This article was taken from Discover magazine, I believe, and is interesting. Enjoy, Outland. Milliways (609) 921-1994 10 megabytes, 300/1200/2400 baud. ------------------------------------------------------------------------------ COMPUTER VIRUS ------------------------------------------------------------------------------ The killer comes into the house over the telephone oozing out as a series of sounds unintelligible to the human ear. It creeps through a modem into a personal computer, disguised as free software downloaded from a computer bulletin board halfway across the country. The computer owner has no idea what is about to happen. He has recently learned about this bulletin board, a distant personal-computer database through which he and other computer owners can exchange public-domain software (not copyrighted and therefore free) by downloading it to their own computers. This, his first free program, is called the Egabtr (pronouned eggbeater), an acronym for "enhanced graphics adapter beater." It is supposed to sharpen the images on his computer screen, though to his untrained eye the program doesn't appear to be doing anything. But the killer is at work. It has shed its disguise as a normal program and begun its real task of slaying the computer's disks. Going from one disk drive to the next, it methodically sends program and data files into digital oblivion. Then comes the message, written on the screen in glowing green letters: Arf, Arf! Gotcha! At first the novice computer owner doesn't grasp the significance of the cryptic message, but when he tries to use the computer again the meaning becomes clear. The computer's floppy-and hard-disk drives, which moments earlier contain hundreds of dollars' worth of programs and irreplaceable data, are for all practical purposes blank. The disk killer hs struck again. Somewhere, perhaps thousands of miles away or just down the street (there is no way of knowing), the programmer who created the disk killer is chuckling. He is smart and knows it, but he needs a forum to prove it to everyone else. The hundreds of computer bulletin boards in this country are his forum. Using a phony name and telephone number, he calls the bulletin board and submits his disk-killer program disguised as useful software, hoping someone will download it; then...gotcha! People familiar with big computer systems have known about disk killers for a long time. Banks, insurance companies, and military installations have feared the day when a disgruntled programmer would cause a computer system to collapse by destroying information stored on disks, tying up computers with nonsense programs, or using computer networks to spread a destructive program for one regional office to another. By simply telling the computer to match today's date against a killer program's predetermined start-up date, a dissident programmer could take revenge on a former employer's computer system long afterhe or she has quit or been fired. Now, with the increasing use of computer bulletin boards, killer programs are a threat to personal-computer owners. Among bulletin-board systems operators, or sysops, this has become a big enough problem to warrant circul- ating lists of disk-killer programs the way the FBI distributes its most- wanted-criminals list. The disk killers come in basically two varieties. There are harmless-looking programs such as Egabtr, which conceal within a legitimate program some destructive computer instructions, sometimes called software worms. Worms are swift and direct, they immediately destroy infor- matio stored on disks. Another type of killer, the software virus, earned its name by being more insidious. A program containing a virus can be used without incident for days, weeks, or months, but during that time it is infecting programs on the computer's disk drives with killing instructions. On a predetermined date all the affected programs are instructed to go on a rampage. Jim Gainsley, a CompuServe sysop in Menneapolis, says he found out about Egabtr from a list of most-wanted disk killers. While he's not sure how widespeard the problem is on bulletin boards, he suggests that sysops on smaller boards often lack the time to police every new program they get. The result: Some disk killers escape detection. That's not to say nothing is being done about it, Digital Dispatch, Inc., of Minneapolis, for example, has designed some detective software that questions a suspected disk-killer program before your computer is allowed to use it. Called Data Physician, it detects and removes a software virus by mathetmatic- ally sampling a suspect program for pieces of dangerous computer code that an innocent program shouldn't be carrying. Another program, called C4Bomb, is free on CompuServe. But Gainskey says he thinks all programs designed to search for worms or viruses are fallible. "You can design a program that wold detect viruses," he says, "but you can's be sure it would find every way that a person could do a virus." -- Steve Gross, Discover Magazine. L4>