The Windows Special – viruses and other malware: erinevus redaktsioonide vahel

The computer and the knife

A knife can be used to kill people, when used by a murderer. It can also be used to save people's lives, when used by a doctor. A computer is rather similar in this sense. Computers and Internet have brought us lots of benefits - one can buy things from another continent from home, read news from all the wide world, communicate with more people than it was ever possible. And yet we have the negative side too.

Looking back

Early days

Before there were viruses, there used to be Trojan horses (now mostly simply called trojans, although it would not be accurate considering the origin of the 'Trojan horse' - Trojans did not use the horse, it was used against them!). In the 80s, there was no widespread Internet yet: it was the privilege of universities and government agencies. The network of the young hackers of the day was Fidonet (and other similar bulletin board systems) - this was a dial-up based system where the network 'nodes' were ordinary PC-s dialing to each other. Usually at least two phone lines were used at nodes - one for periodically exchanging messages with other nodes, the other for users to dial in; heavy line use was the reason why Fidonet was popular mostly in the places with free local calls like the US and also the former USSR (Fidonet was popular in Estonia too). Fidonet messages allowed attachment of a single file and it was soon used for smaller-scale file transfer as well.

Besides decent users, there were also bad guys, who made malicious programs that would e.g. erase files from the user's drive, but labelled them as something beneficial (like compression software; one of the known Trojan horses of the day tried to pass as a new version of popular PKZIP program). These evil pieces of code got to be known as Trojan horses. Actually the term was first used (in computer context) as early as 1972 and the first similar program was found in Multics system in 1974 [1].

Early Trojan horses were mostly simple and easily detected, so their influence was limited. But then, a new kind of malicious software appeared which was able to copy itself. They were soon dubbed 'computer viruses'.

Brain (Pakistani Brain)

Considered to be the first PC virus. I

• Lehigh
• Stoned
• Jerusalem

The PC falls ill: the first virus outbreaks

• Yankee Doodle
• Cascade
• Dark Avenger
• DIR II

MS Office vs the macro viruses

The heyday of macro viruses

Hijackers

• Back Orifice
• NetBus
• SubSeven

In 1999, NetBus was used to plant child pornography on the work computer of Magnus Eriksson, a law scholar at Lund University. The 3,500 images were discovered by system administrators, and Eriksson was assumed to have downloaded them knowingly. Eriksson lost his research position at the faculty, and following the publication of his name fled the country and had to seek professional medical care to cope with the stress. He was acquitted from criminal charges in late 2004, as a court found that NetBus had been used to control his computer. [2] [3] [4]

I Love You, Melissa

• I Love You
• Melissa

The New Millennium: worms and spyware

Why?

The motivation of virus writers

The Windows Special

Windows vs other systems: why does it get beaten so hard?

References

• KARGER, P.A., SCHELL, L.L. (1974). Multics security evaluation: Vulnerability analysis. Technical Report ESD-TR-74-193, HQ Electronic Systems Division, Hanscom Air Force Base, Massachusetts, U.S.A., June 1974. Citations
• Wikipedia: NetBus
• The Emperor's New Clothes
• ÖLANDER, M. (2004). Offer för porrkupp Expressen, November 28. (in Swedish)

Links

• BUTLER, James, SPARKS, Sherri (2005) Windows rootkits of 2005, part one. SecurityFocus, November 4, 2005
• BUTLER, James, SPARKS, Sherri (2005) Windows rootkits of 2005, part two. SecurityFocus, November 17, 2005
• BUTLER, James, SPARKS, Sherri (2006) Windows rootkits of 2005, part three. SecurityFocus, January 5, 2006