reason that you're so aggressive towards
pretty much everybody that disagrees with you?
Perhaps you should realize that there are other opinions, and yours
isn't any more valuable than anybody else's.
Bill Clark
Ca...@raiderz.com (Casio [SLAM]) wrote:
>>Are you saying that your viruses work in native OS/2 mode, with no
>> Dos or Win-OS2 installed and are not boot infectors?
> Thats correct
If you would E-mail me an infected OS/2 executable, I would be most interested in verifying this. Just remove the ! from the address.
-bc-
Bill Clark
!wcl...@worldnet.att.net
E. Snyder
Replying to Paul Walker;
>> Uh, ok, let me rephrase this for you really slow people.
>You often talk to yourself?
I'm talking to you, there, pauly.
And yes, I enjoy talking to myself.
Anyway, this is the second time you've failed to understand
what I'm saying. If you can't read my posts, don't reply to
them.
Anyway, in a study a long long long long long time ago,
on biology and artificial life, and some other shit, it was
agreed by alot of higher ranking people than your misunderstanding
ass, and they agreed the lowest basic term of life is:
"to reproduce"
If you don't believe me, go look it up.
>> We're talking artifical life, next to artifical intelligence.
>> Ok? So how the hell is a program going to respirate and
>> deficate?
>It isn't, so I'd say it's not alive. Easy.
Mmm, says who? Breathing is to take in another chemical
or element, to use to create energy. Well, damn, my viruses
take in code, the power sent to the cpu, clock cycles, disk
space. Hey, look, I think it is using another element to
"live". As for deficating, if you'd like I'll whip up a
poly virus that writes garbage bytes to the disk, viola, it
shits.
Ah well, goes to show my viruses have more of "a life" than
alot of the lazy, incoherant people on this newsgroup.
-)Lore
Pierre Vandevenne
> > Thats correct
>
>If you would E-mail me an infected OS/2 executable, I would be most interested in verifying this. Just remove the ! from the address.
That's not really new you know. There are already a few OS/2 viruses known.
One of the first appeared in 1993 or 1994 if my memory serves me well.
(willing to be corrected by an living encyclopedia out there ;-) )
---
Pierre Vandevenne, http://www.datarescue.com
ph : 32-4-3446510 - fax : 32-4-3446514
Publisher of IDA Pro, the Flirting Disassembler
Larry A DeHaan
On Thu, 21 Aug 1997 23:06:00 -0600, gwe...@gpu.srv.ualberta.ca
(George Wenzel) wrote:
>E. Snyder says...
>> Ah well, goes to show my viruses have more of "a life" than
>> alot of the lazy, incoherant people on this newsgroup.
>
>Is there any particular reason that you're so aggressive towards
>pretty much everybody that disagrees with you?
>
>Perhaps you should realize that there are other opinions, and yours
>isn't any more valuable than anybody else's.
>--
Perhaps he's been following Zvi Netiv's responses, and has picked Zvi
as his role model.
LDH
Pierre Vandevenne
>Perhaps he's been following Zvi Netiv's responses, and has picked Zvi
>as his role model.
An appropriate choice of words. While some role models inspire you to reach
a higher level, others sadly force you to pick them up.
Tarkan Yetiser
In article <33fdc540...@news.concentric.net>, LDH...@concentric.net
says...
> On Thu, 21 Aug 1997 23:06:00 -0600, gwe...@gpu.srv.ualberta.ca
> (George Wenzel) wrote:
>
> >E. Snyder says...
> >> Ah well, goes to show my viruses have more of "a life" than
> >> alot of the lazy, incoherant people on this newsgroup.
> >
> >Is there any particular reason that you're so aggressive towards
> >pretty much everybody that disagrees with you?
> >
> >Perhaps you should realize that there are other opinions, and yours
> >isn't any more valuable than anybody else's.
> >--
>
> as his role model.
Nah, this guy is just not too bright. There's always some wannabe who
thinks too highly of himself without realizing it. Zvi actually has
produced some software. I doubt this guy could code his way out of a
paper bag;-)
--
Regards
Tarkan Yetiser
VDSARG
tyet...@vdsarg.com
http://www.vdsarg.com
data != information != knowledge != perspective != wisdom
Perforin for WinWord finds and removes macro viruses.
Gene Wirchenko
tyet...@ptdprolog.net.com (Tarkan Yetiser) wrote:
[snip]
>Nah, this guy is just not too bright. There's always some wannabe who
>thinks too highly of himself without realizing it. Zvi actually has
>produced some software. I doubt this guy could code his way out of a
>paper bag;-)
Yes, but considering the "challenge" thread, it might be the case
that Zvi actually has produced some software AND can't code his way
out of a paper bag.
Sincerely,
Gene Wirchenko
alt.comp.virus Clownmaker
C Pronunciation Guide:
y=x++; "wye equals ex plus plus semicolon"
x=x++; "ex equals ex doublecross semicolon"
George Wenzel
Fridrik Skulason says...
>>A trivial task, and yet they cannot remove any of the rustybug varients, nor
>>the weed viruses above version 1.0.
>
>They are just low on the priority list.....after all, we have not had a single
>request for disinfection of them.
Consider this your first request. Hopefully that'll cause Casio to
get off of his high horse, thinking that he's so great because F-Prot
doesn't disinfect his viruses.
Casio [SLAM]
In article <199708201...@zetnet.co.uk>,
Paul Walker <pwa...@zetnet.co.uk> wrote:
>Ah. You mean it's a file infector...
Uhh Yea, Bingo :)
Casio [SLAM]
In article <1_132/180_0_3...@fidonet.org>,
!wcl...@worldnet.att.net (Bill Clark) wrote:
>If you would E-mail me an infected OS/2 executable, I would be most
interested in verifying this. Just remove the ! from the address.
Hrm... Tell you what, I'll post the binary in virus.source.code
and you can retrieve it from there ok?
Chi Wei Yap
George Wenzel wrote:
>
> E. Snyder says...
> > No, it's not true that you can kill someone with a computer.
>
> Really? Prove it.
>
Uh.. this is a rather interesting twist because several months ago,
there was a doctor here in Australia, in the Northern Territory, who was
using a notebook pc hooked up to some equipment to deliver a fatal dose
of drugs to his euthanasia patient. I think that it was quite
successful. Since then, I think that the law here has now changed to
disallow it.
'Nuff said.
--
Chi Wei Yap <cw...@ee.uwa.edu.au>
Video Communications Research Group
Department of Electrical Engineering
University of Western Australia
Chi Wei Yap
Chi Wei Yap
Chi Wei Yap
George Wenzel
Casio [SLAM] says...
>George, I'm not the one in here claiming to be so well versed in viruses,
>when I don't code.
One does not need to code to be versed in viruses. It's quite
possible to know about computers without being able to build one from
scratch, just like it's quite possible to know about viruses without
being able to make one.
>You are. I code, and you... heh, your a parrot. :)
I'm a parrot? Perhaps some of the things that I say are repetitive,
but that's mostly because the same sorts of questions get asked
repeatedly, and the standard answers are the best ones. There have
been several cases in this group where my efforts were fairly unique
(such as lobbying the AV vendors to support the EICAR test file -
many of the smaller ones now support it because they heard about it
from me).
E. Snyder
Reply to Tarkan Yetisir:
>Nah, this guy is just not too bright. There's always some wannabe who
>thinks too highly of himself without realizing it. Zvi actually has
>produced some software. I doubt this guy could code his way out of a
>paper bag;-)
Some wannabe that thinks too highly of himself without
realizing it. Hmmm....
Much like Casio, Wenzel, BPB, and you...
No, No, I don't think that's me...
Couldn't code my way out of a paper bag?
This would tempt other people to release their viruses,
and then I can pipe around about how my viruses are so
good and identified by f-prot (which would be oxymoronic).
But no, that's not me. If you really want to see some of
my projects, I do write things other than viruses, feel free
to email me.
-)Lore
George Wenzel
E. Snyder says...
> If they disagreed with me, and were right, or atleast some of
> the disagreeing parties even had experience or knowledge in
> the subject, I wouldn't be so aggressive.
Well, you're aggressive with me, even though I:
-Have experience helping people with virus problems
-Am knowledgeable about viruses and how to remove them (I am not a
programmer, so I don't know the nitty-gritty about making and
removing viruses, but I do know the general concepts).
-Am correct in most things I say (you have even agreed with me on
things).
> Zvi who?
Perhaps you haven't read this group for long. Zvi Netiv, the
producer of InVircible.
George Wenzel
E. Snyder says...
> Maybe you can kill someone with a computer, but you sure as
> hell can't kill someone with a virus.
Please prove that assertion. If you can kill someone with a
computer, and viruses run on computers, it would seem to follow that
a virus would be able to do whatever any other software on the
computer was capable of.
>A critical machine should not be compromised with outside software.
Your claim was that you "sure as hell can't kill someone with a
virus.". Now, you're saying that a critical machine should not be
compromised with outside software. Why would the machine need
protection against viruses, if viruses aren't able to affect the
machine in such a way as to kill or injure anybody?
Gene Wirchenko
lo...@atlantic.net (E. Snyder) wrote:
>Reply to George Wenzel:
>
>>> are deadly, and could kill. And if we're modifying a harmless
>>> piece of machinery, why such a bad rap?
>
>>Prove that every piece of machinery that your viruses will infect
>>will be "harmless". Unless you restrain your viruses to never leave
>>your computer, you don't know for sure whether your virus will cause
>>more serious problems. What if a hospital's database computer was
>>infected, and because of that, some patient files were lost? Those
>>files could have been those that said what medication should be taken
>>when.
>
> My local hospitals keep hardcopies of those records, either
> because my city is extremely technologically behind, or "just
> in case".
Imagine an emergency ward where someone has come in in very bad
shape. The doctor in charge needs to know NOW whether it is safe to
give a medication that will help the patient enormously IF THE PATIENT
IS NOT ALLERGIC TO IT, but if the patient IS allergic to it, will
probably kill the patient.
A virus has struck said hospital's records. In the time required
to get the backups (always greater than no time at all), the patient
dies. It was that close.
> Either way, I'm happy with it.
Unless the above scenario happens to you. Then, you won't be
happy at all. The doctor and staff attending aren't going to be happy
either.
>>> We've all heard the excuse, "So what if your virus infects a
>>> hospital and kills a patient?"
>
>>Yes, that's the most frequently stated example. It is a possibility,
>>you know.
>
> It's the lousiest example I've heard. Make one up about
> an airport runway or something. Entertain me.
Why? We'd rather have the world run smoothly. Entertainment
takes a seat w---a---y back of that.
>>> Well, what if one of those clueless people he talks about are
>>> running the machine at a hospital?
>
>>Some people that are clueless about computers are extremely skilled
>>in other fields. There are doctors out there that are fantastic
>>physicians, but they wouldn't know how to run a computer if they
>>tried.
A good doctor would prefer to spend time with his patients and
have the office staff work the computer system. It is a better use of
his skills and it pays better.
> That wasn't my argument. The point was, if this person
> is trusted with peoples lives all copied on to a magnetic
> disk, they ought to be englightened enough not to drop to
> a shell and call a local BBS, or run programs from a foreign
> network or machine.
>
>>> Yes, it's true viruses are simple machinery.
>
>>Not really. Viruses infect machinery, but they themselves are
>>software, not hardware.
>
> Software is limited to what it's hosts hardware can do.
> Hardware is limited to what it's software can do.
>
> My modem can't kill anyone, my speakers can't kill anyone,
> my floppy disk can't kill, etc, etc.
>
> Unless you want to take into mind that I can always
> remove them from the machine as a whole, and bludgeon
> someone to death with them.
On your system that may be true, but try following comp.risks and
you'll some of the risks of computers in the world. There was a X-ray
setup that was wildly overdosing people.
>>> No, it's not true that you can kill someone with a computer.
>
>>Really? Prove it.
I am not sure, but I believe that some deaths did result from the
above.
> If I could, you'd be one paranoid person, wouldn't you?
But as it can be done and HAS been done, there's no paranoia.
> Unless I bludgeon you with it physically, it's not going
> to kill you through software.
See above. It was a data entry routine error. That's software.
>>> No, it's not true you can kill someone with a virus.
>
>>Again, prove it. Prove that your viruses will NEVER infect a crucial
>>system that people depend on.
>
> Well, one major reason my viruses won't infect a crucial system
> is..............
>
> I don't release them. Bonk..
That you know of.
>
>>> Yes, this is another myth.. ;)
>
>>Really? How do you come to that conclusion?
>
> Read the above, Georgey.
You need to read more, Lore. Try coming up with ten ways that a
computer failure could result in death. Imagine malicious software
causing that. Imagine it happening to you.
Got the ten yet? I made it easy. Anyone at all familiar with
computers ought to be able to come up with one hundred without
sweating too much.
> -)Lore
Paul Walker
In message <MPG.e6c2d7d4...@news.srv.ualberta.ca>
gwe...@gpu.srv.ualberta.ca (George Wenzel) writes:
> virus.". Now, you're saying that a critical machine should not be
> compromised with outside software. Why would the machine need
You're presumably just talking about computers holding medical
records here, and not the life-support systems? I would hope that's
the case, anyway.
Jeffrey Haluska
> :>Which conditions did you have in mind?
>
> I have one : F-Prot.EXE must be run from a write protected floppy
> disk, just like it should always be done for reliable scanning.
>
Thats like asking AV to remove viruses from a write protected disk...
Jeff
Casio [SLAM]
In article <34062e8c...@snews.zippo.com>,
patrick...@DELETE-THIS.ping.be (Patrick Noyens) wrote:
>I have one : F-Prot.EXE must be run from a write protected floppy
>disk, just like it should always be done for reliable scanning.
That's a bit of an unfair condition wouldn't you say?
It doesn't allow me the opportunity to tinker with f-prot.
>But, because this might be a problem for you, Bruce will come up with
>something else what could make things a bit easier for you ;-)
It's on a write-protected floppy, You can't write to a protected floppy.
Duh
Bill Clark
Ca...@raiderz.com wrote:
> Hrm... Tell you what, I'll post the binary in virus.source.code
> and you can retrieve it from there ok?
Yup... but... Don't wait too long... I can't take much of the drivel in there... On the other hand it's getting pretty bad around here except that the kiddies are older...
-bc-
Bill Clark
!wcl...@worldnet.att.net
Patrick Noyens
On 28 Aug 1997 12:34:36 GMT, pie...@datarescue.com (Pierre Vandevenne)
wrote:
:>In <34056...@nova.zianet.com>, Ca...@raiderz.com (Casio [SLAM]) writes:
:>
:>>It's on a write-protected floppy, You can't write to a protected floppy.
:>
:>Yet, I wouldn't say that the tinkering is impossible...
You're right, allow me to rephrase it ;-)
F-Prot.EXE must be run from a write protected floppy disk after
booting from a clean system disk and without running anything from the
hard disk.
I guess this would make tinkering quite impossible ;-)
-Patrick-
-----------------------------------------------------------------------------------------------------
E-mail: patrick.noyens@#ping.be (remove the # from #ping)
PGP-key available on request
1024/E8EB3F19 1994/05/22 Patrick Noyens <patrick.noyens@#ping.be>
Key fingerprint = 01 31 60 FF C2 0F D4 A7 D2 83 64 FE 3E 3F 83 79
Pierre Vandevenne
Hello,
In <34082...@nova.zianet.com>, Ca...@raiderz.com (Casio [SLAM]) writes:
>In article <5u3r8s$rb9$1...@news3.Belgium.EU.net>,
> pie...@datarescue.com (Pierre Vandevenne) wrote:
>
>>Yet, I wouldn't say that the tinkering is impossible...
>
>Oh?
>
>Hmm... How do you propose I tinker with it, if its on a write
>protected floppy disk?
I do not propose that you tinker with it. I just say that it is not factually
impossible. Ever wondered how debuggers such as turbo debugger work ?
---
Pierre Vandevenne, MD - http://www.datarescue.com
IDA Pro 3.7 adds multi pass analysis, stack variables, symbolic constants,
unicode, ELF support, color highlighting, C++ name demangling to compiler
library recognition - IDA Pro 3.7 : a stunning disassembler !
Patrick Noyens
On Sat, 30 Aug 97 11:54:01 GMT, Ca...@raiderz.com (Casio [SLAM])
wrote:
:>In article <5u3r8s$rb9$1...@news3.Belgium.EU.net>,
:> pie...@datarescue.com (Pierre Vandevenne) wrote:
:>
:>>Yet, I wouldn't say that the tinkering is impossible...
:>
:>Oh?
:>
:>Hmm... How do you propose I tinker with it, if its on a write
:>protected floppy disk?
Well, think about it, it *is* still posible..
Casio [SLAM]
>Yet, I wouldn't say that the tinkering is impossible...
Oh?
Hmm... How do you propose I tinker with it, if its on a write
protected floppy disk?
Casio [SLAM] - I've been to the dark side, I think I'll stay awhile.
Paul Walker
In message <5uaklk$6aq$1...@zinger.callamer.com>
do...@slonet.org (Doren Rosenthal) writes:
> operations, it's rare that you'll see anything I've designed for NASA
> Space Shuttle, Nuclear power plants and medical power tools, Otis
> elevators, high power broadcast transmitter control, Disneyland/Epcot
> ride control, or Matel Toys all running on the same system at the same
Should hope so too - you don't want a lift behaving like a space
shuttle, after all.