A Website Dedicated to Computer Professional...and some not so Professional

Interview with a Virus Maker
Douglas Chick

I have decided to give up interviews with authors, which seem to be particularly boring anyways, and take up interviewing people that have actual cause and affect in the lives of computer people. I would have liked to continue a series of interviews with the Interview with a Hacker, but as I am currently writing a book on the subject, I don’t want to mix the two together. Instead, I will do a series of interviews with such people as virus makers, software developers, and pirates. Sadly I know more of these people than I do authors. Which seem to be particularly boring interview anyways.

            Interview with a Virus Maker is based on a conversation with a friend of mine who is a reformed virus maker. I say reformed because he hasn’t created a virus for many years and he regrets ever being involved with it in the first place. I don’t like virus makers, but I do like Bob. Bob of course isn’t his real name; I’m only calling him this to protect his identity. His real name is Robert. I’m also not going to asked what viruses that he had written or anything that may incriminate him or cause him and his family grief. Bob is a network administrator, as he has been for the past several years. He gave up virus making in the middle nineties and pursued a more honorable path as a network administrator.    

       

Doug:  “I think I’m going to begin with the most asked question a network administrator gets; Why? Why do people write viruses?”

           Bob:      “That’s a question I think about the most every time someone complains to me about getting a virus, or when I’m forced to stay late at night at work and removed viruses from my computers. I think in my case it had to do with self-esteem. You have to understand that back then I was a different person. I was a Sci-Fi freak, I attended Star Trek conventions, was generally predisposed with being a nerd. And I was quick good at it too." 

Doug:  “What a minute! You’re still a Star Trek freak.”

Bob:    "Yes Doug, but I don’t wear the ears anymore.”

Doug:  “But you still own them, right?”

Bob   “But I don’t wear them. There is a difference.”

Doug:  “Okay, but you would if your wife would let you.”

Bob:    “Anyways…”

Doug “Sorry. Go ahead?”

Bob   “Writing a computer virus gave me a since of power. It was like casting a spell across the world and everyone that came close to it was affected by my power. People that feel powerless sometimes do very destructive things. It's a helpless feeling to not have any control in your life. Creating viruses gave me something that I had control over, at a time in my life when I felt powerless."

Doug:  "So you think that all the viruses being made are from people that feel powerless?"

Bob:    "No, not all. I was just speaking for myself. It's easy to see a pattern in what a virus is suppose to do. Vanity viruses are just that; viruses that say "Look at me. I can make you react to my powers." Very seldom do you see a virus intent to destroy. With as much terrorist activity as there is, you would think that the Internet would be teaming with seek and destroy viruses, but that's not what we are seeing at all. Today's viruses are either out to annoy or retrieve data. I think a virus combing the Internet for data is more frightening than viruses that crash hard drives. And where only talking about known viruses. What about viruses that don't make themselves known? What are they doing?"

Doug:   “You told me once that a virus is a hate crime against stupid people.”

[Bob, laughed]

Bob:      “It is. Most people that contract a computer virus are multiple offenders. They see an e-mail. They don’t know who it is from. They know that if they open it there is a possibility that it may be a virus. And not only is the temptation too much for them to bare and they open it, but they also open the attachment. I’m not defending virus makers, but you have to admit that most people that contract a virus do it to themselves. That’s part of the beauty of it.”

Doug   “What do you mean?”

Bob     “The best viruses aren’t the ones that infest a protected system. Anyone can write a virus to do that. The best viruses are the ones that called, “Missionary Viruses”.  These are the viruses that are propagated by stupidity. It either arrives in a mail box warning of a virus and telling the person to pass this warning to a friend, or a virus that comes in as spam and tricks the users into clicking on the attachment. The attachment then harvests the persons contact list and moves on to everyone that person knows. And if their friends are as stupid as they are, which is often the case, the cycle continues. That’s why I say viruses are nothing more than a hate crime against stupid people. .bat, .exe, .pif, are the executable extensions for the naive.”

Doug:    “You know there will be a lot of people out there reading this that those kinds of statements will anger. Some might say that just because you are now a reformed virus maker and had never gotten caught, don’t mean that your past crimes should go unpunished.”

[Bob, just shrugged his shoulders]

Bob:      “You know I’m not bragging. Just trying to give you a honest answer to your questions.”

Doug:    “No, but you looked awful excited talking about it.”

Bob     “Yeah, well…maybe it’s like a former alcoholic talking about a drink.”

Doug:    “Are you comparing yourself to an alcoholic?”

Bob      “Absolutely. Almost everyday I think of how I can write a program that can crack or penetrate someone’s system. In fact, last week I thought about a program that would deliver your newsletter. It would be a virus based, self-propagating newsletter. Imagine a system that delivers information uncensored by the government or media?”

            Doug:   "You sound like a revolutionist?"

            Bob:      "No, just always aware of my options." 

           Doug:     “You’ve already spoke of Missionary viruses and self propagating viruses using the contract list on e-mail programs, what other methods are used?”

Bob:       “Leveraging vulnerabilities are today’s virus makers choice. Microsoft can tell you a little bit more about that. Viruses programs to overflow a programs buffer seems to be the most widely used hack today. It is similar to the olden days when you would crash out the finger port in Unix and find yourself in root. Ah, the good old days. Today all someone has to do is overflow a program. What that means is that you send more data than the port is programmed to utilize. An overflow of data occurs, bumps out the original code from memory and replaces it with your commands.  Call me an old romantic, but I favor the irony viruses”

Doug    “You sure seem to know a lot about it?”

Bob      “Every network administrator should. How can you protect against attacks if you don’t educate yourself on the methods.”

            Doug:     Lately, everyone has been talking about a new "proof of concept" virus, w32Perrun, that can activate virus code through "JPEG" picture files. What do you know about that?”

             Bob      “ Even with these new hybrids, as they are often called, user interaction is still needed. An attachment still has to be clicked on. Once the user activates the attachment a registry setting is changed.  Only after that can the virus code embedded in a JPEG be ran, or initiated. What makes this particular virus dangerous is once activated; any virus embedded picture from any virus can be initiated. This means that all you would have to do is visit any website that has embedded pictures and your browser would load any given virus onto your system. Perhaps this is how terrorist communicate with each other. They visit a website, the pictures are embedded with instructions and their computer translates it like a browser would HTML. I can think of ten more uses for a virus like that--Everyone, equally scary.

Do you know what is even more frightening? There are people out there creating real biological viruses, some intended with the sole purpose of killing humans. How would you like to be in charge of removing those viruses?”  

*** 

CAMBRIDGE, Mass. -- Viruses subvert their hosts to pump out masses of new viruses. In an unusual twist, a researcher reports in the May 3 issue of Science that she used genetically engineered viruses that are noninfectious to humans to mass produce tiny materials for next-generation optical, electronic and magnetic devices.