An argument for older "offline" computers

[Craig Diamond]

One of the things I find attractive about the AD is it's lack of vulnerability in today's world of malware.

I wonder if any malware existed in the 70's for the Altair 8800...

If your still feeling a false sense of security with your "online" equipment, here is a good read that is a decade old and is still very scary:

https://www.quora.com/What-is-the-most-sophisticated-piece-of-software-ever-written-1/answer/John-Byrd-2 

[Chris Davis]

Interesting.  I've heard in the past about the virus that made the centrifuges spin too fast, but I had no idea of the complexity.

[Charley Jones]

Not to sound paranoid, but the stuxnet virus has a beauty and elegance not seen to that point.  Virus was courtesy of your US Armed Forces.  Granted, it did it’s job of infecting the centrifuges so that burned out bearings at a high rate.  The sad part is that it did leak into the Wild.  Threatening any PLC controlled infrastructure.  It also taught a few new tricks to the virus community.   More importantly, a first verified government funded cyber attack. 

I too would be interested in early viruses.  One such virus was Halt Crash and Burn.  Early CPUs presumably had a hidden instruction that would essentially self destruct the CPU.  That’s all I can think of.

Dataman in Las Vegas

On Mon, Oct 28, 2019 at 9:18 AM Chris Davis <famousd...@gmail.com> wrote:

Interesting.  I've heard in the past about the virus that made the centrifuges spin too fast, but I had no idea of the complexity.

--
You received this message because you are subscribed to the Google Groups "Altair-Duino" group.
To unsubscribe from this group and stop receiving emails from it, send an email to altair-duino...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/altair-duino/9bce6ca5-208b-4a2f-a31c-34b42a962345%40googlegroups.com.

[C64 C64]

The first public virus warnings came up in the mid 1980s regarding home computer systems like the Commodore 64.
Back then you could catch a virus from discs traded on the school playgrounds.

While usually you power-cycled your machines before and after playing a game, some machines came with a reset button or were retrofitted with one. A reset never erased the memory and there were tricks to protect a program against a reset event. Just load "Babarian" on your C64 and press reset - the game keeps running!

For the C64 there were viruses which used the same trick. The virus puts "CBM80" into the memory at $8000. This is usually done by cartridges. After a reset, the kernel thinks there is a cartridge plugged in and executes $8004. And this is where the virus resides. So by pushing reset, you activate the virus which in turn copies itself to a convenient location, bends a few call addresses in the kernel (copying the kernel to RAM first) to make sure it is notified about disc access related calls or loads itself into the floppy disk drive itself and then starts BASIC. The C64 will seem to reset normally but will infect any PRG on a disc you load next.

For CP/M, it is much easier, you don't want to reload the system after using any program, you return to the prompt and start something else. CP/M is not protected at all, any code can alter the system in any way without any warning.

So offline computers were not immune at all. Without the internet, it is harder to detect and remove a virus since how would you update a protection? Offline computers are in fact even more vulnerable since there is nothing which can stop it.

The real danger is not a virus traded in on the school grounds. Imagine someone creating a virus and send it on a demo disc to a publisher who in turn spreads it by selling infected discs without noticing. This had happened numerous times already.

Nobody knows when the first virus was created or by whom, but this must have been in the 1960s or earlier!

[C64 C64]

There are many myths about stuxnet.

It could have been made by the US government but there is no evidence (yet). It should have costs millions in development so it is likely a government funding, but not necessarily by the US. The US is one likely candidate. More likely is Israel.

Stuxnet causes no damage. Damage would have been obvious and would alert someone to investigate. Purifying Uranium is hard, by causing slight variations of the RPM, you spoil the process so they just fail to generate weapon grade Uranium. So the engineers just think they didn't get it quite right and just need to keep adjusting their gear. Breaking stuff would have alerted the engineers that something was going on.

Stuxnet was designed to be harmless to anything else but since it had to spread throughfully and fast, it chased some trouble in various system which caused financial damage.

[C64 C64]

There is no "Crash burn and halt" instruction. No computer can be destroyed that simple!

This is a joke like the nosmoke.exe you need to run to fix your burning PSU.

What is real is something like the "Killer POKE". The system clock of the Commodore PET is related to the refresh rate of the screen. On the original PET, a POKE command could be used to switch the video circuit into a mode which gives you a few extra CPU cycles per screen making the PET run slightly faster. On later versions, the same POKE switches to a "forbidden" video mode overloading the flyback transformer of the CRT. After running an hour or two, the screen hardware overheats and fails. Since the screen will flicker during that time, it is unlikely that the user would let that happen.

First generation HDDs were gigantic. The IBM 305 RAMAC (1956) had way over 20kg of moving mass for the read/write heads. It was possible to wiggle the heads in a pattern and speed to hit a resonance frequency making the heads crash. This could and had happened by accident which is the origin of the term "computer crash". And you could do it on intention.
Some people claim that you even could trip over the entire rack holding the platter stack which was joked as "horizontal running mode".

In 1992 when I started to write complex DOS programs, a warning in the EGA documentary made me curious. The specs demand to blank the screen before changing video modes to avoid damages. So I plugged a dodgy EGA monitor in and started to play with it. When a video mode is switched, the card resets and starts a fresh screen. So by clever switching modes you could make the video lines shorter increasing the sync impulse frequencies. The HV for the CRT is generated using these impulses. More frequency means more HV energy which in turn increases the voltage on the CRT. I have managed to get the voltage high enough within 20 seconds to make the insulation of the flyback transformer fail and cause an arc.

So it is possible to damage hardware by using software, but on "modern" computers (since mid 1980s), it is hard to do and needs to be done on intention. It is most unlikely to happen by accident.

[Craig Diamond]

Reminds me of my high school days when we had VIC 20's and were told "you can't hurt the computer by using the keyboard"...so I wrote a 3 line basic program...hmm see if I can remember that...it was the 80's

10 out 255,0

20 out 255,1

30 goto 10

enter that and run it, press play on the tape recorder, wait a min or 2, bam, the start/stop relay contacts on the VIC are toast and it will never operate the tape deck again (until the relay is replaced)

Then in later years in collage they told me "you can't hack the IBM System 36 from the terminals"....well long story short I did and ending with me being caught and slapped on the wrist "tongue n cheek"

[Craig Diamond]

In that case we have no way to insure our "legacy" software is virus free and we could be "re-awakening" these old time viruses with our simulators and emulators...passing them over the internet manually...infecting our SD cards...todays virus protection wouldn't check for such viruses I would assume...

[Udo Munk]

On Monday, October 28, 2019 at 11:05:44 PM UTC+1, C64 C64 wrote:

For CP/M, it is much easier, you don't want to reload the system after using any program, you return to the prompt and start something else. CP/M is not protected at all, any code can alter the system in any way without any warning.

Any disk can be write protected by hardware as well as by software under CP/M. CP/M 3 even allows (weak) password protection

of files. There is no way to alter a CP/M system in any way if I don't want this to happen. 

[C64 C64]

While a virus could infect your legacy stuff, it can't affect your ZIP files on your PC you use to make "fresh" disks or SD cards.

While CP/M offers file protection, the virus can override those functions since it has full access to the OS code. The protected mode of a modern CPU is the only "hardwired" protection against modifying the OS by a virus.

And while you can write protect a disk by mechanical means, some floppy drives decide in software if the disk can be written or not. Even the PC floppy drive can always write no matter if you cover the hole or not. A separate line (pin 28) to the controller detects the hole and prevents the controller from activating the R/W signal (pin 24) to the drive. I don't know if there is a software hack to write on the disk.

Same for an SD card. The switch just asks the reader not to write. Some card readers don't care since micro-SD don't have the switch anyway. I had a card with a broken switch. It couldn't be written in my PC, CNC machine or old laptop. My new laptop didn't care. Took a while to figure it out, I thought the card was broken but my new laptop did format and write on it just fine.